OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/gtest_prod_util.h" | 10 #include "base/gtest_prod_util.h" |
11 #include "base/native_library.h" | 11 #include "base/native_library.h" |
| 12 #include "net/base/completion_callback.h" |
12 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
13 #include "net/http/http_auth.h" | 14 #include "net/http/http_auth.h" |
14 | 15 |
15 #if defined(OS_MACOSX) | 16 #if defined(OS_MACOSX) |
16 // The OSX 10.9+ SDKs mark the functions in Kereberos.framework as deprecated, | 17 // The OSX 10.9+ SDKs mark the functions in Kereberos.framework as deprecated, |
17 // so the warnings must be manually suppressed. | 18 // so the warnings must be manually suppressed. |
18 #if defined(MAC_OS_X_VERSION_10_9) && \ | 19 #if defined(MAC_OS_X_VERSION_10_9) && \ |
19 MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_9 | 20 MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_9 |
20 #define GSSKRB_APPLE_DEPRECATED(x) | 21 #define GSSKRB_APPLE_DEPRECATED(x) |
21 #endif | 22 #endif |
(...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
241 bool NeedsIdentity() const; | 242 bool NeedsIdentity() const; |
242 | 243 |
243 bool AllowsExplicitCredentials() const; | 244 bool AllowsExplicitCredentials() const; |
244 | 245 |
245 HttpAuth::AuthorizationResult ParseChallenge( | 246 HttpAuth::AuthorizationResult ParseChallenge( |
246 HttpAuthChallengeTokenizer* tok); | 247 HttpAuthChallengeTokenizer* tok); |
247 | 248 |
248 // Generates an authentication token. | 249 // Generates an authentication token. |
249 // The return value is an error code. If it's not |OK|, the value of | 250 // The return value is an error code. If it's not |OK|, the value of |
250 // |*auth_token| is unspecified. | 251 // |*auth_token| is unspecified. |
| 252 // The function may return |IO_PENDING|, and call |callback| on completion. |
| 253 // |auth_token| must remain valid until the callback has been called. |
251 // |spn| is the Service Principal Name of the server that the token is | 254 // |spn| is the Service Principal Name of the server that the token is |
252 // being generated for. | 255 // being generated for. |
253 // If this is the first round of a multiple round scheme, credentials are | 256 // If this is the first round of a multiple round scheme, credentials are |
254 // obtained using |*credentials|. If |credentials| is NULL, the default | 257 // obtained using |*credentials|. If |credentials| is NULL, the default |
255 // credentials are used instead. | 258 // credentials are used instead. |
256 int GenerateAuthToken(const AuthCredentials* credentials, | 259 int GenerateAuthToken(const AuthCredentials* credentials, |
257 const std::string& spn, | 260 const std::string& spn, |
258 std::string* auth_token); | 261 std::string* auth_token, |
| 262 const CompletionCallback& callback); |
259 | 263 |
260 // Delegation is allowed on the Kerberos ticket. This allows certain servers | 264 // Delegation is allowed on the Kerberos ticket. This allows certain servers |
261 // to act as the user, such as an IIS server retrieiving data from a | 265 // to act as the user, such as an IIS server retrieiving data from a |
262 // Kerberized MSSQL server. | 266 // Kerberized MSSQL server. |
263 void Delegate(); | 267 void Delegate(); |
264 | 268 |
265 private: | 269 private: |
266 int GetNextSecurityToken(const std::string& spn, | 270 int GetNextSecurityToken(const std::string& spn, |
267 gss_buffer_t in_token, | 271 gss_buffer_t in_token, |
268 gss_buffer_t out_token); | 272 gss_buffer_t out_token); |
269 | 273 |
270 std::string scheme_; | 274 std::string scheme_; |
271 gss_OID gss_oid_; | 275 gss_OID gss_oid_; |
272 GSSAPILibrary* library_; | 276 GSSAPILibrary* library_; |
273 std::string decoded_server_auth_token_; | 277 std::string decoded_server_auth_token_; |
274 ScopedSecurityContext scoped_sec_context_; | 278 ScopedSecurityContext scoped_sec_context_; |
275 bool can_delegate_; | 279 bool can_delegate_; |
276 }; | 280 }; |
277 | 281 |
278 } // namespace net | 282 } // namespace net |
279 | 283 |
280 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 284 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
OLD | NEW |