| Index: net/http/http_auth_gssapi_posix.h
|
| diff --git a/net/http/http_auth_gssapi_posix.h b/net/http/http_auth_gssapi_posix.h
|
| index ab967c96053fe3052ac8f70a199640c960da47ec..d88223222b09e495123c3f5519ce1aad22b73f23 100644
|
| --- a/net/http/http_auth_gssapi_posix.h
|
| +++ b/net/http/http_auth_gssapi_posix.h
|
| @@ -9,6 +9,7 @@
|
|
|
| #include "base/gtest_prod_util.h"
|
| #include "base/native_library.h"
|
| +#include "net/base/completion_callback.h"
|
| #include "net/base/net_export.h"
|
| #include "net/http/http_auth.h"
|
|
|
| @@ -22,7 +23,7 @@
|
|
|
| // Chrome supports OSX 10.6, which doesn't have access to GSS.framework. Chrome
|
| // always dlopens libgssapi_krb5.dylib, which is provided by
|
| -// Kerberos.framework. On OSX 10.7+ this is an ABI comptabile shim that loads
|
| +// Kerberos.framework. On OSX 10.7+ this is an ABI compatible shim that loads
|
| // GSS.framework.
|
| #include <Kerberos/gssapi.h>
|
| #elif defined(OS_FREEBSD)
|
| @@ -242,25 +243,42 @@ class NET_EXPORT_PRIVATE HttpAuthGSSAPI {
|
|
|
| bool AllowsExplicitCredentials() const;
|
|
|
| - HttpAuth::AuthorizationResult ParseChallenge(
|
| - HttpAuthChallengeTokenizer* tok);
|
| -
|
| // Generates an authentication token.
|
| - // The return value is an error code. If it's not |OK|, the value of
|
| + //
|
| + // The return value is an error code. The authentication token will be
|
| + // returned in |*auth_token|. If the result code is not |OK|, the value of
|
| // |*auth_token| is unspecified.
|
| + //
|
| + // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will
|
| + // be returned and the real result code will be passed to the completion
|
| + // callback. Otherwise the result code is returned immediately from this
|
| + // call.
|
| + //
|
| + // If the HttpAuthGSSAPI object is deleted before completion then the callback
|
| + // will not be called.
|
| + //
|
| + // If no immediate result is returned then |auth_token| must remain valid
|
| + // until the callback has been called.
|
| + //
|
| // |spn| is the Service Principal Name of the server that the token is
|
| // being generated for.
|
| + //
|
| // If this is the first round of a multiple round scheme, credentials are
|
| // obtained using |*credentials|. If |credentials| is NULL, the default
|
| // credentials are used instead.
|
| int GenerateAuthToken(const AuthCredentials* credentials,
|
| const std::string& spn,
|
| - std::string* auth_token);
|
| + std::string* auth_token,
|
| + const CompletionCallback& callback);
|
|
|
| // Delegation is allowed on the Kerberos ticket. This allows certain servers
|
| - // to act as the user, such as an IIS server retrieiving data from a
|
| + // to act as the user, such as an IIS server retrieving data from a
|
| // Kerberized MSSQL server.
|
| void Delegate();
|
| + void SetServerAuthToken(const std::string& encoded_auth_token,
|
| + const std::string& decoded_auth_token) {
|
| + decoded_server_auth_token_ = decoded_auth_token;
|
| + }
|
|
|
| private:
|
| int GetNextSecurityToken(const std::string& spn,
|
|
|
Chromium Code Reviews
Issue 1128043007:
Support Kerberos on Android (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master