Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1244)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/http_auth_gssapi_posix.cc

Issue 1128043007: Support Kerberos on Android (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix Android GN build Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/http/http_auth_gssapi_posix.h ('K') | « net/http/http_auth_gssapi_posix.h ('k') | net/http/http_auth_gssapi_posix_unittest.cc » ('j') | net/http/http_auth_handler_factory.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_auth_gssapi_posix.cc
diff --git a/net/http/http_auth_gssapi_posix.cc b/net/http/http_auth_gssapi_posix.cc
index 388cc640a42cc097657eaf4915fd32aadbd2b89a..234f2ba1af9aeaf889c2e7f0f892a24541aac396 100644
--- a/net/http/http_auth_gssapi_posix.cc
+++ b/net/http/http_auth_gssapi_posix.cc
@@ -16,7 +16,7 @@
#include "base/threading/thread_restrictions.h"
#include "net/base/net_errors.h"
#include "net/base/net_util.h"
-#include "net/http/http_auth_challenge_tokenizer.h"
+#include "net/http/http_auth_handler_negotiate_parse.h"
// These are defined for the GSSAPI library:
// Paraphrasing the comments from gssapi.h:
@@ -687,39 +687,19 @@ void HttpAuthGSSAPI::Delegate() {
HttpAuth::AuthorizationResult HttpAuthGSSAPI::ParseChallenge(
HttpAuthChallengeTokenizer* tok) {
- // Verify the challenge's auth-scheme.
- if (!base::LowerCaseEqualsASCII(tok->scheme(),
- base::StringToLowerASCII(scheme_).c_str()))
- return HttpAuth::AUTHORIZATION_RESULT_INVALID;
-
- std::string encoded_auth_token = tok->base64_param();
-
- if (encoded_auth_token.empty()) {
- // If a context has already been established, an empty Negotiate challenge
- // should be treated as a rejection of the current attempt.
- if (scoped_sec_context_.get() != GSS_C_NO_CONTEXT)
- return HttpAuth::AUTHORIZATION_RESULT_REJECT;
- DCHECK(decoded_server_auth_token_.empty());
- return HttpAuth::AUTHORIZATION_RESULT_ACCEPT;
+ if (scoped_sec_context_.get() == GSS_C_NO_CONTEXT) {
+ return net::ParseFirstNegotiateChallenge(scheme_, tok);
} else {
Ryan Sleevi 2015/06/29 13:56:45 no else after return
aberent 2015/07/02 21:13:36 Done.
- // If a context has not already been established, additional tokens should
- // not be present in the auth challenge.
- if (scoped_sec_context_.get() == GSS_C_NO_CONTEXT)
- return HttpAuth::AUTHORIZATION_RESULT_INVALID;
+ std::string encoded_auth_token;
+ return net::ParseAnotherNegotiateChallenge(
+ scheme_, tok, &encoded_auth_token, &decoded_server_auth_token_);
}
-
- // Make sure the additional token is base64 encoded.
- std::string decoded_auth_token;
- bool base64_rv = base::Base64Decode(encoded_auth_token, &decoded_auth_token);
- if (!base64_rv)
- return HttpAuth::AUTHORIZATION_RESULT_INVALID;
- decoded_server_auth_token_ = decoded_auth_token;
- return HttpAuth::AUTHORIZATION_RESULT_ACCEPT;
}
int HttpAuthGSSAPI::GenerateAuthToken(const AuthCredentials* credentials,
const std::string& spn,
- std::string* auth_token) {
+ std::string* auth_token,
+ const CompletionCallback& /*callback*/) {
DCHECK(auth_token);
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
« net/http/http_auth_gssapi_posix.h ('K') | « net/http/http_auth_gssapi_posix.h ('k') | net/http/http_auth_gssapi_posix_unittest.cc » ('j') | net/http/http_auth_handler_factory.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698