Support Kerberos on Android

net/http/http_auth_sspi_win.h

Index: net/http/http_auth_sspi_win.h
diff --git a/net/http/http_auth_sspi_win.h b/net/http/http_auth_sspi_win.h
index befc1bf10390fc1abed73dd4f83e23d04a271eb0..1d524fa12c4f3df45564fbee18841f4cad948dad 100644
--- a/net/http/http_auth_sspi_win.h
+++ b/net/http/http_auth_sspi_win.h
@@ -17,6 +17,7 @@
 #include <string>
 
 #include "base/strings/string16.h"
+#include "net/base/completion_callback.h"

[cbentzel, 2015/06/30 12:53:55]

I think CompletionCallback can just be forward declared here instead of pulling
in the #include.

[aberent, 2015/07/02 21:13:37]

Done.

[aberent, 2015/07/03 16:21:15]

Unfortunately it turns it it can't be, since it is declared as a typedef not a
class, and one cannot forward declare a typedef (see the errors on building
patchset 25).

[cbentzel, 2015/07/08 18:27:11]

Acknowledged.

 #include "net/base/net_export.h"
 #include "net/http/http_auth.h"
 
@@ -120,19 +121,36 @@ class NET_EXPORT_PRIVATE HttpAuthSSPI {
   HttpAuth::AuthorizationResult ParseChallenge(
       HttpAuthChallengeTokenizer* tok);
 
-  // Generates an authentication token for the service specified by the
-  // Service Principal Name |spn| and stores the value in |*auth_token|.
-  // If the return value is not |OK|, then the value of |*auth_token| is
-  // unspecified. ERR_IO_PENDING is not a valid return code.
+  // Generates an authentication token.
+  //
+  // The return value is an error code. The authentication token will be
+  // returned in |*auth_token|. If the result code is not |OK|, the value of
+  // |*auth_token| is unspecified.
+  //
+  // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will
+  // be returned and the real result code will be passed to the completion
+  // callback.  Otherwise the result code is returned immediately from this
+  // call.
+  //
+  // If the HttpAuthSPPI object is deleted before completion then the callback
+  // will not be called.
+  //
+  // If no immediate result is returned then |auth_token| must remain valid
+  // until the callback has been called.
+  //
+  // |spn| is the Service Principal Name of the server that the token is
+  // being generated for.
+  //
   // If this is the first round of a multiple round scheme, credentials are
-  // obtained using |*credentials|. If |credentials| is NULL, the credentials
-  // for the currently logged in user are used instead.
+  // obtained using |*credentials|. If |credentials| is NULL, the default
+  // credentials are used instead.
   int GenerateAuthToken(const AuthCredentials* credentials,
                         const std::string& spn,
-                        std::string* auth_token);
+                        std::string* auth_token,
+                        const CompletionCallback& callback);
 
   // Delegation is allowed on the Kerberos ticket. This allows certain servers
-  // to act as the user, such as an IIS server retrieiving data from a
+  // to act as the user, such as an IIS server retrieving data from a
   // Kerberized MSSQL server.
   void Delegate();