OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth_handler_digest.h" | 5 #include "net/http/http_auth_handler_digest.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/i18n/icu_string_conversions.h" | 9 #include "base/i18n/icu_string_conversions.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
(...skipping 304 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
315 } | 315 } |
316 | 316 |
317 std::string HttpAuthHandlerDigest::AssembleResponseDigest( | 317 std::string HttpAuthHandlerDigest::AssembleResponseDigest( |
318 const std::string& method, | 318 const std::string& method, |
319 const std::string& path, | 319 const std::string& path, |
320 const AuthCredentials& credentials, | 320 const AuthCredentials& credentials, |
321 const std::string& cnonce, | 321 const std::string& cnonce, |
322 const std::string& nc) const { | 322 const std::string& nc) const { |
323 // ha1 = MD5(A1) | 323 // ha1 = MD5(A1) |
324 // TODO(eroman): is this the right encoding? | 324 // TODO(eroman): is this the right encoding? |
325 std::string ha1 = base::MD5String(UTF16ToUTF8(credentials.username()) + ":" + | 325 std::string ha1 = base::MD5String(base::UTF16ToUTF8(credentials.username()) + |
326 original_realm_ + ":" + | 326 ":" + original_realm_ + ":" + |
327 UTF16ToUTF8(credentials.password())); | 327 base::UTF16ToUTF8(credentials.password())); |
328 if (algorithm_ == HttpAuthHandlerDigest::ALGORITHM_MD5_SESS) | 328 if (algorithm_ == HttpAuthHandlerDigest::ALGORITHM_MD5_SESS) |
329 ha1 = base::MD5String(ha1 + ":" + nonce_ + ":" + cnonce); | 329 ha1 = base::MD5String(ha1 + ":" + nonce_ + ":" + cnonce); |
330 | 330 |
331 // ha2 = MD5(A2) | 331 // ha2 = MD5(A2) |
332 // TODO(eroman): need to add MD5(req-entity-body) for qop=auth-int. | 332 // TODO(eroman): need to add MD5(req-entity-body) for qop=auth-int. |
333 std::string ha2 = base::MD5String(method + ":" + path); | 333 std::string ha2 = base::MD5String(method + ":" + path); |
334 | 334 |
335 std::string nc_part; | 335 std::string nc_part; |
336 if (qop_ != HttpAuthHandlerDigest::QOP_UNSPECIFIED) { | 336 if (qop_ != HttpAuthHandlerDigest::QOP_UNSPECIFIED) { |
337 nc_part = nc + ":" + cnonce + ":" + QopToString(qop_) + ":"; | 337 nc_part = nc + ":" + cnonce + ":" + QopToString(qop_) + ":"; |
338 } | 338 } |
339 | 339 |
340 return base::MD5String(ha1 + ":" + nonce_ + ":" + nc_part + ha2); | 340 return base::MD5String(ha1 + ":" + nonce_ + ":" + nc_part + ha2); |
341 } | 341 } |
342 | 342 |
343 std::string HttpAuthHandlerDigest::AssembleCredentials( | 343 std::string HttpAuthHandlerDigest::AssembleCredentials( |
344 const std::string& method, | 344 const std::string& method, |
345 const std::string& path, | 345 const std::string& path, |
346 const AuthCredentials& credentials, | 346 const AuthCredentials& credentials, |
347 const std::string& cnonce, | 347 const std::string& cnonce, |
348 int nonce_count) const { | 348 int nonce_count) const { |
349 // the nonce-count is an 8 digit hex string. | 349 // the nonce-count is an 8 digit hex string. |
350 std::string nc = base::StringPrintf("%08x", nonce_count); | 350 std::string nc = base::StringPrintf("%08x", nonce_count); |
351 | 351 |
352 // TODO(eroman): is this the right encoding? | 352 // TODO(eroman): is this the right encoding? |
353 std::string authorization = (std::string("Digest username=") + | 353 std::string authorization = (std::string("Digest username=") + |
354 HttpUtil::Quote( | 354 HttpUtil::Quote( |
355 UTF16ToUTF8(credentials.username()))); | 355 base::UTF16ToUTF8(credentials.username()))); |
356 authorization += ", realm=" + HttpUtil::Quote(original_realm_); | 356 authorization += ", realm=" + HttpUtil::Quote(original_realm_); |
357 authorization += ", nonce=" + HttpUtil::Quote(nonce_); | 357 authorization += ", nonce=" + HttpUtil::Quote(nonce_); |
358 authorization += ", uri=" + HttpUtil::Quote(path); | 358 authorization += ", uri=" + HttpUtil::Quote(path); |
359 | 359 |
360 if (algorithm_ != ALGORITHM_UNSPECIFIED) { | 360 if (algorithm_ != ALGORITHM_UNSPECIFIED) { |
361 authorization += ", algorithm=" + AlgorithmToString(algorithm_); | 361 authorization += ", algorithm=" + AlgorithmToString(algorithm_); |
362 } | 362 } |
363 std::string response = AssembleResponseDigest(method, path, credentials, | 363 std::string response = AssembleResponseDigest(method, path, credentials, |
364 cnonce, nc); | 364 cnonce, nc); |
365 // No need to call HttpUtil::Quote() as the response digest cannot contain | 365 // No need to call HttpUtil::Quote() as the response digest cannot contain |
366 // any characters needing to be escaped. | 366 // any characters needing to be escaped. |
367 authorization += ", response=\"" + response + "\""; | 367 authorization += ", response=\"" + response + "\""; |
368 | 368 |
369 if (!opaque_.empty()) { | 369 if (!opaque_.empty()) { |
370 authorization += ", opaque=" + HttpUtil::Quote(opaque_); | 370 authorization += ", opaque=" + HttpUtil::Quote(opaque_); |
371 } | 371 } |
372 if (qop_ != QOP_UNSPECIFIED) { | 372 if (qop_ != QOP_UNSPECIFIED) { |
373 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. | 373 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. |
374 authorization += ", qop=" + QopToString(qop_); | 374 authorization += ", qop=" + QopToString(qop_); |
375 authorization += ", nc=" + nc; | 375 authorization += ", nc=" + nc; |
376 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); | 376 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); |
377 } | 377 } |
378 | 378 |
379 return authorization; | 379 return authorization; |
380 } | 380 } |
381 | 381 |
382 } // namespace net | 382 } // namespace net |
OLD | NEW |