| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_controller.h" | 5 #include "net/http/http_auth_controller.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/metrics/histogram_macros.h" | 9 #include "base/metrics/histogram_macros.h" |
| 10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 60 }; | 60 }; |
| 61 | 61 |
| 62 enum AuthTarget { | 62 enum AuthTarget { |
| 63 AUTH_TARGET_PROXY = 0, | 63 AUTH_TARGET_PROXY = 0, |
| 64 AUTH_TARGET_SECURE_PROXY, | 64 AUTH_TARGET_SECURE_PROXY, |
| 65 AUTH_TARGET_SERVER, | 65 AUTH_TARGET_SERVER, |
| 66 AUTH_TARGET_SECURE_SERVER, | 66 AUTH_TARGET_SECURE_SERVER, |
| 67 AUTH_TARGET_MAX, | 67 AUTH_TARGET_MAX, |
| 68 }; | 68 }; |
| 69 | 69 |
| 70 // Known authentication schemes. |
| 71 enum AuthScheme { |
| 72 AUTH_SCHEME_BASIC = 0, |
| 73 AUTH_SCHEME_DIGEST, |
| 74 AUTH_SCHEME_NTLM, |
| 75 AUTH_SCHEME_NEGOTIATE, |
| 76 AUTH_SCHEME_SPDYPROXY_DEPRECATED, |
| 77 AUTH_SCHEME_MOCK, |
| 78 |
| 79 // Add new schemes above this line and don't remove any values. This |
| 80 // enumeration is used for UMA. |
| 81 AUTH_SCHEME_MAX, |
| 82 }; |
| 83 |
| 84 AuthScheme AuthSchemeForUMA(const std::string& scheme) { |
| 85 DCHECK(HttpAuth::IsValidNormalizedScheme(scheme)); |
| 86 |
| 87 if (scheme == "basic") |
| 88 return AUTH_SCHEME_BASIC; |
| 89 |
| 90 if (scheme == "digest") |
| 91 return AUTH_SCHEME_DIGEST; |
| 92 |
| 93 if (scheme == "ntlm") |
| 94 return AUTH_SCHEME_NTLM; |
| 95 |
| 96 if (scheme == "negotiate") |
| 97 return AUTH_SCHEME_NEGOTIATE; |
| 98 |
| 99 if (scheme == "mock") |
| 100 return AUTH_SCHEME_MOCK; |
| 101 |
| 102 return AUTH_SCHEME_MAX; |
| 103 } |
| 104 |
| 70 AuthTarget DetermineAuthTarget(const HttpAuthHandler* handler) { | 105 AuthTarget DetermineAuthTarget(const HttpAuthHandler* handler) { |
| 71 switch (handler->target()) { | 106 switch (handler->target()) { |
| 72 case HttpAuth::AUTH_PROXY: | 107 case HttpAuth::AUTH_PROXY: |
| 73 if (handler->origin().SchemeIsCryptographic()) | 108 if (handler->origin().SchemeIsCryptographic()) |
| 74 return AUTH_TARGET_SECURE_PROXY; | 109 return AUTH_TARGET_SECURE_PROXY; |
| 75 else | 110 else |
| 76 return AUTH_TARGET_PROXY; | 111 return AUTH_TARGET_PROXY; |
| 77 case HttpAuth::AUTH_SERVER: | 112 case HttpAuth::AUTH_SERVER: |
| 78 if (handler->origin().SchemeIsCryptographic()) | 113 if (handler->origin().SchemeIsCryptographic()) |
| 79 return AUTH_TARGET_SECURE_SERVER; | 114 return AUTH_TARGET_SECURE_SERVER; |
| (...skipping 11 matching lines...) Expand all Loading... |
| 91 // Note: The on-same-thread check is intentionally not using a lock | 126 // Note: The on-same-thread check is intentionally not using a lock |
| 92 // to protect access to first_thread. This method is meant to be only | 127 // to protect access to first_thread. This method is meant to be only |
| 93 // used on the same thread, in which case there are no race conditions. If | 128 // used on the same thread, in which case there are no race conditions. If |
| 94 // there are race conditions (say, a read completes during a partial write), | 129 // there are race conditions (say, a read completes during a partial write), |
| 95 // the DCHECK will correctly fail. | 130 // the DCHECK will correctly fail. |
| 96 static base::PlatformThreadId first_thread = | 131 static base::PlatformThreadId first_thread = |
| 97 base::PlatformThread::CurrentId(); | 132 base::PlatformThread::CurrentId(); |
| 98 DCHECK_EQ(first_thread, base::PlatformThread::CurrentId()); | 133 DCHECK_EQ(first_thread, base::PlatformThread::CurrentId()); |
| 99 #endif | 134 #endif |
| 100 | 135 |
| 101 HttpAuth::Scheme auth_scheme = handler->auth_scheme(); | 136 AuthScheme auth_scheme = AuthSchemeForUMA(handler->auth_scheme()); |
| 102 DCHECK(auth_scheme >= 0 && auth_scheme < HttpAuth::AUTH_SCHEME_MAX); | 137 // Only measure known auth schemes. |
| 138 if (auth_scheme == AUTH_SCHEME_MAX) |
| 139 return; |
| 103 | 140 |
| 104 // Record start and rejection events for authentication. | 141 // Record start and rejection events for authentication. |
| 105 // | 142 // |
| 106 // The results map to: | 143 // The results map to: |
| 107 // Basic Start: 0 | 144 // Basic Start: 0 |
| 108 // Basic Reject: 1 | 145 // Basic Reject: 1 |
| 109 // Digest Start: 2 | 146 // Digest Start: 2 |
| 110 // Digest Reject: 3 | 147 // Digest Reject: 3 |
| 111 // NTLM Start: 4 | 148 // NTLM Start: 4 |
| 112 // NTLM Reject: 5 | 149 // NTLM Reject: 5 |
| 113 // Negotiate Start: 6 | 150 // Negotiate Start: 6 |
| 114 // Negotiate Reject: 7 | 151 // Negotiate Reject: 7 |
| 115 static const int kEventBucketsEnd = | 152 static const int kEventBucketsEnd = AUTH_SCHEME_MAX * AUTH_EVENT_MAX; |
| 116 HttpAuth::AUTH_SCHEME_MAX * AUTH_EVENT_MAX; | |
| 117 int event_bucket = auth_scheme * AUTH_EVENT_MAX + auth_event; | 153 int event_bucket = auth_scheme * AUTH_EVENT_MAX + auth_event; |
| 118 DCHECK(event_bucket >= 0 && event_bucket < kEventBucketsEnd); | 154 DCHECK(event_bucket >= 0 && event_bucket < kEventBucketsEnd); |
| 119 UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthCount", event_bucket, | 155 UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthCount", event_bucket, |
| 120 kEventBucketsEnd); | 156 kEventBucketsEnd); |
| 121 | 157 |
| 122 // Record the target of the authentication. | 158 // Record the target of the authentication. |
| 123 // | 159 // |
| 124 // The results map to: | 160 // The results map to: |
| 125 // Basic Proxy: 0 | 161 // Basic Proxy: 0 |
| 126 // Basic Secure Proxy: 1 | 162 // Basic Secure Proxy: 1 |
| 127 // Basic Server: 2 | 163 // Basic Server: 2 |
| 128 // Basic Secure Server: 3 | 164 // Basic Secure Server: 3 |
| 129 // Digest Proxy: 4 | 165 // Digest Proxy: 4 |
| 130 // Digest Secure Proxy: 5 | 166 // Digest Secure Proxy: 5 |
| 131 // Digest Server: 6 | 167 // Digest Server: 6 |
| 132 // Digest Secure Server: 7 | 168 // Digest Secure Server: 7 |
| 133 // NTLM Proxy: 8 | 169 // NTLM Proxy: 8 |
| 134 // NTLM Secure Proxy: 9 | 170 // NTLM Secure Proxy: 9 |
| 135 // NTLM Server: 10 | 171 // NTLM Server: 10 |
| 136 // NTLM Secure Server: 11 | 172 // NTLM Secure Server: 11 |
| 137 // Negotiate Proxy: 12 | 173 // Negotiate Proxy: 12 |
| 138 // Negotiate Secure Proxy: 13 | 174 // Negotiate Secure Proxy: 13 |
| 139 // Negotiate Server: 14 | 175 // Negotiate Server: 14 |
| 140 // Negotiate Secure Server: 15 | 176 // Negotiate Secure Server: 15 |
| 141 if (auth_event != AUTH_EVENT_START) | 177 if (auth_event != AUTH_EVENT_START) |
| 142 return; | 178 return; |
| 143 static const int kTargetBucketsEnd = | 179 static const int kTargetBucketsEnd = AUTH_SCHEME_MAX * AUTH_TARGET_MAX; |
| 144 HttpAuth::AUTH_SCHEME_MAX * AUTH_TARGET_MAX; | |
| 145 AuthTarget auth_target = DetermineAuthTarget(handler); | 180 AuthTarget auth_target = DetermineAuthTarget(handler); |
| 146 int target_bucket = auth_scheme * AUTH_TARGET_MAX + auth_target; | 181 int target_bucket = auth_scheme * AUTH_TARGET_MAX + auth_target; |
| 147 DCHECK(target_bucket >= 0 && target_bucket < kTargetBucketsEnd); | 182 DCHECK(target_bucket >= 0 && target_bucket < kTargetBucketsEnd); |
| 148 UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthTarget", target_bucket, | 183 UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthTarget", target_bucket, |
| 149 kTargetBucketsEnd); | 184 kTargetBucketsEnd); |
| 150 } | 185 } |
| 151 | 186 |
| 152 } // namespace | 187 } // namespace |
| 153 | 188 |
| 154 HttpAuthController::HttpAuthController( | 189 HttpAuthController::HttpAuthController( |
| (...skipping 348 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 503 | 538 |
| 504 void HttpAuthController::PopulateAuthChallenge() { | 539 void HttpAuthController::PopulateAuthChallenge() { |
| 505 DCHECK(CalledOnValidThread()); | 540 DCHECK(CalledOnValidThread()); |
| 506 | 541 |
| 507 // Populates response_.auth_challenge with the authentication challenge info. | 542 // Populates response_.auth_challenge with the authentication challenge info. |
| 508 // This info is consumed by URLRequestHttpJob::GetAuthChallengeInfo(). | 543 // This info is consumed by URLRequestHttpJob::GetAuthChallengeInfo(). |
| 509 | 544 |
| 510 auth_info_ = new AuthChallengeInfo; | 545 auth_info_ = new AuthChallengeInfo; |
| 511 auth_info_->is_proxy = (target_ == HttpAuth::AUTH_PROXY); | 546 auth_info_->is_proxy = (target_ == HttpAuth::AUTH_PROXY); |
| 512 auth_info_->challenger = HostPortPair::FromURL(auth_origin_); | 547 auth_info_->challenger = HostPortPair::FromURL(auth_origin_); |
| 513 auth_info_->scheme = HttpAuth::SchemeToString(handler_->auth_scheme()); | 548 auth_info_->scheme = handler_->auth_scheme(); |
| 514 auth_info_->realm = handler_->realm(); | 549 auth_info_->realm = handler_->realm(); |
| 515 } | 550 } |
| 516 | 551 |
| 517 bool HttpAuthController::DisableOnAuthHandlerResult(int result) { | 552 bool HttpAuthController::DisableOnAuthHandlerResult(int result) { |
| 518 DCHECK(CalledOnValidThread()); | 553 DCHECK(CalledOnValidThread()); |
| 519 | 554 |
| 520 switch (result) { | 555 switch (result) { |
| 521 // Occurs with GSSAPI, if the user has not already logged in. | 556 // Occurs with GSSAPI, if the user has not already logged in. |
| 522 case ERR_MISSING_AUTH_CREDENTIALS: | 557 case ERR_MISSING_AUTH_CREDENTIALS: |
| 523 | 558 |
| (...skipping 29 matching lines...) Expand all Loading... |
| 553 callback_.Reset(); | 588 callback_.Reset(); |
| 554 c.Run(result); | 589 c.Run(result); |
| 555 } | 590 } |
| 556 } | 591 } |
| 557 | 592 |
| 558 scoped_refptr<AuthChallengeInfo> HttpAuthController::auth_info() { | 593 scoped_refptr<AuthChallengeInfo> HttpAuthController::auth_info() { |
| 559 DCHECK(CalledOnValidThread()); | 594 DCHECK(CalledOnValidThread()); |
| 560 return auth_info_; | 595 return auth_info_; |
| 561 } | 596 } |
| 562 | 597 |
| 563 bool HttpAuthController::IsAuthSchemeDisabled(HttpAuth::Scheme scheme) const { | 598 bool HttpAuthController::IsAuthSchemeDisabled(const std::string& scheme) const { |
| 564 DCHECK(CalledOnValidThread()); | 599 DCHECK(CalledOnValidThread()); |
| 565 return disabled_schemes_.find(scheme) != disabled_schemes_.end(); | 600 return disabled_schemes_.Contains(scheme); |
| 566 } | 601 } |
| 567 | 602 |
| 568 void HttpAuthController::DisableAuthScheme(HttpAuth::Scheme scheme) { | 603 void HttpAuthController::DisableAuthScheme(const std::string& scheme) { |
| 569 DCHECK(CalledOnValidThread()); | 604 DCHECK(CalledOnValidThread()); |
| 570 disabled_schemes_.insert(scheme); | 605 disabled_schemes_.Add(scheme); |
| 571 } | 606 } |
| 572 | 607 |
| 573 void HttpAuthController::DisableEmbeddedIdentity() { | 608 void HttpAuthController::DisableEmbeddedIdentity() { |
| 574 DCHECK(CalledOnValidThread()); | 609 DCHECK(CalledOnValidThread()); |
| 575 embedded_identity_used_ = true; | 610 embedded_identity_used_ = true; |
| 576 } | 611 } |
| 577 | 612 |
| 578 } // namespace net | 613 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1157333005:
[net/http auth] Use strings to identify authentication schemes.
Base URL: https://chromium.googlesource.com/chromium/src.git@master