| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_handler_ntlm.h" | 5 #include "net/http/http_auth_handler_ntlm.h" |
| 6 | 6 |
| 7 #if !defined(NTLM_SSPI) | 7 #if !defined(NTLM_SSPI) |
| 8 #include "base/base64.h" | 8 #include "base/base64.h" |
| 9 #endif | 9 #endif |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/strings/string_util.h" | 11 #include "base/strings/string_util.h" |
| 12 #include "base/strings/utf_string_conversions.h" | 12 #include "base/strings/utf_string_conversions.h" |
| 13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
| 14 #include "net/base/net_util.h" | 14 #include "net/base/net_util.h" |
| 15 #include "net/http/http_auth_challenge_tokenizer.h" | 15 #include "net/http/http_auth_challenge_tokenizer.h" |
| 16 | 16 |
| 17 namespace net { | 17 namespace net { |
| 18 | 18 |
| 19 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::HandleAnotherChallenge( | 19 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::HandleAnotherChallenge( |
| 20 HttpAuthChallengeTokenizer* challenge) { | 20 HttpAuthChallengeTokenizer* challenge) { |
| 21 return ParseChallenge(challenge, false); | 21 return ParseChallenge(challenge, false); |
| 22 } | 22 } |
| 23 | 23 |
| 24 bool HttpAuthHandlerNTLM::Init(HttpAuthChallengeTokenizer* tok) { | 24 bool HttpAuthHandlerNTLM::Init(HttpAuthChallengeTokenizer* tok) { |
| 25 auth_scheme_ = HttpAuth::AUTH_SCHEME_NTLM; | 25 auth_scheme_ = "ntlm"; |
| 26 score_ = 3; | |
| 27 properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED; | |
| 28 | |
| 29 return ParseChallenge(tok, true) == HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 26 return ParseChallenge(tok, true) == HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
| 30 } | 27 } |
| 31 | 28 |
| 32 int HttpAuthHandlerNTLM::GenerateAuthTokenImpl( | 29 int HttpAuthHandlerNTLM::GenerateAuthTokenImpl( |
| 33 const AuthCredentials* credentials, const HttpRequestInfo* request, | 30 const AuthCredentials* credentials, const HttpRequestInfo* request, |
| 34 const CompletionCallback& callback, std::string* auth_token) { | 31 const CompletionCallback& callback, std::string* auth_token) { |
| 35 #if defined(NTLM_SSPI) | 32 #if defined(NTLM_SSPI) |
| 36 return auth_sspi_.GenerateAuthToken(credentials, CreateSPN(origin_), | 33 return auth_sspi_.GenerateAuthToken(credentials, CreateSPN(origin_), |
| 37 auth_token, callback); | 34 auth_token, callback); |
| 38 #else // !defined(NTLM_SSPI) | 35 #else // !defined(NTLM_SSPI) |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 105 return auth_sspi_.ParseChallenge(tok); | 102 return auth_sspi_.ParseChallenge(tok); |
| 106 #else | 103 #else |
| 107 // TODO(cbentzel): Most of the logic between SSPI, GSSAPI, and portable NTLM | 104 // TODO(cbentzel): Most of the logic between SSPI, GSSAPI, and portable NTLM |
| 108 // authentication parsing could probably be shared - just need to know if | 105 // authentication parsing could probably be shared - just need to know if |
| 109 // there was previously a challenge round. | 106 // there was previously a challenge round. |
| 110 // TODO(cbentzel): Write a test case to validate that auth_data_ is left empty | 107 // TODO(cbentzel): Write a test case to validate that auth_data_ is left empty |
| 111 // in all failure conditions. | 108 // in all failure conditions. |
| 112 auth_data_.clear(); | 109 auth_data_.clear(); |
| 113 | 110 |
| 114 // Verify the challenge's auth-scheme. | 111 // Verify the challenge's auth-scheme. |
| 115 if (!base::LowerCaseEqualsASCII(tok->scheme(), "ntlm")) | 112 if (!tok->SchemeIs("ntlm")) |
| 116 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 113 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| 117 | 114 |
| 118 std::string base64_param = tok->base64_param(); | 115 std::string base64_param = tok->base64_param(); |
| 119 if (base64_param.empty()) { | 116 if (base64_param.empty()) { |
| 120 if (!initial_challenge) | 117 if (!initial_challenge) |
| 121 return HttpAuth::AUTHORIZATION_RESULT_REJECT; | 118 return HttpAuth::AUTHORIZATION_RESULT_REJECT; |
| 122 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 119 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
| 123 } else { | 120 } else { |
| 124 if (initial_challenge) | 121 if (initial_challenge) |
| 125 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 122 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| 126 } | 123 } |
| 127 | 124 |
| 128 auth_data_ = base64_param; | 125 auth_data_ = base64_param; |
| 129 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 126 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
| 130 #endif // defined(NTLM_SSPI) | 127 #endif // defined(NTLM_SSPI) |
| 131 } | 128 } |
| 132 | 129 |
| 133 // static | 130 // static |
| 134 std::string HttpAuthHandlerNTLM::CreateSPN(const GURL& origin) { | 131 std::string HttpAuthHandlerNTLM::CreateSPN(const GURL& origin) { |
| 135 // The service principal name of the destination server. See | 132 // The service principal name of the destination server. See |
| 136 // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx | 133 // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx |
| 137 std::string target("HTTP/"); | 134 std::string target("HTTP/"); |
| 138 target.append(GetHostAndPort(origin)); | 135 target.append(GetHostAndPort(origin)); |
| 139 return target; | 136 return target; |
| 140 } | 137 } |
| 141 | 138 |
| 142 } // namespace net | 139 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1157333005:
[net/http auth] Use strings to identify authentication schemes.
Base URL: https://chromium.googlesource.com/chromium/src.git@master