OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/base64.h" | 5 #include "base/base64.h" |
6 #include "base/strings/string_util.h" | 6 #include "base/strings/string_util.h" |
7 #include "net/http/http_auth_challenge_tokenizer.h" | 7 #include "net/http/http_auth_challenge_tokenizer.h" |
8 #include "net/http/http_auth_multi_round_parse.h" | 8 #include "net/http/http_auth_multi_round_parse.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
11 | 11 |
12 namespace { | |
13 | |
14 // Check that the scheme in the challenge matches the expected scheme | |
15 bool SchemeIsValid(const std::string& scheme, | |
16 HttpAuthChallengeTokenizer* challenge) { | |
17 // There is no guarantee that challenge->scheme() is valid ASCII, but | |
18 // LowerCaseEqualsASCII will do the right thing even if it isn't. | |
19 return base::LowerCaseEqualsASCII(challenge->scheme(), | |
20 base::ToLowerASCII(scheme)); | |
21 } | |
22 | |
23 } // namespace | |
24 | |
25 HttpAuth::AuthorizationResult ParseFirstRoundChallenge( | 12 HttpAuth::AuthorizationResult ParseFirstRoundChallenge( |
26 const std::string& scheme, | 13 const std::string& scheme, |
27 HttpAuthChallengeTokenizer* challenge) { | 14 HttpAuthChallengeTokenizer* challenge) { |
28 // Verify the challenge's auth-scheme. | 15 // Verify the challenge's auth-scheme. |
29 if (!SchemeIsValid(scheme, challenge)) | 16 if (!challenge->SchemeIs(base::ToLowerASCII(scheme))) |
30 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 17 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
31 | 18 |
32 std::string encoded_auth_token = challenge->base64_param(); | 19 std::string encoded_auth_token = challenge->base64_param(); |
33 if (!encoded_auth_token.empty()) { | 20 if (!encoded_auth_token.empty()) { |
34 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 21 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
35 } | 22 } |
36 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 23 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
37 } | 24 } |
38 | 25 |
39 HttpAuth::AuthorizationResult ParseLaterRoundChallenge( | 26 HttpAuth::AuthorizationResult ParseLaterRoundChallenge( |
40 const std::string& scheme, | 27 const std::string& scheme, |
41 HttpAuthChallengeTokenizer* challenge, | 28 HttpAuthChallengeTokenizer* challenge, |
42 std::string* encoded_token, | 29 std::string* encoded_token, |
43 std::string* decoded_token) { | 30 std::string* decoded_token) { |
44 // Verify the challenge's auth-scheme. | 31 // Verify the challenge's auth-scheme. |
45 if (!SchemeIsValid(scheme, challenge)) | 32 if (!challenge->SchemeIs(base::ToLowerASCII(scheme))) |
46 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 33 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
47 | 34 |
48 *encoded_token = challenge->base64_param(); | 35 *encoded_token = challenge->base64_param(); |
49 if (encoded_token->empty()) | 36 if (encoded_token->empty()) |
50 return HttpAuth::AUTHORIZATION_RESULT_REJECT; | 37 return HttpAuth::AUTHORIZATION_RESULT_REJECT; |
51 | 38 |
52 // Make sure the additional token is base64 encoded. | 39 // Make sure the additional token is base64 encoded. |
53 if (!base::Base64Decode(*encoded_token, decoded_token)) | 40 if (!base::Base64Decode(*encoded_token, decoded_token)) |
54 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 41 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
55 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 42 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
56 } | 43 } |
57 | 44 |
58 } // namespace net | 45 } // namespace net |
OLD | NEW |