[net/http auth] Make HttpAuthHandler challenge handling asynchronous.

net/http/http_auth.cc

Index: net/http/http_auth.cc
diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc
index 295a988b5bc58c6ba2a4400292bcf415ab276ede..f8b826dc33120932d35e68a3ea160299a69514d4 100644
--- a/net/http/http_auth.cc
+++ b/net/http/http_auth.cc
@@ -4,168 +4,17 @@
 
 #include "net/http/http_auth.h"
 
-#include <algorithm>
-
 #include "base/basictypes.h"
-#include "base/bind.h"
-#include "base/strings/string_tokenizer.h"
 #include "base/strings/string_util.h"
-#include "base/values.h"
-#include "net/base/net_errors.h"
-#include "net/http/http_auth_challenge_tokenizer.h"
-#include "net/http/http_auth_handler.h"
-#include "net/http/http_auth_handler_factory.h"
-#include "net/http/http_auth_scheme_set.h"
 #include "net/http/http_request_headers.h"
-#include "net/http/http_response_headers.h"
-#include "net/http/http_util.h"
 
 namespace net {
 
-namespace {
-
-// Hardcoded map of HTTP authentication scheme priorities. Higher priorities are
-// preferred over lower.
-struct SchemePriority {
-  const char* scheme;
-  int priority;
-} kSchemeScores[] = {
-    {"basic", 1},
-    {"digest", 2},
-    {"ntlm", 3},
-    {"negotiate", 4},
-};
-
-// Priority assigned to unknown authentication schemes. They are currently
-// ranked lower than Basic, which might be a bit too conservative.
-const int kSchemePriorityDefault = 0;
-
-// Not a valid priority.
-const int kSchemePriorityInvalid = -1;
-
-// Higher priority schemes are preferred over lower priority schemes.
-int GetSchemePriority(const std::string& scheme) {
-  DCHECK(HttpAuth::IsValidNormalizedScheme(scheme));
-  for (const auto& iter : kSchemeScores) {
-    if (scheme == iter.scheme)
-      return iter.priority;
-  }
-  return kSchemePriorityDefault;
-}
-
-scoped_ptr<base::Value> AuthHandlerCreationFailureParams(
-    const std::string* challenge,
-    int error,
-    NetLogCaptureMode capture_mode) {
-  scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
-  dict->SetString("challenge", *challenge);
-  dict->SetInteger("net_error", error);
-  return dict.Pass();
-}
-
-}  // namespace
-
 HttpAuth::Identity::Identity() : source(IDENT_SRC_NONE), invalid(true) {}
 
 HttpAuth::Identity::~Identity() {}
 
 // static
-void HttpAuth::ChooseBestChallenge(
-    HttpAuthHandlerFactory* http_auth_handler_factory,
-    const HttpResponseHeaders* headers,
-    Target target,
-    const GURL& origin,
-    const HttpAuthSchemeSet& disabled_schemes,
-    const BoundNetLog& net_log,
-    scoped_ptr<HttpAuthHandler>* handler) {
-  DCHECK(http_auth_handler_factory);
-  DCHECK(!handler->get());
-
-  int best_priority = kSchemePriorityInvalid;
-  scoped_ptr<HttpAuthHandler> best;
-  const std::string header_name = GetChallengeHeaderName(target);
-  std::string cur_challenge;
-  void* iter = nullptr;
-
-  while (headers->EnumerateHeader(&iter, header_name, &cur_challenge)) {
-    HttpAuthChallengeTokenizer challenge_tokenizer(cur_challenge.begin(),
-                                                   cur_challenge.end());
-    std::string cur_auth_scheme = challenge_tokenizer.NormalizedScheme();
-    if (cur_auth_scheme.empty())
-      continue;
-
-    if (disabled_schemes.Contains(cur_auth_scheme))
-      continue;
-
-    // Always prefer the highest priority scheme available. If two handlers are
-    // of equal priority, then the handler based on the earlier challenge wins.
-    int cur_priority = GetSchemePriority(cur_auth_scheme);
-    if (best.get() && best_priority >= cur_priority)
-      continue;
-
-    // Immediately trying to create a handler may be wasteful because we may see
-    // a higher ranking challenge later on in the headers. However, this is
-    // rare. Servers typically specify higher priority schemes before lower
-    // priority schemes.
-    scoped_ptr<HttpAuthHandler> current_handler;
-    current_handler = http_auth_handler_factory->CreateAuthHandlerForScheme(
-        challenge_tokenizer.NormalizedScheme());
-    if (!current_handler) {
-      net_log.AddEvent(NetLog::TYPE_AUTH_HANDLER_CREATION_FAILURE,
-                       base::Bind(&AuthHandlerCreationFailureParams,
-                                  &cur_challenge, ERR_UNSUPPORTED_AUTH_SCHEME));
-      continue;
-    }
-    int rv = current_handler->HandleInitialChallenge(challenge_tokenizer,
-                                                     target, origin, net_log);
-    if (rv != OK) {
-      net_log.AddEvent(
-          NetLog::TYPE_AUTH_HANDLER_CREATION_FAILURE,
-          base::Bind(&AuthHandlerCreationFailureParams, &cur_challenge, rv));
-      continue;
-    }
-    DCHECK(current_handler.get());
-    DCHECK_EQ(cur_auth_scheme, current_handler->auth_scheme());
-    best.swap(current_handler);
-    best_priority = cur_priority;
-  }
-  handler->swap(best);
-}
-
-// static
-HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse(
-    HttpAuthHandler* handler,
-    const HttpResponseHeaders* headers,
-    Target target,
-    const HttpAuthSchemeSet& disabled_schemes,
-    std::string* challenge_used) {
-  DCHECK(handler);
-  DCHECK(headers);
-  DCHECK(challenge_used);
-  challenge_used->clear();
-  const std::string& current_scheme = handler->auth_scheme();
-  if (disabled_schemes.Contains(current_scheme))
-    return HttpAuth::AUTHORIZATION_RESULT_REJECT;
-  const std::string header_name = GetChallengeHeaderName(target);
-  void* iter = NULL;
-  std::string challenge;
-  HttpAuth::AuthorizationResult authorization_result =
-      HttpAuth::AUTHORIZATION_RESULT_INVALID;
-  while (headers->EnumerateHeader(&iter, header_name, &challenge)) {
-    HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end());
-    if (!props.SchemeIs(current_scheme))
-      continue;
-    authorization_result = handler->HandleAnotherChallenge(props);
-    if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID) {
-      *challenge_used = challenge;
-      return authorization_result;
-    }
-  }
-  // Finding no matches is equivalent to rejection.
-  return HttpAuth::AUTHORIZATION_RESULT_REJECT;
-}
-
-// static
 std::string HttpAuth::GetChallengeHeaderName(Target target) {
   switch (target) {
     case AUTH_PROXY: