[net/http auth] Make HttpAuthHandler challenge handling asynchronous.

net/http/http_auth_gssapi_posix.cc

Index: net/http/http_auth_gssapi_posix.cc
diff --git a/net/http/http_auth_gssapi_posix.cc b/net/http/http_auth_gssapi_posix.cc
index 0b6103ffda47ff3110905013267dd124d0d585e3..566baf999bab2b0803ce4e1220cfcfd3cce274d0 100644
--- a/net/http/http_auth_gssapi_posix.cc
+++ b/net/http/http_auth_gssapi_posix.cc
@@ -667,6 +667,21 @@ HttpAuthGSSAPI::HttpAuthGSSAPI(GSSAPILibrary* library,
 HttpAuthGSSAPI::~HttpAuthGSSAPI() {
 }
 
+// TODO(asanka): Take a HttpResonseInfo along with the initial challenge to
+// initialize the HttpAuthHandler. Then HttpAuthHandlerNegotiate can generate a
+// channel binding token from the SSLInfo which can then be used when tokens are
+// being generated.
+//
+// Only the HandleAnotherChallenge() and InitFromChallenge() phases have
+// realiable access to a HttpResonseInfo.
+//
+// There is a lot of cleanup to do here, but should be kept separate from the
+// other ongoing work.
+//
+// We unfortunately can't move the token generation code to be after header
+// receipt in http_network_transaction because it's needed for pre-emptive
+// authentication :(. We need to make both HTTP auth challenge handling and
+// token generation to be potentially asynchronous.
 bool HttpAuthGSSAPI::Init() {
   if (!library_)
     return false;