[net/http auth] Split HttpAuthHandler creation from initialization.

net/http/http_auth_handler_digest.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_auth_handler_digest.h"
 
 #include <string>
 
 #include "base/logging.h"
 #include "base/md5.h"
 #include "base/rand_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_string_util.h"
 #include "net/base/net_util.h"
 #include "net/http/http_auth.h"
 #include "net/http/http_auth_challenge_tokenizer.h"
 #include "net/http/http_request_info.h"
 #include "net/http/http_util.h"
 #include "url/gurl.h"
 
 namespace net {
 
-static const char* const kDigestSchemeName = "digest";
+static const char kDigestSchemeName[] = "digest";
 
 // Digest authentication is specified in RFC 2617.
 // The expanded derivations are listed in the tables below.
 
 //==========+==========+==========================================+
 //    qop   |algorithm |               response                   |
 //==========+==========+==========================================+
 //    ?     |  ?, md5, | MD5(MD5(A1):nonce:MD5(A2))               |
 //          | md5-sess |                                          |
 //--------- +----------+------------------------------------------+
@@ skipping 35 matching lines @@
 
 HttpAuthHandlerDigest::FixedNonceGenerator::FixedNonceGenerator(
     const std::string& nonce)
     : nonce_(nonce) {
 }
 
 std::string HttpAuthHandlerDigest::FixedNonceGenerator::GenerateNonce() const {
   return nonce_;
 }
 
-HttpAuthHandlerDigest::Factory::Factory()
-    : nonce_generator_(new DynamicNonceGenerator()) {
-}
-
-HttpAuthHandlerDigest::Factory::~Factory() {
-}
-
-void HttpAuthHandlerDigest::Factory::set_nonce_generator(
-    const NonceGenerator* nonce_generator) {
-  nonce_generator_.reset(nonce_generator);
-}
-
-int HttpAuthHandlerDigest::Factory::CreateAuthHandler(
-    const HttpAuthChallengeTokenizer& challenge,
-    HttpAuth::Target target,
-    const GURL& origin,
-    CreateReason reason,
-    int digest_nonce_count,
-    const BoundNetLog& net_log,
-    scoped_ptr<HttpAuthHandler>* handler) {
-  // TODO(cbentzel): Move towards model of parsing in the factory
-  //                 method and only constructing when valid.
-  scoped_ptr<HttpAuthHandler> tmp_handler(
-      new HttpAuthHandlerDigest(digest_nonce_count, nonce_generator_.get()));
-  int result =
-      tmp_handler->HandleInitialChallenge(challenge, target, origin, net_log);
-  if (result == OK)
-    handler->swap(tmp_handler);
-  return result;
-}
-
 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge(
     const HttpAuthChallengeTokenizer& challenge) {
   // Even though Digest is not connection based, a "second round" is parsed
   // to differentiate between stale and rejected responses.
   // Note that the state of the current handler is not mutated - this way if
   // there is a rejection the realm hasn't changed.
   if (!challenge.SchemeIs(kDigestSchemeName))
     return HttpAuth::AUTHORIZATION_RESULT_INVALID;
 
   HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs();
@@ skipping 31 matching lines @@
   std::string method;
   std::string path;
   GetRequestMethodAndPath(request, &method, &path);
 
   *auth_token = AssembleCredentials(method, path, *credentials,
                                     cnonce, nonce_count_);
   return OK;
 }
 
 HttpAuthHandlerDigest::HttpAuthHandlerDigest(
-    int nonce_count, const NonceGenerator* nonce_generator)
-    : stale_(false),
+    int nonce_count,
+    const NonceGenerator* nonce_generator)
+    : HttpAuthHandler(kDigestSchemeName),
+      stale_(false),
       algorithm_(ALGORITHM_UNSPECIFIED),
       qop_(QOP_UNSPECIFIED),
       nonce_count_(nonce_count),
       nonce_generator_(nonce_generator) {
   DCHECK(nonce_generator_);
 }
 
 HttpAuthHandlerDigest::~HttpAuthHandlerDigest() {
 }
 
@@ skipping 10 matching lines @@
 //
 // Note that according to RFC 2617 (section 1.2) the realm is required.
 // However we allow it to be omitted, in which case it will default to the
 // empty string.
 //
 // This allowance is for better compatibility with webservers that fail to
 // send the realm (See http://crbug.com/20984 for an instance where a
 // webserver was not sending the realm with a BASIC challenge).
 bool HttpAuthHandlerDigest::ParseChallenge(
     const HttpAuthChallengeTokenizer& challenge) {
-  auth_scheme_ = kDigestSchemeName;
+  // FAIL -- Couldn't match auth-scheme.
+  if (!challenge.SchemeIs(kDigestSchemeName))
+    return false;
 
   // Initialize to defaults.
   stale_ = false;
   algorithm_ = ALGORITHM_UNSPECIFIED;
   qop_ = QOP_UNSPECIFIED;
   realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string();
 
-  // FAIL -- Couldn't match auth-scheme.
-  if (!challenge.SchemeIs(kDigestSchemeName))
-    return false;
-
   HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs();
 
   // Loop through all the properties.
   while (parameters.GetNext()) {
     // FAIL -- couldn't parse a property.
     if (!ParseChallengeProperty(parameters.name(),
                                 parameters.value()))
       return false;
   }
 
@@ skipping 156 matching lines @@
   if (qop_ != QOP_UNSPECIFIED) {
     // TODO(eroman): Supposedly IIS server requires quotes surrounding qop.
     authorization += ", qop=" + QopToString(qop_);
     authorization += ", nc=" + nc;
     authorization += ", cnonce=" + HttpUtil::Quote(cnonce);
   }
 
   return authorization;
 }
 
+HttpAuthHandlerDigest::Factory::Factory()
+    : nonce_generator_(new DynamicNonceGenerator()) {}
+
+HttpAuthHandlerDigest::Factory::~Factory() {}
+
+void HttpAuthHandlerDigest::Factory::set_nonce_generator(
+    const NonceGenerator* nonce_generator) {
+  nonce_generator_.reset(nonce_generator);
+}
+
+scoped_ptr<HttpAuthHandler>
+HttpAuthHandlerDigest::Factory::CreateAuthHandlerForScheme(
+    const std::string& scheme) {
+  DCHECK(HttpAuth::IsValidNormalizedScheme(scheme));
+  if (scheme != kDigestSchemeName)
+    return scoped_ptr<HttpAuthHandler>();
+  return make_scoped_ptr(new HttpAuthHandlerDigest(1, nonce_generator_.get()));
+}
+
+scoped_ptr<HttpAuthHandler>
+HttpAuthHandlerDigest::Factory::CreateAndInitPreemptiveAuthHandler(
+    HttpAuthCache::Entry* cache_entry,
+    const HttpAuthChallengeTokenizer& tokenizer,
+    HttpAuth::Target target,
+    const BoundNetLog& net_log) {
+  if (cache_entry->scheme() != kDigestSchemeName)
+    return scoped_ptr<HttpAuthHandler>();
+  scoped_ptr<HttpAuthHandler> handler(new HttpAuthHandlerDigest(
+      cache_entry->IncrementNonceCount(), nonce_generator_.get()));
+  int rv = handler->HandleInitialChallenge(tokenizer, target,
+                                           cache_entry->origin(), net_log);
+  if (rv == OK)
+    return handler;
+  return scoped_ptr<HttpAuthHandler>();
+}
+
 }  // namespace net