OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth.h" | 5 #include "net/http/http_auth.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
9 #include "base/strings/string_tokenizer.h" | 9 #include "base/strings/string_tokenizer.h" |
10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
11 #include "net/base/net_errors.h" | 11 #include "net/base/net_errors.h" |
12 #include "net/http/http_auth_challenge_tokenizer.h" | 12 #include "net/http/http_auth_challenge_tokenizer.h" |
13 #include "net/http/http_auth_handler.h" | 13 #include "net/http/http_auth_handler.h" |
14 #include "net/http/http_auth_handler_factory.h" | 14 #include "net/http/http_auth_handler_factory.h" |
15 #include "net/http/http_auth_scheme.h" | 15 #include "net/http/http_auth_scheme.h" |
16 #include "net/http/http_request_headers.h" | 16 #include "net/http/http_request_headers.h" |
17 #include "net/http/http_response_headers.h" | 17 #include "net/http/http_response_headers.h" |
18 #include "net/http/http_util.h" | 18 #include "net/http/http_util.h" |
19 | 19 |
20 namespace net { | 20 namespace net { |
21 | 21 |
22 HttpAuth::Identity::Identity() : source(IDENT_SRC_NONE), invalid(true) {} | 22 HttpAuth::Identity::Identity() : source(IDENT_SRC_NONE), invalid(true) {} |
23 | 23 |
24 // static | 24 // static |
25 void HttpAuth::ChooseBestChallenge( | 25 void HttpAuth::ChooseBestChallenge( |
26 HttpAuthHandlerFactory* http_auth_handler_factory, | 26 HttpAuthHandlerFactory* http_auth_handler_factory, |
27 const HttpResponseHeaders* headers, | 27 const HttpResponseHeaders& response_headers, |
| 28 const SSLInfo& ssl_info, |
28 Target target, | 29 Target target, |
29 const GURL& origin, | 30 const GURL& origin, |
30 const std::set<Scheme>& disabled_schemes, | 31 const std::set<Scheme>& disabled_schemes, |
31 const BoundNetLog& net_log, | 32 const BoundNetLog& net_log, |
32 scoped_ptr<HttpAuthHandler>* handler) { | 33 scoped_ptr<HttpAuthHandler>* handler) { |
33 DCHECK(http_auth_handler_factory); | 34 DCHECK(http_auth_handler_factory); |
34 DCHECK(handler->get() == NULL); | 35 DCHECK(handler->get() == NULL); |
35 | 36 |
36 // Choose the challenge whose authentication handler gives the maximum score. | 37 // Choose the challenge whose authentication handler gives the maximum score. |
37 scoped_ptr<HttpAuthHandler> best; | 38 scoped_ptr<HttpAuthHandler> best; |
38 const std::string header_name = GetChallengeHeaderName(target); | 39 const std::string header_name = GetChallengeHeaderName(target); |
39 std::string cur_challenge; | 40 std::string cur_challenge; |
40 size_t iter = 0; | 41 size_t iter = 0; |
41 while (headers->EnumerateHeader(&iter, header_name, &cur_challenge)) { | 42 while (response_headers.EnumerateHeader(&iter, header_name, &cur_challenge)) { |
42 scoped_ptr<HttpAuthHandler> cur; | 43 scoped_ptr<HttpAuthHandler> cur; |
43 int rv = http_auth_handler_factory->CreateAuthHandlerFromString( | 44 int rv = http_auth_handler_factory->CreateAuthHandlerFromString( |
44 cur_challenge, target, origin, net_log, &cur); | 45 cur_challenge, target, ssl_info, origin, net_log, &cur); |
45 if (rv != OK) { | 46 if (rv != OK) { |
46 VLOG(1) << "Unable to create AuthHandler. Status: " | 47 VLOG(1) << "Unable to create AuthHandler. Status: " |
47 << ErrorToString(rv) << " Challenge: " << cur_challenge; | 48 << ErrorToString(rv) << " Challenge: " << cur_challenge; |
48 continue; | 49 continue; |
49 } | 50 } |
50 if (cur.get() && (!best.get() || best->score() < cur->score()) && | 51 if (cur.get() && (!best.get() || best->score() < cur->score()) && |
51 (disabled_schemes.find(cur->auth_scheme()) == disabled_schemes.end())) | 52 (disabled_schemes.find(cur->auth_scheme()) == disabled_schemes.end())) |
52 best.swap(cur); | 53 best.swap(cur); |
53 } | 54 } |
54 handler->swap(best); | 55 handler->swap(best); |
55 } | 56 } |
56 | 57 |
57 // static | 58 // static |
58 HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse( | 59 HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse( |
59 HttpAuthHandler* handler, | 60 HttpAuthHandler* handler, |
60 const HttpResponseHeaders* headers, | 61 const HttpResponseHeaders& response_headers, |
61 Target target, | 62 Target target, |
62 const std::set<Scheme>& disabled_schemes, | 63 const std::set<Scheme>& disabled_schemes, |
63 std::string* challenge_used) { | 64 std::string* challenge_used) { |
64 DCHECK(handler); | 65 DCHECK(handler); |
65 DCHECK(headers); | |
66 DCHECK(challenge_used); | 66 DCHECK(challenge_used); |
67 challenge_used->clear(); | 67 challenge_used->clear(); |
68 HttpAuth::Scheme current_scheme = handler->auth_scheme(); | 68 HttpAuth::Scheme current_scheme = handler->auth_scheme(); |
69 if (disabled_schemes.find(current_scheme) != disabled_schemes.end()) | 69 if (disabled_schemes.find(current_scheme) != disabled_schemes.end()) |
70 return HttpAuth::AUTHORIZATION_RESULT_REJECT; | 70 return HttpAuth::AUTHORIZATION_RESULT_REJECT; |
71 std::string current_scheme_name = SchemeToString(current_scheme); | 71 std::string current_scheme_name = SchemeToString(current_scheme); |
72 const std::string header_name = GetChallengeHeaderName(target); | 72 const std::string header_name = GetChallengeHeaderName(target); |
73 size_t iter = 0; | 73 size_t iter = 0; |
74 std::string challenge; | 74 std::string challenge; |
75 HttpAuth::AuthorizationResult authorization_result = | 75 HttpAuth::AuthorizationResult authorization_result = |
76 HttpAuth::AUTHORIZATION_RESULT_INVALID; | 76 HttpAuth::AUTHORIZATION_RESULT_INVALID; |
77 while (headers->EnumerateHeader(&iter, header_name, &challenge)) { | 77 while (response_headers.EnumerateHeader(&iter, header_name, &challenge)) { |
78 HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end()); | 78 HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end()); |
79 if (!base::LowerCaseEqualsASCII(props.scheme(), | 79 if (!base::LowerCaseEqualsASCII(props.scheme(), |
80 current_scheme_name.c_str())) | 80 current_scheme_name.c_str())) |
81 continue; | 81 continue; |
82 authorization_result = handler->HandleAnotherChallenge(&props); | 82 authorization_result = handler->HandleAnotherChallenge(&props); |
83 if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID) { | 83 if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID) { |
84 *challenge_used = challenge; | 84 *challenge_used = challenge; |
85 return authorization_result; | 85 return authorization_result; |
86 } | 86 } |
87 } | 87 } |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
136 static_assert(arraysize(kSchemeNames) == AUTH_SCHEME_MAX, | 136 static_assert(arraysize(kSchemeNames) == AUTH_SCHEME_MAX, |
137 "http auth scheme names incorrect size"); | 137 "http auth scheme names incorrect size"); |
138 if (scheme < AUTH_SCHEME_BASIC || scheme >= AUTH_SCHEME_MAX) { | 138 if (scheme < AUTH_SCHEME_BASIC || scheme >= AUTH_SCHEME_MAX) { |
139 NOTREACHED(); | 139 NOTREACHED(); |
140 return "invalid_scheme"; | 140 return "invalid_scheme"; |
141 } | 141 } |
142 return kSchemeNames[scheme]; | 142 return kSchemeNames[scheme]; |
143 } | 143 } |
144 | 144 |
145 } // namespace net | 145 } // namespace net |
OLD | NEW |