Support tls-server-end-point channel bindings for HTTP authentication.

net/http/http_auth_handler.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_H_
 #define NET_HTTP_HTTP_AUTH_HANDLER_H_
 
 #include <string>
 
 #include "net/base/completion_callback.h"
 #include "net/base/net_export.h"
 #include "net/http/http_auth.h"
 #include "net/log/net_log.h"
 
 namespace net {
 
 class HttpAuthChallengeTokenizer;
 struct HttpRequestInfo;
+class SSLInfo;
 
 // HttpAuthHandler is the interface for the authentication schemes
 // (basic, digest, NTLM, Negotiate).
 // HttpAuthHandler objects are typically created by an HttpAuthHandlerFactory.
 class NET_EXPORT_PRIVATE HttpAuthHandler {
  public:
   HttpAuthHandler();
   virtual ~HttpAuthHandler();
 
   // Initializes the handler using a challenge issued by a server.
   // |challenge| must be non-NULL and have already tokenized the
   // authentication scheme, but none of the tokens occurring after the
   // authentication scheme. |target| and |origin| are both stored
   // for later use, and are not part of the initial challenge.
   bool InitFromChallenge(HttpAuthChallengeTokenizer* challenge,
                          HttpAuth::Target target,
+                         const SSLInfo& ssl_info,
                          const GURL& origin,
                          const BoundNetLog& net_log);
 
   // Determines how the previous authorization attempt was received.
   //
   // This is called when the server/proxy responds with a 401/407 after an
   // earlier authorization attempt. Although this normally means that the
   // previous attempt was rejected, in multi-round schemes such as
   // NTLM+Negotiate it may indicate that another round of challenge+response
   // is required. For Digest authentication it may also mean that the previous
@@ skipping 96 matching lines @@
  protected:
   enum Property {
     ENCRYPTS_IDENTITY = 1 << 0,
     IS_CONNECTION_BASED = 1 << 1,
   };
 
   // Initializes the handler using a challenge issued by a server.
   // |challenge| must be non-NULL and have already tokenized the
   // authentication scheme, but none of the tokens occurring after the
   // authentication scheme.
+  //
+  // If the request was sent over an encrypted connection, |ssl_info| is valid
+  // and describes the connection.
+  //
   // Implementations are expected to initialize the following members:
   // scheme_, realm_, score_, properties_
-  virtual bool Init(HttpAuthChallengeTokenizer* challenge) = 0;
+  virtual bool Init(HttpAuthChallengeTokenizer* challenge,
+                    const SSLInfo& ssl_info) = 0;
 
   // |GenerateAuthTokenImpl()} is the auth-scheme specific implementation
   // of generating the next auth token. Callers should use |GenerateAuthToken()|
   // which will in turn call |GenerateAuthTokenImpl()|
   virtual int GenerateAuthTokenImpl(const AuthCredentials* credentials,
                                     const HttpRequestInfo* request,
                                     const CompletionCallback& callback,
                                     std::string* auth_token) = 0;
 
   // The auth-scheme as an enumerated value.
@@ skipping 24 matching lines @@
  private:
   void OnGenerateAuthTokenComplete(int rv);
   void FinishGenerateAuthToken();
 
   CompletionCallback callback_;
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_HTTP_AUTH_HANDLER_H_