OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth_handler_digest.h" | 5 #include "net/http/http_auth_handler_digest.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/md5.h" | 10 #include "base/md5.h" |
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
86 } | 86 } |
87 | 87 |
88 void HttpAuthHandlerDigest::Factory::set_nonce_generator( | 88 void HttpAuthHandlerDigest::Factory::set_nonce_generator( |
89 const NonceGenerator* nonce_generator) { | 89 const NonceGenerator* nonce_generator) { |
90 nonce_generator_.reset(nonce_generator); | 90 nonce_generator_.reset(nonce_generator); |
91 } | 91 } |
92 | 92 |
93 int HttpAuthHandlerDigest::Factory::CreateAuthHandler( | 93 int HttpAuthHandlerDigest::Factory::CreateAuthHandler( |
94 HttpAuthChallengeTokenizer* challenge, | 94 HttpAuthChallengeTokenizer* challenge, |
95 HttpAuth::Target target, | 95 HttpAuth::Target target, |
| 96 const SSLInfo& ssl_info, |
96 const GURL& origin, | 97 const GURL& origin, |
97 CreateReason reason, | 98 CreateReason reason, |
98 int digest_nonce_count, | 99 int digest_nonce_count, |
99 const BoundNetLog& net_log, | 100 const BoundNetLog& net_log, |
100 scoped_ptr<HttpAuthHandler>* handler) { | 101 scoped_ptr<HttpAuthHandler>* handler) { |
101 // TODO(cbentzel): Move towards model of parsing in the factory | 102 // TODO(cbentzel): Move towards model of parsing in the factory |
102 // method and only constructing when valid. | 103 // method and only constructing when valid. |
103 scoped_ptr<HttpAuthHandler> tmp_handler( | 104 scoped_ptr<HttpAuthHandler> tmp_handler( |
104 new HttpAuthHandlerDigest(digest_nonce_count, nonce_generator_.get())); | 105 new HttpAuthHandlerDigest(digest_nonce_count, nonce_generator_.get())); |
105 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log)) | 106 if (!tmp_handler->InitFromChallenge(challenge, target, ssl_info, origin, |
| 107 net_log)) |
106 return ERR_INVALID_RESPONSE; | 108 return ERR_INVALID_RESPONSE; |
107 handler->swap(tmp_handler); | 109 handler->swap(tmp_handler); |
108 return OK; | 110 return OK; |
109 } | 111 } |
110 | 112 |
111 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( | 113 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( |
112 HttpAuthChallengeTokenizer* challenge) { | 114 HttpAuthChallengeTokenizer* challenge) { |
113 // Even though Digest is not connection based, a "second round" is parsed | 115 // Even though Digest is not connection based, a "second round" is parsed |
114 // to differentiate between stale and rejected responses. | 116 // to differentiate between stale and rejected responses. |
115 // Note that the state of the current handler is not mutated - this way if | 117 // Note that the state of the current handler is not mutated - this way if |
(...skipping 12 matching lines...) Expand all Loading... |
128 return HttpAuth::AUTHORIZATION_RESULT_STALE; | 130 return HttpAuth::AUTHORIZATION_RESULT_STALE; |
129 } else if (base::LowerCaseEqualsASCII(parameters.name(), "realm")) { | 131 } else if (base::LowerCaseEqualsASCII(parameters.name(), "realm")) { |
130 original_realm = parameters.value(); | 132 original_realm = parameters.value(); |
131 } | 133 } |
132 } | 134 } |
133 return (original_realm_ != original_realm) ? | 135 return (original_realm_ != original_realm) ? |
134 HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM : | 136 HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM : |
135 HttpAuth::AUTHORIZATION_RESULT_REJECT; | 137 HttpAuth::AUTHORIZATION_RESULT_REJECT; |
136 } | 138 } |
137 | 139 |
138 bool HttpAuthHandlerDigest::Init(HttpAuthChallengeTokenizer* challenge) { | 140 bool HttpAuthHandlerDigest::Init(HttpAuthChallengeTokenizer* challenge, |
| 141 const SSLInfo& ssl_info) { |
139 return ParseChallenge(challenge); | 142 return ParseChallenge(challenge); |
140 } | 143 } |
141 | 144 |
142 int HttpAuthHandlerDigest::GenerateAuthTokenImpl( | 145 int HttpAuthHandlerDigest::GenerateAuthTokenImpl( |
143 const AuthCredentials* credentials, const HttpRequestInfo* request, | 146 const AuthCredentials* credentials, const HttpRequestInfo* request, |
144 const CompletionCallback& callback, std::string* auth_token) { | 147 const CompletionCallback& callback, std::string* auth_token) { |
145 // Generate a random client nonce. | 148 // Generate a random client nonce. |
146 std::string cnonce = nonce_generator_->GenerateNonce(); | 149 std::string cnonce = nonce_generator_->GenerateNonce(); |
147 | 150 |
148 // Extract the request method and path -- the meaning of 'path' is overloaded | 151 // Extract the request method and path -- the meaning of 'path' is overloaded |
(...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
375 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. | 378 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. |
376 authorization += ", qop=" + QopToString(qop_); | 379 authorization += ", qop=" + QopToString(qop_); |
377 authorization += ", nc=" + nc; | 380 authorization += ", nc=" + nc; |
378 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); | 381 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); |
379 } | 382 } |
380 | 383 |
381 return authorization; | 384 return authorization; |
382 } | 385 } |
383 | 386 |
384 } // namespace net | 387 } // namespace net |
OLD | NEW |