OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_HTTP_AUTH_H_ | 5 #ifndef NET_HTTP_HTTP_AUTH_H_ |
6 #define NET_HTTP_HTTP_AUTH_H_ | 6 #define NET_HTTP_HTTP_AUTH_H_ |
7 | 7 |
8 #include <set> | 8 #include <set> |
9 #include <string> | 9 #include <string> |
10 | 10 |
11 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
12 #include "net/base/auth.h" | 12 #include "net/base/auth.h" |
13 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
14 #include "net/http/http_util.h" | 14 #include "net/http/http_util.h" |
15 | 15 |
16 template <class T> class scoped_refptr; | 16 template <class T> class scoped_refptr; |
17 | 17 |
18 namespace net { | 18 namespace net { |
19 | 19 |
20 class BoundNetLog; | 20 class BoundNetLog; |
21 class HttpAuthHandler; | 21 class HttpAuthHandler; |
22 class HttpAuthHandlerFactory; | 22 class HttpAuthHandlerFactory; |
23 class HttpResponseHeaders; | 23 class HttpResponseInfo; |
24 | 24 |
25 // Utility class for http authentication. | 25 // Utility class for http authentication. |
26 class NET_EXPORT_PRIVATE HttpAuth { | 26 class NET_EXPORT_PRIVATE HttpAuth { |
27 public: | 27 public: |
28 // Http authentication can be done the the proxy server, origin server, | 28 // Http authentication can be done the the proxy server, origin server, |
29 // or both. This enum tracks who the target is. | 29 // or both. This enum tracks who the target is. |
30 enum Target { | 30 enum Target { |
31 AUTH_NONE = -1, | 31 AUTH_NONE = -1, |
32 // We depend on the valid targets (!= AUTH_NONE) being usable as indexes | 32 // We depend on the valid targets (!= AUTH_NONE) being usable as indexes |
33 // in an array, so start from 0. | 33 // in an array, so start from 0. |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
126 // we support. Obtains the implementation class for handling the challenge, | 126 // we support. Obtains the implementation class for handling the challenge, |
127 // and passes it back in |*handler|. If no supported challenge was found, | 127 // and passes it back in |*handler|. If no supported challenge was found, |
128 // |*handler| is set to NULL. | 128 // |*handler| is set to NULL. |
129 // | 129 // |
130 // |disabled_schemes| is the set of schemes that we should not use. | 130 // |disabled_schemes| is the set of schemes that we should not use. |
131 // | 131 // |
132 // |origin| is used by the NTLM and Negotiation authentication scheme to | 132 // |origin| is used by the NTLM and Negotiation authentication scheme to |
133 // construct the service principal name. It is ignored by other schemes. | 133 // construct the service principal name. It is ignored by other schemes. |
134 static void ChooseBestChallenge( | 134 static void ChooseBestChallenge( |
135 HttpAuthHandlerFactory* http_auth_handler_factory, | 135 HttpAuthHandlerFactory* http_auth_handler_factory, |
136 const HttpResponseHeaders* headers, | 136 const HttpResponseInfo& response_info, |
137 Target target, | 137 Target target, |
138 const GURL& origin, | 138 const GURL& origin, |
139 const std::set<Scheme>& disabled_schemes, | 139 const std::set<Scheme>& disabled_schemes, |
140 const BoundNetLog& net_log, | 140 const BoundNetLog& net_log, |
141 scoped_ptr<HttpAuthHandler>* handler); | 141 scoped_ptr<HttpAuthHandler>* handler); |
142 | 142 |
143 // Handle a 401/407 response from a server/proxy after a previous | 143 // Handle a 401/407 response from a server/proxy after a previous |
144 // authentication attempt. For connection-based authentication schemes, the | 144 // authentication attempt. For connection-based authentication schemes, the |
145 // new response may be another round in a multi-round authentication sequence. | 145 // new response may be another round in a multi-round authentication sequence. |
146 // For request-based schemes, a 401/407 response is typically treated like a | 146 // For request-based schemes, a 401/407 response is typically treated like a |
147 // rejection of the previous challenge, except in the Digest case when a | 147 // rejection of the previous challenge, except in the Digest case when a |
148 // "stale" attribute is present. | 148 // "stale" attribute is present. |
149 // | 149 // |
150 // |handler| must be non-NULL, and is the HttpAuthHandler from the previous | 150 // |handler| must be non-NULL, and is the HttpAuthHandler from the previous |
151 // authentication round. | 151 // authentication round. |
152 // | 152 // |
153 // |headers| must be non-NULL and contain the new HTTP response. | 153 // |headers| must be non-NULL and contain the new HTTP response. |
154 // | 154 // |
155 // |target| specifies whether the authentication challenge response came | 155 // |target| specifies whether the authentication challenge response came |
156 // from a server or a proxy. | 156 // from a server or a proxy. |
157 // | 157 // |
158 // |disabled_schemes| are the authentication schemes to ignore. | 158 // |disabled_schemes| are the authentication schemes to ignore. |
159 // | 159 // |
160 // |challenge_used| is the text of the authentication challenge used in | 160 // |challenge_used| is the text of the authentication challenge used in |
161 // support of the returned AuthorizationResult. If no headers were used for | 161 // support of the returned AuthorizationResult. If no headers were used for |
162 // the result (for example, all headers have unknown authentication schemes), | 162 // the result (for example, all headers have unknown authentication schemes), |
163 // the value is cleared. | 163 // the value is cleared. |
164 static AuthorizationResult HandleChallengeResponse( | 164 static AuthorizationResult HandleChallengeResponse( |
165 HttpAuthHandler* handler, | 165 HttpAuthHandler* handler, |
166 const HttpResponseHeaders* headers, | 166 const HttpResponseInfo& response_info, |
167 Target target, | 167 Target target, |
168 const std::set<Scheme>& disabled_schemes, | 168 const std::set<Scheme>& disabled_schemes, |
169 std::string* challenge_used); | 169 std::string* challenge_used); |
170 }; | 170 }; |
171 | 171 |
172 } // namespace net | 172 } // namespace net |
173 | 173 |
174 #endif // NET_HTTP_HTTP_AUTH_H_ | 174 #endif // NET_HTTP_HTTP_AUTH_H_ |
OLD | NEW |