Allow dynamic updating of authentication policies

net/http/http_auth_handler_factory.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_auth_handler_factory.h"
 
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "net/base/net_errors.h"
 #include "net/http/http_auth_challenge_tokenizer.h"
 #include "net/http/http_auth_filter.h"
 #include "net/http/http_auth_handler_basic.h"
 #include "net/http/http_auth_handler_digest.h"
 #include "net/http/http_auth_handler_ntlm.h"
 
 #if defined(USE_KERBEROS)
 #include "net/http/http_auth_handler_negotiate.h"
 #endif
 
 namespace net {
 
+static const char kBasic[] = "basic";

[Bernhard Bauer, 2015/10/23 08:15:41]

Static isn't necessary here, as const variables automatically get internal
linkage (and in any case, anonymous namespaces are prefered over static).

[aberent, 2015/10/23 15:40:33]

Done.

+static const char kDigest[] = "digest";
+static const char kNtlm[] = "ntlm";
+static const char kNegotiate[] = "negotiate";
+
 int HttpAuthHandlerFactory::CreateAuthHandlerFromString(
     const std::string& challenge,
     HttpAuth::Target target,
     const GURL& origin,
     const BoundNetLog& net_log,
     scoped_ptr<HttpAuthHandler>* handler) {
   HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end());
   return CreateAuthHandler(&props, target, origin, CREATE_CHALLENGE, 1,
                            net_log, handler);
 }
 
 int HttpAuthHandlerFactory::CreatePreemptiveAuthHandlerFromString(
     const std::string& challenge,
     HttpAuth::Target target,
     const GURL& origin,
     int digest_nonce_count,
     const BoundNetLog& net_log,
     scoped_ptr<HttpAuthHandler>* handler) {
   HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end());
   return CreateAuthHandler(&props, target, origin, CREATE_PREEMPTIVE,
                            digest_nonce_count, net_log, handler);
 }
 
 // static
 scoped_ptr<HttpAuthHandlerRegistryFactory>
 HttpAuthHandlerFactory::CreateDefault(HostResolver* host_resolver) {
   DCHECK(host_resolver);
   scoped_ptr<HttpAuthHandlerRegistryFactory> registry_factory =
       make_scoped_ptr(new HttpAuthHandlerRegistryFactory());
-  registry_factory->RegisterSchemeFactory(
-      "basic", new HttpAuthHandlerBasic::Factory());
-  registry_factory->RegisterSchemeFactory(
-      "digest", new HttpAuthHandlerDigest::Factory());
+  registry_factory->RegisterSchemeFactory(kBasic,
+                                          new HttpAuthHandlerBasic::Factory());
+  registry_factory->RegisterSchemeFactory(kDigest,
+                                          new HttpAuthHandlerDigest::Factory());
 
 // On Android Chrome needs an account type configured to enable Kerberos,
 // so the default factory should not include Kerberos.
 #if defined(USE_KERBEROS) && !defined(OS_ANDROID)
   HttpAuthHandlerNegotiate::Factory* negotiate_factory =
       new HttpAuthHandlerNegotiate::Factory();
 #if defined(OS_POSIX)
   negotiate_factory->set_library(new GSSAPISharedLibrary(std::string()));
 #elif defined(OS_WIN)
   negotiate_factory->set_library(new SSPILibraryDefault());
 #endif
   negotiate_factory->set_host_resolver(host_resolver);
-  registry_factory->RegisterSchemeFactory("negotiate", negotiate_factory);
+  registry_factory->RegisterSchemeFactory(kNegotiate, negotiate_factory);
 #endif  // defined(USE_KERBEROS) && !defined(OS_ANDROID)
 
   HttpAuthHandlerNTLM::Factory* ntlm_factory =
       new HttpAuthHandlerNTLM::Factory();
 #if defined(OS_WIN)
   ntlm_factory->set_sspi_library(new SSPILibraryDefault());
 #endif
-  registry_factory->RegisterSchemeFactory("ntlm", ntlm_factory);
+  registry_factory->RegisterSchemeFactory(kNtlm, ntlm_factory);
   return registry_factory;
 }
 
 namespace {
 
 bool IsSupportedScheme(const std::vector<std::string>& supported_schemes,
                        const std::string& scheme) {
   std::vector<std::string>::const_iterator it = std::find(
       supported_schemes.begin(), supported_schemes.end(), scheme);
   return it != supported_schemes.end();
@@ skipping 37 matching lines @@
   FactoryMap::const_iterator it = factory_map_.find(lower_scheme);
   if (it == factory_map_.end()) {
     return NULL;                  // |scheme| is not registered.
   }
   return it->second;
 }
 
 // static
 HttpAuthHandlerRegistryFactory* HttpAuthHandlerRegistryFactory::Create(
     const std::vector<std::string>& supported_schemes,
-    URLSecurityManager* security_manager,
     HostResolver* host_resolver,
-    const std::string& gssapi_library_name,
-    const std::string& auth_android_negotiate_account_type,
-    bool negotiate_disable_cname_lookup,
-    bool negotiate_enable_port) {
+    const std::string& gssapi_library_name) {
   HttpAuthHandlerRegistryFactory* registry_factory =
       new HttpAuthHandlerRegistryFactory();
-  if (IsSupportedScheme(supported_schemes, "basic"))
+  if (IsSupportedScheme(supported_schemes, kBasic))
     registry_factory->RegisterSchemeFactory(
-        "basic", new HttpAuthHandlerBasic::Factory());
-  if (IsSupportedScheme(supported_schemes, "digest"))
+        kBasic, new HttpAuthHandlerBasic::Factory());
+  if (IsSupportedScheme(supported_schemes, kDigest))
     registry_factory->RegisterSchemeFactory(
-        "digest", new HttpAuthHandlerDigest::Factory());
-  if (IsSupportedScheme(supported_schemes, "ntlm")) {
+        kDigest, new HttpAuthHandlerDigest::Factory());
+  if (IsSupportedScheme(supported_schemes, kNtlm)) {
     HttpAuthHandlerNTLM::Factory* ntlm_factory =
         new HttpAuthHandlerNTLM::Factory();
-    ntlm_factory->set_url_security_manager(security_manager);
 #if defined(OS_WIN)
     ntlm_factory->set_sspi_library(new SSPILibraryDefault());
 #endif
-    registry_factory->RegisterSchemeFactory("ntlm", ntlm_factory);
+    registry_factory->RegisterSchemeFactory(kNtlm, ntlm_factory);
   }
 #if defined(USE_KERBEROS)
-  if (IsSupportedScheme(supported_schemes, "negotiate")) {
+  if (IsSupportedScheme(supported_schemes, kNegotiate)) {
     HttpAuthHandlerNegotiate::Factory* negotiate_factory =
         new HttpAuthHandlerNegotiate::Factory();
-#if defined(OS_ANDROID)
-    negotiate_factory->set_library(&auth_android_negotiate_account_type);
-#elif defined(OS_POSIX)
+#if defined(OS_POSIX) && !defined(OS_ANDROID)
     negotiate_factory->set_library(
         new GSSAPISharedLibrary(gssapi_library_name));
 #elif defined(OS_WIN)
     negotiate_factory->set_library(new SSPILibraryDefault());
 #endif
-    negotiate_factory->set_url_security_manager(security_manager);
-    DCHECK(host_resolver || negotiate_disable_cname_lookup);
     negotiate_factory->set_host_resolver(host_resolver);
-    negotiate_factory->set_disable_cname_lookup(negotiate_disable_cname_lookup);
-    negotiate_factory->set_use_port(negotiate_enable_port);
-    registry_factory->RegisterSchemeFactory("negotiate", negotiate_factory);
+    registry_factory->RegisterSchemeFactory(kNegotiate, negotiate_factory);
   }
 #endif  // defined(USE_KERBEROS)
 
   return registry_factory;
 }
 
 int HttpAuthHandlerRegistryFactory::CreateAuthHandler(
     HttpAuthChallengeTokenizer* challenge,
     HttpAuth::Target target,
     const GURL& origin,
@@ skipping 10 matching lines @@
   FactoryMap::iterator it = factory_map_.find(lower_scheme);
   if (it == factory_map_.end()) {
     handler->reset();
     return ERR_UNSUPPORTED_AUTH_SCHEME;
   }
   DCHECK(it->second);
   return it->second->CreateAuthHandler(challenge, target, origin, reason,
                                        digest_nonce_count, net_log, handler);
 }
 
+void HttpAuthHandlerRegistryFactory::SetSecurityManager(
+    URLSecurityManager* security_manager) {
+  HttpAuthHandlerFactory* ntlm_factory = GetSchemeFactory(kNtlm);
+  if (ntlm_factory)
+    ntlm_factory->set_url_security_manager(security_manager);
+  HttpAuthHandlerFactory* negotiate_factory = GetSchemeFactory(kNegotiate);
+  if (negotiate_factory)
+    negotiate_factory->set_url_security_manager(security_manager);
+}
+
+void HttpAuthHandlerRegistryFactory::SetAndroidAuthNegotiateAccountType(
+    const std::string& account_type) {
+#if defined(OS_ANDROID)
+  auto negotiate_factory = static_cast<HttpAuthHandlerNegotiate::Factory*>(
+      GetSchemeFactory(kNegotiate));
+  if (negotiate_factory)
+    negotiate_factory->set_library(&account_type);
+#endif
+}
+
+void HttpAuthHandlerRegistryFactory::SetNegotiateDisableCnameLookup(
+    bool negotiate_disable_cname_lookup) {
+  auto negotiate_factory = static_cast<HttpAuthHandlerNegotiate::Factory*>(
+      GetSchemeFactory(kNegotiate));
+  if (negotiate_factory)
+    negotiate_factory->set_disable_cname_lookup(negotiate_disable_cname_lookup);
+}
+
+void HttpAuthHandlerRegistryFactory::SetNegotiateEnablePort(
+    bool negotiate_enable_port) {
+  auto negotiate_factory = static_cast<HttpAuthHandlerNegotiate::Factory*>(
+      GetSchemeFactory(kNegotiate));
+  if (negotiate_factory)
+    negotiate_factory->set_use_port(negotiate_enable_port);
+}
+
 }  // namespace net