Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(71)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_auth_handler_digest.cc

Issue 1414313002: Allow dynamic updating of authentication policies (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix IOS compile problem - attempt 3 Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/android/http_auth_negotiate_android.cc ('K') | « net/http/http_auth_handler_basic.cc ('k') | net/http/http_auth_handler_factory.h » ('j') | net/http/http_auth_handler_factory.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/http_auth_handler_digest.h" 5 #include "net/http/http_auth_handler_digest.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/md5.h" 10 #include "base/md5.h"
11 #include "base/rand_util.h" 11 #include "base/rand_util.h"
12 #include "base/strings/string_util.h" 12 #include "base/strings/string_util.h"
13 #include "base/strings/stringprintf.h" 13 #include "base/strings/stringprintf.h"
14 #include "base/strings/utf_string_conversions.h" 14 #include "base/strings/utf_string_conversions.h"
15 #include "net/base/net_errors.h" 15 #include "net/base/net_errors.h"
16 #include "net/base/net_string_util.h" 16 #include "net/base/net_string_util.h"
17 #include "net/base/net_util.h" 17 #include "net/base/net_util.h"
18 #include "net/http/http_auth.h" 18 #include "net/http/http_auth.h"
19 #include "net/http/http_auth_challenge_tokenizer.h" 19 #include "net/http/http_auth_challenge_tokenizer.h"
20 #include "net/http/http_auth_scheme.h"
20 #include "net/http/http_request_info.h" 21 #include "net/http/http_request_info.h"
21 #include "net/http/http_util.h" 22 #include "net/http/http_util.h"
22 #include "url/gurl.h" 23 #include "url/gurl.h"
23 24
24 namespace net { 25 namespace net {
25 26
26 // Digest authentication is specified in RFC 2617. 27 // Digest authentication is specified in RFC 2617.
27 // The expanded derivations are listed in the tables below. 28 // The expanded derivations are listed in the tables below.
28 29
29 //==========+==========+==========================================+ 30 //==========+==========+==========================================+
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
106 handler->swap(tmp_handler); 107 handler->swap(tmp_handler);
107 return OK; 108 return OK;
108 } 109 }
109 110
110 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( 111 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge(
111 HttpAuthChallengeTokenizer* challenge) { 112 HttpAuthChallengeTokenizer* challenge) {
112 // Even though Digest is not connection based, a "second round" is parsed 113 // Even though Digest is not connection based, a "second round" is parsed
113 // to differentiate between stale and rejected responses. 114 // to differentiate between stale and rejected responses.
114 // Note that the state of the current handler is not mutated - this way if 115 // Note that the state of the current handler is not mutated - this way if
115 // there is a rejection the realm hasn't changed. 116 // there is a rejection the realm hasn't changed.
116 if (!base::LowerCaseEqualsASCII(challenge->scheme(), "digest")) 117 if (!base::LowerCaseEqualsASCII(challenge->scheme(), kDigestAuthScheme))
117 return HttpAuth::AUTHORIZATION_RESULT_INVALID; 118 return HttpAuth::AUTHORIZATION_RESULT_INVALID;
118 119
119 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); 120 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs();
120 121
121 // Try to find the "stale" value, and also keep track of the realm 122 // Try to find the "stale" value, and also keep track of the realm
122 // for the new challenge. 123 // for the new challenge.
123 std::string original_realm; 124 std::string original_realm;
124 while (parameters.GetNext()) { 125 while (parameters.GetNext()) {
125 if (base::LowerCaseEqualsASCII(parameters.name(), "stale")) { 126 if (base::LowerCaseEqualsASCII(parameters.name(), "stale")) {
126 if (base::LowerCaseEqualsASCII(parameters.value(), "true")) 127 if (base::LowerCaseEqualsASCII(parameters.value(), "true"))
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
192 score_ = 2; 193 score_ = 2;
193 properties_ = ENCRYPTS_IDENTITY; 194 properties_ = ENCRYPTS_IDENTITY;
194 195
195 // Initialize to defaults. 196 // Initialize to defaults.
196 stale_ = false; 197 stale_ = false;
197 algorithm_ = ALGORITHM_UNSPECIFIED; 198 algorithm_ = ALGORITHM_UNSPECIFIED;
198 qop_ = QOP_UNSPECIFIED; 199 qop_ = QOP_UNSPECIFIED;
199 realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string(); 200 realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string();
200 201
201 // FAIL -- Couldn't match auth-scheme. 202 // FAIL -- Couldn't match auth-scheme.
202 if (!base::LowerCaseEqualsASCII(challenge->scheme(), "digest")) 203 if (!base::LowerCaseEqualsASCII(challenge->scheme(), kDigestAuthScheme))
203 return false; 204 return false;
204 205
205 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); 206 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs();
206 207
207 // Loop through all the properties. 208 // Loop through all the properties.
208 while (parameters.GetNext()) { 209 while (parameters.GetNext()) {
209 // FAIL -- couldn't parse a property. 210 // FAIL -- couldn't parse a property.
210 if (!ParseChallengeProperty(parameters.name(), 211 if (!ParseChallengeProperty(parameters.name(),
211 parameters.value())) 212 parameters.value()))
212 return false; 213 return false;
(...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after
374 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. 375 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop.
375 authorization += ", qop=" + QopToString(qop_); 376 authorization += ", qop=" + QopToString(qop_);
376 authorization += ", nc=" + nc; 377 authorization += ", nc=" + nc;
377 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); 378 authorization += ", cnonce=" + HttpUtil::Quote(cnonce);
378 } 379 }
379 380
380 return authorization; 381 return authorization;
381 } 382 }
382 383
383 } // namespace net 384 } // namespace net
OLDNEW
« net/android/http_auth_negotiate_android.cc ('K') | « net/http/http_auth_handler_basic.cc ('k') | net/http/http_auth_handler_factory.h » ('j') | net/http/http_auth_handler_factory.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698