OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth_handler_digest.h" | 5 #include "net/http/http_auth_handler_digest.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/md5.h" | 10 #include "base/md5.h" |
11 #include "base/rand_util.h" | 11 #include "base/rand_util.h" |
12 #include "base/strings/string_util.h" | 12 #include "base/strings/string_util.h" |
13 #include "base/strings/stringprintf.h" | 13 #include "base/strings/stringprintf.h" |
14 #include "base/strings/utf_string_conversions.h" | 14 #include "base/strings/utf_string_conversions.h" |
15 #include "net/base/net_errors.h" | 15 #include "net/base/net_errors.h" |
16 #include "net/base/net_string_util.h" | 16 #include "net/base/net_string_util.h" |
17 #include "net/base/net_util.h" | 17 #include "net/base/net_util.h" |
18 #include "net/http/http_auth.h" | 18 #include "net/http/http_auth.h" |
19 #include "net/http/http_auth_challenge_tokenizer.h" | 19 #include "net/http/http_auth_challenge_tokenizer.h" |
| 20 #include "net/http/http_auth_scheme.h" |
20 #include "net/http/http_request_info.h" | 21 #include "net/http/http_request_info.h" |
21 #include "net/http/http_util.h" | 22 #include "net/http/http_util.h" |
22 #include "url/gurl.h" | 23 #include "url/gurl.h" |
23 | 24 |
24 namespace net { | 25 namespace net { |
25 | 26 |
26 // Digest authentication is specified in RFC 2617. | 27 // Digest authentication is specified in RFC 2617. |
27 // The expanded derivations are listed in the tables below. | 28 // The expanded derivations are listed in the tables below. |
28 | 29 |
29 //==========+==========+==========================================+ | 30 //==========+==========+==========================================+ |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
106 handler->swap(tmp_handler); | 107 handler->swap(tmp_handler); |
107 return OK; | 108 return OK; |
108 } | 109 } |
109 | 110 |
110 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( | 111 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( |
111 HttpAuthChallengeTokenizer* challenge) { | 112 HttpAuthChallengeTokenizer* challenge) { |
112 // Even though Digest is not connection based, a "second round" is parsed | 113 // Even though Digest is not connection based, a "second round" is parsed |
113 // to differentiate between stale and rejected responses. | 114 // to differentiate between stale and rejected responses. |
114 // Note that the state of the current handler is not mutated - this way if | 115 // Note that the state of the current handler is not mutated - this way if |
115 // there is a rejection the realm hasn't changed. | 116 // there is a rejection the realm hasn't changed. |
116 if (!base::LowerCaseEqualsASCII(challenge->scheme(), "digest")) | 117 if (!base::LowerCaseEqualsASCII(challenge->scheme(), kDigestAuthScheme)) |
117 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 118 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
118 | 119 |
119 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); | 120 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); |
120 | 121 |
121 // Try to find the "stale" value, and also keep track of the realm | 122 // Try to find the "stale" value, and also keep track of the realm |
122 // for the new challenge. | 123 // for the new challenge. |
123 std::string original_realm; | 124 std::string original_realm; |
124 while (parameters.GetNext()) { | 125 while (parameters.GetNext()) { |
125 if (base::LowerCaseEqualsASCII(parameters.name(), "stale")) { | 126 if (base::LowerCaseEqualsASCII(parameters.name(), "stale")) { |
126 if (base::LowerCaseEqualsASCII(parameters.value(), "true")) | 127 if (base::LowerCaseEqualsASCII(parameters.value(), "true")) |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
192 score_ = 2; | 193 score_ = 2; |
193 properties_ = ENCRYPTS_IDENTITY; | 194 properties_ = ENCRYPTS_IDENTITY; |
194 | 195 |
195 // Initialize to defaults. | 196 // Initialize to defaults. |
196 stale_ = false; | 197 stale_ = false; |
197 algorithm_ = ALGORITHM_UNSPECIFIED; | 198 algorithm_ = ALGORITHM_UNSPECIFIED; |
198 qop_ = QOP_UNSPECIFIED; | 199 qop_ = QOP_UNSPECIFIED; |
199 realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string(); | 200 realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string(); |
200 | 201 |
201 // FAIL -- Couldn't match auth-scheme. | 202 // FAIL -- Couldn't match auth-scheme. |
202 if (!base::LowerCaseEqualsASCII(challenge->scheme(), "digest")) | 203 if (!base::LowerCaseEqualsASCII(challenge->scheme(), kDigestAuthScheme)) |
203 return false; | 204 return false; |
204 | 205 |
205 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); | 206 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); |
206 | 207 |
207 // Loop through all the properties. | 208 // Loop through all the properties. |
208 while (parameters.GetNext()) { | 209 while (parameters.GetNext()) { |
209 // FAIL -- couldn't parse a property. | 210 // FAIL -- couldn't parse a property. |
210 if (!ParseChallengeProperty(parameters.name(), | 211 if (!ParseChallengeProperty(parameters.name(), |
211 parameters.value())) | 212 parameters.value())) |
212 return false; | 213 return false; |
(...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
374 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. | 375 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. |
375 authorization += ", qop=" + QopToString(qop_); | 376 authorization += ", qop=" + QopToString(qop_); |
376 authorization += ", nc=" + nc; | 377 authorization += ", nc=" + nc; |
377 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); | 378 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); |
378 } | 379 } |
379 | 380 |
380 return authorization; | 381 return authorization; |
381 } | 382 } |
382 | 383 |
383 } // namespace net | 384 } // namespace net |
OLD | NEW |