OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth_handler_factory.h" | 5 #include "net/http/http_auth_handler_factory.h" |
6 | 6 |
7 #include "base/stl_util.h" | 7 #include "base/stl_util.h" |
8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
9 #include "net/base/net_errors.h" | 9 #include "net/base/net_errors.h" |
10 #include "net/http/http_auth_challenge_tokenizer.h" | 10 #include "net/http/http_auth_challenge_tokenizer.h" |
11 #include "net/http/http_auth_filter.h" | 11 #include "net/http/http_auth_filter.h" |
12 #include "net/http/http_auth_handler_basic.h" | 12 #include "net/http/http_auth_handler_basic.h" |
13 #include "net/http/http_auth_handler_digest.h" | 13 #include "net/http/http_auth_handler_digest.h" |
14 #include "net/http/http_auth_handler_ntlm.h" | 14 #include "net/http/http_auth_handler_ntlm.h" |
15 #include "net/http/http_auth_preferences.h" | |
16 #include "net/http/http_auth_scheme.h" | |
15 | 17 |
16 #if defined(USE_KERBEROS) | 18 #if defined(USE_KERBEROS) |
17 #include "net/http/http_auth_handler_negotiate.h" | 19 #include "net/http/http_auth_handler_negotiate.h" |
18 #endif | 20 #endif |
19 | 21 |
20 namespace net { | 22 namespace net { |
21 | 23 |
22 int HttpAuthHandlerFactory::CreateAuthHandlerFromString( | 24 int HttpAuthHandlerFactory::CreateAuthHandlerFromString( |
23 const std::string& challenge, | 25 const std::string& challenge, |
24 HttpAuth::Target target, | 26 HttpAuth::Target target, |
(...skipping 10 matching lines...) Expand all Loading... | |
35 HttpAuth::Target target, | 37 HttpAuth::Target target, |
36 const GURL& origin, | 38 const GURL& origin, |
37 int digest_nonce_count, | 39 int digest_nonce_count, |
38 const BoundNetLog& net_log, | 40 const BoundNetLog& net_log, |
39 scoped_ptr<HttpAuthHandler>* handler) { | 41 scoped_ptr<HttpAuthHandler>* handler) { |
40 HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end()); | 42 HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end()); |
41 return CreateAuthHandler(&props, target, origin, CREATE_PREEMPTIVE, | 43 return CreateAuthHandler(&props, target, origin, CREATE_PREEMPTIVE, |
42 digest_nonce_count, net_log, handler); | 44 digest_nonce_count, net_log, handler); |
43 } | 45 } |
44 | 46 |
45 // static | |
46 scoped_ptr<HttpAuthHandlerRegistryFactory> | |
47 HttpAuthHandlerFactory::CreateDefault(HostResolver* host_resolver) { | |
48 DCHECK(host_resolver); | |
49 scoped_ptr<HttpAuthHandlerRegistryFactory> registry_factory = | |
50 make_scoped_ptr(new HttpAuthHandlerRegistryFactory()); | |
51 registry_factory->RegisterSchemeFactory( | |
52 "basic", new HttpAuthHandlerBasic::Factory()); | |
53 registry_factory->RegisterSchemeFactory( | |
54 "digest", new HttpAuthHandlerDigest::Factory()); | |
55 | |
56 // On Android Chrome needs an account type configured to enable Kerberos, | |
57 // so the default factory should not include Kerberos. | |
58 #if defined(USE_KERBEROS) && !defined(OS_ANDROID) | |
59 HttpAuthHandlerNegotiate::Factory* negotiate_factory = | |
60 new HttpAuthHandlerNegotiate::Factory(); | |
61 #if defined(OS_POSIX) | |
62 negotiate_factory->set_library(new GSSAPISharedLibrary(std::string())); | |
63 #elif defined(OS_WIN) | |
64 negotiate_factory->set_library(new SSPILibraryDefault()); | |
65 #endif | |
66 negotiate_factory->set_host_resolver(host_resolver); | |
67 registry_factory->RegisterSchemeFactory("negotiate", negotiate_factory); | |
68 #endif // defined(USE_KERBEROS) && !defined(OS_ANDROID) | |
69 | |
70 HttpAuthHandlerNTLM::Factory* ntlm_factory = | |
71 new HttpAuthHandlerNTLM::Factory(); | |
72 #if defined(OS_WIN) | |
73 ntlm_factory->set_sspi_library(new SSPILibraryDefault()); | |
74 #endif | |
75 registry_factory->RegisterSchemeFactory("ntlm", ntlm_factory); | |
76 return registry_factory; | |
77 } | |
78 | 47 |
79 namespace { | 48 namespace { |
80 | 49 |
50 const char* const kDefaultAuthSchemes[] = {kBasicAuthScheme, kDigestAuthScheme, | |
51 #if defined(USE_KERBEROS) && !defined(OS_ANDROID) | |
52 kNegotiateAuthScheme, | |
53 #endif | |
54 kNtlmAuthScheme}; | |
55 | |
81 bool IsSupportedScheme(const std::vector<std::string>& supported_schemes, | 56 bool IsSupportedScheme(const std::vector<std::string>& supported_schemes, |
82 const std::string& scheme) { | 57 const std::string& scheme) { |
83 std::vector<std::string>::const_iterator it = std::find( | 58 std::vector<std::string>::const_iterator it = std::find( |
84 supported_schemes.begin(), supported_schemes.end(), scheme); | 59 supported_schemes.begin(), supported_schemes.end(), scheme); |
85 return it != supported_schemes.end(); | 60 return it != supported_schemes.end(); |
86 } | 61 } |
87 | 62 |
63 // Create a registry factory. Note that |prefs| may be a temporary, and | |
64 // should only be used to create the factories. It should not be passed | |
65 // to the registry factory or its children as the preferences they should | |
66 // use. | |
67 scoped_ptr<HttpAuthHandlerRegistryFactory> CreateAuthHandlerRegistryFactory( | |
68 const HttpAuthPreferences& prefs, | |
69 HostResolver* host_resolver) { | |
70 scoped_ptr<HttpAuthHandlerRegistryFactory> registry_factory( | |
71 new HttpAuthHandlerRegistryFactory()); | |
72 if (IsSupportedScheme(prefs.AuthSchemes(), kBasicAuthScheme)) | |
asanka
2015/12/01 05:30:03
Each of these AuthSchemes() calls constructs and d
aberent
2015/12/01 14:33:25
Removed this by making IsSupportedScheme a HttpAut
| |
73 registry_factory->RegisterSchemeFactory( | |
74 kBasicAuthScheme, new HttpAuthHandlerBasic::Factory()); | |
75 if (IsSupportedScheme(prefs.AuthSchemes(), kDigestAuthScheme)) | |
76 registry_factory->RegisterSchemeFactory( | |
77 kDigestAuthScheme, new HttpAuthHandlerDigest::Factory()); | |
78 if (IsSupportedScheme(prefs.AuthSchemes(), kNtlmAuthScheme)) { | |
79 HttpAuthHandlerNTLM::Factory* ntlm_factory = | |
80 new HttpAuthHandlerNTLM::Factory(); | |
81 #if defined(OS_WIN) | |
82 ntlm_factory->set_sspi_library(new SSPILibraryDefault()); | |
83 #endif // defined(OS_WIN) | |
84 registry_factory->RegisterSchemeFactory(kNtlmAuthScheme, ntlm_factory); | |
85 } | |
86 #if defined(USE_KERBEROS) | |
87 if (IsSupportedScheme(prefs.AuthSchemes(), kNegotiateAuthScheme)) { | |
88 DCHECK(host_resolver); | |
89 HttpAuthHandlerNegotiate::Factory* negotiate_factory = | |
90 new HttpAuthHandlerNegotiate::Factory(); | |
91 #if defined(OS_WIN) | |
92 negotiate_factory->set_library(make_scoped_ptr(new SSPILibraryDefault())); | |
93 #elif defined(OS_POSIX) && !defined(OS_ANDROID) | |
94 negotiate_factory->set_library( | |
95 make_scoped_ptr(new GSSAPISharedLibrary(prefs.GssapiLibraryName()))); | |
96 #endif // defined(OS_POSIX) && !defined(OS_ANDROID) | |
97 negotiate_factory->set_host_resolver(host_resolver); | |
98 registry_factory->RegisterSchemeFactory(kNegotiateAuthScheme, | |
99 negotiate_factory); | |
100 } | |
101 #endif // defined(USE_KERBEROS) | |
102 return registry_factory; | |
103 } | |
104 | |
88 } // namespace | 105 } // namespace |
89 | 106 |
90 HttpAuthHandlerRegistryFactory::HttpAuthHandlerRegistryFactory() { | 107 HttpAuthHandlerRegistryFactory::HttpAuthHandlerRegistryFactory() { |
91 } | 108 } |
92 | 109 |
93 HttpAuthHandlerRegistryFactory::~HttpAuthHandlerRegistryFactory() { | 110 HttpAuthHandlerRegistryFactory::~HttpAuthHandlerRegistryFactory() { |
94 STLDeleteContainerPairSecondPointers(factory_map_.begin(), | 111 STLDeleteContainerPairSecondPointers(factory_map_.begin(), |
95 factory_map_.end()); | 112 factory_map_.end()); |
96 } | 113 } |
97 | 114 |
98 void HttpAuthHandlerRegistryFactory::SetURLSecurityManager( | 115 void HttpAuthHandlerRegistryFactory::SetHttpAuthPreferences( |
99 const std::string& scheme, | 116 const std::string& scheme, |
100 URLSecurityManager* security_manager) { | 117 const HttpAuthPreferences* prefs) { |
101 HttpAuthHandlerFactory* factory = GetSchemeFactory(scheme); | 118 HttpAuthHandlerFactory* factory = GetSchemeFactory(scheme); |
102 if (factory) | 119 if (factory) |
103 factory->set_url_security_manager(security_manager); | 120 factory->set_http_auth_preferences(prefs); |
104 } | 121 } |
105 | 122 |
106 void HttpAuthHandlerRegistryFactory::RegisterSchemeFactory( | 123 void HttpAuthHandlerRegistryFactory::RegisterSchemeFactory( |
107 const std::string& scheme, | 124 const std::string& scheme, |
108 HttpAuthHandlerFactory* factory) { | 125 HttpAuthHandlerFactory* factory) { |
126 factory->set_http_auth_preferences(http_auth_preferences()); | |
109 std::string lower_scheme = base::ToLowerASCII(scheme); | 127 std::string lower_scheme = base::ToLowerASCII(scheme); |
110 FactoryMap::iterator it = factory_map_.find(lower_scheme); | 128 FactoryMap::iterator it = factory_map_.find(lower_scheme); |
111 if (it != factory_map_.end()) { | 129 if (it != factory_map_.end()) { |
112 delete it->second; | 130 delete it->second; |
113 } | 131 } |
114 if (factory) | 132 if (factory) |
115 factory_map_[lower_scheme] = factory; | 133 factory_map_[lower_scheme] = factory; |
116 else | 134 else |
117 factory_map_.erase(it); | 135 factory_map_.erase(it); |
118 } | 136 } |
119 | 137 |
120 HttpAuthHandlerFactory* HttpAuthHandlerRegistryFactory::GetSchemeFactory( | 138 HttpAuthHandlerFactory* HttpAuthHandlerRegistryFactory::GetSchemeFactory( |
121 const std::string& scheme) const { | 139 const std::string& scheme) const { |
122 std::string lower_scheme = base::ToLowerASCII(scheme); | 140 std::string lower_scheme = base::ToLowerASCII(scheme); |
123 FactoryMap::const_iterator it = factory_map_.find(lower_scheme); | 141 FactoryMap::const_iterator it = factory_map_.find(lower_scheme); |
124 if (it == factory_map_.end()) { | 142 if (it == factory_map_.end()) { |
125 return NULL; // |scheme| is not registered. | 143 return NULL; // |scheme| is not registered. |
126 } | 144 } |
127 return it->second; | 145 return it->second; |
128 } | 146 } |
129 | 147 |
130 // static | 148 // static |
131 HttpAuthHandlerRegistryFactory* HttpAuthHandlerRegistryFactory::Create( | 149 scoped_ptr<HttpAuthHandlerRegistryFactory> |
132 const std::vector<std::string>& supported_schemes, | 150 HttpAuthHandlerFactory::CreateDefault(HostResolver* host_resolver) { |
133 URLSecurityManager* security_manager, | 151 std::vector<std::string> auth_types( |
134 HostResolver* host_resolver, | 152 kDefaultAuthSchemes, |
asanka
2015/12/01 05:30:03
std::begin() / std::end()
aberent
2015/12/01 14:33:25
Done.
| |
135 const std::string& gssapi_library_name, | 153 kDefaultAuthSchemes + arraysize(kDefaultAuthSchemes)); |
136 const std::string& auth_android_negotiate_account_type, | 154 HttpAuthPreferences prefs(auth_types |
137 bool negotiate_disable_cname_lookup, | 155 #if defined(OS_POSIX) && !defined(OS_ANDROID) |
138 bool negotiate_enable_port) { | 156 , |
139 HttpAuthHandlerRegistryFactory* registry_factory = | 157 std::string() |
140 new HttpAuthHandlerRegistryFactory(); | |
141 if (IsSupportedScheme(supported_schemes, "basic")) | |
142 registry_factory->RegisterSchemeFactory( | |
143 "basic", new HttpAuthHandlerBasic::Factory()); | |
144 if (IsSupportedScheme(supported_schemes, "digest")) | |
145 registry_factory->RegisterSchemeFactory( | |
146 "digest", new HttpAuthHandlerDigest::Factory()); | |
147 if (IsSupportedScheme(supported_schemes, "ntlm")) { | |
148 HttpAuthHandlerNTLM::Factory* ntlm_factory = | |
149 new HttpAuthHandlerNTLM::Factory(); | |
150 ntlm_factory->set_url_security_manager(security_manager); | |
151 #if defined(OS_WIN) | |
152 ntlm_factory->set_sspi_library(new SSPILibraryDefault()); | |
153 #endif | 158 #endif |
154 registry_factory->RegisterSchemeFactory("ntlm", ntlm_factory); | 159 ); |
160 return CreateAuthHandlerRegistryFactory(prefs, host_resolver); | |
161 } | |
162 | |
163 // static | |
164 scoped_ptr<HttpAuthHandlerRegistryFactory> | |
165 HttpAuthHandlerRegistryFactory::Create(const HttpAuthPreferences* prefs, | |
166 HostResolver* host_resolver) { | |
167 scoped_ptr<HttpAuthHandlerRegistryFactory> registry_factory( | |
168 CreateAuthHandlerRegistryFactory(*prefs, host_resolver)); | |
169 registry_factory->set_http_auth_preferences(prefs); | |
170 for (auto factory_entry : registry_factory->factory_map_) { | |
171 factory_entry.second->set_http_auth_preferences(prefs); | |
155 } | 172 } |
156 #if defined(USE_KERBEROS) | |
157 if (IsSupportedScheme(supported_schemes, "negotiate")) { | |
158 HttpAuthHandlerNegotiate::Factory* negotiate_factory = | |
159 new HttpAuthHandlerNegotiate::Factory(); | |
160 #if defined(OS_ANDROID) | |
161 negotiate_factory->set_library(&auth_android_negotiate_account_type); | |
162 #elif defined(OS_POSIX) | |
163 negotiate_factory->set_library( | |
164 new GSSAPISharedLibrary(gssapi_library_name)); | |
165 #elif defined(OS_WIN) | |
166 negotiate_factory->set_library(new SSPILibraryDefault()); | |
167 #endif | |
168 negotiate_factory->set_url_security_manager(security_manager); | |
169 DCHECK(host_resolver || negotiate_disable_cname_lookup); | |
170 negotiate_factory->set_host_resolver(host_resolver); | |
171 negotiate_factory->set_disable_cname_lookup(negotiate_disable_cname_lookup); | |
172 negotiate_factory->set_use_port(negotiate_enable_port); | |
173 registry_factory->RegisterSchemeFactory("negotiate", negotiate_factory); | |
174 } | |
175 #endif // defined(USE_KERBEROS) | |
176 | |
177 return registry_factory; | 173 return registry_factory; |
178 } | 174 } |
179 | 175 |
180 int HttpAuthHandlerRegistryFactory::CreateAuthHandler( | 176 int HttpAuthHandlerRegistryFactory::CreateAuthHandler( |
181 HttpAuthChallengeTokenizer* challenge, | 177 HttpAuthChallengeTokenizer* challenge, |
182 HttpAuth::Target target, | 178 HttpAuth::Target target, |
183 const GURL& origin, | 179 const GURL& origin, |
184 CreateReason reason, | 180 CreateReason reason, |
185 int digest_nonce_count, | 181 int digest_nonce_count, |
186 const BoundNetLog& net_log, | 182 const BoundNetLog& net_log, |
187 scoped_ptr<HttpAuthHandler>* handler) { | 183 scoped_ptr<HttpAuthHandler>* handler) { |
188 std::string scheme = challenge->scheme(); | 184 std::string scheme = challenge->scheme(); |
189 if (scheme.empty()) { | 185 if (scheme.empty()) { |
190 handler->reset(); | 186 handler->reset(); |
191 return ERR_INVALID_RESPONSE; | 187 return ERR_INVALID_RESPONSE; |
192 } | 188 } |
193 std::string lower_scheme = base::ToLowerASCII(scheme); | 189 std::string lower_scheme = base::ToLowerASCII(scheme); |
194 FactoryMap::iterator it = factory_map_.find(lower_scheme); | 190 FactoryMap::iterator it = factory_map_.find(lower_scheme); |
195 if (it == factory_map_.end()) { | 191 if (it == factory_map_.end()) { |
196 handler->reset(); | 192 handler->reset(); |
197 return ERR_UNSUPPORTED_AUTH_SCHEME; | 193 return ERR_UNSUPPORTED_AUTH_SCHEME; |
198 } | 194 } |
199 DCHECK(it->second); | 195 DCHECK(it->second); |
200 return it->second->CreateAuthHandler(challenge, target, origin, reason, | 196 return it->second->CreateAuthHandler(challenge, target, origin, reason, |
201 digest_nonce_count, net_log, handler); | 197 digest_nonce_count, net_log, handler); |
202 } | 198 } |
203 | 199 |
204 } // namespace net | 200 } // namespace net |
OLD | NEW |