Chromium Code Reviews Chromium Code Reviews
Issue 1414313002:
Allow dynamic updating of authentication policies (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: net/http/http_auth_handler_factory.cc |
| diff --git a/net/http/http_auth_handler_factory.cc b/net/http/http_auth_handler_factory.cc |
| index 5a89964a80c6d47344e6ab2daa747a92b30b3305..e23df2393d8c3fdc9258cb44b3f3f213c50500a3 100644 |
| --- a/net/http/http_auth_handler_factory.cc |
| +++ b/net/http/http_auth_handler_factory.cc |
| @@ -12,6 +12,8 @@ |
| #include "net/http/http_auth_handler_basic.h" |
| #include "net/http/http_auth_handler_digest.h" |
| #include "net/http/http_auth_handler_ntlm.h" |
| +#include "net/http/http_auth_preferences.h" |
| +#include "net/http/http_auth_scheme.h" |
| #if defined(USE_KERBEROS) |
| #include "net/http/http_auth_handler_negotiate.h" |
| @@ -42,42 +44,15 @@ int HttpAuthHandlerFactory::CreatePreemptiveAuthHandlerFromString( |
| digest_nonce_count, net_log, handler); |
| } |
| -// static |
| -scoped_ptr<HttpAuthHandlerRegistryFactory> |
| -HttpAuthHandlerFactory::CreateDefault(HostResolver* host_resolver) { |
| - DCHECK(host_resolver); |
| - scoped_ptr<HttpAuthHandlerRegistryFactory> registry_factory = |
| - make_scoped_ptr(new HttpAuthHandlerRegistryFactory()); |
| - registry_factory->RegisterSchemeFactory( |
| - "basic", new HttpAuthHandlerBasic::Factory()); |
| - registry_factory->RegisterSchemeFactory( |
| - "digest", new HttpAuthHandlerDigest::Factory()); |
| - |
| -// On Android Chrome needs an account type configured to enable Kerberos, |
| -// so the default factory should not include Kerberos. |
| -#if defined(USE_KERBEROS) && !defined(OS_ANDROID) |
| - HttpAuthHandlerNegotiate::Factory* negotiate_factory = |
| - new HttpAuthHandlerNegotiate::Factory(); |
| -#if defined(OS_POSIX) |
| - negotiate_factory->set_library(new GSSAPISharedLibrary(std::string())); |
| -#elif defined(OS_WIN) |
| - negotiate_factory->set_library(new SSPILibraryDefault()); |
| -#endif |
| - negotiate_factory->set_host_resolver(host_resolver); |
| - registry_factory->RegisterSchemeFactory("negotiate", negotiate_factory); |
| -#endif // defined(USE_KERBEROS) && !defined(OS_ANDROID) |
| - |
| - HttpAuthHandlerNTLM::Factory* ntlm_factory = |
| - new HttpAuthHandlerNTLM::Factory(); |
| -#if defined(OS_WIN) |
| - ntlm_factory->set_sspi_library(new SSPILibraryDefault()); |
| -#endif |
| - registry_factory->RegisterSchemeFactory("ntlm", ntlm_factory); |
| - return registry_factory; |
| -} |
| namespace { |
| +const char* default_auth_types[] = {kBasicAuthScheme, kDigestAuthScheme, |
|
asanka
2015/11/20 15:32:09
const char* const kDefaultAuthTypes[] = {...};
Wi
aberent
2015/11/23 16:34:01
Done.
|
| +#if defined(USE_KERBEROS) && !defined(OS_ANDROID) |
| + kNegotiateAuthScheme, |
| +#endif |
| + kNtlmAuthScheme}; |
| + |
| bool IsSupportedScheme(const std::vector<std::string>& supported_schemes, |
| const std::string& scheme) { |
| std::vector<std::string>::const_iterator it = std::find( |
| @@ -85,6 +60,47 @@ bool IsSupportedScheme(const std::vector<std::string>& supported_schemes, |
| return it != supported_schemes.end(); |
| } |
| +void InitAuthHandlerRegistryFactory( |
| + HttpAuthHandlerRegistryFactory* registry_factory, |
| + std::vector<std::string> schemes, |
| + HostResolver* host_resolver |
| +#if defined(OS_POSIX) && !defined(OS_ANDROID) |
| + , |
| + std::string gssapi_library_name |
| +#endif |
| + ) { |
| + if (IsSupportedScheme(schemes, kBasicAuthScheme)) |
| + registry_factory->RegisterSchemeFactory( |
| + kBasicAuthScheme, new HttpAuthHandlerBasic::Factory()); |
| + if (IsSupportedScheme(schemes, kDigestAuthScheme)) |
| + registry_factory->RegisterSchemeFactory( |
| + kDigestAuthScheme, new HttpAuthHandlerDigest::Factory()); |
| + if (IsSupportedScheme(schemes, kNtlmAuthScheme)) { |
| + HttpAuthHandlerNTLM::Factory* ntlm_factory = |
| + new HttpAuthHandlerNTLM::Factory(); |
| +#if defined(OS_WIN) |
| + ntlm_factory->set_sspi_library(new SSPILibraryDefault()); |
| +#endif // defined(OS_WIN) |
| + registry_factory->RegisterSchemeFactory(kNtlmAuthScheme, ntlm_factory); |
| + } |
| +#if defined(USE_KERBEROS) |
| + if (IsSupportedScheme(schemes, kNegotiateAuthScheme)) { |
| + DCHECK(host_resolver); |
| + HttpAuthHandlerNegotiate::Factory* negotiate_factory = |
| + new HttpAuthHandlerNegotiate::Factory(); |
| +#if defined(OS_WIN) |
| + negotiate_factory->set_library(make_scoped_ptr(new SSPILibraryDefault())); |
| +#elif defined(OS_POSIX) && !defined(OS_ANDROID) |
| + negotiate_factory->set_library( |
| + make_scoped_ptr(new GSSAPISharedLibrary(gssapi_library_name))); |
| +#endif // defined(OS_POSIX) && !defined(OS_ANDROID) |
| + negotiate_factory->set_host_resolver(host_resolver); |
| + registry_factory->RegisterSchemeFactory(kNegotiateAuthScheme, |
| + negotiate_factory); |
| + } |
| +#endif // defined(USE_KERBEROS) |
| +} |
| + |
| } // namespace |
| HttpAuthHandlerRegistryFactory::HttpAuthHandlerRegistryFactory() { |
| @@ -95,12 +111,12 @@ HttpAuthHandlerRegistryFactory::~HttpAuthHandlerRegistryFactory() { |
| factory_map_.end()); |
| } |
| -void HttpAuthHandlerRegistryFactory::SetURLSecurityManager( |
| +void HttpAuthHandlerRegistryFactory::SetHttpAuthPreferences( |
| const std::string& scheme, |
| - URLSecurityManager* security_manager) { |
| + HttpAuthPreferences* prefs) { |
| HttpAuthHandlerFactory* factory = GetSchemeFactory(scheme); |
| if (factory) |
| - factory->set_url_security_manager(security_manager); |
| + factory->set_http_auth_preferences(prefs); |
| } |
| void HttpAuthHandlerRegistryFactory::RegisterSchemeFactory( |
| @@ -108,6 +124,7 @@ void HttpAuthHandlerRegistryFactory::RegisterSchemeFactory( |
| HttpAuthHandlerFactory* factory) { |
| std::string lower_scheme = base::ToLowerASCII(scheme); |
| FactoryMap::iterator it = factory_map_.find(lower_scheme); |
| + factory->set_http_auth_preferences(http_auth_preferences()); |
| if (it != factory_map_.end()) { |
| delete it->second; |
| } |
| @@ -128,52 +145,40 @@ HttpAuthHandlerFactory* HttpAuthHandlerRegistryFactory::GetSchemeFactory( |
| } |
| // static |
| -HttpAuthHandlerRegistryFactory* HttpAuthHandlerRegistryFactory::Create( |
| - const std::vector<std::string>& supported_schemes, |
| - URLSecurityManager* security_manager, |
| - HostResolver* host_resolver, |
| - const std::string& gssapi_library_name, |
| - const std::string& auth_android_negotiate_account_type, |
| - bool negotiate_disable_cname_lookup, |
| - bool negotiate_enable_port) { |
| - HttpAuthHandlerRegistryFactory* registry_factory = |
| - new HttpAuthHandlerRegistryFactory(); |
| - if (IsSupportedScheme(supported_schemes, "basic")) |
| - registry_factory->RegisterSchemeFactory( |
| - "basic", new HttpAuthHandlerBasic::Factory()); |
| - if (IsSupportedScheme(supported_schemes, "digest")) |
| - registry_factory->RegisterSchemeFactory( |
| - "digest", new HttpAuthHandlerDigest::Factory()); |
| - if (IsSupportedScheme(supported_schemes, "ntlm")) { |
| - HttpAuthHandlerNTLM::Factory* ntlm_factory = |
| - new HttpAuthHandlerNTLM::Factory(); |
| - ntlm_factory->set_url_security_manager(security_manager); |
| -#if defined(OS_WIN) |
| - ntlm_factory->set_sspi_library(new SSPILibraryDefault()); |
| +scoped_ptr<HttpAuthHandlerRegistryFactory> |
| +HttpAuthHandlerFactory::CreateDefault(HostResolver* host_resolver) { |
| + scoped_ptr<HttpAuthHandlerRegistryFactory> registry_factory( |
| + new HttpAuthHandlerRegistryFactory()); |
| + std::vector<std::string> auth_types( |
| + default_auth_types, default_auth_types + arraysize(default_auth_types)); |
| + InitAuthHandlerRegistryFactory(registry_factory.get(), auth_types, |
| + host_resolver |
| +#if defined(OS_POSIX) && !defined(OS_ANDROID) |
| + , |
| + std::string() |
| #endif |
| - registry_factory->RegisterSchemeFactory("ntlm", ntlm_factory); |
| - } |
| -#if defined(USE_KERBEROS) |
| - if (IsSupportedScheme(supported_schemes, "negotiate")) { |
| - HttpAuthHandlerNegotiate::Factory* negotiate_factory = |
| - new HttpAuthHandlerNegotiate::Factory(); |
| -#if defined(OS_ANDROID) |
| - negotiate_factory->set_library(&auth_android_negotiate_account_type); |
| -#elif defined(OS_POSIX) |
| - negotiate_factory->set_library( |
| - new GSSAPISharedLibrary(gssapi_library_name)); |
| -#elif defined(OS_WIN) |
| - negotiate_factory->set_library(new SSPILibraryDefault()); |
| + ); |
| + return registry_factory; |
| +} |
| + |
| +// static |
| +scoped_ptr<HttpAuthHandlerRegistryFactory> |
| +HttpAuthHandlerRegistryFactory::Create(HttpAuthPreferences* prefs, |
| + HostResolver* host_resolver) { |
| + scoped_ptr<HttpAuthHandlerRegistryFactory> registry_factory( |
| + new HttpAuthHandlerRegistryFactory()); |
| + registry_factory->set_http_auth_preferences(prefs); |
| + InitAuthHandlerRegistryFactory(registry_factory.get(), prefs->auth_schemes(), |
| + host_resolver |
| +#if defined(OS_POSIX) && !defined(OS_ANDROID) |
| + , |
| + prefs->gssapi_library_name() |
| #endif |
| - negotiate_factory->set_url_security_manager(security_manager); |
| - DCHECK(host_resolver || negotiate_disable_cname_lookup); |
| - negotiate_factory->set_host_resolver(host_resolver); |
| - negotiate_factory->set_disable_cname_lookup(negotiate_disable_cname_lookup); |
| - negotiate_factory->set_use_port(negotiate_enable_port); |
| - registry_factory->RegisterSchemeFactory("negotiate", negotiate_factory); |
| + ); |
| + for (std::pair<std::string, HttpAuthHandlerFactory*> factory_entry : |
| + registry_factory->factory_map_) { |
| + factory_entry.second->set_http_auth_preferences(prefs); |
| } |
| -#endif // defined(USE_KERBEROS) |
| - |
| return registry_factory; |
| } |
| @@ -201,4 +206,14 @@ int HttpAuthHandlerRegistryFactory::CreateAuthHandler( |
| digest_nonce_count, net_log, handler); |
| } |
| +#if defined(OS_ANDROID) |
| +void HttpAuthHandlerRegistryFactory::SetAndroidAuthNegotiateAccountType( |
| + const std::string& account_type) { |
| + for (std::pair<std::string, HttpAuthHandlerFactory*> map_entry : |
| + factory_map_) { |
| + map_entry.second->SetAndroidAuthNegotiateAccountType(account_type); |
| + } |
| +} |
| +#endif |
| + |
| } // namespace net |
