Allow dynamic updating of authentication policies

net/android/http_auth_negotiate_android.cc

Index: net/android/http_auth_negotiate_android.cc
diff --git a/net/android/http_auth_negotiate_android.cc b/net/android/http_auth_negotiate_android.cc
index a8e9cc3009ae7bcef2db1c227f28bdc5435d26a5..b60db453945460a267f4df7953bb065854852720 100644
--- a/net/android/http_auth_negotiate_android.cc
+++ b/net/android/http_auth_negotiate_android.cc
@@ -15,6 +15,7 @@
 #include "net/base/net_errors.h"
 #include "net/http/http_auth_challenge_tokenizer.h"
 #include "net/http/http_auth_multi_round_parse.h"
+#include "net/http/http_auth_preferences.h"
 
 using base::android::AttachCurrentThread;
 using base::android::ConvertUTF8ToJavaString;
@@ -53,17 +54,17 @@ void JavaNegotiateResultWrapper::SetResult(JNIEnv* env,
   delete this;
 }
 
-HttpAuthNegotiateAndroid::HttpAuthNegotiateAndroid(
-    const std::string& account_type)
-    : account_type_(account_type),
+HttpAuthNegotiateAndroid::HttpAuthNegotiateAndroid(HttpAuthPreferences* prefs)
+    : prefs_(prefs),
       can_delegate_(false),
       first_challenge_(true),
       auth_token_(nullptr),
       weak_factory_(this) {
-  DCHECK(!account_type.empty());
   JNIEnv* env = AttachCurrentThread();
   java_authenticator_.Reset(Java_HttpNegotiateAuthenticator_create(
-      env, ConvertUTF8ToJavaString(env, account_type).obj()));
+      env,
+      ConvertUTF8ToJavaString(env, prefs->auth_android_negotiate_account_type())
+          .obj()));
 }
 
 HttpAuthNegotiateAndroid::~HttpAuthNegotiateAndroid() {
@@ -101,6 +102,11 @@ int HttpAuthNegotiateAndroid::GenerateAuthToken(
     const std::string& spn,
     std::string* auth_token,
     const net::CompletionCallback& callback) {
+  if (prefs_->auth_android_negotiate_account_type().empty()) {
+    // This can happen if there is a policy change, removing the account type,
+    // in the middle of a negotiation.
+    return ERR_METHOD_NOT_SUPPORTED;

[asanka, 2015/11/25 19:00:09]

ERR_METHOD_NOT_SUPPORTED is used to indicate that an HTTP method (a.k.a. verb)
is not supported. Use ERR_UNSUPPORTED_AUTH_SCHEME here instead.

[aberent, 2015/11/26 15:58:00]

Done.

+  }
   DCHECK(auth_token);
   DCHECK(completion_callback_.is_null());
   DCHECK(!callback.is_null());
@@ -116,8 +122,8 @@ int HttpAuthNegotiateAndroid::GenerateAuthToken(
   ScopedJavaLocalRef<jstring> java_server_auth_token =
       ConvertUTF8ToJavaString(env, server_auth_token_);
   ScopedJavaLocalRef<jstring> java_spn = ConvertUTF8ToJavaString(env, spn);
-  ScopedJavaLocalRef<jstring> java_account_type =
-      ConvertUTF8ToJavaString(env, account_type_);
+  ScopedJavaLocalRef<jstring> java_account_type = ConvertUTF8ToJavaString(
+      env, prefs_->auth_android_negotiate_account_type());
 
   // It is intentional that callback_wrapper is not owned or deleted by the
   // HttpAuthNegotiateAndroid object. The Java code will call the callback