Move data reduction proxy to Chrome-Proxy header for authentication

components/data_reduction_proxy/browser/data_reduction_proxy_settings.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/data_reduction_proxy/browser/data_reduction_proxy_settings.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/metrics/field_trial.h"
 #include "base/metrics/histogram.h"
 #include "base/prefs/pref_member.h"
 #include "base/prefs/pref_service.h"
 #include "base/prefs/scoped_user_pref_update.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
+#include "components/data_reduction_proxy/browser/data_reduction_proxy_auth_request_handler.h"
 #include "components/data_reduction_proxy/browser/data_reduction_proxy_configurator.h"
 #include "components/data_reduction_proxy/browser/data_reduction_proxy_params.h"
 #include "components/data_reduction_proxy/common/data_reduction_proxy_pref_names.h"
 #include "components/data_reduction_proxy/common/data_reduction_proxy_switches.h"
-#include "crypto/random.h"
-#include "net/base/auth.h"
 #include "net/base/host_port_pair.h"
 #include "net/base/load_flags.h"
 #include "net/base/net_errors.h"
-#include "net/http/http_auth.h"
-#include "net/http/http_auth_cache.h"
 #include "net/http/http_network_session.h"
 #include "net/http/http_response_headers.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_fetcher_delegate.h"
 #include "net/url_request/url_request_context_getter.h"
 #include "net/url_request/url_request_status.h"
 #include "url/gurl.h"
 
 
 using base::StringPrintf;
 
 namespace {
 
 // Key of the UMA DataReductionProxy.StartupState histogram.
 const char kUMAProxyStartupStateHistogram[] =
     "DataReductionProxy.StartupState";
 
 // Key of the UMA DataReductionProxy.ProbeURL histogram.
 const char kUMAProxyProbeURL[] = "DataReductionProxy.ProbeURL";
 
-// TODO(marq): Factor this string out into a constant here and in
-//             http_auth_handler_spdyproxy.
-const char kAuthenticationRealmName[] = "SpdyProxy";
-
 int64 GetInt64PrefValue(const base::ListValue& list_value, size_t index) {
   int64 val = 0;
   std::string pref_value;
   bool rv = list_value.GetString(index, &pref_value);
   DCHECK(rv);
   if (rv) {
     rv = base::StringToInt64(pref_value, &val);
     DCHECK(rv);
   }
   return val;
 }
 
+bool IsEnabledOnCommandLine() {
+  const CommandLine& command_line = *CommandLine::ForCurrentProcess();
+  return command_line.HasSwitch(
+      data_reduction_proxy::switches::kEnableDataReductionProxy);
+}
+
 }  // namespace
 
 namespace data_reduction_proxy {
 
 DataReductionProxySettings::DataReductionProxySettings(
     DataReductionProxyParams* params)
     : restricted_by_carrier_(false),
       enabled_by_user_(false),
       prefs_(NULL),
       local_state_prefs_(NULL),
@@ skipping 57 matching lines @@
                                  url_request_context_getter);
   SetProxyConfigurator(configurator.Pass());
 }
 
 void DataReductionProxySettings::SetProxyConfigurator(
     scoped_ptr<DataReductionProxyConfigurator> configurator) {
   DCHECK(configurator);
   configurator_ = configurator.Pass();
 }
 
-// static
-void DataReductionProxySettings::InitDataReductionProxySession(
-    net::HttpNetworkSession* session,
-    const DataReductionProxyParams* params) {
-// This is a no-op unless the authentication parameters are compiled in.
-// (even though values for them may be specified on the command line).
-// Authentication will still work if the command line parameters are used,
-// however there will be a round-trip overhead for each challenge/response
-// (typically once per session).
-// TODO(bengr):Pass a configuration struct into DataReductionProxyConfigurator's
-// constructor. The struct would carry everything in the preprocessor flags.
-  DCHECK(session);
-  net::HttpAuthCache* auth_cache = session->http_auth_cache();
-  DCHECK(auth_cache);
-  InitDataReductionAuthentication(auth_cache, params);
-}
-
-// static
-void DataReductionProxySettings::InitDataReductionAuthentication(
-    net::HttpAuthCache* auth_cache,
-    const DataReductionProxyParams* params) {
-  DCHECK(auth_cache);
-  DCHECK(params);
-  int64 timestamp =
-      (base::Time::Now() - base::Time::UnixEpoch()).InMilliseconds() / 1000;
-
-  DataReductionProxyParams::DataReductionProxyList proxies =
-      params->GetAllowedProxies();
-  for (DataReductionProxyParams::DataReductionProxyList::iterator it =
-           proxies.begin();
-       it != proxies.end(); ++it) {
-    GURL auth_origin = (*it).GetOrigin();
-
-    int32 rand[3];
-    crypto::RandBytes(rand, 3 * sizeof(rand[0]));
-
-    std::string realm =
-        base::StringPrintf("%s%lld", kAuthenticationRealmName,
-                           static_cast<long long>(timestamp));
-    std::string challenge = base::StringPrintf(
-        "%s realm=\"%s\", ps=\"%lld-%u-%u-%u\"",
-        kAuthenticationRealmName,
-        realm.data(),
-        static_cast<long long>(timestamp),
-        rand[0],
-        rand[1],
-        rand[2]);
-    base::string16 password = AuthHashForSalt(timestamp, params->key());
-
-    DVLOG(1) << "origin: [" << auth_origin << "] realm: [" << realm
-        << "] challenge: [" << challenge << "] password: [" << password << "]";
-
-    net::AuthCredentials credentials(base::string16(), password);
-    // |HttpAuthController| searches this cache by origin and path, the latter
-    // being '/' in the case of the data reduction proxy.
-    auth_cache->Add(auth_origin,
-                    realm,
-                    net::HttpAuth::AUTH_SCHEME_SPDYPROXY,
-                    challenge,
-                    credentials,
-                    std::string("/"));
-  }
-}
-
-bool DataReductionProxySettings::IsAcceptableAuthChallenge(
-    net::AuthChallengeInfo* auth_info) {
-  // Challenge realm must start with the authentication realm name.
-  std::string realm_prefix =
-      auth_info->realm.substr(0, strlen(kAuthenticationRealmName));
-  if (realm_prefix != kAuthenticationRealmName)
-    return false;
-
-  // The challenger must be one of the configured proxies.
-  DataReductionProxyParams::DataReductionProxyList proxies =
-      params_->GetAllowedProxies();
-  for (DataReductionProxyParams::DataReductionProxyList::iterator it =
-       proxies.begin();
-       it != proxies.end(); ++it) {
-    net::HostPortPair origin_host = net::HostPortPair::FromURL(*it);
-    if (origin_host.Equals(auth_info->challenger))
-      return true;
-  }
-  return false;
-}
-
-base::string16 DataReductionProxySettings::GetTokenForAuthChallenge(
-    net::AuthChallengeInfo* auth_info) {
-  if (auth_info->realm.length() > strlen(kAuthenticationRealmName)) {
-    int64 salt;
-    std::string realm_suffix =
-        auth_info->realm.substr(strlen(kAuthenticationRealmName));
-    if (base::StringToInt64(realm_suffix, &salt)) {
-      return AuthHashForSalt(salt, params_->key());
-    } else {
-      DVLOG(1) << "Unable to parse realm name " << auth_info->realm
-               << "into an int for salting.";
-      return base::string16();
-    }
-  } else {
-    return base::string16();
-  }
-}
-
 bool DataReductionProxySettings::IsDataReductionProxyEnabled() {
-  return spdy_proxy_auth_enabled_.GetValue() ||
-      DataReductionProxyParams::IsKeySetOnCommandLine();
+  return spdy_proxy_auth_enabled_.GetValue() || IsEnabledOnCommandLine();
 }
 
 bool
 DataReductionProxySettings::IsDataReductionProxyAlternativeEnabled() const {
   return data_reduction_proxy_alternative_enabled_.GetValue();
 }
 
 bool DataReductionProxySettings::IsDataReductionProxyManaged() {
   return spdy_proxy_auth_enabled_.IsManaged();
 }
@@ skipping 372 matching lines @@
 
 void DataReductionProxySettings::WarmProxyConnection() {
   net::URLFetcher* fetcher = GetURLFetcherForWarmup();
   if (!fetcher)
     return;
   warmup_fetcher_.reset(fetcher);
   warmup_fetcher_->Start();
 }
 
 }  // namespace data_reduction_proxy