| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef NET_HTTP_HTTP_AUTH_CONTROLLER_H_ | |
| 6 #define NET_HTTP_HTTP_AUTH_CONTROLLER_H_ | |
| 7 | |
| 8 #include <set> | |
| 9 #include <string> | |
| 10 | |
| 11 #include "base/basictypes.h" | |
| 12 #include "base/memory/ref_counted.h" | |
| 13 #include "base/memory/scoped_ptr.h" | |
| 14 #include "base/threading/non_thread_safe.h" | |
| 15 #include "net/base/completion_callback.h" | |
| 16 #include "net/base/net_export.h" | |
| 17 #include "net/base/net_log.h" | |
| 18 #include "net/http/http_auth.h" | |
| 19 #include "url/gurl.h" | |
| 20 | |
| 21 namespace net { | |
| 22 | |
| 23 class AuthChallengeInfo; | |
| 24 class AuthCredentials; | |
| 25 class HttpAuthHandler; | |
| 26 class HttpAuthHandlerFactory; | |
| 27 class HttpAuthCache; | |
| 28 class HttpRequestHeaders; | |
| 29 struct HttpRequestInfo; | |
| 30 | |
| 31 class NET_EXPORT_PRIVATE HttpAuthController | |
| 32 : public base::RefCounted<HttpAuthController>, | |
| 33 NON_EXPORTED_BASE(public base::NonThreadSafe) { | |
| 34 public: | |
| 35 // The arguments are self explanatory except possibly for |auth_url|, which | |
| 36 // should be both the auth target and auth path in a single url argument. | |
| 37 HttpAuthController(HttpAuth::Target target, | |
| 38 const GURL& auth_url, | |
| 39 HttpAuthCache* http_auth_cache, | |
| 40 HttpAuthHandlerFactory* http_auth_handler_factory); | |
| 41 | |
| 42 // Generate an authentication token for |target| if necessary. The return | |
| 43 // value is a net error code. |OK| will be returned both in the case that | |
| 44 // a token is correctly generated synchronously, as well as when no tokens | |
| 45 // were necessary. | |
| 46 virtual int MaybeGenerateAuthToken(const HttpRequestInfo* request, | |
| 47 const CompletionCallback& callback, | |
| 48 const BoundNetLog& net_log); | |
| 49 | |
| 50 // Adds either the proxy auth header, or the origin server auth header, | |
| 51 // as specified by |target_|. | |
| 52 virtual void AddAuthorizationHeader( | |
| 53 HttpRequestHeaders* authorization_headers); | |
| 54 | |
| 55 // Checks for and handles HTTP status code 401 or 407. | |
| 56 // |HandleAuthChallenge()| returns OK on success, or a network error code | |
| 57 // otherwise. It may also populate |auth_info_|. | |
| 58 virtual int HandleAuthChallenge(scoped_refptr<HttpResponseHeaders> headers, | |
| 59 bool do_not_send_server_auth, | |
| 60 bool establishing_tunnel, | |
| 61 const BoundNetLog& net_log); | |
| 62 | |
| 63 // Store the supplied credentials and prepare to restart the auth. | |
| 64 virtual void ResetAuth(const AuthCredentials& credentials); | |
| 65 | |
| 66 virtual bool HaveAuthHandler() const; | |
| 67 | |
| 68 virtual bool HaveAuth() const; | |
| 69 | |
| 70 virtual scoped_refptr<AuthChallengeInfo> auth_info(); | |
| 71 | |
| 72 virtual bool IsAuthSchemeDisabled(HttpAuth::Scheme scheme) const; | |
| 73 virtual void DisableAuthScheme(HttpAuth::Scheme scheme); | |
| 74 virtual void DisableEmbeddedIdentity(); | |
| 75 | |
| 76 private: | |
| 77 // Actions for InvalidateCurrentHandler() | |
| 78 enum InvalidateHandlerAction { | |
| 79 INVALIDATE_HANDLER_AND_CACHED_CREDENTIALS, | |
| 80 INVALIDATE_HANDLER_AND_DISABLE_SCHEME, | |
| 81 INVALIDATE_HANDLER | |
| 82 }; | |
| 83 | |
| 84 // So that we can mock this object. | |
| 85 friend class base::RefCounted<HttpAuthController>; | |
| 86 | |
| 87 virtual ~HttpAuthController(); | |
| 88 | |
| 89 // Searches the auth cache for an entry that encompasses the request's path. | |
| 90 // If such an entry is found, updates |identity_| and |handler_| with the | |
| 91 // cache entry's data and returns true. | |
| 92 bool SelectPreemptiveAuth(const BoundNetLog& net_log); | |
| 93 | |
| 94 // Invalidates the current handler. If |action| is | |
| 95 // INVALIDATE_HANDLER_AND_CACHED_CREDENTIALS, then also invalidate | |
| 96 // the cached credentials used by the handler. | |
| 97 void InvalidateCurrentHandler(InvalidateHandlerAction action); | |
| 98 | |
| 99 // Invalidates any auth cache entries after authentication has failed. | |
| 100 // The identity that was rejected is |identity_|. | |
| 101 void InvalidateRejectedAuthFromCache(); | |
| 102 | |
| 103 // Sets |identity_| to the next identity that the transaction should try. It | |
| 104 // chooses candidates by searching the auth cache and the URL for a | |
| 105 // username:password. Returns true if an identity was found. | |
| 106 bool SelectNextAuthIdentityToTry(); | |
| 107 | |
| 108 // Populates auth_info_ with the challenge information, so that | |
| 109 // URLRequestHttpJob can prompt for credentials. | |
| 110 void PopulateAuthChallenge(); | |
| 111 | |
| 112 // If |result| indicates a permanent failure, disables the current | |
| 113 // auth scheme for this controller and returns true. Returns false | |
| 114 // otherwise. | |
| 115 bool DisableOnAuthHandlerResult(int result); | |
| 116 | |
| 117 void OnIOComplete(int result); | |
| 118 | |
| 119 // Indicates if this handler is for Proxy auth or Server auth. | |
| 120 HttpAuth::Target target_; | |
| 121 | |
| 122 // Holds the {scheme, host, path, port} for the authentication target. | |
| 123 const GURL auth_url_; | |
| 124 | |
| 125 // Holds the {scheme, host, port} for the authentication target. | |
| 126 const GURL auth_origin_; | |
| 127 | |
| 128 // The absolute path of the resource needing authentication. | |
| 129 // For proxy authentication the path is empty. | |
| 130 const std::string auth_path_; | |
| 131 | |
| 132 // |handler_| encapsulates the logic for the particular auth-scheme. | |
| 133 // This includes the challenge's parameters. If NULL, then there is no | |
| 134 // associated auth handler. | |
| 135 scoped_ptr<HttpAuthHandler> handler_; | |
| 136 | |
| 137 // |identity_| holds the credentials that should be used by | |
| 138 // the handler_ to generate challenge responses. This identity can come from | |
| 139 // a number of places (url, cache, prompt). | |
| 140 HttpAuth::Identity identity_; | |
| 141 | |
| 142 // |auth_token_| contains the opaque string to pass to the proxy or | |
| 143 // server to authenticate the client. | |
| 144 std::string auth_token_; | |
| 145 | |
| 146 // Contains information about the auth challenge. | |
| 147 scoped_refptr<AuthChallengeInfo> auth_info_; | |
| 148 | |
| 149 // True if we've used the username:password embedded in the URL. This | |
| 150 // makes sure we use the embedded identity only once for the transaction, | |
| 151 // preventing an infinite auth restart loop. | |
| 152 bool embedded_identity_used_; | |
| 153 | |
| 154 // True if default credentials have already been tried for this transaction | |
| 155 // in response to an HTTP authentication challenge. | |
| 156 bool default_credentials_used_; | |
| 157 | |
| 158 // These two are owned by the HttpNetworkSession/IOThread, which own the | |
| 159 // objects which reference |this|. Therefore, these raw pointers are valid | |
| 160 // for the lifetime of this object. | |
| 161 HttpAuthCache* const http_auth_cache_; | |
| 162 HttpAuthHandlerFactory* const http_auth_handler_factory_; | |
| 163 | |
| 164 std::set<HttpAuth::Scheme> disabled_schemes_; | |
| 165 | |
| 166 CompletionCallback callback_; | |
| 167 }; | |
| 168 | |
| 169 } // namespace net | |
| 170 | |
| 171 #endif // NET_HTTP_HTTP_AUTH_CONTROLLER_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master