| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "net/http/http_auth_handler_basic.h" | |
| 6 | |
| 7 #include <string> | |
| 8 | |
| 9 #include "base/base64.h" | |
| 10 #include "base/strings/string_util.h" | |
| 11 #include "base/strings/utf_string_conversions.h" | |
| 12 #include "net/base/net_errors.h" | |
| 13 #include "net/base/net_string_util.h" | |
| 14 #include "net/http/http_auth.h" | |
| 15 #include "net/http/http_auth_challenge_tokenizer.h" | |
| 16 | |
| 17 namespace net { | |
| 18 | |
| 19 namespace { | |
| 20 | |
| 21 // Parses a realm from an auth challenge, and converts to UTF8-encoding. | |
| 22 // Returns whether the realm is invalid or the parameters are invalid. | |
| 23 // | |
| 24 // Note that if a realm was not specified, we will default it to ""; | |
| 25 // so specifying 'Basic realm=""' is equivalent to 'Basic'. | |
| 26 // | |
| 27 // This is more generous than RFC 2617, which is pretty clear in the | |
| 28 // production of challenge that realm is required. | |
| 29 // | |
| 30 // We allow it to be compatibility with certain embedded webservers that don't | |
| 31 // include a realm (see http://crbug.com/20984.) | |
| 32 // | |
| 33 // The over-the-wire realm is encoded as ISO-8859-1 (aka Latin-1). | |
| 34 // | |
| 35 // TODO(cbentzel): Realm may need to be decoded using RFC 2047 rules as | |
| 36 // well, see http://crbug.com/25790. | |
| 37 bool ParseRealm(const HttpAuthChallengeTokenizer& tokenizer, | |
| 38 std::string* realm) { | |
| 39 CHECK(realm); | |
| 40 realm->clear(); | |
| 41 HttpUtil::NameValuePairsIterator parameters = tokenizer.param_pairs(); | |
| 42 while (parameters.GetNext()) { | |
| 43 if (!LowerCaseEqualsASCII(parameters.name(), "realm")) | |
| 44 continue; | |
| 45 | |
| 46 if (!net::ConvertToUtf8AndNormalize(parameters.value(), kCharsetLatin1, | |
| 47 realm)) { | |
| 48 return false; | |
| 49 } | |
| 50 } | |
| 51 return parameters.valid(); | |
| 52 } | |
| 53 | |
| 54 } // namespace | |
| 55 | |
| 56 bool HttpAuthHandlerBasic::Init(HttpAuthChallengeTokenizer* challenge) { | |
| 57 auth_scheme_ = HttpAuth::AUTH_SCHEME_BASIC; | |
| 58 score_ = 1; | |
| 59 properties_ = 0; | |
| 60 return ParseChallenge(challenge); | |
| 61 } | |
| 62 | |
| 63 bool HttpAuthHandlerBasic::ParseChallenge( | |
| 64 HttpAuthChallengeTokenizer* challenge) { | |
| 65 // Verify the challenge's auth-scheme. | |
| 66 if (!LowerCaseEqualsASCII(challenge->scheme(), "basic")) | |
| 67 return false; | |
| 68 | |
| 69 std::string realm; | |
| 70 if (!ParseRealm(*challenge, &realm)) | |
| 71 return false; | |
| 72 | |
| 73 realm_ = realm; | |
| 74 return true; | |
| 75 } | |
| 76 | |
| 77 HttpAuth::AuthorizationResult HttpAuthHandlerBasic::HandleAnotherChallenge( | |
| 78 HttpAuthChallengeTokenizer* challenge) { | |
| 79 // Basic authentication is always a single round, so any responses | |
| 80 // should be treated as a rejection. However, if the new challenge | |
| 81 // is for a different realm, then indicate the realm change. | |
| 82 std::string realm; | |
| 83 if (!ParseRealm(*challenge, &realm)) | |
| 84 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
| 85 return (realm_ != realm)? | |
| 86 HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM: | |
| 87 HttpAuth::AUTHORIZATION_RESULT_REJECT; | |
| 88 } | |
| 89 | |
| 90 int HttpAuthHandlerBasic::GenerateAuthTokenImpl( | |
| 91 const AuthCredentials* credentials, const HttpRequestInfo*, | |
| 92 const CompletionCallback&, std::string* auth_token) { | |
| 93 DCHECK(credentials); | |
| 94 // TODO(eroman): is this the right encoding of username/password? | |
| 95 std::string base64_username_password; | |
| 96 base::Base64Encode(base::UTF16ToUTF8(credentials->username()) + ":" + | |
| 97 base::UTF16ToUTF8(credentials->password()), | |
| 98 &base64_username_password); | |
| 99 *auth_token = "Basic " + base64_username_password; | |
| 100 return OK; | |
| 101 } | |
| 102 | |
| 103 HttpAuthHandlerBasic::Factory::Factory() { | |
| 104 } | |
| 105 | |
| 106 HttpAuthHandlerBasic::Factory::~Factory() { | |
| 107 } | |
| 108 | |
| 109 int HttpAuthHandlerBasic::Factory::CreateAuthHandler( | |
| 110 HttpAuthChallengeTokenizer* challenge, | |
| 111 HttpAuth::Target target, | |
| 112 const GURL& origin, | |
| 113 CreateReason reason, | |
| 114 int digest_nonce_count, | |
| 115 const BoundNetLog& net_log, | |
| 116 scoped_ptr<HttpAuthHandler>* handler) { | |
| 117 // TODO(cbentzel): Move towards model of parsing in the factory | |
| 118 // method and only constructing when valid. | |
| 119 scoped_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerBasic()); | |
| 120 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log)) | |
| 121 return ERR_INVALID_RESPONSE; | |
| 122 handler->swap(tmp_handler); | |
| 123 return OK; | |
| 124 } | |
| 125 | |
| 126 } // namespace net | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master