Blame - net/http/http_auth.cc - chromium/src.git

blob: 7752d743a22a356ea659577e858ad8aa3f2c017b [file] [log] [blame]

[email protected]	87c99b6a	2011-05-13 20:06:48	[diff] [blame]	1	// Copyright (c) 2011 The Chromium Authors. All rights reserved.
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
				4
				5	#include "net/http/http_auth.h"
				6
				7	#include <algorithm>
				8
				9	#include "base/basictypes.h"
[email protected]	f4ebe77	2013-02-02 00:21:39	[diff] [blame]	10	#include "base/strings/string_tokenizer.h"
[email protected]	125ef48	2013-06-11 18:32:47	[diff] [blame]	11	#include "base/strings/string_util.h"
[email protected]	fa55e19	2010-02-15 14:25:50	[diff] [blame]	12	#include "net/base/net_errors.h"
[email protected]	df41d0d8	2014-03-13 00:43:24	[diff] [blame]	13	#include "net/http/http_auth_challenge_tokenizer.h"
[email protected]	40ecae22	2011-08-24 20:59:56	[diff] [blame]	14	#include "net/http/http_auth_handler.h"
				15	#include "net/http/http_auth_handler_factory.h"
[email protected]	87c99b6a	2011-05-13 20:06:48	[diff] [blame]	16	#include "net/http/http_request_headers.h"
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	17	#include "net/http/http_response_headers.h"
				18	#include "net/http/http_util.h"
				19
				20	namespace net {
				21
[email protected]	2858bbf	2010-10-05 23:46:02	[diff] [blame]	22	HttpAuth::Identity::Identity() : source(IDENT_SRC_NONE), invalid(true) {}
				23
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	24	// static
[email protected]	fa55e19	2010-02-15 14:25:50	[diff] [blame]	25	void HttpAuth::ChooseBestChallenge(
				26	HttpAuthHandlerFactory* http_auth_handler_factory,
				27	const HttpResponseHeaders* headers,
				28	Target target,
				29	const GURL& origin,
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	30	const std::set<Scheme>& disabled_schemes,
[email protected]	ac5c06e	2010-05-27 15:07:38	[diff] [blame]	31	const BoundNetLog& net_log,
[email protected]	36c8e5f7	2010-06-07 14:17:14	[diff] [blame]	32	scoped_ptr<HttpAuthHandler>* handler) {
[email protected]	fa55e19	2010-02-15 14:25:50	[diff] [blame]	33	DCHECK(http_auth_handler_factory);
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	34	DCHECK(handler->get() == NULL);
[email protected]	3f91878	2009-02-28 01:29:24	[diff] [blame]	35
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	36	// Choose the challenge whose authentication handler gives the maximum score.
[email protected]	36c8e5f7	2010-06-07 14:17:14	[diff] [blame]	37	scoped_ptr<HttpAuthHandler> best;
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	38	const std::string header_name = GetChallengeHeaderName(target);
				39	std::string cur_challenge;
				40	void* iter = NULL;
				41	while (headers->EnumerateHeader(&iter, header_name, &cur_challenge)) {
[email protected]	36c8e5f7	2010-06-07 14:17:14	[diff] [blame]	42	scoped_ptr<HttpAuthHandler> cur;
[email protected]	fa55e19	2010-02-15 14:25:50	[diff] [blame]	43	int rv = http_auth_handler_factory->CreateAuthHandlerFromString(
[email protected]	ac5c06e	2010-05-27 15:07:38	[diff] [blame]	44	cur_challenge, target, origin, net_log, &cur);
[email protected]	fa55e19	2010-02-15 14:25:50	[diff] [blame]	45	if (rv != OK) {
[email protected]	b30a3f5	2010-10-16 01:05:46	[diff] [blame]	46	VLOG(1) << "Unable to create AuthHandler. Status: "
				47	<< ErrorToString(rv) << " Challenge: " << cur_challenge;
[email protected]	fa55e19	2010-02-15 14:25:50	[diff] [blame]	48	continue;
				49	}
[email protected]	17be1a6	2010-07-27 19:20:23	[diff] [blame]	50	if (cur.get() && (!best.get() \|\| best->score() < cur->score()) &&
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	51	(disabled_schemes.find(cur->auth_scheme()) == disabled_schemes.end()))
[email protected]	17be1a6	2010-07-27 19:20:23	[diff] [blame]	52	best.swap(cur);
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	53	}
[email protected]	f9ee6b5	2008-11-08 06:46:23	[diff] [blame]	54	handler->swap(best);
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	55	}
				56
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	57	// static
				58	HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse(
				59	HttpAuthHandler* handler,
				60	const HttpResponseHeaders* headers,
				61	Target target,
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	62	const std::set<Scheme>& disabled_schemes,
[email protected]	c4857e0	2010-09-16 13:41:36	[diff] [blame]	63	std::string* challenge_used) {
[email protected]	d66f881	2010-10-20 16:52:15	[diff] [blame]	64	DCHECK(handler);
				65	DCHECK(headers);
[email protected]	c4857e0	2010-09-16 13:41:36	[diff] [blame]	66	DCHECK(challenge_used);
[email protected]	d66f881	2010-10-20 16:52:15	[diff] [blame]	67	challenge_used->clear();
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	68	HttpAuth::Scheme current_scheme = handler->auth_scheme();
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	69	if (disabled_schemes.find(current_scheme) != disabled_schemes.end())
				70	return HttpAuth::AUTHORIZATION_RESULT_REJECT;
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	71	std::string current_scheme_name = SchemeToString(current_scheme);
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	72	const std::string header_name = GetChallengeHeaderName(target);
				73	void* iter = NULL;
				74	std::string challenge;
				75	HttpAuth::AuthorizationResult authorization_result =
				76	HttpAuth::AUTHORIZATION_RESULT_INVALID;
				77	while (headers->EnumerateHeader(&iter, header_name, &challenge)) {
[email protected]	df41d0d8	2014-03-13 00:43:24	[diff] [blame]	78	HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end());
brettw	bc17d2c8	2015-06-09 22:39:08	[diff] [blame^]	79	if (!base::LowerCaseEqualsASCII(props.scheme(),
				80	current_scheme_name.c_str()))
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	81	continue;
				82	authorization_result = handler->HandleAnotherChallenge(&props);
[email protected]	c4857e0	2010-09-16 13:41:36	[diff] [blame]	83	if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID) {
				84	*challenge_used = challenge;
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	85	return authorization_result;
[email protected]	c4857e0	2010-09-16 13:41:36	[diff] [blame]	86	}
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	87	}
[email protected]	c4857e0	2010-09-16 13:41:36	[diff] [blame]	88	// Finding no matches is equivalent to rejection.
[email protected]	eca50e12	2010-09-11 14:03:30	[diff] [blame]	89	return HttpAuth::AUTHORIZATION_RESULT_REJECT;
				90	}
				91
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	92	// static
				93	std::string HttpAuth::GetChallengeHeaderName(Target target) {
[email protected]	3f91878	2009-02-28 01:29:24	[diff] [blame]	94	switch (target) {
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	95	case AUTH_PROXY:
				96	return "Proxy-Authenticate";
				97	case AUTH_SERVER:
				98	return "WWW-Authenticate";
				99	default:
				100	NOTREACHED();
[email protected]	007b3f8	2013-04-09 08:46:45	[diff] [blame]	101	return std::string();
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	102	}
				103	}
				104
				105	// static
				106	std::string HttpAuth::GetAuthorizationHeaderName(Target target) {
[email protected]	3f91878	2009-02-28 01:29:24	[diff] [blame]	107	switch (target) {
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	108	case AUTH_PROXY:
[email protected]	87c99b6a	2011-05-13 20:06:48	[diff] [blame]	109	return HttpRequestHeaders::kProxyAuthorization;
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	110	case AUTH_SERVER:
[email protected]	87c99b6a	2011-05-13 20:06:48	[diff] [blame]	111	return HttpRequestHeaders::kAuthorization;
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	112	default:
				113	NOTREACHED();
[email protected]	007b3f8	2013-04-09 08:46:45	[diff] [blame]	114	return std::string();
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	115	}
				116	}
				117
[email protected]	228404f	2010-06-24 04:31:41	[diff] [blame]	118	// static
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	119	std::string HttpAuth::GetAuthTargetString(Target target) {
				120	switch (target) {
				121	case AUTH_PROXY:
				122	return "proxy";
				123	case AUTH_SERVER:
				124	return "server";
				125	default:
				126	NOTREACHED();
[email protected]	007b3f8	2013-04-09 08:46:45	[diff] [blame]	127	return std::string();
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	128	}
				129	}
				130
				131	// static
				132	const char* HttpAuth::SchemeToString(Scheme scheme) {
				133	static const char* const kSchemeNames[] = {
				134	"basic",
				135	"digest",
				136	"ntlm",
				137	"negotiate",
[email protected]	ec44ee0	2012-09-28 21:31:51	[diff] [blame]	138	"spdyproxy",
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	139	"mock",
				140	};
mostynb	91e0da98	2015-01-20 19:17:27	[diff] [blame]	141	static_assert(arraysize(kSchemeNames) == AUTH_SCHEME_MAX,
				142	"http auth scheme names incorrect size");
[email protected]	547fc79	2011-01-13 13:31:17	[diff] [blame]	143	if (scheme < AUTH_SCHEME_BASIC \|\| scheme >= AUTH_SCHEME_MAX) {
				144	NOTREACHED();
				145	return "invalid_scheme";
				146	}
				147	return kSchemeNames[scheme];
[email protected]	228404f	2010-06-24 04:31:41	[diff] [blame]	148	}
				149
[email protected]	c3b35c2	2008-09-27 03:19:42	[diff] [blame]	150	} // namespace net