diff options
| author | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-13 13:31:17 +0000 |
|---|---|---|
| committer | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-13 13:31:17 +0000 |
| commit | 547fc79ddbed132ba12797c4f0e0aeecd3b63b8f (patch) | |
| tree | 618e14cd18540b93815df91ffd01bd245d3691b4 | |
| parent | 1597bafcf13b29051d16debae1d561b385550572 (diff) | |
| download | chromium_src-547fc79ddbed132ba12797c4f0e0aeecd3b63b8f.zip chromium_src-547fc79ddbed132ba12797c4f0e0aeecd3b63b8f.tar.gz chromium_src-547fc79ddbed132ba12797c4f0e0aeecd3b63b8f.tar.bz2 | |
Cleanup: Use AUTH_SCHEME enum instead of a string.
BUG=None
TEST=trybots
Review URL: http://codereview.chromium.org/6191001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71318 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | net/http/http_auth.cc | 42 | ||||
| -rw-r--r-- | net/http/http_auth.h | 16 | ||||
| -rw-r--r-- | net/http/http_auth_cache.cc | 8 | ||||
| -rw-r--r-- | net/http/http_auth_cache.h | 26 | ||||
| -rw-r--r-- | net/http/http_auth_cache_unittest.cc | 146 | ||||
| -rw-r--r-- | net/http/http_auth_controller.cc | 25 | ||||
| -rw-r--r-- | net/http/http_auth_controller.h | 6 | ||||
| -rw-r--r-- | net/http/http_auth_handler.cc | 5 | ||||
| -rw-r--r-- | net/http/http_auth_handler.h | 20 | ||||
| -rw-r--r-- | net/http/http_auth_handler_basic.cc | 3 | ||||
| -rw-r--r-- | net/http/http_auth_handler_digest.cc | 3 | ||||
| -rw-r--r-- | net/http/http_auth_handler_factory_unittest.cc | 8 | ||||
| -rw-r--r-- | net/http/http_auth_handler_mock.cc | 3 | ||||
| -rw-r--r-- | net/http/http_auth_handler_negotiate.cc | 3 | ||||
| -rw-r--r-- | net/http/http_auth_handler_ntlm.cc | 3 | ||||
| -rw-r--r-- | net/http/http_auth_unittest.cc | 37 | ||||
| -rw-r--r-- | net/http/http_proxy_client_socket_pool_unittest.cc | 9 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_pool_unittest.cc | 9 | ||||
| -rw-r--r-- | net/socket_stream/socket_stream.cc | 16 | ||||
| -rw-r--r-- | net/spdy/spdy_proxy_client_socket_unittest.cc | 9 |
20 files changed, 232 insertions, 165 deletions
diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc index e7002cf..552d245 100644 --- a/net/http/http_auth.cc +++ b/net/http/http_auth.cc @@ -26,7 +26,7 @@ void HttpAuth::ChooseBestChallenge( const HttpResponseHeaders* headers, Target target, const GURL& origin, - const std::set<std::string>& disabled_schemes, + const std::set<Scheme>& disabled_schemes, const BoundNetLog& net_log, scoped_ptr<HttpAuthHandler>* handler) { DCHECK(http_auth_handler_factory); @@ -47,7 +47,7 @@ void HttpAuth::ChooseBestChallenge( continue; } if (cur.get() && (!best.get() || best->score() < cur->score()) && - (disabled_schemes.find(cur->scheme()) == disabled_schemes.end())) + (disabled_schemes.find(cur->auth_scheme()) == disabled_schemes.end())) best.swap(cur); } handler->swap(best); @@ -58,15 +58,16 @@ HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse( HttpAuthHandler* handler, const HttpResponseHeaders* headers, Target target, - const std::set<std::string>& disabled_schemes, + const std::set<Scheme>& disabled_schemes, std::string* challenge_used) { DCHECK(handler); DCHECK(headers); DCHECK(challenge_used); challenge_used->clear(); - const std::string& current_scheme = handler->scheme(); + HttpAuth::Scheme current_scheme = handler->auth_scheme(); if (disabled_schemes.find(current_scheme) != disabled_schemes.end()) return HttpAuth::AUTHORIZATION_RESULT_REJECT; + std::string current_scheme_name = SchemeToString(current_scheme); const std::string header_name = GetChallengeHeaderName(target); void* iter = NULL; std::string challenge; @@ -74,7 +75,7 @@ HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse( HttpAuth::AUTHORIZATION_RESULT_INVALID; while (headers->EnumerateHeader(&iter, header_name, &challenge)) { HttpAuth::ChallengeTokenizer props(challenge.begin(), challenge.end()); - if (!LowerCaseEqualsASCII(props.scheme(), current_scheme.c_str())) + if (!LowerCaseEqualsASCII(props.scheme(), current_scheme_name.c_str())) continue; authorization_result = handler->HandleAnotherChallenge(&props); if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID) { @@ -151,9 +152,34 @@ std::string HttpAuth::GetAuthorizationHeaderName(Target target) { } // static -std::string HttpAuth::GetAuthTargetString( - HttpAuth::Target target) { - return target == HttpAuth::AUTH_PROXY ? "proxy" : "server"; +std::string HttpAuth::GetAuthTargetString(Target target) { + switch (target) { + case AUTH_PROXY: + return "proxy"; + case AUTH_SERVER: + return "server"; + default: + NOTREACHED(); + return ""; + } +} + +// static +const char* HttpAuth::SchemeToString(Scheme scheme) { + static const char* const kSchemeNames[] = { + "basic", + "digest", + "ntlm", + "negotiate", + "mock", + }; + COMPILE_ASSERT(arraysize(kSchemeNames) == AUTH_SCHEME_MAX, + http_auth_scheme_names_incorrect_size); + if (scheme < AUTH_SCHEME_BASIC || scheme >= AUTH_SCHEME_MAX) { + NOTREACHED(); + return "invalid_scheme"; + } + return kSchemeNames[scheme]; } } // namespace net diff --git a/net/http/http_auth.h b/net/http/http_auth.h index 0034b1f..ef779a1 100644 --- a/net/http/http_auth.h +++ b/net/http/http_auth.h @@ -80,6 +80,15 @@ class HttpAuth { IDENT_SRC_DEFAULT_CREDENTIALS, }; + enum Scheme { + AUTH_SCHEME_BASIC = 0, + AUTH_SCHEME_DIGEST, + AUTH_SCHEME_NTLM, + AUTH_SCHEME_NEGOTIATE, + AUTH_SCHEME_MOCK, + AUTH_SCHEME_MAX, + }; + // Helper structure used by HttpNetworkTransaction to track // the current identity being used for authorization. struct Identity { @@ -103,6 +112,9 @@ class HttpAuth { // messages. static std::string GetAuthTargetString(Target target); + // Returns a string representation of an authentication Scheme. + static const char* SchemeToString(Scheme scheme); + // Iterate through the challenge headers, and pick the best one that // we support. Obtains the implementation class for handling the challenge, // and passes it back in |*handler|. If no supported challenge was found, @@ -117,7 +129,7 @@ class HttpAuth { const HttpResponseHeaders* headers, Target target, const GURL& origin, - const std::set<std::string>& disabled_schemes, + const std::set<Scheme>& disabled_schemes, const BoundNetLog& net_log, scoped_ptr<HttpAuthHandler>* handler); @@ -146,7 +158,7 @@ class HttpAuth { HttpAuthHandler* handler, const HttpResponseHeaders* headers, Target target, - const std::set<std::string>& disabled_schemes, + const std::set<Scheme>& disabled_schemes, std::string* challenge_used); // Breaks up a challenge string into the the auth scheme and parameter list, diff --git a/net/http/http_auth_cache.cc b/net/http/http_auth_cache.cc index cc80861..3ab86c70 100644 --- a/net/http/http_auth_cache.cc +++ b/net/http/http_auth_cache.cc @@ -68,7 +68,7 @@ HttpAuthCache::~HttpAuthCache() { // Performance: O(n), where n is the number of realm entries. HttpAuthCache::Entry* HttpAuthCache::Lookup(const GURL& origin, const std::string& realm, - const std::string& scheme) { + HttpAuth::Scheme scheme) { CheckOriginIsValid(origin); // Linear scan through the realm entries. @@ -104,7 +104,7 @@ HttpAuthCache::Entry* HttpAuthCache::LookupByPath(const GURL& origin, HttpAuthCache::Entry* HttpAuthCache::Add(const GURL& origin, const std::string& realm, - const std::string& scheme, + HttpAuth::Scheme scheme, const std::string& auth_challenge, const string16& username, const string16& password, @@ -183,7 +183,7 @@ void HttpAuthCache::Entry::UpdateStaleChallenge( bool HttpAuthCache::Remove(const GURL& origin, const std::string& realm, - const std::string& scheme, + HttpAuth::Scheme scheme, const string16& username, const string16& password) { for (EntryList::iterator it = entries_.begin(); it != entries_.end(); ++it) { @@ -201,7 +201,7 @@ bool HttpAuthCache::Remove(const GURL& origin, bool HttpAuthCache::UpdateStaleChallenge(const GURL& origin, const std::string& realm, - const std::string& scheme, + HttpAuth::Scheme scheme, const std::string& auth_challenge) { HttpAuthCache::Entry* entry = Lookup(origin, realm, scheme); if (!entry) diff --git a/net/http/http_auth_cache.h b/net/http/http_auth_cache.h index b6c382c..ecdcb35 100644 --- a/net/http/http_auth_cache.h +++ b/net/http/http_auth_cache.h @@ -13,6 +13,7 @@ #include "base/ref_counted.h" #include "base/string16.h" #include "googleurl/src/gurl.h" +#include "net/http/http_auth.h" namespace net { @@ -42,10 +43,11 @@ class HttpAuthCache { // scheme |scheme|. // |origin| - the {scheme, host, port} of the server. // |realm| - case sensitive realm string. - // |scheme| - case sensitive authentication scheme, should be lower-case. + // |scheme| - the authentication scheme (i.e. basic, negotiate). // returns - the matched entry or NULL. - Entry* Lookup(const GURL& origin, const std::string& realm, - const std::string& scheme); + Entry* Lookup(const GURL& origin, + const std::string& realm, + HttpAuth::Scheme scheme); // Find the entry on server |origin| whose protection space includes // |path|. This uses the assumption in RFC 2617 section 2 that deeper @@ -62,7 +64,7 @@ class HttpAuthCache { // paths list. // |origin| - the {scheme, host, port} of the server. // |realm| - the auth realm for the challenge. - // |scheme| - the authentication scheme for the challenge. + // |scheme| - the authentication scheme (i.e. basic, negotiate). // |username| - login information for the realm. // |password| - login information for the realm. // |path| - absolute path for a resource contained in the protection @@ -70,7 +72,7 @@ class HttpAuthCache { // returns - the entry that was just added/updated. Entry* Add(const GURL& origin, const std::string& realm, - const std::string& scheme, + HttpAuth::Scheme scheme, const std::string& auth_challenge, const string16& username, const string16& password, @@ -80,13 +82,13 @@ class HttpAuthCache { // if one exists AND if the cached identity matches (|username|, |password|). // |origin| - the {scheme, host, port} of the server. // |realm| - case sensitive realm string. - // |scheme| - authentication scheme + // |scheme| - the authentication scheme (i.e. basic, negotiate). // |username| - condition to match. // |password| - condition to match. // returns - true if an entry was removed. bool Remove(const GURL& origin, const std::string& realm, - const std::string& scheme, + HttpAuth::Scheme scheme, const string16& username, const string16& password); @@ -97,7 +99,7 @@ class HttpAuthCache { // cache, false otherwise. bool UpdateStaleChallenge(const GURL& origin, const std::string& realm, - const std::string& scheme, + HttpAuth::Scheme scheme, const std::string& auth_challenge); private: @@ -119,8 +121,8 @@ class HttpAuthCache::Entry { return realm_; } - // The authentication scheme string of the challenge - const std::string scheme() const { + // The authentication scheme of the challenge. + const HttpAuth::Scheme scheme() const { return scheme_; } @@ -161,10 +163,10 @@ class HttpAuthCache::Entry { // Returns true if |dir| is contained within the realm's protection space. bool HasEnclosingPath(const std::string& dir); - // |origin_| contains the {scheme, host, port} of the server. + // |origin_| contains the {protocol, host, port} of the server. GURL origin_; std::string realm_; - std::string scheme_; + HttpAuth::Scheme scheme_; // Identity. std::string auth_challenge_; diff --git a/net/http/http_auth_cache_unittest.cc b/net/http/http_auth_cache_unittest.cc index 2c28969..e940527 100644 --- a/net/http/http_auth_cache_unittest.cc +++ b/net/http/http_auth_cache_unittest.cc @@ -19,10 +19,11 @@ namespace { class MockAuthHandler : public HttpAuthHandler { public: - MockAuthHandler(const char* scheme, const std::string& realm, + MockAuthHandler(HttpAuth::Scheme scheme, + const std::string& realm, HttpAuth::Target target) { // Can't use initializer list since these are members of the base class. - scheme_ = scheme; + auth_scheme_ = scheme; realm_ = realm; score_ = 1; target_ = target; @@ -53,8 +54,6 @@ class MockAuthHandler : public HttpAuthHandler { ~MockAuthHandler() {} }; -const char* kBasic = "basic"; -const char* kDigest = "digest"; const char* kRealm1 = "Realm1"; const char* kRealm2 = "Realm2"; const char* kRealm3 = "Realm3"; @@ -80,48 +79,58 @@ TEST(HttpAuthCacheTest, Basic) { // Add cache entries for 3 realms: "Realm1", "Realm2", "Realm3" scoped_ptr<HttpAuthHandler> realm1_handler( - new MockAuthHandler(kBasic, kRealm1, HttpAuth::AUTH_SERVER)); - cache.Add(origin, realm1_handler->realm(), realm1_handler->scheme(), + new MockAuthHandler(HttpAuth::AUTH_SCHEME_BASIC, + kRealm1, + HttpAuth::AUTH_SERVER)); + cache.Add(origin, realm1_handler->realm(), realm1_handler->auth_scheme(), "Basic realm=Realm1", ASCIIToUTF16("realm1-user"), ASCIIToUTF16("realm1-password"), "/foo/bar/index.html"); scoped_ptr<HttpAuthHandler> realm2_handler( - new MockAuthHandler(kBasic, kRealm2, HttpAuth::AUTH_SERVER)); - cache.Add(origin, realm2_handler->realm(), realm2_handler->scheme(), + new MockAuthHandler(HttpAuth::AUTH_SCHEME_BASIC, + kRealm2, + HttpAuth::AUTH_SERVER)); + cache.Add(origin, realm2_handler->realm(), realm2_handler->auth_scheme(), "Basic realm=Realm2", ASCIIToUTF16("realm2-user"), ASCIIToUTF16("realm2-password"), "/foo2/index.html"); scoped_ptr<HttpAuthHandler> realm3_basic_handler( - new MockAuthHandler(kBasic, kRealm3, HttpAuth::AUTH_PROXY)); + new MockAuthHandler(HttpAuth::AUTH_SCHEME_BASIC, + kRealm3, + HttpAuth::AUTH_PROXY)); cache.Add(origin, realm3_basic_handler->realm(), - realm3_basic_handler->scheme(), "Basic realm=Realm3", + realm3_basic_handler->auth_scheme(), "Basic realm=Realm3", ASCIIToUTF16("realm3-basic-user"), ASCIIToUTF16("realm3-basic-password"), ""); scoped_ptr<HttpAuthHandler> realm3_digest_handler( - new MockAuthHandler(kDigest, kRealm3, HttpAuth::AUTH_PROXY)); + new MockAuthHandler(HttpAuth::AUTH_SCHEME_DIGEST, + kRealm3, + HttpAuth::AUTH_PROXY)); cache.Add(origin, realm3_digest_handler->realm(), - realm3_digest_handler->scheme(), "Digest realm=Realm3", + realm3_digest_handler->auth_scheme(), "Digest realm=Realm3", ASCIIToUTF16("realm3-digest-user"), ASCIIToUTF16("realm3-digest-password"), "/baz/index.html"); // There is no Realm4 - entry = cache.Lookup(origin, kRealm4, kBasic); + entry = cache.Lookup(origin, kRealm4, HttpAuth::AUTH_SCHEME_BASIC); EXPECT_TRUE(NULL == entry); // While Realm3 does exist, the origin scheme is wrong. entry = cache.Lookup(GURL("https://www.google.com"), kRealm3, - kBasic); + HttpAuth::AUTH_SCHEME_BASIC); EXPECT_TRUE(NULL == entry); // Realm, origin scheme ok, authentication scheme wrong - entry = cache.Lookup(GURL("http://www.google.com"), kRealm1, kDigest); + entry = cache.Lookup + (GURL("http://www.google.com"), kRealm1, HttpAuth::AUTH_SCHEME_DIGEST); EXPECT_TRUE(NULL == entry); // Valid lookup by origin, realm, scheme. - entry = cache.Lookup(GURL("http://www.google.com:80"), kRealm3, kBasic); + entry = cache.Lookup( + GURL("http://www.google.com:80"), kRealm3, HttpAuth::AUTH_SCHEME_BASIC); ASSERT_FALSE(NULL == entry); - EXPECT_EQ(kBasic, entry->scheme()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_BASIC, entry->scheme()); EXPECT_EQ(kRealm3, entry->realm()); EXPECT_EQ("Basic realm=Realm3", entry->auth_challenge()); EXPECT_EQ(ASCIIToUTF16("realm3-basic-user"), entry->username()); @@ -129,25 +138,27 @@ TEST(HttpAuthCacheTest, Basic) { // Valid lookup by origin, realm, scheme when there's a duplicate // origin, realm in the cache - entry = cache.Lookup(GURL("http://www.google.com:80"), kRealm3, kDigest); + entry = cache.Lookup( + GURL("http://www.google.com:80"), kRealm3, HttpAuth::AUTH_SCHEME_DIGEST); ASSERT_FALSE(NULL == entry); - EXPECT_EQ(kDigest, entry->scheme()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_DIGEST, entry->scheme()); EXPECT_EQ(kRealm3, entry->realm()); EXPECT_EQ("Digest realm=Realm3", entry->auth_challenge()); EXPECT_EQ(ASCIIToUTF16("realm3-digest-user"), entry->username()); EXPECT_EQ(ASCIIToUTF16("realm3-digest-password"), entry->password()); // Valid lookup by realm. - entry = cache.Lookup(origin, kRealm2, kBasic); + entry = cache.Lookup(origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC); ASSERT_FALSE(NULL == entry); - EXPECT_EQ(kBasic, entry->scheme()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_BASIC, entry->scheme()); EXPECT_EQ(kRealm2, entry->realm()); EXPECT_EQ("Basic realm=Realm2", entry->auth_challenge()); EXPECT_EQ(ASCIIToUTF16("realm2-user"), entry->username()); EXPECT_EQ(ASCIIToUTF16("realm2-password"), entry->password()); // Check that subpaths are recognized. - HttpAuthCache::Entry* realm2_entry = cache.Lookup(origin, kRealm2, kBasic); + HttpAuthCache::Entry* realm2_entry = cache.Lookup( + origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC); EXPECT_FALSE(NULL == realm2_entry); // Positive tests: entry = cache.LookupByPath(origin, "/foo2/index.html"); @@ -171,7 +182,7 @@ TEST(HttpAuthCacheTest, Basic) { // Confirm we find the same realm, different auth scheme by path lookup HttpAuthCache::Entry* realm3_digest_entry = - cache.Lookup(origin, kRealm3, kDigest); + cache.Lookup(origin, kRealm3, HttpAuth::AUTH_SCHEME_DIGEST); EXPECT_FALSE(NULL == realm3_digest_entry); entry = cache.LookupByPath(origin, "/baz/index.html"); EXPECT_TRUE(realm3_digest_entry == entry); @@ -182,7 +193,7 @@ TEST(HttpAuthCacheTest, Basic) { // Confirm we find the same realm, different auth scheme by path lookup HttpAuthCache::Entry* realm3DigestEntry = - cache.Lookup(origin, kRealm3, kDigest); + cache.Lookup(origin, kRealm3, HttpAuth::AUTH_SCHEME_DIGEST); EXPECT_FALSE(NULL == realm3DigestEntry); entry = cache.LookupByPath(origin, "/baz/index.html"); EXPECT_TRUE(realm3DigestEntry == entry); @@ -194,7 +205,7 @@ TEST(HttpAuthCacheTest, Basic) { // Lookup using empty path (may be used for proxy). entry = cache.LookupByPath(origin, ""); EXPECT_FALSE(NULL == entry); - EXPECT_EQ(kBasic, entry->scheme()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_BASIC, entry->scheme()); EXPECT_EQ(kRealm3, entry->realm()); } @@ -238,17 +249,18 @@ TEST(HttpAuthCacheTest, AddToExistingEntry) { const std::string auth_challenge = "Basic realm=MyRealm"; scoped_ptr<HttpAuthHandler> handler( - new MockAuthHandler(kBasic, "MyRealm", HttpAuth::AUTH_SERVER)); - + new MockAuthHandler( + HttpAuth::AUTH_SCHEME_BASIC, "MyRealm", HttpAuth::AUTH_SERVER)); HttpAuthCache::Entry* orig_entry = cache.Add( - origin, handler->realm(), handler->scheme(), auth_challenge, + origin, handler->realm(), handler->auth_scheme(), auth_challenge, ASCIIToUTF16("user1"), ASCIIToUTF16("password1"), "/x/y/z/"); - cache.Add(origin, handler->realm(), handler->scheme(), auth_challenge, + cache.Add(origin, handler->realm(), handler->auth_scheme(), auth_challenge, ASCIIToUTF16("user2"), ASCIIToUTF16("password2"), "/z/y/x/"); - cache.Add(origin, handler->realm(), handler->scheme(), auth_challenge, + cache.Add(origin, handler->realm(), handler->auth_scheme(), auth_challenge, ASCIIToUTF16("user3"), ASCIIToUTF16("password3"), "/z/y"); - HttpAuthCache::Entry* entry = cache.Lookup(origin, "MyRealm", kBasic); + HttpAuthCache::Entry* entry = cache.Lookup( + origin, "MyRealm", HttpAuth::AUTH_SCHEME_BASIC); EXPECT_TRUE(entry == orig_entry); EXPECT_EQ(ASCIIToUTF16("user3"), entry->username()); @@ -263,64 +275,80 @@ TEST(HttpAuthCacheTest, Remove) { GURL origin("http://foobar2.com"); scoped_ptr<HttpAuthHandler> realm1_handler( - new MockAuthHandler(kBasic, kRealm1, HttpAuth::AUTH_SERVER)); + new MockAuthHandler( + HttpAuth::AUTH_SCHEME_BASIC, kRealm1, HttpAuth::AUTH_SERVER)); scoped_ptr<HttpAuthHandler> realm2_handler( - new MockAuthHandler(kBasic, kRealm2, HttpAuth::AUTH_SERVER)); + new MockAuthHandler( + HttpAuth::AUTH_SCHEME_BASIC, kRealm2, HttpAuth::AUTH_SERVER)); scoped_ptr<HttpAuthHandler> realm3_basic_handler( - new MockAuthHandler(kBasic, kRealm3, HttpAuth::AUTH_SERVER)); + new MockAuthHandler( + HttpAuth::AUTH_SCHEME_BASIC, kRealm3, HttpAuth::AUTH_SERVER)); scoped_ptr<HttpAuthHandler> realm3_digest_handler( - new MockAuthHandler(kDigest, kRealm3, HttpAuth::AUTH_SERVER)); + new MockAuthHandler( + HttpAuth::AUTH_SCHEME_DIGEST, kRealm3, HttpAuth::AUTH_SERVER)); HttpAuthCache cache; - cache.Add(origin, realm1_handler->realm(), realm1_handler->scheme(), + cache.Add(origin, realm1_handler->realm(), realm1_handler->auth_scheme(), "basic realm=Realm1", kAlice, k123, "/"); - cache.Add(origin, realm2_handler->realm(), realm2_handler->scheme(), + cache.Add(origin, realm2_handler->realm(), realm2_handler->auth_scheme(), "basic realm=Realm2", ASCIIToUTF16("bob"), ASCIIToUTF16("princess"), "/"); cache.Add(origin, realm3_basic_handler->realm(), - realm3_basic_handler->scheme(), "basic realm=Realm3", + realm3_basic_handler->auth_scheme(), "basic realm=Realm3", kAdmin, kPassword, "/"); cache.Add(origin, realm3_digest_handler->realm(), - realm3_digest_handler->scheme(), "digest realm=Realm3", + realm3_digest_handler->auth_scheme(), "digest realm=Realm3", kRoot, kWileCoyote, "/"); // Fails, because there is no realm "Realm4". - EXPECT_FALSE(cache.Remove(origin, kRealm4, kBasic, kAlice, k123)); + EXPECT_FALSE(cache.Remove( + origin, kRealm4, HttpAuth::AUTH_SCHEME_BASIC, kAlice, k123)); // Fails because the origin is wrong. - EXPECT_FALSE(cache.Remove( - GURL("http://foobar2.com:100"), kRealm1, kBasic, kAlice, k123)); + EXPECT_FALSE(cache.Remove(GURL("http://foobar2.com:100"), + kRealm1, + HttpAuth::AUTH_SCHEME_BASIC, + kAlice, + k123)); // Fails because the username is wrong. - EXPECT_FALSE(cache.Remove(origin, kRealm1, kBasic, kAlice2, k123)); + EXPECT_FALSE(cache.Remove( + origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC, kAlice2, k123)); // Fails because the password is wrong. - EXPECT_FALSE(cache.Remove(origin, kRealm1, kBasic, kAlice, k1234)); + EXPECT_FALSE(cache.Remove( + origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC, kAlice, k1234)); // Fails because the authentication type is wrong. - EXPECT_FALSE(cache.Remove(origin, kRealm1, kDigest, kAlice, k123)); + EXPECT_FALSE(cache.Remove( + origin, kRealm1, HttpAuth::AUTH_SCHEME_DIGEST, kAlice, k123)); // Succeeds. - EXPECT_TRUE(cache.Remove(origin, kRealm1, kBasic, kAlice, k123)); + EXPECT_TRUE(cache.Remove( + origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC, kAlice, k123)); // Fails because we just deleted the entry! - EXPECT_FALSE(cache.Remove(origin, kRealm1, kBasic, kAlice, k123)); + EXPECT_FALSE(cache.Remove( + origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC, kAlice, k123)); // Succeed when there are two authentication types for the same origin,realm. - EXPECT_TRUE(cache.Remove(origin, kRealm3, kDigest, kRoot, kWileCoyote)); + EXPECT_TRUE(cache.Remove( + origin, kRealm3, HttpAuth::AUTH_SCHEME_DIGEST, kRoot, kWileCoyote)); // Succeed as above, but when entries were added in opposite order cache.Add(origin, realm3_digest_handler->realm(), - realm3_digest_handler->scheme(), "digest realm=Realm3", + realm3_digest_handler->auth_scheme(), "digest realm=Realm3", kRoot, kWileCoyote, "/"); - EXPECT_TRUE(cache.Remove(origin, kRealm3, kBasic, kAdmin, kPassword)); + EXPECT_TRUE(cache.Remove( + origin, kRealm3, HttpAuth::AUTH_SCHEME_BASIC, kAdmin, kPassword)); // Make sure that removing one entry still leaves the other available for // lookup. - HttpAuthCache::Entry* entry = cache.Lookup(origin, kRealm3, kDigest); + HttpAuthCache::Entry* entry = cache.Lookup( + origin, kRealm3, HttpAuth::AUTH_SCHEME_DIGEST); EXPECT_FALSE(NULL == entry); } @@ -328,11 +356,12 @@ TEST(HttpAuthCacheTest, UpdateStaleChallenge) { HttpAuthCache cache; GURL origin("http://foobar2.com"); scoped_ptr<HttpAuthHandler> digest_handler( - new MockAuthHandler(kDigest, kRealm1, HttpAuth::AUTH_PROXY)); + new MockAuthHandler( + HttpAuth::AUTH_SCHEME_DIGEST, kRealm1, HttpAuth::AUTH_PROXY)); HttpAuthCache::Entry* entry_pre = cache.Add( origin, digest_handler->realm(), - digest_handler->scheme(), + digest_handler->auth_scheme(), "Digest realm=Realm1," "nonce=\"s3MzvFhaBAA=4c520af5acd9d8d7ae26947529d18c8eae1e98f4\"", ASCIIToUTF16("realm-digest-user"), @@ -347,7 +376,7 @@ TEST(HttpAuthCacheTest, UpdateStaleChallenge) { bool update_success = cache.UpdateStaleChallenge( origin, digest_handler->realm(), - digest_handler->scheme(), + digest_handler->auth_scheme(), "Digest realm=Realm1," "nonce=\"claGgoRXBAA=7583377687842fdb7b56ba0555d175baa0b800e3\"," "stale=\"true\""); @@ -358,7 +387,7 @@ TEST(HttpAuthCacheTest, UpdateStaleChallenge) { HttpAuthCache::Entry* entry_post = cache.Lookup( origin, digest_handler->realm(), - digest_handler->scheme()); + digest_handler->auth_scheme()); ASSERT_TRUE(entry_post != NULL); EXPECT_EQ(2, entry_post->IncrementNonceCount()); @@ -366,7 +395,7 @@ TEST(HttpAuthCacheTest, UpdateStaleChallenge) { bool update_failure = cache.UpdateStaleChallenge( origin, kRealm2, - digest_handler->scheme(), + digest_handler->auth_scheme(), "Digest realm=Realm2," "nonce=\"claGgoRXBAA=7583377687842fdb7b56ba0555d175baa0b800e3\"," "stale=\"true\""); @@ -392,13 +421,14 @@ class HttpAuthCacheEvictionTest : public testing::Test { } void AddPathToRealm(int realm_i, int path_i) { - cache_.Add(origin_, GenerateRealm(realm_i), kBasic, "", + cache_.Add(origin_, GenerateRealm(realm_i), HttpAuth::AUTH_SCHEME_BASIC, "", kUsername, kPassword, GeneratePath(realm_i, path_i)); } void CheckRealmExistence(int realm_i, bool exists) { const HttpAuthCache::Entry* entry = - cache_.Lookup(origin_, GenerateRealm(realm_i), kBasic); + cache_.Lookup( + origin_, GenerateRealm(realm_i), HttpAuth::AUTH_SCHEME_BASIC); if (exists) { EXPECT_FALSE(entry == NULL); EXPECT_EQ(GenerateRealm(realm_i), entry->realm()); diff --git a/net/http/http_auth_controller.cc b/net/http/http_auth_controller.cc index ddd0bdb..f438ea4 100644 --- a/net/http/http_auth_controller.cc +++ b/net/http/http_auth_controller.cc @@ -96,8 +96,8 @@ void HistogramAuthEvent(HttpAuthHandler* handler, AuthEvent auth_event) { DCHECK_EQ(first_thread, base::PlatformThread::CurrentId()); #endif - HttpAuthHandler::AuthScheme auth_scheme = handler->auth_scheme(); - DCHECK(auth_scheme >= 0 && auth_scheme < HttpAuthHandler::AUTH_SCHEME_MAX); + HttpAuth::Scheme auth_scheme = handler->auth_scheme(); + DCHECK(auth_scheme >= 0 && auth_scheme < HttpAuth::AUTH_SCHEME_MAX); // Record start and rejection events for authentication. // @@ -111,7 +111,7 @@ void HistogramAuthEvent(HttpAuthHandler* handler, AuthEvent auth_event) { // Negotiate Start: 6 // Negotiate Reject: 7 static const int kEventBucketsEnd = - HttpAuthHandler::AUTH_SCHEME_MAX * AUTH_EVENT_MAX; + HttpAuth::AUTH_SCHEME_MAX * AUTH_EVENT_MAX; int event_bucket = auth_scheme * AUTH_EVENT_MAX + auth_event; DCHECK(event_bucket >= 0 && event_bucket < kEventBucketsEnd); UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthCount", event_bucket, @@ -139,7 +139,7 @@ void HistogramAuthEvent(HttpAuthHandler* handler, AuthEvent auth_event) { if (auth_event != AUTH_EVENT_START) return; static const int kTargetBucketsEnd = - HttpAuthHandler::AUTH_SCHEME_MAX * AUTH_TARGET_MAX; + HttpAuth::AUTH_SCHEME_MAX * AUTH_TARGET_MAX; AuthTarget auth_target = DetermineAuthTarget(handler); int target_bucket = auth_scheme * AUTH_TARGET_MAX + auth_target; DCHECK(target_bucket >= 0 && target_bucket < kTargetBucketsEnd); @@ -282,7 +282,7 @@ int HttpAuthController::HandleAuthChallenge( case HttpAuth::AUTHORIZATION_RESULT_STALE: if (http_auth_cache_->UpdateStaleChallenge(auth_origin_, handler_->realm(), - handler_->scheme(), + handler_->auth_scheme(), challenge_used)) { handler_.reset(); identity_ = HttpAuth::Identity(); @@ -388,7 +388,7 @@ void HttpAuthController::ResetAuth(const string16& username, break; default: http_auth_cache_->Add(auth_origin_, handler_->realm(), - handler_->scheme(), handler_->challenge(), + handler_->auth_scheme(), handler_->challenge(), identity_.username, identity_.password, auth_path_); break; @@ -426,7 +426,7 @@ void HttpAuthController::InvalidateRejectedAuthFromCache() { // Note: we require the username/password to match before invalidating // since the entry in the cache may be newer than what we used last time. http_auth_cache_->Remove(auth_origin_, handler_->realm(), - handler_->scheme(), identity_.username, + handler_->auth_scheme(), identity_.username, identity_.password); } @@ -453,7 +453,7 @@ bool HttpAuthController::SelectNextAuthIdentityToTry() { // Check the auth cache for a realm entry. HttpAuthCache::Entry* entry = http_auth_cache_->Lookup(auth_origin_, handler_->realm(), - handler_->scheme()); + handler_->auth_scheme()); if (entry) { identity_.source = HttpAuth::IDENT_SRC_REALM_LOOKUP; @@ -487,7 +487,8 @@ void HttpAuthController::PopulateAuthChallenge() { auth_info_ = new AuthChallengeInfo; auth_info_->is_proxy = target_ == HttpAuth::AUTH_PROXY; auth_info_->host_and_port = ASCIIToWide(GetHostAndPort(auth_origin_)); - auth_info_->scheme = ASCIIToWide(handler_->scheme()); + auth_info_->scheme = ASCIIToWide( + HttpAuth::SchemeToString(handler_->auth_scheme())); // TODO(eroman): decode realm according to RFC 2047. auth_info_->realm = ASCIIToWide(handler_->realm()); } @@ -497,7 +498,7 @@ void HttpAuthController::OnIOComplete(int result) { // This error occurs with GSSAPI, if the user has not already logged in. // In that case, disable the current scheme as it cannot succeed. if (result == ERR_MISSING_AUTH_CREDENTIALS) { - DisableAuthScheme(handler_->scheme()); + DisableAuthScheme(handler_->auth_scheme()); auth_token_.clear(); result = OK; } @@ -513,12 +514,12 @@ scoped_refptr<AuthChallengeInfo> HttpAuthController::auth_info() { return auth_info_; } -bool HttpAuthController::IsAuthSchemeDisabled(const std::string& scheme) const { +bool HttpAuthController::IsAuthSchemeDisabled(HttpAuth::Scheme scheme) const { DCHECK(CalledOnValidThread()); return disabled_schemes_.find(scheme) != disabled_schemes_.end(); } -void HttpAuthController::DisableAuthScheme(const std::string& scheme) { +void HttpAuthController::DisableAuthScheme(HttpAuth::Scheme scheme) { DCHECK(CalledOnValidThread()); disabled_schemes_.insert(scheme); } diff --git a/net/http/http_auth_controller.h b/net/http/http_auth_controller.h index 85d9fa1..0b7f430 100644 --- a/net/http/http_auth_controller.h +++ b/net/http/http_auth_controller.h @@ -69,8 +69,8 @@ class HttpAuthController : public base::RefCounted<HttpAuthController>, virtual scoped_refptr<AuthChallengeInfo> auth_info(); - virtual bool IsAuthSchemeDisabled(const std::string& scheme) const; - virtual void DisableAuthScheme(const std::string& scheme); + virtual bool IsAuthSchemeDisabled(HttpAuth::Scheme scheme) const; + virtual void DisableAuthScheme(HttpAuth::Scheme scheme); private: // So that we can mock this object. @@ -146,7 +146,7 @@ class HttpAuthController : public base::RefCounted<HttpAuthController>, HttpAuthCache* const http_auth_cache_; HttpAuthHandlerFactory* const http_auth_handler_factory_; - std::set<std::string> disabled_schemes_; + std::set<HttpAuth::Scheme> disabled_schemes_; CompletionCallbackImpl<HttpAuthController> io_callback_; CompletionCallback* user_callback_; diff --git a/net/http/http_auth_handler.cc b/net/http/http_auth_handler.cc index 997e574..51bd6aa 100644 --- a/net/http/http_auth_handler.cc +++ b/net/http/http_auth_handler.cc @@ -10,7 +10,7 @@ namespace net { HttpAuthHandler::HttpAuthHandler() - : auth_scheme_(AUTH_SCHEME_MAX), + : auth_scheme_(HttpAuth::AUTH_SCHEME_MAX), score_(-1), target_(HttpAuth::AUTH_NONE), properties_(-1), @@ -39,10 +39,9 @@ bool HttpAuthHandler::InitFromChallenge( // Init() is expected to set the scheme, realm, score, and properties. The // realm may be empty. - DCHECK(!ok || !scheme().empty()); DCHECK(!ok || score_ != -1); DCHECK(!ok || properties_ != -1); - DCHECK(!ok || auth_scheme_ != AUTH_SCHEME_MAX); + DCHECK(!ok || auth_scheme_ != HttpAuth::AUTH_SCHEME_MAX); return ok; } diff --git a/net/http/http_auth_handler.h b/net/http/http_auth_handler.h index 65340df..0a574e5 100644 --- a/net/http/http_auth_handler.h +++ b/net/http/http_auth_handler.h @@ -22,14 +22,6 @@ struct HttpRequestInfo; // HttpAuthHandler objects are typically created by an HttpAuthHandlerFactory. class HttpAuthHandler { public: - enum AuthScheme { - AUTH_SCHEME_BASIC = 0, - AUTH_SCHEME_DIGEST, - AUTH_SCHEME_NTLM, - AUTH_SCHEME_NEGOTIATE, - AUTH_SCHEME_MAX, - }; - HttpAuthHandler(); virtual ~HttpAuthHandler(); @@ -84,15 +76,10 @@ class HttpAuthHandler { std::string* auth_token); // The authentication scheme as an enumerated value. - AuthScheme auth_scheme() const { + HttpAuth::Scheme auth_scheme() const { return auth_scheme_; } - // Lowercase name of the auth scheme - const std::string& scheme() const { - return scheme_; - } - // The realm value that was parsed during Init(). const std::string& realm() const { return realm_; @@ -171,10 +158,7 @@ class HttpAuthHandler { std::string* auth_token) = 0; // The auth-scheme as an enumerated value. - AuthScheme auth_scheme_; - - // The lowercase auth-scheme {"basic", "digest", "ntlm", "negotiate"} - std::string scheme_; + HttpAuth::Scheme auth_scheme_; // The realm. Used by "basic" and "digest". std::string realm_; diff --git a/net/http/http_auth_handler_basic.cc b/net/http/http_auth_handler_basic.cc index 8ee775d..e48aa67 100644 --- a/net/http/http_auth_handler_basic.cc +++ b/net/http/http_auth_handler_basic.cc @@ -23,8 +23,7 @@ namespace net { // We allow it to be compatibility with certain embedded webservers that don't // include a realm (see http://crbug.com/20984.) bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) { - auth_scheme_ = AUTH_SCHEME_BASIC; - scheme_ = "basic"; + auth_scheme_ = HttpAuth::AUTH_SCHEME_BASIC; score_ = 1; properties_ = 0; return ParseChallenge(challenge); diff --git a/net/http/http_auth_handler_digest.cc b/net/http/http_auth_handler_digest.cc index 2b103f4..7c5526c 100644 --- a/net/http/http_auth_handler_digest.cc +++ b/net/http/http_auth_handler_digest.cc @@ -266,8 +266,7 @@ HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( // webserver was not sending the realm with a BASIC challenge). bool HttpAuthHandlerDigest::ParseChallenge( HttpAuth::ChallengeTokenizer* challenge) { - auth_scheme_ = AUTH_SCHEME_DIGEST; - scheme_ = "digest"; + auth_scheme_ = HttpAuth::AUTH_SCHEME_DIGEST; score_ = 2; properties_ = ENCRYPTS_IDENTITY; diff --git a/net/http/http_auth_handler_factory_unittest.cc b/net/http/http_auth_handler_factory_unittest.cc index 0b90f19..fb6e370 100644 --- a/net/http/http_auth_handler_factory_unittest.cc +++ b/net/http/http_auth_handler_factory_unittest.cc @@ -114,7 +114,7 @@ TEST(HttpAuthHandlerFactoryTest, DefaultFactory) { &handler); EXPECT_EQ(OK, rv); ASSERT_FALSE(handler.get() == NULL); - EXPECT_STREQ("basic", handler->scheme().c_str()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_BASIC, handler->auth_scheme()); EXPECT_STREQ("FooBar", handler->realm().c_str()); EXPECT_EQ(HttpAuth::AUTH_SERVER, handler->target()); EXPECT_FALSE(handler->encrypts_identity()); @@ -141,7 +141,7 @@ TEST(HttpAuthHandlerFactoryTest, DefaultFactory) { &handler); EXPECT_EQ(OK, rv); ASSERT_FALSE(handler.get() == NULL); - EXPECT_STREQ("digest", handler->scheme().c_str()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_DIGEST, handler->auth_scheme()); EXPECT_STREQ("FooBar", handler->realm().c_str()); EXPECT_EQ(HttpAuth::AUTH_PROXY, handler->target()); EXPECT_TRUE(handler->encrypts_identity()); @@ -157,7 +157,7 @@ TEST(HttpAuthHandlerFactoryTest, DefaultFactory) { &handler); EXPECT_EQ(OK, rv); ASSERT_FALSE(handler.get() == NULL); - EXPECT_STREQ("ntlm", handler->scheme().c_str()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_NTLM, handler->auth_scheme()); EXPECT_STREQ("", handler->realm().c_str()); EXPECT_EQ(HttpAuth::AUTH_SERVER, handler->target()); EXPECT_TRUE(handler->encrypts_identity()); @@ -173,7 +173,7 @@ TEST(HttpAuthHandlerFactoryTest, DefaultFactory) { &handler); EXPECT_EQ(OK, rv); ASSERT_FALSE(handler.get() == NULL); - EXPECT_STREQ("negotiate", handler->scheme().c_str()); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_NEGOTIATE, handler->auth_scheme()); EXPECT_STREQ("", handler->realm().c_str()); EXPECT_EQ(HttpAuth::AUTH_SERVER, handler->target()); EXPECT_TRUE(handler->encrypts_identity()); diff --git a/net/http/http_auth_handler_mock.cc b/net/http/http_auth_handler_mock.cc index 0a49169..b4e2268 100644 --- a/net/http/http_auth_handler_mock.cc +++ b/net/http/http_auth_handler_mock.cc @@ -72,8 +72,7 @@ void HttpAuthHandlerMock::SetGenerateExpectation(bool async, int rv) { } bool HttpAuthHandlerMock::Init(HttpAuth::ChallengeTokenizer* challenge) { - auth_scheme_ = AUTH_SCHEME_BASIC; - scheme_ = "mock"; + auth_scheme_ = HttpAuth::AUTH_SCHEME_MOCK; score_ = 1; properties_ = connection_based_ ? IS_CONNECTION_BASED : 0; return true; diff --git a/net/http/http_auth_handler_negotiate.cc b/net/http/http_auth_handler_negotiate.cc index 2544728..cedd282 100644 --- a/net/http/http_auth_handler_negotiate.cc +++ b/net/http/http_auth_handler_negotiate.cc @@ -93,8 +93,7 @@ bool HttpAuthHandlerNegotiate::Init(HttpAuth::ChallengeTokenizer* challenge) { #endif if (CanDelegate()) auth_system_.Delegate(); - auth_scheme_ = AUTH_SCHEME_NEGOTIATE; - scheme_ = "negotiate"; + auth_scheme_ = HttpAuth::AUTH_SCHEME_NEGOTIATE; score_ = 4; properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED; HttpAuth::AuthorizationResult auth_result = diff --git a/net/http/http_auth_handler_ntlm.cc b/net/http/http_auth_handler_ntlm.cc index f987e48..c3e44ba 100644 --- a/net/http/http_auth_handler_ntlm.cc +++ b/net/http/http_auth_handler_ntlm.cc @@ -93,8 +93,7 @@ int HttpAuthHandlerNTLM::GenerateAuthTokenImpl( } bool HttpAuthHandlerNTLM::Init(HttpAuth::ChallengeTokenizer* tok) { - auth_scheme_ = AUTH_SCHEME_NTLM; - scheme_ = "ntlm"; + auth_scheme_ = HttpAuth::AUTH_SCHEME_NTLM; score_ = 3; properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED; diff --git a/net/http/http_auth_unittest.cc b/net/http/http_auth_unittest.cc index 63ae3b0..f45d215 100644 --- a/net/http/http_auth_unittest.cc +++ b/net/http/http_auth_unittest.cc @@ -26,7 +26,7 @@ namespace { HttpAuthHandlerMock* CreateMockHandler(bool connection_based) { HttpAuthHandlerMock* auth_handler = new HttpAuthHandlerMock(); auth_handler->set_connection_based(connection_based); - std::string challenge_text = "Mock"; + std::string challenge_text = "Basic"; HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), challenge_text.end()); GURL origin("www.example.com"); @@ -48,7 +48,7 @@ HttpAuth::AuthorizationResult HandleChallengeResponse( std::string* challenge_used) { scoped_ptr<HttpAuthHandlerMock> mock_handler( CreateMockHandler(connection_based)); - std::set<std::string> disabled_schemes; + std::set<HttpAuth::Scheme> disabled_schemes; scoped_refptr<HttpResponseHeaders> headers( HeadersFromResponseText(headers_text)); return HttpAuth::HandleChallengeResponse( @@ -64,56 +64,57 @@ HttpAuth::AuthorizationResult HandleChallengeResponse( TEST(HttpAuthTest, ChooseBestChallenge) { static const struct { const char* headers; - const char* challenge_scheme; + HttpAuth::Scheme challenge_scheme; const char* challenge_realm; } tests[] = { { + // Basic is the only challenge type, pick it. "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n" "www-authenticate: Basic realm=\"BasicRealm\"\n", - // Basic is the only challenge type, pick it. - "basic", + HttpAuth::AUTH_SCHEME_BASIC, "BasicRealm", }, { + // Fake is the only challenge type, but it is unsupported. "Y: Digest realm=\"FooBar\", nonce=\"aaaaaaaaaa\"\n" "www-authenticate: Fake realm=\"FooBar\"\n", - // Fake is the only challenge type, but it is unsupported. - "", + HttpAuth::AUTH_SCHEME_MAX, "", }, { + // Pick Digest over Basic. "www-authenticate: Basic realm=\"FooBar\"\n" "www-authenticate: Fake realm=\"FooBar\"\n" "www-authenticate: nonce=\"aaaaaaaaaa\"\n" "www-authenticate: Digest realm=\"DigestRealm\", nonce=\"aaaaaaaaaa\"\n", - // Pick Digset over Basic - "digest", + HttpAuth::AUTH_SCHEME_DIGEST, "DigestRealm", }, { + // Handle an empty header correctly. "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n" "www-authenticate:\n", - // Handle null header value. - "", + HttpAuth::AUTH_SCHEME_MAX, "", }, { - "WWW-Authenticate: Negotiate\n" - "WWW-Authenticate: NTLM\n", - + // Choose Negotiate over NTLM on all platforms. // TODO(ahendrickson): This may be flaky on Linux and OSX as it // relies on being able to load one of the known .so files // for gssapi. - "negotiate", + "WWW-Authenticate: Negotiate\n" + "WWW-Authenticate: NTLM\n", + + HttpAuth::AUTH_SCHEME_NEGOTIATE, "", } }; GURL origin("http://www.example.com"); - std::set<std::string> disabled_schemes; + std::set<HttpAuth::Scheme> disabled_schemes; URLSecurityManagerAllow url_security_manager; scoped_ptr<HostResolver> host_resolver(new MockHostResolver()); scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory( @@ -138,10 +139,10 @@ TEST(HttpAuthTest, ChooseBestChallenge) { &handler); if (handler.get()) { - EXPECT_STREQ(tests[i].challenge_scheme, handler->scheme().c_str()); + EXPECT_EQ(tests[i].challenge_scheme, handler->auth_scheme()); EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str()); } else { - EXPECT_STREQ("", tests[i].challenge_scheme); + EXPECT_EQ(HttpAuth::AUTH_SCHEME_MAX, tests[i].challenge_scheme); EXPECT_STREQ("", tests[i].challenge_realm); } } diff --git a/net/http/http_proxy_client_socket_pool_unittest.cc b/net/http/http_proxy_client_socket_pool_unittest.cc index 8c6d545..da4970f 100644 --- a/net/http/http_proxy_client_socket_pool_unittest.cc +++ b/net/http/http_proxy_client_socket_pool_unittest.cc @@ -107,8 +107,13 @@ class HttpProxyClientSocketPoolTest : public TestWithHttpParam { void AddAuthToCache() { const string16 kFoo(ASCIIToUTF16("foo")); const string16 kBar(ASCIIToUTF16("bar")); - session_->auth_cache()->Add(GURL("http://proxy/"), "MyRealm1", "Basic", - "Basic realm=MyRealm1", kFoo, kBar, "/"); + session_->auth_cache()->Add(GURL("http://proxy/"), + "MyRealm1", + HttpAuth::AUTH_SCHEME_BASIC, + "Basic realm=MyRealm1", + kFoo, + kBar, + "/"); } scoped_refptr<TCPSocketParams> GetTcpParams() { diff --git a/net/socket/ssl_client_socket_pool_unittest.cc b/net/socket/ssl_client_socket_pool_unittest.cc index 37e21ca..646f03d 100644 --- a/net/socket/ssl_client_socket_pool_unittest.cc +++ b/net/socket/ssl_client_socket_pool_unittest.cc @@ -129,8 +129,13 @@ class SSLClientSocketPoolTest : public testing::Test { void AddAuthToCache() { const string16 kFoo(ASCIIToUTF16("foo")); const string16 kBar(ASCIIToUTF16("bar")); - session_->auth_cache()->Add(GURL("http://proxy:443/"), "MyRealm1", "Basic", - "Basic realm=MyRealm1", kFoo, kBar, "/"); + session_->auth_cache()->Add(GURL("http://proxy:443/"), + "MyRealm1", + HttpAuth::AUTH_SCHEME_BASIC, + "Basic realm=MyRealm1", + kFoo, + kBar, + "/"); } MockClientSocketFactory socket_factory_; diff --git a/net/socket_stream/socket_stream.cc b/net/socket_stream/socket_stream.cc index 21c8e74..573b5d0 100644 --- a/net/socket_stream/socket_stream.cc +++ b/net/socket_stream/socket_stream.cc @@ -614,7 +614,8 @@ int SocketStream::DoWriteTunnelHeaders() { // Support basic authentication scheme only, because we don't have // HttpRequestInfo. // TODO(ukai): Add support other authentication scheme. - if (auth_handler_.get() && auth_handler_->scheme() == "basic") { + if (auth_handler_.get() && + auth_handler_->auth_scheme() == HttpAuth::AUTH_SCHEME_BASIC) { HttpRequestInfo request_info; std::string auth_token; int rv = auth_handler_->GenerateAuthToken( @@ -749,7 +750,8 @@ int SocketStream::DoReadTunnelHeadersComplete(int result) { auth_info_->is_proxy = true; auth_info_->host_and_port = ASCIIToWide(proxy_info_.proxy_server().host_port_pair().ToString()); - auth_info_->scheme = ASCIIToWide(auth_handler_->scheme()); + auth_info_->scheme = ASCIIToWide( + HttpAuth::SchemeToString(auth_handler_->auth_scheme())); auth_info_->realm = ASCIIToWide(auth_handler_->realm()); // Wait until RestartWithAuth or Close is called. MessageLoop::current()->PostTask( @@ -944,7 +946,7 @@ int SocketStream::HandleAuthChallenge(const HttpResponseHeaders* headers) { if (auth_identity_.source != HttpAuth::IDENT_SRC_PATH_LOOKUP) auth_cache_.Remove(auth_origin, auth_handler_->realm(), - auth_handler_->scheme(), + auth_handler_->auth_scheme(), auth_identity_.username, auth_identity_.password); auth_handler_.reset(); @@ -952,7 +954,7 @@ int SocketStream::HandleAuthChallenge(const HttpResponseHeaders* headers) { } auth_identity_.invalid = true; - std::set<std::string> disabled_schemes; + std::set<HttpAuth::Scheme> disabled_schemes; HttpAuth::ChooseBestChallenge(http_auth_handler_factory_, headers, HttpAuth::AUTH_PROXY, auth_origin, disabled_schemes, @@ -964,8 +966,8 @@ int SocketStream::HandleAuthChallenge(const HttpResponseHeaders* headers) { if (auth_handler_->NeedsIdentity()) { // We only support basic authentication scheme now. // TODO(ukai): Support other authentication scheme. - HttpAuthCache::Entry* entry = - auth_cache_.Lookup(auth_origin, auth_handler_->realm(), "basic"); + HttpAuthCache::Entry* entry = auth_cache_.Lookup( + auth_origin, auth_handler_->realm(), HttpAuth::AUTH_SCHEME_BASIC); if (entry) { auth_identity_.source = HttpAuth::IDENT_SRC_REALM_LOOKUP; auth_identity_.invalid = false; @@ -991,7 +993,7 @@ void SocketStream::DoRestartWithAuth() { DCHECK_EQ(next_state_, STATE_AUTH_REQUIRED); auth_cache_.Add(ProxyAuthOrigin(), auth_handler_->realm(), - auth_handler_->scheme(), + auth_handler_->auth_scheme(), auth_handler_->challenge(), auth_identity_.username, auth_identity_.password, diff --git a/net/spdy/spdy_proxy_client_socket_unittest.cc b/net/spdy/spdy_proxy_client_socket_unittest.cc index c4c5f2c..8ceea45 100644 --- a/net/spdy/spdy_proxy_client_socket_unittest.cc +++ b/net/spdy/spdy_proxy_client_socket_unittest.cc @@ -84,8 +84,13 @@ class SpdyProxyClientSocketTest : public PlatformTest { void AddAuthToCache() { const string16 kFoo(ASCIIToUTF16("foo")); const string16 kBar(ASCIIToUTF16("bar")); - session_->auth_cache()->Add(GURL(kProxyUrl), "MyRealm1", "Basic", - "Basic realm=MyRealm1", kFoo, kBar, "/"); + session_->auth_cache()->Add(GURL(kProxyUrl), + "MyRealm1", + HttpAuth::AUTH_SCHEME_BASIC, + "Basic realm=MyRealm1", + kFoo, + kBar, + "/"); } void Run(int steps) { |