diff options
| author | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-13 00:43:24 +0000 |
|---|---|---|
| committer | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-13 00:43:24 +0000 |
| commit | df41d0d839ab3ef1884b35a824179b9cd1a3c1b2 (patch) | |
| tree | 7f75bab154a66a71bc770ca3b0022ca1b5751b28 | |
| parent | 69c5613f1bc410b0fcfa5e16128c388a0e579e40 (diff) | |
| download | chromium_src-df41d0d839ab3ef1884b35a824179b9cd1a3c1b2.zip chromium_src-df41d0d839ab3ef1884b35a824179b9cd1a3c1b2.tar.gz chromium_src-df41d0d839ab3ef1884b35a824179b9cd1a3c1b2.tar.bz2 | |
Move HttpAuth::ChallengeTokenizer to its own file.
Avoids a circulate dependency in preparation of using this tokenizer to strip
private data from net-export logs.
BUG=349502
Review URL: https://codereview.chromium.org/191563004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@256715 0039d316-1c4b-4281-b951-d872f2087c98
40 files changed, 444 insertions, 375 deletions
diff --git a/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.cc b/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.cc index 207fc31..6050639 100644 --- a/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.cc +++ b/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.cc @@ -14,6 +14,7 @@ #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" #include "net/http/http_auth.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_request_info.h" namespace spdyproxy { @@ -22,6 +23,7 @@ using net::AuthCredentials; using net::BoundNetLog; using net::CompletionCallback; using net::HttpAuth; +using net::HttpAuthChallengeTokenizer; using net::HttpAuthHandler; using net::HttpAuthHandlerFactory; using net::HttpRequestInfo; @@ -42,7 +44,7 @@ HttpAuthHandlerSpdyProxy::Factory::~Factory() { } int HttpAuthHandlerSpdyProxy::Factory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -76,7 +78,7 @@ int HttpAuthHandlerSpdyProxy::Factory::CreateAuthHandler( HttpAuth::AuthorizationResult HttpAuthHandlerSpdyProxy::HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { // SpdyProxy authentication is always a single round, so any responses // should be treated as a rejection. return HttpAuth::AUTHORIZATION_RESULT_REJECT; @@ -97,7 +99,7 @@ bool HttpAuthHandlerSpdyProxy::AllowsExplicitCredentials() { HttpAuthHandlerSpdyProxy::~HttpAuthHandlerSpdyProxy() {} bool HttpAuthHandlerSpdyProxy::Init( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { auth_scheme_ = HttpAuth::AUTH_SCHEME_SPDYPROXY; score_ = 5; properties_ = ENCRYPTS_IDENTITY; @@ -119,7 +121,7 @@ int HttpAuthHandlerSpdyProxy::GenerateAuthTokenImpl( } bool HttpAuthHandlerSpdyProxy::ParseChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { // Verify the challenge's auth-scheme. if (!LowerCaseEqualsASCII(challenge->scheme(), "spdyproxy")) { diff --git a/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.h b/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.h index e3125b7..570128d 100644 --- a/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.h +++ b/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy.h @@ -25,7 +25,7 @@ class HttpAuthHandlerSpdyProxy : public net::HttpAuthHandler { virtual ~Factory(); virtual int CreateAuthHandler( - net::HttpAuth::ChallengeTokenizer* challenge, + net::HttpAuthChallengeTokenizer* challenge, net::HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -43,7 +43,7 @@ class HttpAuthHandlerSpdyProxy : public net::HttpAuthHandler { // Overrides from net::HttpAuthHandler. virtual net::HttpAuth::AuthorizationResult HandleAnotherChallenge( - net::HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + net::HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual bool NeedsIdentity() OVERRIDE; virtual bool AllowsDefaultCredentials() OVERRIDE; virtual bool AllowsExplicitCredentials() OVERRIDE; @@ -53,14 +53,14 @@ class HttpAuthHandlerSpdyProxy : public net::HttpAuthHandler { virtual ~HttpAuthHandlerSpdyProxy(); - virtual bool Init(net::HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + virtual bool Init(net::HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual int GenerateAuthTokenImpl(const net::AuthCredentials* credentials, const net::HttpRequestInfo* request, const net::CompletionCallback& callback, std::string* auth_token) OVERRIDE; - bool ParseChallenge(net::HttpAuth::ChallengeTokenizer* challenge); + bool ParseChallenge(net::HttpAuthChallengeTokenizer* challenge); bool ParseChallengeProperty(const std::string& name, const std::string& value); diff --git a/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy_unittest.cc b/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy_unittest.cc index f777e2b..fdf5bc5 100644 --- a/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy_unittest.cc +++ b/chrome/browser/net/spdyproxy/http_auth_handler_spdyproxy_unittest.cc @@ -12,6 +12,7 @@ #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_request_info.h" #include "testing/gtest/include/gtest/gtest.h" @@ -34,6 +35,7 @@ using net::BoundNetLog; using net::CompletionCallback; using net::Error; using net::HttpAuth; +using net::HttpAuthChallengeTokenizer; using net::HttpAuthHandler; using net::HttpRequestInfo; @@ -119,7 +121,7 @@ TEST(HttpAuthHandlerSpdyProxyTest, HandleAnotherChallenge) { kValidChallenge, HttpAuth::AUTH_PROXY, origin, BoundNetLog(), &spdyproxy)); std::string challenge(kValidChallenge); - HttpAuth::ChallengeTokenizer tok(challenge.begin(), + HttpAuthChallengeTokenizer tok(challenge.begin(), challenge.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, spdyproxy->HandleAnotherChallenge(&tok)); diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc index 3cc9db1..4c6d3e8 100644 --- a/net/http/http_auth.cc +++ b/net/http/http_auth.cc @@ -10,6 +10,7 @@ #include "base/strings/string_tokenizer.h" #include "base/strings/string_util.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_handler.h" #include "net/http/http_auth_handler_factory.h" #include "net/http/http_request_headers.h" @@ -74,7 +75,7 @@ HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse( HttpAuth::AuthorizationResult authorization_result = HttpAuth::AUTHORIZATION_RESULT_INVALID; while (headers->EnumerateHeader(&iter, header_name, &challenge)) { - HttpAuth::ChallengeTokenizer props(challenge.begin(), challenge.end()); + HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end()); if (!LowerCaseEqualsASCII(props.scheme(), current_scheme_name.c_str())) continue; authorization_result = handler->HandleAnotherChallenge(&props); @@ -87,56 +88,6 @@ HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse( return HttpAuth::AUTHORIZATION_RESULT_REJECT; } -HttpAuth::ChallengeTokenizer::ChallengeTokenizer( - std::string::const_iterator begin, - std::string::const_iterator end) - : begin_(begin), - end_(end), - scheme_begin_(begin), - scheme_end_(begin), - params_begin_(end), - params_end_(end) { - Init(begin, end); -} - -HttpUtil::NameValuePairsIterator HttpAuth::ChallengeTokenizer::param_pairs() - const { - return HttpUtil::NameValuePairsIterator(params_begin_, params_end_, ','); -} - -std::string HttpAuth::ChallengeTokenizer::base64_param() const { - // Strip off any padding. - // (See https://bugzilla.mozilla.org/show_bug.cgi?id=230351.) - // - // Our base64 decoder requires that the length be a multiple of 4. - int encoded_length = params_end_ - params_begin_; - while (encoded_length > 0 && encoded_length % 4 != 0 && - params_begin_[encoded_length - 1] == '=') { - --encoded_length; - } - return std::string(params_begin_, params_begin_ + encoded_length); -} - -void HttpAuth::ChallengeTokenizer::Init(std::string::const_iterator begin, - std::string::const_iterator end) { - // The first space-separated token is the auth-scheme. - // NOTE: we are more permissive than RFC 2617 which says auth-scheme - // is separated by 1*SP. - base::StringTokenizer tok(begin, end, HTTP_LWS); - if (!tok.GetNext()) { - // Default param and scheme iterators provide empty strings - return; - } - - // Save the scheme's position. - scheme_begin_ = tok.token_begin(); - scheme_end_ = tok.token_end(); - - params_begin_ = scheme_end_; - params_end_ = end; - HttpUtil::TrimLWS(¶ms_begin_, ¶ms_end_); -} - // static std::string HttpAuth::GetChallengeHeaderName(Target target) { switch (target) { diff --git a/net/http/http_auth.h b/net/http/http_auth.h index 1a03bb1..5a2c7ac 100644 --- a/net/http/http_auth.h +++ b/net/http/http_auth.h @@ -167,48 +167,6 @@ class NET_EXPORT_PRIVATE HttpAuth { Target target, const std::set<Scheme>& disabled_schemes, std::string* challenge_used); - - // Breaks up a challenge string into the the auth scheme and parameter list, - // according to RFC 2617 Sec 1.2: - // challenge = auth-scheme 1*SP 1#auth-param - // - // Depending on the challenge scheme, it may be appropriate to interpret the - // parameters as either a base-64 encoded string or a comma-delimited list - // of name-value pairs. param_pairs() and base64_param() methods are provided - // to support either usage. - class NET_EXPORT_PRIVATE ChallengeTokenizer { - public: - ChallengeTokenizer(std::string::const_iterator begin, - std::string::const_iterator end); - - // Get the original text. - std::string challenge_text() const { - return std::string(begin_, end_); - } - - // Get the auth scheme of the challenge. - std::string::const_iterator scheme_begin() const { return scheme_begin_; } - std::string::const_iterator scheme_end() const { return scheme_end_; } - std::string scheme() const { - return std::string(scheme_begin_, scheme_end_); - } - - HttpUtil::NameValuePairsIterator param_pairs() const; - std::string base64_param() const; - - private: - void Init(std::string::const_iterator begin, - std::string::const_iterator end); - - std::string::const_iterator begin_; - std::string::const_iterator end_; - - std::string::const_iterator scheme_begin_; - std::string::const_iterator scheme_end_; - - std::string::const_iterator params_begin_; - std::string::const_iterator params_end_; - }; }; } // namespace net diff --git a/net/http/http_auth_cache_unittest.cc b/net/http/http_auth_cache_unittest.cc index 565e1a7..e925c71 100644 --- a/net/http/http_auth_cache_unittest.cc +++ b/net/http/http_auth_cache_unittest.cc @@ -33,12 +33,12 @@ class MockAuthHandler : public HttpAuthHandler { } virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) OVERRIDE { + HttpAuthChallengeTokenizer* challenge) OVERRIDE { return HttpAuth::AUTHORIZATION_RESULT_REJECT; } protected: - virtual bool Init(HttpAuth::ChallengeTokenizer* challenge) OVERRIDE { + virtual bool Init(HttpAuthChallengeTokenizer* challenge) OVERRIDE { return false; // Unused. } diff --git a/net/http/http_auth_challenge_tokenizer.cc b/net/http/http_auth_challenge_tokenizer.cc new file mode 100644 index 0000000..528566c8 --- /dev/null +++ b/net/http/http_auth_challenge_tokenizer.cc @@ -0,0 +1,61 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/http/http_auth_challenge_tokenizer.h" + +#include "base/strings/string_tokenizer.h" + +namespace net { + +HttpAuthChallengeTokenizer::HttpAuthChallengeTokenizer( + std::string::const_iterator begin, + std::string::const_iterator end) + : begin_(begin), + end_(end), + scheme_begin_(begin), + scheme_end_(begin), + params_begin_(end), + params_end_(end) { + Init(begin, end); +} + +HttpUtil::NameValuePairsIterator HttpAuthChallengeTokenizer::param_pairs() + const { + return HttpUtil::NameValuePairsIterator(params_begin_, params_end_, ','); +} + +std::string HttpAuthChallengeTokenizer::base64_param() const { + // Strip off any padding. + // (See https://bugzilla.mozilla.org/show_bug.cgi?id=230351.) + // + // Our base64 decoder requires that the length be a multiple of 4. + int encoded_length = params_end_ - params_begin_; + while (encoded_length > 0 && encoded_length % 4 != 0 && + params_begin_[encoded_length - 1] == '=') { + --encoded_length; + } + return std::string(params_begin_, params_begin_ + encoded_length); +} + +void HttpAuthChallengeTokenizer::Init(std::string::const_iterator begin, + std::string::const_iterator end) { + // The first space-separated token is the auth-scheme. + // NOTE: we are more permissive than RFC 2617 which says auth-scheme + // is separated by 1*SP. + base::StringTokenizer tok(begin, end, HTTP_LWS); + if (!tok.GetNext()) { + // Default param and scheme iterators provide empty strings + return; + } + + // Save the scheme's position. + scheme_begin_ = tok.token_begin(); + scheme_end_ = tok.token_end(); + + params_begin_ = scheme_end_; + params_end_ = end; + HttpUtil::TrimLWS(¶ms_begin_, ¶ms_end_); +} + +} // namespace net diff --git a/net/http/http_auth_challenge_tokenizer.h b/net/http/http_auth_challenge_tokenizer.h new file mode 100644 index 0000000..3c93d25 --- /dev/null +++ b/net/http/http_auth_challenge_tokenizer.h @@ -0,0 +1,59 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_HTTP_HTTP_AUTH_CHALLENGE_TOKENIZER_ +#define NET_HTTP_HTTP_AUTH_CHALLENGE_TOKENIZER_ + +#include <string> + +#include "net/base/net_export.h" +#include "net/http/http_util.h" + +namespace net { + +// Breaks up a challenge string into the the auth scheme and parameter list, +// according to RFC 2617 Sec 1.2: +// challenge = auth-scheme 1*SP 1#auth-param +// +// Depending on the challenge scheme, it may be appropriate to interpret the +// parameters as either a base-64 encoded string or a comma-delimited list +// of name-value pairs. param_pairs() and base64_param() methods are provided +// to support either usage. +class NET_EXPORT_PRIVATE HttpAuthChallengeTokenizer { + public: + HttpAuthChallengeTokenizer(std::string::const_iterator begin, + std::string::const_iterator end); + + // Get the original text. + std::string challenge_text() const { + return std::string(begin_, end_); + } + + // Get the auth scheme of the challenge. + std::string::const_iterator scheme_begin() const { return scheme_begin_; } + std::string::const_iterator scheme_end() const { return scheme_end_; } + std::string scheme() const { + return std::string(scheme_begin_, scheme_end_); + } + + HttpUtil::NameValuePairsIterator param_pairs() const; + std::string base64_param() const; + + private: + void Init(std::string::const_iterator begin, + std::string::const_iterator end); + + std::string::const_iterator begin_; + std::string::const_iterator end_; + + std::string::const_iterator scheme_begin_; + std::string::const_iterator scheme_end_; + + std::string::const_iterator params_begin_; + std::string::const_iterator params_end_; +}; + +} // namespace net + +#endif // NET_HTTP_HTTP_AUTH_CHALLENGE_TOKENIZER_ diff --git a/net/http/http_auth_challenge_tokenizer_unittest.cc b/net/http/http_auth_challenge_tokenizer_unittest.cc new file mode 100644 index 0000000..2cf657a --- /dev/null +++ b/net/http/http_auth_challenge_tokenizer_unittest.cc @@ -0,0 +1,177 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/http/http_auth_challenge_tokenizer.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace net { + +TEST(HttpAuthChallengeTokenizerTest, Basic) { + std::string challenge_str = "Basic realm=\"foobar\""; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Basic"), challenge.scheme()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("realm"), parameters.name()); + EXPECT_EQ(std::string("foobar"), parameters.value()); + EXPECT_FALSE(parameters.GetNext()); +} + +// Use a name=value property with no quote marks. +TEST(HttpAuthChallengeTokenizerTest, NoQuotes) { + std::string challenge_str = "Basic realm=foobar@baz.com"; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Basic"), challenge.scheme()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("realm"), parameters.name()); + EXPECT_EQ(std::string("foobar@baz.com"), parameters.value()); + EXPECT_FALSE(parameters.GetNext()); +} + +// Use a name=value property with mismatching quote marks. +TEST(HttpAuthChallengeTokenizerTest, MismatchedQuotes) { + std::string challenge_str = "Basic realm=\"foobar@baz.com"; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Basic"), challenge.scheme()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("realm"), parameters.name()); + EXPECT_EQ(std::string("foobar@baz.com"), parameters.value()); + EXPECT_FALSE(parameters.GetNext()); +} + +// Use a name= property without a value and with mismatching quote marks. +TEST(HttpAuthChallengeTokenizerTest, MismatchedQuotesNoValue) { + std::string challenge_str = "Basic realm=\""; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Basic"), challenge.scheme()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("realm"), parameters.name()); + EXPECT_EQ(std::string(), parameters.value()); + EXPECT_FALSE(parameters.GetNext()); +} + +// Use a name=value property with mismatching quote marks and spaces in the +// value. +TEST(HttpAuthChallengeTokenizerTest, MismatchedQuotesSpaces) { + std::string challenge_str = "Basic realm=\"foo bar"; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Basic"), challenge.scheme()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("realm"), parameters.name()); + EXPECT_EQ(std::string("foo bar"), parameters.value()); + EXPECT_FALSE(parameters.GetNext()); +} + +// Use multiple name=value properties with mismatching quote marks in the last +// value. +TEST(HttpAuthChallengeTokenizerTest, MismatchedQuotesMultiple) { + std::string challenge_str = "Digest qop=auth-int, algorithm=md5, realm=\"foo"; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Digest"), challenge.scheme()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("qop"), parameters.name()); + EXPECT_EQ(std::string("auth-int"), parameters.value()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("algorithm"), parameters.name()); + EXPECT_EQ(std::string("md5"), parameters.value()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("realm"), parameters.name()); + EXPECT_EQ(std::string("foo"), parameters.value()); + EXPECT_FALSE(parameters.GetNext()); +} + +// Use a name= property which has no value. +TEST(HttpAuthChallengeTokenizerTest, NoValue) { + std::string challenge_str = "Digest qop="; + HttpAuthChallengeTokenizer challenge( + challenge_str.begin(), challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Digest"), challenge.scheme()); + EXPECT_FALSE(parameters.GetNext()); + EXPECT_FALSE(parameters.valid()); +} + +// Specify multiple properties, comma separated. +TEST(HttpAuthChallengeTokenizerTest, Multiple) { + std::string challenge_str = + "Digest algorithm=md5, realm=\"Oblivion\", qop=auth-int"; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("Digest"), challenge.scheme()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("algorithm"), parameters.name()); + EXPECT_EQ(std::string("md5"), parameters.value()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("realm"), parameters.name()); + EXPECT_EQ(std::string("Oblivion"), parameters.value()); + EXPECT_TRUE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("qop"), parameters.name()); + EXPECT_EQ(std::string("auth-int"), parameters.value()); + EXPECT_FALSE(parameters.GetNext()); + EXPECT_TRUE(parameters.valid()); +} + +// Use a challenge which has no property. +TEST(HttpAuthChallengeTokenizerTest, NoProperty) { + std::string challenge_str = "NTLM"; + HttpAuthChallengeTokenizer challenge( + challenge_str.begin(), challenge_str.end()); + HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); + + EXPECT_TRUE(parameters.valid()); + EXPECT_EQ(std::string("NTLM"), challenge.scheme()); + EXPECT_FALSE(parameters.GetNext()); +} + +// Use a challenge with Base64 encoded token. +TEST(HttpAuthChallengeTokenizerTest, Base64) { + std::string challenge_str = "NTLM SGVsbG8sIFdvcmxkCg==="; + HttpAuthChallengeTokenizer challenge(challenge_str.begin(), + challenge_str.end()); + + EXPECT_EQ(std::string("NTLM"), challenge.scheme()); + // Notice the two equal statements below due to padding removal. + EXPECT_EQ(std::string("SGVsbG8sIFdvcmxkCg=="), challenge.base64_param()); +} + +} // namespace net diff --git a/net/http/http_auth_controller_unittest.cc b/net/http/http_auth_controller_unittest.cc index 210f1e4..1a59b8d 100644 --- a/net/http/http_auth_controller_unittest.cc +++ b/net/http/http_auth_controller_unittest.cc @@ -9,6 +9,7 @@ #include "net/base/net_log.h" #include "net/base/test_completion_callback.h" #include "net/http/http_auth_cache.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_handler_mock.h" #include "net/http/http_request_info.h" #include "net/http/http_response_headers.h" @@ -127,7 +128,7 @@ TEST(HttpAuthControllerTest, NoExplicitCredentialsAllowed) { } protected: - virtual bool Init(HttpAuth::ChallengeTokenizer* challenge) OVERRIDE { + virtual bool Init(HttpAuthChallengeTokenizer* challenge) OVERRIDE { HttpAuthHandlerMock::Init(challenge); set_allows_default_credentials(true); set_allows_explicit_credentials(false); diff --git a/net/http/http_auth_gssapi_posix.cc b/net/http/http_auth_gssapi_posix.cc index 41cbcdb..a4b8c0c 100644 --- a/net/http/http_auth_gssapi_posix.cc +++ b/net/http/http_auth_gssapi_posix.cc @@ -16,6 +16,7 @@ #include "base/threading/thread_restrictions.h" #include "net/base/net_errors.h" #include "net/base/net_util.h" +#include "net/http/http_auth_challenge_tokenizer.h" // These are defined for the GSSAPI library: // Paraphrasing the comments from gssapi.h: @@ -684,7 +685,7 @@ void HttpAuthGSSAPI::Delegate() { } HttpAuth::AuthorizationResult HttpAuthGSSAPI::ParseChallenge( - HttpAuth::ChallengeTokenizer* tok) { + HttpAuthChallengeTokenizer* tok) { // Verify the challenge's auth-scheme. if (!LowerCaseEqualsASCII(tok->scheme(), StringToLowerASCII(scheme_).c_str())) return HttpAuth::AUTHORIZATION_RESULT_INVALID; diff --git a/net/http/http_auth_gssapi_posix.h b/net/http/http_auth_gssapi_posix.h index db603f65..ddaf518 100644 --- a/net/http/http_auth_gssapi_posix.h +++ b/net/http/http_auth_gssapi_posix.h @@ -22,6 +22,8 @@ namespace net { +class HttpAuthChallengeTokenizer; + // Mechanism OID for GSSAPI. We always use SPNEGO. NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_SPNEGO_MECH_OID_DESC; @@ -240,7 +242,7 @@ class NET_EXPORT_PRIVATE HttpAuthGSSAPI { bool AllowsExplicitCredentials() const; HttpAuth::AuthorizationResult ParseChallenge( - HttpAuth::ChallengeTokenizer* tok); + HttpAuthChallengeTokenizer* tok); // Generates an authentication token. // The return value is an error code. If it's not |OK|, the value of diff --git a/net/http/http_auth_gssapi_posix_unittest.cc b/net/http/http_auth_gssapi_posix_unittest.cc index 48d17a3..6f93334 100644 --- a/net/http/http_auth_gssapi_posix_unittest.cc +++ b/net/http/http_auth_gssapi_posix_unittest.cc @@ -9,6 +9,7 @@ #include "base/memory/scoped_ptr.h" #include "base/native_library.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/mock_gssapi_library_posix.h" #include "testing/gtest/include/gtest/gtest.h" @@ -181,8 +182,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_FirstRound) { HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC); std::string challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), - challenge_text.end()); + HttpAuthChallengeTokenizer challenge(challenge_text.begin(), + challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_gssapi.ParseChallenge(&challenge)); } @@ -194,8 +195,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_TwoRounds) { HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC); std::string first_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), - first_challenge_text.end()); + HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), + first_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_gssapi.ParseChallenge(&first_challenge)); @@ -206,8 +207,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_TwoRounds) { &auth_token)); std::string second_challenge_text = "Negotiate Zm9vYmFy"; - HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), - second_challenge_text.end()); + HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), + second_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_gssapi.ParseChallenge(&second_challenge)); } @@ -219,8 +220,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_UnexpectedTokenFirstRound) { HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC); std::string challenge_text = "Negotiate Zm9vYmFy"; - HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), - challenge_text.end()); + HttpAuthChallengeTokenizer challenge(challenge_text.begin(), + challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, auth_gssapi.ParseChallenge(&challenge)); } @@ -232,8 +233,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_MissingTokenSecondRound) { HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC); std::string first_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), - first_challenge_text.end()); + HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), + first_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_gssapi.ParseChallenge(&first_challenge)); @@ -242,8 +243,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_MissingTokenSecondRound) { EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, "HTTP/intranet.google.com", &auth_token)); std::string second_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), - second_challenge_text.end()); + HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), + second_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, auth_gssapi.ParseChallenge(&second_challenge)); } @@ -255,8 +256,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_NonBase64EncodedToken) { HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC); std::string first_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), - first_challenge_text.end()); + HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), + first_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_gssapi.ParseChallenge(&first_challenge)); @@ -265,8 +266,8 @@ TEST(HttpAuthGSSAPITest, ParseChallenge_NonBase64EncodedToken) { EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, "HTTP/intranet.google.com", &auth_token)); std::string second_challenge_text = "Negotiate =happyjoy="; - HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), - second_challenge_text.end()); + HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), + second_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, auth_gssapi.ParseChallenge(&second_challenge)); } diff --git a/net/http/http_auth_handler.cc b/net/http/http_auth_handler.cc index ab809fae..7369ea5 100644 --- a/net/http/http_auth_handler.cc +++ b/net/http/http_auth_handler.cc @@ -8,6 +8,7 @@ #include "base/bind_helpers.h" #include "base/logging.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" namespace net { @@ -22,7 +23,7 @@ HttpAuthHandler::~HttpAuthHandler() { } bool HttpAuthHandler::InitFromChallenge( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, const BoundNetLog& net_log) { diff --git a/net/http/http_auth_handler.h b/net/http/http_auth_handler.h index 638bb44..dfb50d43 100644 --- a/net/http/http_auth_handler.h +++ b/net/http/http_auth_handler.h @@ -14,6 +14,7 @@ namespace net { +class HttpAuthChallengeTokenizer; struct HttpRequestInfo; // HttpAuthHandler is the interface for the authentication schemes @@ -29,7 +30,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandler { // authentication scheme, but none of the tokens occurring after the // authentication scheme. |target| and |origin| are both stored // for later use, and are not part of the initial challenge. - bool InitFromChallenge(HttpAuth::ChallengeTokenizer* challenge, + bool InitFromChallenge(HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, const BoundNetLog& net_log); @@ -48,7 +49,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandler { // authentication scheme, but none of the tokens occurring after the // authentication scheme. virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) = 0; + HttpAuthChallengeTokenizer* challenge) = 0; // Generates an authentication token, potentially asynchronously. // @@ -151,7 +152,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandler { // authentication scheme. // Implementations are expected to initialize the following members: // scheme_, realm_, score_, properties_ - virtual bool Init(HttpAuth::ChallengeTokenizer* challenge) = 0; + virtual bool Init(HttpAuthChallengeTokenizer* challenge) = 0; // |GenerateAuthTokenImpl()} is the auth-scheme specific implementation // of generating the next auth token. Callers should use |GenerateAuthToken()| diff --git a/net/http/http_auth_handler_basic.cc b/net/http/http_auth_handler_basic.cc index daab5a7..c1db039 100644 --- a/net/http/http_auth_handler_basic.cc +++ b/net/http/http_auth_handler_basic.cc @@ -12,6 +12,7 @@ #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" #include "net/http/http_auth.h" +#include "net/http/http_auth_challenge_tokenizer.h" namespace net { @@ -33,7 +34,7 @@ namespace { // // TODO(cbentzel): Realm may need to be decoded using RFC 2047 rules as // well, see http://crbug.com/25790. -bool ParseRealm(const HttpAuth::ChallengeTokenizer& tokenizer, +bool ParseRealm(const HttpAuthChallengeTokenizer& tokenizer, std::string* realm) { CHECK(realm); realm->clear(); @@ -51,7 +52,7 @@ bool ParseRealm(const HttpAuth::ChallengeTokenizer& tokenizer, } // namespace -bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) { +bool HttpAuthHandlerBasic::Init(HttpAuthChallengeTokenizer* challenge) { auth_scheme_ = HttpAuth::AUTH_SCHEME_BASIC; score_ = 1; properties_ = 0; @@ -59,7 +60,7 @@ bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) { } bool HttpAuthHandlerBasic::ParseChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { // Verify the challenge's auth-scheme. if (!LowerCaseEqualsASCII(challenge->scheme(), "basic")) return false; @@ -73,7 +74,7 @@ bool HttpAuthHandlerBasic::ParseChallenge( } HttpAuth::AuthorizationResult HttpAuthHandlerBasic::HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { // Basic authentication is always a single round, so any responses // should be treated as a rejection. However, if the new challenge // is for a different realm, then indicate the realm change. @@ -105,7 +106,7 @@ HttpAuthHandlerBasic::Factory::~Factory() { } int HttpAuthHandlerBasic::Factory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, diff --git a/net/http/http_auth_handler_basic.h b/net/http/http_auth_handler_basic.h index ce56152..5d786f9 100644 --- a/net/http/http_auth_handler_basic.h +++ b/net/http/http_auth_handler_basic.h @@ -22,7 +22,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerBasic : public HttpAuthHandler { virtual ~Factory(); virtual int CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -32,10 +32,10 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerBasic : public HttpAuthHandler { }; virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + HttpAuthChallengeTokenizer* challenge) OVERRIDE; protected: - virtual bool Init(HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + virtual bool Init(HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual int GenerateAuthTokenImpl(const AuthCredentials* credentials, const HttpRequestInfo* request, @@ -45,7 +45,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerBasic : public HttpAuthHandler { private: virtual ~HttpAuthHandlerBasic() {} - bool ParseChallenge(HttpAuth::ChallengeTokenizer* challenge); + bool ParseChallenge(HttpAuthChallengeTokenizer* challenge); }; } // namespace net diff --git a/net/http/http_auth_handler_basic_unittest.cc b/net/http/http_auth_handler_basic_unittest.cc index 075afa2..6f112b1 100644 --- a/net/http/http_auth_handler_basic_unittest.cc +++ b/net/http/http_auth_handler_basic_unittest.cc @@ -9,6 +9,7 @@ #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_handler_basic.h" #include "net/http/http_request_info.h" #include "testing/gtest/include/gtest/gtest.h" @@ -91,8 +92,8 @@ TEST(HttpAuthHandlerBasicTest, HandleAnotherChallenge) { for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { std::string challenge(tests[i].challenge); - HttpAuth::ChallengeTokenizer tok(challenge.begin(), - challenge.end()); + HttpAuthChallengeTokenizer tok(challenge.begin(), + challenge.end()); EXPECT_EQ(tests[i].expected_rv, basic->HandleAnotherChallenge(&tok)); } } diff --git a/net/http/http_auth_handler_digest.cc b/net/http/http_auth_handler_digest.cc index e0a1ef6..5c8fbd7 100644 --- a/net/http/http_auth_handler_digest.cc +++ b/net/http/http_auth_handler_digest.cc @@ -16,6 +16,7 @@ #include "net/base/net_errors.h" #include "net/base/net_util.h" #include "net/http/http_auth.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_request_info.h" #include "net/http/http_util.h" #include "url/gurl.h" @@ -89,7 +90,7 @@ void HttpAuthHandlerDigest::Factory::set_nonce_generator( } int HttpAuthHandlerDigest::Factory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -107,7 +108,7 @@ int HttpAuthHandlerDigest::Factory::CreateAuthHandler( } HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { // Even though Digest is not connection based, a "second round" is parsed // to differentiate between stale and rejected responses. // Note that the state of the current handler is not mutated - this way if @@ -133,7 +134,7 @@ HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( HttpAuth::AUTHORIZATION_RESULT_REJECT; } -bool HttpAuthHandlerDigest::Init(HttpAuth::ChallengeTokenizer* challenge) { +bool HttpAuthHandlerDigest::Init(HttpAuthChallengeTokenizer* challenge) { return ParseChallenge(challenge); } @@ -186,7 +187,7 @@ HttpAuthHandlerDigest::~HttpAuthHandlerDigest() { // send the realm (See http://crbug.com/20984 for an instance where a // webserver was not sending the realm with a BASIC challenge). bool HttpAuthHandlerDigest::ParseChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { auth_scheme_ = HttpAuth::AUTH_SCHEME_DIGEST; score_ = 2; properties_ = ENCRYPTS_IDENTITY; diff --git a/net/http/http_auth_handler_digest.h b/net/http/http_auth_handler_digest.h index 7edac16..6a960d9 100644 --- a/net/http/http_auth_handler_digest.h +++ b/net/http/http_auth_handler_digest.h @@ -65,7 +65,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerDigest : public HttpAuthHandler { void set_nonce_generator(const NonceGenerator* nonce_generator); virtual int CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -78,10 +78,10 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerDigest : public HttpAuthHandler { }; virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + HttpAuthChallengeTokenizer* challenge) OVERRIDE; protected: - virtual bool Init(HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + virtual bool Init(HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual int GenerateAuthTokenImpl(const AuthCredentials* credentials, const HttpRequestInfo* request, @@ -124,7 +124,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerDigest : public HttpAuthHandler { // Parse the challenge, saving the results into this instance. // Returns true on success. - bool ParseChallenge(HttpAuth::ChallengeTokenizer* challenge); + bool ParseChallenge(HttpAuthChallengeTokenizer* challenge); // Parse an individual property. Returns true on success. bool ParseChallengeProperty(const std::string& name, diff --git a/net/http/http_auth_handler_digest_unittest.cc b/net/http/http_auth_handler_digest_unittest.cc index aa5176e..5c3941c 100644 --- a/net/http/http_auth_handler_digest_unittest.cc +++ b/net/http/http_auth_handler_digest_unittest.cc @@ -9,6 +9,7 @@ #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" #include "net/base/test_completion_callback.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_handler_digest.h" #include "net/http/http_request_info.h" #include "testing/gtest/include/gtest/gtest.h" @@ -552,27 +553,27 @@ TEST(HttpAuthHandlerDigest, HandleAnotherChallenge) { &handler); EXPECT_EQ(OK, rv); ASSERT_TRUE(handler.get() != NULL); - HttpAuth::ChallengeTokenizer tok_default(default_challenge.begin(), - default_challenge.end()); + HttpAuthChallengeTokenizer tok_default(default_challenge.begin(), + default_challenge.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, handler->HandleAnotherChallenge(&tok_default)); std::string stale_challenge = default_challenge + ", stale=true"; - HttpAuth::ChallengeTokenizer tok_stale(stale_challenge.begin(), - stale_challenge.end()); + HttpAuthChallengeTokenizer tok_stale(stale_challenge.begin(), + stale_challenge.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_STALE, handler->HandleAnotherChallenge(&tok_stale)); std::string stale_false_challenge = default_challenge + ", stale=false"; - HttpAuth::ChallengeTokenizer tok_stale_false(stale_false_challenge.begin(), - stale_false_challenge.end()); + HttpAuthChallengeTokenizer tok_stale_false(stale_false_challenge.begin(), + stale_false_challenge.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, handler->HandleAnotherChallenge(&tok_stale_false)); std::string realm_change_challenge = "Digest realm=\"SomethingElse\", nonce=\"nonce-value2\""; - HttpAuth::ChallengeTokenizer tok_realm_change(realm_change_challenge.begin(), - realm_change_challenge.end()); + HttpAuthChallengeTokenizer tok_realm_change(realm_change_challenge.begin(), + realm_change_challenge.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM, handler->HandleAnotherChallenge(&tok_realm_change)); } diff --git a/net/http/http_auth_handler_factory.cc b/net/http/http_auth_handler_factory.cc index f94bd33..9867bb9 100644 --- a/net/http/http_auth_handler_factory.cc +++ b/net/http/http_auth_handler_factory.cc @@ -7,6 +7,7 @@ #include "base/stl_util.h" #include "base/strings/string_util.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_filter.h" #include "net/http/http_auth_handler_basic.h" #include "net/http/http_auth_handler_digest.h" @@ -24,7 +25,7 @@ int HttpAuthHandlerFactory::CreateAuthHandlerFromString( const GURL& origin, const BoundNetLog& net_log, scoped_ptr<HttpAuthHandler>* handler) { - HttpAuth::ChallengeTokenizer props(challenge.begin(), challenge.end()); + HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end()); return CreateAuthHandler(&props, target, origin, CREATE_CHALLENGE, 1, net_log, handler); } @@ -36,7 +37,7 @@ int HttpAuthHandlerFactory::CreatePreemptiveAuthHandlerFromString( int digest_nonce_count, const BoundNetLog& net_log, scoped_ptr<HttpAuthHandler>* handler) { - HttpAuth::ChallengeTokenizer props(challenge.begin(), challenge.end()); + HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end()); return CreateAuthHandler(&props, target, origin, CREATE_PREEMPTIVE, digest_nonce_count, net_log, handler); } @@ -172,7 +173,7 @@ HttpAuthHandlerRegistryFactory* HttpAuthHandlerRegistryFactory::Create( } int HttpAuthHandlerRegistryFactory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, diff --git a/net/http/http_auth_handler_factory.h b/net/http/http_auth_handler_factory.h index 2762751..e712aaf 100644 --- a/net/http/http_auth_handler_factory.h +++ b/net/http/http_auth_handler_factory.h @@ -20,6 +20,7 @@ namespace net { class BoundNetLog; class HostResolver; +class HttpAuthChallengeTokenizer; class HttpAuthHandler; class HttpAuthHandlerRegistryFactory; @@ -73,7 +74,7 @@ class NET_EXPORT HttpAuthHandlerFactory { // NOTE: This will apply to ALL |origin| values if the filters are empty. // // |*challenge| should not be reused after a call to |CreateAuthHandler()|, - virtual int CreateAuthHandler(HttpAuth::ChallengeTokenizer* challenge, + virtual int CreateAuthHandler(HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason create_reason, @@ -182,7 +183,7 @@ class NET_EXPORT HttpAuthHandlerRegistryFactory // Creates an auth handler by dispatching out to the registered factories // based on the first token in |challenge|. - virtual int CreateAuthHandler(HttpAuth::ChallengeTokenizer* challenge, + virtual int CreateAuthHandler(HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, diff --git a/net/http/http_auth_handler_factory_unittest.cc b/net/http/http_auth_handler_factory_unittest.cc index 8e69919..06e8933 100644 --- a/net/http/http_auth_handler_factory_unittest.cc +++ b/net/http/http_auth_handler_factory_unittest.cc @@ -21,7 +21,7 @@ class MockHttpAuthHandlerFactory : public HttpAuthHandlerFactory { return_code_(return_code) {} virtual ~MockHttpAuthHandlerFactory() {} - virtual int CreateAuthHandler(HttpAuth::ChallengeTokenizer* challenge, + virtual int CreateAuthHandler(HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, diff --git a/net/http/http_auth_handler_mock.cc b/net/http/http_auth_handler_mock.cc index 826c3d6..52990ee 100644 --- a/net/http/http_auth_handler_mock.cc +++ b/net/http/http_auth_handler_mock.cc @@ -8,6 +8,7 @@ #include "base/message_loop/message_loop.h" #include "base/strings/string_util.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_request_info.h" #include "testing/gtest/include/gtest/gtest.h" @@ -77,7 +78,7 @@ void HttpAuthHandlerMock::SetGenerateExpectation(bool async, int rv) { } HttpAuth::AuthorizationResult HttpAuthHandlerMock::HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { // If we receive an empty challenge for a connection based scheme, or a second // challenge for a non connection based scheme, assume it's a rejection. if (!is_connection_based() || challenge->base64_param().empty()) @@ -99,7 +100,7 @@ bool HttpAuthHandlerMock::AllowsExplicitCredentials() { return allows_explicit_credentials_; } -bool HttpAuthHandlerMock::Init(HttpAuth::ChallengeTokenizer* challenge) { +bool HttpAuthHandlerMock::Init(HttpAuthChallengeTokenizer* challenge) { auth_scheme_ = HttpAuth::AUTH_SCHEME_MOCK; score_ = 1; properties_ = connection_based_ ? IS_CONNECTION_BASED : 0; @@ -164,7 +165,7 @@ void HttpAuthHandlerMock::Factory::AddMockHandler( } int HttpAuthHandlerMock::Factory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, diff --git a/net/http/http_auth_handler_mock.h b/net/http/http_auth_handler_mock.h index 7cc441a..a4642df 100644 --- a/net/http/http_auth_handler_mock.h +++ b/net/http/http_auth_handler_mock.h @@ -43,7 +43,7 @@ class HttpAuthHandlerMock : public HttpAuthHandler { // HttpAuthHandlerFactory: virtual int CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -88,13 +88,13 @@ class HttpAuthHandlerMock : public HttpAuthHandler { // HttpAuthHandler: virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual bool NeedsIdentity() OVERRIDE; virtual bool AllowsDefaultCredentials() OVERRIDE; virtual bool AllowsExplicitCredentials() OVERRIDE; protected: - virtual bool Init(HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + virtual bool Init(HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual int GenerateAuthTokenImpl(const AuthCredentials* credentials, const HttpRequestInfo* request, diff --git a/net/http/http_auth_handler_negotiate.cc b/net/http/http_auth_handler_negotiate.cc index 788b067..422ddd7 100644 --- a/net/http/http_auth_handler_negotiate.cc +++ b/net/http/http_auth_handler_negotiate.cc @@ -37,7 +37,7 @@ void HttpAuthHandlerNegotiate::Factory::set_host_resolver( } int HttpAuthHandlerNegotiate::Factory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -161,7 +161,7 @@ std::string HttpAuthHandlerNegotiate::CreateSPN( } HttpAuth::AuthorizationResult HttpAuthHandlerNegotiate::HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { return auth_system_.ParseChallenge(challenge); } @@ -184,7 +184,7 @@ bool HttpAuthHandlerNegotiate::AllowsExplicitCredentials() { // The Negotiate challenge header looks like: // WWW-Authenticate: NEGOTIATE auth-data -bool HttpAuthHandlerNegotiate::Init(HttpAuth::ChallengeTokenizer* challenge) { +bool HttpAuthHandlerNegotiate::Init(HttpAuthChallengeTokenizer* challenge) { #if defined(OS_POSIX) if (!auth_system_.Init()) { VLOG(1) << "can't initialize GSSAPI library"; diff --git a/net/http/http_auth_handler_negotiate.h b/net/http/http_auth_handler_negotiate.h index d028178..90bd16ce 100644 --- a/net/http/http_auth_handler_negotiate.h +++ b/net/http/http_auth_handler_negotiate.h @@ -70,7 +70,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { } virtual int CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -107,13 +107,13 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { // HttpAuthHandler: virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual bool NeedsIdentity() OVERRIDE; virtual bool AllowsDefaultCredentials() OVERRIDE; virtual bool AllowsExplicitCredentials() OVERRIDE; protected: - virtual bool Init(HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + virtual bool Init(HttpAuthChallengeTokenizer* challenge) OVERRIDE; virtual int GenerateAuthTokenImpl(const AuthCredentials* credentials, const HttpRequestInfo* request, diff --git a/net/http/http_auth_handler_ntlm.cc b/net/http/http_auth_handler_ntlm.cc index 922800c..de0fe29 100644 --- a/net/http/http_auth_handler_ntlm.cc +++ b/net/http/http_auth_handler_ntlm.cc @@ -12,15 +12,16 @@ #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" #include "net/base/net_util.h" +#include "net/http/http_auth_challenge_tokenizer.h" namespace net { HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) { + HttpAuthChallengeTokenizer* challenge) { return ParseChallenge(challenge, false); } -bool HttpAuthHandlerNTLM::Init(HttpAuth::ChallengeTokenizer* tok) { +bool HttpAuthHandlerNTLM::Init(HttpAuthChallengeTokenizer* tok) { auth_scheme_ = HttpAuth::AUTH_SCHEME_NTLM; score_ = 3; properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED; @@ -100,7 +101,7 @@ int HttpAuthHandlerNTLM::GenerateAuthTokenImpl( // The NTLM challenge header looks like: // WWW-Authenticate: NTLM auth-data HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::ParseChallenge( - HttpAuth::ChallengeTokenizer* tok, bool initial_challenge) { + HttpAuthChallengeTokenizer* tok, bool initial_challenge) { #if defined(NTLM_SSPI) // auth_sspi_ contains state for whether or not this is the initial challenge. return auth_sspi_.ParseChallenge(tok); diff --git a/net/http/http_auth_handler_ntlm.h b/net/http/http_auth_handler_ntlm.h index 98bd362..9e2abc6 100644 --- a/net/http/http_auth_handler_ntlm.h +++ b/net/http/http_auth_handler_ntlm.h @@ -42,7 +42,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNTLM : public HttpAuthHandler { virtual ~Factory(); virtual int CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, @@ -109,14 +109,14 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNTLM : public HttpAuthHandler { virtual bool AllowsDefaultCredentials() OVERRIDE; virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( - HttpAuth::ChallengeTokenizer* challenge) OVERRIDE; + HttpAuthChallengeTokenizer* challenge) OVERRIDE; protected: // This function acquires a credentials handle in the SSPI implementation. // It does nothing in the portable implementation. int InitializeBeforeFirstChallenge(); - virtual bool Init(HttpAuth::ChallengeTokenizer* tok) OVERRIDE; + virtual bool Init(HttpAuthChallengeTokenizer* tok) OVERRIDE; virtual int GenerateAuthTokenImpl(const AuthCredentials* credentials, const HttpRequestInfo* request, @@ -135,7 +135,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNTLM : public HttpAuthHandler { // Parse the challenge, saving the results into this instance. HttpAuth::AuthorizationResult ParseChallenge( - HttpAuth::ChallengeTokenizer* tok, bool initial_challenge); + HttpAuthChallengeTokenizer* tok, bool initial_challenge); // Given an input token received from the server, generate the next output // token to be sent to the server. diff --git a/net/http/http_auth_handler_ntlm_portable.cc b/net/http/http_auth_handler_ntlm_portable.cc index 4754104..035a6dc 100644 --- a/net/http/http_auth_handler_ntlm_portable.cc +++ b/net/http/http_auth_handler_ntlm_portable.cc @@ -707,7 +707,7 @@ int HttpAuthHandlerNTLM::GetNextToken(const void* in_token, } int HttpAuthHandlerNTLM::Factory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, diff --git a/net/http/http_auth_handler_ntlm_win.cc b/net/http/http_auth_handler_ntlm_win.cc index 041522f..acc6fc1 100644 --- a/net/http/http_auth_handler_ntlm_win.cc +++ b/net/http/http_auth_handler_ntlm_win.cc @@ -52,7 +52,7 @@ HttpAuthHandlerNTLM::Factory::~Factory() { } int HttpAuthHandlerNTLM::Factory::CreateAuthHandler( - HttpAuth::ChallengeTokenizer* challenge, + HttpAuthChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, CreateReason reason, diff --git a/net/http/http_auth_handler_unittest.cc b/net/http/http_auth_handler_unittest.cc index 2476332..a53573d 100644 --- a/net/http/http_auth_handler_unittest.cc +++ b/net/http/http_auth_handler_unittest.cc @@ -10,6 +10,7 @@ #include "net/base/net_errors.h" #include "net/base/net_log_unittest.h" #include "net/base/test_completion_callback.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_handler_mock.h" #include "net/http/http_request_info.h" #include "testing/gtest/include/gtest/gtest.h" @@ -34,7 +35,7 @@ TEST(HttpAuthHandlerTest, NetLog) { (k == 0) ? HttpAuth::AUTH_PROXY : HttpAuth::AUTH_SERVER; NetLog::EventType event_type = (k == 0) ? NetLog::TYPE_AUTH_PROXY : NetLog::TYPE_AUTH_SERVER; - HttpAuth::ChallengeTokenizer tokenizer( + HttpAuthChallengeTokenizer tokenizer( challenge.begin(), challenge.end()); HttpAuthHandlerMock mock_handler; CapturingNetLog capturing_net_log; diff --git a/net/http/http_auth_sspi_win.cc b/net/http/http_auth_sspi_win.cc index 5718f9e..8a0e49f 100644 --- a/net/http/http_auth_sspi_win.cc +++ b/net/http/http_auth_sspi_win.cc @@ -13,6 +13,7 @@ #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" #include "net/http/http_auth.h" +#include "net/http/http_auth_challenge_tokenizer.h" namespace net { @@ -226,7 +227,7 @@ void HttpAuthSSPI::ResetSecurityContext() { } HttpAuth::AuthorizationResult HttpAuthSSPI::ParseChallenge( - HttpAuth::ChallengeTokenizer* tok) { + HttpAuthChallengeTokenizer* tok) { // Verify the challenge's auth-scheme. if (!LowerCaseEqualsASCII(tok->scheme(), StringToLowerASCII(scheme_).c_str())) return HttpAuth::AUTHORIZATION_RESULT_INVALID; diff --git a/net/http/http_auth_sspi_win.h b/net/http/http_auth_sspi_win.h index bc7da46..dd0b177 100644 --- a/net/http/http_auth_sspi_win.h +++ b/net/http/http_auth_sspi_win.h @@ -22,6 +22,8 @@ namespace net { +class HttpAuthChallengeTokenizer; + // SSPILibrary is introduced so unit tests can mock the calls to Windows' SSPI // implementation. The default implementation simply passes the arguments on to // the SSPI implementation provided by Secur32.dll. @@ -134,7 +136,7 @@ class NET_EXPORT_PRIVATE HttpAuthSSPI { bool AllowsExplicitCredentials() const; HttpAuth::AuthorizationResult ParseChallenge( - HttpAuth::ChallengeTokenizer* tok); + HttpAuthChallengeTokenizer* tok); // Generates an authentication token for the service specified by the // Service Principal Name |spn| and stores the value in |*auth_token|. diff --git a/net/http/http_auth_sspi_win_unittest.cc b/net/http/http_auth_sspi_win_unittest.cc index 09fe6fa..586822d 100644 --- a/net/http/http_auth_sspi_win_unittest.cc +++ b/net/http/http_auth_sspi_win_unittest.cc @@ -4,6 +4,7 @@ #include "base/basictypes.h" #include "net/base/net_errors.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_sspi_win.h" #include "net/http/mock_sspi_library_win.h" #include "testing/gtest/include/gtest/gtest.h" @@ -62,8 +63,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_FirstRound) { HttpAuthSSPI auth_sspi(&mock_library, "Negotiate", NEGOSSP_NAME, kMaxTokenLength); std::string challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), - challenge_text.end()); + HttpAuthChallengeTokenizer challenge(challenge_text.begin(), + challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_sspi.ParseChallenge(&challenge)); } @@ -75,8 +76,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_TwoRounds) { HttpAuthSSPI auth_sspi(&mock_library, "Negotiate", NEGOSSP_NAME, kMaxTokenLength); std::string first_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), - first_challenge_text.end()); + HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), + first_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_sspi.ParseChallenge(&first_challenge)); @@ -86,8 +87,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_TwoRounds) { &auth_token)); std::string second_challenge_text = "Negotiate Zm9vYmFy"; - HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), - second_challenge_text.end()); + HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), + second_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_sspi.ParseChallenge(&second_challenge)); } @@ -99,8 +100,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_UnexpectedTokenFirstRound) { HttpAuthSSPI auth_sspi(&mock_library, "Negotiate", NEGOSSP_NAME, kMaxTokenLength); std::string challenge_text = "Negotiate Zm9vYmFy"; - HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), - challenge_text.end()); + HttpAuthChallengeTokenizer challenge(challenge_text.begin(), + challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, auth_sspi.ParseChallenge(&challenge)); } @@ -112,8 +113,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_MissingTokenSecondRound) { HttpAuthSSPI auth_sspi(&mock_library, "Negotiate", NEGOSSP_NAME, kMaxTokenLength); std::string first_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), - first_challenge_text.end()); + HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), + first_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_sspi.ParseChallenge(&first_challenge)); @@ -121,8 +122,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_MissingTokenSecondRound) { EXPECT_EQ(OK, auth_sspi.GenerateAuthToken(NULL, "HTTP/intranet.google.com", &auth_token)); std::string second_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), - second_challenge_text.end()); + HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), + second_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, auth_sspi.ParseChallenge(&second_challenge)); } @@ -134,8 +135,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_NonBase64EncodedToken) { HttpAuthSSPI auth_sspi(&mock_library, "Negotiate", NEGOSSP_NAME, kMaxTokenLength); std::string first_challenge_text = "Negotiate"; - HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), - first_challenge_text.end()); + HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), + first_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, auth_sspi.ParseChallenge(&first_challenge)); @@ -143,8 +144,8 @@ TEST(HttpAuthSSPITest, ParseChallenge_NonBase64EncodedToken) { EXPECT_EQ(OK, auth_sspi.GenerateAuthToken(NULL, "HTTP/intranet.google.com", &auth_token)); std::string second_challenge_text = "Negotiate =happyjoy="; - HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), - second_challenge_text.end()); + HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), + second_challenge_text.end()); EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, auth_sspi.ParseChallenge(&second_challenge)); } diff --git a/net/http/http_auth_unittest.cc b/net/http/http_auth_unittest.cc index 6f1471d..cf68fa8 100644 --- a/net/http/http_auth_unittest.cc +++ b/net/http/http_auth_unittest.cc @@ -11,6 +11,7 @@ #include "net/base/net_errors.h" #include "net/dns/mock_host_resolver.h" #include "net/http/http_auth.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_filter.h" #include "net/http/http_auth_handler.h" #include "net/http/http_auth_handler_factory.h" @@ -28,7 +29,7 @@ HttpAuthHandlerMock* CreateMockHandler(bool connection_based) { HttpAuthHandlerMock* auth_handler = new HttpAuthHandlerMock(); auth_handler->set_connection_based(connection_based); std::string challenge_text = "Basic"; - HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), + HttpAuthChallengeTokenizer challenge(challenge_text.begin(), challenge_text.end()); GURL origin("www.example.com"); EXPECT_TRUE(auth_handler->InitFromChallenge(&challenge, @@ -245,173 +246,6 @@ TEST(HttpAuthTest, HandleChallengeResponse) { EXPECT_EQ("Mock token_a", challenge_used); } -TEST(HttpAuthTest, ChallengeTokenizer) { - std::string challenge_str = "Basic realm=\"foobar\""; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Basic"), challenge.scheme()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("realm"), parameters.name()); - EXPECT_EQ(std::string("foobar"), parameters.value()); - EXPECT_FALSE(parameters.GetNext()); -} - -// Use a name=value property with no quote marks. -TEST(HttpAuthTest, ChallengeTokenizerNoQuotes) { - std::string challenge_str = "Basic realm=foobar@baz.com"; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Basic"), challenge.scheme()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("realm"), parameters.name()); - EXPECT_EQ(std::string("foobar@baz.com"), parameters.value()); - EXPECT_FALSE(parameters.GetNext()); -} - -// Use a name=value property with mismatching quote marks. -TEST(HttpAuthTest, ChallengeTokenizerMismatchedQuotes) { - std::string challenge_str = "Basic realm=\"foobar@baz.com"; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Basic"), challenge.scheme()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("realm"), parameters.name()); - EXPECT_EQ(std::string("foobar@baz.com"), parameters.value()); - EXPECT_FALSE(parameters.GetNext()); -} - -// Use a name= property without a value and with mismatching quote marks. -TEST(HttpAuthTest, ChallengeTokenizerMismatchedQuotesNoValue) { - std::string challenge_str = "Basic realm=\""; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Basic"), challenge.scheme()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("realm"), parameters.name()); - EXPECT_EQ(std::string(), parameters.value()); - EXPECT_FALSE(parameters.GetNext()); -} - -// Use a name=value property with mismatching quote marks and spaces in the -// value. -TEST(HttpAuthTest, ChallengeTokenizerMismatchedQuotesSpaces) { - std::string challenge_str = "Basic realm=\"foo bar"; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Basic"), challenge.scheme()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("realm"), parameters.name()); - EXPECT_EQ(std::string("foo bar"), parameters.value()); - EXPECT_FALSE(parameters.GetNext()); -} - -// Use multiple name=value properties with mismatching quote marks in the last -// value. -TEST(HttpAuthTest, ChallengeTokenizerMismatchedQuotesMultiple) { - std::string challenge_str = "Digest qop=auth-int, algorithm=md5, realm=\"foo"; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Digest"), challenge.scheme()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("qop"), parameters.name()); - EXPECT_EQ(std::string("auth-int"), parameters.value()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("algorithm"), parameters.name()); - EXPECT_EQ(std::string("md5"), parameters.value()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("realm"), parameters.name()); - EXPECT_EQ(std::string("foo"), parameters.value()); - EXPECT_FALSE(parameters.GetNext()); -} - -// Use a name= property which has no value. -TEST(HttpAuthTest, ChallengeTokenizerNoValue) { - std::string challenge_str = "Digest qop="; - HttpAuth::ChallengeTokenizer challenge( - challenge_str.begin(), challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Digest"), challenge.scheme()); - EXPECT_FALSE(parameters.GetNext()); - EXPECT_FALSE(parameters.valid()); -} - -// Specify multiple properties, comma separated. -TEST(HttpAuthTest, ChallengeTokenizerMultiple) { - std::string challenge_str = - "Digest algorithm=md5, realm=\"Oblivion\", qop=auth-int"; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("Digest"), challenge.scheme()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("algorithm"), parameters.name()); - EXPECT_EQ(std::string("md5"), parameters.value()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("realm"), parameters.name()); - EXPECT_EQ(std::string("Oblivion"), parameters.value()); - EXPECT_TRUE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("qop"), parameters.name()); - EXPECT_EQ(std::string("auth-int"), parameters.value()); - EXPECT_FALSE(parameters.GetNext()); - EXPECT_TRUE(parameters.valid()); -} - -// Use a challenge which has no property. -TEST(HttpAuthTest, ChallengeTokenizerNoProperty) { - std::string challenge_str = "NTLM"; - HttpAuth::ChallengeTokenizer challenge( - challenge_str.begin(), challenge_str.end()); - HttpUtil::NameValuePairsIterator parameters = challenge.param_pairs(); - - EXPECT_TRUE(parameters.valid()); - EXPECT_EQ(std::string("NTLM"), challenge.scheme()); - EXPECT_FALSE(parameters.GetNext()); -} - -// Use a challenge with Base64 encoded token. -TEST(HttpAuthTest, ChallengeTokenizerBase64) { - std::string challenge_str = "NTLM SGVsbG8sIFdvcmxkCg==="; - HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), - challenge_str.end()); - - EXPECT_EQ(std::string("NTLM"), challenge.scheme()); - // Notice the two equal statements below due to padding removal. - EXPECT_EQ(std::string("SGVsbG8sIFdvcmxkCg=="), challenge.base64_param()); -} - TEST(HttpAuthTest, GetChallengeHeaderName) { std::string name; diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc index c1ed89b..0703350 100644 --- a/net/http/http_network_transaction_unittest.cc +++ b/net/http/http_network_transaction_unittest.cc @@ -35,6 +35,7 @@ #include "net/cert/mock_cert_verifier.h" #include "net/dns/host_cache.h" #include "net/dns/mock_host_resolver.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_handler_digest.h" #include "net/http/http_auth_handler_mock.h" #include "net/http/http_auth_handler_ntlm.h" @@ -9381,8 +9382,8 @@ TEST_P(HttpNetworkTransactionTest, GenerateAuthToken) { HttpAuthHandlerMock* auth_handler(new HttpAuthHandlerMock()); std::string auth_challenge = "Mock realm=proxy"; GURL origin(test_config.proxy_url); - HttpAuth::ChallengeTokenizer tokenizer(auth_challenge.begin(), - auth_challenge.end()); + HttpAuthChallengeTokenizer tokenizer(auth_challenge.begin(), + auth_challenge.end()); auth_handler->InitFromChallenge(&tokenizer, HttpAuth::AUTH_PROXY, origin, BoundNetLog()); auth_handler->SetGenerateExpectation( @@ -9395,8 +9396,8 @@ TEST_P(HttpNetworkTransactionTest, GenerateAuthToken) { HttpAuthHandlerMock* auth_handler(new HttpAuthHandlerMock()); std::string auth_challenge = "Mock realm=server"; GURL origin(test_config.server_url); - HttpAuth::ChallengeTokenizer tokenizer(auth_challenge.begin(), - auth_challenge.end()); + HttpAuthChallengeTokenizer tokenizer(auth_challenge.begin(), + auth_challenge.end()); auth_handler->InitFromChallenge(&tokenizer, HttpAuth::AUTH_SERVER, origin, BoundNetLog()); auth_handler->SetGenerateExpectation( @@ -9492,8 +9493,8 @@ TEST_P(HttpNetworkTransactionTest, MultiRoundAuth) { auth_handler->set_connection_based(true); std::string auth_challenge = "Mock realm=server"; GURL origin("http://www.example.com"); - HttpAuth::ChallengeTokenizer tokenizer(auth_challenge.begin(), - auth_challenge.end()); + HttpAuthChallengeTokenizer tokenizer(auth_challenge.begin(), + auth_challenge.end()); auth_handler->InitFromChallenge(&tokenizer, HttpAuth::AUTH_SERVER, origin, BoundNetLog()); auth_factory->AddMockHandler(auth_handler, HttpAuth::AUTH_SERVER); diff --git a/net/http/http_pipelined_network_transaction_unittest.cc b/net/http/http_pipelined_network_transaction_unittest.cc index f5f3922..181895c 100644 --- a/net/http/http_pipelined_network_transaction_unittest.cc +++ b/net/http/http_pipelined_network_transaction_unittest.cc @@ -16,6 +16,7 @@ #include "net/base/request_priority.h" #include "net/dns/host_cache.h" #include "net/dns/mock_host_resolver.h" +#include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/http_auth_handler_mock.h" #include "net/http/http_network_session.h" #include "net/http/http_network_transaction.h" @@ -587,7 +588,7 @@ TEST_F(HttpPipelinedNetworkTransactionTest, BasicHttpAuthentication) { HttpAuthHandlerMock* mock_auth = new HttpAuthHandlerMock; std::string challenge_text = "Basic"; - HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), + HttpAuthChallengeTokenizer challenge(challenge_text.begin(), challenge_text.end()); GURL origin("localhost"); EXPECT_TRUE(mock_auth->InitFromChallenge(&challenge, diff --git a/net/net.gyp b/net/net.gyp index 5f4763e..4fde550 100644 --- a/net/net.gyp +++ b/net/net.gyp @@ -556,6 +556,8 @@ 'http/http_auth.h', 'http/http_auth_cache.cc', 'http/http_auth_cache.h', + 'http/http_auth_challenge_tokenizer.cc', + 'http/http_auth_challenge_tokenizer.h', 'http/http_auth_controller.cc', 'http/http_auth_controller.h', 'http/http_auth_filter.cc', @@ -1769,6 +1771,7 @@ 'http/des_unittest.cc', 'http/disk_cache_based_quic_server_info_unittest.cc', 'http/http_auth_cache_unittest.cc', + 'http/http_auth_challenge_tokenizer_unittest.cc', 'http/http_auth_controller_unittest.cc', 'http/http_auth_filter_unittest.cc', 'http/http_auth_gssapi_posix_unittest.cc', |