Histogram target for each HTTP Authentication Scheme.

For each HTTP authentication scheme, record whether it was started for a proxy, a secure proxy, a server, or a secure server.

Also, use a new scheme-based enumerated value as an index rather than the score.

BUG=None
TEST=trybots, look at about:histograms after authenticating to different resources.

Review URL: http://codereview.chromium.org/5563006

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69018 0039d316-1c4b-4281-b951-d872f2087c98

9 files changed, 101 insertions, 12 deletions

diff --git a/net/http/http_auth_cache_unittest.cc b/net/http/http_auth_cache_unittest.cc
index 5773d159..2c28969 100644
--- a/net/http/http_auth_cache_unittest.cc
+++ b/net/http/http_auth_cache_unittest.cc
@@ -29,7 +29,7 @@ class MockAuthHandler : public HttpAuthHandler {
     properties_ = 0;
   }
 
-  HttpAuth::AuthorizationResult HandleAnotherChallenge(
+  virtual HttpAuth::AuthorizationResult HandleAnotherChallenge(
       HttpAuth::ChallengeTokenizer* challenge) {
     return HttpAuth::AUTHORIZATION_RESULT_REJECT;
   }
diff --git a/net/http/http_auth_controller.cc b/net/http/http_auth_controller.cc
index e4e2dd4..c324709a 100644
--- a/net/http/http_auth_controller.cc
+++ b/net/http/http_auth_controller.cc
@@ -52,10 +52,36 @@ std::string AuthChallengeLogMessage(HttpResponseHeaders* headers) {
 
 enum AuthEvent {
   AUTH_EVENT_START = 0,
-  AUTH_EVENT_REJECT = 1,
-  AUTH_EVENT_MAX = 2,
+  AUTH_EVENT_REJECT,
+  AUTH_EVENT_MAX,
 };
 
+enum AuthTarget {
+  AUTH_TARGET_PROXY = 0,
+  AUTH_TARGET_SECURE_PROXY,
+  AUTH_TARGET_SERVER,
+  AUTH_TARGET_SECURE_SERVER,
+  AUTH_TARGET_MAX,
+};
+
+AuthTarget DetermineAuthTarget(const HttpAuthHandler* handler) {
+  switch (handler->target()) {
+    case HttpAuth::AUTH_PROXY:
+      if (handler->origin().SchemeIsSecure())
+        return AUTH_TARGET_SECURE_PROXY;
+      else
+        return AUTH_TARGET_PROXY;
+    case HttpAuth::AUTH_SERVER:
+      if (handler->origin().SchemeIsSecure())
+        return AUTH_TARGET_SECURE_SERVER;
+      else
+        return AUTH_TARGET_SERVER;
+    default:
+      NOTREACHED();
+      return AUTH_TARGET_MAX;
+  }
+}
+
 // Records the number of authentication events per authentication scheme.
 void HistogramAuthEvent(HttpAuthHandler* handler, AuthEvent auth_event) {
 #if !defined(NDEBUG)
@@ -68,8 +94,12 @@ void HistogramAuthEvent(HttpAuthHandler* handler, AuthEvent auth_event) {
   DCHECK_EQ(first_thread, PlatformThread::CurrentId());
 #endif
 
-  // This assumes that the schemes maintain a consistent score from
-  // 1 to 4 inclusive. The results map to:
+  HttpAuthHandler::AuthScheme auth_scheme = handler->auth_scheme();
+  DCHECK(auth_scheme >= 0 && auth_scheme < HttpAuthHandler::AUTH_SCHEME_MAX);
+
+  // Record start and rejection events for authentication.
+  //
+  // The results map to:
   //   Basic Start: 0
   //   Basic Reject: 1
   //   Digest Start: 2
@@ -78,12 +108,41 @@ void HistogramAuthEvent(HttpAuthHandler* handler, AuthEvent auth_event) {
   //   NTLM Reject: 5
   //   Negotiate Start: 6
   //   Negotiate Reject: 7
-  static const int kScoreMin = 1;
-  static const int kScoreMax = 4;
-  static const int kBucketsMax = kScoreMax * AUTH_EVENT_MAX + 1;
-  DCHECK(handler->score() >= kScoreMin && handler->score() <= kScoreMax);
-  int bucket = (handler->score() - kScoreMin) * AUTH_EVENT_MAX + auth_event;
-  UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthCount", bucket, kBucketsMax);
+  static const int kEventBucketsEnd =
+      HttpAuthHandler::AUTH_SCHEME_MAX * AUTH_EVENT_MAX;
+  int event_bucket = auth_scheme * AUTH_EVENT_MAX + auth_event;
+  DCHECK(event_bucket >= 0 && event_bucket < kEventBucketsEnd);
+  UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthCount", event_bucket,
+                            kEventBucketsEnd);
+
+  // Record the target of the authentication.
+  //
+  // The results map to:
+  //   Basic Proxy: 0
+  //   Basic Secure Proxy: 1
+  //   Basic Server: 2
+  //   Basic Secure Server: 3
+  //   Digest Proxy: 4
+  //   Digest Secure Proxy: 5
+  //   Digest Server: 6
+  //   Digest Secure Server: 7
+  //   NTLM Proxy: 8
+  //   NTLM Secure Proxy: 9
+  //   NTLM Server: 10
+  //   NTLM Secure Server: 11
+  //   Negotiate Proxy: 12
+  //   Negotiate Secure Proxy: 13
+  //   Negotiate Server: 14
+  //   Negotiate Secure Server: 15
+  if (auth_event != AUTH_EVENT_START)
+    return;
+  static const int kTargetBucketsEnd =
+      HttpAuthHandler::AUTH_SCHEME_MAX * AUTH_TARGET_MAX;
+  AuthTarget auth_target = DetermineAuthTarget(handler);
+  int target_bucket = auth_scheme * AUTH_TARGET_MAX + auth_target;
+  DCHECK(target_bucket >= 0 && target_bucket < kTargetBucketsEnd);
+  UMA_HISTOGRAM_ENUMERATION("Net.HttpAuthTarget", target_bucket,
+                            kTargetBucketsEnd);
 }
 
 }  // namespace
diff --git a/net/http/http_auth_handler.cc b/net/http/http_auth_handler.cc
index e653e99..5c86d69 100644
--- a/net/http/http_auth_handler.cc
+++ b/net/http/http_auth_handler.cc
@@ -13,7 +13,8 @@
 namespace net {
 
 HttpAuthHandler::HttpAuthHandler()
-    : score_(-1),
+    : auth_scheme_(AUTH_SCHEME_MAX),
+      score_(-1),
       target_(HttpAuth::AUTH_NONE),
       properties_(-1),
       original_callback_(NULL),
@@ -50,6 +51,7 @@ bool HttpAuthHandler::InitFromChallenge(
   DCHECK(!ok || !scheme().empty());
   DCHECK(!ok || score_ != -1);
   DCHECK(!ok || properties_ != -1);
+  DCHECK(!ok || auth_scheme_ != AUTH_SCHEME_MAX);
 
   if (ok)
     histogram_ = base::Histogram::FactoryTimeGet(
diff --git a/net/http/http_auth_handler.h b/net/http/http_auth_handler.h
index f5ce1be..b48d4c2 100644
--- a/net/http/http_auth_handler.h
+++ b/net/http/http_auth_handler.h
@@ -27,6 +27,14 @@ struct HttpRequestInfo;
 // HttpAuthHandler objects are typically created by an HttpAuthHandlerFactory.
 class HttpAuthHandler {
  public:
+  enum AuthScheme {
+    AUTH_SCHEME_BASIC = 0,
+    AUTH_SCHEME_DIGEST,
+    AUTH_SCHEME_NTLM,
+    AUTH_SCHEME_NEGOTIATE,
+    AUTH_SCHEME_MAX,
+  };
+
   HttpAuthHandler();
   virtual ~HttpAuthHandler();
 
@@ -80,6 +88,11 @@ class HttpAuthHandler {
                         CompletionCallback* callback,
                         std::string* auth_token);
 
+  // The authentication scheme as an enumerated value.
+  AuthScheme auth_scheme() const {
+    return auth_scheme_;
+  }
+
   // Lowercase name of the auth scheme
   const std::string& scheme() const {
     return scheme_;
@@ -105,6 +118,13 @@ class HttpAuthHandler {
     return target_;
   }
 
+  // Returns the proxy or server which issued the authentication challenge
+  // that this HttpAuthHandler is handling. The URL includes scheme, host, and
+  // port, but does not include path.
+  const GURL& origin() const {
+    return origin_;
+  }
+
   // Returns true if the authentication scheme does not send the username and
   // password in the clear.
   bool encrypts_identity() const {
@@ -155,6 +175,9 @@ class HttpAuthHandler {
                                     CompletionCallback* callback,
                                     std::string* auth_token) = 0;
 
+  // The auth-scheme as an enumerated value.
+  AuthScheme auth_scheme_;
+
   // The lowercase auth-scheme {"basic", "digest", "ntlm", "negotiate"}
   std::string scheme_;
 
diff --git a/net/http/http_auth_handler_basic.cc b/net/http/http_auth_handler_basic.cc
index 35b088f..8ee775d 100644
--- a/net/http/http_auth_handler_basic.cc
+++ b/net/http/http_auth_handler_basic.cc
@@ -23,6 +23,7 @@ namespace net {
 // We allow it to be compatibility with certain embedded webservers that don't
 // include a realm (see http://crbug.com/20984.)
 bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) {
+  auth_scheme_ = AUTH_SCHEME_BASIC;
   scheme_ = "basic";
   score_ = 1;
   properties_ = 0;
diff --git a/net/http/http_auth_handler_digest.cc b/net/http/http_auth_handler_digest.cc
index 517558f..2b103f4 100644
--- a/net/http/http_auth_handler_digest.cc
+++ b/net/http/http_auth_handler_digest.cc
@@ -266,6 +266,7 @@ HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge(
 // webserver was not sending the realm with a BASIC challenge).
 bool HttpAuthHandlerDigest::ParseChallenge(
     HttpAuth::ChallengeTokenizer* challenge) {
+  auth_scheme_ = AUTH_SCHEME_DIGEST;
   scheme_ = "digest";
   score_ = 2;
   properties_ = ENCRYPTS_IDENTITY;
diff --git a/net/http/http_auth_handler_mock.cc b/net/http/http_auth_handler_mock.cc
index d1e8bb2..0a49169 100644
--- a/net/http/http_auth_handler_mock.cc
+++ b/net/http/http_auth_handler_mock.cc
@@ -72,6 +72,7 @@ void HttpAuthHandlerMock::SetGenerateExpectation(bool async, int rv) {
 }
 
 bool HttpAuthHandlerMock::Init(HttpAuth::ChallengeTokenizer* challenge) {
+  auth_scheme_ = AUTH_SCHEME_BASIC;
   scheme_ = "mock";
   score_ = 1;
   properties_ = connection_based_ ? IS_CONNECTION_BASED : 0;
diff --git a/net/http/http_auth_handler_negotiate.cc b/net/http/http_auth_handler_negotiate.cc
index 0fce354..2544728 100644
--- a/net/http/http_auth_handler_negotiate.cc
+++ b/net/http/http_auth_handler_negotiate.cc
@@ -93,6 +93,7 @@ bool HttpAuthHandlerNegotiate::Init(HttpAuth::ChallengeTokenizer* challenge) {
 #endif
   if (CanDelegate())
     auth_system_.Delegate();
+  auth_scheme_ = AUTH_SCHEME_NEGOTIATE;
   scheme_ = "negotiate";
   score_ = 4;
   properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED;
diff --git a/net/http/http_auth_handler_ntlm.cc b/net/http/http_auth_handler_ntlm.cc
index 352b2ed..f987e48 100644
--- a/net/http/http_auth_handler_ntlm.cc
+++ b/net/http/http_auth_handler_ntlm.cc
@@ -93,6 +93,7 @@ int HttpAuthHandlerNTLM::GenerateAuthTokenImpl(
 }
 
 bool HttpAuthHandlerNTLM::Init(HttpAuth::ChallengeTokenizer* tok) {
+  auth_scheme_ = AUTH_SCHEME_NTLM;
   scheme_ = "ntlm";
   score_ = 3;
   properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED;