diff options
author | lambroslambrou <lambroslambrou@chromium.org> | 2015-12-15 19:50:14 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-12-16 03:51:01 +0000 |
commit | f43816adff32d5c84822b527ad55293c7e221e87 (patch) | |
tree | 1ce5dd82fdce89a335d5ace3589ff4ca40e46639 /remoting/host/token_validator_base.h | |
parent | 638b072c97d72498c7b6de15cd61c9142385ea61 (diff) | |
download | chromium_src-f43816adff32d5c84822b527ad55293c7e221e87.zip chromium_src-f43816adff32d5c84822b527ad55293c7e221e87.tar.gz chromium_src-f43816adff32d5c84822b527ad55293c7e221e87.tar.bz2 |
Chromoting: Retry third-party token validation if needed.
The initial attempt at token validation often fails because an
authentication cookie is missing and the server redirects the request,
causing the POST to become a GET, losing the request data.
This CL detects this condition and retries the request, which is
expected to succeed (if the token is valid).
BUG=566215
Review URL: https://codereview.chromium.org/1495373002
Cr-Commit-Position: refs/heads/master@{#365423}
Diffstat (limited to 'remoting/host/token_validator_base.h')
-rw-r--r-- | remoting/host/token_validator_base.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/remoting/host/token_validator_base.h b/remoting/host/token_validator_base.h index a10ab1a..d7fc115 100644 --- a/remoting/host/token_validator_base.h +++ b/remoting/host/token_validator_base.h @@ -43,6 +43,9 @@ class TokenValidatorBase // URLRequest::Delegate interface. void OnResponseStarted(net::URLRequest* source) override; void OnReadCompleted(net::URLRequest* source, int bytes_read) override; + void OnReceivedRedirect(net::URLRequest* request, + const net::RedirectInfo& redirect_info, + bool* defer_redirect) override; void OnCertificateRequested( net::URLRequest* source, net::SSLCertRequestInfo* cert_request_info) override; @@ -65,6 +68,18 @@ class TokenValidatorBase scoped_refptr<net::IOBuffer> buffer_; std::string data_; + // This is set by OnReceivedRedirect() if the token validation request is + // being re-submitted as a POST request. This can happen if the authentication + // cookie has not yet been set, and a login handler redirection causes the + // POST request to be turned into a GET operation, losing the POST data. In + // this case, an immediate retry (with the same cookie jar) is expected to + // succeeed. + bool retrying_request_ = false; + + // Stores the most recently requested token, in case the validation request + // needs to be retried. + std::string token_; + base::Callback<void(const std::string& shared_secret)> on_token_validated_; base::WeakPtrFactory<TokenValidatorBase> weak_factory_; |