summaryrefslogtreecommitdiffstats
path: root/net/http/http_auth.h
Commit message (Collapse)AuthorAgeFilesLines
* SPDY proxy authentication support.piatek@google.com2012-09-281-0/+1
| | | | | | | | | BUG=147591 Review URL: https://chromiumcodereview.appspot.com/10913238 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159342 0039d316-1c4b-4281-b951-d872f2087c98
* Clean-up inline members of nested classes (net/)hans@chromium.org2012-08-091-9/+1
| | | | | | | | | | | | | | | | Due to a bug, the Clang-plugin style checker failed to warn about inline constructors, destructors, non-empty virtual methods, etc. for nested classes. The plugin has been fixed, and this patch is part of a clean-up of all the code that now causes the plugin to issue errors. BUG=139346 Review URL: https://chromiumcodereview.appspot.com/10854063 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150917 0039d316-1c4b-4281-b951-d872f2087c98
* Remove the rest of #pragma once in one big CL.ajwong@chromium.org2012-07-111-1/+0
| | | | | | | | | For context see this thread: https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromium-dev/RMcVNGjB4II TBR=thakis,pkasting,jam git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146163 0039d316-1c4b-4281-b951-d872f2087c98
* Use AuthCredentials throughout the network stack instead of username/password.cbentzel@chromium.org2011-10-281-3/+2
| | | | | | | | This is a refactor only - no behavior change should happen. Review URL: http://codereview.chromium.org/8340026 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@107766 0039d316-1c4b-4281-b951-d872f2087c98
* Rename NET_API to NET_EXPORT, and rename NET_TEST to NET_EXPORT_PRIVATE.darin@chromium.org2011-08-121-3/+3
| | | | | | Review URL: http://codereview.chromium.org/7529043 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@96560 0039d316-1c4b-4281-b951-d872f2087c98
* net: Add NET_API to the auth code.rvargas@google.com2011-05-201-2/+3
| | | | | | | | BUG=76997 TEST=NONE Review URL: http://codereview.chromium.org/7016043 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86128 0039d316-1c4b-4281-b951-d872f2087c98
* Move some files from base to base/memory.levin@chromium.org2011-03-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | raw_scoped_refptr_mismatch_checker.h ref_counted.cc ref_counted.h ref_counted_memory.cc ref_counted_memory.h ref_counted_unittest.cc scoped_callback_factory.h scoped_comptr_win.h scoped_handle.h scoped_native_library.cc scoped_native_library.h scoped_native_library_unittest.cc scoped_nsobject.h scoped_open_process.h scoped_ptr.h scoped_ptr_unittest.cc scoped_temp_dir.cc scoped_temp_dir.h scoped_temp_dir_unittest.cc scoped_vector.h singleton.h singleton_objc.h singleton_unittest.cc linked_ptr.h linked_ptr_unittest.cc weak_ptr.cc weak_ptr.h weak_ptr_unittest.cc BUG=None TEST=Compile Review URL: http://codereview.chromium.org/6714032 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@79524 0039d316-1c4b-4281-b951-d872f2087c98
* Check and invalidate cached credentials if they were used for preemptive ↵asanka@chromium.org2011-02-181-0/+7
| | | | | | | | | | | authentication and were rejected by the server. BUG=72589 TEST=net_unittests --gtest_filter=HttpAuthHandler*.HandleAnotherChallenge Review URL: http://codereview.chromium.org/6525035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@75390 0039d316-1c4b-4281-b951-d872f2087c98
* Cleanup: Use AUTH_SCHEME enum instead of a string.cbentzel@chromium.org2011-01-131-2/+14
| | | | | | | | | BUG=None TEST=trybots Review URL: http://codereview.chromium.org/6191001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71318 0039d316-1c4b-4281-b951-d872f2087c98
* Clean up some HttpAuth nits.cbentzel@chromium.org2010-10-291-1/+2
| | | | | | | | | BUG=None TEST=net_unittests Review URL: http://codereview.chromium.org/4193007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64431 0039d316-1c4b-4281-b951-d872f2087c98
* Add more tests cases for HttpAuth::HandleChallengeResponse.cbentzel@chromium.org2010-10-201-1/+20
| | | | | | | | | | | This also improves the documentation for HandleChallengeResponse and clears the challenge_response arugment. BUG=None TEST=net_unittests --gtest_filter="*HandleChallengeResponse*" Review URL: http://codereview.chromium.org/3752003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63227 0039d316-1c4b-4281-b951-d872f2087c98
* FBTF: Continue fixing nits found by my automated source scanner.erg@google.com2010-10-051-1/+1
| | | | | | | | | | | (~1.3 megs off Debug linux .a files) BUG=none TEST=compiles Review URL: http://codereview.chromium.org/3556013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61587 0039d316-1c4b-4281-b951-d872f2087c98
* Extract name-value pair parsing from http_auth.cc (ChallengeTokenizer) into ↵erikwright@chromium.org2010-09-301-60/+15
| | | | | | | | | | http_util.cc (NameValuePairsIterator). In preparation for re-use of name-value pair parsing in ChromeFrame (for X-UA-Compatible header). BUG=None TEST=net_unittests (HttpAuth* and HttpUtilTest.NameValuePairs*) Review URL: http://codereview.chromium.org/3525004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61061 0039d316-1c4b-4281-b951-d872f2087c98
* Don't evict username/password when handling "stale" digest authentication ↵cbentzel@chromium.org2010-09-161-1/+2
| | | | | | | | | | | | | challenges. Stale challenges indicate that the cached nonce (and associated nonce_count) are no longer valid. BUG=53353 TEST=Use a digest authentication Squid proxy with default settings (which complain about stale nonce's). Ensure that there are no username/password prompts after getting a stale challenge. Also, net_unittests. Review URL: http://codereview.chromium.org/3421005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59643 0039d316-1c4b-4281-b951-d872f2087c98
* Fix multi-round authentication.cbentzel@chromium.org2010-09-111-11/+29
| | | | | | | | | | | | | | | | | | | | | | | | In the case of Negotiate, authentication can look like C: GET S: 401, WWW-Authenticate: Negotiate C: GET, WWW-Authorization: Negotiate <client_token_1> S: 401, WWW-Authenticate: Negotiate <server_token_1> C: GET, WWW-Authorization: Negotiate <client_token_2> S: 401, WWW-Authenticate: Negotiate <server_token_2> on that third challenge, the handler was reported as being in "the final round" and this was treated as a rejection of the authentication attempt. After that, the new challenge token was used by a new auth handler that hadn't established a security context, and an ERR_INVALID_HANDLE would be returned. This CL also does some prep work to correctly handle the "stale=true" value for Digest authentication, but I decided to defer the HttpAuthCache changes needed for that to a separate CL since this was large enough. BUG=53282 TEST=net_unittests. Unfortunately, I haven't been able to set up a proxy/server to do more than two auth challenges, but this does happen in the wild. Review URL: http://codereview.chromium.org/3360017 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59188 0039d316-1c4b-4281-b951-d872f2087c98
* Uninitialized member vars and inlined constructors.finnur@chromium.org2010-08-121-1/+5
| | | | | | | | | | BUG=None TEST=None CID=3810, 8793, 8794 Review URL: http://codereview.chromium.org/3156003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55869 0039d316-1c4b-4281-b951-d872f2087c98
* Net: Convert username and password to string16.thestig@chromium.org2010-07-291-3/+4
| | | | | | | | BUG=none TEST=none Review URL: http://codereview.chromium.org/3040016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54101 0039d316-1c4b-4281-b951-d872f2087c98
* `#pragma once` for app, base, chrome, gfx, ipc, net, skia, viewsthakis@chromium.org2010-07-261-0/+1
| | | | | | | | | BUG=50273 TEST=everything still builds, build is 10% faster on windows, same speed on mac/linux TBR: erg git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53716 0039d316-1c4b-4281-b951-d872f2087c98
* Attempt to back off from Kerberos authentication if we don't have credentials.ahendrickson@google.com2010-07-201-0/+5
| | | | | | | | | | | | | | | | | | | If the user has a stale TGT, or is unable to generate a TGS for the server they are trying to communicate to, then generating an authentication token fails. Rather than fail the entire network transaction in that case, we resend the request with an empty Authenticate (or Proxy-Authenticate) header, and remember that the Negotiate scheme is not a valid option for this particular transaction. If the server responds back with headers like WWW-Authenticate: Negotiate WWW-Authenticate: Digest realm=foo then the digest scheme is chosen in the next round. BUG=33033 TEST=None Review URL: http://codereview.chromium.org/3010010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53002 0039d316-1c4b-4281-b951-d872f2087c98
* Create HttpAuthController. (again)vandebo@chromium.org2010-06-241-0/+4
| | | | | | | | | | | | This packages up the auth state into a single class to enable a HttpProxyClientSocket class (which is needed for SSLClientSocketPool). Fix memory leak. BUG=30357 TEST=existing unit tests Review URL: http://codereview.chromium.org/2808020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50696 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 50647 - Create HttpAuthController.vandebo@chromium.org2010-06-231-4/+0
| | | | | | | | | | | | | | | | 'Memory tests' is not happy. This packages up the auth state into a single class to enable a HttpProxyClientSocket class (which is needed for SSLClientSocketPool). BUG=30357 TEST=existing unit tests Review URL: http://codereview.chromium.org/2808020 TBR=vandebo@chromium.org Review URL: http://codereview.chromium.org/2866018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50669 0039d316-1c4b-4281-b951-d872f2087c98
* Create HttpAuthController.vandebo@chromium.org2010-06-231-0/+4
| | | | | | | | | | | This packages up the auth state into a single class to enable a HttpProxyClientSocket class (which is needed for SSLClientSocketPool). BUG=30357 TEST=existing unit tests Review URL: http://codereview.chromium.org/2808020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50647 0039d316-1c4b-4281-b951-d872f2087c98
* HttpNetworkTransaction handles asynchronous auth token generation.cbentzel@chromium.org2010-06-171-0/+1
| | | | | | | | | BUG=21050,42222 TEST=net_unittests Review URL: http://codereview.chromium.org/2722009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50088 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandler's are no longer refcounted.cbentzel@chromium.org2010-06-071-1/+2
| | | | | | | | | | | | Since HttpAuthHandler objects are no longer contained inside of the HttpAuthCache, the lifetime of the handlers is more clearly defined. TEST=net_unittests (including some changes) BUG=42222 Review URL: http://codereview.chromium.org/2635004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49052 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandlers hold onto a bound net log.cbentzel@chromium.org2010-05-271-0/+2
| | | | | | | | | | | Although this doesn't have a behavioral impact in this CL, it is needed for additional logging which I'd like to add. BUG=34737 TEST=net_unittests Review URL: http://codereview.chromium.org/2288001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@48391 0039d316-1c4b-4281-b951-d872f2087c98
* Remove handler from HttpAuthCache.cbentzel@chromium.org2010-05-201-1/+10
| | | | | | | | | | | This is part of a refactoring meant to simplify the connection phase of HttpNetworkTransaction. BUG=None TEST=net_unittests (which already includes unit tests for preemptive auth, as well as using values from cache). Review URL: http://codereview.chromium.org/2056003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@47786 0039d316-1c4b-4281-b951-d872f2087c98
* On Windows, use IInternetSecurityManager to determine if it's OKwtc@chromium.org2010-03-291-43/+47
| | | | | | | | | | | | | | | | | | | | | | | to send the default credentials to a server, without prompting the user for permission, for HTTP NTLM or Negotiate authentication. It is always OK to send the default credentials to a proxy without prompting the user. Rename the AllowDefaultCredentials method of HttpAuthHandler to SupportsDefaultCredentials and redefine it to simply return if the authentication scheme supports the use of default credentials, as opposed to whether we may use the default credentials for a particular server or proxy. This CL contains the changes by cbentzel in http://codereview.chromium.org/1082001. R=cbentzel,cpu,stoyan BUG=29596 TEST=none Review URL: http://codereview.chromium.org/1343003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42960 0039d316-1c4b-4281-b951-d872f2087c98
* Added factories for HttpAuthHandler.cbentzel@chromium.org2010-02-151-14/+21
| | | | | | | | | | | | | | | | | | | The driving rationale for this change was to prevent choosing an AuthHandler when it is not supported on the system due to a missing runtime component (such as not being able to locate a gssapi shared library when seeing a Negotiate scheme). It also has the advantage (currently unused) of determining some per-auth-scheme properties only the first time that a challenge for that scheme is seen (such as maximum token length for the SSPI implementation of NTLM). Finally, it may make unit tests easier to generate since the factory can be easily mocked. BUG=34795 TEST=New unit test for HttpAuthHandlerDispatchFactory. Review URL: http://codereview.chromium.org/582007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39065 0039d316-1c4b-4281-b951-d872f2087c98
* We should pass the service principal name (SPN) of thewtc@chromium.org2009-09-181-0/+5
| | | | | | | | | | | | | | | | format "HTTP/host:port" as the third argument (pszTargetName) to InitializeSecurityContext. This requires adding a host_and_port parameter to some methods. Remove obsolete (and incorrect) logging code in HttpNetworkTransaction::PrepareForAuthRestart(). R=eroman BUG=18009 TEST=none Review URL: http://codereview.chromium.org/206022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@26588 0039d316-1c4b-4281-b951-d872f2087c98
* Respect cookies set in a 401 responses when restarting the http transaction.ericroman@google.com2009-03-271-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | There are two parts to this change: (1) rebuild the request cookies before each transaction restart for authentication (2) notify the URLRequestHttpJob of header completion before *each* transaction restart for authentication By "each transaction" I mean the automatic restarts that don't require user input, such as: - replying to the first step of NTLM - selecting identity embedded in URL - selecting identity in auth-cache Needing to notify URLRequestHttpJob for these intermediate restarts is a consequence of cookie store management being done outside of HttpNetworkTransaction. After updating the cookie store, URLRequestHttpJob now tests |HttpTransaction::IsReadyToRestartForAuth()| to check whether the notification was informational or an identity is actually needed. R=wtc BUG=6450 Review URL: http://codereview.chromium.org/51004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@12635 0039d316-1c4b-4281-b951-d872f2087c98
* Remove unneeded uses of base/ref_counted.h.thestig@chromium.org2009-03-181-1/+2
| | | | | | Review URL: http://codereview.chromium.org/48105 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@11974 0039d316-1c4b-4281-b951-d872f2087c98
* Fixes CRLF and trailing white spaces.maruel@chromium.org2009-03-051-4/+4
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@10982 0039d316-1c4b-4281-b951-d872f2087c98
* Implement the NTLM authentication scheme by portingwtc@chromium.org2009-02-281-2/+9
| | | | | | | | | | Mozilla's implementation. R=darin,eroman BUG=6567,6824 Review URL: http://codereview.chromium.org/28144 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@10667 0039d316-1c4b-4281-b951-d872f2087c98
* - Add preemptive authorization (new http stack only)ericroman@google.com2008-11-081-10/+46
| | | | | | | | | | | | - Check for auth identity in URL (new http stack only) - Move auth cache logic out of url request job, and hide it in the url request ftp job and http transaction classes. Note: Somehow the original codereview thread got corrupted so it was recreated. The real review comments should be under (http://codereview.chromium.org/6481) Review URL: http://codereview.chromium.org/8231 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5064 0039d316-1c4b-4281-b951-d872f2087c98
* Initial stab at http authentication (basic + digest) in new http stack.ericroman@google.com2008-09-271-0/+120
General design: - class HttpAuth -- utility class for http-auth logic. - class HttpAuth::ChallengeTokenizer -- parsing of www-Authenticate headers. - class HttpAuthHandler -- base class for authentication schemes (inspired by nsIHttpAuthenticator) - class HttpAuthHandlerBasic : HttpAuthHandler -- logic for basic auth. - class HttpAuthHandlerDigest : HttpAuthHandler -- logic for digest auth. - The auth integration in HttpNetworkTransaction mimics that of HttpTransactionWinHttp: + HttpNetworkTransaction::ApplyAuth() -- set the authorization headers. + HttpNetworkTransaction::PopulateAuthChallenge() -- process the challenges. BUG=2346 Review URL: http://codereview.chromium.org/4063 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2658 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-08 03:35:16 +0000