summaryrefslogtreecommitdiffstats
path: root/net/http/http_auth_handler.h
Commit message (Collapse)AuthorAgeFilesLines
* Cleanup return values in http_authpayal.pandey2015-04-281-3/+1
| | | | | | | | | | This CL turns const by value return values into const by ref BUG=393155 Review URL: https://codereview.chromium.org/1105093002 Cr-Commit-Position: refs/heads/master@{#327239}
* Move NetLog code from src/net/base to src/net/log.eroman2015-04-021-1/+1
| | | | | | | | | | | | This is a partial conversion. It only updates src/net/* and src/chrome/browser/net*. I left a forwarding header for net/base/net_log.h --> net/log/net_log.h so the other consumers can be updated separately. BUG=434856 Review URL: https://codereview.chromium.org/1054783002 Cr-Commit-Position: refs/heads/master@{#323438}
* Move HttpAuth::ChallengeTokenizer to its own file.davidben@chromium.org2014-03-131-3/+4
| | | | | | | | | | | Avoids a circulate dependency in preparation of using this tokenizer to strip private data from net-export logs. BUG=349502 Review URL: https://codereview.chromium.org/191563004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@256715 0039d316-1c4b-4281-b951-d872f2087c98
* Remove the rest of #pragma once in one big CL.ajwong@chromium.org2012-07-111-1/+0
| | | | | | | | | For context see this thread: https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromium-dev/RMcVNGjB4II TBR=thakis,pkasting,jam git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146163 0039d316-1c4b-4281-b951-d872f2087c98
* base::Bind: Convert most of net/http.jhawkins@chromium.org2011-12-201-9/+8
| | | | | | | | | | BUG=none TEST=none R=csilv Review URL: http://codereview.chromium.org/8990001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@115220 0039d316-1c4b-4281-b951-d872f2087c98
* Use AuthCredentials throughout the network stack instead of username/password.cbentzel@chromium.org2011-10-281-12/+11
| | | | | | | | This is a refactor only - no behavior change should happen. Review URL: http://codereview.chromium.org/8340026 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@107766 0039d316-1c4b-4281-b951-d872f2087c98
* Begin CompletionCallback switchover.willchan@chromium.org2011-10-011-4/+4
| | | | | | | | | | | | | Rename CompletionCallback to OldCompletionCallback in preparation for introducing a new CompletionCallback based on base::Callback. Also renames other CompletionCallback types like CancelableCompletionCallback and TestCompletionCallback and CompletionCallbackImpl. All using sed with s/CompletionCallback/OldCompletionCallback/g. BUG=98719 TEST=none Review URL: http://codereview.chromium.org/8070013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@103650 0039d316-1c4b-4281-b951-d872f2087c98
* Change AuthChallengeInfo to better represent underlying encodings.cbentzel@chromium.org2011-09-121-2/+2
| | | | | | | | | | | | | | * Use a HostPortPair to indicate the challenger info. This may be a punycode-encoded host. * scheme is always ASCII encoded and a string * realm is converted to UTF-16 rather than a wstring. Over the wire this is usually ASCII, can be ISO-8859-1 encoded as it's a quoted string, and could potentially be other encodings as specified by RFC 2047. BUG=95692 TEST=http://greenbytes.de/tech/tc/httpauth/simplebasicrealmiso88591.asis should display an a with an umlaut. Review URL: http://codereview.chromium.org/7569015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@100676 0039d316-1c4b-4281-b951-d872f2087c98
* Don't try to use explicit credentials with schemes that don't support it.asanka@chromium.org2011-08-311-0/+5
| | | | | | | | | | | BUG=94617 TEST=net_unittests --gtest_filter=HttpAuthControllerTest.NoExplicitCredentialsAllowed. Review URL: http://codereview.chromium.org/7748033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@98965 0039d316-1c4b-4281-b951-d872f2087c98
* Rename NET_API to NET_EXPORT, and rename NET_TEST to NET_EXPORT_PRIVATE.darin@chromium.org2011-08-121-2/+2
| | | | | | Review URL: http://codereview.chromium.org/7529043 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@96560 0039d316-1c4b-4281-b951-d872f2087c98
* net: Add NET_API to the auth code.rvargas@google.com2011-05-201-2/+3
| | | | | | | | BUG=76997 TEST=NONE Review URL: http://codereview.chromium.org/7016043 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86128 0039d316-1c4b-4281-b951-d872f2087c98
* Cleanup: Use AUTH_SCHEME enum instead of a string.cbentzel@chromium.org2011-01-131-18/+2
| | | | | | | | | BUG=None TEST=trybots Review URL: http://codereview.chromium.org/6191001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71318 0039d316-1c4b-4281-b951-d872f2087c98
* Remove auth token generation timing histograms.cbentzel@chromium.org2011-01-071-9/+0
| | | | | | | | | | | These didn't turn out to be terribly useful, and add some complexity to HttpAuthHandler. BUG=NONE TEST=targets build Review URL: http://codereview.chromium.org/6103003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@70740 0039d316-1c4b-4281-b951-d872f2087c98
* Histogram target for each HTTP Authentication Scheme.cbentzel@chromium.org2010-12-131-0/+23
| | | | | | | | | | | | | For each HTTP authentication scheme, record whether it was started for a proxy, a secure proxy, a server, or a secure server. Also, use a new scheme-based enumerated value as an index rather than the score. BUG=None TEST=trybots, look at about:histograms after authenticating to different resources. Review URL: http://codereview.chromium.org/5563006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69018 0039d316-1c4b-4281-b951-d872f2087c98
* Start deinlining non-empty virtual methods. (This will be automatically checkederg@google.com2010-12-091-2/+2
| | | | | | | | | | | for in the future.) BUG=none TEST=compiles Review URL: http://codereview.chromium.org/5574006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@68746 0039d316-1c4b-4281-b951-d872f2087c98
* Move Stats, histograms, and field trial into a metrics subdirectory of base andbrettw@chromium.org2010-10-141-1/+3
| | | | | | | | | put them in the base namespace. TEST=it compiles BUG=none git-svn-id: svn://svn.chromium.org/chrome/trunk/src@62510 0039d316-1c4b-4281-b951-d872f2087c98
* Fix multi-round authentication.cbentzel@chromium.org2010-09-111-5/+16
| | | | | | | | | | | | | | | | | | | | | | | | In the case of Negotiate, authentication can look like C: GET S: 401, WWW-Authenticate: Negotiate C: GET, WWW-Authorization: Negotiate <client_token_1> S: 401, WWW-Authenticate: Negotiate <server_token_1> C: GET, WWW-Authorization: Negotiate <client_token_2> S: 401, WWW-Authenticate: Negotiate <server_token_2> on that third challenge, the handler was reported as being in "the final round" and this was treated as a rejection of the authentication attempt. After that, the new challenge token was used by a new auth handler that hadn't established a security context, and an ERR_INVALID_HANDLE would be returned. This CL also does some prep work to correctly handle the "stale=true" value for Digest authentication, but I decided to defer the HttpAuthCache changes needed for that to a separate CL since this was large enough. BUG=53282 TEST=net_unittests. Unfortunately, I haven't been able to set up a proxy/server to do more than two auth challenges, but this does happen in the wild. Review URL: http://codereview.chromium.org/3360017 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59188 0039d316-1c4b-4281-b951-d872f2087c98
* Remove obviously unneeded forward declarations from headers under ↵viettrungluu@chromium.org2010-08-211-2/+0
| | | | | | | | | | | src/{app,base,net}. BUG=none TEST=builds Review URL: http://codereview.chromium.org/3136025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@56995 0039d316-1c4b-4281-b951-d872f2087c98
* Net: Convert username and password to string16.thestig@chromium.org2010-07-291-4/+5
| | | | | | | | BUG=none TEST=none Review URL: http://codereview.chromium.org/3040016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54101 0039d316-1c4b-4281-b951-d872f2087c98
* `#pragma once` for app, base, chrome, gfx, ipc, net, skia, viewsthakis@chromium.org2010-07-261-0/+1
| | | | | | | | | BUG=50273 TEST=everything still builds, build is 10% faster on windows, same speed on mac/linux TBR: erg git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53716 0039d316-1c4b-4281-b951-d872f2087c98
* Attempt four at landing the "histogram.h removed from message_loop.h" patch.erg@chromium.org2010-07-151-0/+1
| | | | | | | | | | | | | | Previously committed as r52349 and r52336. Related commits: r52367, r52364 and r52343. Rerunning trybots due to previous trybot breakage. TEST=none BUG=none Review URL: http://codereview.chromium.org/2965015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52496 0039d316-1c4b-4281-b951-d872f2087c98
* Revert everything related to the relanding.erg@chromium.org2010-07-141-1/+0
| | | | | | Review URL: http://codereview.chromium.org/2982009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52367 0039d316-1c4b-4281-b951-d872f2087c98
* Reland r52336.erg@chromium.org2010-07-141-0/+1
| | | | | | | | | | | | | | (I accidentally committed a previous version of the patch (the fixed version was in codereview since I had switched to my mac to address this exact compile failure.) BUG=none TEST=none TBR=evan Review URL: http://codereview.chromium.org/2937010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52349 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 52336 - More header cleanup:erg@chromium.org2010-07-141-1/+0
| | | | | | | | | | | | | | | | - Some cleanup to url_request.h - Remove task.h from headers that don't need it. - Remove histogram.h from message_loop.h BUG=none TEST=none Review URL: http://codereview.chromium.org/2986002 TBR=erg@chromium.org Review URL: http://codereview.chromium.org/2969006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52343 0039d316-1c4b-4281-b951-d872f2087c98
* More header cleanup:erg@chromium.org2010-07-141-0/+1
| | | | | | | | | | | | | - Some cleanup to url_request.h - Remove task.h from headers that don't need it. - Remove histogram.h from message_loop.h BUG=none TEST=none Review URL: http://codereview.chromium.org/2986002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52336 0039d316-1c4b-4281-b951-d872f2087c98
* Make the Negotiate Authentication Handler a state machine.cbentzel@chromium.org2010-07-011-12/+0
| | | | | | | | | | | | | | Now that the HttpNetworkTransaction correctly handles asynchronous auth token generation, HttpAuthHandlerNegotiate can be turned into a state machine. This also removes the need for the externally exposed "Resolve Canonical Name" details to users of this handler. BUG=42222 TEST=net_unittests Review URL: http://codereview.chromium.org/2867022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@51387 0039d316-1c4b-4281-b951-d872f2087c98
* Add histograms for HTTP authentication token generation times.cbentzel@chromium.org2010-07-011-1/+7
| | | | | | | | | BUG=None TEST=None Review URL: http://codereview.chromium.org/2838018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@51357 0039d316-1c4b-4281-b951-d872f2087c98
* Added NetLog support for HTTP authentication.cbentzel@chromium.org2010-06-211-0/+8
| | | | | | | | | BUG=None TEST=net_unittests --gtest_filter="HttpAuthHandlerTest.NetLog" Review URL: http://codereview.chromium.org/2842013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50361 0039d316-1c4b-4281-b951-d872f2087c98
* Async support for HttpAuthHandler::GenerateAuthToken.cbentzel@chromium.org2010-06-101-22/+33
| | | | | | | | | | | | | | This CL changes the signature of GenerateAuthToken to support an async completion of GenerateAuthToken. At this point, all of the implementations complete synchronously, but a future version will change Negotiate to complete asynchronously. TEST=net_unittests BUG=42222 Review URL: http://codereview.chromium.org/2671001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49398 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandler's are no longer refcounted.cbentzel@chromium.org2010-06-071-6/+3
| | | | | | | | | | | | Since HttpAuthHandler objects are no longer contained inside of the HttpAuthCache, the lifetime of the handlers is more clearly defined. TEST=net_unittests (including some changes) BUG=42222 Review URL: http://codereview.chromium.org/2635004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49052 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandlers hold onto a bound net log.cbentzel@chromium.org2010-05-271-4/+6
| | | | | | | | | | | Although this doesn't have a behavioral impact in this CL, it is needed for additional logging which I'd like to add. BUG=34737 TEST=net_unittests Review URL: http://codereview.chromium.org/2288001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@48391 0039d316-1c4b-4281-b951-d872f2087c98
* Remove handler from HttpAuthCache.cbentzel@chromium.org2010-05-201-0/+8
| | | | | | | | | | | This is part of a refactoring meant to simplify the connection phase of HttpNetworkTransaction. BUG=None TEST=net_unittests (which already includes unit tests for preemptive auth, as well as using values from cache). Review URL: http://codereview.chromium.org/2056003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@47786 0039d316-1c4b-4281-b951-d872f2087c98
* Remove CRLF from three lines in http_auth_handler.hcbentzel@chromium.org2010-05-131-3/+3
| | | | | | | | | BUG=None TEST=None Review URL: http://codereview.chromium.org/2101001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@47164 0039d316-1c4b-4281-b951-d872f2087c98
* Use HttpRequestHeaders for extra_headers.willchan@chromium.org2010-04-201-1/+1
| | | | | | | | BUG=22588 Review URL: http://codereview.chromium.org/1604011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@45096 0039d316-1c4b-4281-b951-d872f2087c98
* Refactored to pass the URLSecurityManager via the HttpAuthFactory class to ↵ahendrickson@chromium.org2010-04-161-4/+4
| | | | | | | | | | | | | the HttpNetworkSession. Fixed a bug where the command-line whitelist was not being propagated down to the URLSecurityManager. BUG=29596 TEST=None Review URL: http://codereview.chromium.org/1634005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@44811 0039d316-1c4b-4281-b951-d872f2087c98
* Kerberos uses an SPN (Service Principal Name) to identify a server. This is ↵cbentzel@chromium.org2010-04-141-2/+18
| | | | | | | | | | | | | | | | | | | typically in the form "HTTP/host:port", with the ":port" suffix being optional, and the "HTTP/" prefix is fixed regardless of whether the service is accessed over HTTP or HTTPS. The issue this is fixing is that the URL host may be an incomplete domain name, a numerical address, or an alias for a canonical DNS name. By default, Chrome will skip adding the optional port to the SPN, and will use the canonical DNS name for the server (which may be the original server name if it is an A or AAAA record). This matches IE and Firefox's default behavior. Some intranets are set up so the original host name should be used rather than the canonical name. The canonical name resolution can be disabled with the --disable-spnego-cname-lookup command line flag. Some intranets are also set up so the optional port should be specified when it is non-standard (non 80 or 443). Use the --enable-spnego-port command line flag. BUG=29862 TEST=net_unittests.exe --gtest_filter="*CanonicalName*" Review URL: http://codereview.chromium.org/1535019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@44526 0039d316-1c4b-4281-b951-d872f2087c98
* On Windows, use IInternetSecurityManager to determine if it's OKwtc@chromium.org2010-03-291-5/+7
| | | | | | | | | | | | | | | | | | | | | | | to send the default credentials to a server, without prompting the user for permission, for HTTP NTLM or Negotiate authentication. It is always OK to send the default credentials to a proxy without prompting the user. Rename the AllowDefaultCredentials method of HttpAuthHandler to SupportsDefaultCredentials and redefine it to simply return if the authentication scheme supports the use of default credentials, as opposed to whether we may use the default credentials for a particular server or proxy. This CL contains the changes by cbentzel in http://codereview.chromium.org/1082001. R=cbentzel,cpu,stoyan BUG=29596 TEST=none Review URL: http://codereview.chromium.org/1343003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42960 0039d316-1c4b-4281-b951-d872f2087c98
* Added factories for HttpAuthHandler.cbentzel@chromium.org2010-02-151-9/+13
| | | | | | | | | | | | | | | | | | | The driving rationale for this change was to prevent choosing an AuthHandler when it is not supported on the system due to a missing runtime component (such as not being able to locate a gssapi shared library when seeing a Negotiate scheme). It also has the advantage (currently unused) of determining some per-auth-scheme properties only the first time that a challenge for that scheme is seen (such as maximum token length for the SSPI implementation of NTLM). Finally, it may make unit tests easier to generate since the factory can be easily mocked. BUG=34795 TEST=New unit test for HttpAuthHandlerDispatchFactory. Review URL: http://codereview.chromium.org/582007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39065 0039d316-1c4b-4281-b951-d872f2087c98
* Add Single Sign On support to HTTP Authentication handlers.cbentzel@chromium.org2010-02-051-6/+27
| | | | | | | | | | | | | | | Currently this is implemented on Windows for the NTLM and Negotiate schemes. This CL does not introduce the hooks to actually use Single Sign On in response to a 401/407 request - that will come in a later CL. This behavior is disabled for now as well. BUG=29862 TEST=Ran unittests, and Chrome against a server with authentication challenges. Review URL: http://codereview.chromium.org/555174 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@38227 0039d316-1c4b-4281-b951-d872f2087c98
* Second patch in making destructors of refcounted objects private.jam@chromium.org2009-11-051-2/+4
| | | | | | | | BUG=26749 Review URL: http://codereview.chromium.org/368001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@31165 0039d316-1c4b-4281-b951-d872f2087c98
* We should pass the service principal name (SPN) of thewtc@chromium.org2009-09-181-2/+7
| | | | | | | | | | | | | | | | format "HTTP/host:port" as the third argument (pszTargetName) to InitializeSecurityContext. This requires adding a host_and_port parameter to some methods. Remove obsolete (and incorrect) logging code in HttpNetworkTransaction::PrepareForAuthRestart(). R=eroman BUG=18009 TEST=none Review URL: http://codereview.chromium.org/206022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@26588 0039d316-1c4b-4281-b951-d872f2087c98
* [Second attempt of r25461]wtc@chromium.org2009-09-051-0/+5
| | | | | | | | | | | | | | | | | | | | | | | Use SSPI for NTLM authentication on Windows. Add an explicit embedded_identity_used_ boolean member to make sure we use the username/password in the URL only once for the transaction. This allows us to reset auth_identity_[target].source to HttpAuth::IDENT_SRC_NONE after auth failed. Initial patch by Arindam. Original review URL: http://codereview.chromium.org/159656 R=arindam,eroman BUG=19,18009,20560 TEST=1. Open a webpage that requests NTLM authentication on Windows. 2. New unit test for wrong auth identity in URL. Review URL: http://codereview.chromium.org/193022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25564 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Use SSPI for NTLM authentication on Windows."agl@chromium.org2009-09-041-5/+0
| | | | | | | This reverts commit r25461. It looks like it broke failed-auth.html git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25471 0039d316-1c4b-4281-b951-d872f2087c98
* Use SSPI for NTLM authentication on Windows.wtc@chromium.org2009-09-041-0/+5
| | | | | | | | | | | | | | Initial patch by Arindam. Original review URL: http://codereview.chromium.org/159656 R=arindam,eroman BUG=19,18009 TEST=open a webpage that requests NTLM authentication on Windows Review URL: http://codereview.chromium.org/173528 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25461 0039d316-1c4b-4281-b951-d872f2087c98
* Implement the NTLM authentication scheme by portingwtc@chromium.org2009-02-281-5/+33
| | | | | | | | | | Mozilla's implementation. R=darin,eroman BUG=6567,6824 Review URL: http://codereview.chromium.org/28144 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@10667 0039d316-1c4b-4281-b951-d872f2087c98
* Minor refactorings:ericroman@google.com2008-12-021-3/+3
| | | | | | | | | | | | - Change scheme from a (const char*) to a (std::string). This is in response to an earlier comment. Background: It used to be a (const char*) to avoid allocating a string object since all the callers initialize it with a string literal. - Change the initial value of nonce_count_ from 1 to 0. This doesn't functionally change anything (we just change to a pre-increment rather than post-increment), but I prefer the the start-at-zero style. Review URL: http://codereview.chromium.org/12846 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@6208 0039d316-1c4b-4281-b951-d872f2087c98
* - Add preemptive authorization (new http stack only)ericroman@google.com2008-11-081-2/+5
| | | | | | | | | | | | - Check for auth identity in URL (new http stack only) - Move auth cache logic out of url request job, and hide it in the url request ftp job and http transaction classes. Note: Somehow the original codereview thread got corrupted so it was recreated. The real review comments should be under (http://codereview.chromium.org/6481) Review URL: http://codereview.chromium.org/8231 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5064 0039d316-1c4b-4281-b951-d872f2087c98
* Initial stab at http authentication (basic + digest) in new http stack.ericroman@google.com2008-09-271-0/+77
General design: - class HttpAuth -- utility class for http-auth logic. - class HttpAuth::ChallengeTokenizer -- parsing of www-Authenticate headers. - class HttpAuthHandler -- base class for authentication schemes (inspired by nsIHttpAuthenticator) - class HttpAuthHandlerBasic : HttpAuthHandler -- logic for basic auth. - class HttpAuthHandlerDigest : HttpAuthHandler -- logic for digest auth. - The auth integration in HttpNetworkTransaction mimics that of HttpTransactionWinHttp: + HttpNetworkTransaction::ApplyAuth() -- set the authorization headers. + HttpNetworkTransaction::PopulateAuthChallenge() -- process the challenges. BUG=2346 Review URL: http://codereview.chromium.org/4063 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2658 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-07 19:26:33 +0000