summaryrefslogtreecommitdiffstats
path: root/net/http/http_auth_handler_basic.cc
Commit message (Collapse)AuthorAgeFilesLines
* Revert 239921 "Revert 239759 "The comment in base64.h implies th..."vadimt@chromium.org2013-12-111-7/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ***************** Reverting the revert. Congrats, the original CL wasn't the cause for the failure; sorry for the mess. ***************** > Revert 239759 "The comment in base64.h implies that base::Base64..." > > > The comment in base64.h implies that base::Base64Encode() can return false, but > > this cannot happen in practice. Fix the comment. > > > > The implementation of Base64Encode() attempts to check for the return value > > MODP_B64_ERROR as a failure, but modp_b64_encode() cannot return this > > value. Remove the check. > > > > Remove unneeded integer cast. > > > > Change the return type to void. > > > > BUG=323357 > > TEST=base_unittests, compile all > > TBR=jochen@chromium.org,miket@chromium.org,joi@chromium.org,akalin@chromium.org,sergeyu@chromium.org > > > > Review URL: https://codereview.chromium.org/86913002 > > TBR=ricea@chromium.org > > Review URL: https://codereview.chromium.org/101113004 TBR=vadimt@chromium.org Review URL: https://codereview.chromium.org/111883004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@239944 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 239759 "The comment in base64.h implies that base::Base64..."vadimt@chromium.org2013-12-111-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | > The comment in base64.h implies that base::Base64Encode() can return false, but > this cannot happen in practice. Fix the comment. > > The implementation of Base64Encode() attempts to check for the return value > MODP_B64_ERROR as a failure, but modp_b64_encode() cannot return this > value. Remove the check. > > Remove unneeded integer cast. > > Change the return type to void. > > BUG=323357 > TEST=base_unittests, compile all > TBR=jochen@chromium.org,miket@chromium.org,joi@chromium.org,akalin@chromium.org,sergeyu@chromium.org > > Review URL: https://codereview.chromium.org/86913002 TBR=ricea@chromium.org Review URL: https://codereview.chromium.org/101113004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@239921 0039d316-1c4b-4281-b951-d872f2087c98
* The comment in base64.h implies that base::Base64Encode() can return false, butricea@chromium.org2013-12-101-7/+3
| | | | | | | | | | | | | | | | | | | | this cannot happen in practice. Fix the comment. The implementation of Base64Encode() attempts to check for the return value MODP_B64_ERROR as a failure, but modp_b64_encode() cannot return this value. Remove the check. Remove unneeded integer cast. Change the return type to void. BUG=323357 TEST=base_unittests, compile all TBR=jochen@chromium.org,miket@chromium.org,joi@chromium.org,akalin@chromium.org,sergeyu@chromium.org Review URL: https://codereview.chromium.org/86913002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@239759 0039d316-1c4b-4281-b951-d872f2087c98
* Use a direct include of strings headers in net/http/.avi@chromium.org2013-06-111-1/+1
| | | | | | | | | | BUG=247723 TEST=none TBR=ben@chromium.org Review URL: https://chromiumcodereview.appspot.com/15906017 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@205594 0039d316-1c4b-4281-b951-d872f2087c98
* Use a direct include of utf_string_conversions.h in net/.avi@chromium.org2013-06-071-1/+1
| | | | | | | | | | BUG=none TEST=none TBR=ben@chromium.org Review URL: https://chromiumcodereview.appspot.com/15995039 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@204876 0039d316-1c4b-4281-b951-d872f2087c98
* base::Bind: Convert most of net/http.jhawkins@chromium.org2011-12-201-4/+2
| | | | | | | | | | BUG=none TEST=none R=csilv Review URL: http://codereview.chromium.org/8990001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@115220 0039d316-1c4b-4281-b951-d872f2087c98
* Use AuthCredentials throughout the network stack instead of username/password.cbentzel@chromium.org2011-10-281-4/+6
| | | | | | | | This is a refactor only - no behavior change should happen. Review URL: http://codereview.chromium.org/8340026 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@107766 0039d316-1c4b-4281-b951-d872f2087c98
* Begin CompletionCallback switchover.willchan@chromium.org2011-10-011-1/+1
| | | | | | | | | | | | | Rename CompletionCallback to OldCompletionCallback in preparation for introducing a new CompletionCallback based on base::Callback. Also renames other CompletionCallback types like CancelableCompletionCallback and TestCompletionCallback and CompletionCallbackImpl. All using sed with s/CompletionCallback/OldCompletionCallback/g. BUG=98719 TEST=none Review URL: http://codereview.chromium.org/8070013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@103650 0039d316-1c4b-4281-b951-d872f2087c98
* Change AuthChallengeInfo to better represent underlying encodings.cbentzel@chromium.org2011-09-121-15/+33
| | | | | | | | | | | | | | * Use a HostPortPair to indicate the challenger info. This may be a punycode-encoded host. * scheme is always ASCII encoded and a string * realm is converted to UTF-16 rather than a wstring. Over the wire this is usually ASCII, can be ISO-8859-1 encoded as it's a quoted string, and could potentially be other encodings as specified by RFC 2047. BUG=95692 TEST=http://greenbytes.de/tech/tc/httpauth/simplebasicrealmiso88591.asis should display an a with an umlaut. Review URL: http://codereview.chromium.org/7569015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@100676 0039d316-1c4b-4281-b951-d872f2087c98
* Fix realm selection when handling Basic authentication.asanka@chromium.org2011-02-241-3/+1
| | | | | | | | | | | | | | | Clarify comments and fix realm selection in HttpAuthHandlerBasic::HandleAnotherChallenge() to match the selection in HttpAuthHandlerBasic::ParseChallenge(). This is cleanup for r75390. BUG=none TEST=net_unittests --gtest_filter=HttpAuthHandlerBasicTest.* Review URL: http://codereview.chromium.org/6574003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@75889 0039d316-1c4b-4281-b951-d872f2087c98
* Check and invalidate cached credentials if they were used for preemptive ↵asanka@chromium.org2011-02-181-3/+14
| | | | | | | | | | | authentication and were rejected by the server. BUG=72589 TEST=net_unittests --gtest_filter=HttpAuthHandler*.HandleAnotherChallenge Review URL: http://codereview.chromium.org/6525035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@75390 0039d316-1c4b-4281-b951-d872f2087c98
* Cleanup: Use AUTH_SCHEME enum instead of a string.cbentzel@chromium.org2011-01-131-2/+1
| | | | | | | | | BUG=None TEST=trybots Review URL: http://codereview.chromium.org/6191001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71318 0039d316-1c4b-4281-b951-d872f2087c98
* Histogram target for each HTTP Authentication Scheme.cbentzel@chromium.org2010-12-131-0/+1
| | | | | | | | | | | | | For each HTTP authentication scheme, record whether it was started for a proxy, a secure proxy, a server, or a secure server. Also, use a new scheme-based enumerated value as an index rather than the score. BUG=None TEST=trybots, look at about:histograms after authenticating to different resources. Review URL: http://codereview.chromium.org/5563006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69018 0039d316-1c4b-4281-b951-d872f2087c98
* Refactor net::HttpUtil::NameValuePairsIterator to relieve clients of the ↵erikwright@chromium.org2010-10-221-1/+1
| | | | | | | | | | | | | | need to think about quoted values while also avoiding a string copy if the value is unquoted. The iterator now holds a (normally empty) string member that it uses only if the currently accessed value is quoted. In this case, the value_begin and value_end iterators point into this string (holding the unquoted value) as opposed to the original buffer (holding the quoted value). The value is only unquoted if it is accessed. As a result, the interface is simplified to not expose whether the current value is quoted. This simplifies the work of all clients. Furthermore, this implementation is optimized to only construct a string if it is required, whereas most clients previously (for simplicity) constructed a new string whether or not it was required. They will therefore benefit from a slight increase in efficiency. BUG=52601 TEST=net_unittests / HttpUtilTest.NameValuePairs*, HttpAuthTest.* Review URL: http://codereview.chromium.org/3777012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63514 0039d316-1c4b-4281-b951-d872f2087c98
* Extract name-value pair parsing from http_auth.cc (ChallengeTokenizer) into ↵erikwright@chromium.org2010-09-301-6/+7
| | | | | | | | | | http_util.cc (NameValuePairsIterator). In preparation for re-use of name-value pair parsing in ChromeFrame (for X-UA-Compatible header). BUG=None TEST=net_unittests (HttpAuth* and HttpUtilTest.NameValuePairs*) Review URL: http://codereview.chromium.org/3525004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61061 0039d316-1c4b-4281-b951-d872f2087c98
* Fix multi-round authentication.cbentzel@chromium.org2010-09-111-2/+18
| | | | | | | | | | | | | | | | | | | | | | | | In the case of Negotiate, authentication can look like C: GET S: 401, WWW-Authenticate: Negotiate C: GET, WWW-Authorization: Negotiate <client_token_1> S: 401, WWW-Authenticate: Negotiate <server_token_1> C: GET, WWW-Authorization: Negotiate <client_token_2> S: 401, WWW-Authenticate: Negotiate <server_token_2> on that third challenge, the handler was reported as being in "the final round" and this was treated as a rejection of the authentication attempt. After that, the new challenge token was used by a new auth handler that hadn't established a security context, and an ERR_INVALID_HANDLE would be returned. This CL also does some prep work to correctly handle the "stale=true" value for Digest authentication, but I decided to defer the HttpAuthCache changes needed for that to a separate CL since this was large enough. BUG=53282 TEST=net_unittests. Unfortunately, I haven't been able to set up a proxy/server to do more than two auth challenges, but this does happen in the wild. Review URL: http://codereview.chromium.org/3360017 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59188 0039d316-1c4b-4281-b951-d872f2087c98
* Net: Convert username and password to string16.thestig@chromium.org2010-07-291-3/+3
| | | | | | | | BUG=none TEST=none Review URL: http://codereview.chromium.org/3040016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54101 0039d316-1c4b-4281-b951-d872f2087c98
* Async support for HttpAuthHandler::GenerateAuthToken.cbentzel@chromium.org2010-06-101-14/+5
| | | | | | | | | | | | | | This CL changes the signature of GenerateAuthToken to support an async completion of GenerateAuthToken. At this point, all of the implementations complete synchronously, but a future version will change Negotiate to complete asynchronously. TEST=net_unittests BUG=42222 Review URL: http://codereview.chromium.org/2671001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49398 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandler's are no longer refcounted.cbentzel@chromium.org2010-06-071-2/+2
| | | | | | | | | | | | Since HttpAuthHandler objects are no longer contained inside of the HttpAuthCache, the lifetime of the handlers is more clearly defined. TEST=net_unittests (including some changes) BUG=42222 Review URL: http://codereview.chromium.org/2635004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49052 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandlers hold onto a bound net log.cbentzel@chromium.org2010-05-271-1/+2
| | | | | | | | | | | Although this doesn't have a behavioral impact in this CL, it is needed for additional logging which I'd like to add. BUG=34737 TEST=net_unittests Review URL: http://codereview.chromium.org/2288001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@48391 0039d316-1c4b-4281-b951-d872f2087c98
* Remove handler from HttpAuthCache.cbentzel@chromium.org2010-05-201-0/+2
| | | | | | | | | | | This is part of a refactoring meant to simplify the connection phase of HttpNetworkTransaction. BUG=None TEST=net_unittests (which already includes unit tests for preemptive auth, as well as using values from cache). Review URL: http://codereview.chromium.org/2056003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@47786 0039d316-1c4b-4281-b951-d872f2087c98
* net: string_utils.h -> utf_string_conversions.h fix.jhawkins@chromium.org2010-03-081-0/+1
| | | | | | | | BUG=none TEST=none Review URL: http://codereview.chromium.org/668267 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@40935 0039d316-1c4b-4281-b951-d872f2087c98
* Added factories for HttpAuthHandler.cbentzel@chromium.org2010-02-151-9/+26
| | | | | | | | | | | | | | | | | | | The driving rationale for this change was to prevent choosing an AuthHandler when it is not supported on the system due to a missing runtime component (such as not being able to locate a gssapi shared library when seeing a Negotiate scheme). It also has the advantage (currently unused) of determining some per-auth-scheme properties only the first time that a challenge for that scheme is seen (such as maximum token length for the SSPI implementation of NTLM). Finally, it may make unit tests easier to generate since the factory can be easily mocked. BUG=34795 TEST=New unit test for HttpAuthHandlerDispatchFactory. Review URL: http://codereview.chromium.org/582007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39065 0039d316-1c4b-4281-b951-d872f2087c98
* Add Single Sign On support to HTTP Authentication handlers.cbentzel@chromium.org2010-02-051-6/+21
| | | | | | | | | | | | | | | Currently this is implemented on Windows for the NTLM and Negotiate schemes. This CL does not introduce the hooks to actually use Single Sign On in response to a 401/407 request - that will come in a later CL. This behavior is disabled for now as well. BUG=29862 TEST=Ran unittests, and Chrome against a server with authentication challenges. Review URL: http://codereview.chromium.org/555174 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@38227 0039d316-1c4b-4281-b951-d872f2087c98
* Move base64 from 'net/base' into 'base'.hayato@chromium.org2009-11-241-4/+6
| | | | | | | | | BUG=13572 TEST=none Review URL: http://codereview.chromium.org/399068 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@32918 0039d316-1c4b-4281-b951-d872f2087c98
* Allow the realm in BASIC and DIGEST challenges to not be specified.eroman@chromium.org2009-09-211-2/+10
| | | | | | | | | | | | This goes against RFC 2617 which states they are required parameters, but apparently there are servers which do this, and other browsers are less strict. Also allow the empty string as a valid realm value (previously this was being disallowed as an implementation bug to check if it was not specified). BUG=12565,20984 Review URL: http://codereview.chromium.org/211040 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@26723 0039d316-1c4b-4281-b951-d872f2087c98
* Implement the NTLM authentication scheme by portingwtc@chromium.org2009-02-281-0/+1
| | | | | | | | | | Mozilla's implementation. R=darin,eroman BUG=6567,6824 Review URL: http://codereview.chromium.org/28144 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@10667 0039d316-1c4b-4281-b951-d872f2087c98
* Initial stab at http authentication (basic + digest) in new http stack.ericroman@google.com2008-09-271-0/+46
General design: - class HttpAuth -- utility class for http-auth logic. - class HttpAuth::ChallengeTokenizer -- parsing of www-Authenticate headers. - class HttpAuthHandler -- base class for authentication schemes (inspired by nsIHttpAuthenticator) - class HttpAuthHandlerBasic : HttpAuthHandler -- logic for basic auth. - class HttpAuthHandlerDigest : HttpAuthHandler -- logic for digest auth. - The auth integration in HttpNetworkTransaction mimics that of HttpTransactionWinHttp: + HttpNetworkTransaction::ApplyAuth() -- set the authorization headers. + HttpNetworkTransaction::PopulateAuthChallenge() -- process the challenges. BUG=2346 Review URL: http://codereview.chromium.org/4063 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2658 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-03-23 11:15:40 +0000