1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_HTTP_HTTP_AUTH_HANDLER_H_
#define NET_HTTP_HTTP_AUTH_HANDLER_H_
#include <string>
#include "base/ref_counted.h"
#include "net/http/http_auth.h"
namespace net {
class HttpRequestInfo;
class ProxyInfo;
// HttpAuthHandler is the interface for the authentication schemes
// (basic, digest, ...)
// The registry mapping auth-schemes to implementations is hardcoded in
// HttpAuth::CreateAuthHandler().
class HttpAuthHandler : public base::RefCounted<HttpAuthHandler> {
public:
virtual ~HttpAuthHandler() { }
// Initialize the handler by parsing a challenge string.
bool InitFromChallenge(std::string::const_iterator begin,
std::string::const_iterator end,
HttpAuth::Target target);
// Lowercase name of the auth scheme
const std::string& scheme() const {
return scheme_;
}
// The realm value that was parsed during Init().
const std::string& realm() const {
return realm_;
}
// Numeric rank based on the challenge's security level. Higher
// numbers are better. Used by HttpAuth::ChooseBestChallenge().
int score() const {
return score_;
}
HttpAuth::Target target() const {
return target_;
}
// Returns true if the authentication scheme does not send the username and
// password in the clear.
bool encrypts_identity() const {
return (properties_ & ENCRYPTS_IDENTITY) != 0;
}
// Returns true if the authentication scheme is connection-based, for
// example, NTLM. A connection-based authentication scheme does not support
// preemptive authentication, and must use the same handler object
// throughout the life of an HTTP transaction.
bool is_connection_based() const {
return (properties_ & IS_CONNECTION_BASED) != 0;
}
// Returns true if the response to the current authentication challenge
// requires an identity.
// TODO(wtc): Find a better way to handle a multi-round challenge-response
// sequence used by a connection-based authentication scheme.
virtual bool NeedsIdentity() { return true; }
// Generate the Authorization header value.
virtual std::string GenerateCredentials(const std::wstring& username,
const std::wstring& password,
const HttpRequestInfo* request,
const ProxyInfo* proxy) = 0;
protected:
enum Property {
ENCRYPTS_IDENTITY = 1 << 0,
IS_CONNECTION_BASED = 1 << 1,
};
// Initialize the handler by parsing a challenge string.
// Implementations are expcted to initialize the following members:
// scheme_, realm_, score_, properties_
virtual bool Init(std::string::const_iterator challenge_begin,
std::string::const_iterator challenge_end) = 0;
// The lowercase auth-scheme {"basic", "digest", "ntlm", ...}
std::string scheme_;
// The realm.
std::string realm_;
// The score for this challenge. Higher numbers are better.
int score_;
// Whether this authentication request is for a proxy server, or an
// origin server.
HttpAuth::Target target_;
// A bitmask of the properties of the authentication scheme.
int properties_;
};
} // namespace net
#endif // NET_HTTP_HTTP_AUTH_HANDLER_H_
|
