diff options
Diffstat (limited to 'net/http/http_auth_handler.h')
-rw-r--r-- | net/http/http_auth_handler.h | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/net/http/http_auth_handler.h b/net/http/http_auth_handler.h index ad8c939..4c03a01 100644 --- a/net/http/http_auth_handler.h +++ b/net/http/http_auth_handler.h @@ -4,9 +4,11 @@ #ifndef NET_HTTP_HTTP_AUTH_HANDLER_H_ #define NET_HTTP_HTTP_AUTH_HANDLER_H_ +#pragma once #include <string> +#include "base/string16.h" #include "base/time.h" #include "net/base/completion_callback.h" #include "net/base/net_log.h" @@ -16,8 +18,6 @@ class Histogram; namespace net { -class HostResolver; -class ProxyInfo; struct HttpRequestInfo; // HttpAuthHandler is the interface for the authentication schemes @@ -38,6 +38,22 @@ class HttpAuthHandler { const GURL& origin, const BoundNetLog& net_log); + // Determines how the previous authorization attempt was received. + // + // This is called when the server/proxy responds with a 401/407 after an + // earlier authorization attempt. Although this normally means that the + // previous attempt was rejected, in multi-round schemes such as + // NTLM+Negotiate it may indicate that another round of challenge+response + // is required. For Digest authentication it may also mean that the previous + // attempt used a stale nonce (and nonce-count) and that a new attempt should + // be made with a different nonce provided in the challenge. + // + // |challenge| must be non-NULL and have already tokenized the + // authentication scheme, but none of the tokens occuring after the + // authentication scheme. + virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( + HttpAuth::ChallengeTokenizer* challenge) = 0; + // Generates an authentication token, potentially asynchronously. // // When |username| and |password| are NULL, the default credentials for @@ -56,8 +72,8 @@ class HttpAuthHandler { // call. // Otherwise, there was a problem generating a token synchronously, and the // value of |*auth_token| is unspecified. - int GenerateAuthToken(const std::wstring* username, - const std::wstring* password, + int GenerateAuthToken(const string16* username, + const string16* password, const HttpRequestInfo* request, CompletionCallback* callback, std::string* auth_token); @@ -107,11 +123,6 @@ class HttpAuthHandler { // sequence used by a connection-based authentication scheme. virtual bool NeedsIdentity() { return true; } - // Returns true if this is the final round of the authentication sequence. - // For Basic and Digest, the method always returns true because they are - // single-round schemes. - virtual bool IsFinalRound() { return true; } - // Returns whether the default credentials may be used for the |origin| passed // into |InitFromChallenge|. If true, the user does not need to be prompted // for username and password to establish credentials. @@ -136,8 +147,8 @@ class HttpAuthHandler { // |GenerateAuthTokenImpl()} is the auth-scheme specific implementation // of generating the next auth token. Callers sohuld use |GenerateAuthToken()| // which will in turn call |GenerateAuthTokenImpl()| - virtual int GenerateAuthTokenImpl(const std::wstring* username, - const std::wstring* password, + virtual int GenerateAuthTokenImpl(const string16* username, + const string16* password, const HttpRequestInfo* request, CompletionCallback* callback, std::string* auth_token) = 0; |