net/http/http_auth_sspi_win.h

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 // This file contains common routines used by NTLM and Negotiate authentication
   6 // using the SSPI API on Windows.
   7
   8 #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_
   9 #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_
  10
  11 // security.h needs to be included for CredHandle. Unfortunately CredHandle
  12 // is a typedef and can't be forward declared.
  13 #define SECURITY_WIN32 1
  14 #include <windows.h>
  15 #include <security.h>
  16
  17 #include <string>
  18
  19 #include "base/strings/string16.h"
  20 #include "net/base/completion_callback.h"
  21 #include "net/base/net_export.h"
  22 #include "net/http/http_auth.h"
  23
  24 namespace net {
  25
  26 class HttpAuthChallengeTokenizer;
  27
  28 // SSPILibrary is introduced so unit tests can mock the calls to Windows' SSPI
  29 // implementation. The default implementation simply passes the arguments on to
  30 // the SSPI implementation provided by Secur32.dll.
  31 // NOTE(cbentzel): I considered replacing the Secur32.dll with a mock DLL, but
  32 // decided that it wasn't worth the effort as this is unlikely to be performance
  33 // sensitive code.
  34 class SSPILibrary {
  35  public:
  36   virtual ~SSPILibrary() {}
  37
  38   virtual SECURITY_STATUS AcquireCredentialsHandle(LPWSTR pszPrincipal,
  39                                                    LPWSTR pszPackage,
  40                                                    unsigned long fCredentialUse,
  41                                                    void* pvLogonId,
  42                                                    void* pvAuthData,
  43                                                    SEC_GET_KEY_FN pGetKeyFn,
  44                                                    void* pvGetKeyArgument,
  45                                                    PCredHandle phCredential,
  46                                                    PTimeStamp ptsExpiry) = 0;
  47
  48   virtual SECURITY_STATUS InitializeSecurityContext(PCredHandle phCredential,
  49                                                     PCtxtHandle phContext,
  50                                                     SEC_WCHAR* pszTargetName,
  51                                                     unsigned long fContextReq,
  52                                                     unsigned long Reserved1,
  53                                                     unsigned long TargetDataRep,
  54                                                     PSecBufferDesc pInput,
  55                                                     unsigned long Reserved2,
  56                                                     PCtxtHandle phNewContext,
  57                                                     PSecBufferDesc pOutput,
  58                                                     unsigned long* contextAttr,
  59                                                     PTimeStamp ptsExpiry) = 0;
  60
  61   virtual SECURITY_STATUS QuerySecurityPackageInfo(LPWSTR pszPackageName,
  62                                                    PSecPkgInfoW *pkgInfo) = 0;
  63
  64   virtual SECURITY_STATUS FreeCredentialsHandle(PCredHandle phCredential) = 0;
  65
  66   virtual SECURITY_STATUS DeleteSecurityContext(PCtxtHandle phContext) = 0;
  67
  68   virtual SECURITY_STATUS FreeContextBuffer(PVOID pvContextBuffer) = 0;
  69 };
  70
  71 class SSPILibraryDefault : public SSPILibrary {
  72  public:
  73   SSPILibraryDefault() {}
  74   ~SSPILibraryDefault() override {}
  75
  76   SECURITY_STATUS AcquireCredentialsHandle(LPWSTR pszPrincipal,
  77                                            LPWSTR pszPackage,
  78                                            unsigned long fCredentialUse,
  79                                            void* pvLogonId,
  80                                            void* pvAuthData,
  81                                            SEC_GET_KEY_FN pGetKeyFn,
  82                                            void* pvGetKeyArgument,
  83                                            PCredHandle phCredential,
  84                                            PTimeStamp ptsExpiry) override;
  85
  86   SECURITY_STATUS InitializeSecurityContext(PCredHandle phCredential,
  87                                             PCtxtHandle phContext,
  88                                             SEC_WCHAR* pszTargetName,
  89                                             unsigned long fContextReq,
  90                                             unsigned long Reserved1,
  91                                             unsigned long TargetDataRep,
  92                                             PSecBufferDesc pInput,
  93                                             unsigned long Reserved2,
  94                                             PCtxtHandle phNewContext,
  95                                             PSecBufferDesc pOutput,
  96                                             unsigned long* contextAttr,
  97                                             PTimeStamp ptsExpiry) override;
  98
  99   SECURITY_STATUS QuerySecurityPackageInfo(LPWSTR pszPackageName,
 100                                            PSecPkgInfoW* pkgInfo) override;
 101
 102   SECURITY_STATUS FreeCredentialsHandle(PCredHandle phCredential) override;
 103
 104   SECURITY_STATUS DeleteSecurityContext(PCtxtHandle phContext) override;
 105
 106   SECURITY_STATUS FreeContextBuffer(PVOID pvContextBuffer) override;
 107 };
 108
 109 class NET_EXPORT_PRIVATE HttpAuthSSPI {
 110  public:
 111   HttpAuthSSPI(SSPILibrary* sspi_library,
 112                const std::string& scheme,
 113                const SEC_WCHAR* security_package,
 114                ULONG max_token_length);
 115   ~HttpAuthSSPI();
 116
 117   bool NeedsIdentity() const;
 118
 119   bool AllowsExplicitCredentials() const;
 120
 121   HttpAuth::AuthorizationResult ParseChallenge(
 122       HttpAuthChallengeTokenizer* tok);
 123
 124   // Generates an authentication token.
 125   //
 126   // The return value is an error code. The authentication token will be
 127   // returned in |*auth_token|. If the result code is not |OK|, the value of
 128   // |*auth_token| is unspecified.
 129   //
 130   // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will
 131   // be returned and the real result code will be passed to the completion
 132   // callback.  Otherwise the result code is returned immediately from this
 133   // call.
 134   //
 135   // If the HttpAuthSPPI object is deleted before completion then the callback
 136   // will not be called.
 137   //
 138   // If no immediate result is returned then |auth_token| must remain valid
 139   // until the callback has been called.
 140   //
 141   // |spn| is the Service Principal Name of the server that the token is
 142   // being generated for.
 143   //
 144   // If this is the first round of a multiple round scheme, credentials are
 145   // obtained using |*credentials|. If |credentials| is NULL, the default
 146   // credentials are used instead.
 147   int GenerateAuthToken(const AuthCredentials* credentials,
 148                         const std::string& spn,
 149                         std::string* auth_token,
 150                         const CompletionCallback& callback);
 151
 152   // Delegation is allowed on the Kerberos ticket. This allows certain servers
 153   // to act as the user, such as an IIS server retrieving data from a
 154   // Kerberized MSSQL server.
 155   void Delegate();
 156
 157  private:
 158   int OnFirstRound(const AuthCredentials* credentials);
 159
 160   int GetNextSecurityToken(
 161       const std::string& spn,
 162       const void* in_token,
 163       int in_token_len,
 164       void** out_token,
 165       int* out_token_len);
 166
 167   void ResetSecurityContext();
 168
 169   SSPILibrary* library_;
 170   std::string scheme_;
 171   const SEC_WCHAR* security_package_;
 172   std::string decoded_server_auth_token_;
 173   ULONG max_token_length_;
 174   CredHandle cred_;
 175   CtxtHandle ctxt_;
 176   bool can_delegate_;
 177 };
 178
 179 // Splits |combined| into domain and username.
 180 // If |combined| is of form "FOO\bar", |domain| will contain "FOO" and |user|
 181 // will contain "bar".
 182 // If |combined| is of form "bar", |domain| will be empty and |user| will
 183 // contain "bar".
 184 // |domain| and |user| must be non-NULL.
 185 NET_EXPORT_PRIVATE void SplitDomainAndUser(const base::string16& combined,
 186                                            base::string16* domain,
 187                                            base::string16* user);
 188
 189 // Determines the maximum token length in bytes for a particular SSPI package.
 190 //
 191 // |library| and |max_token_length| must be non-NULL pointers to valid objects.
 192 //
 193 // If the return value is OK, |*max_token_length| contains the maximum token
 194 // length in bytes.
 195 //
 196 // If the return value is ERR_UNSUPPORTED_AUTH_SCHEME, |package| is not an
 197 // known SSPI authentication scheme on this system. |*max_token_length| is not
 198 // changed.
 199 //
 200 // If the return value is ERR_UNEXPECTED, there was an unanticipated problem
 201 // in the underlying SSPI call. The details are logged, and |*max_token_length|
 202 // is not changed.
 203 NET_EXPORT_PRIVATE int DetermineMaxTokenLength(SSPILibrary* library,
 204                                                const std::wstring& package,
 205                                                ULONG* max_token_length);
 206
 207 }  // namespace net
 208
 209 #endif  // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_