Roll src/third_party/WebKit 66fcf2e:f05b633 (svn 189594:189607)
[chromium-blink-merge.git] / net / http / http_auth_handler_factory.h
blob06f7f34db55901118f053a082a4d2a2cb3a6862a
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_FACTORY_H_
6 #define NET_HTTP_HTTP_AUTH_HANDLER_FACTORY_H_
8 #include <map>
9 #include <string>
10 #include <vector>
12 #include "base/memory/scoped_ptr.h"
13 #include "net/base/net_export.h"
14 #include "net/http/http_auth.h"
15 #include "net/http/url_security_manager.h"
17 class GURL;
19 namespace net {
21 class BoundNetLog;
22 class HostResolver;
23 class HttpAuthChallengeTokenizer;
24 class HttpAuthHandler;
25 class HttpAuthHandlerRegistryFactory;
27 // An HttpAuthHandlerFactory is used to create HttpAuthHandler objects.
28 // The HttpAuthHandlerFactory object _must_ outlive any of the HttpAuthHandler
29 // objects that it creates.
30 class NET_EXPORT HttpAuthHandlerFactory {
31 public:
32 enum CreateReason {
33 CREATE_CHALLENGE, // Create a handler in response to a challenge.
34 CREATE_PREEMPTIVE, // Create a handler preemptively.
37 HttpAuthHandlerFactory() : url_security_manager_(NULL) {}
38 virtual ~HttpAuthHandlerFactory() {}
40 // Sets an URL security manager. HttpAuthHandlerFactory doesn't own the URL
41 // security manager, and the URL security manager should outlive this object.
42 void set_url_security_manager(URLSecurityManager* url_security_manager) {
43 url_security_manager_ = url_security_manager;
46 // Retrieves the associated URL security manager.
47 URLSecurityManager* url_security_manager() {
48 return url_security_manager_;
51 // Creates an HttpAuthHandler object based on the authentication
52 // challenge specified by |*challenge|. |challenge| must point to a valid
53 // non-NULL tokenizer.
55 // If an HttpAuthHandler object is successfully created it is passed back to
56 // the caller through |*handler| and OK is returned.
58 // If |*challenge| specifies an unsupported authentication scheme, |*handler|
59 // is set to NULL and ERR_UNSUPPORTED_AUTH_SCHEME is returned.
61 // If |*challenge| is improperly formed, |*handler| is set to NULL and
62 // ERR_INVALID_RESPONSE is returned.
64 // |create_reason| indicates why the handler is being created. This is used
65 // since NTLM and Negotiate schemes do not support preemptive creation.
67 // |digest_nonce_count| is specifically intended for the Digest authentication
68 // scheme, and indicates the number of handlers generated for a particular
69 // server nonce challenge.
71 // For the NTLM and Negotiate handlers:
72 // If |origin| does not match the authentication method's filters for
73 // the specified |target|, ERR_INVALID_AUTH_CREDENTIALS is returned.
74 // NOTE: This will apply to ALL |origin| values if the filters are empty.
76 // |*challenge| should not be reused after a call to |CreateAuthHandler()|,
77 virtual int CreateAuthHandler(HttpAuthChallengeTokenizer* challenge,
78 HttpAuth::Target target,
79 const GURL& origin,
80 CreateReason create_reason,
81 int digest_nonce_count,
82 const BoundNetLog& net_log,
83 scoped_ptr<HttpAuthHandler>* handler) = 0;
85 // Creates an HTTP authentication handler based on the authentication
86 // challenge string |challenge|.
87 // This is a convenience function which creates a ChallengeTokenizer for
88 // |challenge| and calls |CreateAuthHandler|. See |CreateAuthHandler| for
89 // more details on return values.
90 int CreateAuthHandlerFromString(const std::string& challenge,
91 HttpAuth::Target target,
92 const GURL& origin,
93 const BoundNetLog& net_log,
94 scoped_ptr<HttpAuthHandler>* handler);
96 // Creates an HTTP authentication handler based on the authentication
97 // challenge string |challenge|.
98 // This is a convenience function which creates a ChallengeTokenizer for
99 // |challenge| and calls |CreateAuthHandler|. See |CreateAuthHandler| for
100 // more details on return values.
101 int CreatePreemptiveAuthHandlerFromString(
102 const std::string& challenge,
103 HttpAuth::Target target,
104 const GURL& origin,
105 int digest_nonce_count,
106 const BoundNetLog& net_log,
107 scoped_ptr<HttpAuthHandler>* handler);
109 // Creates a standard HttpAuthHandlerRegistryFactory. The caller is
110 // responsible for deleting the factory.
111 // The default factory supports Basic, Digest, NTLM, and Negotiate schemes.
113 // |resolver| is used by the Negotiate authentication handler to perform
114 // CNAME lookups to generate a Kerberos SPN for the server. It must be
115 // non-NULL. |resolver| must remain valid for the lifetime of the
116 // HttpAuthHandlerRegistryFactory and any HttpAuthHandlers created by said
117 // factory.
118 static HttpAuthHandlerRegistryFactory* CreateDefault(HostResolver* resolver);
120 private:
121 // The URL security manager
122 URLSecurityManager* url_security_manager_;
124 DISALLOW_COPY_AND_ASSIGN(HttpAuthHandlerFactory);
127 // The HttpAuthHandlerRegistryFactory dispatches create requests out
128 // to other factories based on the auth scheme.
129 class NET_EXPORT HttpAuthHandlerRegistryFactory
130 : public HttpAuthHandlerFactory {
131 public:
132 HttpAuthHandlerRegistryFactory();
133 ~HttpAuthHandlerRegistryFactory() override;
135 // Sets an URL security manager into the factory associated with |scheme|.
136 void SetURLSecurityManager(const std::string& scheme,
137 URLSecurityManager* url_security_manager);
139 // Registers a |factory| that will be used for a particular HTTP
140 // authentication scheme such as Basic, Digest, or Negotiate.
141 // The |*factory| object is assumed to be new-allocated, and its lifetime
142 // will be managed by this HttpAuthHandlerRegistryFactory object (including
143 // deleting it when it is no longer used.
144 // A NULL |factory| value means that HttpAuthHandlers's will not be created
145 // for |scheme|. If a factory object used to exist for |scheme|, it will be
146 // deleted.
147 void RegisterSchemeFactory(const std::string& scheme,
148 HttpAuthHandlerFactory* factory);
150 // Retrieve the factory for the specified |scheme|. If no factory exists
151 // for the |scheme|, NULL is returned. The returned factory must not be
152 // deleted by the caller, and it is guaranteed to be valid until either
153 // a new factory is registered for the same scheme, or until this
154 // registry factory is destroyed.
155 HttpAuthHandlerFactory* GetSchemeFactory(const std::string& scheme) const;
157 // Creates an HttpAuthHandlerRegistryFactory.
159 // |supported_schemes| is a list of authentication schemes. Valid values
160 // include "basic", "digest", "ntlm", and "negotiate", where case matters.
162 // |security_manager| is used by the NTLM and Negotiate authenticators
163 // to determine which servers Integrated Authentication can be used with. If
164 // NULL, Integrated Authentication will not be used with any server.
166 // |host_resolver| is used by the Negotiate authentication handler to perform
167 // CNAME lookups to generate a Kerberos SPN for the server. If the "negotiate"
168 // scheme is used and |negotiate_disable_cname_lookup| is false,
169 // |host_resolver| must not be NULL.
171 // |gssapi_library_name| specifies the name of the GSSAPI library that will
172 // be loaded on all platforms except Windows.
174 // |negotiate_disable_cname_lookup| and |negotiate_enable_port| both control
175 // how Negotiate does SPN generation, by default these should be false.
176 static HttpAuthHandlerRegistryFactory* Create(
177 const std::vector<std::string>& supported_schemes,
178 URLSecurityManager* security_manager,
179 HostResolver* host_resolver,
180 const std::string& gssapi_library_name,
181 bool negotiate_disable_cname_lookup,
182 bool negotiate_enable_port);
184 // Creates an auth handler by dispatching out to the registered factories
185 // based on the first token in |challenge|.
186 int CreateAuthHandler(HttpAuthChallengeTokenizer* challenge,
187 HttpAuth::Target target,
188 const GURL& origin,
189 CreateReason reason,
190 int digest_nonce_count,
191 const BoundNetLog& net_log,
192 scoped_ptr<HttpAuthHandler>* handler) override;
194 private:
195 typedef std::map<std::string, HttpAuthHandlerFactory*> FactoryMap;
197 FactoryMap factory_map_;
198 DISALLOW_COPY_AND_ASSIGN(HttpAuthHandlerRegistryFactory);
201 } // namespace net
203 #endif // NET_HTTP_HTTP_AUTH_HANDLER_FACTORY_H_