components/data_reduction_proxy/browser/data_reduction_proxy_auth_request_handler.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_AUTH_REQUEST_HANDLER_H_
   6 #define COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_AUTH_REQUEST_HANDLER_H_
   7
   8 #include "base/gtest_prod_util.h"
   9 #include "base/memory/ref_counted.h"
  10 #include "base/strings/string16.h"
  11 #include "base/time/time.h"
  12 #include "url/gurl.h"
  13
  14 namespace base {
  15 class SingleThreadTaskRunner;
  16 }
  17
  18 namespace net {
  19 class HostPortPair;
  20 class HttpRequestHeaders;
  21 class HttpResponseHeaders;
  22 class ProxyServer;
  23 class URLRequest;
  24 }
  25
  26 namespace data_reduction_proxy {
  27
  28 #if defined(OS_ANDROID)
  29 extern const char kAndroidWebViewProtocolVersion[];
  30 #endif
  31
  32 #define CLIENT_ENUMS_LIST \
  33     CLIENT_ENUM(UNKNOWN, "") \
  34     CLIENT_ENUM(WEBVIEW_ANDROID, "webview") \
  35     CLIENT_ENUM(CHROME_ANDROID, "android") \
  36     CLIENT_ENUM(CHROME_IOS, "ios") \
  37     CLIENT_ENUM(CHROME_MAC, "mac") \
  38     CLIENT_ENUM(CHROME_CHROMEOS, "chromeos") \
  39     CLIENT_ENUM(CHROME_LINUX, "linux") \
  40     CLIENT_ENUM(CHROME_WINDOWS, "win") \
  41     CLIENT_ENUM(CHROME_FREEBSD, "freebsd") \
  42     CLIENT_ENUM(CHROME_OPENBSD, "openbsd") \
  43     CLIENT_ENUM(CHROME_SOLARIS, "solaris") \
  44     CLIENT_ENUM(CHROME_QNX, "qnx")
  45
  46 #define CLIENT_ENUM(name, str_value) name,
  47 typedef enum {
  48   CLIENT_ENUMS_LIST
  49 } Client;
  50 #undef CLIENT_ENUM
  51
  52 class DataReductionProxyParams;
  53
  54 class DataReductionProxyAuthRequestHandler {
  55  public:
  56   static bool IsKeySetOnCommandLine();
  57
  58   // Constructs a DataReductionProxyAuthRequestHandler object with the given
  59   // client type, params, and network task runner.
  60   DataReductionProxyAuthRequestHandler(
  61       Client client,
  62       DataReductionProxyParams* params,
  63       scoped_refptr<base::SingleThreadTaskRunner> network_task_runner);
  64
  65   virtual ~DataReductionProxyAuthRequestHandler();
  66
  67   // Adds a 'Chrome-Proxy' header to |request_headers| with the data reduction
  68   // proxy authentication credentials. Only adds this header if the provided
  69   // |proxy_server| is a data reduction proxy and not the data reduction proxy's
  70   // CONNECT server. Must be called on the IO thread.
  71   void MaybeAddRequestHeader(net::URLRequest* request,
  72                              const net::ProxyServer& proxy_server,
  73                              net::HttpRequestHeaders* request_headers);
  74
  75   // Adds a 'Chrome-Proxy' header to |request_headers| with the data reduction
  76   // proxy authentication credentials. Only adds this header if the provided
  77   // |proxy_server| is the data reduction proxy's CONNECT server. Must be called
  78   // on the IO thread.
  79   void MaybeAddProxyTunnelRequestHandler(
  80       const net::HostPortPair& proxy_server,
  81       net::HttpRequestHeaders* request_headers);
  82
  83   // Stores the supplied key and sets up credentials suitable for authenticating
  84   // with the data reduction proxy.
  85   // This can be called more than once. For example on a platform that does not
  86   // have a default key defined, this function will be called some time after
  87   // this class has been constructed. Android WebView is a platform that does
  88   // this. The caller needs to make sure |this| pointer is valid when
  89   // InitAuthentication is called.
  90   void InitAuthentication(const std::string& key);
  91
  92  protected:
  93   void Init();
  94
  95   void AddAuthorizationHeader(net::HttpRequestHeaders* headers);
  96
  97   // Returns a UTF16 string that's the hash of the configured authentication
  98   // |key| and |salt|. Returns an empty UTF16 string if no key is configured or
  99   // the data reduction proxy feature isn't available.
 100   static base::string16 AuthHashForSalt(int64 salt,
 101                                         const std::string& key);
 102   // Visible for testing.
 103   virtual base::Time Now() const;
 104   virtual void RandBytes(void* output, size_t length);
 105
 106   // Visible for testing.
 107   virtual std::string GetDefaultKey() const;
 108
 109   // Visible for testing.
 110   DataReductionProxyAuthRequestHandler(
 111       Client client,
 112       const std::string& version,
 113       DataReductionProxyParams* params,
 114       scoped_refptr<base::SingleThreadTaskRunner> network_task_runner);
 115
 116  private:
 117   FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest,
 118                            AuthorizationOnIO);
 119   FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest,
 120                            AuthorizationIgnoresEmptyKey);
 121   FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest,
 122                            AuthorizationBogusVersion);
 123   FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest,
 124                            AuthHashForSalt);
 125
 126   // Returns the version of Chromium that is being used.
 127   std::string ChromiumVersion() const;
 128
 129   // Returns the build and patch numbers of |version|. If |version| isn't of the
 130   // form xx.xx.xx.xx build and patch are not modified.
 131   void GetChromiumBuildAndPatch(const std::string& version,
 132                                 std::string* build,
 133                                 std::string* patch) const;
 134
 135   // Generates a session ID and credentials suitable for authenticating with
 136   // the data reduction proxy.
 137   void ComputeCredentials(const base::Time& now,
 138                           std::string* session,
 139                           std::string* credentials);
 140
 141   // Adds authentication headers only if |expects_ssl| is true and
 142   // |proxy_server| is a data reduction proxy used for ssl tunneling via
 143   // HTTP CONNECT, or |expect_ssl| is false and |proxy_server| is a data
 144   // reduction proxy for HTTP traffic.
 145   void MaybeAddRequestHeaderImpl(const net::HostPortPair& proxy_server,
 146                                  bool expect_ssl,
 147                                  net::HttpRequestHeaders* request_headers);
 148
 149   // Authentication state.
 150   std::string key_;
 151
 152   // Lives on the IO thread.
 153   std::string session_;
 154   std::string credentials_;
 155
 156   // Name of the client and version of the data reduction proxy protocol to use.
 157   // Both live on the IO thread.
 158   std::string client_;
 159   std::string build_number_;
 160   std::string patch_number_;
 161
 162   // The last time the session was updated. Used to ensure that a session is
 163   // never used for more than twenty-four hours.
 164   base::Time last_update_time_;
 165
 166   DataReductionProxyParams* data_reduction_proxy_params_;
 167
 168   scoped_refptr<base::SingleThreadTaskRunner> network_task_runner_;
 169
 170   DISALLOW_COPY_AND_ASSIGN(DataReductionProxyAuthRequestHandler);
 171 };
 172
 173 }  // namespace data_reduction_proxy
 174 #endif  // COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_AUTH_REQUEST_HANDLER_H_