1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/http/http_auth.h"
9 #include "base/basictypes.h"
10 #include "base/strings/string_tokenizer.h"
11 #include "base/strings/string_util.h"
12 #include "net/base/net_errors.h"
13 #include "net/http/http_auth_challenge_tokenizer.h"
14 #include "net/http/http_auth_handler.h"
15 #include "net/http/http_auth_handler_factory.h"
16 #include "net/http/http_request_headers.h"
17 #include "net/http/http_response_headers.h"
18 #include "net/http/http_util.h"
22 HttpAuth::Identity::Identity() : source(IDENT_SRC_NONE
), invalid(true) {}
25 void HttpAuth::ChooseBestChallenge(
26 HttpAuthHandlerFactory
* http_auth_handler_factory
,
27 const HttpResponseHeaders
* headers
,
30 const std::set
<Scheme
>& disabled_schemes
,
31 const BoundNetLog
& net_log
,
32 scoped_ptr
<HttpAuthHandler
>* handler
) {
33 DCHECK(http_auth_handler_factory
);
34 DCHECK(handler
->get() == NULL
);
36 // Choose the challenge whose authentication handler gives the maximum score.
37 scoped_ptr
<HttpAuthHandler
> best
;
38 const std::string header_name
= GetChallengeHeaderName(target
);
39 std::string cur_challenge
;
41 while (headers
->EnumerateHeader(&iter
, header_name
, &cur_challenge
)) {
42 scoped_ptr
<HttpAuthHandler
> cur
;
43 int rv
= http_auth_handler_factory
->CreateAuthHandlerFromString(
44 cur_challenge
, target
, origin
, net_log
, &cur
);
46 VLOG(1) << "Unable to create AuthHandler. Status: "
47 << ErrorToString(rv
) << " Challenge: " << cur_challenge
;
50 if (cur
.get() && (!best
.get() || best
->score() < cur
->score()) &&
51 (disabled_schemes
.find(cur
->auth_scheme()) == disabled_schemes
.end()))
58 HttpAuth::AuthorizationResult
HttpAuth::HandleChallengeResponse(
59 HttpAuthHandler
* handler
,
60 const HttpResponseHeaders
* headers
,
62 const std::set
<Scheme
>& disabled_schemes
,
63 std::string
* challenge_used
) {
66 DCHECK(challenge_used
);
67 challenge_used
->clear();
68 HttpAuth::Scheme current_scheme
= handler
->auth_scheme();
69 if (disabled_schemes
.find(current_scheme
) != disabled_schemes
.end())
70 return HttpAuth::AUTHORIZATION_RESULT_REJECT
;
71 std::string current_scheme_name
= SchemeToString(current_scheme
);
72 const std::string header_name
= GetChallengeHeaderName(target
);
74 std::string challenge
;
75 HttpAuth::AuthorizationResult authorization_result
=
76 HttpAuth::AUTHORIZATION_RESULT_INVALID
;
77 while (headers
->EnumerateHeader(&iter
, header_name
, &challenge
)) {
78 HttpAuthChallengeTokenizer
props(challenge
.begin(), challenge
.end());
79 if (!LowerCaseEqualsASCII(props
.scheme(), current_scheme_name
.c_str()))
81 authorization_result
= handler
->HandleAnotherChallenge(&props
);
82 if (authorization_result
!= HttpAuth::AUTHORIZATION_RESULT_INVALID
) {
83 *challenge_used
= challenge
;
84 return authorization_result
;
87 // Finding no matches is equivalent to rejection.
88 return HttpAuth::AUTHORIZATION_RESULT_REJECT
;
92 std::string
HttpAuth::GetChallengeHeaderName(Target target
) {
95 return "Proxy-Authenticate";
97 return "WWW-Authenticate";
100 return std::string();
105 std::string
HttpAuth::GetAuthorizationHeaderName(Target target
) {
108 return HttpRequestHeaders::kProxyAuthorization
;
110 return HttpRequestHeaders::kAuthorization
;
113 return std::string();
118 std::string
HttpAuth::GetAuthTargetString(Target target
) {
126 return std::string();
131 const char* HttpAuth::SchemeToString(Scheme scheme
) {
132 static const char* const kSchemeNames
[] = {
140 static_assert(arraysize(kSchemeNames
) == AUTH_SCHEME_MAX
,
141 "http auth scheme names incorrect size");
142 if (scheme
< AUTH_SCHEME_BASIC
|| scheme
>= AUTH_SCHEME_MAX
) {
144 return "invalid_scheme";
146 return kSchemeNames
[scheme
];