OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth_handler_ntlm.h" | 5 #include "net/http/http_auth_handler_ntlm.h" |
6 | 6 |
7 #if !defined(NTLM_SSPI) | 7 #if !defined(NTLM_SSPI) |
8 #include "base/base64.h" | 8 #include "base/base64.h" |
9 #endif | 9 #endif |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/strings/string_util.h" | 11 #include "base/strings/string_util.h" |
12 #include "base/strings/utf_string_conversions.h" | 12 #include "base/strings/utf_string_conversions.h" |
13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
14 #include "net/base/net_util.h" | 14 #include "net/base/net_util.h" |
15 #include "net/http/http_auth_challenge_tokenizer.h" | 15 #include "net/http/http_auth_challenge_tokenizer.h" |
| 16 #include "net/http/http_auth_scheme.h" |
16 | 17 |
17 namespace net { | 18 namespace net { |
18 | 19 |
19 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::HandleAnotherChallenge( | 20 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::HandleAnotherChallenge( |
20 HttpAuthChallengeTokenizer* challenge) { | 21 HttpAuthChallengeTokenizer* challenge) { |
21 return ParseChallenge(challenge, false); | 22 return ParseChallenge(challenge, false); |
22 } | 23 } |
23 | 24 |
24 bool HttpAuthHandlerNTLM::Init(HttpAuthChallengeTokenizer* tok) { | 25 bool HttpAuthHandlerNTLM::Init(HttpAuthChallengeTokenizer* tok) { |
25 auth_scheme_ = HttpAuth::AUTH_SCHEME_NTLM; | 26 auth_scheme_ = HttpAuth::AUTH_SCHEME_NTLM; |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
105 return auth_sspi_.ParseChallenge(tok); | 106 return auth_sspi_.ParseChallenge(tok); |
106 #else | 107 #else |
107 // TODO(cbentzel): Most of the logic between SSPI, GSSAPI, and portable NTLM | 108 // TODO(cbentzel): Most of the logic between SSPI, GSSAPI, and portable NTLM |
108 // authentication parsing could probably be shared - just need to know if | 109 // authentication parsing could probably be shared - just need to know if |
109 // there was previously a challenge round. | 110 // there was previously a challenge round. |
110 // TODO(cbentzel): Write a test case to validate that auth_data_ is left empty | 111 // TODO(cbentzel): Write a test case to validate that auth_data_ is left empty |
111 // in all failure conditions. | 112 // in all failure conditions. |
112 auth_data_.clear(); | 113 auth_data_.clear(); |
113 | 114 |
114 // Verify the challenge's auth-scheme. | 115 // Verify the challenge's auth-scheme. |
115 if (!base::LowerCaseEqualsASCII(tok->scheme(), "ntlm")) | 116 if (!base::LowerCaseEqualsASCII(tok->scheme(), kNtlmAuthScheme)) |
116 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 117 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
117 | 118 |
118 std::string base64_param = tok->base64_param(); | 119 std::string base64_param = tok->base64_param(); |
119 if (base64_param.empty()) { | 120 if (base64_param.empty()) { |
120 if (!initial_challenge) | 121 if (!initial_challenge) |
121 return HttpAuth::AUTHORIZATION_RESULT_REJECT; | 122 return HttpAuth::AUTHORIZATION_RESULT_REJECT; |
122 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 123 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
123 } else { | 124 } else { |
124 if (initial_challenge) | 125 if (initial_challenge) |
125 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 126 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
126 } | 127 } |
127 | 128 |
128 auth_data_ = base64_param; | 129 auth_data_ = base64_param; |
129 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 130 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
130 #endif // defined(NTLM_SSPI) | 131 #endif // defined(NTLM_SSPI) |
131 } | 132 } |
132 | 133 |
133 // static | 134 // static |
134 std::string HttpAuthHandlerNTLM::CreateSPN(const GURL& origin) { | 135 std::string HttpAuthHandlerNTLM::CreateSPN(const GURL& origin) { |
135 // The service principal name of the destination server. See | 136 // The service principal name of the destination server. See |
136 // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx | 137 // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx |
137 std::string target("HTTP/"); | 138 std::string target("HTTP/"); |
138 target.append(GetHostAndPort(origin)); | 139 target.append(GetHostAndPort(origin)); |
139 return target; | 140 return target; |
140 } | 141 } |
141 | 142 |
142 } // namespace net | 143 } // namespace net |
OLD | NEW |