naiveproxy/net/http/http_auth_handler_basic.cc

// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "net/http/http_auth_handler_basic.h"

#include <string>

#include "base/base64.h"
#include "base/strings/string_util.h"
#include "base/strings/utf_string_conversions.h"
#include "net/base/net_errors.h"
#include "net/base/net_string_util.h"
#include "net/http/http_auth.h"
#include "net/http/http_auth_challenge_tokenizer.h"
#include "net/http/http_auth_scheme.h"

namespace net {

namespace {

// Parses a realm from an auth challenge, and converts to UTF8-encoding.
// Returns whether the realm is invalid or the parameters are invalid.
//
// Note that if a realm was not specified, we will default it to "";
// so specifying 'Basic realm=""' is equivalent to 'Basic'.
//
// This is more generous than RFC 2617, which is pretty clear in the
// production of challenge that realm is required.
//
// We allow it to be compatibility with certain embedded webservers that don't
// include a realm (see http://crbug.com/20984.)
//
// The over-the-wire realm is encoded as ISO-8859-1 (aka Latin-1).
//
// TODO(cbentzel): Realm may need to be decoded using RFC 2047 rules as
// well, see http://crbug.com/25790.
bool ParseRealm(const HttpAuthChallengeTokenizer& tokenizer,
                std::string* realm) {
  CHECK(realm);
  realm->clear();
  HttpUtil::NameValuePairsIterator parameters = tokenizer.param_pairs();
  while (parameters.GetNext()) {
    if (!base::LowerCaseEqualsASCII(parameters.name(), "realm"))
      continue;

    if (!ConvertToUtf8AndNormalize(parameters.value(), kCharsetLatin1, realm)) {
      return false;
    }
  }
  return parameters.valid();
}

}  // namespace

bool HttpAuthHandlerBasic::Init(HttpAuthChallengeTokenizer* challenge,
                                const SSLInfo& ssl_info) {
  auth_scheme_ = HttpAuth::AUTH_SCHEME_BASIC;
  score_ = 1;
  properties_ = 0;
  return ParseChallenge(challenge);
}

bool HttpAuthHandlerBasic::ParseChallenge(
    HttpAuthChallengeTokenizer* challenge) {
  // Verify the challenge's auth-scheme.
  if (!base::LowerCaseEqualsASCII(challenge->scheme(), kBasicAuthScheme))
    return false;

  std::string realm;
  if (!ParseRealm(*challenge, &realm))
    return false;

  realm_ = realm;
  return true;
}

HttpAuth::AuthorizationResult HttpAuthHandlerBasic::HandleAnotherChallenge(
    HttpAuthChallengeTokenizer* challenge) {
  // Basic authentication is always a single round, so any responses
  // should be treated as a rejection.  However, if the new challenge
  // is for a different realm, then indicate the realm change.
  std::string realm;
  if (!ParseRealm(*challenge, &realm))
    return HttpAuth::AUTHORIZATION_RESULT_INVALID;
  return (realm_ != realm)?
      HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM:
      HttpAuth::AUTHORIZATION_RESULT_REJECT;
}

int HttpAuthHandlerBasic::GenerateAuthTokenImpl(
    const AuthCredentials* credentials, const HttpRequestInfo*,
    const CompletionCallback&, std::string* auth_token) {
  DCHECK(credentials);
  // TODO(eroman): is this the right encoding of username/password?
  std::string base64_username_password;
  base::Base64Encode(base::UTF16ToUTF8(credentials->username()) + ":" +
                         base::UTF16ToUTF8(credentials->password()),
                     &base64_username_password);
  *auth_token = "Basic " + base64_username_password;
  return OK;
}

HttpAuthHandlerBasic::Factory::Factory() {
}

HttpAuthHandlerBasic::Factory::~Factory() {
}

int HttpAuthHandlerBasic::Factory::CreateAuthHandler(
    HttpAuthChallengeTokenizer* challenge,
    HttpAuth::Target target,
    const SSLInfo& ssl_info,
    const GURL& origin,
    CreateReason reason,
    int digest_nonce_count,
    const NetLogWithSource& net_log,
    std::unique_ptr<HttpAuthHandler>* handler) {
  // TODO(cbentzel): Move towards model of parsing in the factory
  //                 method and only constructing when valid.
  std::unique_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerBasic());
  if (!tmp_handler->InitFromChallenge(challenge, target, ssl_info, origin,
                                      net_log))
    return ERR_INVALID_RESPONSE;
  handler->swap(tmp_handler);
  return OK;
}

}  // namespace net
Import chromium-63.0.3239.132 2018-01-28 19:30:36 +03:00			`// Copyright (c) 2011 The Chromium Authors. All rights reserved.`
			`// Use of this source code is governed by a BSD-style license that can be`
			`// found in the LICENSE file.`

			`#include "net/http/http_auth_handler_basic.h"`

			`#include <string>`

			`#include "base/base64.h"`
			`#include "base/strings/string_util.h"`
			`#include "base/strings/utf_string_conversions.h"`
			`#include "net/base/net_errors.h"`
			`#include "net/base/net_string_util.h"`
			`#include "net/http/http_auth.h"`
			`#include "net/http/http_auth_challenge_tokenizer.h"`
			`#include "net/http/http_auth_scheme.h"`

			`namespace net {`

			`namespace {`

			`// Parses a realm from an auth challenge, and converts to UTF8-encoding.`
			`// Returns whether the realm is invalid or the parameters are invalid.`
			`//`
			`// Note that if a realm was not specified, we will default it to "";`
			`// so specifying 'Basic realm=""' is equivalent to 'Basic'.`
			`//`
			`// This is more generous than RFC 2617, which is pretty clear in the`
			`// production of challenge that realm is required.`
			`//`
			`// We allow it to be compatibility with certain embedded webservers that don't`
			`// include a realm (see http://crbug.com/20984.)`
			`//`
			`// The over-the-wire realm is encoded as ISO-8859-1 (aka Latin-1).`
			`//`
			`// TODO(cbentzel): Realm may need to be decoded using RFC 2047 rules as`
			`// well, see http://crbug.com/25790.`
			`bool ParseRealm(const HttpAuthChallengeTokenizer& tokenizer,`
			`std::string* realm) {`
			`CHECK(realm);`
			`realm->clear();`
			`HttpUtil::NameValuePairsIterator parameters = tokenizer.param_pairs();`
			`while (parameters.GetNext()) {`
			`if (!base::LowerCaseEqualsASCII(parameters.name(), "realm"))`
			`continue;`

			`if (!ConvertToUtf8AndNormalize(parameters.value(), kCharsetLatin1, realm)) {`
			`return false;`
			`}`
			`}`
			`return parameters.valid();`
			`}`

			`} // namespace`

			`bool HttpAuthHandlerBasic::Init(HttpAuthChallengeTokenizer* challenge,`
			`const SSLInfo& ssl_info) {`
			`auth_scheme_ = HttpAuth::AUTH_SCHEME_BASIC;`
			`score_ = 1;`
			`properties_ = 0;`
			`return ParseChallenge(challenge);`
			`}`

			`bool HttpAuthHandlerBasic::ParseChallenge(`
			`HttpAuthChallengeTokenizer* challenge) {`
			`// Verify the challenge's auth-scheme.`
			`if (!base::LowerCaseEqualsASCII(challenge->scheme(), kBasicAuthScheme))`
			`return false;`

			`std::string realm;`
			`if (!ParseRealm(*challenge, &realm))`
			`return false;`

			`realm_ = realm;`
			`return true;`
			`}`

			`HttpAuth::AuthorizationResult HttpAuthHandlerBasic::HandleAnotherChallenge(`
			`HttpAuthChallengeTokenizer* challenge) {`
			`// Basic authentication is always a single round, so any responses`
			`// should be treated as a rejection. However, if the new challenge`
			`// is for a different realm, then indicate the realm change.`
			`std::string realm;`
			`if (!ParseRealm(*challenge, &realm))`
			`return HttpAuth::AUTHORIZATION_RESULT_INVALID;`
			`return (realm_ != realm)?`
			`HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM:`
			`HttpAuth::AUTHORIZATION_RESULT_REJECT;`
			`}`

			`int HttpAuthHandlerBasic::GenerateAuthTokenImpl(`
			`const AuthCredentials* credentials, const HttpRequestInfo*,`
			`const CompletionCallback&, std::string* auth_token) {`
			`DCHECK(credentials);`
			`// TODO(eroman): is this the right encoding of username/password?`
			`std::string base64_username_password;`
			`base::Base64Encode(base::UTF16ToUTF8(credentials->username()) + ":" +`
			`base::UTF16ToUTF8(credentials->password()),`
			`&base64_username_password);`
			`*auth_token = "Basic " + base64_username_password;`
			`return OK;`
			`}`

			`HttpAuthHandlerBasic::Factory::Factory() {`
			`}`

			`HttpAuthHandlerBasic::Factory::~Factory() {`
			`}`

			`int HttpAuthHandlerBasic::Factory::CreateAuthHandler(`
			`HttpAuthChallengeTokenizer* challenge,`
			`HttpAuth::Target target,`
			`const SSLInfo& ssl_info,`
			`const GURL& origin,`
			`CreateReason reason,`
			`int digest_nonce_count,`
			`const NetLogWithSource& net_log,`
			`std::unique_ptr<HttpAuthHandler>* handler) {`
			`// TODO(cbentzel): Move towards model of parsing in the factory`
			`// method and only constructing when valid.`
			`std::unique_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerBasic());`
			`if (!tmp_handler->InitFromChallenge(challenge, target, ssl_info, origin,`
			`net_log))`
			`return ERR_INVALID_RESPONSE;`
			`handler->swap(tmp_handler);`
			`return OK;`
			`}`

			`} // namespace net`