// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef NET_HTTP_PROXY_CLIENT_SOCKET_H_ #define NET_HTTP_PROXY_CLIENT_SOCKET_H_ #include #include #include "net/base/completion_once_callback.h" #include "net/base/net_export.h" #include "net/base/request_priority.h" #include "net/socket/ssl_client_socket.h" #include "net/socket/stream_socket.h" namespace net { class HostPortPair; class HttpAuthController; class HttpResponseInfo; class HttpRequestHeaders; class HttpAuthController; class NetLogWithSource; // A common base class for a stream socket tunneled through a proxy. class NET_EXPORT_PRIVATE ProxyClientSocket : public StreamSocket { public: ProxyClientSocket() = default; ProxyClientSocket(const ProxyClientSocket&) = delete; ProxyClientSocket& operator=(const ProxyClientSocket&) = delete; ~ProxyClientSocket() override = default; // Returns the HttpResponseInfo (including HTTP Headers) from // the response to the CONNECT request. virtual const HttpResponseInfo* GetConnectResponseInfo() const = 0; // Returns the HttpAuthController which can be used // to interact with an HTTP Proxy Authorization Required (407) request. virtual const scoped_refptr& GetAuthController() const = 0; // If Connect (or its callback) returns PROXY_AUTH_REQUESTED, then an // auth challenge was received. If the HttpAuthController's HaveAuth() // method returns true, then the request just needs to be restarted with // this method to try with those credentials, and new credentials cannot // be provided. Otherwise, credentials should be added to the // HttpAuthController before calling RestartWithAuth. Not all // ProxyClientSocket implementations will be restartable. Such // implementations should disconnect themselves and return OK. virtual int RestartWithAuth(CompletionOnceCallback callback) = 0; // Set the priority of the underlying stream (for SPDY and QUIC) virtual void SetStreamPriority(RequestPriority priority); protected: // The HTTP CONNECT method for establishing a tunnel connection is documented // in Section 9.3.6 of RFC 9110. // https://www.rfc-editor.org/rfc/rfc9110#name-connect static void BuildTunnelRequest(const HostPortPair& endpoint, const HttpRequestHeaders& extra_headers, const std::string& user_agent, std::string* request_line, HttpRequestHeaders* request_headers); // When an auth challenge (407 response) is received during tunnel // construction/ this method should be called. static int HandleProxyAuthChallenge(HttpAuthController* auth, HttpResponseInfo* response, const NetLogWithSource& net_log); // When a proxy authentication response is received during tunnel // construction, this method should be called to strip everything // but the auth header from the redirect response. static void SanitizeProxyAuth(HttpResponseInfo& response); }; } // namespace net #endif // NET_HTTP_PROXY_CLIENT_SOCKET_H_