2 * Copyright (C) 2007 Apple Inc. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 #include "AuthenticationCF.h"
31 #include "AuthenticationChallenge.h"
32 #include "AuthenticationClient.h"
33 #include "Credential.h"
34 #include "ProtectionSpace.h"
36 // This header must come before all other CFNetwork headers to work around a CFNetwork bug. It can
37 // be removed entirely once <rdar://problem/9042114> is fixed.
38 #include <CFNetwork/CFURLConnectionPriv.h>
40 #include <CFNetwork/CFURLAuthChallengePriv.h>
41 #include <CFNetwork/CFURLCredentialPriv.h>
42 #include <CFNetwork/CFURLProtectionSpacePriv.h>
46 AuthenticationChallenge::AuthenticationChallenge(const ProtectionSpace& protectionSpace,
47 const Credential& proposedCredential,
48 unsigned previousFailureCount,
49 const ResourceResponse& response,
50 const ResourceError& error)
51 : AuthenticationChallengeBase(protectionSpace,
59 AuthenticationChallenge::AuthenticationChallenge(CFURLAuthChallengeRef cfChallenge,
60 AuthenticationClient* authenticationClient)
61 : AuthenticationChallengeBase(core(CFURLAuthChallengeGetProtectionSpace(cfChallenge)),
62 core(CFURLAuthChallengeGetProposedCredential(cfChallenge)),
63 CFURLAuthChallengeGetPreviousFailureCount(cfChallenge),
64 (CFURLResponseRef)CFURLAuthChallengeGetFailureResponse(cfChallenge),
65 CFURLAuthChallengeGetError(cfChallenge))
66 , m_authenticationClient(authenticationClient)
67 , m_cfChallenge(cfChallenge)
71 AuthenticationClient* AuthenticationChallenge::authenticationClient() const
73 return m_authenticationClient.get();
76 bool AuthenticationChallenge::platformCompare(const AuthenticationChallenge& a, const AuthenticationChallenge& b)
78 if (a.authenticationClient() != b.authenticationClient())
81 if (a.cfURLAuthChallengeRef() != b.cfURLAuthChallengeRef())
87 CFURLAuthChallengeRef createCF(const AuthenticationChallenge& coreChallenge)
89 CFURLProtectionSpaceRef protectionSpace = createCF(coreChallenge.protectionSpace());
90 CFURLCredentialRef credential = createCF(coreChallenge.proposedCredential());
92 CFURLAuthChallengeRef result = CFURLAuthChallengeCreate(0, protectionSpace, credential,
93 coreChallenge.previousFailureCount(),
94 coreChallenge.failureResponse().cfURLResponse(),
95 coreChallenge.error());
96 CFRelease(protectionSpace);
97 CFRelease(credential);
101 CFURLCredentialRef createCF(const Credential& coreCredential)
103 CFURLCredentialPersistence persistence = kCFURLCredentialPersistenceNone;
104 switch (coreCredential.persistence()) {
105 case CredentialPersistenceNone:
107 case CredentialPersistenceForSession:
108 persistence = kCFURLCredentialPersistenceForSession;
110 case CredentialPersistencePermanent:
111 persistence = kCFURLCredentialPersistencePermanent;
114 ASSERT_NOT_REACHED();
117 #if CERTIFICATE_CREDENTIALS_SUPPORTED
118 if (coreCredential.type() == CredentialTypeClientCertificate)
119 return CFURLCredentialCreateWithIdentityAndCertificateArray(kCFAllocatorDefault, coreCredential.identity(), coreCredential.certificates(), persistence);
122 CFStringRef user = coreCredential.user().createCFString();
123 CFStringRef password = coreCredential.password().createCFString();
124 CFURLCredentialRef result = CFURLCredentialCreate(0, user, password, 0, persistence);
131 CFURLProtectionSpaceRef createCF(const ProtectionSpace& coreSpace)
133 CFURLProtectionSpaceServerType serverType = kCFURLProtectionSpaceServerHTTP;
134 switch (coreSpace.serverType()) {
135 case ProtectionSpaceServerHTTP:
136 serverType = kCFURLProtectionSpaceServerHTTP;
138 case ProtectionSpaceServerHTTPS:
139 serverType = kCFURLProtectionSpaceServerHTTPS;
141 case ProtectionSpaceServerFTP:
142 serverType = kCFURLProtectionSpaceServerFTP;
144 case ProtectionSpaceServerFTPS:
145 serverType = kCFURLProtectionSpaceServerFTPS;
147 case ProtectionSpaceProxyHTTP:
148 serverType = kCFURLProtectionSpaceProxyHTTP;
150 case ProtectionSpaceProxyHTTPS:
151 serverType = kCFURLProtectionSpaceProxyHTTPS;
153 case ProtectionSpaceProxyFTP:
154 serverType = kCFURLProtectionSpaceProxyFTP;
156 case ProtectionSpaceProxySOCKS:
157 serverType = kCFURLProtectionSpaceProxySOCKS;
160 ASSERT_NOT_REACHED();
163 CFURLProtectionSpaceAuthenticationScheme scheme = kCFURLProtectionSpaceAuthenticationSchemeDefault;
164 switch (coreSpace.authenticationScheme()) {
165 case ProtectionSpaceAuthenticationSchemeDefault:
166 scheme = kCFURLProtectionSpaceAuthenticationSchemeDefault;
168 case ProtectionSpaceAuthenticationSchemeHTTPBasic:
169 scheme = kCFURLProtectionSpaceAuthenticationSchemeHTTPBasic;
171 case ProtectionSpaceAuthenticationSchemeHTTPDigest:
172 scheme = kCFURLProtectionSpaceAuthenticationSchemeHTTPDigest;
174 case ProtectionSpaceAuthenticationSchemeHTMLForm:
175 scheme = kCFURLProtectionSpaceAuthenticationSchemeHTMLForm;
177 case ProtectionSpaceAuthenticationSchemeNTLM:
178 scheme = kCFURLProtectionSpaceAuthenticationSchemeNTLM;
180 case ProtectionSpaceAuthenticationSchemeNegotiate:
181 scheme = kCFURLProtectionSpaceAuthenticationSchemeNegotiate;
183 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
184 case ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested:
185 scheme = kCFURLProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested;
187 case ProtectionSpaceAuthenticationSchemeClientCertificateRequested:
188 scheme = kCFURLProtectionSpaceAuthenticationSchemeClientCertificateRequested;
192 ASSERT_NOT_REACHED();
195 CFStringRef host = coreSpace.host().createCFString();
196 CFStringRef realm = coreSpace.realm().createCFString();
197 CFURLProtectionSpaceRef result = CFURLProtectionSpaceCreate(0, host, coreSpace.port(), serverType, realm, scheme);
204 Credential core(CFURLCredentialRef cfCredential)
209 CredentialPersistence persistence = CredentialPersistenceNone;
210 switch (CFURLCredentialGetPersistence(cfCredential)) {
211 case kCFURLCredentialPersistenceNone:
213 case kCFURLCredentialPersistenceForSession:
214 persistence = CredentialPersistenceForSession;
216 case kCFURLCredentialPersistencePermanent:
217 persistence = CredentialPersistencePermanent;
220 ASSERT_NOT_REACHED();
223 #if CERTIFICATE_CREDENTIALS_SUPPORTED
224 SecIdentityRef identity = CFURLCredentialGetCertificateIdentity(cfCredential);
226 return Credential(identity, CFURLCredentialGetCertificateArray(cfCredential), persistence);
229 RetainPtr<CFStringRef> password(AdoptCF, CFURLCredentialCopyPassword(cfCredential));
230 return Credential(CFURLCredentialGetUsername(cfCredential), password.get(), persistence);
233 ProtectionSpace core(CFURLProtectionSpaceRef cfSpace)
235 ProtectionSpaceServerType serverType = ProtectionSpaceServerHTTP;
237 switch (CFURLProtectionSpaceGetServerType(cfSpace)) {
238 case kCFURLProtectionSpaceServerHTTP:
240 case kCFURLProtectionSpaceServerHTTPS:
241 serverType = ProtectionSpaceServerHTTPS;
243 case kCFURLProtectionSpaceServerFTP:
244 serverType = ProtectionSpaceServerFTP;
246 case kCFURLProtectionSpaceServerFTPS:
247 serverType = ProtectionSpaceServerFTPS;
249 case kCFURLProtectionSpaceProxyHTTP:
250 serverType = ProtectionSpaceProxyHTTP;
252 case kCFURLProtectionSpaceProxyHTTPS:
253 serverType = ProtectionSpaceProxyHTTPS;
255 case kCFURLProtectionSpaceProxyFTP:
256 serverType = ProtectionSpaceProxyFTP;
258 case kCFURLProtectionSpaceProxySOCKS:
259 serverType = ProtectionSpaceProxySOCKS;
262 ASSERT_NOT_REACHED();
265 ProtectionSpaceAuthenticationScheme scheme = ProtectionSpaceAuthenticationSchemeDefault;
267 switch (CFURLProtectionSpaceGetAuthenticationScheme(cfSpace)) {
268 case kCFURLProtectionSpaceAuthenticationSchemeDefault:
269 scheme = ProtectionSpaceAuthenticationSchemeDefault;
271 case kCFURLProtectionSpaceAuthenticationSchemeHTTPBasic:
272 scheme = ProtectionSpaceAuthenticationSchemeHTTPBasic;
274 case kCFURLProtectionSpaceAuthenticationSchemeHTTPDigest:
275 scheme = ProtectionSpaceAuthenticationSchemeHTTPDigest;
277 case kCFURLProtectionSpaceAuthenticationSchemeHTMLForm:
278 scheme = ProtectionSpaceAuthenticationSchemeHTMLForm;
280 case kCFURLProtectionSpaceAuthenticationSchemeNTLM:
281 scheme = ProtectionSpaceAuthenticationSchemeNTLM;
283 case kCFURLProtectionSpaceAuthenticationSchemeNegotiate:
284 scheme = ProtectionSpaceAuthenticationSchemeNegotiate;
286 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
287 case kCFURLProtectionSpaceAuthenticationSchemeClientCertificateRequested:
288 scheme = ProtectionSpaceAuthenticationSchemeClientCertificateRequested;
290 case kCFURLProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested:
291 scheme = ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested;
295 scheme = ProtectionSpaceAuthenticationSchemeUnknown;
296 ASSERT_NOT_REACHED();
299 return ProtectionSpace(CFURLProtectionSpaceGetHost(cfSpace),
300 CFURLProtectionSpaceGetPort(cfSpace),
302 CFURLProtectionSpaceGetRealm(cfSpace),
308 #endif // USE(CFNETWORK)