1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/http/http_auth_handler_basic.h"
9 #include "base/base64.h"
10 #include "base/i18n/icu_string_conversions.h"
11 #include "base/strings/string_util.h"
12 #include "base/strings/utf_string_conversions.h"
13 #include "net/base/net_errors.h"
14 #include "net/http/http_auth.h"
20 // Parses a realm from an auth challenge, and converts to UTF8-encoding.
21 // Returns whether the realm is invalid or the parameters are invalid.
23 // Note that if a realm was not specified, we will default it to "";
24 // so specifying 'Basic realm=""' is equivalent to 'Basic'.
26 // This is more generous than RFC 2617, which is pretty clear in the
27 // production of challenge that realm is required.
29 // We allow it to be compatibility with certain embedded webservers that don't
30 // include a realm (see http://crbug.com/20984.)
32 // The over-the-wire realm is encoded as ISO-8859-1 (aka Latin-1).
34 // TODO(cbentzel): Realm may need to be decoded using RFC 2047 rules as
35 // well, see http://crbug.com/25790.
36 bool ParseRealm(const HttpAuth::ChallengeTokenizer& tokenizer,
40 HttpUtil::NameValuePairsIterator parameters = tokenizer.param_pairs();
41 while (parameters.GetNext()) {
42 if (!LowerCaseEqualsASCII(parameters.name(), "realm"))
45 if (!base::ConvertToUtf8AndNormalize(
46 parameters.value(), base::kCodepageLatin1, realm))
49 return parameters.valid();
54 bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) {
55 auth_scheme_ = HttpAuth::AUTH_SCHEME_BASIC;
58 return ParseChallenge(challenge);
61 bool HttpAuthHandlerBasic::ParseChallenge(
62 HttpAuth::ChallengeTokenizer* challenge) {
63 // Verify the challenge's auth-scheme.
64 if (!LowerCaseEqualsASCII(challenge->scheme(), "basic"))
68 if (!ParseRealm(*challenge, &realm))
75 HttpAuth::AuthorizationResult HttpAuthHandlerBasic::HandleAnotherChallenge(
76 HttpAuth::ChallengeTokenizer* challenge) {
77 // Basic authentication is always a single round, so any responses
78 // should be treated as a rejection. However, if the new challenge
79 // is for a different realm, then indicate the realm change.
81 if (!ParseRealm(*challenge, &realm))
82 return HttpAuth::AUTHORIZATION_RESULT_INVALID;
83 return (realm_ != realm)?
84 HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM:
85 HttpAuth::AUTHORIZATION_RESULT_REJECT;
88 int HttpAuthHandlerBasic::GenerateAuthTokenImpl(
89 const AuthCredentials* credentials, const HttpRequestInfo*,
90 const CompletionCallback&, std::string* auth_token) {
92 // TODO(eroman): is this the right encoding of username/password?
93 std::string base64_username_password;
94 if (!base::Base64Encode(
95 UTF16ToUTF8(credentials->username()) + ":" +
96 UTF16ToUTF8(credentials->password()),
97 &base64_username_password)) {
98 LOG(ERROR) << "Unexpected problem Base64 encoding.";
99 return ERR_UNEXPECTED;
101 *auth_token = "Basic " + base64_username_password;
105 HttpAuthHandlerBasic::Factory::Factory() {
108 HttpAuthHandlerBasic::Factory::~Factory() {
111 int HttpAuthHandlerBasic::Factory::CreateAuthHandler(
112 HttpAuth::ChallengeTokenizer* challenge,
113 HttpAuth::Target target,
116 int digest_nonce_count,
117 const BoundNetLog& net_log,
118 scoped_ptr<HttpAuthHandler>* handler) {
119 // TODO(cbentzel): Move towards model of parsing in the factory
120 // method and only constructing when valid.
121 scoped_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerBasic());
122 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))
123 return ERR_INVALID_RESPONSE;
124 handler->swap(tmp_handler);
projects / platform / framework / web / crosswalk.git / blob