diff options
| author | Allan Sandfeld Jensen <allan.jensen@theqtcompany.com> | 2015-08-14 11:38:45 +0200 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@theqtcompany.com> | 2015-08-14 17:16:47 +0000 |
| commit | 3a97ca8dd9b96b599ae2d33e40df0dd2f7ea5859 (patch) | |
| tree | 43cc572ba067417c7341db81f71ae7cc6e0fcc3e /chromium/net/http/http_auth_multi_round_parse.cc | |
| parent | f61ab1ac7f855cd281809255c0aedbb1895e1823 (diff) | |
| download | qtwebengine-chromium-3a97ca8dd9b96b599ae2d33e40df0dd2f7ea5859.tar.gz | |
BASELINE: Update chromium to 45.0.2454.40
Change-Id: Id2121d9f11a8fc633677236c65a3e41feef589e4
Reviewed-by: Andras Becsi <andras.becsi@theqtcompany.com>
Diffstat (limited to 'chromium/net/http/http_auth_multi_round_parse.cc')
| -rw-r--r-- | chromium/net/http/http_auth_multi_round_parse.cc | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/chromium/net/http/http_auth_multi_round_parse.cc b/chromium/net/http/http_auth_multi_round_parse.cc new file mode 100644 index 00000000000..efee2bbcf65 --- /dev/null +++ b/chromium/net/http/http_auth_multi_round_parse.cc @@ -0,0 +1,58 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "base/base64.h" +#include "base/strings/string_util.h" +#include "net/http/http_auth_challenge_tokenizer.h" +#include "net/http/http_auth_multi_round_parse.h" + +namespace net { + +namespace { + +// Check that the scheme in the challenge matches the expected scheme +bool SchemeIsValid(const std::string& scheme, + HttpAuthChallengeTokenizer* challenge) { + // There is no guarantee that challenge->scheme() is valid ASCII, but + // LowerCaseEqualsASCII will do the right thing even if it isn't. + return base::LowerCaseEqualsASCII(challenge->scheme(), + base::StringToLowerASCII(scheme).c_str()); +} + +} // namespace + +HttpAuth::AuthorizationResult ParseFirstRoundChallenge( + const std::string& scheme, + HttpAuthChallengeTokenizer* challenge) { + // Verify the challenge's auth-scheme. + if (!SchemeIsValid(scheme, challenge)) + return HttpAuth::AUTHORIZATION_RESULT_INVALID; + + std::string encoded_auth_token = challenge->base64_param(); + if (!encoded_auth_token.empty()) { + return HttpAuth::AUTHORIZATION_RESULT_INVALID; + } + return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; +} + +HttpAuth::AuthorizationResult ParseLaterRoundChallenge( + const std::string& scheme, + HttpAuthChallengeTokenizer* challenge, + std::string* encoded_token, + std::string* decoded_token) { + // Verify the challenge's auth-scheme. + if (!SchemeIsValid(scheme, challenge)) + return HttpAuth::AUTHORIZATION_RESULT_INVALID; + + *encoded_token = challenge->base64_param(); + if (encoded_token->empty()) + return HttpAuth::AUTHORIZATION_RESULT_REJECT; + + // Make sure the additional token is base64 encoded. + if (!base::Base64Decode(*encoded_token, decoded_token)) + return HttpAuth::AUTHORIZATION_RESULT_INVALID; + return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; +} + +} // namespace net |