xref: /aosp_15_r20/external/cronet/net/http/http_auth_preferences.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2015 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/http/http_auth_preferences.h"
6 
7 #include <utility>
8 
9 #include "base/strings/string_split.h"
10 #include "build/build_config.h"
11 #include "build/chromeos_buildflags.h"
12 #include "net/http/http_auth_filter.h"
13 #include "net/http/url_security_manager.h"
14 
15 namespace net {
16 
HttpAuthPreferences()17 HttpAuthPreferences::HttpAuthPreferences()
18     : security_manager_(URLSecurityManager::Create()) {}
19 
20 HttpAuthPreferences::~HttpAuthPreferences() = default;
21 
NegotiateDisableCnameLookup() const22 bool HttpAuthPreferences::NegotiateDisableCnameLookup() const {
23   return negotiate_disable_cname_lookup_;
24 }
25 
NegotiateEnablePort() const26 bool HttpAuthPreferences::NegotiateEnablePort() const {
27   return negotiate_enable_port_;
28 }
29 
30 #if BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA)
NtlmV2Enabled() const31 bool HttpAuthPreferences::NtlmV2Enabled() const {
32   return ntlm_v2_enabled_;
33 }
34 #endif  // BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA)
35 
36 #if BUILDFLAG(IS_ANDROID)
AuthAndroidNegotiateAccountType() const37 std::string HttpAuthPreferences::AuthAndroidNegotiateAccountType() const {
38   return auth_android_negotiate_account_type_;
39 }
40 #endif  // BUILDFLAG(IS_ANDROID)
41 
42 #if BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX)
AllowGssapiLibraryLoad() const43 bool HttpAuthPreferences::AllowGssapiLibraryLoad() const {
44   return allow_gssapi_library_load_;
45 }
46 #endif  // BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX)
47 
CanUseDefaultCredentials(const url::SchemeHostPort & auth_scheme_host_port) const48 bool HttpAuthPreferences::CanUseDefaultCredentials(
49     const url::SchemeHostPort& auth_scheme_host_port) const {
50   return allow_default_credentials_ == ALLOW_DEFAULT_CREDENTIALS &&
51          security_manager_->CanUseDefaultCredentials(auth_scheme_host_port);
52 }
53 
54 using DelegationType = HttpAuth::DelegationType;
55 
GetDelegationType(const url::SchemeHostPort & auth_scheme_host_port) const56 DelegationType HttpAuthPreferences::GetDelegationType(
57     const url::SchemeHostPort& auth_scheme_host_port) const {
58   if (!security_manager_->CanDelegate(auth_scheme_host_port))
59     return DelegationType::kNone;
60 
61   if (delegate_by_kdc_policy())
62     return DelegationType::kByKdcPolicy;
63 
64   return DelegationType::kUnconstrained;
65 }
66 
SetAllowDefaultCredentials(DefaultCredentials creds)67 void HttpAuthPreferences::SetAllowDefaultCredentials(DefaultCredentials creds) {
68   allow_default_credentials_ = creds;
69 }
70 
IsAllowedToUseAllHttpAuthSchemes(const url::SchemeHostPort & scheme_host_port) const71 bool HttpAuthPreferences::IsAllowedToUseAllHttpAuthSchemes(
72     const url::SchemeHostPort& scheme_host_port) const {
73   return !http_auth_scheme_filter_ ||
74          http_auth_scheme_filter_.Run(scheme_host_port);
75 }
76 
SetServerAllowlist(const std::string & server_allowlist)77 void HttpAuthPreferences::SetServerAllowlist(
78     const std::string& server_allowlist) {
79   std::unique_ptr<HttpAuthFilter> allowlist;
80   if (!server_allowlist.empty())
81     allowlist = std::make_unique<HttpAuthFilterAllowlist>(server_allowlist);
82   security_manager_->SetDefaultAllowlist(std::move(allowlist));
83 }
84 
SetDelegateAllowlist(const std::string & delegate_allowlist)85 void HttpAuthPreferences::SetDelegateAllowlist(
86     const std::string& delegate_allowlist) {
87   std::unique_ptr<HttpAuthFilter> allowlist;
88   if (!delegate_allowlist.empty())
89     allowlist = std::make_unique<HttpAuthFilterAllowlist>(delegate_allowlist);
90   security_manager_->SetDelegateAllowlist(std::move(allowlist));
91 }
92 
93 }  // namespace net
94