xref: /aosp_15_r20/external/cronet/net/http/http_auth_handler_ntlm_win.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 // See "SSPI Sample Application" at
6 // http://msdn.microsoft.com/en-us/library/aa918273.aspx
7 // and "NTLM Security Support Provider" at
8 // http://msdn.microsoft.com/en-us/library/aa923611.aspx.
9 
10 #include "net/http/http_auth_handler_ntlm.h"
11 
12 #include "base/strings/string_util.h"
13 #include "net/base/net_errors.h"
14 #include "net/dns/host_resolver.h"
15 #include "net/http/http_auth.h"
16 #include "net/http/http_auth_preferences.h"
17 #include "net/http/http_auth_sspi_win.h"
18 
19 namespace net {
20 
CreateAuthHandler(HttpAuthChallengeTokenizer * challenge,HttpAuth::Target target,const SSLInfo & ssl_info,const NetworkAnonymizationKey & network_anonymization_key,const url::SchemeHostPort & scheme_host_port,CreateReason reason,int digest_nonce_count,const NetLogWithSource & net_log,HostResolver * host_resolver,std::unique_ptr<HttpAuthHandler> * handler)21 int HttpAuthHandlerNTLM::Factory::CreateAuthHandler(
22     HttpAuthChallengeTokenizer* challenge,
23     HttpAuth::Target target,
24     const SSLInfo& ssl_info,
25     const NetworkAnonymizationKey& network_anonymization_key,
26     const url::SchemeHostPort& scheme_host_port,
27     CreateReason reason,
28     int digest_nonce_count,
29     const NetLogWithSource& net_log,
30     HostResolver* host_resolver,
31     std::unique_ptr<HttpAuthHandler>* handler) {
32   if (reason == CREATE_PREEMPTIVE)
33     return ERR_UNSUPPORTED_AUTH_SCHEME;
34   // TODO(cbentzel): Move towards model of parsing in the factory
35   //                 method and only constructing when valid.
36   auto tmp_handler = std::make_unique<HttpAuthHandlerNTLM>(
37       sspi_library_.get(), http_auth_preferences());
38   if (!tmp_handler->InitFromChallenge(challenge, target, ssl_info,
39                                       network_anonymization_key, scheme_host_port,
40                                       net_log))
41     return ERR_INVALID_RESPONSE;
42   *handler = std::move(tmp_handler);
43   return OK;
44 }
45 
HttpAuthHandlerNTLM(SSPILibrary * sspi_library,const HttpAuthPreferences * http_auth_preferences)46 HttpAuthHandlerNTLM::HttpAuthHandlerNTLM(
47     SSPILibrary* sspi_library,
48     const HttpAuthPreferences* http_auth_preferences)
49     : mechanism_(sspi_library, HttpAuth::AUTH_SCHEME_NTLM),
50       http_auth_preferences_(http_auth_preferences) {}
51 
GenerateAuthTokenImpl(const AuthCredentials * credentials,const HttpRequestInfo * request,CompletionOnceCallback callback,std::string * auth_token)52 int HttpAuthHandlerNTLM::GenerateAuthTokenImpl(
53     const AuthCredentials* credentials,
54     const HttpRequestInfo* request,
55     CompletionOnceCallback callback,
56     std::string* auth_token) {
57   return mechanism_.GenerateAuthToken(credentials, CreateSPN(scheme_host_port_),
58                                       channel_bindings_, auth_token, net_log(),
59                                       std::move(callback));
60 }
61 
62 HttpAuthHandlerNTLM::~HttpAuthHandlerNTLM() = default;
63 
64 // Require identity on first pass instead of second.
NeedsIdentity()65 bool HttpAuthHandlerNTLM::NeedsIdentity() {
66   return mechanism_.NeedsIdentity();
67 }
68 
AllowsDefaultCredentials()69 bool HttpAuthHandlerNTLM::AllowsDefaultCredentials() {
70   if (target_ == HttpAuth::AUTH_PROXY)
71     return true;
72   if (!http_auth_preferences_)
73     return false;
74   return http_auth_preferences_->CanUseDefaultCredentials(scheme_host_port_);
75 }
76 
ParseChallenge(HttpAuthChallengeTokenizer * tok)77 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::ParseChallenge(
78     HttpAuthChallengeTokenizer* tok) {
79   return mechanism_.ParseChallenge(tok);
80 }
81 
82 }  // namespace net
83