xref: /aosp_15_r20/external/cronet/net/http/url_security_manager.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_
6 #define NET_HTTP_URL_SECURITY_MANAGER_H_
7 
8 #include <memory>
9 
10 #include "net/base/net_export.h"
11 
12 namespace url {
13 class SchemeHostPort;
14 }
15 
16 namespace net {
17 
18 class HttpAuthFilter;
19 
20 // The URL security manager controls the policies (allow, deny, prompt user)
21 // regarding URL actions (e.g., sending the default credentials to a server).
22 class NET_EXPORT_PRIVATE URLSecurityManager {
23  public:
24   URLSecurityManager() = default;
25 
26   URLSecurityManager(const URLSecurityManager&) = delete;
27   URLSecurityManager& operator=(const URLSecurityManager&) = delete;
28 
29   virtual ~URLSecurityManager() = default;
30 
31   // Creates a platform-dependent instance of URLSecurityManager.
32   //
33   // A security manager has two allowlists, a "default allowlist" that is a
34   // allowlist of servers with which default credentials can be used, and a
35   // "delegate allowlist" that is the allowlist of servers that are allowed to
36   // have delegated Kerberos tickets.
37   //
38   // On creation both allowlists are empty.
39   //
40   // If the default allowlist is empty and the platform is Windows, it indicates
41   // that security zone mapping should be used to determine whether default
42   // credentials should be used. If the default allowlist is empty and the
43   // platform is non-Windows, it indicates that no servers should be
44   // allowlisted.
45   //
46   // If the delegate allowlist is empty no servers can have delegated Kerberos
47   // tickets.
48   //
49   static std::unique_ptr<URLSecurityManager> Create();
50 
51   // Returns true if we can send the default credentials to the server at
52   // |auth_scheme_host_port| for HTTP NTLM or Negotiate authentication.
53   virtual bool CanUseDefaultCredentials(
54       const url::SchemeHostPort& auth_scheme_host_port) const = 0;
55 
56   // Returns true if Kerberos delegation is allowed for the server at
57   // |auth_scheme_host_port| for HTTP Negotiate authentication.
58   virtual bool CanDelegate(
59       const url::SchemeHostPort& auth_scheme_host_port) const = 0;
60 
61   virtual void SetDefaultAllowlist(
62       std::unique_ptr<HttpAuthFilter> allowlist_default) = 0;
63   virtual void SetDelegateAllowlist(
64       std::unique_ptr<HttpAuthFilter> allowlist_delegate) = 0;
65 };
66 
67 class URLSecurityManagerAllowlist : public URLSecurityManager {
68  public:
69   URLSecurityManagerAllowlist();
70 
71   URLSecurityManagerAllowlist(const URLSecurityManagerAllowlist&) = delete;
72   URLSecurityManagerAllowlist& operator=(const URLSecurityManagerAllowlist&) =
73       delete;
74 
75   ~URLSecurityManagerAllowlist() override;
76 
77   // URLSecurityManager methods.
78   bool CanUseDefaultCredentials(
79       const url::SchemeHostPort& auth_scheme_host_port) const override;
80   bool CanDelegate(
81       const url::SchemeHostPort& auth_scheme_host_port) const override;
82   void SetDefaultAllowlist(
83       std::unique_ptr<HttpAuthFilter> allowlist_default) override;
84   void SetDelegateAllowlist(
85       std::unique_ptr<HttpAuthFilter> allowlist_delegate) override;
86 
87  protected:
88   bool HasDefaultAllowlist() const;
89 
90  private:
91   std::unique_ptr<const HttpAuthFilter> allowlist_default_;
92   std::unique_ptr<const HttpAuthFilter> allowlist_delegate_;
93 };
94 
95 }  // namespace net
96 
97 #endif  // NET_HTTP_URL_SECURITY_MANAGER_H_
98