xref: /aosp_15_r20/external/cronet/net/http/http_auth_handler_ntlm.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_
6 #define NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_
7 
8 #include <stddef.h>
9 #include <stdint.h>
10 
11 #include "base/memory/raw_ptr.h"
12 #include "build/build_config.h"
13 
14 // This contains the portable and the SSPI implementations for NTLM.
15 // We use NTLM_SSPI for Windows, and NTLM_PORTABLE for other platforms.
16 #if BUILDFLAG(IS_WIN)
17 #define NTLM_SSPI
18 #else
19 #define NTLM_PORTABLE
20 #endif
21 
22 #if defined(NTLM_SSPI)
23 #include "net/http/http_auth_sspi_win.h"
24 #elif defined(NTLM_PORTABLE)
25 #include "net/http/http_auth_ntlm_mechanism.h"
26 #endif
27 
28 #include <memory>
29 #include <string>
30 #include <vector>
31 
32 #include "net/base/completion_once_callback.h"
33 #include "net/base/net_export.h"
34 #include "net/http/http_auth_handler.h"
35 #include "net/http/http_auth_handler_factory.h"
36 
37 namespace url {
38 class SchemeHostPort;
39 }
40 
41 namespace net {
42 
43 class HttpAuthPreferences;
44 
45 // Code for handling HTTP NTLM authentication.
46 class NET_EXPORT_PRIVATE HttpAuthHandlerNTLM : public HttpAuthHandler {
47  public:
48   class Factory : public HttpAuthHandlerFactory {
49    public:
50     Factory();
51 
52     Factory(const Factory&) = delete;
53     Factory& operator=(const Factory&) = delete;
54 
55     ~Factory() override;
56 
57     int CreateAuthHandler(
58         HttpAuthChallengeTokenizer* challenge,
59         HttpAuth::Target target,
60         const SSLInfo& ssl_info,
61         const NetworkAnonymizationKey& network_anonymization_key,
62         const url::SchemeHostPort& scheme_host_port,
63         CreateReason reason,
64         int digest_nonce_count,
65         const NetLogWithSource& net_log,
66         HostResolver* host_resolver,
67         std::unique_ptr<HttpAuthHandler>* handler) override;
68 #if defined(NTLM_SSPI)
69     // Set the SSPILibrary to use. Typically the only callers which need to use
70     // this are unit tests which pass in a mocked-out version of the SSPI
71     // library.  After the call |sspi_library| will be owned by this Factory and
72     // will be destroyed when the Factory is destroyed.
set_sspi_library(std::unique_ptr<SSPILibrary> sspi_library)73     void set_sspi_library(std::unique_ptr<SSPILibrary> sspi_library) {
74       sspi_library_ = std::move(sspi_library);
75     }
76 #endif  // defined(NTLM_SSPI)
77 
78    private:
79 #if defined(NTLM_SSPI)
80     std::unique_ptr<SSPILibrary> sspi_library_;
81 #endif  // defined(NTLM_SSPI)
82   };
83 
84 #if defined(NTLM_PORTABLE)
85   explicit HttpAuthHandlerNTLM(
86       const HttpAuthPreferences* http_auth_preferences);
87 #endif
88 #if defined(NTLM_SSPI)
89   HttpAuthHandlerNTLM(SSPILibrary* sspi_library,
90                       const HttpAuthPreferences* http_auth_preferences);
91 #endif
92 
93   HttpAuthHandlerNTLM(const HttpAuthHandlerNTLM&) = delete;
94   HttpAuthHandlerNTLM& operator=(const HttpAuthHandlerNTLM&) = delete;
95 
96   ~HttpAuthHandlerNTLM() override;
97 
98   // HttpAuthHandler
99   bool NeedsIdentity() override;
100   bool AllowsDefaultCredentials() override;
101 
102  protected:
103   // HttpAuthHandler
104   bool Init(HttpAuthChallengeTokenizer* tok,
105             const SSLInfo& ssl_info,
106             const NetworkAnonymizationKey& network_anonymization_key) override;
107   int GenerateAuthTokenImpl(const AuthCredentials* credentials,
108                             const HttpRequestInfo* request,
109                             CompletionOnceCallback callback,
110                             std::string* auth_token) override;
111   HttpAuth::AuthorizationResult HandleAnotherChallengeImpl(
112       HttpAuthChallengeTokenizer* challenge) override;
113 
114  private:
115   // Parse the challenge, saving the results into this instance.
116   HttpAuth::AuthorizationResult ParseChallenge(HttpAuthChallengeTokenizer* tok);
117 
118   // Create an NTLM SPN to identify the |scheme_host_port| server.
119   static std::string CreateSPN(const url::SchemeHostPort& scheme_host_port);
120 
121 #if defined(NTLM_SSPI)
122   HttpAuthSSPI mechanism_;
123   raw_ptr<const HttpAuthPreferences> http_auth_preferences_;
124 #elif defined(NTLM_PORTABLE)
125   HttpAuthNtlmMechanism mechanism_;
126 #endif
127 
128   std::string channel_bindings_;
129 };
130 
131 }  // namespace net
132 
133 #endif  // NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_
134