xref: /aosp_15_r20/external/cronet/net/http/http_auth_mechanism.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2018 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_HTTP_HTTP_AUTH_MECHANISM_H_
6 #define NET_HTTP_HTTP_AUTH_MECHANISM_H_
7 
8 #include <memory>
9 
10 #include "base/functional/callback_forward.h"
11 #include "net/base/completion_once_callback.h"
12 #include "net/base/net_export.h"
13 #include "net/http/http_auth.h"
14 
15 namespace net {
16 
17 class AuthCredentials;
18 class HttpAuthChallengeTokenizer;
19 class HttpAuthPreferences;
20 class NetLogWithSource;
21 
22 class NET_EXPORT_PRIVATE HttpAuthMechanism {
23  public:
24   virtual ~HttpAuthMechanism() = default;
25 
26   virtual bool Init(const NetLogWithSource& net_log) = 0;
27 
28   // True if authentication needs the identity of the user from Chrome.
29   virtual bool NeedsIdentity() const = 0;
30 
31   // True if authentication can use explicit credentials included in the URL or
32   // the user may be prompted for credentials.
33   virtual bool AllowsExplicitCredentials() const = 0;
34 
35   // Parse a received Negotiate challenge.
36   virtual HttpAuth::AuthorizationResult ParseChallenge(
37       HttpAuthChallengeTokenizer* tok) = 0;
38 
39   // Generates an authentication token.
40   //
41   // The return value is an error code. The authentication token will be
42   // returned in |*auth_token|. If the result code is not |OK|, the value of
43   // |*auth_token| is unspecified.
44   //
45   // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will
46   // be returned and the real result code will be passed to the completion
47   // callback.  Otherwise the result code is returned immediately from this
48   // call.
49   //
50   // If the AndroidAuthNegotiate object is deleted before completion then the
51   // callback will not be called.
52   //
53   // If no immediate result is returned then |auth_token| must remain valid
54   // until the callback has been called.
55   //
56   // |spn| is the Service Principal Name of the server that the token is
57   // being generated for.
58   //
59   // If this is the first round of a multiple round scheme, credentials are
60   // obtained using |*credentials|. If |credentials| is nullptr, the default
61   // credentials are used instead.
62   virtual int GenerateAuthToken(const AuthCredentials* credentials,
63                                 const std::string& spn,
64                                 const std::string& channel_bindings,
65                                 std::string* auth_token,
66                                 const NetLogWithSource& net_log,
67                                 CompletionOnceCallback callback) = 0;
68 
69   // Sets the delegation type allowed on the Kerberos ticket. This allows
70   // certain servers to act as the user, such as an IIS server retrieving data
71   // from a Kerberized MSSQL server.
72   virtual void SetDelegation(HttpAuth::DelegationType delegation_type) = 0;
73 };
74 
75 // Factory is just a callback that returns a unique_ptr.
76 using HttpAuthMechanismFactory =
77     base::RepeatingCallback<std::unique_ptr<HttpAuthMechanism>(
78         const HttpAuthPreferences*)>;
79 
80 }  // namespace net
81 
82 #endif  // NET_HTTP_HTTP_AUTH_MECHANISM_H_
83