1*6777b538SAndroid Build Coastguard Worker // Copyright 2015 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #include "net/http/http_auth_preferences.h" 6*6777b538SAndroid Build Coastguard Worker 7*6777b538SAndroid Build Coastguard Worker #include <utility> 8*6777b538SAndroid Build Coastguard Worker 9*6777b538SAndroid Build Coastguard Worker #include "base/strings/string_split.h" 10*6777b538SAndroid Build Coastguard Worker #include "build/build_config.h" 11*6777b538SAndroid Build Coastguard Worker #include "build/chromeos_buildflags.h" 12*6777b538SAndroid Build Coastguard Worker #include "net/http/http_auth_filter.h" 13*6777b538SAndroid Build Coastguard Worker #include "net/http/url_security_manager.h" 14*6777b538SAndroid Build Coastguard Worker 15*6777b538SAndroid Build Coastguard Worker namespace net { 16*6777b538SAndroid Build Coastguard Worker HttpAuthPreferences()17*6777b538SAndroid Build Coastguard WorkerHttpAuthPreferences::HttpAuthPreferences() 18*6777b538SAndroid Build Coastguard Worker : security_manager_(URLSecurityManager::Create()) {} 19*6777b538SAndroid Build Coastguard Worker 20*6777b538SAndroid Build Coastguard Worker HttpAuthPreferences::~HttpAuthPreferences() = default; 21*6777b538SAndroid Build Coastguard Worker NegotiateDisableCnameLookup() const22*6777b538SAndroid Build Coastguard Workerbool HttpAuthPreferences::NegotiateDisableCnameLookup() const { 23*6777b538SAndroid Build Coastguard Worker return negotiate_disable_cname_lookup_; 24*6777b538SAndroid Build Coastguard Worker } 25*6777b538SAndroid Build Coastguard Worker NegotiateEnablePort() const26*6777b538SAndroid Build Coastguard Workerbool HttpAuthPreferences::NegotiateEnablePort() const { 27*6777b538SAndroid Build Coastguard Worker return negotiate_enable_port_; 28*6777b538SAndroid Build Coastguard Worker } 29*6777b538SAndroid Build Coastguard Worker 30*6777b538SAndroid Build Coastguard Worker #if BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA) NtlmV2Enabled() const31*6777b538SAndroid Build Coastguard Workerbool HttpAuthPreferences::NtlmV2Enabled() const { 32*6777b538SAndroid Build Coastguard Worker return ntlm_v2_enabled_; 33*6777b538SAndroid Build Coastguard Worker } 34*6777b538SAndroid Build Coastguard Worker #endif // BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA) 35*6777b538SAndroid Build Coastguard Worker 36*6777b538SAndroid Build Coastguard Worker #if BUILDFLAG(IS_ANDROID) AuthAndroidNegotiateAccountType() const37*6777b538SAndroid Build Coastguard Workerstd::string HttpAuthPreferences::AuthAndroidNegotiateAccountType() const { 38*6777b538SAndroid Build Coastguard Worker return auth_android_negotiate_account_type_; 39*6777b538SAndroid Build Coastguard Worker } 40*6777b538SAndroid Build Coastguard Worker #endif // BUILDFLAG(IS_ANDROID) 41*6777b538SAndroid Build Coastguard Worker 42*6777b538SAndroid Build Coastguard Worker #if BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX) AllowGssapiLibraryLoad() const43*6777b538SAndroid Build Coastguard Workerbool HttpAuthPreferences::AllowGssapiLibraryLoad() const { 44*6777b538SAndroid Build Coastguard Worker return allow_gssapi_library_load_; 45*6777b538SAndroid Build Coastguard Worker } 46*6777b538SAndroid Build Coastguard Worker #endif // BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX) 47*6777b538SAndroid Build Coastguard Worker CanUseDefaultCredentials(const url::SchemeHostPort & auth_scheme_host_port) const48*6777b538SAndroid Build Coastguard Workerbool HttpAuthPreferences::CanUseDefaultCredentials( 49*6777b538SAndroid Build Coastguard Worker const url::SchemeHostPort& auth_scheme_host_port) const { 50*6777b538SAndroid Build Coastguard Worker return allow_default_credentials_ == ALLOW_DEFAULT_CREDENTIALS && 51*6777b538SAndroid Build Coastguard Worker security_manager_->CanUseDefaultCredentials(auth_scheme_host_port); 52*6777b538SAndroid Build Coastguard Worker } 53*6777b538SAndroid Build Coastguard Worker 54*6777b538SAndroid Build Coastguard Worker using DelegationType = HttpAuth::DelegationType; 55*6777b538SAndroid Build Coastguard Worker GetDelegationType(const url::SchemeHostPort & auth_scheme_host_port) const56*6777b538SAndroid Build Coastguard WorkerDelegationType HttpAuthPreferences::GetDelegationType( 57*6777b538SAndroid Build Coastguard Worker const url::SchemeHostPort& auth_scheme_host_port) const { 58*6777b538SAndroid Build Coastguard Worker if (!security_manager_->CanDelegate(auth_scheme_host_port)) 59*6777b538SAndroid Build Coastguard Worker return DelegationType::kNone; 60*6777b538SAndroid Build Coastguard Worker 61*6777b538SAndroid Build Coastguard Worker if (delegate_by_kdc_policy()) 62*6777b538SAndroid Build Coastguard Worker return DelegationType::kByKdcPolicy; 63*6777b538SAndroid Build Coastguard Worker 64*6777b538SAndroid Build Coastguard Worker return DelegationType::kUnconstrained; 65*6777b538SAndroid Build Coastguard Worker } 66*6777b538SAndroid Build Coastguard Worker SetAllowDefaultCredentials(DefaultCredentials creds)67*6777b538SAndroid Build Coastguard Workervoid HttpAuthPreferences::SetAllowDefaultCredentials(DefaultCredentials creds) { 68*6777b538SAndroid Build Coastguard Worker allow_default_credentials_ = creds; 69*6777b538SAndroid Build Coastguard Worker } 70*6777b538SAndroid Build Coastguard Worker IsAllowedToUseAllHttpAuthSchemes(const url::SchemeHostPort & scheme_host_port) const71*6777b538SAndroid Build Coastguard Workerbool HttpAuthPreferences::IsAllowedToUseAllHttpAuthSchemes( 72*6777b538SAndroid Build Coastguard Worker const url::SchemeHostPort& scheme_host_port) const { 73*6777b538SAndroid Build Coastguard Worker return !http_auth_scheme_filter_ || 74*6777b538SAndroid Build Coastguard Worker http_auth_scheme_filter_.Run(scheme_host_port); 75*6777b538SAndroid Build Coastguard Worker } 76*6777b538SAndroid Build Coastguard Worker SetServerAllowlist(const std::string & server_allowlist)77*6777b538SAndroid Build Coastguard Workervoid HttpAuthPreferences::SetServerAllowlist( 78*6777b538SAndroid Build Coastguard Worker const std::string& server_allowlist) { 79*6777b538SAndroid Build Coastguard Worker std::unique_ptr<HttpAuthFilter> allowlist; 80*6777b538SAndroid Build Coastguard Worker if (!server_allowlist.empty()) 81*6777b538SAndroid Build Coastguard Worker allowlist = std::make_unique<HttpAuthFilterAllowlist>(server_allowlist); 82*6777b538SAndroid Build Coastguard Worker security_manager_->SetDefaultAllowlist(std::move(allowlist)); 83*6777b538SAndroid Build Coastguard Worker } 84*6777b538SAndroid Build Coastguard Worker SetDelegateAllowlist(const std::string & delegate_allowlist)85*6777b538SAndroid Build Coastguard Workervoid HttpAuthPreferences::SetDelegateAllowlist( 86*6777b538SAndroid Build Coastguard Worker const std::string& delegate_allowlist) { 87*6777b538SAndroid Build Coastguard Worker std::unique_ptr<HttpAuthFilter> allowlist; 88*6777b538SAndroid Build Coastguard Worker if (!delegate_allowlist.empty()) 89*6777b538SAndroid Build Coastguard Worker allowlist = std::make_unique<HttpAuthFilterAllowlist>(delegate_allowlist); 90*6777b538SAndroid Build Coastguard Worker security_manager_->SetDelegateAllowlist(std::move(allowlist)); 91*6777b538SAndroid Build Coastguard Worker } 92*6777b538SAndroid Build Coastguard Worker 93*6777b538SAndroid Build Coastguard Worker } // namespace net 94