net/http/http_auth_handler_ntlm_win.cc

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 // See "SSPI Sample Application" at
   6 // http://msdn.microsoft.com/en-us/library/aa918273.aspx
   7 // and "NTLM Security Support Provider" at
   8 // http://msdn.microsoft.com/en-us/library/aa923611.aspx.
   9
  10 #include "net/http/http_auth_handler_ntlm.h"
  11
  12 #include "base/string_util.h"
  13 #include "net/base/net_errors.h"
  14 #include "net/base/net_util.h"
  15 #include "net/http/http_auth_sspi_win.h"
  16 #include "net/http/url_security_manager.h"
  17
  18 #pragma comment(lib, "secur32.lib")
  19
  20 namespace net {
  21
  22 HttpAuthHandlerNTLM::HttpAuthHandlerNTLM(
  23     SSPILibrary* sspi_library, ULONG max_token_length,
  24     URLSecurityManager* url_security_manager)
  25     : auth_sspi_(sspi_library, "NTLM", NTLMSP_NAME, max_token_length),
  26       url_security_manager_(url_security_manager) {
  27 }
  28
  29 HttpAuthHandlerNTLM::~HttpAuthHandlerNTLM() {
  30 }
  31
  32 // Require identity on first pass instead of second.
  33 bool HttpAuthHandlerNTLM::NeedsIdentity() {
  34   return auth_sspi_.NeedsIdentity();
  35 }
  36
  37 bool HttpAuthHandlerNTLM::AllowsDefaultCredentials() {
  38   if (target_ == HttpAuth::AUTH_PROXY)
  39     return true;
  40   if (!url_security_manager_)
  41     return false;
  42   return url_security_manager_->CanUseDefaultCredentials(origin_);
  43 }
  44
  45 HttpAuthHandlerNTLM::Factory::Factory()
  46     : max_token_length_(0),
  47       first_creation_(true),
  48       is_unsupported_(false),
  49       sspi_library_(NULL) {
  50 }
  51
  52 HttpAuthHandlerNTLM::Factory::~Factory() {
  53 }
  54
  55 int HttpAuthHandlerNTLM::Factory::CreateAuthHandler(
  56     HttpAuth::ChallengeTokenizer* challenge,
  57     HttpAuth::Target target,
  58     const GURL& origin,
  59     CreateReason reason,
  60     int digest_nonce_count,
  61     const BoundNetLog& net_log,
  62     scoped_ptr<HttpAuthHandler>* handler) {
  63   if (is_unsupported_ || reason == CREATE_PREEMPTIVE)
  64     return ERR_UNSUPPORTED_AUTH_SCHEME;
  65   if (max_token_length_ == 0) {
  66     int rv = DetermineMaxTokenLength(sspi_library_.get(), NTLMSP_NAME,
  67                                      &max_token_length_);
  68     if (rv == ERR_UNSUPPORTED_AUTH_SCHEME)
  69       is_unsupported_ = true;
  70     if (rv != OK)
  71       return rv;
  72   }
  73   // TODO(cbentzel): Move towards model of parsing in the factory
  74   //                 method and only constructing when valid.
  75   scoped_ptr<HttpAuthHandler> tmp_handler(
  76       new HttpAuthHandlerNTLM(sspi_library_.get(), max_token_length_,
  77                               url_security_manager()));
  78   if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))
  79     return ERR_INVALID_RESPONSE;
  80   handler->swap(tmp_handler);
  81   return OK;
  82 }
  83
  84 }  // namespace net