HttpAuth SchemeHostPort 1: Switch auth cache to SchemeHostPort.
Switch the HttpAuthCache from using Origins to url::SchemeHostPorts. Origins are only intended for use as document webby Origins, as opposed to for network authorities, which should be stored as SchemeHostPort. Followup CLs will wire up SchemeHostPorts further up the HttpAuth stack, eventually replacing HttpAuthChallengeInfo::challenge (which is passed over Mojo). url::Origin::Create() is slated to be deprecated to help protect against creating incorrect origins. Bug: 1270878 Change-Id: I88cb4d3cc4cf4faaba59c8029c67c8d6f3dae74b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3292564 Reviewed-by: Eric Orth <ericorth@chromium.org> Reviewed-by: Christian Dullweber <dullweber@chromium.org> Reviewed-by: Achuith Bhandarkar <achuith@chromium.org> Commit-Queue: Matt Menke <mmenke@chromium.org> Cr-Commit-Position: refs/heads/main@{#944639}
This commit is contained in:
Matt Menke
committed by
Chromium LUCI CQ
Chromium LUCI CQ
parent
eb2bb156e7
commit
8db2ff5093
chrome/browser
ash
login
net
browsing_data
net
http
http_auth_cache.cchttp_auth_cache.hhttp_auth_cache_unittest.cchttp_auth_controller.cchttp_auth_controller.hhttp_network_transaction_unittest.cchttp_proxy_connect_job_unittest.cc
quic
socket
spdy
services/network
@@ -39,6 +39,7 @@
|
|||||||
#include "services/network/public/mojom/network_context.mojom-forward.h"
|
#include "services/network/public/mojom/network_context.mojom-forward.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
#include "url/gurl.h"
|
#include "url/gurl.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
namespace ash {
|
namespace ash {
|
||||||
namespace {
|
namespace {
|
||||||
@@ -173,8 +174,9 @@ net::CookieList ProfileAuthDataTest::GetUserCookies() {
|
|||||||
void ProfileAuthDataTest::VerifyTransferredUserProxyAuthEntry() {
|
void ProfileAuthDataTest::VerifyTransferredUserProxyAuthEntry() {
|
||||||
net::HttpAuthCache::Entry* entry =
|
net::HttpAuthCache::Entry* entry =
|
||||||
GetAuthCache(user_network_context_.get())
|
GetAuthCache(user_network_context_.get())
|
||||||
->Lookup(GURL(kProxyAuthURL), net::HttpAuth::AUTH_PROXY,
|
->Lookup(url::SchemeHostPort(GURL(kProxyAuthURL)),
|
||||||
kProxyAuthRealm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_PROXY, kProxyAuthRealm,
|
||||||
|
net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey());
|
net::NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
EXPECT_EQ(kProxyAuthPassword1, entry->credentials().password());
|
EXPECT_EQ(kProxyAuthPassword1, entry->credentials().password());
|
||||||
@@ -209,9 +211,9 @@ void ProfileAuthDataTest::PopulateBrowserContext(
|
|||||||
const std::u16string& proxy_auth_password,
|
const std::u16string& proxy_auth_password,
|
||||||
const std::string& cookie_value) {
|
const std::string& cookie_value) {
|
||||||
GetAuthCache(network_context)
|
GetAuthCache(network_context)
|
||||||
->Add(GURL(kProxyAuthURL), net::HttpAuth::AUTH_PROXY, kProxyAuthRealm,
|
->Add(url::SchemeHostPort(GURL(kProxyAuthURL)), net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
kProxyAuthRealm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
kProxyAuthChallenge,
|
net::NetworkIsolationKey(), kProxyAuthChallenge,
|
||||||
net::AuthCredentials(std::u16string(), proxy_auth_password),
|
net::AuthCredentials(std::u16string(), proxy_auth_password),
|
||||||
std::string());
|
std::string());
|
||||||
|
|
||||||
|
|||||||
@@ -36,6 +36,7 @@
|
|||||||
#include "services/network/network_service.h"
|
#include "services/network/network_service.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
#include "url/gurl.h"
|
#include "url/gurl.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
namespace ash {
|
namespace ash {
|
||||||
namespace login {
|
namespace login {
|
||||||
@@ -55,10 +56,10 @@ void AddEntryToHttpAuthCache(network::NetworkContext* network_context) {
|
|||||||
->http_transaction_factory()
|
->http_transaction_factory()
|
||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache();
|
->http_auth_cache();
|
||||||
http_auth_cache->Add(GURL(kEmbedderUrl), net::HttpAuth::AUTH_PROXY, "",
|
http_auth_cache->Add(
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
url::SchemeHostPort(GURL(kEmbedderUrl)), net::HttpAuth::AUTH_PROXY, "",
|
||||||
net::NetworkIsolationKey(), "", net::AuthCredentials(),
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(), "",
|
||||||
"");
|
net::AuthCredentials(), "");
|
||||||
}
|
}
|
||||||
|
|
||||||
void IsEntryInHttpAuthCache(network::NetworkContext* network_context,
|
void IsEntryInHttpAuthCache(network::NetworkContext* network_context,
|
||||||
@@ -68,7 +69,8 @@ void IsEntryInHttpAuthCache(network::NetworkContext* network_context,
|
|||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache();
|
->http_auth_cache();
|
||||||
*out_entry_found =
|
*out_entry_found =
|
||||||
http_auth_cache->Lookup(GURL(kEmbedderUrl), net::HttpAuth::AUTH_PROXY, "",
|
http_auth_cache->Lookup(url::SchemeHostPort(GURL(kEmbedderUrl)),
|
||||||
|
net::HttpAuth::AUTH_PROXY, "",
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()) != nullptr;
|
net::NetworkIsolationKey()) != nullptr;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -39,6 +39,8 @@
|
|||||||
#include "services/network/network_service.h"
|
#include "services/network/network_service.h"
|
||||||
#include "testing/gmock/include/gmock/gmock.h"
|
#include "testing/gmock/include/gmock/gmock.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
|
#include "url/gurl.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
using testing::_;
|
using testing::_;
|
||||||
using testing::Invoke;
|
using testing::Invoke;
|
||||||
@@ -246,7 +248,8 @@ TEST_F(SystemProxyManagerTest, UserCredentialsRequestedFromNetworkService) {
|
|||||||
->http_transaction_factory()
|
->http_transaction_factory()
|
||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache()
|
->http_auth_cache()
|
||||||
->Add(GURL(kProxyAuthEmptyPath), net::HttpAuth::AUTH_PROXY, kRealm,
|
->Add(url::SchemeHostPort(GURL(kProxyAuthEmptyPath)),
|
||||||
|
net::HttpAuth::AUTH_PROXY, kRealm,
|
||||||
net::HttpAuth::AUTH_SCHEME_DIGEST, net::NetworkIsolationKey(),
|
net::HttpAuth::AUTH_SCHEME_DIGEST, net::NetworkIsolationKey(),
|
||||||
kProxyAuthChallenge,
|
kProxyAuthChallenge,
|
||||||
net::AuthCredentials(kBrowserUsername16, kBrowserPassword16),
|
net::AuthCredentials(kBrowserUsername16, kBrowserPassword16),
|
||||||
|
|||||||
@@ -147,6 +147,7 @@
|
|||||||
#include "ui/gfx/favicon_size.h"
|
#include "ui/gfx/favicon_size.h"
|
||||||
#include "url/gurl.h"
|
#include "url/gurl.h"
|
||||||
#include "url/origin.h"
|
#include "url/origin.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
#if defined(OS_ANDROID)
|
#if defined(OS_ANDROID)
|
||||||
#include "chrome/browser/android/customtabs/origin_verifier.h"
|
#include "chrome/browser/android/customtabs/origin_verifier.h"
|
||||||
@@ -2622,12 +2623,12 @@ TEST_F(ChromeBrowsingDataRemoverDelegateTest,
|
|||||||
DCHECK(http_session);
|
DCHECK(http_session);
|
||||||
|
|
||||||
net::HttpAuthCache* http_auth_cache = http_session->http_auth_cache();
|
net::HttpAuthCache* http_auth_cache = http_session->http_auth_cache();
|
||||||
const GURL kOrigin1("http://host1.com:1");
|
const url::SchemeHostPort kSchemeHostPort(GURL("http://host1.com:1"));
|
||||||
http_auth_cache->Add(kOrigin1, net::HttpAuth::AUTH_SERVER, kTestRealm,
|
http_auth_cache->Add(kSchemeHostPort, net::HttpAuth::AUTH_SERVER, kTestRealm,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey(), "test challenge",
|
net::NetworkIsolationKey(), "test challenge",
|
||||||
net::AuthCredentials(u"foo", u"bar"), "/");
|
net::AuthCredentials(u"foo", u"bar"), "/");
|
||||||
CHECK(http_auth_cache->Lookup(kOrigin1, net::HttpAuth::AUTH_SERVER,
|
CHECK(http_auth_cache->Lookup(kSchemeHostPort, net::HttpAuth::AUTH_SERVER,
|
||||||
kTestRealm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
kTestRealm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
|
|
||||||
@@ -2636,7 +2637,7 @@ TEST_F(ChromeBrowsingDataRemoverDelegateTest,
|
|||||||
|
|
||||||
EXPECT_EQ(nullptr,
|
EXPECT_EQ(nullptr,
|
||||||
http_auth_cache->Lookup(
|
http_auth_cache->Lookup(
|
||||||
kOrigin1, net::HttpAuth::AUTH_SERVER, kTestRealm,
|
kSchemeHostPort, net::HttpAuth::AUTH_SERVER, kTestRealm,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey()));
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey()));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -8,6 +8,8 @@
|
|||||||
#include "base/logging.h"
|
#include "base/logging.h"
|
||||||
#include "base/metrics/histogram_macros.h"
|
#include "base/metrics/histogram_macros.h"
|
||||||
#include "base/strings/string_util.h"
|
#include "base/strings/string_util.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
#include "url/url_constants.h"
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
|
|
||||||
@@ -37,12 +39,13 @@ bool IsEnclosingPath(const std::string& container, const std::string& path) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if DCHECK_IS_ON()
|
#if DCHECK_IS_ON()
|
||||||
// Debug helper to check that |origin| arguments are properly formed.
|
// Debug helper to check that |scheme_host_port| arguments are properly formed.
|
||||||
// TODO(asanka): Switch auth cache to use url::Origin.
|
void CheckSchemeHostPortIsValid(const url::SchemeHostPort& scheme_host_port) {
|
||||||
void CheckOriginIsValid(const GURL& origin) {
|
DCHECK(scheme_host_port.IsValid());
|
||||||
DCHECK(origin.is_valid());
|
DCHECK(scheme_host_port.scheme() == url::kHttpScheme ||
|
||||||
DCHECK(origin.SchemeIsHTTPOrHTTPS() || origin.SchemeIsWSOrWSS());
|
scheme_host_port.scheme() == url::kHttpsScheme ||
|
||||||
DCHECK(origin.DeprecatedGetOriginAsURL() == origin);
|
scheme_host_port.scheme() == url::kWsScheme ||
|
||||||
|
scheme_host_port.scheme() == url::kWssScheme);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Debug helper to check that |path| arguments are properly formed.
|
// Debug helper to check that |path| arguments are properly formed.
|
||||||
@@ -86,33 +89,33 @@ void HttpAuthCache::SetKeyServerEntriesByNetworkIsolationKey(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Performance: O(logN+n), where N is the total number of entries, n is the
|
// Performance: O(logN+n), where N is the total number of entries, n is the
|
||||||
// number of realm entries for the given origin, target, and with a matching
|
// number of realm entries for the given SchemeHostPort, target, and with a
|
||||||
// NetworkIsolationKey.
|
// matching NetworkIsolationKey.
|
||||||
HttpAuthCache::Entry* HttpAuthCache::Lookup(
|
HttpAuthCache::Entry* HttpAuthCache::Lookup(
|
||||||
const GURL& origin,
|
const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
const NetworkIsolationKey& network_isolation_key) {
|
const NetworkIsolationKey& network_isolation_key) {
|
||||||
EntryMap::iterator entry_it =
|
EntryMap::iterator entry_it = LookupEntryIt(scheme_host_port, target, realm,
|
||||||
LookupEntryIt(origin, target, realm, scheme, network_isolation_key);
|
scheme, network_isolation_key);
|
||||||
if (entry_it == entries_.end())
|
if (entry_it == entries_.end())
|
||||||
return nullptr;
|
return nullptr;
|
||||||
return &(entry_it->second);
|
return &(entry_it->second);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Performance: O(logN+n*m), where N is the total number of entries, n is the
|
// Performance: O(logN+n*m), where N is the total number of entries, n is the
|
||||||
// number of realm entries for the given origin, target, and
|
// number of realm entries for the given SchemeHostPort, target, and
|
||||||
// NetworkIsolationKey, m is the number of path entries per realm. Both n and m
|
// NetworkIsolationKey, m is the number of path entries per realm. Both n and m
|
||||||
// are expected to be small; m is kept small because AddPath() only keeps the
|
// are expected to be small; m is kept small because AddPath() only keeps the
|
||||||
// shallowest entry.
|
// shallowest entry.
|
||||||
HttpAuthCache::Entry* HttpAuthCache::LookupByPath(
|
HttpAuthCache::Entry* HttpAuthCache::LookupByPath(
|
||||||
const GURL& origin,
|
const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const NetworkIsolationKey& network_isolation_key,
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
const std::string& path) {
|
const std::string& path) {
|
||||||
#if DCHECK_IS_ON()
|
#if DCHECK_IS_ON()
|
||||||
CheckOriginIsValid(origin);
|
CheckSchemeHostPortIsValid(scheme_host_port);
|
||||||
CheckPathIsValid(path);
|
CheckPathIsValid(path);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -122,16 +125,17 @@ HttpAuthCache::Entry* HttpAuthCache::LookupByPath(
|
|||||||
// within the protection space ...
|
// within the protection space ...
|
||||||
std::string parent_dir = GetParentDirectory(path);
|
std::string parent_dir = GetParentDirectory(path);
|
||||||
|
|
||||||
// Linear scan through the <scheme, realm> entries for the given origin.
|
// Linear scan through the <scheme, realm> entries for the given
|
||||||
|
// SchemeHostPort.
|
||||||
auto entry_range = entries_.equal_range(
|
auto entry_range = entries_.equal_range(
|
||||||
EntryMapKey(origin, target, network_isolation_key,
|
EntryMapKey(scheme_host_port, target, network_isolation_key,
|
||||||
key_server_entries_by_network_isolation_key_));
|
key_server_entries_by_network_isolation_key_));
|
||||||
auto best_match_it = entries_.end();
|
auto best_match_it = entries_.end();
|
||||||
size_t best_match_length = 0;
|
size_t best_match_length = 0;
|
||||||
for (auto it = entry_range.first; it != entry_range.second; ++it) {
|
for (auto it = entry_range.first; it != entry_range.second; ++it) {
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
auto& entry = it->second;
|
auto& entry = it->second;
|
||||||
DCHECK(entry.origin() == origin);
|
DCHECK(entry.scheme_host_port() == scheme_host_port);
|
||||||
if (entry.HasEnclosingPath(parent_dir, &len) &&
|
if (entry.HasEnclosingPath(parent_dir, &len) &&
|
||||||
(best_match_it == entries_.end() || len > best_match_length)) {
|
(best_match_it == entries_.end() || len > best_match_length)) {
|
||||||
best_match_it = it;
|
best_match_it = it;
|
||||||
@@ -147,7 +151,7 @@ HttpAuthCache::Entry* HttpAuthCache::LookupByPath(
|
|||||||
}
|
}
|
||||||
|
|
||||||
HttpAuthCache::Entry* HttpAuthCache::Add(
|
HttpAuthCache::Entry* HttpAuthCache::Add(
|
||||||
const GURL& origin,
|
const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
@@ -156,7 +160,7 @@ HttpAuthCache::Entry* HttpAuthCache::Add(
|
|||||||
const AuthCredentials& credentials,
|
const AuthCredentials& credentials,
|
||||||
const std::string& path) {
|
const std::string& path) {
|
||||||
#if DCHECK_IS_ON()
|
#if DCHECK_IS_ON()
|
||||||
CheckOriginIsValid(origin);
|
CheckSchemeHostPortIsValid(scheme_host_port);
|
||||||
CheckPathIsValid(path);
|
CheckPathIsValid(path);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -164,7 +168,7 @@ HttpAuthCache::Entry* HttpAuthCache::Add(
|
|||||||
|
|
||||||
// Check for existing entry (we will re-use it if present).
|
// Check for existing entry (we will re-use it if present).
|
||||||
HttpAuthCache::Entry* entry =
|
HttpAuthCache::Entry* entry =
|
||||||
Lookup(origin, target, realm, scheme, network_isolation_key);
|
Lookup(scheme_host_port, target, realm, scheme, network_isolation_key);
|
||||||
if (!entry) {
|
if (!entry) {
|
||||||
// Failsafe to prevent unbounded memory growth of the cache.
|
// Failsafe to prevent unbounded memory growth of the cache.
|
||||||
//
|
//
|
||||||
@@ -178,19 +182,20 @@ HttpAuthCache::Entry* HttpAuthCache::Add(
|
|||||||
DLOG(WARNING) << "Num auth cache entries reached limit -- evicting";
|
DLOG(WARNING) << "Num auth cache entries reached limit -- evicting";
|
||||||
EvictLeastRecentlyUsedEntry();
|
EvictLeastRecentlyUsedEntry();
|
||||||
}
|
}
|
||||||
entry = &(entries_
|
entry =
|
||||||
.emplace(std::make_pair(
|
&(entries_
|
||||||
EntryMapKey(origin, target, network_isolation_key,
|
.emplace(std::make_pair(
|
||||||
key_server_entries_by_network_isolation_key_),
|
EntryMapKey(scheme_host_port, target, network_isolation_key,
|
||||||
Entry()))
|
key_server_entries_by_network_isolation_key_),
|
||||||
->second);
|
Entry()))
|
||||||
entry->origin_ = origin;
|
->second);
|
||||||
|
entry->scheme_host_port_ = scheme_host_port;
|
||||||
entry->realm_ = realm;
|
entry->realm_ = realm;
|
||||||
entry->scheme_ = scheme;
|
entry->scheme_ = scheme;
|
||||||
entry->creation_time_ticks_ = now_ticks;
|
entry->creation_time_ticks_ = now_ticks;
|
||||||
entry->creation_time_ = clock_->Now();
|
entry->creation_time_ = clock_->Now();
|
||||||
}
|
}
|
||||||
DCHECK_EQ(origin, entry->origin_);
|
DCHECK_EQ(scheme_host_port, entry->scheme_host_port_);
|
||||||
DCHECK_EQ(realm, entry->realm_);
|
DCHECK_EQ(realm, entry->realm_);
|
||||||
DCHECK_EQ(scheme, entry->scheme_);
|
DCHECK_EQ(scheme, entry->scheme_);
|
||||||
|
|
||||||
@@ -214,7 +219,7 @@ void HttpAuthCache::Entry::UpdateStaleChallenge(
|
|||||||
}
|
}
|
||||||
|
|
||||||
bool HttpAuthCache::Entry::IsEqualForTesting(const Entry& other) const {
|
bool HttpAuthCache::Entry::IsEqualForTesting(const Entry& other) const {
|
||||||
if (origin() != other.origin())
|
if (scheme_host_port() != other.scheme_host_port())
|
||||||
return false;
|
return false;
|
||||||
if (realm() != other.realm())
|
if (realm() != other.realm())
|
||||||
return false;
|
return false;
|
||||||
@@ -247,7 +252,7 @@ void HttpAuthCache::Entry::AddPath(const std::string& path) {
|
|||||||
// Data collected on June of 2019 indicate that when we get here, the list
|
// Data collected on June of 2019 indicate that when we get here, the list
|
||||||
// of paths has reached the 10 entry maximum around 1% of the time.
|
// of paths has reached the 10 entry maximum around 1% of the time.
|
||||||
if (paths_.size() >= kMaxNumPathsPerRealmEntry) {
|
if (paths_.size() >= kMaxNumPathsPerRealmEntry) {
|
||||||
DLOG(WARNING) << "Num path entries for " << origin()
|
DLOG(WARNING) << "Num path entries for " << scheme_host_port()
|
||||||
<< " has grown too large -- evicting";
|
<< " has grown too large -- evicting";
|
||||||
paths_.pop_back();
|
paths_.pop_back();
|
||||||
}
|
}
|
||||||
@@ -278,14 +283,14 @@ bool HttpAuthCache::Entry::HasEnclosingPath(const std::string& dir,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool HttpAuthCache::Remove(const GURL& origin,
|
bool HttpAuthCache::Remove(const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
const NetworkIsolationKey& network_isolation_key,
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
const AuthCredentials& credentials) {
|
const AuthCredentials& credentials) {
|
||||||
EntryMap::iterator entry_it =
|
EntryMap::iterator entry_it = LookupEntryIt(scheme_host_port, target, realm,
|
||||||
LookupEntryIt(origin, target, realm, scheme, network_isolation_key);
|
scheme, network_isolation_key);
|
||||||
if (entry_it == entries_.end())
|
if (entry_it == entries_.end())
|
||||||
return false;
|
return false;
|
||||||
Entry& entry = entry_it->second;
|
Entry& entry = entry_it->second;
|
||||||
@@ -315,14 +320,14 @@ void HttpAuthCache::ClearAllEntries() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
bool HttpAuthCache::UpdateStaleChallenge(
|
bool HttpAuthCache::UpdateStaleChallenge(
|
||||||
const GURL& origin,
|
const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
const NetworkIsolationKey& network_isolation_key,
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
const std::string& auth_challenge) {
|
const std::string& auth_challenge) {
|
||||||
HttpAuthCache::Entry* entry =
|
HttpAuthCache::Entry* entry =
|
||||||
Lookup(origin, target, realm, scheme, network_isolation_key);
|
Lookup(scheme_host_port, target, realm, scheme, network_isolation_key);
|
||||||
if (!entry)
|
if (!entry)
|
||||||
return false;
|
return false;
|
||||||
entry->UpdateStaleChallenge(auth_challenge);
|
entry->UpdateStaleChallenge(auth_challenge);
|
||||||
@@ -343,9 +348,9 @@ void HttpAuthCache::CopyProxyEntriesFrom(const HttpAuthCache& other) {
|
|||||||
|
|
||||||
// Add an Entry with one of the original entry's paths.
|
// Add an Entry with one of the original entry's paths.
|
||||||
DCHECK(e.paths_.size() > 0);
|
DCHECK(e.paths_.size() > 0);
|
||||||
Entry* entry = Add(e.origin(), it->first.target, e.realm(), e.scheme(),
|
Entry* entry = Add(e.scheme_host_port(), it->first.target, e.realm(),
|
||||||
it->first.network_isolation_key, e.auth_challenge(),
|
e.scheme(), it->first.network_isolation_key,
|
||||||
e.credentials(), e.paths_.back());
|
e.auth_challenge(), e.credentials(), e.paths_.back());
|
||||||
// Copy all other paths.
|
// Copy all other paths.
|
||||||
for (auto it2 = std::next(e.paths_.rbegin()); it2 != e.paths_.rend(); ++it2)
|
for (auto it2 = std::next(e.paths_.rbegin()); it2 != e.paths_.rend(); ++it2)
|
||||||
entry->AddPath(*it2);
|
entry->AddPath(*it2);
|
||||||
@@ -355,11 +360,11 @@ void HttpAuthCache::CopyProxyEntriesFrom(const HttpAuthCache& other) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
HttpAuthCache::EntryMapKey::EntryMapKey(
|
HttpAuthCache::EntryMapKey::EntryMapKey(
|
||||||
const GURL& url,
|
const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const NetworkIsolationKey& network_isolation_key,
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
bool key_server_entries_by_network_isolation_key)
|
bool key_server_entries_by_network_isolation_key)
|
||||||
: url(url),
|
: scheme_host_port(scheme_host_port),
|
||||||
target(target),
|
target(target),
|
||||||
network_isolation_key(target == HttpAuth::AUTH_SERVER &&
|
network_isolation_key(target == HttpAuth::AUTH_SERVER &&
|
||||||
key_server_entries_by_network_isolation_key
|
key_server_entries_by_network_isolation_key
|
||||||
@@ -369,8 +374,9 @@ HttpAuthCache::EntryMapKey::EntryMapKey(
|
|||||||
HttpAuthCache::EntryMapKey::~EntryMapKey() = default;
|
HttpAuthCache::EntryMapKey::~EntryMapKey() = default;
|
||||||
|
|
||||||
bool HttpAuthCache::EntryMapKey::operator<(const EntryMapKey& other) const {
|
bool HttpAuthCache::EntryMapKey::operator<(const EntryMapKey& other) const {
|
||||||
return std::tie(url, target, network_isolation_key) <
|
return std::tie(scheme_host_port, target, network_isolation_key) <
|
||||||
std::tie(other.url, other.target, other.network_isolation_key);
|
std::tie(other.scheme_host_port, other.target,
|
||||||
|
other.network_isolation_key);
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t HttpAuthCache::GetEntriesSizeForTesting() {
|
size_t HttpAuthCache::GetEntriesSizeForTesting() {
|
||||||
@@ -378,23 +384,23 @@ size_t HttpAuthCache::GetEntriesSizeForTesting() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
HttpAuthCache::EntryMap::iterator HttpAuthCache::LookupEntryIt(
|
HttpAuthCache::EntryMap::iterator HttpAuthCache::LookupEntryIt(
|
||||||
const GURL& origin,
|
const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
const NetworkIsolationKey& network_isolation_key) {
|
const NetworkIsolationKey& network_isolation_key) {
|
||||||
#if DCHECK_IS_ON()
|
#if DCHECK_IS_ON()
|
||||||
CheckOriginIsValid(origin);
|
CheckSchemeHostPortIsValid(scheme_host_port);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
// Linear scan through the <scheme, realm> entries for the given origin and
|
// Linear scan through the <scheme, realm> entries for the given
|
||||||
// NetworkIsolationKey.
|
// SchemeHostPort and NetworkIsolationKey.
|
||||||
auto entry_range = entries_.equal_range(
|
auto entry_range = entries_.equal_range(
|
||||||
EntryMapKey(origin, target, network_isolation_key,
|
EntryMapKey(scheme_host_port, target, network_isolation_key,
|
||||||
key_server_entries_by_network_isolation_key_));
|
key_server_entries_by_network_isolation_key_));
|
||||||
for (auto it = entry_range.first; it != entry_range.second; ++it) {
|
for (auto it = entry_range.first; it != entry_range.second; ++it) {
|
||||||
Entry& entry = it->second;
|
Entry& entry = it->second;
|
||||||
DCHECK(entry.origin() == origin);
|
DCHECK(entry.scheme_host_port() == scheme_host_port);
|
||||||
if (entry.scheme() == scheme && entry.realm() == realm) {
|
if (entry.scheme() == scheme && entry.realm() == realm) {
|
||||||
entry.last_use_time_ticks_ = tick_clock_->NowTicks();
|
entry.last_use_time_ticks_ = tick_clock_->NowTicks();
|
||||||
return it;
|
return it;
|
||||||
|
|||||||
@@ -19,12 +19,12 @@
|
|||||||
#include "net/base/net_export.h"
|
#include "net/base/net_export.h"
|
||||||
#include "net/base/network_isolation_key.h"
|
#include "net/base/network_isolation_key.h"
|
||||||
#include "net/http/http_auth.h"
|
#include "net/http/http_auth.h"
|
||||||
#include "url/gurl.h"
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
namespace net {
|
namespace net {
|
||||||
|
|
||||||
// HttpAuthCache stores HTTP authentication identities and challenge info.
|
// HttpAuthCache stores HTTP authentication identities and challenge info.
|
||||||
// For each (origin, realm, scheme) triple the cache stores a
|
// For each (scheme_host_port, realm, scheme) triple the cache stores a
|
||||||
// HttpAuthCache::Entry, which holds:
|
// HttpAuthCache::Entry, which holds:
|
||||||
// - the origin server {protocol scheme, host, port}
|
// - the origin server {protocol scheme, host, port}
|
||||||
// - the last identity used (username/password)
|
// - the last identity used (username/password)
|
||||||
@@ -38,8 +38,8 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
Entry(const Entry& other);
|
Entry(const Entry& other);
|
||||||
~Entry();
|
~Entry();
|
||||||
|
|
||||||
const GURL& origin() const {
|
const url::SchemeHostPort& scheme_host_port() const {
|
||||||
return origin_;
|
return scheme_host_port_;
|
||||||
}
|
}
|
||||||
|
|
||||||
// The case-sensitive realm string of the challenge.
|
// The case-sensitive realm string of the challenge.
|
||||||
@@ -94,8 +94,8 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
// true and set |*path_len| to 0.
|
// true and set |*path_len| to 0.
|
||||||
bool HasEnclosingPath(const std::string& dir, size_t* path_len);
|
bool HasEnclosingPath(const std::string& dir, size_t* path_len);
|
||||||
|
|
||||||
// |origin_| contains the {protocol, host, port} of the server.
|
// SchemeHostPort of the server.
|
||||||
GURL origin_;
|
url::SchemeHostPort scheme_host_port_;
|
||||||
std::string realm_;
|
std::string realm_;
|
||||||
HttpAuth::Scheme scheme_;
|
HttpAuth::Scheme scheme_;
|
||||||
|
|
||||||
@@ -142,12 +142,12 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
// scheme |scheme|. If a matching entry is found, move it up by one place
|
// scheme |scheme|. If a matching entry is found, move it up by one place
|
||||||
// in the entries list, so that more frequently used entries migrate to the
|
// in the entries list, so that more frequently used entries migrate to the
|
||||||
// front of the list.
|
// front of the list.
|
||||||
// |origin| - the {scheme, host, port} of the server.
|
// |scheme_host_port| - the {scheme, host, port} of the server.
|
||||||
// |target| - whether this is for server or proxy auth.
|
// |target| - whether this is for server or proxy auth.
|
||||||
// |realm| - case sensitive realm string.
|
// |realm| - case sensitive realm string.
|
||||||
// |scheme| - the authentication scheme (i.e. basic, negotiate).
|
// |scheme| - the authentication scheme (i.e. basic, negotiate).
|
||||||
// returns - the matched entry or nullptr.
|
// returns - the matched entry or nullptr.
|
||||||
Entry* Lookup(const GURL& origin,
|
Entry* Lookup(const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
@@ -158,27 +158,27 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
// paths lie in the same protection space. If a matching entry is found, move
|
// paths lie in the same protection space. If a matching entry is found, move
|
||||||
// it up by one place in the entries list, so that more frequently used
|
// it up by one place in the entries list, so that more frequently used
|
||||||
// entries migrate to the front of the list.
|
// entries migrate to the front of the list.
|
||||||
// |origin| - the {scheme, host, port} of the server.
|
// |scheme_host_port| - the {scheme, host, port} of the server.
|
||||||
// |path| - absolute path of the resource, or empty string in case of
|
// |path| - absolute path of the resource, or empty string in case of
|
||||||
// proxy auth (which does not use the concept of paths).
|
// proxy auth (which does not use the concept of paths).
|
||||||
// returns - the matched entry or nullptr.
|
// returns - the matched entry or nullptr.
|
||||||
Entry* LookupByPath(const GURL& origin,
|
Entry* LookupByPath(const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const NetworkIsolationKey& network_isolation_key,
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
const std::string& path);
|
const std::string& path);
|
||||||
|
|
||||||
// Add an entry on server |origin| for realm |handler->realm()| and
|
// Add an entry on server |scheme_host_port| for realm |handler->realm()| and
|
||||||
// scheme |handler->scheme()|. If an entry for this (realm,scheme)
|
// scheme |handler->scheme()|. If an entry for this (realm,scheme)
|
||||||
// already exists, update it rather than replace it -- this preserves the
|
// already exists, update it rather than replace it -- this preserves the
|
||||||
// paths list.
|
// paths list.
|
||||||
// |origin| - the {scheme, host, port} of the server.
|
// |scheme_host_port| - the {scheme, host, port} of the server.
|
||||||
// |realm| - the auth realm for the challenge.
|
// |realm| - the auth realm for the challenge.
|
||||||
// |scheme| - the authentication scheme (i.e. basic, negotiate).
|
// |scheme| - the authentication scheme (i.e. basic, negotiate).
|
||||||
// |credentials| - login information for the realm.
|
// |credentials| - login information for the realm.
|
||||||
// |path| - absolute path for a resource contained in the protection
|
// |path| - absolute path for a resource contained in the protection
|
||||||
// space; this will be added to the list of known paths.
|
// space; this will be added to the list of known paths.
|
||||||
// returns - the entry that was just added/updated.
|
// returns - the entry that was just added/updated.
|
||||||
Entry* Add(const GURL& origin,
|
Entry* Add(const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
@@ -189,12 +189,12 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
|
|
||||||
// Remove entry on server |origin| for realm |realm| and scheme |scheme|
|
// Remove entry on server |origin| for realm |realm| and scheme |scheme|
|
||||||
// if one exists AND if the cached credentials matches |credentials|.
|
// if one exists AND if the cached credentials matches |credentials|.
|
||||||
// |origin| - the {scheme, host, port} of the server.
|
// |scheme_host_port| - the {scheme, host, port} of the server.
|
||||||
// |realm| - case sensitive realm string.
|
// |realm| - case sensitive realm string.
|
||||||
// |scheme| - the authentication scheme (i.e. basic, negotiate).
|
// |scheme| - the authentication scheme (i.e. basic, negotiate).
|
||||||
// |credentials| - the credentials to match.
|
// |credentials| - the credentials to match.
|
||||||
// returns - true if an entry was removed.
|
// returns - true if an entry was removed.
|
||||||
bool Remove(const GURL& origin,
|
bool Remove(const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
@@ -209,12 +209,12 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
// Clears all added entries.
|
// Clears all added entries.
|
||||||
void ClearAllEntries();
|
void ClearAllEntries();
|
||||||
|
|
||||||
// Updates a stale digest entry on server |origin| for realm |realm| and
|
// Updates a stale digest entry on server |scheme_host_port| for realm |realm|
|
||||||
// scheme |scheme|. The cached auth challenge is replaced with
|
// and scheme |scheme|. The cached auth challenge is replaced with
|
||||||
// |auth_challenge| and the nonce count is reset.
|
// |auth_challenge| and the nonce count is reset.
|
||||||
// |UpdateStaleChallenge()| returns true if a matching entry exists in the
|
// |UpdateStaleChallenge()| returns true if a matching entry exists in the
|
||||||
// cache, false otherwise.
|
// cache, false otherwise.
|
||||||
bool UpdateStaleChallenge(const GURL& origin,
|
bool UpdateStaleChallenge(const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
@@ -239,7 +239,7 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
|
|
||||||
private:
|
private:
|
||||||
struct EntryMapKey {
|
struct EntryMapKey {
|
||||||
EntryMapKey(const GURL& url,
|
EntryMapKey(const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const NetworkIsolationKey& network_isolation_key,
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
bool key_server_entries_by_network_isolation_key);
|
bool key_server_entries_by_network_isolation_key);
|
||||||
@@ -247,7 +247,7 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
|
|
||||||
bool operator<(const EntryMapKey& other) const;
|
bool operator<(const EntryMapKey& other) const;
|
||||||
|
|
||||||
GURL url;
|
url::SchemeHostPort scheme_host_port;
|
||||||
HttpAuth::Target target;
|
HttpAuth::Target target;
|
||||||
// Empty if |key_server_entries_by_network_isolation_key| is false, |target|
|
// Empty if |key_server_entries_by_network_isolation_key| is false, |target|
|
||||||
// is HttpAuth::AUTH_PROXY, or an empty NetworkIsolationKey is passed in to
|
// is HttpAuth::AUTH_PROXY, or an empty NetworkIsolationKey is passed in to
|
||||||
@@ -261,7 +261,7 @@ class NET_EXPORT HttpAuthCache {
|
|||||||
const base::Clock* clock_ = base::DefaultClock::GetInstance();
|
const base::Clock* clock_ = base::DefaultClock::GetInstance();
|
||||||
|
|
||||||
EntryMap::iterator LookupEntryIt(
|
EntryMap::iterator LookupEntryIt(
|
||||||
const GURL& origin,
|
const url::SchemeHostPort& scheme_host_port,
|
||||||
HttpAuth::Target target,
|
HttpAuth::Target target,
|
||||||
const std::string& realm,
|
const std::string& realm,
|
||||||
HttpAuth::Scheme scheme,
|
HttpAuth::Scheme scheme,
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
@@ -26,6 +26,7 @@
|
|||||||
#include "net/log/net_log_source.h"
|
#include "net/log/net_log_source.h"
|
||||||
#include "net/log/net_log_source_type.h"
|
#include "net/log/net_log_source_type.h"
|
||||||
#include "net/log/net_log_with_source.h"
|
#include "net/log/net_log_with_source.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
namespace net {
|
namespace net {
|
||||||
|
|
||||||
@@ -145,7 +146,7 @@ HttpAuthController::HttpAuthController(
|
|||||||
HostResolver* host_resolver)
|
HostResolver* host_resolver)
|
||||||
: target_(target),
|
: target_(target),
|
||||||
auth_url_(auth_url),
|
auth_url_(auth_url),
|
||||||
auth_origin_(auth_url.DeprecatedGetOriginAsURL()),
|
auth_scheme_host_port_(auth_url),
|
||||||
auth_path_(auth_url.path()),
|
auth_path_(auth_url.path()),
|
||||||
network_isolation_key_(network_isolation_key),
|
network_isolation_key_(network_isolation_key),
|
||||||
embedded_identity_used_(false),
|
embedded_identity_used_(false),
|
||||||
@@ -154,6 +155,7 @@ HttpAuthController::HttpAuthController(
|
|||||||
http_auth_handler_factory_(http_auth_handler_factory),
|
http_auth_handler_factory_(http_auth_handler_factory),
|
||||||
host_resolver_(host_resolver) {
|
host_resolver_(host_resolver) {
|
||||||
DCHECK(target != HttpAuth::AUTH_PROXY || auth_path_ == "/");
|
DCHECK(target != HttpAuth::AUTH_PROXY || auth_path_ == "/");
|
||||||
|
DCHECK(auth_scheme_host_port_.IsValid());
|
||||||
}
|
}
|
||||||
|
|
||||||
HttpAuthController::~HttpAuthController() {
|
HttpAuthController::~HttpAuthController() {
|
||||||
@@ -221,7 +223,7 @@ bool HttpAuthController::SelectPreemptiveAuth(
|
|||||||
// the number of http auth cache entries is expected to be very small.
|
// the number of http auth cache entries is expected to be very small.
|
||||||
// (For most users in fact, it will be 0.)
|
// (For most users in fact, it will be 0.)
|
||||||
HttpAuthCache::Entry* entry = http_auth_cache_->LookupByPath(
|
HttpAuthCache::Entry* entry = http_auth_cache_->LookupByPath(
|
||||||
auth_origin_, target_, network_isolation_key_, auth_path_);
|
auth_scheme_host_port_, target_, network_isolation_key_, auth_path_);
|
||||||
if (!entry)
|
if (!entry)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
@@ -232,8 +234,8 @@ bool HttpAuthController::SelectPreemptiveAuth(
|
|||||||
int rv_create =
|
int rv_create =
|
||||||
http_auth_handler_factory_->CreatePreemptiveAuthHandlerFromString(
|
http_auth_handler_factory_->CreatePreemptiveAuthHandlerFromString(
|
||||||
entry->auth_challenge(), target_, network_isolation_key_,
|
entry->auth_challenge(), target_, network_isolation_key_,
|
||||||
auth_origin_, entry->IncrementNonceCount(), net_log_, host_resolver_,
|
auth_scheme_host_port_.GetURL(), entry->IncrementNonceCount(),
|
||||||
&handler_preemptive);
|
net_log_, host_resolver_, &handler_preemptive);
|
||||||
if (rv_create != OK)
|
if (rv_create != OK)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
@@ -266,7 +268,7 @@ int HttpAuthController::HandleAuthChallenge(
|
|||||||
const NetLogWithSource& caller_net_log) {
|
const NetLogWithSource& caller_net_log) {
|
||||||
DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
|
DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
|
||||||
DCHECK(headers.get());
|
DCHECK(headers.get());
|
||||||
DCHECK(auth_origin_.is_valid());
|
DCHECK(auth_scheme_host_port_.IsValid());
|
||||||
DCHECK(!auth_info_);
|
DCHECK(!auth_info_);
|
||||||
|
|
||||||
BindToCallingNetLog(caller_net_log);
|
BindToCallingNetLog(caller_net_log);
|
||||||
@@ -293,7 +295,7 @@ int HttpAuthController::HandleAuthChallenge(
|
|||||||
break;
|
break;
|
||||||
case HttpAuth::AUTHORIZATION_RESULT_STALE:
|
case HttpAuth::AUTHORIZATION_RESULT_STALE:
|
||||||
if (http_auth_cache_->UpdateStaleChallenge(
|
if (http_auth_cache_->UpdateStaleChallenge(
|
||||||
auth_origin_, target_, handler_->realm(),
|
auth_scheme_host_port_, target_, handler_->realm(),
|
||||||
handler_->auth_scheme(), network_isolation_key_,
|
handler_->auth_scheme(), network_isolation_key_,
|
||||||
challenge_used)) {
|
challenge_used)) {
|
||||||
InvalidateCurrentHandler(INVALIDATE_HANDLER);
|
InvalidateCurrentHandler(INVALIDATE_HANDLER);
|
||||||
@@ -328,10 +330,10 @@ int HttpAuthController::HandleAuthChallenge(
|
|||||||
do {
|
do {
|
||||||
if (!handler_.get() && can_send_auth) {
|
if (!handler_.get() && can_send_auth) {
|
||||||
// Find the best authentication challenge that we support.
|
// Find the best authentication challenge that we support.
|
||||||
HttpAuth::ChooseBestChallenge(http_auth_handler_factory_, *headers,
|
HttpAuth::ChooseBestChallenge(
|
||||||
ssl_info, network_isolation_key_, target_,
|
http_auth_handler_factory_, *headers, ssl_info,
|
||||||
auth_origin_, disabled_schemes_, net_log_,
|
network_isolation_key_, target_, auth_scheme_host_port_.GetURL(),
|
||||||
host_resolver_, &handler_);
|
disabled_schemes_, net_log_, host_resolver_, &handler_);
|
||||||
if (handler_.get())
|
if (handler_.get())
|
||||||
HistogramAuthEvent(handler_.get(), AUTH_EVENT_START);
|
HistogramAuthEvent(handler_.get(), AUTH_EVENT_START);
|
||||||
}
|
}
|
||||||
@@ -421,7 +423,7 @@ void HttpAuthController::ResetAuth(const AuthCredentials& credentials) {
|
|||||||
case HttpAuth::IDENT_SRC_DEFAULT_CREDENTIALS:
|
case HttpAuth::IDENT_SRC_DEFAULT_CREDENTIALS:
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
http_auth_cache_->Add(auth_origin_, target_, handler_->realm(),
|
http_auth_cache_->Add(auth_scheme_host_port_, target_, handler_->realm(),
|
||||||
handler_->auth_scheme(), network_isolation_key_,
|
handler_->auth_scheme(), network_isolation_key_,
|
||||||
handler_->challenge(), identity_.credentials,
|
handler_->challenge(), identity_.credentials,
|
||||||
auth_path_);
|
auth_path_);
|
||||||
@@ -471,7 +473,7 @@ void HttpAuthController::InvalidateRejectedAuthFromCache() {
|
|||||||
// Clear the cache entry for the identity we just failed on.
|
// Clear the cache entry for the identity we just failed on.
|
||||||
// Note: we require the credentials to match before invalidating
|
// Note: we require the credentials to match before invalidating
|
||||||
// since the entry in the cache may be newer than what we used last time.
|
// since the entry in the cache may be newer than what we used last time.
|
||||||
http_auth_cache_->Remove(auth_origin_, target_, handler_->realm(),
|
http_auth_cache_->Remove(auth_scheme_host_port_, target_, handler_->realm(),
|
||||||
handler_->auth_scheme(), network_isolation_key_,
|
handler_->auth_scheme(), network_isolation_key_,
|
||||||
identity_.credentials);
|
identity_.credentials);
|
||||||
}
|
}
|
||||||
@@ -522,9 +524,9 @@ bool HttpAuthController::SelectNextAuthIdentityToTry() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check the auth cache for a realm entry.
|
// Check the auth cache for a realm entry.
|
||||||
HttpAuthCache::Entry* entry =
|
HttpAuthCache::Entry* entry = http_auth_cache_->Lookup(
|
||||||
http_auth_cache_->Lookup(auth_origin_, target_, handler_->realm(),
|
auth_scheme_host_port_, target_, handler_->realm(),
|
||||||
handler_->auth_scheme(), network_isolation_key_);
|
handler_->auth_scheme(), network_isolation_key_);
|
||||||
|
|
||||||
if (entry) {
|
if (entry) {
|
||||||
identity_.source = HttpAuth::IDENT_SRC_REALM_LOOKUP;
|
identity_.source = HttpAuth::IDENT_SRC_REALM_LOOKUP;
|
||||||
@@ -556,7 +558,7 @@ void HttpAuthController::PopulateAuthChallenge() {
|
|||||||
|
|
||||||
auth_info_ = AuthChallengeInfo();
|
auth_info_ = AuthChallengeInfo();
|
||||||
auth_info_->is_proxy = (target_ == HttpAuth::AUTH_PROXY);
|
auth_info_->is_proxy = (target_ == HttpAuth::AUTH_PROXY);
|
||||||
auth_info_->challenger = url::Origin::Create(auth_origin_);
|
auth_info_->challenger = url::Origin::Create(auth_scheme_host_port_.GetURL());
|
||||||
auth_info_->scheme = HttpAuth::SchemeToString(handler_->auth_scheme());
|
auth_info_->scheme = HttpAuth::SchemeToString(handler_->auth_scheme());
|
||||||
auth_info_->realm = handler_->realm();
|
auth_info_->realm = handler_->realm();
|
||||||
auth_info_->path = auth_path_;
|
auth_info_->path = auth_path_;
|
||||||
|
|||||||
@@ -19,6 +19,7 @@
|
|||||||
#include "net/log/net_log_with_source.h"
|
#include "net/log/net_log_with_source.h"
|
||||||
#include "third_party/abseil-cpp/absl/types/optional.h"
|
#include "third_party/abseil-cpp/absl/types/optional.h"
|
||||||
#include "url/gurl.h"
|
#include "url/gurl.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
namespace net {
|
namespace net {
|
||||||
|
|
||||||
@@ -195,7 +196,7 @@ class NET_EXPORT_PRIVATE HttpAuthController
|
|||||||
const GURL auth_url_;
|
const GURL auth_url_;
|
||||||
|
|
||||||
// Holds the {scheme, host, port} for the authentication target.
|
// Holds the {scheme, host, port} for the authentication target.
|
||||||
const GURL auth_origin_;
|
const url::SchemeHostPort auth_scheme_host_port_;
|
||||||
|
|
||||||
// The absolute path of the resource needing authentication.
|
// The absolute path of the resource needing authentication.
|
||||||
// For proxy authentication, the path is empty.
|
// For proxy authentication, the path is empty.
|
||||||
|
|||||||
@@ -3675,8 +3675,9 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthProxyNoKeepAliveHttp10) {
|
|||||||
|
|
||||||
// Check that credentials were successfully cached, with the right target.
|
// Check that credentials were successfully cached, with the right target.
|
||||||
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(url::SchemeHostPort(GURL("http://myproxy:70"))),
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey());
|
HttpAuth::AUTH_PROXY, "MyRealm1", HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
|
NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo, entry->credentials().username());
|
ASSERT_EQ(kFoo, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar, entry->credentials().password());
|
ASSERT_EQ(kBar, entry->credentials().password());
|
||||||
@@ -4454,14 +4455,16 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthProxyMatchesServerAuthNoTunnel) {
|
|||||||
|
|
||||||
// Check that the credentials were cached correctly.
|
// Check that the credentials were cached correctly.
|
||||||
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(url::SchemeHostPort(GURL("http://myproxy:70"))),
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey());
|
HttpAuth::AUTH_PROXY, "MyRealm1", HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
|
NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo, entry->credentials().username());
|
ASSERT_EQ(kFoo, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar, entry->credentials().password());
|
ASSERT_EQ(kBar, entry->credentials().password());
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(url::SchemeHostPort(GURL("http://myproxy:70"))),
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey());
|
HttpAuth::AUTH_SERVER, "MyRealm1", HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
|
NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo2, entry->credentials().username());
|
ASSERT_EQ(kFoo2, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar2, entry->credentials().password());
|
ASSERT_EQ(kBar2, entry->credentials().password());
|
||||||
@@ -4651,28 +4654,29 @@ TEST_F(HttpNetworkTransactionTest,
|
|||||||
// Check that the proxy credentials were cached correctly. The should be
|
// Check that the proxy credentials were cached correctly. The should be
|
||||||
// accessible with any NetworkIsolationKey.
|
// accessible with any NetworkIsolationKey.
|
||||||
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(url::SchemeHostPort(GURL("http://myproxy:70"))),
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
HttpAuth::AUTH_PROXY, "MyRealm1", HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
|
kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo, entry->credentials().username());
|
ASSERT_EQ(kFoo, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar, entry->credentials().password());
|
ASSERT_EQ(kBar, entry->credentials().password());
|
||||||
EXPECT_EQ(entry,
|
EXPECT_EQ(entry, session->http_auth_cache()->Lookup(
|
||||||
session->http_auth_cache()->Lookup(
|
url::SchemeHostPort(GURL("http://myproxy:70")),
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
HttpAuth::AUTH_PROXY, "MyRealm1",
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
||||||
|
|
||||||
// Check that the server credentials were cached correctly. The should be
|
// Check that the server credentials were cached correctly. The should be
|
||||||
// accessible with only kNetworkIsolationKey1.
|
// accessible with only kNetworkIsolationKey1.
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("http://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo2, entry->credentials().username());
|
ASSERT_EQ(kFoo2, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar2, entry->credentials().password());
|
ASSERT_EQ(kBar2, entry->credentials().password());
|
||||||
// Looking up the server entry with another NetworkIsolationKey should fail.
|
// Looking up the server entry with another NetworkIsolationKey should fail.
|
||||||
EXPECT_FALSE(session->http_auth_cache()->Lookup(
|
EXPECT_FALSE(session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("http://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
||||||
|
|
||||||
// Make another request with a different NetworkIsolationKey. It should use
|
// Make another request with a different NetworkIsolationKey. It should use
|
||||||
// another socket, reuse the cached proxy credentials, but result in a server
|
// another socket, reuse the cached proxy credentials, but result in a server
|
||||||
@@ -4704,27 +4708,27 @@ TEST_F(HttpNetworkTransactionTest,
|
|||||||
|
|
||||||
// Check that the proxy credentials are still cached.
|
// Check that the proxy credentials are still cached.
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(GURL("http://myproxy:70")), HttpAuth::AUTH_PROXY,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo, entry->credentials().username());
|
ASSERT_EQ(kFoo, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar, entry->credentials().password());
|
ASSERT_EQ(kBar, entry->credentials().password());
|
||||||
EXPECT_EQ(entry,
|
EXPECT_EQ(entry, session->http_auth_cache()->Lookup(
|
||||||
session->http_auth_cache()->Lookup(
|
url::SchemeHostPort(GURL("http://myproxy:70")),
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
HttpAuth::AUTH_PROXY, "MyRealm1",
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
||||||
|
|
||||||
// Check that the correct server credentials are cached for each
|
// Check that the correct server credentials are cached for each
|
||||||
// NetworkIsolationKey.
|
// NetworkIsolationKey.
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("http://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo2, entry->credentials().username());
|
ASSERT_EQ(kFoo2, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar2, entry->credentials().password());
|
ASSERT_EQ(kBar2, entry->credentials().password());
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("http://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("http://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo3, entry->credentials().username());
|
ASSERT_EQ(kFoo3, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar3, entry->credentials().password());
|
ASSERT_EQ(kBar3, entry->credentials().password());
|
||||||
@@ -4923,28 +4927,29 @@ TEST_F(HttpNetworkTransactionTest,
|
|||||||
// Check that the proxy credentials were cached correctly. The should be
|
// Check that the proxy credentials were cached correctly. The should be
|
||||||
// accessible with any NetworkIsolationKey.
|
// accessible with any NetworkIsolationKey.
|
||||||
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
HttpAuthCache::Entry* entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(url::SchemeHostPort(GURL("https://myproxy:70"))),
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
HttpAuth::AUTH_PROXY, "MyRealm1", HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
|
kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo, entry->credentials().username());
|
ASSERT_EQ(kFoo, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar, entry->credentials().password());
|
ASSERT_EQ(kBar, entry->credentials().password());
|
||||||
EXPECT_EQ(entry,
|
EXPECT_EQ(entry, session->http_auth_cache()->Lookup(
|
||||||
session->http_auth_cache()->Lookup(
|
url::SchemeHostPort(GURL("https://myproxy:70")),
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
HttpAuth::AUTH_PROXY, "MyRealm1",
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
||||||
|
|
||||||
// Check that the server credentials were cached correctly. The should be
|
// Check that the server credentials were cached correctly. The should be
|
||||||
// accessible with only kNetworkIsolationKey1.
|
// accessible with only kNetworkIsolationKey1.
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("https://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo2, entry->credentials().username());
|
ASSERT_EQ(kFoo2, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar2, entry->credentials().password());
|
ASSERT_EQ(kBar2, entry->credentials().password());
|
||||||
// Looking up the server entry with another NetworkIsolationKey should fail.
|
// Looking up the server entry with another NetworkIsolationKey should fail.
|
||||||
EXPECT_FALSE(session->http_auth_cache()->Lookup(
|
EXPECT_FALSE(session->http_auth_cache()->Lookup(
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("https://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
||||||
|
|
||||||
// Make another request with a different NetworkIsolationKey. It should use
|
// Make another request with a different NetworkIsolationKey. It should use
|
||||||
// another socket, reuse the cached proxy credentials, but result in a server
|
// another socket, reuse the cached proxy credentials, but result in a server
|
||||||
@@ -4976,27 +4981,27 @@ TEST_F(HttpNetworkTransactionTest,
|
|||||||
|
|
||||||
// Check that the proxy credentials are still cached.
|
// Check that the proxy credentials are still cached.
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(GURL("https://myproxy:70")), HttpAuth::AUTH_PROXY,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo, entry->credentials().username());
|
ASSERT_EQ(kFoo, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar, entry->credentials().password());
|
ASSERT_EQ(kBar, entry->credentials().password());
|
||||||
EXPECT_EQ(entry,
|
EXPECT_EQ(entry, session->http_auth_cache()->Lookup(
|
||||||
session->http_auth_cache()->Lookup(
|
url::SchemeHostPort(GURL("https://myproxy:70")),
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
HttpAuth::AUTH_PROXY, "MyRealm1",
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2));
|
||||||
|
|
||||||
// Check that the correct server credentials are cached for each
|
// Check that the correct server credentials are cached for each
|
||||||
// NetworkIsolationKey.
|
// NetworkIsolationKey.
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("https://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey1);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo2, entry->credentials().username());
|
ASSERT_EQ(kFoo2, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar2, entry->credentials().password());
|
ASSERT_EQ(kBar2, entry->credentials().password());
|
||||||
entry = session->http_auth_cache()->Lookup(
|
entry = session->http_auth_cache()->Lookup(
|
||||||
GURL("https://myproxy:70"), HttpAuth::AUTH_SERVER, "MyRealm1",
|
url::SchemeHostPort(GURL("https://myproxy:70")), HttpAuth::AUTH_SERVER,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2);
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, kNetworkIsolationKey2);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
ASSERT_EQ(kFoo3, entry->credentials().username());
|
ASSERT_EQ(kFoo3, entry->credentials().username());
|
||||||
ASSERT_EQ(kBar3, entry->credentials().password());
|
ASSERT_EQ(kBar3, entry->credentials().password());
|
||||||
@@ -19555,8 +19560,8 @@ TEST_F(HttpNetworkTransactionTest, ProxyHeadersNotSentOverWsTunnel) {
|
|||||||
session_deps_.socket_factory->AddSocketDataProvider(&data);
|
session_deps_.socket_factory->AddSocketDataProvider(&data);
|
||||||
|
|
||||||
session->http_auth_cache()->Add(
|
session->http_auth_cache()->Add(
|
||||||
GURL("http://myproxy:70/"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(GURL("http://myproxy:70/")), HttpAuth::AUTH_PROXY,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
||||||
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
||||||
|
|
||||||
TestWebSocketHandshakeStreamCreateHelper websocket_stream_create_helper;
|
TestWebSocketHandshakeStreamCreateHelper websocket_stream_create_helper;
|
||||||
|
|||||||
@@ -40,6 +40,8 @@
|
|||||||
#include "net/test/test_with_task_environment.h"
|
#include "net/test/test_with_task_environment.h"
|
||||||
#include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
|
#include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
|
#include "url/gurl.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
namespace net {
|
namespace net {
|
||||||
|
|
||||||
@@ -770,13 +772,13 @@ TEST_P(HttpProxyConnectJobTest, HaveAuth) {
|
|||||||
// Prepopulate auth cache.
|
// Prepopulate auth cache.
|
||||||
const std::u16string kFoo(u"foo");
|
const std::u16string kFoo(u"foo");
|
||||||
const std::u16string kBar(u"bar");
|
const std::u16string kBar(u"bar");
|
||||||
GURL proxy_url(GetParam() == HTTP
|
url::SchemeHostPort proxy_scheme_host_port(
|
||||||
? (std::string("http://") + kHttpProxyHost)
|
GetParam() == HTTP ? GURL(std::string("http://") + kHttpProxyHost)
|
||||||
: (std::string("https://") + kHttpsProxyHost));
|
: GURL(std::string("https://") + kHttpsProxyHost));
|
||||||
session_->http_auth_cache()->Add(
|
session_->http_auth_cache()->Add(
|
||||||
proxy_url, HttpAuth::AUTH_PROXY, "MyRealm1", HttpAuth::AUTH_SCHEME_BASIC,
|
proxy_scheme_host_port, HttpAuth::AUTH_PROXY, "MyRealm1",
|
||||||
NetworkIsolationKey(), "Basic realm=MyRealm1",
|
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
||||||
AuthCredentials(kFoo, kBar), "/");
|
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
||||||
|
|
||||||
for (IoMode io_mode : {SYNCHRONOUS, ASYNC}) {
|
for (IoMode io_mode : {SYNCHRONOUS, ASYNC}) {
|
||||||
SCOPED_TRACE(io_mode);
|
SCOPED_TRACE(io_mode);
|
||||||
|
|||||||
@@ -59,6 +59,7 @@
|
|||||||
#include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
|
#include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
|
||||||
#include "testing/gmock/include/gmock/gmock.h"
|
#include "testing/gmock/include/gmock/gmock.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
|
#include "url/gurl.h"
|
||||||
#include "url/scheme_host_port.h"
|
#include "url/scheme_host_port.h"
|
||||||
#include "url/url_constants.h"
|
#include "url/url_constants.h"
|
||||||
|
|
||||||
@@ -765,10 +766,10 @@ TEST_P(QuicProxyClientSocketTest, ConnectWithAuthCredentials) {
|
|||||||
// Add auth to cache
|
// Add auth to cache
|
||||||
const std::u16string kFoo(u"foo");
|
const std::u16string kFoo(u"foo");
|
||||||
const std::u16string kBar(u"bar");
|
const std::u16string kBar(u"bar");
|
||||||
http_auth_cache_.Add(GURL(kProxyUrl), HttpAuth::AUTH_PROXY, "MyRealm1",
|
http_auth_cache_.Add(
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
url::SchemeHostPort(GURL(kProxyUrl)), HttpAuth::AUTH_PROXY, "MyRealm1",
|
||||||
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar),
|
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
||||||
"/");
|
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
||||||
|
|
||||||
AssertConnectSucceeds();
|
AssertConnectSucceeds();
|
||||||
|
|
||||||
|
|||||||
@@ -54,6 +54,7 @@
|
|||||||
#include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
|
#include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
#include "third_party/boringssl/src/include/openssl/ssl.h"
|
#include "third_party/boringssl/src/include/openssl/ssl.h"
|
||||||
|
#include "url/gurl.h"
|
||||||
#include "url/scheme_host_port.h"
|
#include "url/scheme_host_port.h"
|
||||||
#include "url/url_constants.h"
|
#include "url/url_constants.h"
|
||||||
|
|
||||||
@@ -144,8 +145,8 @@ class SSLConnectJobTest : public WithTaskEnvironment, public testing::Test {
|
|||||||
const std::u16string kFoo(u"foo");
|
const std::u16string kFoo(u"foo");
|
||||||
const std::u16string kBar(u"bar");
|
const std::u16string kBar(u"bar");
|
||||||
session_->http_auth_cache()->Add(
|
session_->http_auth_cache()->Add(
|
||||||
GURL("http://proxy:443/"), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort(GURL("http://proxy:443/")), HttpAuth::AUTH_PROXY,
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
"MyRealm1", HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
||||||
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -50,6 +50,7 @@
|
|||||||
#include "testing/gmock/include/gmock/gmock.h"
|
#include "testing/gmock/include/gmock/gmock.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
#include "testing/platform_test.h"
|
#include "testing/platform_test.h"
|
||||||
|
#include "url/gurl.h"
|
||||||
#include "url/scheme_host_port.h"
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
using net::test::IsError;
|
using net::test::IsError;
|
||||||
@@ -169,7 +170,7 @@ class SpdyProxyClientSocketTest : public PlatformTest,
|
|||||||
const std::u16string kFoo(u"foo");
|
const std::u16string kFoo(u"foo");
|
||||||
const std::u16string kBar(u"bar");
|
const std::u16string kBar(u"bar");
|
||||||
session_->http_auth_cache()->Add(
|
session_->http_auth_cache()->Add(
|
||||||
GURL(kProxyUrl), HttpAuth::AUTH_PROXY, "MyRealm1",
|
url::SchemeHostPort{GURL(kProxyUrl)}, HttpAuth::AUTH_PROXY, "MyRealm1",
|
||||||
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
HttpAuth::AUTH_SCHEME_BASIC, NetworkIsolationKey(),
|
||||||
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
"Basic realm=MyRealm1", AuthCredentials(kFoo, kBar), "/");
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1948,7 +1948,9 @@ void NetworkContext::AddAuthCacheEntry(
|
|||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache();
|
->http_auth_cache();
|
||||||
http_auth_cache->Add(
|
http_auth_cache->Add(
|
||||||
challenge.challenger.GetURL(),
|
// TODO(https://crbug.com/): Convert AuthCredentials::challenger field to
|
||||||
|
// a SchemeHostPort.
|
||||||
|
challenge.challenger.GetTupleOrPrecursorTupleIfOpaque(),
|
||||||
challenge.is_proxy ? net::HttpAuth::AUTH_PROXY
|
challenge.is_proxy ? net::HttpAuth::AUTH_PROXY
|
||||||
: net::HttpAuth::AUTH_SERVER,
|
: net::HttpAuth::AUTH_SERVER,
|
||||||
challenge.realm, net::HttpAuth::StringToScheme(challenge.scheme),
|
challenge.realm, net::HttpAuth::StringToScheme(challenge.scheme),
|
||||||
@@ -1974,7 +1976,7 @@ void NetworkContext::LookupServerBasicAuthCredentials(
|
|||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache();
|
->http_auth_cache();
|
||||||
net::HttpAuthCache::Entry* entry = http_auth_cache->LookupByPath(
|
net::HttpAuthCache::Entry* entry = http_auth_cache->LookupByPath(
|
||||||
url.DeprecatedGetOriginAsURL(), net::HttpAuth::AUTH_SERVER,
|
url::SchemeHostPort(url), net::HttpAuth::AUTH_SERVER,
|
||||||
network_isolation_key, url.path());
|
network_isolation_key, url.path());
|
||||||
if (entry && entry->scheme() == net::HttpAuth::AUTH_SCHEME_BASIC)
|
if (entry && entry->scheme() == net::HttpAuth::AUTH_SCHEME_BASIC)
|
||||||
std::move(callback).Run(entry->credentials());
|
std::move(callback).Run(entry->credentials());
|
||||||
@@ -2002,8 +2004,9 @@ void NetworkContext::LookupProxyAuthCredentials(
|
|||||||
// lossy conversion, shouldn't do this.
|
// lossy conversion, shouldn't do this.
|
||||||
const char* scheme =
|
const char* scheme =
|
||||||
proxy_server.is_secure_http_like() ? "https://" : "http://";
|
proxy_server.is_secure_http_like() ? "https://" : "http://";
|
||||||
GURL proxy_url(scheme + proxy_server.host_port_pair().ToString());
|
url::SchemeHostPort scheme_host_port(
|
||||||
if (!proxy_url.is_valid()) {
|
GURL(scheme + proxy_server.host_port_pair().ToString()));
|
||||||
|
if (!scheme_host_port.IsValid()) {
|
||||||
std::move(callback).Run(absl::nullopt);
|
std::move(callback).Run(absl::nullopt);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -2011,8 +2014,8 @@ void NetworkContext::LookupProxyAuthCredentials(
|
|||||||
// Unlike server credentials, proxy credentials are not keyed on
|
// Unlike server credentials, proxy credentials are not keyed on
|
||||||
// NetworkIsolationKey.
|
// NetworkIsolationKey.
|
||||||
net::HttpAuthCache::Entry* entry =
|
net::HttpAuthCache::Entry* entry =
|
||||||
http_auth_cache->Lookup(proxy_url, net::HttpAuth::AUTH_PROXY, realm,
|
http_auth_cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
net_scheme, net::NetworkIsolationKey());
|
realm, net_scheme, net::NetworkIsolationKey());
|
||||||
if (entry)
|
if (entry)
|
||||||
std::move(callback).Run(entry->credentials());
|
std::move(callback).Run(entry->credentials());
|
||||||
else
|
else
|
||||||
|
|||||||
@@ -1846,7 +1846,7 @@ TEST_F(NetworkContextTest, ClearHostCache) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
TEST_F(NetworkContextTest, ClearHttpAuthCache) {
|
TEST_F(NetworkContextTest, ClearHttpAuthCache) {
|
||||||
GURL origin("http://google.com");
|
url::SchemeHostPort scheme_host_port(GURL("http://google.com"));
|
||||||
std::unique_ptr<NetworkContext> network_context =
|
std::unique_ptr<NetworkContext> network_context =
|
||||||
CreateContextWithParams(CreateNetworkContextParamsForTesting());
|
CreateContextWithParams(CreateNetworkContextParamsForTesting());
|
||||||
net::HttpAuthCache* cache = network_context->url_request_context()
|
net::HttpAuthCache* cache = network_context->url_request_context()
|
||||||
@@ -1862,21 +1862,21 @@ TEST_F(NetworkContextTest, ClearHttpAuthCache) {
|
|||||||
|
|
||||||
std::u16string user = u"user";
|
std::u16string user = u"user";
|
||||||
std::u16string password = u"pass";
|
std::u16string password = u"pass";
|
||||||
cache->Add(origin, net::HttpAuth::AUTH_SERVER, "Realm1",
|
cache->Add(scheme_host_port, net::HttpAuth::AUTH_SERVER, "Realm1",
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
"basic realm=Realm1", net::AuthCredentials(user, password), "/");
|
"basic realm=Realm1", net::AuthCredentials(user, password), "/");
|
||||||
|
|
||||||
test_clock.Advance(base::Hours(1)); // Time now 13:00
|
test_clock.Advance(base::Hours(1)); // Time now 13:00
|
||||||
cache->Add(origin, net::HttpAuth::AUTH_PROXY, "Realm2",
|
cache->Add(scheme_host_port, net::HttpAuth::AUTH_PROXY, "Realm2",
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
"basic realm=Realm2", net::AuthCredentials(user, password), "/");
|
"basic realm=Realm2", net::AuthCredentials(user, password), "/");
|
||||||
|
|
||||||
ASSERT_EQ(2u, cache->GetEntriesSizeForTesting());
|
ASSERT_EQ(2u, cache->GetEntriesSizeForTesting());
|
||||||
ASSERT_NE(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_SERVER, "Realm1",
|
ASSERT_NE(nullptr, cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
"Realm1", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
ASSERT_NE(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_PROXY, "Realm2",
|
ASSERT_NE(nullptr, cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
"Realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
{
|
{
|
||||||
base::RunLoop run_loop;
|
base::RunLoop run_loop;
|
||||||
@@ -1887,12 +1887,14 @@ TEST_F(NetworkContextTest, ClearHttpAuthCache) {
|
|||||||
run_loop.Run();
|
run_loop.Run();
|
||||||
|
|
||||||
EXPECT_EQ(1u, cache->GetEntriesSizeForTesting());
|
EXPECT_EQ(1u, cache->GetEntriesSizeForTesting());
|
||||||
EXPECT_EQ(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_SERVER,
|
EXPECT_EQ(nullptr,
|
||||||
"Realm1", net::HttpAuth::AUTH_SCHEME_BASIC,
|
cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::NetworkIsolationKey()));
|
"Realm1", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
EXPECT_NE(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_PROXY,
|
net::NetworkIsolationKey()));
|
||||||
"Realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
EXPECT_NE(nullptr,
|
||||||
net::NetworkIsolationKey()));
|
cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
|
"Realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
|
net::NetworkIsolationKey()));
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
base::RunLoop run_loop;
|
base::RunLoop run_loop;
|
||||||
@@ -1903,17 +1905,19 @@ TEST_F(NetworkContextTest, ClearHttpAuthCache) {
|
|||||||
run_loop.Run();
|
run_loop.Run();
|
||||||
|
|
||||||
EXPECT_EQ(0u, cache->GetEntriesSizeForTesting());
|
EXPECT_EQ(0u, cache->GetEntriesSizeForTesting());
|
||||||
EXPECT_EQ(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_SERVER,
|
EXPECT_EQ(nullptr,
|
||||||
"Realm1", net::HttpAuth::AUTH_SCHEME_BASIC,
|
cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::NetworkIsolationKey()));
|
"Realm1", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
EXPECT_EQ(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_PROXY,
|
net::NetworkIsolationKey()));
|
||||||
"Realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
EXPECT_EQ(nullptr,
|
||||||
net::NetworkIsolationKey()));
|
cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
|
"Realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
|
net::NetworkIsolationKey()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_F(NetworkContextTest, ClearAllHttpAuthCache) {
|
TEST_F(NetworkContextTest, ClearAllHttpAuthCache) {
|
||||||
GURL origin("http://google.com");
|
url::SchemeHostPort scheme_host_port(GURL("http://google.com"));
|
||||||
std::unique_ptr<NetworkContext> network_context =
|
std::unique_ptr<NetworkContext> network_context =
|
||||||
CreateContextWithParams(CreateNetworkContextParamsForTesting());
|
CreateContextWithParams(CreateNetworkContextParamsForTesting());
|
||||||
net::HttpAuthCache* cache = network_context->url_request_context()
|
net::HttpAuthCache* cache = network_context->url_request_context()
|
||||||
@@ -1929,21 +1933,21 @@ TEST_F(NetworkContextTest, ClearAllHttpAuthCache) {
|
|||||||
|
|
||||||
std::u16string user = u"user";
|
std::u16string user = u"user";
|
||||||
std::u16string password = u"pass";
|
std::u16string password = u"pass";
|
||||||
cache->Add(origin, net::HttpAuth::AUTH_SERVER, "Realm1",
|
cache->Add(scheme_host_port, net::HttpAuth::AUTH_SERVER, "Realm1",
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
"basic realm=Realm1", net::AuthCredentials(user, password), "/");
|
"basic realm=Realm1", net::AuthCredentials(user, password), "/");
|
||||||
|
|
||||||
test_clock.Advance(base::Hours(1)); // Time now 13:00
|
test_clock.Advance(base::Hours(1)); // Time now 13:00
|
||||||
cache->Add(origin, net::HttpAuth::AUTH_PROXY, "Realm2",
|
cache->Add(scheme_host_port, net::HttpAuth::AUTH_PROXY, "Realm2",
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
"basic realm=Realm2", net::AuthCredentials(user, password), "/");
|
"basic realm=Realm2", net::AuthCredentials(user, password), "/");
|
||||||
|
|
||||||
ASSERT_EQ(2u, cache->GetEntriesSizeForTesting());
|
ASSERT_EQ(2u, cache->GetEntriesSizeForTesting());
|
||||||
ASSERT_NE(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_SERVER, "Realm1",
|
ASSERT_NE(nullptr, cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
"Realm1", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
ASSERT_NE(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_PROXY, "Realm2",
|
ASSERT_NE(nullptr, cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
"Realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
|
|
||||||
base::RunLoop run_loop;
|
base::RunLoop run_loop;
|
||||||
@@ -1952,11 +1956,11 @@ TEST_F(NetworkContextTest, ClearAllHttpAuthCache) {
|
|||||||
run_loop.Run();
|
run_loop.Run();
|
||||||
|
|
||||||
EXPECT_EQ(0u, cache->GetEntriesSizeForTesting());
|
EXPECT_EQ(0u, cache->GetEntriesSizeForTesting());
|
||||||
EXPECT_EQ(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_SERVER, "Realm1",
|
EXPECT_EQ(nullptr, cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
"Realm1", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
EXPECT_EQ(nullptr, cache->Lookup(origin, net::HttpAuth::AUTH_PROXY, "Realm2",
|
EXPECT_EQ(nullptr, cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
"Realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2014,10 +2018,10 @@ TEST_F(NetworkContextTest, LookupServerBasicAuthCredentials) {
|
|||||||
|
|
||||||
std::u16string user = u"user";
|
std::u16string user = u"user";
|
||||||
std::u16string password = u"pass";
|
std::u16string password = u"pass";
|
||||||
cache->Add(origin, net::HttpAuth::AUTH_SERVER, "Realm",
|
cache->Add(url::SchemeHostPort(origin), net::HttpAuth::AUTH_SERVER, "Realm",
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, network_isolation_key1,
|
net::HttpAuth::AUTH_SCHEME_BASIC, network_isolation_key1,
|
||||||
"basic realm=Realm", net::AuthCredentials(user, password), "/");
|
"basic realm=Realm", net::AuthCredentials(user, password), "/");
|
||||||
cache->Add(origin2, net::HttpAuth::AUTH_PROXY, "Realm",
|
cache->Add(url::SchemeHostPort(origin2), net::HttpAuth::AUTH_PROXY, "Realm",
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, network_isolation_key1,
|
net::HttpAuth::AUTH_SCHEME_BASIC, network_isolation_key1,
|
||||||
"basic realm=Realm", net::AuthCredentials(user, password), "/");
|
"basic realm=Realm", net::AuthCredentials(user, password), "/");
|
||||||
|
|
||||||
@@ -2074,17 +2078,20 @@ TEST_F(NetworkContextTest, LookupProxyAuthCredentials) {
|
|||||||
|
|
||||||
std::u16string user = u"user";
|
std::u16string user = u"user";
|
||||||
std::u16string password = u"pass";
|
std::u16string password = u"pass";
|
||||||
cache->Add(http_proxy, net::HttpAuth::AUTH_PROXY, "Realm",
|
cache->Add(url::SchemeHostPort(http_proxy), net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
"Realm", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
"basic realm=Realm", net::AuthCredentials(user, password),
|
net::NetworkIsolationKey(), "basic realm=Realm",
|
||||||
|
net::AuthCredentials(user, password),
|
||||||
/* path = */ "");
|
/* path = */ "");
|
||||||
cache->Add(https_proxy, net::HttpAuth::AUTH_PROXY, "Realm",
|
cache->Add(url::SchemeHostPort(https_proxy), net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
"Realm", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
"basic realm=Realm", net::AuthCredentials(user, password),
|
net::NetworkIsolationKey(), "basic realm=Realm",
|
||||||
|
net::AuthCredentials(user, password),
|
||||||
/* path = */ "");
|
/* path = */ "");
|
||||||
cache->Add(server_origin, net::HttpAuth::AUTH_SERVER, "Realm",
|
cache->Add(url::SchemeHostPort(server_origin), net::HttpAuth::AUTH_SERVER,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
"Realm", net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
"basic realm=Realm", net::AuthCredentials(user, password),
|
net::NetworkIsolationKey(), "basic realm=Realm",
|
||||||
|
net::AuthCredentials(user, password),
|
||||||
/* path = */ "/");
|
/* path = */ "/");
|
||||||
absl::optional<net::AuthCredentials> result = GetProxyAuthCredentials(
|
absl::optional<net::AuthCredentials> result = GetProxyAuthCredentials(
|
||||||
network_context.get(),
|
network_context.get(),
|
||||||
@@ -6205,16 +6212,16 @@ TEST_F(NetworkContextTest, AddHttpAuthCacheEntry) {
|
|||||||
EXPECT_FALSE(cache->key_server_entries_by_network_isolation_key());
|
EXPECT_FALSE(cache->key_server_entries_by_network_isolation_key());
|
||||||
|
|
||||||
// Add an AUTH_SERVER cache entry.
|
// Add an AUTH_SERVER cache entry.
|
||||||
GURL url("http://example.test/");
|
url::SchemeHostPort scheme_host_port(GURL("http://example.test/"));
|
||||||
net::AuthChallengeInfo challenge;
|
net::AuthChallengeInfo challenge;
|
||||||
challenge.is_proxy = false;
|
challenge.is_proxy = false;
|
||||||
challenge.challenger = url::Origin::Create(url);
|
challenge.challenger = url::Origin::Create(scheme_host_port.GetURL());
|
||||||
challenge.scheme = "basic";
|
challenge.scheme = "basic";
|
||||||
challenge.realm = "testrealm";
|
challenge.realm = "testrealm";
|
||||||
const char16_t kUsername[] = u"test_user";
|
const char16_t kUsername[] = u"test_user";
|
||||||
const char16_t kPassword[] = u"test_pass";
|
const char16_t kPassword[] = u"test_pass";
|
||||||
ASSERT_FALSE(cache->Lookup(url, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
ASSERT_FALSE(cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
base::RunLoop run_loop;
|
base::RunLoop run_loop;
|
||||||
network_context->AddAuthCacheEntry(challenge, net::NetworkIsolationKey(),
|
network_context->AddAuthCacheEntry(challenge, net::NetworkIsolationKey(),
|
||||||
@@ -6222,26 +6229,26 @@ TEST_F(NetworkContextTest, AddHttpAuthCacheEntry) {
|
|||||||
run_loop.QuitClosure());
|
run_loop.QuitClosure());
|
||||||
run_loop.Run();
|
run_loop.Run();
|
||||||
net::HttpAuthCache::Entry* entry = cache->Lookup(
|
net::HttpAuthCache::Entry* entry = cache->Lookup(
|
||||||
url, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
scheme_host_port, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey());
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
EXPECT_EQ(url, entry->origin());
|
EXPECT_EQ(scheme_host_port, entry->scheme_host_port());
|
||||||
EXPECT_EQ(challenge.realm, entry->realm());
|
EXPECT_EQ(challenge.realm, entry->realm());
|
||||||
EXPECT_EQ(net::HttpAuth::StringToScheme(challenge.scheme), entry->scheme());
|
EXPECT_EQ(net::HttpAuth::StringToScheme(challenge.scheme), entry->scheme());
|
||||||
EXPECT_EQ(kUsername, entry->credentials().username());
|
EXPECT_EQ(kUsername, entry->credentials().username());
|
||||||
EXPECT_EQ(kPassword, entry->credentials().password());
|
EXPECT_EQ(kPassword, entry->credentials().password());
|
||||||
// Entry should only have been added for server auth.
|
// Entry should only have been added for server auth.
|
||||||
EXPECT_FALSE(cache->Lookup(url, net::HttpAuth::AUTH_PROXY, challenge.realm,
|
EXPECT_FALSE(cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
|
|
||||||
// Add an AUTH_PROXY cache entry.
|
// Add an AUTH_PROXY cache entry.
|
||||||
GURL proxy_url("http://proxy.test/");
|
url::SchemeHostPort proxy_scheme_host_port(GURL("http://proxy.test/"));
|
||||||
challenge.is_proxy = true;
|
challenge.is_proxy = true;
|
||||||
challenge.challenger = url::Origin::Create(proxy_url);
|
challenge.challenger = url::Origin::Create(proxy_scheme_host_port.GetURL());
|
||||||
const char16_t kProxyUsername[] = u"test_proxy_user";
|
const char16_t kProxyUsername[] = u"test_proxy_user";
|
||||||
const char16_t kProxyPassword[] = u"test_proxy_pass";
|
const char16_t kProxyPassword[] = u"test_proxy_pass";
|
||||||
ASSERT_FALSE(cache->Lookup(proxy_url, net::HttpAuth::AUTH_PROXY,
|
ASSERT_FALSE(cache->Lookup(proxy_scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
base::RunLoop run_loop2;
|
base::RunLoop run_loop2;
|
||||||
@@ -6250,17 +6257,17 @@ TEST_F(NetworkContextTest, AddHttpAuthCacheEntry) {
|
|||||||
net::AuthCredentials(kProxyUsername, kProxyPassword),
|
net::AuthCredentials(kProxyUsername, kProxyPassword),
|
||||||
run_loop2.QuitClosure());
|
run_loop2.QuitClosure());
|
||||||
run_loop2.Run();
|
run_loop2.Run();
|
||||||
entry = cache->Lookup(proxy_url, net::HttpAuth::AUTH_PROXY, challenge.realm,
|
entry = cache->Lookup(proxy_scheme_host_port, net::HttpAuth::AUTH_PROXY,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey());
|
net::NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
EXPECT_EQ(proxy_url, entry->origin());
|
EXPECT_EQ(proxy_scheme_host_port, entry->scheme_host_port());
|
||||||
EXPECT_EQ(challenge.realm, entry->realm());
|
EXPECT_EQ(challenge.realm, entry->realm());
|
||||||
EXPECT_EQ(net::HttpAuth::StringToScheme(challenge.scheme), entry->scheme());
|
EXPECT_EQ(net::HttpAuth::StringToScheme(challenge.scheme), entry->scheme());
|
||||||
EXPECT_EQ(kProxyUsername, entry->credentials().username());
|
EXPECT_EQ(kProxyUsername, entry->credentials().username());
|
||||||
EXPECT_EQ(kProxyPassword, entry->credentials().password());
|
EXPECT_EQ(kProxyPassword, entry->credentials().password());
|
||||||
// Entry should only have been added for proxy auth.
|
// Entry should only have been added for proxy auth.
|
||||||
EXPECT_FALSE(cache->Lookup(proxy_url, net::HttpAuth::AUTH_SERVER,
|
EXPECT_FALSE(cache->Lookup(proxy_scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
}
|
}
|
||||||
@@ -6281,34 +6288,36 @@ TEST_F(NetworkContextTest, AddHttpAuthCacheEntryWithNetworkIsolationKey) {
|
|||||||
// Add an AUTH_SERVER cache entry.
|
// Add an AUTH_SERVER cache entry.
|
||||||
GURL url("http://example.test/");
|
GURL url("http://example.test/");
|
||||||
url::Origin origin = url::Origin::Create(url);
|
url::Origin origin = url::Origin::Create(url);
|
||||||
|
url::SchemeHostPort scheme_host_port =
|
||||||
|
origin.GetTupleOrPrecursorTupleIfOpaque();
|
||||||
net::NetworkIsolationKey network_isolation_key(origin, origin);
|
net::NetworkIsolationKey network_isolation_key(origin, origin);
|
||||||
net::AuthChallengeInfo challenge;
|
net::AuthChallengeInfo challenge;
|
||||||
challenge.is_proxy = false;
|
challenge.is_proxy = false;
|
||||||
challenge.challenger = origin;
|
challenge.challenger = url::Origin::Create(scheme_host_port.GetURL());
|
||||||
challenge.scheme = "basic";
|
challenge.scheme = "basic";
|
||||||
challenge.realm = "testrealm";
|
challenge.realm = "testrealm";
|
||||||
const char16_t kUsername[] = u"test_user";
|
const char16_t kUsername[] = u"test_user";
|
||||||
const char16_t kPassword[] = u"test_pass";
|
const char16_t kPassword[] = u"test_pass";
|
||||||
ASSERT_FALSE(cache->Lookup(url, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
ASSERT_FALSE(cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
network_isolation_key));
|
network_isolation_key));
|
||||||
base::RunLoop run_loop;
|
base::RunLoop run_loop;
|
||||||
network_context->AddAuthCacheEntry(challenge, network_isolation_key,
|
network_context->AddAuthCacheEntry(challenge, network_isolation_key,
|
||||||
net::AuthCredentials(kUsername, kPassword),
|
net::AuthCredentials(kUsername, kPassword),
|
||||||
run_loop.QuitClosure());
|
run_loop.QuitClosure());
|
||||||
run_loop.Run();
|
run_loop.Run();
|
||||||
net::HttpAuthCache::Entry* entry =
|
net::HttpAuthCache::Entry* entry = cache->Lookup(
|
||||||
cache->Lookup(url, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
scheme_host_port, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, network_isolation_key);
|
net::HttpAuth::AUTH_SCHEME_BASIC, network_isolation_key);
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
EXPECT_EQ(url, entry->origin());
|
EXPECT_EQ(scheme_host_port, entry->scheme_host_port());
|
||||||
EXPECT_EQ(challenge.realm, entry->realm());
|
EXPECT_EQ(challenge.realm, entry->realm());
|
||||||
EXPECT_EQ(net::HttpAuth::StringToScheme(challenge.scheme), entry->scheme());
|
EXPECT_EQ(net::HttpAuth::StringToScheme(challenge.scheme), entry->scheme());
|
||||||
EXPECT_EQ(kUsername, entry->credentials().username());
|
EXPECT_EQ(kUsername, entry->credentials().username());
|
||||||
EXPECT_EQ(kPassword, entry->credentials().password());
|
EXPECT_EQ(kPassword, entry->credentials().password());
|
||||||
// Entry should only be accessibly when using the correct NetworkIsolationKey.
|
// Entry should only be accessibly when using the correct NetworkIsolationKey.
|
||||||
EXPECT_FALSE(cache->Lookup(url, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
EXPECT_FALSE(cache->Lookup(scheme_host_port, net::HttpAuth::AUTH_SERVER,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.realm, net::HttpAuth::AUTH_SCHEME_BASIC,
|
||||||
net::NetworkIsolationKey()));
|
net::NetworkIsolationKey()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -6372,11 +6381,13 @@ TEST_F(NetworkContextTest, CopyHttpAuthCacheProxyEntries) {
|
|||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache();
|
->http_auth_cache();
|
||||||
// The server credentials should not have been copied.
|
// The server credentials should not have been copied.
|
||||||
EXPECT_FALSE(cache->Lookup(kURL, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
EXPECT_FALSE(cache->Lookup(
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC,
|
challenge.challenger.GetTupleOrPrecursorTupleIfOpaque(),
|
||||||
net::NetworkIsolationKey()));
|
net::HttpAuth::AUTH_SERVER, challenge.realm,
|
||||||
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey()));
|
||||||
net::HttpAuthCache::Entry* entry = cache->Lookup(
|
net::HttpAuthCache::Entry* entry = cache->Lookup(
|
||||||
kURL, net::HttpAuth::AUTH_PROXY, challenge.realm,
|
challenge.challenger.GetTupleOrPrecursorTupleIfOpaque(),
|
||||||
|
net::HttpAuth::AUTH_PROXY, challenge.realm,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey());
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
EXPECT_EQ(kProxyUsername, entry->credentials().username());
|
EXPECT_EQ(kProxyUsername, entry->credentials().username());
|
||||||
@@ -6437,12 +6448,14 @@ TEST_F(NetworkContextTest, SplitAuthCacheByNetworkIsolationKey) {
|
|||||||
|
|
||||||
// The server credentials should have been deleted.
|
// The server credentials should have been deleted.
|
||||||
EXPECT_FALSE(cache->Lookup(
|
EXPECT_FALSE(cache->Lookup(
|
||||||
kURL, net::HttpAuth::AUTH_SERVER, challenge.realm,
|
challenge.challenger.GetTupleOrPrecursorTupleIfOpaque(),
|
||||||
|
net::HttpAuth::AUTH_SERVER, challenge.realm,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey()));
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey()));
|
||||||
|
|
||||||
// The proxy credentials should still be in the cache.
|
// The proxy credentials should still be in the cache.
|
||||||
net::HttpAuthCache::Entry* entry = cache->Lookup(
|
net::HttpAuthCache::Entry* entry = cache->Lookup(
|
||||||
kURL, net::HttpAuth::AUTH_PROXY, challenge.realm,
|
challenge.challenger.GetTupleOrPrecursorTupleIfOpaque(),
|
||||||
|
net::HttpAuth::AUTH_PROXY, challenge.realm,
|
||||||
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey());
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey());
|
||||||
ASSERT_TRUE(entry);
|
ASSERT_TRUE(entry);
|
||||||
EXPECT_EQ(kProxyUsername, entry->credentials().username());
|
EXPECT_EQ(kProxyUsername, entry->credentials().username());
|
||||||
|
|||||||
@@ -33,6 +33,8 @@
|
|||||||
#include "net/url_request/url_request_test_util.h"
|
#include "net/url_request/url_request_test_util.h"
|
||||||
#include "services/network/proxy_resolving_client_socket_factory.h"
|
#include "services/network/proxy_resolving_client_socket_factory.h"
|
||||||
#include "testing/gtest/include/gtest/gtest.h"
|
#include "testing/gtest/include/gtest/gtest.h"
|
||||||
|
#include "url/gurl.h"
|
||||||
|
#include "url/scheme_host_port.h"
|
||||||
|
|
||||||
namespace network {
|
namespace network {
|
||||||
|
|
||||||
@@ -666,14 +668,16 @@ TEST_P(ProxyResolvingClientSocketTest, MultiroundAuth) {
|
|||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache();
|
->http_auth_cache();
|
||||||
|
|
||||||
auth_cache->Add(GURL("http://bad:99"), net::HttpAuth::AUTH_PROXY,
|
auth_cache->Add(url::SchemeHostPort(GURL("http://bad:99")),
|
||||||
"test_realm", net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_PROXY, "test_realm",
|
||||||
net::NetworkIsolationKey(), "Basic realm=\"test_realm\"",
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
|
"Basic realm=\"test_realm\"",
|
||||||
net::AuthCredentials(u"user", u"password"), std::string());
|
net::AuthCredentials(u"user", u"password"), std::string());
|
||||||
|
|
||||||
auth_cache->Add(GURL("http://bad:99"), net::HttpAuth::AUTH_PROXY,
|
auth_cache->Add(url::SchemeHostPort(GURL("http://bad:99")),
|
||||||
"test_realm2", net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_PROXY, "test_realm2",
|
||||||
net::NetworkIsolationKey(), "Basic realm=\"test_realm2\"",
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
|
"Basic realm=\"test_realm2\"",
|
||||||
net::AuthCredentials(u"user2", u"password2"), std::string());
|
net::AuthCredentials(u"user2", u"password2"), std::string());
|
||||||
|
|
||||||
ProxyResolvingClientSocketFactory proxy_resolving_socket_factory(
|
ProxyResolvingClientSocketFactory proxy_resolving_socket_factory(
|
||||||
@@ -727,9 +731,10 @@ TEST_P(ProxyResolvingClientSocketTest, ReusesHTTPAuthCache_Lookup) {
|
|||||||
// We are adding these credentials at an empty path so that it won't be picked
|
// We are adding these credentials at an empty path so that it won't be picked
|
||||||
// up by the preemptive authentication step and will only be picked up via
|
// up by the preemptive authentication step and will only be picked up via
|
||||||
// origin + realm + scheme lookup.
|
// origin + realm + scheme lookup.
|
||||||
auth_cache->Add(GURL("http://bad:99"), net::HttpAuth::AUTH_PROXY,
|
auth_cache->Add(url::SchemeHostPort(GURL("http://bad:99")),
|
||||||
"test_realm", net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_PROXY, "test_realm",
|
||||||
net::NetworkIsolationKey(), "Basic realm=\"test_realm\"",
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
|
"Basic realm=\"test_realm\"",
|
||||||
net::AuthCredentials(u"user", u"password"), std::string());
|
net::AuthCredentials(u"user", u"password"), std::string());
|
||||||
|
|
||||||
ProxyResolvingClientSocketFactory proxy_resolving_socket_factory(
|
ProxyResolvingClientSocketFactory proxy_resolving_socket_factory(
|
||||||
@@ -760,9 +765,10 @@ TEST_P(ProxyResolvingClientSocketTest, FactoryUsesLatestHTTPAuthCache) {
|
|||||||
// We are adding these credentials at an empty path so that it won't be picked
|
// We are adding these credentials at an empty path so that it won't be picked
|
||||||
// up by the preemptive authentication step and will only be picked up via
|
// up by the preemptive authentication step and will only be picked up via
|
||||||
// origin + realm + scheme lookup.
|
// origin + realm + scheme lookup.
|
||||||
auth_cache->Add(GURL("http://bad:99"), net::HttpAuth::AUTH_PROXY,
|
auth_cache->Add(url::SchemeHostPort(GURL("http://bad:99")),
|
||||||
"test_realm", net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_PROXY, "test_realm",
|
||||||
net::NetworkIsolationKey(), "Basic realm=\"test_realm\"",
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
|
"Basic realm=\"test_realm\"",
|
||||||
net::AuthCredentials(u"user", u"password"), std::string());
|
net::AuthCredentials(u"user", u"password"), std::string());
|
||||||
|
|
||||||
const GURL kDestination("https://example.com:443");
|
const GURL kDestination("https://example.com:443");
|
||||||
@@ -823,9 +829,10 @@ TEST_P(ProxyResolvingClientSocketTest, ReusesHTTPAuthCache_Preemptive) {
|
|||||||
->GetSession()
|
->GetSession()
|
||||||
->http_auth_cache();
|
->http_auth_cache();
|
||||||
|
|
||||||
auth_cache->Add(GURL("http://bad:99"), net::HttpAuth::AUTH_PROXY,
|
auth_cache->Add(url::SchemeHostPort(GURL("http://bad:99")),
|
||||||
"test_realm", net::HttpAuth::AUTH_SCHEME_BASIC,
|
net::HttpAuth::AUTH_PROXY, "test_realm",
|
||||||
net::NetworkIsolationKey(), "Basic realm=\"test_realm\"",
|
net::HttpAuth::AUTH_SCHEME_BASIC, net::NetworkIsolationKey(),
|
||||||
|
"Basic realm=\"test_realm\"",
|
||||||
net::AuthCredentials(u"user", u"password"), "/");
|
net::AuthCredentials(u"user", u"password"), "/");
|
||||||
|
|
||||||
ProxyResolvingClientSocketFactory proxy_resolving_socket_factory(
|
ProxyResolvingClientSocketFactory proxy_resolving_socket_factory(
|
||||||
|
|||||||
Reference in New Issue
Block a user