mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 472529, websockets (netwerk patch), r=smaug+biesi 

--HG--
rename : netwerk/protocol/http/nsHttpChannel.cpp => netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
rename : netwerk/protocol/http/nsHttpChannel.h => netwerk/protocol/http/nsHttpChannelAuthProvider.h
extra : rebase_source : 4f75d33eb4fc7cdaa1f011f176ef4434bbfe2c25
This commit is contained in:
wfernandom2004@gmail.com 2010-06-17 21:33:42 +03:00
Родитель af2d03d1ec
Коммит 78db44644f
19 изменённых файлов: 2035 добавлений и 1247 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

14
extensions/auth/nsHttpNegotiateAuth.cpp
Просмотреть файл

@ -54,7 +54,7 @@
#include "nsAuth.h"
#include "nsHttpNegotiateAuth.h"
#include "nsIHttpChannel.h"
#include "nsIHttpAuthenticableChannel.h"
#include "nsIProxiedChannel.h"
#include "nsIAuthModule.h"
#include "nsIServiceManager.h"
@ -107,7 +107,7 @@ nsHttpNegotiateAuth::GetAuthFlags(PRUint32 *flags)
// there is no correct way to get the users credentials.
//
NS_IMETHODIMP
nsHttpNegotiateAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
PRBool isProxyAuth,
nsISupports **sessionState,
@ -123,7 +123,7 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
nsresult rv;
nsCOMPtr<nsIURI> uri;
rv = httpChannel->GetURI(getter_AddRefs(uri));
rv = authChannel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv))
return rv;
@ -136,12 +136,8 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
return NS_ERROR_ABORT;
}
nsCOMPtr<nsIProxiedChannel> proxied =
do_QueryInterface(httpChannel);
NS_ENSURE_STATE(proxied);
nsCOMPtr<nsIProxyInfo> proxyInfo;
proxied->GetProxyInfo(getter_AddRefs(proxyInfo));
authChannel->GetProxyInfo(getter_AddRefs(proxyInfo));
NS_ENSURE_STATE(proxyInfo);
proxyInfo->GetHost(service);
@ -213,7 +209,7 @@ NS_IMPL_ISUPPORTS1(nsHttpNegotiateAuth, nsIHttpAuthenticator)
// blob to pass to the server that requested "Negotiate" authentication.
//
NS_IMETHODIMP
nsHttpNegotiateAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
nsHttpNegotiateAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
PRBool isProxyAuth,
const PRUnichar *domain,

50
netwerk/base/public/nsIProtocolProxyService.idl
Просмотреть файл

@ -52,7 +52,7 @@ interface nsIURI;
*
* @status UNDER_REVIEW
*/
[scriptable, uuid(e38ab577-786e-4a7f-936b-7ae4c7d877b2)]
[scriptable, uuid(d7ec6237-162e-40f5-a2b4-46ccd5fa83c9)]
interface nsIProtocolProxyService : nsISupports
{
/**
@ -71,6 +71,39 @@ interface nsIProtocolProxyService : nsISupports
*/
const unsigned long RESOLVE_NON_BLOCKING = 1 << 0;
/**
* When the proxy configuration is manual this flag may be passed to the
* resolve and asyncResolve methods to request to prefer the SOCKS proxy
* to HTTP ones.
*/
const unsigned long RESOLVE_PREFER_SOCKS_PROXY = 1 << 1;
/**
* When the proxy configuration is manual this flag may be passed to the
* resolve and asyncResolve methods to request to not analyze the uri's
* scheme specific proxy. When this flag is set the main HTTP proxy is the
* preferred one.
*
* NOTE: if RESOLVE_PREFER_SOCKS_PROXY is set then the SOCKS proxy is
* the preferred one.
*
* NOTE: if RESOLVE_PREFER_HTTPS_PROXY is set then the HTTPS proxy
* is the preferred one.
*/
const unsigned long RESOLVE_IGNORE_URI_SCHEME = 1 << 2;
/**
* When the proxy configuration is manual this flag may be passed to the
* resolve and asyncResolve methods to request to prefer the HTTPS proxy
* to the others HTTP ones.
*
* NOTE: RESOLVE_PREFER_SOCKS_PROXY takes precedence over this flag.
*
* NOTE: This flag implies RESOLVE_IGNORE_URI_SCHEME.
*/
const unsigned long RESOLVE_PREFER_HTTPS_PROXY =
(1 << 3) | RESOLVE_IGNORE_URI_SCHEME;
/**
* This method returns a nsIProxyInfo instance that identifies a proxy to
* be used for loading the given URI. Otherwise, this method returns null
@ -228,4 +261,19 @@ interface nsIProtocolProxyService : nsISupports
* The nsIProtocolProxyFilter instance to be unregistered.
*/
void unregisterFilter(in nsIProtocolProxyFilter aFilter);
/**
* These values correspond to the possible integer values for the
* network.proxy.type preference.
*/
const unsigned long PROXYCONFIG_DIRECT = 0;
const unsigned long PROXYCONFIG_MANUAL = 1;
const unsigned long PROXYCONFIG_PAC = 2;
const unsigned long PROXYCONFIG_WPAD = 4;
const unsigned long PROXYCONFIG_SYSTEM = 5;
/**
* This attribute specifies the current type of proxy configuration.
*/
readonly attribute unsigned long proxyConfigType;
};

80
netwerk/base/src/nsProtocolProxyService.cpp
Просмотреть файл

@ -286,6 +286,9 @@ proxy_GetBoolPref(nsIPrefBranch *aPrefBranch,
//----------------------------------------------------------------------------
static const PRInt32 PROXYCONFIG_DIRECT4X = 3;
static const PRInt32 PROXYCONFIG_COUNT = 6;
NS_IMPL_ADDREF(nsProtocolProxyService)
NS_IMPL_RELEASE(nsProtocolProxyService)
NS_IMPL_QUERY_INTERFACE3_CI(nsProtocolProxyService,
@ -298,7 +301,7 @@ NS_IMPL_CI_INTERFACE_GETTER2(nsProtocolProxyService,
nsProtocolProxyService::nsProtocolProxyService()
: mFilters(nsnull)
, mProxyConfig(eProxyConfig_Direct)
, mProxyConfig(PROXYCONFIG_DIRECT)
, mHTTPProxyPort(-1)
, mFTPProxyPort(-1)
, mHTTPSProxyPort(-1)
@ -386,26 +389,26 @@ nsProtocolProxyService::PrefsChanged(nsIPrefBranch *prefBranch,
rv = prefBranch->GetIntPref(PROXY_PREF("type"), &type);
if (NS_SUCCEEDED(rv)) {
// bug 115720 - for ns4.x backwards compatability
if (type == eProxyConfig_Direct4x) {
type = eProxyConfig_Direct;
if (type == PROXYCONFIG_DIRECT4X) {
type = PROXYCONFIG_DIRECT;
// Reset the type so that the dialog looks correct, and we
// don't have to handle this case everywhere else
// I'm paranoid about a loop of some sort - only do this
// if we're enumerating all prefs, and ignore any error
if (!pref)
prefBranch->SetIntPref(PROXY_PREF("type"), type);
} else if (type >= eProxyConfig_Last) {
} else if (type >= PROXYCONFIG_COUNT) {
LOG(("unknown proxy type: %lu; assuming direct\n", type));
type = eProxyConfig_Direct;
type = PROXYCONFIG_DIRECT;
}
mProxyConfig = static_cast<ProxyConfig>(type);
mProxyConfig = type;
reloadPAC = PR_TRUE;
}
if (mProxyConfig == eProxyConfig_System) {
if (mProxyConfig == PROXYCONFIG_SYSTEM) {
mSystemProxySettings = do_GetService(NS_SYSTEMPROXYSETTINGS_CONTRACTID);
if (!mSystemProxySettings)
mProxyConfig = eProxyConfig_Direct;
mProxyConfig = PROXYCONFIG_DIRECT;
} else {
mSystemProxySettings = nsnull;
}
@ -462,8 +465,8 @@ nsProtocolProxyService::PrefsChanged(nsIPrefBranch *prefBranch,
// We're done if not using something that could give us a PAC URL
// (PAC, WPAD or System)
if (mProxyConfig != eProxyConfig_PAC && mProxyConfig != eProxyConfig_WPAD &&
mProxyConfig != eProxyConfig_System)
if (mProxyConfig != PROXYCONFIG_PAC && mProxyConfig != PROXYCONFIG_WPAD &&
mProxyConfig != PROXYCONFIG_SYSTEM)
return;
// OK, we need to reload the PAC file if:
@ -475,10 +478,10 @@ nsProtocolProxyService::PrefsChanged(nsIPrefBranch *prefBranch,
if (reloadPAC) {
tempString.Truncate();
if (mProxyConfig == eProxyConfig_PAC) {
if (mProxyConfig == PROXYCONFIG_PAC) {
prefBranch->GetCharPref(PROXY_PREF("autoconfig_url"),
getter_Copies(tempString));
} else if (mProxyConfig == eProxyConfig_WPAD) {
} else if (mProxyConfig == PROXYCONFIG_WPAD) {
// We diverge from the WPAD spec here in that we don't walk the
// hosts's FQDN, stripping components until we hit a TLD. Doing so
// is dangerous in the face of an incomplete list of TLDs, and TLDs
@ -814,9 +817,9 @@ nsProtocolProxyService::ReloadPAC()
return NS_OK;
nsXPIDLCString pacSpec;
if (type == eProxyConfig_PAC)
if (type == PROXYCONFIG_PAC)
prefs->GetCharPref(PROXY_PREF("autoconfig_url"), getter_Copies(pacSpec));
else if (type == eProxyConfig_WPAD)
else if (type == PROXYCONFIG_WPAD)
pacSpec.AssignLiteral(WPAD_URL);
if (!pacSpec.IsEmpty())
@ -835,7 +838,7 @@ nsProtocolProxyService::Resolve(nsIURI *uri, PRUint32 flags,
return rv;
PRBool usePAC;
rv = Resolve_Internal(uri, info, &usePAC, result);
rv = Resolve_Internal(uri, info, flags, &usePAC, result);
if (NS_FAILED(rv))
return rv;
@ -884,7 +887,7 @@ nsProtocolProxyService::AsyncResolve(nsIURI *uri, PRUint32 flags,
PRBool usePAC;
nsCOMPtr<nsIProxyInfo> pi;
rv = Resolve_Internal(uri, info, &usePAC, getter_AddRefs(pi));
rv = Resolve_Internal(uri, info, flags, &usePAC, getter_AddRefs(pi));
if (NS_FAILED(rv))
return rv;
@ -946,8 +949,8 @@ nsProtocolProxyService::GetFailoverForProxy(nsIProxyInfo *aProxy,
{
// We only support failover when a PAC file is configured, either
// directly or via system settings
if (mProxyConfig != eProxyConfig_PAC && mProxyConfig != eProxyConfig_WPAD &&
mProxyConfig != eProxyConfig_System)
if (mProxyConfig != PROXYCONFIG_PAC && mProxyConfig != PROXYCONFIG_WPAD &&
mProxyConfig != PROXYCONFIG_SYSTEM)
return NS_ERROR_NOT_AVAILABLE;
// Verify that |aProxy| is one of our nsProxyInfo objects.
@ -1033,6 +1036,14 @@ nsProtocolProxyService::UnregisterFilter(nsIProtocolProxyFilter *filter)
// No need to throw an exception in this case.
return NS_OK;
}
NS_IMETHODIMP
nsProtocolProxyService::GetProxyConfigType(PRUint32* aProxyConfigType)
{
*aProxyConfigType = mProxyConfig;
return NS_OK;
}
void
nsProtocolProxyService::LoadHostFilters(const char *filters)
{
@ -1220,6 +1231,7 @@ nsProtocolProxyService::NewProxyInfo_Internal(const char *aType,
nsresult
nsProtocolProxyService::Resolve_Internal(nsIURI *uri,
const nsProtocolInfo &info,
PRUint32 flags,
PRBool *usePAC,
nsIProxyInfo **result)
{
@ -1254,14 +1266,14 @@ nsProtocolProxyService::Resolve_Internal(nsIURI *uri,
// if proxies are enabled and this host:port combo is supposed to use a
// proxy, check for a proxy.
if (mProxyConfig == eProxyConfig_Direct ||
(mProxyConfig == eProxyConfig_Manual &&
if (mProxyConfig == PROXYCONFIG_DIRECT ||
(mProxyConfig == PROXYCONFIG_MANUAL &&
!CanUseProxy(uri, info.defaultPort)))
return NS_OK;
// Proxy auto config magic...
if (mProxyConfig == eProxyConfig_PAC || mProxyConfig == eProxyConfig_WPAD ||
mProxyConfig == eProxyConfig_System) {
if (mProxyConfig == PROXYCONFIG_PAC || mProxyConfig == PROXYCONFIG_WPAD ||
mProxyConfig == PROXYCONFIG_SYSTEM) {
// Do not query PAC now.
*usePAC = PR_TRUE;
return NS_OK;
@ -1274,19 +1286,39 @@ nsProtocolProxyService::Resolve_Internal(nsIURI *uri,
PRUint32 proxyFlags = 0;
if (!mHTTPProxyHost.IsEmpty() && mHTTPProxyPort > 0 &&
info.scheme.EqualsLiteral("http")) {
if ((flags & RESOLVE_PREFER_SOCKS_PROXY) &&
!mSOCKSProxyHost.IsEmpty() && mSOCKSProxyPort > 0) {
host = &mSOCKSProxyHost;
if (mSOCKSProxyVersion == 4)
type = kProxyType_SOCKS4;
else
type = kProxyType_SOCKS;
port = mSOCKSProxyPort;
if (mSOCKSProxyRemoteDNS)
proxyFlags |= nsIProxyInfo::TRANSPARENT_PROXY_RESOLVES_HOST;
}
else if ((flags & RESOLVE_PREFER_HTTPS_PROXY) &&
!mHTTPSProxyHost.IsEmpty() && mHTTPSProxyPort > 0) {
host = &mHTTPSProxyHost;
type = kProxyType_HTTP;
port = mHTTPSProxyPort;
}
else if (!mHTTPProxyHost.IsEmpty() && mHTTPProxyPort > 0 &&
((flags & RESOLVE_IGNORE_URI_SCHEME) ||
info.scheme.EqualsLiteral("http"))) {
host = &mHTTPProxyHost;
type = kProxyType_HTTP;
port = mHTTPProxyPort;
}
else if (!mHTTPSProxyHost.IsEmpty() && mHTTPSProxyPort > 0 &&
!(flags & RESOLVE_IGNORE_URI_SCHEME) &&
info.scheme.EqualsLiteral("https")) {
host = &mHTTPSProxyHost;
type = kProxyType_HTTP;
port = mHTTPSProxyPort;
}
else if (!mFTPProxyHost.IsEmpty() && mFTPProxyPort > 0 &&
!(flags & RESOLVE_IGNORE_URI_SCHEME) &&
info.scheme.EqualsLiteral("ftp")) {
host = &mFTPProxyHost;
type = kProxyType_HTTP;

16
netwerk/base/src/nsProtocolProxyService.h
Просмотреть файл

@ -220,6 +220,8 @@ protected:
* The URI to test.
* @param info
* Information about the URI's protocol.
* @param flags
* The flags passed to either the resolve or the asyncResolve method.
* @param usePAC
* If this flag is set upon return, then PAC should be queried to
* resolve the proxy info.
@ -228,6 +230,7 @@ protected:
*/
NS_HIDDEN_(nsresult) Resolve_Internal(nsIURI *uri,
const nsProtocolInfo &info,
PRUint32 flags,
PRBool *usePAC,
nsIProxyInfo **result);
@ -306,17 +309,6 @@ public:
PRUint32 host_len;
};
// These values correspond to the integer network.proxy.type preference
enum ProxyConfig {
eProxyConfig_Direct,
eProxyConfig_Manual,
eProxyConfig_PAC,
eProxyConfig_Direct4x,
eProxyConfig_WPAD,
eProxyConfig_System, // use system proxy settings if available, otherwise DIRECT
eProxyConfig_Last
};
protected:
// simplified array of filters defined by this struct
@ -357,7 +349,7 @@ protected:
// of FilterLink objects.
FilterLink *mFilters;
ProxyConfig mProxyConfig;
PRUint32 mProxyConfig;
nsCString mHTTPProxyHost;
PRInt32 mHTTPProxyPort;

12
netwerk/build/nsNetCID.h
Просмотреть файл

@ -556,6 +556,18 @@
{0x9f, 0xd4, 0xe0, 0x65, 0xe8, 0x55, 0x68, 0xf4} \
}
#define NS_HTTPCHANNELAUTHPROVIDER_CLASSNAME \
"nsHttpChannelAuthProvider"
#define NS_HTTPCHANNELAUTHPROVIDER_CONTRACTID \
"@mozilla.org/network/http-channel-auth-provider;1"
#define NS_HTTPCHANNELAUTHPROVIDER_CID \
{ /* 02f5a8d8-4ef3-48b1-b527-8a643056abbd */ \
0x02f5a8d8, \
0x4ef3, \
0x48b1, \
{0xb5, 0x27, 0x8a, 0x64, 0x30, 0x56, 0xab, 0xbd} \
}
#define NS_HTTPACTIVITYDISTRIBUTOR_CLASSNAME \
"nsHttpActivityDistributor"
#define NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID \

7
netwerk/build/nsNetModule.cpp
Просмотреть файл

@ -228,6 +228,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFtpProtocolHandler, Init)
#undef LOG
#undef LOG_ENABLED
#include "nsHttpAuthManager.h"
#include "nsHttpChannelAuthProvider.h"
#include "nsHttpBasicAuth.h"
#include "nsHttpDigestAuth.h"
#include "nsHttpNTLMAuth.h"
@ -238,6 +239,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpNTLMAuth)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpHandler, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpsHandler, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpAuthManager, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpChannelAuthProvider)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpActivityDistributor, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpBasicAuth)
NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpDigestAuth)
@ -976,6 +978,11 @@ static const nsModuleComponentInfo gNetModuleInfo[] = {
NS_HTTPAUTHMANAGER_CONTRACTID,
nsHttpAuthManagerConstructor },
{ NS_HTTPCHANNELAUTHPROVIDER_CLASSNAME,
NS_HTTPCHANNELAUTHPROVIDER_CID,
NS_HTTPCHANNELAUTHPROVIDER_CONTRACTID,
nsHttpChannelAuthProviderConstructor },
{ NS_HTTPACTIVITYDISTRIBUTOR_CLASSNAME,
NS_HTTPACTIVITYDISTRIBUTOR_CID,
NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID,

6
netwerk/dns/nsDNSService2.cpp
Просмотреть файл

@ -51,7 +51,7 @@
#include "nsNetCID.h"
#include "nsNetError.h"
#include "nsDNSPrefetch.h"
#include "nsProtocolProxyService.h"
#include "nsIProtocolProxyService.h"
#include "prsystem.h"
#include "prnetdb.h"
#include "prmon.h"
@ -333,7 +333,7 @@ nsDNSService::Init()
PRBool enableIDN = PR_TRUE;
PRBool disableIPv6 = PR_FALSE;
PRBool disablePrefetch = PR_FALSE;
int proxyType = nsProtocolProxyService::eProxyConfig_Direct;
int proxyType = nsIProtocolProxyService::PROXYCONFIG_DIRECT;
nsAdoptingCString ipv4OnlyDomains;
@ -395,7 +395,7 @@ nsDNSService::Init()
mDisableIPv6 = disableIPv6;
// Disable prefetching either by explicit preference or if a manual proxy is configured
mDisablePrefetch = disablePrefetch || (proxyType == nsProtocolProxyService::eProxyConfig_Manual);
mDisablePrefetch = disablePrefetch || (proxyType == nsIProtocolProxyService::PROXYCONFIG_MANUAL);
}
nsDNSPrefetch::Initialize(this);

3
netwerk/protocol/http/Makefile.in
Просмотреть файл

@ -63,6 +63,8 @@ XPIDLSRCS = \
nsIHttpChannelInternal.idl \
nsIHttpEventSink.idl \
nsIHttpProtocolHandler.idl \
nsIHttpChannelAuthProvider.idl \
nsIHttpAuthenticableChannel.idl \
$(NULL)
CPPSRCS = \
@ -84,6 +86,7 @@ CPPSRCS = \
nsHttpChannel.cpp \
nsHttpPipeline.cpp \
nsHttpActivityDistributor.cpp \
nsHttpChannelAuthProvider.cpp \
$(NULL)
LOCAL_INCLUDES = \

4
netwerk/protocol/http/nsHttpBasicAuth.cpp
Просмотреть файл

@ -70,7 +70,7 @@ NS_IMPL_ISUPPORTS1(nsHttpBasicAuth, nsIHttpAuthenticator)
//-----------------------------------------------------------------------------
NS_IMETHODIMP
nsHttpBasicAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
nsHttpBasicAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
PRBool isProxyAuth,
nsISupports **sessionState,
@ -84,7 +84,7 @@ nsHttpBasicAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
}
NS_IMETHODIMP
nsHttpBasicAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
nsHttpBasicAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
PRBool isProxyAuth,
const PRUnichar *domain,

1201
netwerk/protocol/http/nsHttpChannel.cpp
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

83
netwerk/protocol/http/nsHttpChannel.h
Просмотреть файл

@ -43,7 +43,6 @@
#include "nsHttpTransaction.h"
#include "nsHttpRequestHead.h"
#include "nsHttpAuthCache.h"
#include "nsHashPropertyBag.h"
#include "nsInputStreamPump.h"
#include "nsThreadUtils.h"
@ -83,13 +82,12 @@
#include "nsISupportsPriority.h"
#include "nsIProtocolProxyCallback.h"
#include "nsICancelable.h"
#include "nsIProxiedChannel.h"
#include "nsIHttpAuthenticableChannel.h"
#include "nsITraceableChannel.h"
#include "nsIAuthPromptCallback.h"
#include "nsIHttpChannelAuthProvider.h"
class nsHttpResponseHead;
class nsAHttpConnection;
class nsIHttpAuthenticator;
class nsProxyInfo;
//-----------------------------------------------------------------------------
@ -109,10 +107,9 @@ class nsHttpChannel : public nsHashPropertyBag
, public nsIResumableChannel
, public nsISupportsPriority
, public nsIProtocolProxyCallback
, public nsIProxiedChannel
, public nsIHttpAuthenticableChannel
, public nsITraceableChannel
, public nsIApplicationCacheChannel
, public nsIAuthPromptCallback
{
public:
NS_DECL_ISUPPORTS_INHERITED
@ -135,7 +132,19 @@ public:
NS_DECL_NSITRACEABLECHANNEL
NS_DECL_NSIAPPLICATIONCACHECONTAINER
NS_DECL_NSIAPPLICATIONCACHECHANNEL
NS_DECL_NSIAUTHPROMPTCALLBACK
// nsIHttpAuthenticableChannel. We can't use
// NS_DECL_NSIHTTPAUTHENTICABLECHANNEL because it duplicates cancel() and
// others.
NS_IMETHOD GetIsSSL(PRBool *aIsSSL);
NS_IMETHOD GetProxyMethodIsConnect(PRBool *aProxyMethodIsConnect);
NS_IMETHOD GetServerResponseHeader(nsACString & aServerResponseHeader);
NS_IMETHOD GetProxyChallenges(nsACString & aChallenges);
NS_IMETHOD GetWWWChallenges(nsACString & aChallenges);
NS_IMETHOD SetProxyCredentials(const nsACString & aCredentials);
NS_IMETHOD SetWWWCredentials(const nsACString & aCredentials);
NS_IMETHOD OnAuthAvailable();
NS_IMETHOD OnAuthCancelled(PRBool userCancel);
nsHttpChannel();
virtual ~nsHttpChannel();
@ -180,7 +189,6 @@ private:
nsresult ProcessRedirection(PRUint32 httpStatus);
PRBool ShouldSSLProxyResponseContinue(PRUint32 httpStatus);
nsresult ProcessFailedSSLConnect(PRUint32 httpStatus);
nsresult ProcessAuthentication(PRUint32 httpStatus);
nsresult ProcessFallback(PRBool *fallingBack);
PRBool ResponseWouldVary();
@ -226,41 +234,8 @@ private:
nsresult ProcessPartialContent();
nsresult OnDoneReadingPartialCacheEntry(PRBool *streamDone);
// auth specific methods
nsresult PrepareForAuthentication(PRBool proxyAuth);
nsresult GenCredsAndSetEntry(nsIHttpAuthenticator *, PRBool proxyAuth, const char *scheme, const char *host, PRInt32 port, const char *dir, const char *realm, const char *challenge, const nsHttpAuthIdentity &ident, nsCOMPtr<nsISupports> &session, char **result);
nsresult GetAuthenticator(const char *challenge, nsCString &scheme, nsIHttpAuthenticator **auth);
void ParseRealm(const char *challenge, nsACString &realm);
void GetIdentityFromURI(PRUint32 authFlags, nsHttpAuthIdentity&);
/**
* Following three methods return NS_ERROR_IN_PROGRESS when
* nsIAuthPrompt2.asyncPromptAuth method is called. This result indicates
* the user's decision will be gathered in a callback and is not an actual
* error.
*/
nsresult GetCredentials(const char *challenges, PRBool proxyAuth, nsAFlatCString &creds);
nsresult GetCredentialsForChallenge(const char *challenge, const char *scheme, PRBool proxyAuth, nsIHttpAuthenticator *auth, nsAFlatCString &creds);
nsresult PromptForIdentity(PRUint32 level, PRBool proxyAuth, const char *realm, const char *authType, PRUint32 authFlags, nsHttpAuthIdentity &);
PRBool ConfirmAuth(const nsString &bundleKey, PRBool doYesNoPrompt);
void CheckForSuperfluousAuth();
void SetAuthorizationHeader(nsHttpAuthCache *, nsHttpAtom header, const char *scheme, const char *host, PRInt32 port, const char *path, nsHttpAuthIdentity &ident);
void AddAuthorizationHeaders();
nsresult GetCurrentPath(nsACString &);
/**
* Return all information needed to build authorization information,
* all paramters except proxyAuth are out parameters. proxyAuth specifies
* with what authorization we work (WWW or proxy).
*/
nsresult GetAuthorizationMembers(PRBool proxyAuth, nsCSubstring& scheme, const char*& host, PRInt32& port, nsCSubstring& path, nsHttpAuthIdentity*& ident, nsISupports**& continuationState);
nsresult DoAuthRetry(nsAHttpConnection *);
PRBool MustValidateBasedOnQueryUrl();
/**
* Method called to resume suspended transaction after we got credentials
* from the user. Called from OnAuthAvailable callback or OnAuthCancelled
* when credentials for next challenge were obtained synchronously.
*/
nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
private:
nsCOMPtr<nsIURI> mOriginalURI;
@ -311,25 +286,7 @@ private:
nsCOMPtr<nsIApplicationCache> mApplicationCache;
// auth specific data
nsISupports *mProxyAuthContinuationState;
nsCString mProxyAuthType;
nsISupports *mAuthContinuationState;
nsCString mAuthType;
nsHttpAuthIdentity mIdent;
nsHttpAuthIdentity mProxyIdent;
// Reference to the prompt wating in prompt queue. The channel is
// responsible to call its cancel method when user in any way cancels
// this request.
nsCOMPtr<nsICancelable> mAsyncPromptAuthCancelable;
// Saved in GetCredentials when prompt is asynchronous, the first challenge
// we obtained from the server with 401/407 response, will be processed in
// OnAuthAvailable callback.
nsCString mCurrentChallenge;
// Saved in GetCredentials when prompt is asynchronous, remaning challenges
// we have to process when user cancels the auth dialog for the current
// challenge.
nsCString mRemainingChallenges;
nsCOMPtr<nsIHttpChannelAuthProvider> mAuthProvider;
// Resumable channel specific data
nsCString mEntityID;
@ -367,12 +324,6 @@ private:
PRUint32 mTransactionReplaced : 1;
PRUint32 mUploadStreamHasHeaders : 1;
PRUint32 mAuthRetryPending : 1;
// True when we need to authenticate to proxy, i.e. when we get 407
// response. Used in OnAuthAvailable and OnAuthCancelled callbacks.
PRUint32 mProxyAuth : 1;
PRUint32 mTriedProxyAuth : 1;
PRUint32 mTriedHostAuth : 1;
PRUint32 mSuppressDefensiveAuth : 1;
PRUint32 mResuming : 1;
PRUint32 mInitedCacheEntry : 1;
PRUint32 mCacheForOfflineUse : 1;

1308
netwerk/protocol/http/nsHttpChannelAuthProvider.cpp Normal file
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

169
netwerk/protocol/http/nsHttpChannelAuthProvider.h Normal file
Просмотреть файл

@ -0,0 +1,169 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* vim:set et cin ts=4 sw=4 sts=4: */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Mozilla.
*
* The Initial Developer of the Original Code is
* Netscape Communications.
* Portions created by the Initial Developer are Copyright (C) 2001
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Darin Fisher <darin@netscape.com> (original author)
* Christian Biesinger <cbiesinger@web.de>
* Wellington Fernando de Macedo <wfernandom2004@gmail.com>
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#ifndef nsHttpChannelAuthProvider_h__
#define nsHttpChannelAuthProvider_h__
#include "nsIHttpChannelAuthProvider.h"
#include "nsIAuthPromptCallback.h"
#include "nsString.h"
#include "nsCOMPtr.h"
#include "nsIHttpAuthenticableChannel.h"
#include "nsIURI.h"
#include "nsHttpAuthCache.h"
#include "nsProxyInfo.h"
class nsIHttpAuthenticator;
class nsHttpChannelAuthProvider : public nsIHttpChannelAuthProvider
, public nsIAuthPromptCallback
{
public:
NS_DECL_ISUPPORTS
NS_DECL_NSICANCELABLE
NS_DECL_NSIHTTPCHANNELAUTHPROVIDER
NS_DECL_NSIAUTHPROMPTCALLBACK
nsHttpChannelAuthProvider();
virtual ~nsHttpChannelAuthProvider();
private:
const char *ProxyHost() const
{ return mProxyInfo ? mProxyInfo->Host().get() : nsnull; }
PRInt32 ProxyPort() const
{ return mProxyInfo ? mProxyInfo->Port() : -1; }
const char *Host() const { return mHost.get(); }
PRInt32 Port() const { return mPort; }
PRBool UsingSSL() const { return mUsingSSL; }
PRBool UsingHttpProxy() const
{ return !!(mProxyInfo && !nsCRT::strcmp(mProxyInfo->Type(), "http")); }
nsresult PrepareForAuthentication(PRBool proxyAuth);
nsresult GenCredsAndSetEntry(nsIHttpAuthenticator *, PRBool proxyAuth,
const char *scheme, const char *host,
PRInt32 port, const char *dir,
const char *realm, const char *challenge,
const nsHttpAuthIdentity &ident,
nsCOMPtr<nsISupports> &session, char **result);
nsresult GetAuthenticator(const char *challenge, nsCString &scheme,
nsIHttpAuthenticator **auth);
void ParseRealm(const char *challenge, nsACString &realm);
void GetIdentityFromURI(PRUint32 authFlags, nsHttpAuthIdentity&);
/**
* Following three methods return NS_ERROR_IN_PROGRESS when
* nsIAuthPrompt2.asyncPromptAuth method is called. This result indicates
* the user's decision will be gathered in a callback and is not an actual
* error.
*/
nsresult GetCredentials(const char *challenges, PRBool proxyAuth,
nsAFlatCString &creds);
nsresult GetCredentialsForChallenge(const char *challenge,
const char *scheme, PRBool proxyAuth,
nsIHttpAuthenticator *auth,
nsAFlatCString &creds);
nsresult PromptForIdentity(PRUint32 level, PRBool proxyAuth,
const char *realm, const char *authType,
PRUint32 authFlags, nsHttpAuthIdentity &);
PRBool ConfirmAuth(const nsString &bundleKey, PRBool doYesNoPrompt);
void SetAuthorizationHeader(nsHttpAuthCache *, nsHttpAtom header,
const char *scheme, const char *host,
PRInt32 port, const char *path,
nsHttpAuthIdentity &ident);
nsresult GetCurrentPath(nsACString &);
/**
* Return all information needed to build authorization information,
* all parameters except proxyAuth are out parameters. proxyAuth specifies
* with what authorization we work (WWW or proxy).
*/
nsresult GetAuthorizationMembers(PRBool proxyAuth, nsCSubstring& scheme,
const char*& host, PRInt32& port,
nsCSubstring& path,
nsHttpAuthIdentity*& ident,
nsISupports**& continuationState);
/**
* Method called to resume suspended transaction after we got credentials
* from the user. Called from OnAuthAvailable callback or OnAuthCancelled
* when credentials for next challenge were obtained synchronously.
*/
nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
private:
nsIHttpAuthenticableChannel *mAuthChannel; // weak ref
nsCOMPtr<nsIURI> mURI;
nsCOMPtr<nsProxyInfo> mProxyInfo;
nsCString mHost;
PRInt32 mPort;
PRBool mUsingSSL;
nsISupports *mProxyAuthContinuationState;
nsCString mProxyAuthType;
nsISupports *mAuthContinuationState;
nsCString mAuthType;
nsHttpAuthIdentity mIdent;
nsHttpAuthIdentity mProxyIdent;
// Reference to the prompt wating in prompt queue. The channel is
// responsible to call its cancel method when user in any way cancels
// this request.
nsCOMPtr<nsICancelable> mAsyncPromptAuthCancelable;
// Saved in GetCredentials when prompt is asynchronous, the first challenge
// we obtained from the server with 401/407 response, will be processed in
// OnAuthAvailable callback.
nsCString mCurrentChallenge;
// Saved in GetCredentials when prompt is asynchronous, remaning challenges
// we have to process when user cancels the auth dialog for the current
// challenge.
nsCString mRemainingChallenges;
// True when we need to authenticate to proxy, i.e. when we get 407
// response. Used in OnAuthAvailable and OnAuthCancelled callbacks.
PRUint32 mProxyAuth : 1;
PRUint32 mTriedProxyAuth : 1;
PRUint32 mTriedHostAuth : 1;
PRUint32 mSuppressDefensiveAuth : 1;
};
#endif // nsHttpChannelAuthProvider_h__

32
netwerk/protocol/http/nsHttpDigestAuth.cpp
Просмотреть файл

@ -42,7 +42,7 @@
#include <stdlib.h>
#include "nsHttp.h"
#include "nsHttpDigestAuth.h"
#include "nsIHttpChannel.h"
#include "nsIHttpAuthenticableChannel.h"
#include "nsIServiceManager.h"
#include "nsXPCOM.h"
#include "nsISupportsPrimitives.h"
@ -109,23 +109,19 @@ nsHttpDigestAuth::MD5Hash(const char *buf, PRUint32 len)
}
nsresult
nsHttpDigestAuth::GetMethodAndPath(nsIHttpChannel *httpChannel,
PRBool isProxyAuth,
nsCString &httpMethod,
nsCString &path)
nsHttpDigestAuth::GetMethodAndPath(nsIHttpAuthenticableChannel *authChannel,
PRBool isProxyAuth,
nsCString &httpMethod,
nsCString &path)
{
nsresult rv;
nsCOMPtr<nsIURI> uri;
rv = httpChannel->GetURI(getter_AddRefs(uri));
rv = authChannel->GetURI(getter_AddRefs(uri));
if (NS_SUCCEEDED(rv)) {
PRBool isSecure;
rv = uri->SchemeIs("https", &isSecure);
PRBool proxyMethodIsConnect;
rv = authChannel->GetProxyMethodIsConnect(&proxyMethodIsConnect);
if (NS_SUCCEEDED(rv)) {
//
// if we are being called in response to a 407, and if the protocol
// is HTTPS, then we are really using a CONNECT method.
//
if (isSecure && isProxyAuth) {
if (proxyMethodIsConnect && isProxyAuth) {
httpMethod.AssignLiteral("CONNECT");
//
// generate hostname:port string. (unfortunately uri->GetHostPort
@ -141,7 +137,7 @@ nsHttpDigestAuth::GetMethodAndPath(nsIHttpChannel *httpChannel,
}
}
else {
rv = httpChannel->GetRequestMethod(httpMethod);
rv = authChannel->GetRequestMethod(httpMethod);
rv |= uri->GetPath(path);
if (NS_SUCCEEDED(rv)) {
//
@ -171,7 +167,7 @@ nsHttpDigestAuth::GetMethodAndPath(nsIHttpChannel *httpChannel,
//-----------------------------------------------------------------------------
NS_IMETHODIMP
nsHttpDigestAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
nsHttpDigestAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
PRBool isProxyAuth,
nsISupports **sessionState,
@ -197,7 +193,7 @@ nsHttpDigestAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
}
NS_IMETHODIMP
nsHttpDigestAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
nsHttpDigestAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
PRBool isProxyAuth,
const PRUnichar *userdomain,
@ -222,7 +218,7 @@ nsHttpDigestAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
PRBool requireExtraQuotes = PR_FALSE;
{
nsCAutoString serverVal;
httpChannel->GetResponseHeader(NS_LITERAL_CSTRING("Server"), serverVal);
authChannel->GetServerResponseHeader(serverVal);
if (!serverVal.IsEmpty()) {
requireExtraQuotes = !PL_strncasecmp(serverVal.get(), "Microsoft-IIS", 13);
}
@ -231,7 +227,7 @@ nsHttpDigestAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
nsresult rv;
nsCAutoString httpMethod;
nsCAutoString path;
rv = GetMethodAndPath(httpChannel, isProxyAuth, httpMethod, path);
rv = GetMethodAndPath(authChannel, isProxyAuth, httpMethod, path);
if (NS_FAILED(rv)) return rv;
nsCAutoString realm, domain, nonce, opaque;

3
netwerk/protocol/http/nsHttpDigestAuth.h
Просмотреть файл

@ -107,7 +107,8 @@ class nsHttpDigestAuth : public nsIHttpAuthenticator
// result is in mHashBuf
nsresult MD5Hash(const char *buf, PRUint32 len);
nsresult GetMethodAndPath(nsIHttpChannel *, PRBool, nsCString &, nsCString &);
nsresult GetMethodAndPath(nsIHttpAuthenticableChannel *,
PRBool, nsCString &, nsCString &);
// append the quoted version of value to aHeaderLine
nsresult AppendQuotedString(const nsACString & value,

11
netwerk/protocol/http/nsHttpNTLMAuth.cpp
Просмотреть файл

@ -50,7 +50,7 @@
#include "nsIPrefBranch.h"
#include "nsIPrefService.h"
#include "nsIServiceManager.h"
#include "nsIHttpChannel.h"
#include "nsIHttpAuthenticableChannel.h"
#include "nsIURI.h"
static const char kAllowProxies[] = "network.automatic-ntlm-auth.allow-proxies";
@ -189,7 +189,8 @@ ForceGenericNTLM()
// Check to see if we should use default credentials for this host or proxy.
static PRBool
CanUseDefaultCredentials(nsIHttpChannel *channel, PRBool isProxyAuth)
CanUseDefaultCredentials(nsIHttpAuthenticableChannel *channel,
PRBool isProxyAuth)
{
nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
if (!prefs)
@ -224,7 +225,7 @@ NS_IMPL_ISUPPORTS0(nsNTLMSessionState)
NS_IMPL_ISUPPORTS1(nsHttpNTLMAuth, nsIHttpAuthenticator)
NS_IMETHODIMP
nsHttpNTLMAuth::ChallengeReceived(nsIHttpChannel *channel,
nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel,
const char *challenge,
PRBool isProxyAuth,
nsISupports **sessionState,
@ -316,7 +317,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpChannel *channel,
}
NS_IMETHODIMP
nsHttpNTLMAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
nsHttpNTLMAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
PRBool isProxyAuth,
const PRUnichar *domain,
@ -351,7 +352,7 @@ nsHttpNTLMAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
if (PL_strcasecmp(challenge, "NTLM") == 0) {
// NTLM service name format is 'HTTP@host' for both http and https
nsCOMPtr<nsIURI> uri;
rv = httpChannel->GetURI(getter_AddRefs(uri));
rv = authChannel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv))
return rv;
nsCAutoString serviceName, host;

141
netwerk/protocol/http/nsIHttpAuthenticableChannel.idl Normal file
Просмотреть файл

@ -0,0 +1,141 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Mozilla.
*
* The Initial Developer of the Original Code is
* Wellington Fernando de Macedo.
* Portions created by the Initial Developer are Copyright (C) 2009
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Wellington Fernando de Macedo <wfernandom2004@gmail.com> (original author)
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#include "nsIProxiedChannel.idl"
#include "nsIChannel.idl"
interface nsILoadGroup;
interface nsIURI;
interface nsIInterfaceRequestor;
[scriptable, uuid(701093ac-5c7f-429c-99e3-423b041fccb4)]
interface nsIHttpAuthenticableChannel : nsIProxiedChannel
{
/**
* If the channel being authenticated is using SSL.
*/
readonly attribute boolean isSSL;
/**
* Returns if the proxy HTTP method used is CONNECT. If no proxy is being
* used it must return PR_FALSE.
*/
readonly attribute boolean proxyMethodIsConnect;
/**
* Cancels the current request. See nsIRequest.
*/
void cancel(in nsresult aStatus);
/**
* The load flags of this request. See nsIRequest.
*/
readonly attribute nsLoadFlags loadFlags;
/**
* The URI corresponding to the channel. See nsIChannel.
*/
readonly attribute nsIURI URI;
/**
* The load group of this request. It is here for querying its
* notificationCallbacks. See nsIRequest.
*/
readonly attribute nsILoadGroup loadGroup;
/**
* The notification callbacks for the channel. See nsIChannel.
*/
readonly attribute nsIInterfaceRequestor notificationCallbacks;
/**
* The HTTP request method. See nsIHttpChannel.
*/
readonly attribute ACString requestMethod;
/**
* The "Server" response header.
* Return NS_ERROR_NOT_AVAILABLE if not available.
*/
readonly attribute ACString serverResponseHeader;
/**
* The Proxy-Authenticate response header.
*/
readonly attribute ACString proxyChallenges;
/**
* The WWW-Authenticate response header.
*/
readonly attribute ACString WWWChallenges;
/**
* Sets the Proxy-Authorization request header. An empty string
* will clear it.
*/
void setProxyCredentials(in ACString credentials);
/**
* Sets the Authorization request header. An empty string
* will clear it.
*/
void setWWWCredentials(in ACString credentials);
/**
* Called when authentication information is ready and has been set on this
* object using setWWWCredentials/setProxyCredentials. Implementations can
* continue with the request and send the given information to the server.
*
* It is called asynchronously from
* nsIHttpChannelAuthProvider::processAuthentication if that method returns
* NS_ERROR_IN_PROGRESS.
*
* @note Any exceptions thrown from this method should be ignored.
*/
void onAuthAvailable();
/**
* Notifies that the prompt was cancelled. It is called asynchronously
* from nsIHttpChannelAuthProvider::processAuthentication if that method
* returns NS_ERROR_IN_PROGRESS.
*
* @param userCancel
* If the user was cancelled has cancelled the authentication prompt.
*/
void onAuthCancelled(in boolean userCancel);
};

34
netwerk/protocol/http/nsIHttpAuthenticator.idl
Просмотреть файл

@ -38,7 +38,7 @@
#include "nsISupports.idl"
interface nsIHttpChannel;
interface nsIHttpAuthenticableChannel;
/**
* nsIHttpAuthenticator
@ -51,7 +51,7 @@ interface nsIHttpChannel;
* where <auth-scheme> is the lower-cased value of the authentication scheme
* found in the server challenge per the rules of RFC 2617.
*/
[scriptable, uuid(36402c9d-c280-4860-b4b0-2e7eb35b0aaf)]
[scriptable, uuid(16784db0-fcb1-4352-b0c9-6a3a67e3cf79)]
interface nsIHttpAuthenticator : nsISupports
{
/**
@ -78,12 +78,12 @@ interface nsIHttpAuthenticator : nsISupports
* return value indicating whether or not to prompt the user for a
* revised identity.
*/
void challengeReceived(in nsIHttpChannel aChannel,
in string aChallenge,
in boolean aProxyAuth,
inout nsISupports aSessionState,
inout nsISupports aContinuationState,
out boolean aInvalidatesIdentity);
void challengeReceived(in nsIHttpAuthenticableChannel aChannel,
in string aChallenge,
in boolean aProxyAuth,
inout nsISupports aSessionState,
inout nsISupports aContinuationState,
out boolean aInvalidatesIdentity);
/**
* Called to generate the authentication credentials for a particular
@ -121,15 +121,15 @@ interface nsIHttpAuthenticator : nsISupports
* @param aFlags
* authenticator may return one of the generate flags bellow.
*/
string generateCredentials(in nsIHttpChannel aChannel,
in string aChallenge,
in boolean aProxyAuth,
in wstring aDomain,
in wstring aUser,
in wstring aPassword,
inout nsISupports aSessionState,
inout nsISupports aContinuationState,
out unsigned long aFlags);
string generateCredentials(in nsIHttpAuthenticableChannel aChannel,
in string aChallenge,
in boolean aProxyAuth,
in wstring aDomain,
in wstring aUser,
in wstring aPassword,
inout nsISupports aSessionState,
inout nsISupports aContinuationState,
out unsigned long aFlags);
/**
* Generate flags

108
netwerk/protocol/http/nsIHttpChannelAuthProvider.idl Normal file
Просмотреть файл

@ -0,0 +1,108 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set sw=2 ts=8 et tw=80 : */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is mozilla.org code.
*
* The Initial Developer of the Original Code is
* Wellington Fernando de Macedo.
* Portions created by the Initial Developer are Copyright (C) 2009
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Wellington Fernando de Macedo <wfernandom2004@gmail.com> (original author)
*
* Alternatively, the contents of this file may be used under the terms of
* either of the GNU General Public License Version 2 or later (the "GPL"),
* or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#include "nsICancelable.idl"
interface nsIHttpChannel;
interface nsIHttpAuthenticableChannel;
/**
* nsIHttpChannelAuthProvider
*
* This interface is intended for providing authentication for http-style
* channels, like nsIHttpChannel and nsIWebSocket, which implement the
* nsIHttpAuthenticableChannel interface.
*
* When requesting pages AddAuthorizationHeaders MUST be called
* in order to get the http cached headers credentials. When the request is
* unsuccessful because of receiving either a 401 or 407 http response code
* ProcessAuthentication MUST be called and the page MUST be requested again
* with the new credentials that the user has provided. After a successful
* request, checkForSuperfluousAuth MAY be called, and disconnect MUST be
* called.
*/
[scriptable, uuid(c68f3def-c7c8-4ee8-861c-eef49a48b702)]
interface nsIHttpChannelAuthProvider : nsICancelable
{
/**
* Initializes the http authentication support for the channel.
* Implementations must hold a weak reference of the channel.
*/
void init(in nsIHttpAuthenticableChannel channel);
/**
* Upon receipt of a server challenge, this function is called to determine
* the credentials to send.
*
* @param httpStatus
* the http status received.
* @param sslConnectFailed
* if the last ssl tunnel connection attempt was or not successful.
* @param callback
* the callback to be called when it returns NS_ERROR_IN_PROGRESS.
* The implementation must hold a weak reference.
*
* @returns NS_OK if the credentials were got and set successfully.
* NS_ERROR_IN_PROGRESS if the credentials are going to be asked to
* the user. The channel reference must be
* alive until the feedback from
* nsIHttpAuthenticableChannel's methods or
* until disconnect be called.
*/
void processAuthentication(in unsigned long httpStatus,
in boolean sslConnectFailed);
/**
* Add credentials from the http auth cache.
*/
void addAuthorizationHeaders();
/**
* Check if an unnecessary(and maybe malicious) url authentication has been
* provided.
*/
void checkForSuperfluousAuth();
/**
* Cancel pending user auth prompts and release the callback and channel
* weak references.
*/
void disconnect(in nsresult status);
};