1 // Copyright 2019 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_HTTP_HTTP_AUTH_NTLM_MECHANISM_H_ 6 #define NET_HTTP_HTTP_AUTH_NTLM_MECHANISM_H_ 7 8 #include <stdint.h> 9 10 #include <string> 11 12 #include "base/containers/span.h" 13 #include "net/base/auth.h" 14 #include "net/base/net_export.h" 15 #include "net/http/http_auth_mechanism.h" 16 #include "net/ntlm/ntlm_client.h" 17 18 namespace net { 19 20 class NET_EXPORT_PRIVATE HttpAuthNtlmMechanism : public HttpAuthMechanism { 21 public: 22 explicit HttpAuthNtlmMechanism(const HttpAuthPreferences* preferences); 23 ~HttpAuthNtlmMechanism() override; 24 25 HttpAuthNtlmMechanism(const HttpAuthNtlmMechanism&) = delete; 26 HttpAuthNtlmMechanism& operator=(const HttpAuthNtlmMechanism&) = delete; 27 28 // A function that returns the time as the number of 100 nanosecond ticks 29 // since Jan 1, 1601 (UTC). 30 using GetMSTimeProc = uint64_t (*)(); 31 32 // A function that generates random bytes into the entire output buffer. 33 using GenerateRandomProc = void (*)(base::span<uint8_t> output); 34 35 // A function that returns the local host name. Returns an empty string if 36 // the local host name is not available. 37 using HostNameProc = std::string (*)(); 38 39 // For unit tests to override and restore the GenerateRandom and 40 // GetHostName functions. 41 class ScopedProcSetter { 42 public: 43 ScopedProcSetter(GetMSTimeProc ms_time_proc, 44 GenerateRandomProc random_proc, 45 HostNameProc host_name_proc); 46 ~ScopedProcSetter(); 47 48 ScopedProcSetter(const ScopedProcSetter&) = delete; 49 ScopedProcSetter& operator=(const ScopedProcSetter&) = delete; 50 51 private: 52 GetMSTimeProc old_ms_time_proc_; 53 GenerateRandomProc old_random_proc_; 54 HostNameProc old_host_name_proc_; 55 }; 56 57 // HttpAuthMechanism 58 bool Init(const NetLogWithSource& net_log) override; 59 bool NeedsIdentity() const override; 60 bool AllowsExplicitCredentials() const override; 61 HttpAuth::AuthorizationResult ParseChallenge( 62 HttpAuthChallengeTokenizer* tok) override; 63 int GenerateAuthToken(const AuthCredentials* credentials, 64 const std::string& spn, 65 const std::string& channel_bindings, 66 std::string* auth_token, 67 const NetLogWithSource& net_log, 68 CompletionOnceCallback callback) override; 69 void SetDelegation(HttpAuth::DelegationType delegation_type) override; 70 71 private: 72 ntlm::NtlmClient ntlm_client_; 73 74 // Decoded authentication token that the server returned as part of an NTLM 75 // challenge. 76 std::string challenge_token_; 77 78 // Keep track of whether we sent the negotiate token. While it is still spec 79 // compliant to respond to any challenge without a token with a negotiate 80 // token, this mechanism considers it an error to respond to a negotiate token 81 // with an empty token. 82 bool first_token_sent_ = false; 83 }; 84 85 } // namespace net 86 87 #endif // NET_HTTP_HTTP_AUTH_NTLM_MECHANISM_H_ 88