• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_BROWSER_UI_LOGIN_LOGIN_PROMPT_H_
6 #define CHROME_BROWSER_UI_LOGIN_LOGIN_PROMPT_H_
7 
8 #include <string>
9 
10 #include "base/basictypes.h"
11 #include "base/synchronization/lock.h"
12 #include "components/password_manager/core/browser/password_manager.h"
13 #include "content/public/browser/notification_observer.h"
14 #include "content/public/browser/resource_dispatcher_host_login_delegate.h"
15 
16 class GURL;
17 
18 namespace content {
19 class RenderViewHostDelegate;
20 class NotificationRegistrar;
21 }  // namespace content
22 
23 namespace net {
24 class AuthChallengeInfo;
25 class HttpNetworkSession;
26 class URLRequest;
27 }  // namespace net
28 
29 // This is the base implementation for the OS-specific classes that route
30 // authentication info to the net::URLRequest that needs it. These functions
31 // must be implemented in a thread safe manner.
32 class LoginHandler : public content::ResourceDispatcherHostLoginDelegate,
33                      public password_manager::LoginModelObserver,
34                      public content::NotificationObserver {
35  public:
36   LoginHandler(net::AuthChallengeInfo* auth_info, net::URLRequest* request);
37 
38   // Builds the platform specific LoginHandler. Used from within
39   // CreateLoginPrompt() which creates tasks.
40   static LoginHandler* Create(net::AuthChallengeInfo* auth_info,
41                               net::URLRequest* request);
42 
43   // ResourceDispatcherHostLoginDelegate implementation:
44   virtual void OnRequestCancelled() OVERRIDE;
45 
46   // Initializes the underlying platform specific view.
47   virtual void BuildViewForPasswordManager(
48       password_manager::PasswordManager* manager,
49       const base::string16& explanation) = 0;
50 
51   // Sets information about the authentication type (|form|) and the
52   // |password_manager| for this profile.
53   void SetPasswordForm(const autofill::PasswordForm& form);
54   void SetPasswordManager(password_manager::PasswordManager* password_manager);
55 
56   // Returns the WebContents that needs authentication.
57   content::WebContents* GetWebContentsForLogin() const;
58 
59   // Resend the request with authentication credentials.
60   // This function can be called from either thread.
61   void SetAuth(const base::string16& username, const base::string16& password);
62 
63   // Display the error page without asking for credentials again.
64   // This function can be called from either thread.
65   void CancelAuth();
66 
67   // Implements the content::NotificationObserver interface.
68   // Listens for AUTH_SUPPLIED and AUTH_CANCELLED notifications from other
69   // LoginHandlers so that this LoginHandler has the chance to dismiss itself
70   // if it was waiting for the same authentication.
71   virtual void Observe(int type,
72                        const content::NotificationSource& source,
73                        const content::NotificationDetails& details) OVERRIDE;
74 
75   // Who/where/what asked for the authentication.
auth_info()76   const net::AuthChallengeInfo* auth_info() const { return auth_info_.get(); }
77 
78   // Returns whether authentication had been handled (SetAuth or CancelAuth).
79   bool WasAuthHandled() const;
80 
81  protected:
82   virtual ~LoginHandler();
83 
84   void SetModel(password_manager::LoginModel* model);
85 
86   // Notify observers that authentication is needed.
87   void NotifyAuthNeeded();
88 
89   // Performs necessary cleanup before deletion.
90   void ReleaseSoon();
91 
92   // Closes the native dialog.
93   virtual void CloseDialog() = 0;
94 
95  private:
96   // Starts observing notifications from other LoginHandlers.
97   void AddObservers();
98 
99   // Stops observing notifications from other LoginHandlers.
100   void RemoveObservers();
101 
102   // Notify observers that authentication is supplied.
103   void NotifyAuthSupplied(const base::string16& username,
104                           const base::string16& password);
105 
106   // Notify observers that authentication is cancelled.
107   void NotifyAuthCancelled();
108 
109   // Marks authentication as handled and returns the previous handled
110   // state.
111   bool TestAndSetAuthHandled();
112 
113   // Calls SetAuth from the IO loop.
114   void SetAuthDeferred(const base::string16& username,
115                        const base::string16& password);
116 
117   // Calls CancelAuth from the IO loop.
118   void CancelAuthDeferred();
119 
120   // Closes the view_contents from the UI loop.
121   void CloseContentsDeferred();
122 
123   // True if we've handled auth (SetAuth or CancelAuth has been called).
124   bool handled_auth_;
125   mutable base::Lock handled_auth_lock_;
126 
127   // Who/where/what asked for the authentication.
128   scoped_refptr<net::AuthChallengeInfo> auth_info_;
129 
130   // The request that wants login data.
131   // This should only be accessed on the IO loop.
132   net::URLRequest* request_;
133 
134   // The HttpNetworkSession |request_| is associated with.
135   const net::HttpNetworkSession* http_network_session_;
136 
137   // The PasswordForm sent to the PasswordManager. This is so we can refer to it
138   // when later notifying the password manager if the credentials were accepted
139   // or rejected.
140   // This should only be accessed on the UI loop.
141   autofill::PasswordForm password_form_;
142 
143   // Points to the password manager owned by the WebContents requesting auth.
144   // This should only be accessed on the UI loop.
145   password_manager::PasswordManager* password_manager_;
146 
147   // Cached from the net::URLRequest, in case it goes NULL on us.
148   int render_process_host_id_;
149   int render_frame_id_;
150 
151   // If not null, points to a model we need to notify of our own destruction
152   // so it doesn't try and access this when its too late.
153   password_manager::LoginModel* login_model_;
154 
155   // Observes other login handlers so this login handler can respond.
156   // This is only accessed on the UI thread.
157   scoped_ptr<content::NotificationRegistrar> registrar_;
158 };
159 
160 // Details to provide the content::NotificationObserver.  Used by the automation
161 // proxy for testing.
162 class LoginNotificationDetails {
163  public:
LoginNotificationDetails(LoginHandler * handler)164   explicit LoginNotificationDetails(LoginHandler* handler)
165       : handler_(handler) {}
handler()166   LoginHandler* handler() const { return handler_; }
167 
168  private:
LoginNotificationDetails()169   LoginNotificationDetails() {}
170 
171   LoginHandler* handler_;  // Where to send the response.
172 
173   DISALLOW_COPY_AND_ASSIGN(LoginNotificationDetails);
174 };
175 
176 // Details to provide the NotificationObserver.  Used by the automation proxy
177 // for testing and by other LoginHandlers to dismiss themselves when an
178 // identical auth is supplied.
179 class AuthSuppliedLoginNotificationDetails : public LoginNotificationDetails {
180  public:
AuthSuppliedLoginNotificationDetails(LoginHandler * handler,const base::string16 & username,const base::string16 & password)181   AuthSuppliedLoginNotificationDetails(LoginHandler* handler,
182                                        const base::string16& username,
183                                        const base::string16& password)
184       : LoginNotificationDetails(handler),
185         username_(username),
186         password_(password) {}
username()187   const base::string16& username() const { return username_; }
password()188   const base::string16& password() const { return password_; }
189 
190  private:
191   // The username that was used for the authentication.
192   const base::string16 username_;
193 
194   // The password that was used for the authentication.
195   const base::string16 password_;
196 
197   DISALLOW_COPY_AND_ASSIGN(AuthSuppliedLoginNotificationDetails);
198 };
199 
200 // Prompts the user for their username and password.  This is designed to
201 // be called on the background (I/O) thread, in response to
202 // net::URLRequest::Delegate::OnAuthRequired.  The prompt will be created
203 // on the main UI thread via a call to UI loop's InvokeLater, and will send the
204 // credentials back to the net::URLRequest on the calling thread.
205 // A LoginHandler object (which lives on the calling thread) is returned,
206 // which can be used to set or cancel authentication programmatically.  The
207 // caller must invoke OnRequestCancelled() on this LoginHandler before
208 // destroying the net::URLRequest.
209 LoginHandler* CreateLoginPrompt(net::AuthChallengeInfo* auth_info,
210                                 net::URLRequest* request);
211 
212 // Helper to remove the ref from an net::URLRequest to the LoginHandler.
213 // Should only be called from the IO thread, since it accesses an
214 // net::URLRequest.
215 void ResetLoginHandlerForRequest(net::URLRequest* request);
216 
217 // Get the signon_realm under which the identity should be saved.
218 std::string GetSignonRealm(const GURL& url,
219                            const net::AuthChallengeInfo& auth_info);
220 
221 #endif  // CHROME_BROWSER_UI_LOGIN_LOGIN_PROMPT_H_
222