net/http/url_security_manager.h - mojo-tools - Git at Google

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_
 #define NET_HTTP_URL_SECURITY_MANAGER_H_

 #include "base/basictypes.h"
 #include "base/memory/scoped_ptr.h"
 #include "net/base/net_export.h"

 class GURL;

 namespace net {

 class HttpAuthFilter;

 // The URL security manager controls the policies (allow, deny, prompt user)
 // regarding URL actions (e.g., sending the default credentials to a server).
 class NET_EXPORT URLSecurityManager {
  public:
   URLSecurityManager() {}
   virtual ~URLSecurityManager() {}

   // Creates a platform-dependent instance of URLSecurityManager.
   //
   // |whitelist_default| is the whitelist of servers that default credentials
   // can be used with during NTLM or Negotiate authentication. If
   // |whitelist_default| is NULL and the platform is Windows, it indicates
   // that security zone mapping should be used to determine whether default
   // credentials sxhould be used. If |whitelist_default| is NULL and the
   // platform is non-Windows, it indicates that no servers should be
   // whitelisted.
   //
   // |whitelist_delegate| is the whitelist of servers that are allowed
   // to have Delegated Kerberos tickets. If |whitelist_delegate| is NULL,
   // no servers can have delegated Kerberos tickets.
   //
   // Both |whitelist_default| and |whitelist_delegate| will be owned by
   // the created URLSecurityManager.
   //
   // TODO(cbentzel): Perhaps it's better to make a non-abstract HttpAuthFilter
   //                 and just copy into the URLSecurityManager?
   static URLSecurityManager* Create(const HttpAuthFilter* whitelist_default,
                                     const HttpAuthFilter* whitelist_delegate);

   // Returns true if we can send the default credentials to the server at
   // |auth_origin| for HTTP NTLM or Negotiate authentication.
   virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0;

   // Returns true if Kerberos delegation is allowed for the server at
   // |auth_origin| for HTTP Negotiate authentication.
   virtual bool CanDelegate(const GURL& auth_origin) const = 0;

  private:
   DISALLOW_COPY_AND_ASSIGN(URLSecurityManager);
 };

 class URLSecurityManagerWhitelist : public URLSecurityManager {
  public:
   // The URLSecurityManagerWhitelist takes ownership of the whitelists.
   URLSecurityManagerWhitelist(const HttpAuthFilter* whitelist_default,
                               const HttpAuthFilter* whitelist_delegation);
   ~URLSecurityManagerWhitelist() override;

   // URLSecurityManager methods.
   bool CanUseDefaultCredentials(const GURL& auth_origin) const override;
   bool CanDelegate(const GURL& auth_origin) const override;

  private:
   scoped_ptr<const HttpAuthFilter> whitelist_default_;
   scoped_ptr<const HttpAuthFilter> whitelist_delegate_;

   DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist);
 };

 }  // namespace net

 #endif  // NET_HTTP_URL_SECURITY_MANAGER_H_
	// Copyright (c) 2011 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef NET_HTTP_URL_SECURITY_MANAGER_H_
	#define NET_HTTP_URL_SECURITY_MANAGER_H_

	#include "base/basictypes.h"
	#include "base/memory/scoped_ptr.h"
	#include "net/base/net_export.h"

	class GURL;

	namespace net {

	class HttpAuthFilter;

	// The URL security manager controls the policies (allow, deny, prompt user)
	// regarding URL actions (e.g., sending the default credentials to a server).
	class NET_EXPORT URLSecurityManager {
	public:
	URLSecurityManager() {}
	virtual ~URLSecurityManager() {}

	// Creates a platform-dependent instance of URLSecurityManager.
	//
	// \|whitelist_default\| is the whitelist of servers that default credentials
	// can be used with during NTLM or Negotiate authentication. If
	// \|whitelist_default\| is NULL and the platform is Windows, it indicates
	// that security zone mapping should be used to determine whether default
	// credentials sxhould be used. If \|whitelist_default\| is NULL and the
	// platform is non-Windows, it indicates that no servers should be
	// whitelisted.
	//
	// \|whitelist_delegate\| is the whitelist of servers that are allowed
	// to have Delegated Kerberos tickets. If \|whitelist_delegate\| is NULL,
	// no servers can have delegated Kerberos tickets.
	//
	// Both \|whitelist_default\| and \|whitelist_delegate\| will be owned by
	// the created URLSecurityManager.
	//
	// TODO(cbentzel): Perhaps it's better to make a non-abstract HttpAuthFilter
	// and just copy into the URLSecurityManager?
	static URLSecurityManager* Create(const HttpAuthFilter* whitelist_default,
	const HttpAuthFilter* whitelist_delegate);

	// Returns true if we can send the default credentials to the server at
	// \|auth_origin\| for HTTP NTLM or Negotiate authentication.
	virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0;

	// Returns true if Kerberos delegation is allowed for the server at
	// \|auth_origin\| for HTTP Negotiate authentication.
	virtual bool CanDelegate(const GURL& auth_origin) const = 0;

	private:
	DISALLOW_COPY_AND_ASSIGN(URLSecurityManager);
	};

	class URLSecurityManagerWhitelist : public URLSecurityManager {
	public:
	// The URLSecurityManagerWhitelist takes ownership of the whitelists.
	URLSecurityManagerWhitelist(const HttpAuthFilter* whitelist_default,
	const HttpAuthFilter* whitelist_delegation);
	~URLSecurityManagerWhitelist() override;

	// URLSecurityManager methods.
	bool CanUseDefaultCredentials(const GURL& auth_origin) const override;
	bool CanDelegate(const GURL& auth_origin) const override;

	private:
	scoped_ptr<const HttpAuthFilter> whitelist_default_;
	scoped_ptr<const HttpAuthFilter> whitelist_delegate_;

	DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist);
	};

	} // namespace net

	#endif // NET_HTTP_URL_SECURITY_MANAGER_H_