18e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project/* 2231d4e3152a9c27a73b6ac7badbe6be673aa3ddfSteve Block * Copyright (C) 2005 Apple Computer, Inc. All rights reserved. 3643ca7872b450ea4efacab6188849e5aac2ba161Steve Block * 48e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * Redistribution and use in source and binary forms, with or without 58e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * modification, are permitted provided that the following conditions 68e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * are met: 78e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 88e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 1. Redistributions of source code must retain the above copyright 98e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * notice, this list of conditions and the following disclaimer. 108e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 118e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * notice, this list of conditions and the following disclaimer in the 128e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * documentation and/or other materials provided with the distribution. 138e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of 148e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * its contributors may be used to endorse or promote products derived 158e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * from this software without specific prior written permission. 168e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 178e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY 188e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 198e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 208e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY 218e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 228e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 238e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 248e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 258e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 268e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 276c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen */ 28545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch 296c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <WebKit/WebAuthenticationPanel.h> 306c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen 316c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import "WebLocalizableStringsInternal.h" 32545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch#import <Foundation/NSURLAuthenticationChallenge.h> 336c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <Foundation/NSURLProtectionSpace.h> 34545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch#import <Foundation/NSURLCredential.h> 356c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <WebKit/WebKitNSStringExtras.h> 366c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <WebKit/WebNSURLExtras.h> 37e8b154fd68f9b33be40a3590e58347f353835f5cSteve Block#import <wtf/Assertions.h> 386c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen 39545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch#import <WebKit/WebNSControlExtras.h> 406c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen 416c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#define WebAuthenticationPanelNibName @"WebAuthenticationPanel" 42545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch 436c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen@implementation WebAuthenticationPanel 44545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch 458e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project-(id)initWithCallback:(id)cb selector:(SEL)sel 466c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen{ 47545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch self = [self init]; 486c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen if (self != nil) { 496c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen callback = [cb retain]; 506c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen selector = sel; 516c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen } 522fc2651226baac27029e38c9d6ef883fa32084dbSteve Block return self; 534576aa36e9a9671459299c7963ac95aa94beaea9Shimeng (Simon) Wang} 542fc2651226baac27029e38c9d6ef883fa32084dbSteve Block 554576aa36e9a9671459299c7963ac95aa94beaea9Shimeng (Simon) Wang 564576aa36e9a9671459299c7963ac95aa94beaea9Shimeng (Simon) Wang- (void)dealloc 572fc2651226baac27029e38c9d6ef883fa32084dbSteve Block{ 586c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen [panel release]; 592fc2651226baac27029e38c9d6ef883fa32084dbSteve Block 606c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen [callback release]; 616c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen 626c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen [super dealloc]; 63} 64 65// IB actions 66 67- (IBAction)cancel:(id)sender 68{ 69 // This is required because the body of this method is going to 70 // remove all of the panel's remaining refs, which can cause a 71 // crash later when finishing button hit tracking. So we make 72 // sure it lives on a bit longer. 73 [[panel retain] autorelease]; 74 75 // This is required as a workaround for AppKit issue 4118422 76 [[self retain] autorelease]; 77 78 [panel close]; 79 if (usingSheet) { 80 [[NSApplication sharedApplication] endSheet:panel returnCode:1]; 81 } else { 82 [[NSApplication sharedApplication] stopModalWithCode:1]; 83 } 84} 85 86- (IBAction)logIn:(id)sender 87{ 88 // This is required because the body of this method is going to 89 // remove all of the panel's remaining refs, which can cause a 90 // crash later when finishing button hit tracking. So we make 91 // sure it lives on a bit longer. 92 [[panel retain] autorelease]; 93 94 [panel close]; 95 if (usingSheet) { 96 [[NSApplication sharedApplication] endSheet:panel returnCode:0]; 97 } else { 98 [[NSApplication sharedApplication] stopModalWithCode:0]; 99 } 100} 101 102- (BOOL)loadNib 103{ 104 if (!nibLoaded) { 105 if ([NSBundle loadNibNamed:WebAuthenticationPanelNibName owner:self]) { 106 nibLoaded = YES; 107 [imageView setImage:[NSImage imageNamed:@"NSApplicationIcon"]]; 108 } else { 109 LOG_ERROR("couldn't load nib named '%@'", WebAuthenticationPanelNibName); 110 return FALSE; 111 } 112 } 113 return TRUE; 114} 115 116// Methods related to displaying the panel 117 118-(void)setUpForChallenge:(NSURLAuthenticationChallenge *)chall 119{ 120 [self loadNib]; 121 122 NSURLProtectionSpace *space = [chall protectionSpace]; 123 124 NSString *host; 125 if ([space port] == 0) { 126 host = [[space host] _web_decodeHostName]; 127 } else { 128 host = [NSString stringWithFormat:@"%@:%u", [[space host] _web_decodeHostName], [space port]]; 129 } 130 131 NSString *realm = [space realm]; 132 if (!realm) 133 realm = @""; 134 NSString *message; 135 136 // Consider the realm name to be "simple" if it does not contain any whitespace or newline characters. 137 // If the realm name is determined to be complex, we will use a slightly different sheet layout, designed 138 // to keep a malicious realm name from spoofing the wording in the sheet text. 139 BOOL realmNameIsSimple = [realm rangeOfCharacterFromSet:[NSCharacterSet whitespaceAndNewlineCharacterSet]].location == NSNotFound; 140 141 if ([chall previousFailureCount] == 0) { 142 if ([space isProxy]) { 143 message = [NSString stringWithFormat:UI_STRING_INTERNAL("To view this page, you must log in to the %@ proxy server %@.", 144 "prompt string in authentication panel"), 145 [space proxyType], host]; 146 } else { 147 if (realmNameIsSimple) 148 message = [NSString stringWithFormat:UI_STRING_INTERNAL("To view this page, you must log in to area “%@” on %@.", 149 "prompt string in authentication panel"), realm, host]; 150 else 151 message = [NSString stringWithFormat:UI_STRING_INTERNAL("To view this page, you must log in to this area on %@:", 152 "prompt string in authentication panel"), host]; 153 } 154 } else { 155 if ([space isProxy]) { 156 message = [NSString stringWithFormat:UI_STRING_INTERNAL("The user name or password you entered for the %@ proxy server %@ was incorrect. Make sure you’re entering them correctly, and then try again.", 157 "prompt string in authentication panel"), 158 [space proxyType], host]; 159 } else { 160 if (realmNameIsSimple) 161 message = [NSString stringWithFormat:UI_STRING_INTERNAL("The user name or password you entered for area “%@” on %@ was incorrect. Make sure you’re entering them correctly, and then try again.", 162 "prompt string in authentication panel"), realm, host]; 163 else 164 message = [NSString stringWithFormat:UI_STRING_INTERNAL("The user name or password you entered for this area on %@ was incorrect. Make sure you’re entering them correctly, and then try again.", 165 "prompt string in authentication panel"), host]; 166 } 167 } 168 169 if (![space isProxy] && !realmNameIsSimple) { 170 [separateRealmLabel setHidden:NO]; 171 [separateRealmLabel setStringValue:realm]; 172 [separateRealmLabel setAutoresizingMask:NSViewMinYMargin]; 173 [separateRealmLabel sizeToFitAndAdjustWindowHeight]; 174 [separateRealmLabel setAutoresizingMask:NSViewMaxYMargin]; 175 } else { 176 // In the proxy or "simple" realm name case, we need to hide the 'separateRealmLabel' 177 // and move the rest of the contents up appropriately to fill the space. 178 NSRect mainLabelFrame = [mainLabel frame]; 179 NSRect realmFrame = [separateRealmLabel frame]; 180 NSRect smallLabelFrame = [smallLabel frame]; 181 182 // Find the distance between the 'smallLabel' and the label above it, initially the 'separateRealmLabel'. 183 // Then, find the current distance between 'smallLabel' and 'mainLabel'. The difference between 184 // these two is how much shorter the panel needs to be after hiding the 'separateRealmLabel'. 185 CGFloat smallLabelMargin = NSMinY(realmFrame) - NSMaxY(smallLabelFrame); 186 CGFloat smallLabelToMainLabel = NSMinY(mainLabelFrame) - NSMaxY(smallLabelFrame); 187 CGFloat deltaMargin = smallLabelToMainLabel - smallLabelMargin; 188 189 [separateRealmLabel setHidden:YES]; 190 NSRect windowFrame = [panel frame]; 191 windowFrame.size.height -= deltaMargin; 192 [panel setFrame:windowFrame display:NO]; 193 } 194 195 [mainLabel setStringValue:message]; 196 [mainLabel sizeToFitAndAdjustWindowHeight]; 197 198 if ([space receivesCredentialSecurely] || [[space protocol] _webkit_isCaseInsensitiveEqualToString:@"https"]) { 199 [smallLabel setStringValue: 200 UI_STRING_INTERNAL("Your login information will be sent securely.", 201 "message in authentication panel")]; 202 } else { 203 // Use this scary-sounding phrase only when using basic auth with non-https servers. In this case the password 204 // could be sniffed by intercepting the network traffic. 205 [smallLabel setStringValue: 206 UI_STRING_INTERNAL("Your password will be sent unencrypted.", 207 "message in authentication panel")]; 208 } 209 210 if ([[chall proposedCredential] user] != nil) { 211 [username setStringValue:[[chall proposedCredential] user]]; 212 [panel setInitialFirstResponder:password]; 213 } else { 214 [username setStringValue:@""]; 215 [password setStringValue:@""]; 216 [panel setInitialFirstResponder:username]; 217 } 218} 219 220- (void)runAsModalDialogWithChallenge:(NSURLAuthenticationChallenge *)chall 221{ 222 [self setUpForChallenge:chall]; 223 224 usingSheet = FALSE; 225 [chall retain]; 226 NSURLCredential *credential = nil; 227 228 if ([[NSApplication sharedApplication] runModalForWindow:panel] == 0) { 229 credential = [[NSURLCredential alloc] initWithUser:[username stringValue] password:[password stringValue] persistence:([remember state] == NSOnState) ? NSURLCredentialPersistencePermanent : NSURLCredentialPersistenceForSession]; 230 } 231 232 [callback performSelector:selector withObject:chall withObject:credential]; 233 [credential release]; 234 [chall release]; 235} 236 237- (void)runAsSheetOnWindow:(NSWindow *)window withChallenge:(NSURLAuthenticationChallenge *)chall 238{ 239 ASSERT(!usingSheet); 240 241 [self setUpForChallenge:chall]; 242 243 usingSheet = TRUE; 244 challenge = [chall retain]; 245 246 [[NSApplication sharedApplication] beginSheet:panel modalForWindow:window modalDelegate:self didEndSelector:@selector(sheetDidEnd:returnCode:contextInfo:) contextInfo:NULL]; 247} 248 249- (void)sheetDidEnd:(NSWindow *)sheet returnCode:(int)returnCode contextInfo:(void *)contextInfo 250{ 251 NSURLCredential *credential = nil; 252 NSURLAuthenticationChallenge *chall; 253 254 ASSERT(usingSheet); 255 ASSERT(challenge != nil); 256 257 if (returnCode == 0) { 258 credential = [[NSURLCredential alloc] initWithUser:[username stringValue] password:[password stringValue] persistence:([remember state] == NSOnState) ? NSURLCredentialPersistencePermanent : NSURLCredentialPersistenceForSession]; 259 } 260 261 // We take this tricky approach to nilling out and releasing the challenge 262 // because the callback below might remove our last ref. 263 chall = challenge; 264 challenge = nil; 265 [callback performSelector:selector withObject:chall withObject:credential]; 266 [credential release]; 267 [chall release]; 268} 269 270@end 271 272@implementation NonBlockingPanel 273 274- (BOOL)_blocksActionWhenModal:(SEL)theAction 275{ 276 // This override of a private AppKit method allows the user to quit when a login dialog 277 // is onscreen, which is nice in general but in particular prevents pathological cases 278 // like 3744583 from requiring a Force Quit. 279 // 280 // It would be nice to allow closing the individual window as well as quitting the app when 281 // a login sheet is up, but this _blocksActionWhenModal: mechanism doesn't support that. 282 // This override matches those in NSOpenPanel and NSToolbarConfigPanel. 283 if (theAction == @selector(terminate:)) { 284 return NO; 285 } 286 return YES; 287} 288 289@end 290