18e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project/*
2231d4e3152a9c27a73b6ac7badbe6be673aa3ddfSteve Block * Copyright (C) 2005 Apple Computer, Inc.  All rights reserved.
3643ca7872b450ea4efacab6188849e5aac2ba161Steve Block *
48e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * Redistribution and use in source and binary forms, with or without
58e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * modification, are permitted provided that the following conditions
68e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * are met:
78e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *
88e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 1.  Redistributions of source code must retain the above copyright
98e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *     notice, this list of conditions and the following disclaimer.
108e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 2.  Redistributions in binary form must reproduce the above copyright
118e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *     notice, this list of conditions and the following disclaimer in the
128e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *     documentation and/or other materials provided with the distribution.
138e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * 3.  Neither the name of Apple Computer, Inc. ("Apple") nor the names of
148e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *     its contributors may be used to endorse or promote products derived
158e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *     from this software without specific prior written permission.
168e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *
178e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
188e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
198e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
208e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
218e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
228e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
238e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
248e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
258e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
268e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
276c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen */
28545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch
296c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <WebKit/WebAuthenticationPanel.h>
306c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen
316c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import "WebLocalizableStringsInternal.h"
32545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch#import <Foundation/NSURLAuthenticationChallenge.h>
336c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <Foundation/NSURLProtectionSpace.h>
34545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch#import <Foundation/NSURLCredential.h>
356c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <WebKit/WebKitNSStringExtras.h>
366c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#import <WebKit/WebNSURLExtras.h>
37e8b154fd68f9b33be40a3590e58347f353835f5cSteve Block#import <wtf/Assertions.h>
386c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen
39545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch#import <WebKit/WebNSControlExtras.h>
406c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen
416c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen#define WebAuthenticationPanelNibName @"WebAuthenticationPanel"
42545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch
436c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen@implementation WebAuthenticationPanel
44545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch
458e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project-(id)initWithCallback:(id)cb selector:(SEL)sel
466c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen{
47545e470e52f0ac6a3a072bf559c796b42c6066b6Ben Murdoch    self = [self init];
486c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen    if (self != nil) {
496c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen        callback = [cb retain];
506c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen        selector = sel;
516c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen    }
522fc2651226baac27029e38c9d6ef883fa32084dbSteve Block    return self;
534576aa36e9a9671459299c7963ac95aa94beaea9Shimeng (Simon) Wang}
542fc2651226baac27029e38c9d6ef883fa32084dbSteve Block
554576aa36e9a9671459299c7963ac95aa94beaea9Shimeng (Simon) Wang
564576aa36e9a9671459299c7963ac95aa94beaea9Shimeng (Simon) Wang- (void)dealloc
572fc2651226baac27029e38c9d6ef883fa32084dbSteve Block{
586c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen    [panel release];
592fc2651226baac27029e38c9d6ef883fa32084dbSteve Block
606c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen    [callback release];
616c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen
626c2af9490927c3c5959b5cb07461b646f8b32f6cKristian Monsen    [super dealloc];
63}
64
65// IB actions
66
67- (IBAction)cancel:(id)sender
68{
69    // This is required because the body of this method is going to
70    // remove all of the panel's remaining refs, which can cause a
71    // crash later when finishing button hit tracking.  So we make
72    // sure it lives on a bit longer.
73    [[panel retain] autorelease];
74
75    // This is required as a workaround for AppKit issue 4118422
76    [[self retain] autorelease];
77
78    [panel close];
79    if (usingSheet) {
80        [[NSApplication sharedApplication] endSheet:panel returnCode:1];
81    } else {
82        [[NSApplication sharedApplication] stopModalWithCode:1];
83    }
84}
85
86- (IBAction)logIn:(id)sender
87{
88    // This is required because the body of this method is going to
89    // remove all of the panel's remaining refs, which can cause a
90    // crash later when finishing button hit tracking.  So we make
91    // sure it lives on a bit longer.
92    [[panel retain] autorelease];
93
94    [panel close];
95    if (usingSheet) {
96        [[NSApplication sharedApplication] endSheet:panel returnCode:0];
97    } else {
98        [[NSApplication sharedApplication] stopModalWithCode:0];
99    }
100}
101
102- (BOOL)loadNib
103{
104    if (!nibLoaded) {
105        if ([NSBundle loadNibNamed:WebAuthenticationPanelNibName owner:self]) {
106            nibLoaded = YES;
107            [imageView setImage:[NSImage imageNamed:@"NSApplicationIcon"]];
108        } else {
109            LOG_ERROR("couldn't load nib named '%@'", WebAuthenticationPanelNibName);
110            return FALSE;
111        }
112    }
113    return TRUE;
114}
115
116// Methods related to displaying the panel
117
118-(void)setUpForChallenge:(NSURLAuthenticationChallenge *)chall
119{
120    [self loadNib];
121
122    NSURLProtectionSpace *space = [chall protectionSpace];
123
124    NSString *host;
125    if ([space port] == 0) {
126        host = [[space host] _web_decodeHostName];
127    } else {
128        host = [NSString stringWithFormat:@"%@:%u", [[space host] _web_decodeHostName], [space port]];
129    }
130
131    NSString *realm = [space realm];
132    if (!realm)
133        realm = @"";
134    NSString *message;
135
136    // Consider the realm name to be "simple" if it does not contain any whitespace or newline characters.
137    // If the realm name is determined to be complex, we will use a slightly different sheet layout, designed
138    // to keep a malicious realm name from spoofing the wording in the sheet text.
139    BOOL realmNameIsSimple = [realm rangeOfCharacterFromSet:[NSCharacterSet whitespaceAndNewlineCharacterSet]].location == NSNotFound;
140
141    if ([chall previousFailureCount] == 0) {
142        if ([space isProxy]) {
143            message = [NSString stringWithFormat:UI_STRING_INTERNAL("To view this page, you must log in to the %@ proxy server %@.",
144                                                           "prompt string in authentication panel"),
145                [space proxyType], host];
146        } else {
147            if (realmNameIsSimple)
148                message = [NSString stringWithFormat:UI_STRING_INTERNAL("To view this page, you must log in to area “%@” on %@.",
149                                                               "prompt string in authentication panel"), realm, host];
150            else
151                message = [NSString stringWithFormat:UI_STRING_INTERNAL("To view this page, you must log in to this area on %@:",
152                                                               "prompt string in authentication panel"), host];
153        }
154    } else {
155        if ([space isProxy]) {
156            message = [NSString stringWithFormat:UI_STRING_INTERNAL("The user name or password you entered for the %@ proxy server %@ was incorrect. Make sure you’re entering them correctly, and then try again.",
157                                                           "prompt string in authentication panel"),
158                [space proxyType], host];
159        } else {
160            if (realmNameIsSimple)
161                message = [NSString stringWithFormat:UI_STRING_INTERNAL("The user name or password you entered for area “%@” on %@ was incorrect. Make sure you’re entering them correctly, and then try again.",
162                                                               "prompt string in authentication panel"), realm, host];
163            else
164                message = [NSString stringWithFormat:UI_STRING_INTERNAL("The user name or password you entered for this area on %@ was incorrect. Make sure you’re entering them correctly, and then try again.",
165                                                               "prompt string in authentication panel"), host];
166        }
167    }
168
169    if (![space isProxy] && !realmNameIsSimple) {
170        [separateRealmLabel setHidden:NO];
171        [separateRealmLabel setStringValue:realm];
172        [separateRealmLabel setAutoresizingMask:NSViewMinYMargin];
173        [separateRealmLabel sizeToFitAndAdjustWindowHeight];
174        [separateRealmLabel setAutoresizingMask:NSViewMaxYMargin];
175    } else {
176        // In the proxy or "simple" realm name case, we need to hide the 'separateRealmLabel'
177        // and move the rest of the contents up appropriately to fill the space.
178        NSRect mainLabelFrame = [mainLabel frame];
179        NSRect realmFrame = [separateRealmLabel frame];
180        NSRect smallLabelFrame = [smallLabel frame];
181
182        // Find the distance between the 'smallLabel' and the label above it, initially the 'separateRealmLabel'.
183        // Then, find the current distance between 'smallLabel' and 'mainLabel'.  The difference between
184        // these two is how much shorter the panel needs to be after hiding the 'separateRealmLabel'.
185        CGFloat smallLabelMargin = NSMinY(realmFrame) - NSMaxY(smallLabelFrame);
186        CGFloat smallLabelToMainLabel = NSMinY(mainLabelFrame) - NSMaxY(smallLabelFrame);
187        CGFloat deltaMargin = smallLabelToMainLabel - smallLabelMargin;
188
189        [separateRealmLabel setHidden:YES];
190        NSRect windowFrame = [panel frame];
191        windowFrame.size.height -= deltaMargin;
192        [panel setFrame:windowFrame display:NO];
193    }
194
195    [mainLabel setStringValue:message];
196    [mainLabel sizeToFitAndAdjustWindowHeight];
197
198    if ([space receivesCredentialSecurely] || [[space protocol] _webkit_isCaseInsensitiveEqualToString:@"https"]) {
199        [smallLabel setStringValue:
200            UI_STRING_INTERNAL("Your login information will be sent securely.",
201                "message in authentication panel")];
202    } else {
203        // Use this scary-sounding phrase only when using basic auth with non-https servers. In this case the password
204        // could be sniffed by intercepting the network traffic.
205        [smallLabel setStringValue:
206            UI_STRING_INTERNAL("Your password will be sent unencrypted.",
207                "message in authentication panel")];
208    }
209
210    if ([[chall proposedCredential] user] != nil) {
211        [username setStringValue:[[chall proposedCredential] user]];
212        [panel setInitialFirstResponder:password];
213    } else {
214        [username setStringValue:@""];
215        [password setStringValue:@""];
216        [panel setInitialFirstResponder:username];
217    }
218}
219
220- (void)runAsModalDialogWithChallenge:(NSURLAuthenticationChallenge *)chall
221{
222    [self setUpForChallenge:chall];
223
224    usingSheet = FALSE;
225    [chall retain];
226    NSURLCredential *credential = nil;
227
228    if ([[NSApplication sharedApplication] runModalForWindow:panel] == 0) {
229        credential = [[NSURLCredential alloc] initWithUser:[username stringValue] password:[password stringValue] persistence:([remember state] == NSOnState) ? NSURLCredentialPersistencePermanent : NSURLCredentialPersistenceForSession];
230    }
231
232    [callback performSelector:selector withObject:chall withObject:credential];
233    [credential release];
234    [chall release];
235}
236
237- (void)runAsSheetOnWindow:(NSWindow *)window withChallenge:(NSURLAuthenticationChallenge *)chall
238{
239    ASSERT(!usingSheet);
240
241    [self setUpForChallenge:chall];
242
243    usingSheet = TRUE;
244    challenge = [chall retain];
245
246    [[NSApplication sharedApplication] beginSheet:panel modalForWindow:window modalDelegate:self didEndSelector:@selector(sheetDidEnd:returnCode:contextInfo:) contextInfo:NULL];
247}
248
249- (void)sheetDidEnd:(NSWindow *)sheet returnCode:(int)returnCode contextInfo:(void  *)contextInfo
250{
251    NSURLCredential *credential = nil;
252    NSURLAuthenticationChallenge *chall;
253
254    ASSERT(usingSheet);
255    ASSERT(challenge != nil);
256
257    if (returnCode == 0) {
258        credential = [[NSURLCredential alloc] initWithUser:[username stringValue] password:[password stringValue] persistence:([remember state] == NSOnState) ? NSURLCredentialPersistencePermanent : NSURLCredentialPersistenceForSession];
259    }
260
261    // We take this tricky approach to nilling out and releasing the challenge
262    // because the callback below might remove our last ref.
263    chall = challenge;
264    challenge = nil;
265    [callback performSelector:selector withObject:chall withObject:credential];
266    [credential release];
267    [chall release];
268}
269
270@end
271
272@implementation NonBlockingPanel
273
274- (BOOL)_blocksActionWhenModal:(SEL)theAction
275{
276    // This override of a private AppKit method allows the user to quit when a login dialog
277    // is onscreen, which is nice in general but in particular prevents pathological cases
278    // like 3744583 from requiring a Force Quit.
279    //
280    // It would be nice to allow closing the individual window as well as quitting the app when
281    // a login sheet is up, but this _blocksActionWhenModal: mechanism doesn't support that.
282    // This override matches those in NSOpenPanel and NSToolbarConfigPanel.
283    if (theAction == @selector(terminate:)) {
284        return NO;
285    }
286    return YES;
287}
288
289@end
290