1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_HTTP_PROXY_CLIENT_SOCKET_H_
6#define NET_HTTP_PROXY_CLIENT_SOCKET_H_
7
8#include <string>
9
10#include "net/socket/ssl_client_socket.h"
11#include "net/socket/stream_socket.h"
12
13class GURL;
14
15namespace net {
16
17class HostPortPair;
18class HttpAuthController;
19class HttpStream;
20class HttpResponseInfo;
21class HttpRequestHeaders;
22struct HttpRequestInfo;
23class HttpAuthController;
24
25class NET_EXPORT_PRIVATE ProxyClientSocket : public StreamSocket {
26 public:
27  ProxyClientSocket() {}
28  virtual ~ProxyClientSocket() {}
29
30  // Returns the HttpResponseInfo (including HTTP Headers) from
31  // the response to the CONNECT request.
32  virtual const HttpResponseInfo* GetConnectResponseInfo() const = 0;
33
34  // Transfers ownership of a newly created HttpStream to the caller
35  // which can be used to read the response body.
36  virtual HttpStream* CreateConnectResponseStream() = 0;
37
38  // Returns the HttpAuthController which can be used
39  // to interact with an HTTP Proxy Authorization Required (407) request.
40  virtual const scoped_refptr<HttpAuthController>& GetAuthController() const
41      = 0;
42
43  // If Connect (or its callback) returns PROXY_AUTH_REQUESTED, then
44  // credentials should be added to the HttpAuthController before calling
45  // RestartWithAuth.  Not all ProxyClientSocket implementations will be
46  // restartable.  Such implementations should disconnect themselves and
47  // return OK.
48  virtual int RestartWithAuth(const CompletionCallback& callback) = 0;
49
50  // Returns true of the connection to the proxy is using SPDY.
51  virtual bool IsUsingSpdy() const = 0;
52
53  // Returns the protocol negotiated with the proxy.
54  virtual NextProto GetProtocolNegotiated() const = 0;
55
56 protected:
57  // The HTTP CONNECT method for establishing a tunnel connection is documented
58  // in draft-luotonen-web-proxy-tunneling-01.txt and RFC 2817, Sections 5.2
59  // and 5.3.
60  static void BuildTunnelRequest(const HttpRequestInfo& request_info,
61                                 const HttpRequestHeaders& auth_headers,
62                                 const HostPortPair& endpoint,
63                                 std::string* request_line,
64                                 HttpRequestHeaders* request_headers);
65
66  // When an auth challenge (407 response) is received during tunnel
67  // construction/ this method should be called.
68  static int HandleProxyAuthChallenge(HttpAuthController* auth,
69                                      HttpResponseInfo* response,
70                                      const BoundNetLog& net_log);
71
72  // Logs (to the log and in a histogram) a blocked CONNECT response.
73  static void LogBlockedTunnelResponse(int http_response_code,
74                                       const GURL& url,
75                                       bool is_https_proxy);
76
77  // When a redirect (e.g. 302 response) is received during tunnel
78  // construction, this method should be called to strip everything
79  // but the Location header from the redirect response.  If it returns
80  // false, the response should be discarded and tunnel construction should
81  // fail.  |url| is for logging purposes.
82  static bool SanitizeProxyRedirect(HttpResponseInfo* response,
83                                    const GURL& url);
84
85 private:
86  DISALLOW_COPY_AND_ASSIGN(ProxyClientSocket);
87};
88
89}  // namespace net
90
91#endif  // NET_HTTP_PROXY_CLIENT_SOCKET_H_
92