1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_UI_LOGIN_LOGIN_PROMPT_H_ 6#define CHROME_BROWSER_UI_LOGIN_LOGIN_PROMPT_H_ 7 8#include <string> 9 10#include "base/basictypes.h" 11#include "base/synchronization/lock.h" 12#include "components/password_manager/core/browser/password_manager.h" 13#include "content/public/browser/notification_observer.h" 14#include "content/public/browser/resource_dispatcher_host_login_delegate.h" 15 16class GURL; 17 18namespace content { 19class RenderViewHostDelegate; 20class NotificationRegistrar; 21} // namespace content 22 23namespace net { 24class AuthChallengeInfo; 25class HttpNetworkSession; 26class URLRequest; 27} // namespace net 28 29// This is the base implementation for the OS-specific classes that route 30// authentication info to the net::URLRequest that needs it. These functions 31// must be implemented in a thread safe manner. 32class LoginHandler : public content::ResourceDispatcherHostLoginDelegate, 33 public password_manager::LoginModelObserver, 34 public content::NotificationObserver { 35 public: 36 LoginHandler(net::AuthChallengeInfo* auth_info, net::URLRequest* request); 37 38 // Builds the platform specific LoginHandler. Used from within 39 // CreateLoginPrompt() which creates tasks. 40 static LoginHandler* Create(net::AuthChallengeInfo* auth_info, 41 net::URLRequest* request); 42 43 // ResourceDispatcherHostLoginDelegate implementation: 44 virtual void OnRequestCancelled() OVERRIDE; 45 46 // Initializes the underlying platform specific view. 47 virtual void BuildViewForPasswordManager( 48 password_manager::PasswordManager* manager, 49 const base::string16& explanation) = 0; 50 51 // Sets information about the authentication type (|form|) and the 52 // |password_manager| for this profile. 53 void SetPasswordForm(const autofill::PasswordForm& form); 54 void SetPasswordManager(password_manager::PasswordManager* password_manager); 55 56 // Returns the WebContents that needs authentication. 57 content::WebContents* GetWebContentsForLogin() const; 58 59 // Resend the request with authentication credentials. 60 // This function can be called from either thread. 61 void SetAuth(const base::string16& username, const base::string16& password); 62 63 // Display the error page without asking for credentials again. 64 // This function can be called from either thread. 65 void CancelAuth(); 66 67 // Implements the content::NotificationObserver interface. 68 // Listens for AUTH_SUPPLIED and AUTH_CANCELLED notifications from other 69 // LoginHandlers so that this LoginHandler has the chance to dismiss itself 70 // if it was waiting for the same authentication. 71 virtual void Observe(int type, 72 const content::NotificationSource& source, 73 const content::NotificationDetails& details) OVERRIDE; 74 75 // Who/where/what asked for the authentication. 76 const net::AuthChallengeInfo* auth_info() const { return auth_info_.get(); } 77 78 // Returns whether authentication had been handled (SetAuth or CancelAuth). 79 bool WasAuthHandled() const; 80 81 protected: 82 virtual ~LoginHandler(); 83 84 void SetModel(password_manager::LoginModel* model); 85 86 // Notify observers that authentication is needed. 87 void NotifyAuthNeeded(); 88 89 // Performs necessary cleanup before deletion. 90 void ReleaseSoon(); 91 92 // Closes the native dialog. 93 virtual void CloseDialog() = 0; 94 95 private: 96 // Starts observing notifications from other LoginHandlers. 97 void AddObservers(); 98 99 // Stops observing notifications from other LoginHandlers. 100 void RemoveObservers(); 101 102 // Notify observers that authentication is supplied. 103 void NotifyAuthSupplied(const base::string16& username, 104 const base::string16& password); 105 106 // Notify observers that authentication is cancelled. 107 void NotifyAuthCancelled(); 108 109 // Marks authentication as handled and returns the previous handled 110 // state. 111 bool TestAndSetAuthHandled(); 112 113 // Calls SetAuth from the IO loop. 114 void SetAuthDeferred(const base::string16& username, 115 const base::string16& password); 116 117 // Calls CancelAuth from the IO loop. 118 void CancelAuthDeferred(); 119 120 // Closes the view_contents from the UI loop. 121 void CloseContentsDeferred(); 122 123 // True if we've handled auth (SetAuth or CancelAuth has been called). 124 bool handled_auth_; 125 mutable base::Lock handled_auth_lock_; 126 127 // Who/where/what asked for the authentication. 128 scoped_refptr<net::AuthChallengeInfo> auth_info_; 129 130 // The request that wants login data. 131 // This should only be accessed on the IO loop. 132 net::URLRequest* request_; 133 134 // The HttpNetworkSession |request_| is associated with. 135 const net::HttpNetworkSession* http_network_session_; 136 137 // The PasswordForm sent to the PasswordManager. This is so we can refer to it 138 // when later notifying the password manager if the credentials were accepted 139 // or rejected. 140 // This should only be accessed on the UI loop. 141 autofill::PasswordForm password_form_; 142 143 // Points to the password manager owned by the WebContents requesting auth. 144 // This should only be accessed on the UI loop. 145 password_manager::PasswordManager* password_manager_; 146 147 // Cached from the net::URLRequest, in case it goes NULL on us. 148 int render_process_host_id_; 149 int render_frame_id_; 150 151 // If not null, points to a model we need to notify of our own destruction 152 // so it doesn't try and access this when its too late. 153 password_manager::LoginModel* login_model_; 154 155 // Observes other login handlers so this login handler can respond. 156 // This is only accessed on the UI thread. 157 scoped_ptr<content::NotificationRegistrar> registrar_; 158}; 159 160// Details to provide the content::NotificationObserver. Used by the automation 161// proxy for testing. 162class LoginNotificationDetails { 163 public: 164 explicit LoginNotificationDetails(LoginHandler* handler) 165 : handler_(handler) {} 166 LoginHandler* handler() const { return handler_; } 167 168 private: 169 LoginNotificationDetails() {} 170 171 LoginHandler* handler_; // Where to send the response. 172 173 DISALLOW_COPY_AND_ASSIGN(LoginNotificationDetails); 174}; 175 176// Details to provide the NotificationObserver. Used by the automation proxy 177// for testing and by other LoginHandlers to dismiss themselves when an 178// identical auth is supplied. 179class AuthSuppliedLoginNotificationDetails : public LoginNotificationDetails { 180 public: 181 AuthSuppliedLoginNotificationDetails(LoginHandler* handler, 182 const base::string16& username, 183 const base::string16& password) 184 : LoginNotificationDetails(handler), 185 username_(username), 186 password_(password) {} 187 const base::string16& username() const { return username_; } 188 const base::string16& password() const { return password_; } 189 190 private: 191 // The username that was used for the authentication. 192 const base::string16 username_; 193 194 // The password that was used for the authentication. 195 const base::string16 password_; 196 197 DISALLOW_COPY_AND_ASSIGN(AuthSuppliedLoginNotificationDetails); 198}; 199 200// Prompts the user for their username and password. This is designed to 201// be called on the background (I/O) thread, in response to 202// net::URLRequest::Delegate::OnAuthRequired. The prompt will be created 203// on the main UI thread via a call to UI loop's InvokeLater, and will send the 204// credentials back to the net::URLRequest on the calling thread. 205// A LoginHandler object (which lives on the calling thread) is returned, 206// which can be used to set or cancel authentication programmatically. The 207// caller must invoke OnRequestCancelled() on this LoginHandler before 208// destroying the net::URLRequest. 209LoginHandler* CreateLoginPrompt(net::AuthChallengeInfo* auth_info, 210 net::URLRequest* request); 211 212// Helper to remove the ref from an net::URLRequest to the LoginHandler. 213// Should only be called from the IO thread, since it accesses an 214// net::URLRequest. 215void ResetLoginHandlerForRequest(net::URLRequest* request); 216 217// Get the signon_realm under which the identity should be saved. 218std::string GetSignonRealm(const GURL& url, 219 const net::AuthChallengeInfo& auth_info); 220 221#endif // CHROME_BROWSER_UI_LOGIN_LOGIN_PROMPT_H_ 222