1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_AUTH_REQUEST_HANDLER_H_ 6#define COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_AUTH_REQUEST_HANDLER_H_ 7 8#include "base/gtest_prod_util.h" 9#include "base/memory/ref_counted.h" 10#include "base/strings/string16.h" 11#include "base/time/time.h" 12#include "url/gurl.h" 13 14namespace base { 15class SingleThreadTaskRunner; 16} 17 18namespace net { 19class HostPortPair; 20class HttpRequestHeaders; 21class HttpResponseHeaders; 22class ProxyServer; 23class URLRequest; 24} 25 26namespace data_reduction_proxy { 27 28#if defined(OS_ANDROID) 29extern const char kAndroidWebViewProtocolVersion[]; 30#endif 31 32extern const char kClientAndroidWebview[]; 33extern const char kClientChromeAndroid[]; 34extern const char kClientChromeIOS[]; 35 36class DataReductionProxyParams; 37 38class DataReductionProxyAuthRequestHandler { 39 public: 40 static bool IsKeySetOnCommandLine(); 41 42 // Constructs a DataReductionProxyAuthRequestHandler object with the given 43 // client type, params, and network task runner. 44 DataReductionProxyAuthRequestHandler( 45 const std::string& client, 46 DataReductionProxyParams* params, 47 scoped_refptr<base::SingleThreadTaskRunner> network_task_runner); 48 49 virtual ~DataReductionProxyAuthRequestHandler(); 50 51 // Adds a 'Chrome-Proxy' header to |request_headers| with the data reduction 52 // proxy authentication credentials. Only adds this header if the provided 53 // |proxy_server| is a data reduction proxy and not the data reduction proxy's 54 // CONNECT server. Must be called on the IO thread. 55 void MaybeAddRequestHeader(net::URLRequest* request, 56 const net::ProxyServer& proxy_server, 57 net::HttpRequestHeaders* request_headers); 58 59 // Adds a 'Chrome-Proxy' header to |request_headers| with the data reduction 60 // proxy authentication credentials. Only adds this header if the provided 61 // |proxy_server| is the data reduction proxy's CONNECT server. Must be called 62 // on the IO thread. 63 void MaybeAddProxyTunnelRequestHandler( 64 const net::HostPortPair& proxy_server, 65 net::HttpRequestHeaders* request_headers); 66 67 // Stores the supplied key and sets up credentials suitable for authenticating 68 // with the data reduction proxy. 69 // This can be called more than once. For example on a platform that does not 70 // have a default key defined, this function will be called some time after 71 // this class has been constructed. Android WebView is a platform that does 72 // this. The caller needs to make sure |this| pointer is valid when 73 // InitAuthentication is called. 74 void InitAuthentication(const std::string& key); 75 76 protected: 77 void Init(); 78 79 void AddAuthorizationHeader(net::HttpRequestHeaders* headers); 80 81 // Returns a UTF16 string that's the hash of the configured authentication 82 // |key| and |salt|. Returns an empty UTF16 string if no key is configured or 83 // the data reduction proxy feature isn't available. 84 static base::string16 AuthHashForSalt(int64 salt, 85 const std::string& key); 86 // Visible for testing. 87 virtual base::Time Now() const; 88 virtual void RandBytes(void* output, size_t length); 89 90 // Visible for testing. 91 virtual std::string GetDefaultKey() const; 92 93 // Visible for testing. 94 DataReductionProxyAuthRequestHandler( 95 const std::string& client, 96 const std::string& version, 97 DataReductionProxyParams* params, 98 scoped_refptr<base::SingleThreadTaskRunner> network_task_runner); 99 100 private: 101 FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest, 102 AuthorizationOnIO); 103 FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest, 104 AuthorizationIgnoresEmptyKey); 105 FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest, 106 AuthorizationBogusVersion); 107 FRIEND_TEST_ALL_PREFIXES(DataReductionProxyAuthRequestHandlerTest, 108 AuthHashForSalt); 109 110 // Returns the version of Chromium that is being used. 111 std::string ChromiumVersion() const; 112 113 // Returns the build and patch numbers of |version|. If |version| isn't of the 114 // form xx.xx.xx.xx build and patch are not modified. 115 void GetChromiumBuildAndPatch(const std::string& version, 116 std::string* build, 117 std::string* patch) const; 118 119 // Generates a session ID and credentials suitable for authenticating with 120 // the data reduction proxy. 121 void ComputeCredentials(const base::Time& now, 122 std::string* session, 123 std::string* credentials); 124 125 // Adds authentication headers only if |expects_ssl| is true and 126 // |proxy_server| is a data reduction proxy used for ssl tunneling via 127 // HTTP CONNECT, or |expect_ssl| is false and |proxy_server| is a data 128 // reduction proxy for HTTP traffic. 129 void MaybeAddRequestHeaderImpl(const net::HostPortPair& proxy_server, 130 bool expect_ssl, 131 net::HttpRequestHeaders* request_headers); 132 133 // Authentication state. 134 std::string key_; 135 136 // Lives on the IO thread. 137 std::string session_; 138 std::string credentials_; 139 140 // Name of the client and version of the data reduction proxy protocol to use. 141 // Both live on the IO thread. 142 std::string client_; 143 std::string build_number_; 144 std::string patch_number_; 145 146 // The last time the session was updated. Used to ensure that a session is 147 // never used for more than twenty-four hours. 148 base::Time last_update_time_; 149 150 DataReductionProxyParams* data_reduction_proxy_params_; 151 152 scoped_refptr<base::SingleThreadTaskRunner> network_task_runner_; 153 154 DISALLOW_COPY_AND_ASSIGN(DataReductionProxyAuthRequestHandler); 155}; 156 157} // namespace data_reduction_proxy 158#endif // COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_AUTH_REQUEST_HANDLER_H_ 159