Skip to content

Commit 38e33ff

Browse files
rogerwangrogerwang
committed
enable NTLM settings auth-server-whitelist etc
Fix nwjs#590 enables --auth-server-whitelist, --auth-schemes --gssapi-library-name, --auth-negotiate-delegate-whitelist
1 parent 08c6ce5 commit 38e33ff

File tree

3 files changed

+77
-4
lines changed

3 files changed

+77
-4
lines changed

src/net/shell_url_request_context_getter.cc

Lines changed: 41 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@
4242
#include "net/ssl/server_bound_cert_service.h"
4343
#include "net/ssl/ssl_config_service_defaults.h"
4444
#include "net/cookies/cookie_monster.h"
45+
#include "net/http/http_auth_filter.h"
4546
#include "net/http/http_auth_handler_factory.h"
4647
#include "net/http/http_cache.h"
4748
#include "net/http/http_network_session.h"
@@ -125,10 +126,20 @@ ShellURLRequestContextGetter::ShellURLRequestContextGetter(
125126
MessageLoop* io_loop,
126127
MessageLoop* file_loop,
127128
ProtocolHandlerMap* protocol_handlers,
128-
ShellBrowserContext* browser_context)
129+
ShellBrowserContext* browser_context,
130+
const std::string& auth_schemes,
131+
const std::string& auth_server_whitelist,
132+
const std::string& auth_delegate_whitelist,
133+
const std::string& gssapi_library_name)
129134
: ignore_certificate_errors_(ignore_certificate_errors),
130135
data_path_(data_path),
131136
root_path_(root_path),
137+
auth_schemes_(auth_schemes),
138+
negotiate_disable_cname_lookup_(false),
139+
negotiate_enable_port_(false),
140+
auth_server_whitelist_(auth_server_whitelist),
141+
auth_delegate_whitelist_(auth_delegate_whitelist),
142+
gssapi_library_name_(gssapi_library_name),
132143
io_loop_(io_loop),
133144
file_loop_(file_loop),
134145
browser_context_(browser_context) {
@@ -209,7 +220,8 @@ net::URLRequestContext* ShellURLRequestContextGetter::GetURLRequestContext() {
209220

210221
storage_->set_ssl_config_service(new net::SSLConfigServiceDefaults);
211222
storage_->set_http_auth_handler_factory(
212-
net::HttpAuthHandlerFactory::CreateDefault(host_resolver.get()));
223+
CreateDefaultAuthHandlerFactory(host_resolver.get()));
224+
213225
storage_->set_http_server_properties(
214226
scoped_ptr<net::HttpServerProperties>(
215227
new net::HttpServerPropertiesImpl()));
@@ -278,4 +290,31 @@ net::HostResolver* ShellURLRequestContextGetter::host_resolver() {
278290
return url_request_context_->host_resolver();
279291
}
280292

293+
net::HttpAuthHandlerFactory* ShellURLRequestContextGetter::CreateDefaultAuthHandlerFactory(
294+
net::HostResolver* resolver) {
295+
net::HttpAuthFilterWhitelist* auth_filter_default_credentials = NULL;
296+
if (!auth_server_whitelist_.empty()) {
297+
auth_filter_default_credentials =
298+
new net::HttpAuthFilterWhitelist(auth_server_whitelist_);
299+
}
300+
net::HttpAuthFilterWhitelist* auth_filter_delegate = NULL;
301+
if (!auth_delegate_whitelist_.empty()) {
302+
auth_filter_delegate =
303+
new net::HttpAuthFilterWhitelist(auth_delegate_whitelist_);
304+
}
305+
url_security_manager_.reset(
306+
net::URLSecurityManager::Create(auth_filter_default_credentials,
307+
auth_filter_delegate));
308+
std::vector<std::string> supported_schemes;
309+
base::SplitString(auth_schemes_, ',', &supported_schemes);
310+
311+
scoped_ptr<net::HttpAuthHandlerRegistryFactory> registry_factory(
312+
net::HttpAuthHandlerRegistryFactory::Create(
313+
supported_schemes, url_security_manager_.get(),
314+
resolver, gssapi_library_name_, negotiate_disable_cname_lookup_,
315+
negotiate_enable_port_));
316+
317+
return registry_factory.release();
318+
}
319+
281320
} // namespace content

src/net/shell_url_request_context_getter.h

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,10 +31,12 @@
3131

3232

3333
namespace net {
34+
class HttpAuthHandlerFactory;
3435
class HostResolver;
3536
class NetworkDelegate;
3637
class ProxyConfigService;
3738
class URLRequestContextStorage;
39+
class URLSecurityManager;
3840
}
3941

4042
namespace base{
@@ -54,7 +56,11 @@ class ShellBrowserContext;
5456
base::MessageLoop* io_loop,
5557
base::MessageLoop* file_loop,
5658
ProtocolHandlerMap* protocol_handlers,
57-
ShellBrowserContext*);
59+
ShellBrowserContext*,
60+
const std::string& auth_schemes,
61+
const std::string& auth_server_whitelist,
62+
const std::string& auth_delegate_whitelist,
63+
const std::string& gssapi_library_name);
5864

5965
// net::URLRequestContextGetter implementation.
6066
virtual net::URLRequestContext* GetURLRequestContext() OVERRIDE;
@@ -65,18 +71,29 @@ class ShellBrowserContext;
6571

6672
protected:
6773
virtual ~ShellURLRequestContextGetter();
74+
net::HttpAuthHandlerFactory* CreateDefaultAuthHandlerFactory(net::HostResolver* resolver);
6875

6976
private:
7077
bool ignore_certificate_errors_;
7178
base::FilePath data_path_;
7279
base::FilePath root_path_;
80+
81+
std::string auth_schemes_;
82+
bool negotiate_disable_cname_lookup_;
83+
bool negotiate_enable_port_;
84+
std::string auth_server_whitelist_;
85+
std::string auth_delegate_whitelist_;
86+
std::string gssapi_library_name_;
87+
// std::vector<GURL> spdyproxy_auth_origins_;
88+
7389
base::MessageLoop* io_loop_;
7490
base::MessageLoop* file_loop_;
7591

7692
scoped_ptr<net::ProxyConfigService> proxy_config_service_;
7793
scoped_ptr<net::NetworkDelegate> network_delegate_;
7894
scoped_ptr<net::URLRequestContextStorage> storage_;
7995
scoped_ptr<net::URLRequestContext> url_request_context_;
96+
scoped_ptr<net::URLSecurityManager> url_security_manager_;
8097
ProtocolHandlerMap protocol_handlers_;
8198
ShellBrowserContext* browser_context_;
8299

src/shell_browser_context.cc

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@
2525
#include "base/file_util.h"
2626
#include "base/path_service.h"
2727
#include "base/values.h"
28+
#include "chrome/common/chrome_switches.h"
2829
#include "content/public/browser/browser_thread.h"
2930
#include "content/public/browser/resource_context.h"
3031
#include "content/public/browser/storage_partition.h"
@@ -155,13 +156,29 @@ net::URLRequestContextGetter* ShellBrowserContext::GetRequestContext() {
155156
net::URLRequestContextGetter* ShellBrowserContext::CreateRequestContext(
156157
ProtocolHandlerMap* protocol_handlers) {
157158
DCHECK(!url_request_getter_);
159+
CommandLine* cmd_line = CommandLine::ForCurrentProcess();
160+
std::string auth_server_whitelist =
161+
cmd_line->GetSwitchValueASCII(switches::kAuthServerWhitelist);
162+
std::string auth_delegate_whitelist =
163+
cmd_line->GetSwitchValueASCII(switches::kAuthNegotiateDelegateWhitelist);
164+
std::string gssapi_library_name =
165+
cmd_line->GetSwitchValueASCII(switches::kGSSAPILibraryName);
166+
std::string auth_schemes =
167+
cmd_line->GetSwitchValueASCII(switches::kAuthSchemes);
168+
169+
if (auth_schemes.empty())
170+
auth_schemes = "digest,ntlm,negotiate";
171+
158172
url_request_getter_ = new ShellURLRequestContextGetter(
159173
ignore_certificate_errors_,
160174
GetPath(),
161175
package_->path(),
162176
BrowserThread::UnsafeGetMessageLoopForThread(BrowserThread::IO),
163177
BrowserThread::UnsafeGetMessageLoopForThread(BrowserThread::FILE),
164-
protocol_handlers, this);
178+
protocol_handlers, this,
179+
auth_schemes, auth_server_whitelist, auth_delegate_whitelist,
180+
gssapi_library_name);
181+
165182
resource_context_->set_url_request_context_getter(url_request_getter_.get());
166183
return url_request_getter_.get();
167184
}

0 commit comments

Comments
 (0)