// Copyright (c) 2009 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. // This file contains common routines used by NTLM and Negotiate authentication // using the SSPI API on Windows. #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ // security.h needs to be included for CredHandle. Unfortunately CredHandle // is a typedef and can't be forward declared. #define SECURITY_WIN32 1 #include <windows.h> #include <security.h> #include <string> class GURL; namespace net { class HttpRequestInfo; class ProxyInfo; class HttpAuthSSPI { public: HttpAuthSSPI(const std::string& scheme, SEC_WCHAR* security_package); ~HttpAuthSSPI(); bool NeedsIdentity() const; bool IsFinalRound() const; bool ParseChallenge(std::string::const_iterator challenge_begin, std::string::const_iterator challenge_end); int GenerateCredentials(const std::wstring& username, const std::wstring& password, const GURL& origin, const HttpRequestInfo* request, const ProxyInfo* proxy, std::string* out_credentials); private: int OnFirstRound(const std::wstring& domain, const std::wstring& user, const std::wstring& password); int GetNextSecurityToken( const GURL& origin, const void* in_token, int in_token_len, void** out_token, int* out_token_len); void ResetSecurityContext(); std::string scheme_; SEC_WCHAR* security_package_; std::string decoded_server_auth_token_; ULONG max_token_length_; CredHandle cred_; CtxtHandle ctxt_; }; // Splits |combined| into domain and username. // If |combined| is of form "FOO\bar", |domain| will contain "FOO" and |user| // will contain "bar". // If |combined| is of form "bar", |domain| will be empty and |user| will // contain "bar". // |domain| and |user| must be non-NULL. void SplitDomainAndUser(const std::wstring& combined, std::wstring* domain, std::wstring* user); // Determines the max token length for a particular SSPI package. // If the return value is not OK, than the value of max_token_length // is undefined. // |max_token_length| must be non-NULL. int DetermineMaxTokenLength(const std::wstring& package, ULONG* max_token_length); // Acquire credentials for a user. int AcquireCredentials(const SEC_WCHAR* package, const std::wstring& domain, const std::wstring& user, const std::wstring& password, CredHandle* cred); } // namespace net #endif // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_