| // Copyright 2011 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_ |
| #define NET_HTTP_URL_SECURITY_MANAGER_H_ |
| |
| #include <memory> |
| |
| #include "net/base/net_export.h" |
| |
| namespace url { |
| class SchemeHostPort; |
| } |
| |
| namespace net { |
| |
| class HttpAuthFilter; |
| |
| // The URL security manager controls the policies (allow, deny, prompt user) |
| // regarding URL actions (e.g., sending the default credentials to a server). |
| class NET_EXPORT_PRIVATE URLSecurityManager { |
| public: |
| URLSecurityManager() = default; |
| |
| URLSecurityManager(const URLSecurityManager&) = delete; |
| URLSecurityManager& operator=(const URLSecurityManager&) = delete; |
| |
| virtual ~URLSecurityManager() = default; |
| |
| // Creates a platform-dependent instance of URLSecurityManager. |
| // |
| // A security manager has two allowlists, a "default allowlist" that is a |
| // allowlist of servers with which default credentials can be used, and a |
| // "delegate allowlist" that is the allowlist of servers that are allowed to |
| // have delegated Kerberos tickets. |
| // |
| // On creation both allowlists are empty. |
| // |
| // If the default allowlist is empty and the platform is Windows, it indicates |
| // that security zone mapping should be used to determine whether default |
| // credentials should be used. If the default allowlist is empty and the |
| // platform is non-Windows, it indicates that no servers should be |
| // allowlisted. |
| // |
| // If the delegate allowlist is empty no servers can have delegated Kerberos |
| // tickets. |
| // |
| static std::unique_ptr<URLSecurityManager> Create(); |
| |
| // Returns true if we can send the default credentials to the server at |
| // |auth_scheme_host_port| for HTTP NTLM or Negotiate authentication. |
| virtual bool CanUseDefaultCredentials( |
| const url::SchemeHostPort& auth_scheme_host_port) const = 0; |
| |
| // Returns true if Kerberos delegation is allowed for the server at |
| // |auth_scheme_host_port| for HTTP Negotiate authentication. |
| virtual bool CanDelegate( |
| const url::SchemeHostPort& auth_scheme_host_port) const = 0; |
| |
| virtual void SetDefaultAllowlist( |
| std::unique_ptr<HttpAuthFilter> allowlist_default) = 0; |
| virtual void SetDelegateAllowlist( |
| std::unique_ptr<HttpAuthFilter> allowlist_delegate) = 0; |
| }; |
| |
| class URLSecurityManagerAllowlist : public URLSecurityManager { |
| public: |
| URLSecurityManagerAllowlist(); |
| |
| URLSecurityManagerAllowlist(const URLSecurityManagerAllowlist&) = delete; |
| URLSecurityManagerAllowlist& operator=(const URLSecurityManagerAllowlist&) = |
| delete; |
| |
| ~URLSecurityManagerAllowlist() override; |
| |
| // URLSecurityManager methods. |
| bool CanUseDefaultCredentials( |
| const url::SchemeHostPort& auth_scheme_host_port) const override; |
| bool CanDelegate( |
| const url::SchemeHostPort& auth_scheme_host_port) const override; |
| void SetDefaultAllowlist( |
| std::unique_ptr<HttpAuthFilter> allowlist_default) override; |
| void SetDelegateAllowlist( |
| std::unique_ptr<HttpAuthFilter> allowlist_delegate) override; |
| |
| protected: |
| bool HasDefaultAllowlist() const; |
| |
| private: |
| std::unique_ptr<const HttpAuthFilter> allowlist_default_; |
| std::unique_ptr<const HttpAuthFilter> allowlist_delegate_; |
| }; |
| |
| } // namespace net |
| |
| #endif // NET_HTTP_URL_SECURITY_MANAGER_H_ |
