// handles the authentication for one channel and eventually re-starts the other channels
bool QHttpNetworkConnectionPrivate::handleAuthenticateChallenge(QAbstractSocket *socket, QHttpNetworkReply *reply,
bool isProxy, bool &resend)
{
Q_ASSERT(socket);
Q_ASSERT(reply);
resend = false;
//create the response header to be used with QAuthenticatorPrivate.
QList<QPair<QByteArray, QByteArray> > fields = reply->header();
//find out the type of authentication protocol requested.
QAuthenticatorPrivate::Method authMethod = reply->d_func()->authenticationMethod(isProxy);
if (authMethod != QAuthenticatorPrivate::None) {
int i = indexOf(socket);
//Use a single authenticator for all domains. ### change later to use domain/realm
QAuthenticator* auth = 0;
if (isProxy) {
auth = &channels[i].proxyAuthenticator;
channels[i].proxyAuthMethod = authMethod;
} else {
auth = &channels[i].authenticator;
channels[i].authMethod = authMethod;
}
//proceed with the authentication.
if (auth->isNull())
auth->detach();
QAuthenticatorPrivate *priv = QAuthenticatorPrivate::getPrivate(*auth);
priv->parseHttpResponse(fields, isProxy);
if (priv->phase == QAuthenticatorPrivate::Done) {
pauseConnection();
if (!isProxy) {
if (channels[i].authenticationCredentialsSent) {
auth->detach();
priv = QAuthenticatorPrivate::getPrivate(*auth);
priv->hasFailed = true;
priv->phase = QAuthenticatorPrivate::Done;
channels[i].authenticationCredentialsSent = false;
}
emit reply->authenticationRequired(reply->request(), auth);
#ifndef QT_NO_NETWORKPROXY
} else {
if (channels[i].proxyCredentialsSent) {
auth->detach();
priv = QAuthenticatorPrivate::getPrivate(*auth);
priv->hasFailed = true;
priv->phase = QAuthenticatorPrivate::Done;
channels[i].proxyCredentialsSent = false;
}
emit reply->proxyAuthenticationRequired(networkProxy, auth);
#endif
}
resumeConnection();
if (priv->phase != QAuthenticatorPrivate::Done) {
// send any pending requests
copyCredentials(i, auth, isProxy);
}
} else if (priv->phase == QAuthenticatorPrivate::Start) {
// If the url's authenticator has a 'user' set we will end up here (phase is only set to 'Done' by
// parseHttpResponse above if 'user' is empty). So if credentials were supplied with the request,
// such as in the case of an XMLHttpRequest, this is our only opportunity to cache them.
emit reply->cacheCredentials(reply->request(), auth);
}
// - Changing values in QAuthenticator will reset the 'phase'. Therefore if it is still "Done"
// then nothing was filled in by the user or the cache
// - If withCredentials has been set to false (e.g. by QtWebKit for a cross-origin XMLHttpRequest) then
// we need to bail out if authentication is required.
if (priv->phase == QAuthenticatorPrivate::Done || !reply->request().withCredentials()) {
// Reset authenticator so the next request on that channel does not get messed up
auth = 0;
if (isProxy)
channels[i].proxyAuthenticator = QAuthenticator();
else
channels[i].authenticator = QAuthenticator();
// authentication is cancelled, send the current contents to the user.
emit channels[i].reply->headerChanged();
emit channels[i].reply->readyRead();
QNetworkReply::NetworkError errorCode =
isProxy
? QNetworkReply::ProxyAuthenticationRequiredError
: QNetworkReply::AuthenticationRequiredError;
reply->d_func()->errorString = errorDetail(errorCode, socket);
emit reply->finishedWithError(errorCode, reply->d_func()->errorString);
// ### at this point the reply could be deleted
return true;
}
//resend the request
resend = true;
return true;
}
return false;
}
