void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
{
LOG(Network, "CFNet - receivedCredential()");
ASSERT(!challenge.isNull());
ASSERT(challenge.cfURLAuthChallengeRef());
if (challenge != d->m_currentWebChallenge)
return;
// FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
if (credential.isEmpty()) {
receivedRequestToContinueWithoutCredential(challenge);
return;
}
if (credential.persistence() == CredentialPersistenceForSession) {
// Manage per-session credentials internally, because once NSURLCredentialPersistencePerSession is used, there is no way
// to ignore it for a particular request (short of removing it altogether).
Credential webCredential(credential.user(), credential.password(), CredentialPersistenceNone);
RetainPtr<CFURLCredentialRef> cfCredential = adoptCF(createCF(webCredential));
URL urlToStore;
if (challenge.failureResponse().httpStatusCode() == 401)
urlToStore = challenge.failureResponse().url();
CredentialStorage::set(webCredential, challenge.protectionSpace(), urlToStore);
CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
} else {
RetainPtr<CFURLCredentialRef> cfCredential = adoptCF(createCF(credential));
CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
}
clearAuthentication();
}
void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
{
ASSERT(!challenge.isNull());
if (challenge != d->m_currentWebChallenge)
return;
if (credential.isEmpty()) {
receivedRequestToContinueWithoutCredential(challenge);
return;
}
KURL urlToStore;
urlToStore = d->m_request.url();
CredentialStorage::set(credential, challenge.protectionSpace(), urlToStore);
clearAuthentication();
// Clone our ResourceHandle and add it so that it is send with the credential.
// FIXME: We should have a way of cloning an handle.
RefPtr<ResourceHandle> newHandle = ResourceHandle::create(request(), client(), 0, d->m_defersLoading, shouldContentSniff());
setClient(0); // Clear the client to avoid it being cleared by WebCore.
AuthenticationChallenge newAuthenticationChallenge(challenge.protectionSpace(), credential, challenge.previousFailureCount() + 1, challenge.failureResponse(), challenge.error());
// Store the new authentication challenge.
newHandle->getInternal()->m_currentWebChallenge = newAuthenticationChallenge;
d->m_cancelled = true;
}
void AuthenticationManager::continueWithoutCredentialForSingleChallenge(uint64_t challengeID)
{
auto challenge = m_challenges.take(challengeID);
ASSERT(!challenge.challenge.isNull());
AuthenticationClient* coreClient = challenge.challenge.authenticationClient();
#if USE(NETWORK_SESSION)
if (challenge.completionHandler) {
ASSERT(!coreClient);
challenge.completionHandler(AuthenticationChallengeDisposition::UseCredential, Credential());
return;
}
#endif
if (coreClient)
coreClient->receivedRequestToContinueWithoutCredential(challenge.challenge);
else
receivedRequestToContinueWithoutCredential(challenge.challenge);
}
void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
{
if (challenge != d->m_currentWebChallenge)
return;
if (credential.isEmpty()) {
receivedRequestToContinueWithoutCredential(challenge);
return;
}
if (shouldUseCredentialStorage()) {
if (challenge.failureResponse().httpStatusCode() == 401) {
URL urlToStore = challenge.failureResponse().url();
CredentialStorage::set(credential, challenge.protectionSpace(), urlToStore);
}
}
String userpass = credential.user() + ":" + credential.password();
curl_easy_setopt(d->m_handle, CURLOPT_USERPWD, userpass.utf8().data());
clearAuthentication();
}
