void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
{
if (!d->m_user.isNull() && !d->m_pass.isNull()) {
Credential credential(d->m_user, d->m_pass, CredentialPersistenceNone);
URL urlToStore;
if (challenge.failureResponse().httpStatusCode() == 401)
urlToStore = challenge.failureResponse().url();
CredentialStorage::set(credential, challenge.protectionSpace(), urlToStore);
String userpass = credential.user() + ":" + credential.password();
curl_easy_setopt(d->m_handle, CURLOPT_USERPWD, userpass.utf8().data());
d->m_user = String();
d->m_pass = String();
// FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
return;
}
if (shouldUseCredentialStorage()) {
if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
// The stored credential wasn't accepted, stop using it.
// There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
// but the observable effect should be very minor, if any.
CredentialStorage::remove(challenge.protectionSpace());
}
if (!challenge.previousFailureCount()) {
Credential credential = CredentialStorage::get(challenge.protectionSpace());
if (!credential.isEmpty() && credential != d->m_initialCredential) {
ASSERT(credential.persistence() == CredentialPersistenceNone);
if (challenge.failureResponse().httpStatusCode() == 401) {
// Store the credential back, possibly adding it as a default for this directory.
CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
}
String userpass = credential.user() + ":" + credential.password();
curl_easy_setopt(d->m_handle, CURLOPT_USERPWD, userpass.utf8().data());
return;
}
}
}
d->m_currentWebChallenge = challenge;
if (client())
client()->didReceiveAuthenticationChallenge(this, d->m_currentWebChallenge);
}
void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
{
if (challenge != d->m_currentWebChallenge)
return;
if (credential.isEmpty()) {
receivedRequestToContinueWithoutCredential(challenge);
return;
}
if (shouldUseCredentialStorage()) {
if (challenge.failureResponse().httpStatusCode() == 401) {
URL urlToStore = challenge.failureResponse().url();
CredentialStorage::set(credential, challenge.protectionSpace(), urlToStore);
}
}
String userpass = credential.user() + ":" + credential.password();
curl_easy_setopt(d->m_handle, CURLOPT_USERPWD, userpass.utf8().data());
clearAuthentication();
}
void NetworkResourceLoader::shouldUseCredentialStorageAsync(ResourceHandle* handle)
{
ASSERT_UNUSED(handle, handle == m_handle);
handle->continueShouldUseCredentialStorage(shouldUseCredentialStorage(handle));
}
