3636ff1f430ca22105ab33467cbc0e1fc2e240c5
[WebKit-https.git] / Source / WebKit / Shared / Authentication / AuthenticationManager.h
1 /*
2  * Copyright (C) 2010, 2013 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #ifndef AuthenticationManager_h
27 #define AuthenticationManager_h
28
29 #include "MessageReceiver.h"
30 #include "NetworkProcessSupplement.h"
31 #include "WebProcessSupplement.h"
32 #include <WebCore/AuthenticationChallenge.h>
33 #include <wtf/Forward.h>
34 #include <wtf/Function.h>
35 #include <wtf/HashMap.h>
36
37 namespace WebCore {
38 class AuthenticationChallenge;
39 class CertificateInfo;
40 class Credential;
41 }
42
43 namespace WebKit {
44
45 class ChildProcess;
46 class Download;
47 class DownloadID;
48 class PendingDownload;
49 class WebFrame;
50
51 enum class AuthenticationChallengeDisposition {
52     UseCredential,
53     PerformDefaultHandling,
54     Cancel,
55     RejectProtectionSpace
56 };
57 typedef Function<void(AuthenticationChallengeDisposition, const WebCore::Credential&)> ChallengeCompletionHandler;
58
59 class AuthenticationManager : public WebProcessSupplement, public NetworkProcessSupplement, public IPC::MessageReceiver {
60     WTF_MAKE_NONCOPYABLE(AuthenticationManager);
61 public:
62     explicit AuthenticationManager(ChildProcess*);
63
64     static const char* supplementName();
65
66 #if USE(NETWORK_SESSION)
67     void didReceiveAuthenticationChallenge(uint64_t pageID, uint64_t frameID, const WebCore::AuthenticationChallenge&, ChallengeCompletionHandler&&);
68     void didReceiveAuthenticationChallenge(PendingDownload&, const WebCore::AuthenticationChallenge&, ChallengeCompletionHandler&&);
69 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
70     void continueCanAuthenticateAgainstProtectionSpace(DownloadID, bool canAuthenticate);
71 #endif
72 #endif
73     // Called for resources in the WebProcess (NetworkProcess disabled)
74     void didReceiveAuthenticationChallenge(WebFrame*, const WebCore::AuthenticationChallenge&);
75
76 #if !USE(NETWORK_SESSION)
77     // Called for resources in the NetworkProcess (NetworkProcess enabled)
78     void didReceiveAuthenticationChallenge(uint64_t pageID, uint64_t frameID, const WebCore::AuthenticationChallenge&);
79     void didReceiveAuthenticationChallenge(Download&, const WebCore::AuthenticationChallenge&);
80 #endif
81
82     void useCredentialForChallenge(uint64_t challengeID, const WebCore::Credential&, const WebCore::CertificateInfo&);
83     void continueWithoutCredentialForChallenge(uint64_t challengeID);
84     void cancelChallenge(uint64_t challengeID);
85     void performDefaultHandling(uint64_t challengeID);
86     void rejectProtectionSpaceAndContinue(uint64_t challengeID);
87
88     uint64_t outstandingAuthenticationChallengeCount() const { return m_challenges.size(); }
89
90     static void receivedCredential(const WebCore::AuthenticationChallenge&, const WebCore::Credential&);
91     static void receivedRequestToContinueWithoutCredential(const WebCore::AuthenticationChallenge&);
92     static void receivedCancellation(const WebCore::AuthenticationChallenge&);
93     static void receivedRequestToPerformDefaultHandling(const WebCore::AuthenticationChallenge&);
94     static void receivedChallengeRejection(const WebCore::AuthenticationChallenge&);
95
96 private:
97     struct Challenge {
98         uint64_t pageID;
99         WebCore::AuthenticationChallenge challenge;
100 #if USE(NETWORK_SESSION)
101         ChallengeCompletionHandler completionHandler;
102 #endif
103     };
104     
105     // IPC::MessageReceiver
106     void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override;
107
108     bool tryUseCertificateInfoForChallenge(const WebCore::AuthenticationChallenge&, const WebCore::CertificateInfo&, const ChallengeCompletionHandler&);
109
110     uint64_t addChallengeToChallengeMap(Challenge&&);
111     bool shouldCoalesceChallenge(uint64_t pageID, uint64_t challengeID, const WebCore::AuthenticationChallenge&) const;
112
113     void useCredentialForSingleChallenge(uint64_t challengeID, const WebCore::Credential&, const WebCore::CertificateInfo&);
114     void continueWithoutCredentialForSingleChallenge(uint64_t challengeID);
115     void cancelSingleChallenge(uint64_t challengeID);
116     void performDefaultHandlingForSingleChallenge(uint64_t challengeID);
117     void rejectProtectionSpaceAndContinueForSingleChallenge(uint64_t challengeID);
118
119     Vector<uint64_t> coalesceChallengesMatching(uint64_t challengeID) const;
120
121     ChildProcess* m_process;
122
123     HashMap<uint64_t, Challenge> m_challenges;
124 };
125
126 } // namespace WebKit
127
128 #endif // AuthenticationManager_h