1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_HTTP_PROXY_CLIENT_SOCKET_H_
6 #define NET_HTTP_PROXY_CLIENT_SOCKET_H_
7 
8 #include <memory>
9 #include <string>
10 
11 #include "base/macros.h"
12 #include "net/base/completion_once_callback.h"
13 #include "net/base/net_export.h"
14 #include "net/base/request_priority.h"
15 #include "net/socket/ssl_client_socket.h"
16 #include "net/socket/stream_socket.h"
17 
18 namespace net {
19 
20 class HostPortPair;
21 class HttpAuthController;
22 class HttpResponseInfo;
23 class HttpRequestHeaders;
24 class HttpAuthController;
25 class NetLogWithSource;
26 
27 class NET_EXPORT_PRIVATE ProxyClientSocket : public StreamSocket {
28  public:
ProxyClientSocket()29   ProxyClientSocket() {}
~ProxyClientSocket()30   ~ProxyClientSocket() override {}
31 
32   // Returns the HttpResponseInfo (including HTTP Headers) from
33   // the response to the CONNECT request.
34   virtual const HttpResponseInfo* GetConnectResponseInfo() const = 0;
35 
36   // Returns the HttpAuthController which can be used
37   // to interact with an HTTP Proxy Authorization Required (407) request.
38   virtual const scoped_refptr<HttpAuthController>& GetAuthController() const
39       = 0;
40 
41   // If Connect (or its callback) returns PROXY_AUTH_REQUESTED, then an
42   // auth challenge was received.  If the HttpAuthController's HaveAuth()
43   // method returns true, then the request just needs to be restarted with
44   // this method to try with those credentials, and new credentials cannot
45   // be provided.  Otherwise, credentials should be added to the
46   // HttpAuthController before calling RestartWithAuth.  Not all
47   // ProxyClientSocket implementations will be restartable.  Such
48   // implementations should disconnect themselves and return OK.
49   virtual int RestartWithAuth(CompletionOnceCallback callback) = 0;
50 
51   // Returns true of the connection to the proxy is using SPDY.
52   virtual bool IsUsingSpdy() const = 0;
53 
54   // Returns the protocol negotiated with the proxy.
55   virtual NextProto GetProxyNegotiatedProtocol() const = 0;
56 
57   // Set the priority of the underlying stream (for SPDY and QUIC)
58   virtual void SetStreamPriority(RequestPriority priority);
59 
60  protected:
61   // The HTTP CONNECT method for establishing a tunnel connection is documented
62   // in draft-luotonen-web-proxy-tunneling-01.txt and RFC 2817, Sections 5.2
63   // and 5.3.
64   static void BuildTunnelRequest(const HostPortPair& endpoint,
65                                  const HttpRequestHeaders& extra_headers,
66                                  const std::string& user_agent,
67                                  std::string* request_line,
68                                  HttpRequestHeaders* request_headers);
69 
70   // When an auth challenge (407 response) is received during tunnel
71   // construction/ this method should be called.
72   static int HandleProxyAuthChallenge(HttpAuthController* auth,
73                                       HttpResponseInfo* response,
74                                       const NetLogWithSource& net_log);
75 
76   // When a proxy authentication response is received during tunnel
77   // construction, this method should be called to strip everything
78   // but the auth header from the redirect response.  If it returns
79   // false, the response should be discarded and tunnel construction should
80   // fail.
81   static bool SanitizeProxyAuth(HttpResponseInfo* response);
82 
83  private:
84   DISALLOW_COPY_AND_ASSIGN(ProxyClientSocket);
85 };
86 
87 }  // namespace net
88 
89 #endif  // NET_HTTP_PROXY_CLIENT_SOCKET_H_
90