Chromoting: Retry third-party token validation if needed.
The initial attempt at token validation often fails because an
authentication cookie is missing and the server redirects the request,
causing the POST to become a GET, losing the request data.
This CL detects this condition and retries the request, which is
expected to succeed (if the token is valid).
BUG=566215
Review URL: https://codereview.chromium.org/1495373002
Cr-Commit-Position: refs/heads/master@{#365423}
diff --git a/remoting/host/token_validator_base.h b/remoting/host/token_validator_base.h
index a10ab1a..d7fc115 100644
--- a/remoting/host/token_validator_base.h
+++ b/remoting/host/token_validator_base.h
@@ -43,6 +43,9 @@
// URLRequest::Delegate interface.
void OnResponseStarted(net::URLRequest* source) override;
void OnReadCompleted(net::URLRequest* source, int bytes_read) override;
+ void OnReceivedRedirect(net::URLRequest* request,
+ const net::RedirectInfo& redirect_info,
+ bool* defer_redirect) override;
void OnCertificateRequested(
net::URLRequest* source,
net::SSLCertRequestInfo* cert_request_info) override;
@@ -65,6 +68,18 @@
scoped_refptr<net::IOBuffer> buffer_;
std::string data_;
+ // This is set by OnReceivedRedirect() if the token validation request is
+ // being re-submitted as a POST request. This can happen if the authentication
+ // cookie has not yet been set, and a login handler redirection causes the
+ // POST request to be turned into a GET operation, losing the POST data. In
+ // this case, an immediate retry (with the same cookie jar) is expected to
+ // succeeed.
+ bool retrying_request_ = false;
+
+ // Stores the most recently requested token, in case the validation request
+ // needs to be retried.
+ std::string token_;
+
base::Callback<void(const std::string& shared_secret)> on_token_validated_;
base::WeakPtrFactory<TokenValidatorBase> weak_factory_;
