Closed Bug 1855149 Opened 9 months ago Closed 8 months ago

Add authChallenges to network.responseStarted/responseCompleted

Categories

(Remote Protocol :: WebDriver BiDi, task, P2)

task
Points:
3

Tracking

(firefox120 fixed)

RESOLVED FIXED
120 Branch
Tracking Status
firefox120 --- fixed

People

(Reporter: jdescottes, Assigned: jdescottes)

References

(Blocks 2 open bugs, )

Details

(Whiteboard: [webdriver:m9][wptsync upstream][webdriver:relnote])

Attachments

(4 files)

For network interception, we now expect the auth challenges to be included in the response data.

This should be added in all events including response data: network.responseStarted, network.responseCompleted, network.authRequired.

https://w3c.github.io/webdriver-bidi/#extract-challenges

Points: --- → 3
Priority: -- → P2
Whiteboard: [webdriver:m9]
Assignee: nobody → jdescottes
Status: NEW → ASSIGNED

Hi Valentin,

I was looking at the parsing of challenges headers (WWW-Authenticate/Proxy-Authenticate). It's not completely trivial, because we can get multiple challenges, separated by a comma, but we can also have commas inside a challenge.

I think this is handled on the platform side at https://searchfox.org/mozilla-central/source/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#482 and I was wondering if we should try to expose this to JS somehow or if I should duplicate it?

Initially thought that nsIHttpAuthenticableChannel::WWWChallenges would be the parsed value, but I think it's just the raw header value? (and I couldn't QueryInterface any channel to nsIHttpAuthenticableChannel for some reason). Maybe this WWWChallenges getter at least concatenates all WWW-Authenticate headers in case there are more than 1?

Flags: needinfo?(valentin.gosu)

Parsing challenge headers is not trivial, given that there can be multiple challenges in a single header.
Implementing this properly most likely means implementing a proper tokenizer.
It would be better to reuse the implementation already used by necko but this is not exposed to JS yet.

For now, add a simple parser with xpcshell tests to be reused in the network module of WebDriver bidi.

(In reply to Julian Descottes [:jdescottes] from comment #1)

Hi Valentin,

I was looking at the parsing of challenges headers (WWW-Authenticate/Proxy-Authenticate). It's not completely trivial, because we can get multiple challenges, separated by a comma, but we can also have commas inside a challenge.

I think this is handled on the platform side at https://searchfox.org/mozilla-central/source/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#482 and I was wondering if we should try to expose this to JS somehow or if I should duplicate it?

Up to you. I can add an XPCOM helper method to extract the challenges if you think that would be helpful.

Initially thought that nsIHttpAuthenticableChannel::WWWChallenges would be the parsed value, but I think it's just the raw header value? (and I couldn't QueryInterface any channel to nsIHttpAuthenticableChannel for some reason). Maybe this WWWChallenges getter at least concatenates all WWW-Authenticate headers in case there are more than 1?

Yes, WWWChallenges just returns the value of the header. Since the header is not a singleton, it also merges the headers if there are multiple of them.

Not sure why QI wouldn't work for nsIHttpAuthenticableChannel, I don't see anything wrong with the channel.

Flags: needinfo?(valentin.gosu)
Blocks: 1857847

(In reply to Valentin Gosu [:valentin] (he/him) from comment #6)

(In reply to Julian Descottes [:jdescottes] from comment #1)

Hi Valentin,

I was looking at the parsing of challenges headers (WWW-Authenticate/Proxy-Authenticate). It's not completely trivial, because we can get multiple challenges, separated by a comma, but we can also have commas inside a challenge.

I think this is handled on the platform side at https://searchfox.org/mozilla-central/source/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#482 and I was wondering if we should try to expose this to JS somehow or if I should duplicate it?

Up to you. I can add an XPCOM helper method to extract the challenges if you think that would be helpful.

This would be really helpful, thanks! I filed Bug 1857847.

For nsIHttpAuthenticableChannel I will try again, maybe I was trying to do it on non-auth channels and that's why it was throwing? But I could succesfully use QI with nsIProxiedChannel on the same channels, so not sure. I'll try to have a reduced test case.

Blocks: 1859336
Pushed by jdescottes@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c85cf089e421
[bidi] Add a helper to parse challenge headers r=webdriver-reviewers,whimboo
https://hg.mozilla.org/integration/autoland/rev/ce2bba53b574
[bidi] Add authChallenges to response data in network events r=webdriver-reviewers,whimboo
https://hg.mozilla.org/integration/autoland/rev/c6b8f7f4a912
[wdspec] Check authChallenges in response payloads of network bidi tests r=webdriver-reviewers,whimboo
https://hg.mozilla.org/integration/autoland/rev/0c907b3752ed
[wdspec] Add test for a non-empty authChallenges property in responseStarted r=webdriver-reviewers,whimboo
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/42581 for changes under testing/web-platform/tests
Whiteboard: [webdriver:m9] → [webdriver:m9], [wptsync upstream]
Upstream PR merged by moz-wptsync-bot
Blocks: 1826198
No longer depends on: 1826198
Summary: Add authChallenges to network.responseStarted/responseCompleted/authRequired → Add authChallenges to network.responseStarted/responseCompleted
Whiteboard: [webdriver:m9], [wptsync upstream] → [webdriver:m9][wptsync upstream][webdriver:relnote]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: