Changeset 192287 in webkit

Timestamp:

Nov 10, 2015, 6:29:13 PM (10 years ago)

Author:

achristensen@apple.com

Message:

Implement authentication challenge handling when using NETWORK_SESSION
​https://bugs.webkit.org/show_bug.cgi?id=150968

Reviewed by Antti Koivisto.

• NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::didReceiveChallenge):
Copy functionality from NetworkLoad::canAuthenticateAgainstProtectionSpaceAsync (which is used when we don't use NETWORK_SESSION)
because there is no canAuthenticateAgainstProtectionSpace delegate callback when using NSURLSession, according to
​https://developer.apple.com/library/ios/documentation/Cocoa/Conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html
Instead, all authentication challenge callbacks go to URLSession:task:didReceiveChallenge:completionHandler:
because we do not implement URLSession:didReceiveChallenge:completionHandler:

• NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(-[NetworkSessionDelegate URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:]):
(-[NetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
(-[NetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
Make a block copy of the completion handlers so we can copy the std::functions that wrap them into HashMaps and call them later,
in this case we call the completion handler after the UIProcess gives us credentials for an authentication challenge.

• Shared/Authentication/AuthenticationManager.cpp:

(WebKit::AuthenticationManager::AuthenticationManager):
(WebKit::AuthenticationManager::addChallengeToChallengeMap):
(WebKit::AuthenticationManager::shouldCoalesceChallenge):
(WebKit::AuthenticationManager::coalesceChallengesMatching):
(WebKit::AuthenticationManager::didReceiveAuthenticationChallenge):
Fix an existing bug that caused multiple calls to addChallengeToChallengeMap for one challenge. This caused too many calls to
the AuthenticationClient methods, which did not cause a problem because they were not one-time-use block copies of completion handlers before.
(WebKit::AuthenticationManager::useCredentialForSingleChallenge):
(WebKit::AuthenticationManager::continueWithoutCredentialForChallenge):
(WebKit::AuthenticationManager::continueWithoutCredentialForSingleChallenge):
(WebKit::AuthenticationManager::cancelChallenge):
(WebKit::AuthenticationManager::cancelSingleChallenge):
(WebKit::AuthenticationManager::performDefaultHandling):
(WebKit::AuthenticationManager::performDefaultHandlingForSingleChallenge):
(WebKit::AuthenticationManager::rejectProtectionSpaceAndContinue):
(WebKit::AuthenticationManager::rejectProtectionSpaceAndContinueForSingleChallenge):
Call completion handlers which we stored in a HashMap before doing IPC if we are using NETWORK_SESSION,
which has completion handlers instead of continueSomething client calls.

• Shared/Authentication/AuthenticationManager.h:

(WebKit::AuthenticationManager::outstandingAuthenticationChallengeCount):

• Shared/Downloads/Download.cpp:

(WebKit::Download::didReceiveAuthenticationChallenge):
(WebKit::Download::didReceiveResponse):

• Shared/Downloads/DownloadAuthenticationClient.cpp:

(WebKit::DownloadAuthenticationClient::receivedChallengeRejection):

• Shared/Downloads/DownloadAuthenticationClient.h:

Add ifdefs for code related to downloading I will implement later.

Location:

trunk/Source/WebKit2

Files:

• ChangeLog (modified) (1 diff)
• NetworkProcess/NetworkLoad.cpp (modified) (1 diff)
• NetworkProcess/cocoa/NetworkSessionCocoa.mm (modified) (3 diffs)
• Shared/Authentication/AuthenticationManager.cpp (modified) (10 diffs)
• Shared/Authentication/AuthenticationManager.h (modified) (5 diffs)
• Shared/Downloads/Download.cpp (modified) (2 diffs)
• Shared/Downloads/DownloadAuthenticationClient.cpp (modified) (2 diffs)
• Shared/Downloads/DownloadAuthenticationClient.h (modified) (2 diffs)

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2015-11-10  Alex Christensen  <achristensen@webkit.org>
+
+        Implement authentication challenge handling when using NETWORK_SESSION
+        https://bugs.webkit.org/show_bug.cgi?id=150968
+
+        Reviewed by Antti Koivisto.
+
+        * NetworkProcess/NetworkLoad.cpp:
+        (WebKit::NetworkLoad::didReceiveChallenge):
+        Copy functionality from NetworkLoad::canAuthenticateAgainstProtectionSpaceAsync (which is used when we don't use NETWORK_SESSION)
+        because there is no canAuthenticateAgainstProtectionSpace delegate callback when using NSURLSession, according to
+        https://developer.apple.com/library/ios/documentation/Cocoa/Conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html
+        Instead, all authentication challenge callbacks go to URLSession:task:didReceiveChallenge:completionHandler:
+        because we do not implement URLSession:didReceiveChallenge:completionHandler:
+        * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+        (-[NetworkSessionDelegate URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:]):
+        (-[NetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+        (-[NetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
+        Make a block copy of the completion handlers so we can copy the std::functions that wrap them into HashMaps and call them later,
+        in this case we call the completion handler after the UIProcess gives us credentials for an authentication challenge.
+        * Shared/Authentication/AuthenticationManager.cpp:
+        (WebKit::AuthenticationManager::AuthenticationManager):
+        (WebKit::AuthenticationManager::addChallengeToChallengeMap):
+        (WebKit::AuthenticationManager::shouldCoalesceChallenge):
+        (WebKit::AuthenticationManager::coalesceChallengesMatching):
+        (WebKit::AuthenticationManager::didReceiveAuthenticationChallenge):
+        Fix an existing bug that caused multiple calls to addChallengeToChallengeMap for one challenge.  This caused too many calls to 
+        the AuthenticationClient methods, which did not cause a problem because they were not one-time-use block copies of completion handlers before.
+        (WebKit::AuthenticationManager::useCredentialForSingleChallenge):
+        (WebKit::AuthenticationManager::continueWithoutCredentialForChallenge):
+        (WebKit::AuthenticationManager::continueWithoutCredentialForSingleChallenge):
+        (WebKit::AuthenticationManager::cancelChallenge):
+        (WebKit::AuthenticationManager::cancelSingleChallenge):
+        (WebKit::AuthenticationManager::performDefaultHandling):
+        (WebKit::AuthenticationManager::performDefaultHandlingForSingleChallenge):
+        (WebKit::AuthenticationManager::rejectProtectionSpaceAndContinue):
+        (WebKit::AuthenticationManager::rejectProtectionSpaceAndContinueForSingleChallenge):
+        Call completion handlers which we stored in a HashMap before doing IPC if we are using NETWORK_SESSION,
+        which has completion handlers instead of continueSomething client calls.
+        * Shared/Authentication/AuthenticationManager.h:
+        (WebKit::AuthenticationManager::outstandingAuthenticationChallengeCount):
+        * Shared/Downloads/Download.cpp:
+        (WebKit::Download::didReceiveAuthenticationChallenge):
+        (WebKit::Download::didReceiveResponse):
+        * Shared/Downloads/DownloadAuthenticationClient.cpp:
+        (WebKit::DownloadAuthenticationClient::receivedChallengeRejection):
+        * Shared/Downloads/DownloadAuthenticationClient.h:
+        Add ifdefs for code related to downloading I will implement later.
+
 2015-11-10  Simon Fraser  <simon.fraser@apple.com>
 

trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp

@@ -159 +159 @@
 void NetworkLoad::didReceiveChallenge(const AuthenticationChallenge& challenge, std::function<void(AuthenticationChallengeDisposition, const Credential&)> completionHandler)
 {
-    notImplemented();
-    completionHandler(AuthenticationChallengeDisposition::PerformDefaultHandling, Credential());
+    // NetworkResourceLoader does not know whether the request is cross origin, so Web process computes an applicable credential policy for it.
+    ASSERT(m_parameters.clientCredentialPolicy != DoNotAskClientForCrossOriginCredentials);
+
+    // Handle server trust evaluation at platform-level if requested, for performance reasons.
+    if (challenge.protectionSpace().authenticationScheme() == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested
+        && !NetworkProcess::singleton().canHandleHTTPSServerTrustEvaluation()) {
+        completionHandler(AuthenticationChallengeDisposition::PerformDefaultHandling, Credential());
+        return;
+    }
+
+    if (m_client.isSynchronous()) {
+        // FIXME: We should ask the WebProcess like the asynchronous case below does.
+        // This is currently impossible as the WebProcess is blocked waiting on this synchronous load.
+        // It's possible that we can jump straight to the UI process to resolve this.
+        completionHandler(AuthenticationChallengeDisposition::PerformDefaultHandling, Credential());
+        return;
+    }
+
+    if (m_parameters.clientCredentialPolicy == DoNotAskClientForAnyCredentials) {
+        completionHandler(AuthenticationChallengeDisposition::UseCredential, Credential());
+        return;
+    }
+
+    NetworkProcess::singleton().authenticationManager().didReceiveAuthenticationChallenge(m_parameters.webPageID, m_parameters.webFrameID, challenge, completionHandler);
 }
 

trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkSessionCocoa.mm

@@ -95 +95 @@
     if (auto* networkingTask = _session->dataTaskForIdentifier(task.taskIdentifier)) {
         if (auto* client = networkingTask->client()) {
-            client->willPerformHTTPRedirection(response, request, ^(const WebCore::ResourceRequest& request)
+            auto completionHandlerCopy = Block_copy(completionHandler);
+            client->willPerformHTTPRedirection(response, request, [completionHandlerCopy](const WebCore::ResourceRequest& request)
                 {
-                    completionHandler(request.nsURLRequest(WebCore::UpdateHTTPBody));
+                    completionHandlerCopy(request.nsURLRequest(WebCore::UpdateHTTPBody));
+                    Block_release(completionHandlerCopy);
                 }
             );
@@ -110 +112 @@
     if (auto* networkingTask = _session->dataTaskForIdentifier(task.taskIdentifier)) {
         if (auto* client = networkingTask->client()) {
-            client->didReceiveChallenge(challenge, ^(WebKit::AuthenticationChallengeDisposition disposition, const WebCore::Credential& credential)
+            auto completionHandlerCopy = Block_copy(completionHandler);
+            client->didReceiveChallenge(challenge, [completionHandlerCopy](WebKit::AuthenticationChallengeDisposition disposition, const WebCore::Credential& credential)
                 {
-                    completionHandler(toNSURLSessionAuthChallengeDisposition(disposition), credential.nsCredential());
+                    completionHandlerCopy(toNSURLSessionAuthChallengeDisposition(disposition), credential.nsCredential());
+                    Block_release(completionHandlerCopy);
                 }
             );
@@ -137 +141 @@
             ASSERT(isMainThread());
             WebCore::ResourceResponse resourceResponse(response);
-            client->didReceiveResponse(resourceResponse, ^(WebKit::ResponseDisposition responseDisposition)
+            auto completionHandlerCopy = Block_copy(completionHandler);
+            client->didReceiveResponse(resourceResponse, [completionHandlerCopy](WebKit::ResponseDisposition responseDisposition)
                 {
-                    completionHandler(toNSURLSessionResponseDisposition(responseDisposition));
+                    completionHandlerCopy(toNSURLSessionResponseDisposition(responseDisposition));
+                    Block_release(completionHandlerCopy);
                 }
             );

trunk/Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp

@@ -71 +71 @@
 }
 
-uint64_t AuthenticationManager::addChallengeToChallengeMap(const WebCore::AuthenticationChallenge& authenticationChallenge)
+uint64_t AuthenticationManager::addChallengeToChallengeMap(const Challenge& challenge)
 {
     ASSERT(RunLoop::isMain());
 
     uint64_t challengeID = generateAuthenticationChallengeID();
-    m_challenges.set(challengeID, authenticationChallenge);
+    m_challenges.set(challengeID, challenge);
     return challengeID;
 }
@@ -86 +86 @@
 
     for (auto& item : m_challenges) {
-        if (item.key != challengeID && ProtectionSpace::compare(challenge.protectionSpace(), item.value.protectionSpace()))
+        if (item.key != challengeID && ProtectionSpace::compare(challenge.protectionSpace(), item.value.challenge.protectionSpace()))
             return true;
     }
@@ -94 +94 @@
 Vector<uint64_t> AuthenticationManager::coalesceChallengesMatching(uint64_t challengeID) const
 {
-    AuthenticationChallenge challenge = m_challenges.get(challengeID);
-    ASSERT(!challenge.isNull());
+    auto challenge = m_challenges.get(challengeID);
+    ASSERT(!challenge.challenge.isNull());
 
     Vector<uint64_t> challengesToCoalesce;
     challengesToCoalesce.append(challengeID);
 
-    if (!canCoalesceChallenge(challenge))
+    if (!canCoalesceChallenge(challenge.challenge))
         return challengesToCoalesce;
 
     for (auto& item : m_challenges) {
-        if (item.key != challengeID && ProtectionSpace::compare(challenge.protectionSpace(), item.value.protectionSpace()))
+        if (item.key != challengeID && ProtectionSpace::compare(challenge.challenge.protectionSpace(), item.value.challenge.protectionSpace()))
             challengesToCoalesce.append(item.key);
     }
@@ -116 +116 @@
     ASSERT(frame->page());
 
-    uint64_t challengeID = addChallengeToChallengeMap(authenticationChallenge);
+    uint64_t challengeID = addChallengeToChallengeMap({authenticationChallenge
+#if USE(NETWORK_SESSION)
+        , ChallengeCompletionHandler()
+#endif
+    });
 
     // Coalesce challenges in the same protection space.
@@ -126 +130 @@
 
 #if ENABLE(NETWORK_PROCESS)
-void AuthenticationManager::didReceiveAuthenticationChallenge(uint64_t pageID, uint64_t frameID, const AuthenticationChallenge& authenticationChallenge)
+#if USE(NETWORK_SESSION)
+void AuthenticationManager::didReceiveAuthenticationChallenge(uint64_t pageID, uint64_t frameID, const AuthenticationChallenge& authenticationChallenge, ChallengeCompletionHandler completionHandler)
 {
     ASSERT(pageID);
     ASSERT(frameID);
 
-    uint64_t challengeID = addChallengeToChallengeMap(authenticationChallenge);
+    uint64_t challengeID = addChallengeToChallengeMap({authenticationChallenge, completionHandler});
     if (shouldCoalesceChallenge(challengeID, authenticationChallenge))
         return;
     
-    m_process->send(Messages::NetworkProcessProxy::DidReceiveAuthenticationChallenge(pageID, frameID, authenticationChallenge, addChallengeToChallengeMap(authenticationChallenge)));
-}
-#endif
-
+    m_process->send(Messages::NetworkProcessProxy::DidReceiveAuthenticationChallenge(pageID, frameID, authenticationChallenge, challengeID));
+}
+#endif
+void AuthenticationManager::didReceiveAuthenticationChallenge(uint64_t pageID, uint64_t frameID, const AuthenticationChallenge& authenticationChallenge)
+{
+    ASSERT(pageID);
+    ASSERT(frameID);
+
+    uint64_t challengeID = addChallengeToChallengeMap({authenticationChallenge
+#if USE(NETWORK_SESSION)
+        , ChallengeCompletionHandler()
+#endif
+    });
+    if (shouldCoalesceChallenge(challengeID, authenticationChallenge))
+        return;
+    
+    m_process->send(Messages::NetworkProcessProxy::DidReceiveAuthenticationChallenge(pageID, frameID, authenticationChallenge, challengeID));
+}
+#endif
+
+#if !USE(NETWORK_SESSION)
 void AuthenticationManager::didReceiveAuthenticationChallenge(Download* download, const AuthenticationChallenge& authenticationChallenge)
 {
-    uint64_t challengeID = addChallengeToChallengeMap(authenticationChallenge);
+    uint64_t challengeID = addChallengeToChallengeMap({authenticationChallenge});
     if (shouldCoalesceChallenge(challengeID, authenticationChallenge))
         return;
 
-    download->send(Messages::DownloadProxy::DidReceiveAuthenticationChallenge(authenticationChallenge, addChallengeToChallengeMap(authenticationChallenge)));
-}
+    download->send(Messages::DownloadProxy::DidReceiveAuthenticationChallenge(authenticationChallenge, challengeID));
+}
+#endif
 
 // Currently, only Mac knows how to respond to authentication challenges with certificate info.
@@ -166 +189 @@
 void AuthenticationManager::useCredentialForSingleChallenge(uint64_t challengeID, const Credential& credential, const CertificateInfo& certificateInfo)
 {
-    AuthenticationChallenge challenge = m_challenges.take(challengeID);
-    ASSERT(!challenge.isNull());
-    
-    if (tryUseCertificateInfoForChallenge(challenge, certificateInfo))
-        return;
-    
-    AuthenticationClient* coreClient = challenge.authenticationClient();
-    if (!coreClient) {
-        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
-        // We should not call Download::receivedCredential in the latter case.
-        Download::receivedCredential(challenge, credential);
-        return;
-    }
-
-    coreClient->receivedCredential(challenge, credential);
+    auto challenge = m_challenges.take(challengeID);
+    ASSERT(!challenge.challenge.isNull());
+
+    if (tryUseCertificateInfoForChallenge(challenge.challenge, certificateInfo))
+        return;
+
+#if USE(NETWORK_SESSION)
+    // If there is a completion handler, then there is no AuthenticationClient.
+    // FIXME: Remove the use of AuthenticationClient in WebKit2 once NETWORK_SESSION is used for all loads.
+    if (challenge.completionHandler) {
+        challenge.completionHandler(AuthenticationChallengeDisposition::UseCredential, credential);
+        return;
+    }
+#endif
+
+    AuthenticationClient* coreClient = challenge.challenge.authenticationClient();
+    if (!coreClient) {
+        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
+        // We should not call Download::receivedCredential in the latter case.
+        Download::receivedCredential(challenge.challenge, credential);
+        return;
+    }
+
+    coreClient->receivedCredential(challenge.challenge, credential);
 }
 
@@ -193 +225 @@
 void AuthenticationManager::continueWithoutCredentialForSingleChallenge(uint64_t challengeID)
 {
-    AuthenticationChallenge challenge = m_challenges.take(challengeID);
-    ASSERT(!challenge.isNull());
-    AuthenticationClient* coreClient = challenge.authenticationClient();
-    if (!coreClient) {
-        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
-        // We should not call Download::receivedCredential in the latter case.
-        Download::receivedRequestToContinueWithoutCredential(challenge);
-        return;
-    }
-
-    coreClient->receivedRequestToContinueWithoutCredential(challenge);
+    auto challenge = m_challenges.take(challengeID);
+    ASSERT(!challenge.challenge.isNull());
+
+#if USE(NETWORK_SESSION)
+    if (challenge.completionHandler) {
+        challenge.completionHandler(AuthenticationChallengeDisposition::UseCredential, Credential());
+        return;
+    }
+#endif
+
+    AuthenticationClient* coreClient = challenge.challenge.authenticationClient();
+    if (!coreClient) {
+        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
+        // We should not call Download::receivedCredential in the latter case.
+        Download::receivedRequestToContinueWithoutCredential(challenge.challenge);
+        return;
+    }
+
+    coreClient->receivedRequestToContinueWithoutCredential(challenge.challenge);
 }
 
@@ -216 +256 @@
 void AuthenticationManager::cancelSingleChallenge(uint64_t challengeID)
 {
-    AuthenticationChallenge challenge = m_challenges.take(challengeID);
-    ASSERT(!challenge.isNull());
-    AuthenticationClient* coreClient = challenge.authenticationClient();
-    if (!coreClient) {
-        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
-        // We should not call Download::receivedCredential in the latter case.
-        Download::receivedCancellation(challenge);
-        return;
-    }
-
-    coreClient->receivedCancellation(challenge);
+    auto challenge = m_challenges.take(challengeID);
+    ASSERT(!challenge.challenge.isNull());
+
+#if USE(NETWORK_SESSION)
+    if (challenge.completionHandler) {
+        challenge.completionHandler(AuthenticationChallengeDisposition::Cancel, Credential());
+        return;
+    }
+#endif
+
+    AuthenticationClient* coreClient = challenge.challenge.authenticationClient();
+    if (!coreClient) {
+        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
+        // We should not call Download::receivedCredential in the latter case.
+        Download::receivedCancellation(challenge.challenge);
+        return;
+    }
+
+    coreClient->receivedCancellation(challenge.challenge);
 }
 
@@ -239 +287 @@
 void AuthenticationManager::performDefaultHandlingForSingleChallenge(uint64_t challengeID)
 {
-    AuthenticationChallenge challenge = m_challenges.take(challengeID);
-    ASSERT(!challenge.isNull());
-    AuthenticationClient* coreClient = challenge.authenticationClient();
-    if (!coreClient) {
-        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
-        // We should not call Download::receivedCredential in the latter case.
-        Download::receivedRequestToPerformDefaultHandling(challenge);
-        return;
-    }
-
-    coreClient->receivedRequestToPerformDefaultHandling(challenge);
+    auto challenge = m_challenges.take(challengeID);
+    ASSERT(!challenge.challenge.isNull());
+
+#if USE(NETWORK_SESSION)
+    if (challenge.completionHandler) {
+        challenge.completionHandler(AuthenticationChallengeDisposition::PerformDefaultHandling, Credential());
+        return;
+    }
+#endif
+
+    AuthenticationClient* coreClient = challenge.challenge.authenticationClient();
+    if (!coreClient) {
+        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
+        // We should not call Download::receivedCredential in the latter case.
+        Download::receivedRequestToPerformDefaultHandling(challenge.challenge);
+        return;
+    }
+
+    coreClient->receivedRequestToPerformDefaultHandling(challenge.challenge);
 }
 
@@ -262 +318 @@
 void AuthenticationManager::rejectProtectionSpaceAndContinueForSingleChallenge(uint64_t challengeID)
 {
-    AuthenticationChallenge challenge = m_challenges.take(challengeID);
-    ASSERT(!challenge.isNull());
-    AuthenticationClient* coreClient = challenge.authenticationClient();
-    if (!coreClient) {
-        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
-        // We should not call Download::receivedCredential in the latter case.
-        Download::receivedChallengeRejection(challenge);
-        return;
-    }
-
-    coreClient->receivedChallengeRejection(challenge);
+    auto challenge = m_challenges.take(challengeID);
+    ASSERT(!challenge.challenge.isNull());
+
+#if USE(NETWORK_SESSION)
+    if (challenge.completionHandler) {
+        challenge.completionHandler(AuthenticationChallengeDisposition::RejectProtectionSpace, Credential());
+        return;
+    }
+#endif
+
+    AuthenticationClient* coreClient = challenge.challenge.authenticationClient();
+    if (!coreClient) {
+        // FIXME: The authentication client is null for downloads, but it can also be null for canceled loads.
+        // We should not call Download::receivedCredential in the latter case.
+        Download::receivedChallengeRejection(challenge.challenge);
+        return;
+    }
+
+    coreClient->receivedChallengeRejection(challenge.challenge);
 }
 

trunk/Source/WebKit2/Shared/Authentication/AuthenticationManager.h

@@ -29 +29 @@
 #include "MessageReceiver.h"
 #include "NetworkProcessSupplement.h"
+#include "NetworkSession.h"
 #include "WebProcessSupplement.h"
 #include <WebCore/AuthenticationChallenge.h>
@@ -53 +54 @@
     static const char* supplementName();
 
+#if USE(NETWORK_SESSION)
+    typedef std::function<void(AuthenticationChallengeDisposition, const WebCore::Credential&)> ChallengeCompletionHandler;
+    void didReceiveAuthenticationChallenge(uint64_t pageID, uint64_t frameID, const WebCore::AuthenticationChallenge&, ChallengeCompletionHandler);
+#endif
     // Called for resources in the WebProcess (NetworkProcess disabled)
     void didReceiveAuthenticationChallenge(WebFrame*, const WebCore::AuthenticationChallenge&);
@@ -69 +74 @@
 
 private:
+    struct Challenge {
+        WebCore::AuthenticationChallenge challenge;
+#if USE(NETWORK_SESSION)
+        ChallengeCompletionHandler completionHandler;
+#endif
+    };
+    
     // IPC::MessageReceiver
     virtual void didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&) override;
@@ -74 +86 @@
     bool tryUseCertificateInfoForChallenge(const WebCore::AuthenticationChallenge&, const WebCore::CertificateInfo&);
 
-    uint64_t addChallengeToChallengeMap(const WebCore::AuthenticationChallenge&);
+    uint64_t addChallengeToChallengeMap(const Challenge&);
     bool shouldCoalesceChallenge(uint64_t challengeID, const WebCore::AuthenticationChallenge&) const;
 
@@ -87 +99 @@
     ChildProcess* m_process;
 
-    typedef HashMap<uint64_t, WebCore::AuthenticationChallenge> AuthenticationChallengeMap;
-    AuthenticationChallengeMap m_challenges;
+    HashMap<uint64_t, Challenge> m_challenges;
 };
 

trunk/Source/WebKit2/Shared/Downloads/Download.cpp

@@ -30 +30 @@
 #include "Connection.h"
 #include "DataReference.h"
-#include "DownloadAuthenticationClient.h"
 #include "DownloadProxyMessages.h"
 #include "DownloadManager.h"
 #include "SandboxExtension.h"
 #include "WebCoreArgumentCoders.h"
+#include <WebCore/NotImplemented.h>
+
+#if !USE(NETWORK_SESSION)
+#include "DownloadAuthenticationClient.h"
+#endif
 
 using namespace WebCore;
@@ -64 +68 @@
 void Download::didReceiveAuthenticationChallenge(const AuthenticationChallenge& authenticationChallenge)
 {
+#if USE(NETWORK_SESSION)
+    notImplemented();
+#else
     m_downloadManager.downloadsAuthenticationManager().didReceiveAuthenticationChallenge(this, authenticationChallenge);
+#endif
 }
 

trunk/Source/WebKit2/Shared/Downloads/DownloadAuthenticationClient.cpp

@@ -26 +26 @@
 #include "config.h"
 #include "DownloadAuthenticationClient.h"
+
+#if !USE(NETWORK_SESSION)
 
 #include "Download.h"
@@ -65 +67 @@
 
 } // namespace WebKit
+
+#endif

trunk/Source/WebKit2/Shared/Downloads/DownloadAuthenticationClient.h

@@ -26 +26 @@
 #ifndef DownloadAuthenticationClient_h
 #define DownloadAuthenticationClient_h
+
+#if !USE(NETWORK_SESSION)
 
 #include <WebCore/AuthenticationClient.h>
@@ -66 +68 @@
 } // namespace WebKit
 
+#endif // !USE(NETWORK_SESSION)
+
 #endif // DownloadAuthenticationClient_h