[sync] Automatic bootstrapping of Sync on Win 8 from cached credentials

chrome/browser/sync/credential_cache_service_win.cc

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/sync/credential_cache_service_win.h"
+
+#include "base/bind.h"
+#include "base/bind_helpers.h"
+#include "base/base64.h"
+#include "base/compiler_specific.h"
+#include "base/file_util.h"
+#include "base/values.h"
+#include "chrome/browser/prefs/pref_service.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/profiles/profile_manager.h"
+#include "chrome/browser/signin/signin_manager.h"
+#include "chrome/browser/signin/token_service.h"
+#include "chrome/browser/signin/token_service_factory.h"
+#include "chrome/browser/sync/glue/chrome_encryptor.h"
+#include "chrome/browser/sync/profile_sync_service.h"
+#include "chrome/browser/sync/profile_sync_service_factory.h"
+#include "chrome/browser/sync/sync_prefs.h"
+#include "chrome/common/chrome_constants.h"
+#include "chrome/common/chrome_notification_types.h"
+#include "chrome/common/chrome_paths_internal.h"
+#include "chrome/common/net/gaia/gaia_constants.h"
+#include "chrome/common/pref_names.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/notification_details.h"
+#include "content/public/browser/notification_source.h"
+#include "sync/internal_api/public/base/model_type.h"
+
+namespace syncer {
+
+using content::BrowserThread;
+
+const char kSyncServiceToken[] = "sync.sync_service_token";
+
+CredentialCacheService::CredentialCacheService(Profile* profile)
+    : profile_(profile),
+      loaded_credentials_(false),
+      weak_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)) {
+  if (profile_)

[Andrew T Wilson (Slow), 2012/07/20 01:04:05]

When is profile_ null? Is this just for unit tests? Maybe add a comment to that
effect?

[Raghu Simha, 2012/07/20 23:35:22]

Done.

+    InitializeLocalCredentialCacheWriter();
+}
+
+CredentialCacheService::~CredentialCacheService() {
+  Shutdown();
+}
+
+void CredentialCacheService::Shutdown() {

[Andrew T Wilson (Slow), 2012/07/20 01:04:05]

I thought the point of using a pref_registrar_, etc was that you didn't have to
manually do all of this invalidation (it is handled by the destructor
automatically). Is there a reason you are manually calling RemoveAll() and
InvalidateWeakPtrs()?

[Raghu Simha, 2012/07/20 23:35:22]

Not really. Removed.

+  weak_factory_.InvalidateWeakPtrs();
+  token_service_registrar_.RemoveAll();
+  pref_registrar_.RemoveAll();
+  if (local_store_)
+    local_store_->RemoveObserver(this);
+  if (alternate_store_)
+    alternate_store_->RemoveObserver(this);
+}
+
+// static
+bool CredentialCacheService::IsDefaultProfileDir(const FilePath& profile_dir) {
+  FilePath default_user_data_dir;
+  chrome::GetDefaultUserDataDirectory(&default_user_data_dir);
+  return profile_dir ==
+      ProfileManager::GetDefaultProfileDir(default_user_data_dir);
+}
+
+// static
+base::StringValue* CredentialCacheService::PackCredential(
+    const std::string& credential) {
+  // Do nothing for empty credentials.
+  if (credential.empty())
+    return base::Value::CreateStringValue("");
+
+  browser_sync::ChromeEncryptor encryptor;
+  std::string encrypted;
+  if (!encryptor.EncryptString(credential, &encrypted)) {
+    NOTREACHED();
+    return NULL;
+  }
+
+  std::string encoded;
+  if (!base::Base64Encode(encrypted, &encoded)) {
+    NOTREACHED();
+    return NULL;

[Andrew T Wilson (Slow), 2012/07/20 01:04:05]

Do you really want to return NULL from this routine on error, or do you want to
return an empty string?

[Raghu Simha, 2012/07/20 23:35:22]

Good catch. Empty string is good.

+  }
+
+  return base::Value::CreateStringValue(encoded);
+}
+
+// static
+std::string CredentialCacheService::UnpackCredential(
+    const base::Value& packed) {
+  std::string encoded;
+  if (!packed.GetAsString(&encoded)) {
+    NOTREACHED();
+    return std::string();
+  }
+
+  // Do nothing for empty credentials.
+  if (encoded.empty())
+    return "";

[Andrew T Wilson (Slow), 2012/07/20 01:04:05]

Why are we returning "" here instead of std::string() as above?

[Raghu Simha, 2012/07/20 23:35:22]

Good catch. Fixed.

+
+  std::string encrypted;
+  if (!base::Base64Decode(encoded, &encrypted)) {
+    NOTREACHED();
+    return std::string();
+  }
+
+  browser_sync::ChromeEncryptor encryptor;
+  std::string unpacked;

[Andrew T Wilson (Slow), 2012/07/20 01:04:05]

nit:Should this be called "unencrypted" not "unpacked" since technically the
encrypted string is already unpacked?

[Raghu Simha, 2012/07/20 23:35:22]

Done.

+  if (!encryptor.DecryptString(encrypted, &unpacked)) {
+    NOTREACHED();
+    return std::string();
+  }
+
+  return unpacked;
+}
+
+void CredentialCacheService::OnInitializationCompleted(bool succeeded) {
+  DCHECK(succeeded);
+  // We observe two JsonPrefStores -- one for the local profile and one for the
+  // alternate profile. When the alternate credential store becomes available,
+  // we begin consuming its cached credentials. There is nothing to do when the
+  // local credential store becomes available, since we automatically get
+  // notified when the user signs in / signs out.
+  if (alternate_store_ && alternate_store_->IsInitializationComplete()) {
+    ReadCachedCredentialsFromAlternateProfile();
+  }
+}
+
+void CredentialCacheService::OnPrefValueChanged(const std::string& key) {
+  // Nothing to do here, since credentials are cached silently.
+}
+
+namespace {
+
+// Determines if credentials should be read from the alternate profile based
+// on the existence of the local and alternate credential files. Returns
+// true via |result| if there is a credential cache file in the alternate
+// profile, but there isn't one in the local profile. Returns false otherwise.
+void ShouldReadFromAlternateCache(
+    const FilePath& credential_path_in_current_profile,
+    const FilePath& credential_path_in_alternate_profile,
+    bool* result) {
+  DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::FILE));
+  DCHECK(result);
+  *result = !file_util::PathExists(credential_path_in_current_profile) &&
+            file_util::PathExists(credential_path_in_alternate_profile);
+}
+
+}  // namespace
+
+void CredentialCacheService::LookForCachedCredentialsInAlternateProfile() {
+  bool* should_initialize = new bool(false);
+  content::BrowserThread::PostTaskAndReply(
+      content::BrowserThread::FILE,
+      FROM_HERE,
+      base::Bind(&ShouldReadFromAlternateCache,
+                 GetCredentialPathInCurrentProfile(),
+                 GetCredentialPathInAlternateProfile(),
+                 should_initialize),
+      base::Bind(
+          &CredentialCacheService::InitializeAlternateCredentialCacheReader,
+          weak_factory_.GetWeakPtr(),
+          base::Owned(should_initialize)));
+}
+
+bool CredentialCacheService::SuccessfullyLoadedCredentials() const {
+  return loaded_credentials_;
+}
+
+FilePath CredentialCacheService::GetCredentialPathInCurrentProfile() const {
+  // The sync credential path in the default Desktop profile is
+  // "%Appdata%\Local\Google\Chrome\User Data\Default\Sync Credentials", while
+  // the sync credential path in the default Metro profile is
+  // "%Appdata%\Local\Google\Chrome\Metro\User Data\Default\Sync Credentials".
+  return profile_->GetPath().Append(chrome::kSyncCredentialsFilename);
+}
+
+FilePath CredentialCacheService::GetCredentialPathInAlternateProfile() const {
+  FilePath alternate_user_data_dir;
+  chrome::GetAlternateUserDataDirectory(&alternate_user_data_dir);
+  FilePath alternate_default_profile_dir =
+      ProfileManager::GetDefaultProfileDir(alternate_user_data_dir);
+  return alternate_default_profile_dir.Append(chrome::kSyncCredentialsFilename);
+}
+
+void CredentialCacheService::InitializeLocalCredentialCacheWriter() {
+  local_store_ = new JsonPrefStore(
+      GetCredentialPathInCurrentProfile(),
+      content::BrowserThread::GetMessageLoopProxyForThread(
+          content::BrowserThread::FILE));
+  local_store_->AddObserver(this);
+  local_store_->ReadPrefsAsync(NULL);
+
+  // Register for notifications for updates to the sync credentials, which are
+  // stored in the PrefStore.
+  pref_registrar_.Init(profile_->GetPrefs());
+  pref_registrar_.Add(prefs::kSyncEncryptionBootstrapToken, this);
+  pref_registrar_.Add(prefs::kGoogleServicesUsername, this);
+  pref_registrar_.Add(prefs::kSyncKeepEverythingSynced, this);
+  for (int i = FIRST_REAL_MODEL_TYPE; i < MODEL_TYPE_COUNT; ++i) {
+    if (i == NIGORI)  // The NIGORI preference is not persisted.
+      continue;
+    pref_registrar_.Add(
+        browser_sync::SyncPrefs::GetPrefNameForDataType(ModelTypeFromInt(i)),
+        this);
+  }
+
+  // Register for notifications for updates to the sync service token, which is
+  // stored in the TokenService.
+  TokenService* token_service = TokenServiceFactory::GetForProfile(profile_);
+  token_service_registrar_.Add(
+      this,
+      chrome::NOTIFICATION_TOKEN_AVAILABLE,
+      content::Source<TokenService>(token_service));
+  token_service_registrar_.Add(
+      this,
+      chrome::NOTIFICATION_TOKENS_CLEARED,
+      content::Source<TokenService>(token_service));
+}
+
+void CredentialCacheService::InitializeAlternateCredentialCacheReader(
+    bool* should_initialize) {

[Andrew T Wilson (Slow), 2012/07/20 01:04:05]

Not clear why should_initialize is a pointer, since it doesn't look like we
write to it (i.e. it's not an out param).

[Raghu Simha, 2012/07/20 23:35:22]

This is so that base::Owned can clean up the bool* created by
LookForCachedCredentialsInAlternateProfile. Also, we can't make do with a local
bool variable and pass in its address to ShouldReadFromAlternateCache because
it's run on the file thread.

I've added a comment to make this clear.

+  // If |should_initialize| is false, there was no credential cache in the
+  // alternate profile directory, and there is nothing to do.
+  // TODO(rsimha): Add a polling mechanism that periodically examines the
+  // credential file in the alternate profile directory so we can respond to the
+  // user signing in and signing out.
+  DCHECK(should_initialize);
+  if (!*should_initialize)
+    return;
+  alternate_store_ = new JsonPrefStore(
+      GetCredentialPathInAlternateProfile(),
+      content::BrowserThread::GetMessageLoopProxyForThread(
+          content::BrowserThread::FILE));
+  alternate_store_->AddObserver(this);
+  alternate_store_->ReadPrefsAsync(NULL);
+}
+
+bool CredentialCacheService::HasPref(scoped_refptr<JsonPrefStore> store,
+                                     const std::string& pref_name) {
+  return (store->GetValue(pref_name, NULL) == PrefStore::READ_OK);
+}
+
+std::string CredentialCacheService::GetStringPref(
+    scoped_refptr<JsonPrefStore> store,
+    const std::string& pref_name) {
+  const base::Value* pref_value = NULL;
+  store->GetValue(pref_name, &pref_value);
+  return UnpackCredential(*pref_value);
+}
+
+bool CredentialCacheService::GetBooleanPref(
+    scoped_refptr<JsonPrefStore> store,
+    const std::string& pref_name) {
+  const base::Value* pref_value = NULL;
+  store->GetValue(pref_name, &pref_value);
+  bool pref;
+  pref_value->GetAsBoolean(&pref);
+  return pref;
+}
+
+void CredentialCacheService::ReadCachedCredentialsFromAlternateProfile() {
+  if (!HasPref(alternate_store_, prefs::kGoogleServicesUsername) ||
+      !HasPref(alternate_store_, kSyncServiceToken) ||
+      !HasPref(alternate_store_, prefs::kSyncEncryptionBootstrapToken) ||
+      !HasPref(alternate_store_, prefs::kSyncKeepEverythingSynced)) {
+    VLOG(1) << "Could not find cached credentials.";
+    return;
+  }
+
+  std::string google_services_username =
+      GetStringPref(alternate_store_, prefs::kGoogleServicesUsername);
+  std::string sync_service_token =
+      GetStringPref(alternate_store_, kSyncServiceToken);
+  std::string encryption_bootstrap_token =
+      GetStringPref(alternate_store_, prefs::kSyncEncryptionBootstrapToken);
+  bool keep_everything_synced =
+      GetBooleanPref(alternate_store_, prefs::kSyncKeepEverythingSynced);
+
+  if (google_services_username.empty() ||
+      sync_service_token.empty() ||
+      encryption_bootstrap_token.empty()) {
+    VLOG(1) << "Found empty cached credentials.";
+    return;
+  }
+
+  bool datatype_prefs[MODEL_TYPE_COUNT] = { false };
+  for (int i = FIRST_REAL_MODEL_TYPE; i < MODEL_TYPE_COUNT; ++i) {
+    if (i == NIGORI)  // The NIGORI preference is not persisted.
+      continue;
+    std::string datatype_pref_name =
+        browser_sync::SyncPrefs::GetPrefNameForDataType(ModelTypeFromInt(i));
+    if (!HasPref(alternate_store_, datatype_pref_name)) {
+      VLOG(1) << "Could not find cached datatype prefs.";
+      return;
+    }
+    datatype_prefs[i] = GetBooleanPref(alternate_store_, datatype_pref_name);
+  }
+
+  ApplyCachedCredentials(google_services_username,
+                         sync_service_token,
+                         encryption_bootstrap_token,
+                         keep_everything_synced,
+                         datatype_prefs);
+}
+
+void CredentialCacheService::ApplyCachedCredentials(
+    const std::string& google_services_username,
+    const std::string& sync_service_token,
+    const std::string& encryption_bootstrap_token,
+    bool keep_everything_synced,
+    const bool datatype_prefs[]) {
+  loaded_credentials_ = true;
+  ProfileSyncService* service =
+      ProfileSyncServiceFactory::GetForProfile(profile_);
+  base::WeakPtr<browser_sync::SyncPrefs> sync_prefs = service->sync_prefs();
+  service->signin()->SetAuthenticatedUsername(google_services_username);
+  profile_->GetPrefs()->SetString(prefs::kGoogleServicesUsername,
+                                  google_services_username);
+  sync_prefs->SetStartSuppressed(false);
+  sync_prefs->SetEncryptionBootstrapToken(encryption_bootstrap_token);
+  sync_prefs->SetKeepEverythingSynced(keep_everything_synced);
+  syncer::ModelTypeSet registered_types;
+  syncer::ModelTypeSet preferred_types;
+  for (int i = FIRST_REAL_MODEL_TYPE; i < MODEL_TYPE_COUNT; ++i) {
+    if (i == NIGORI)  // The NIGORI preference is not persisted.
+      continue;
+    registered_types.Put(ModelTypeFromInt(i));
+    if (datatype_prefs[i])
+      preferred_types.Put(ModelTypeFromInt(i));
+  }
+  sync_prefs->SetPreferredDataTypes(registered_types, preferred_types);
+  TokenService* token_service = TokenServiceFactory::GetForProfile(profile_);
+  token_service->SaveCachedSyncTokenToDB(sync_service_token);
+}
+
+bool CredentialCacheService::HasUserSignedOut() {
+  // If HasPref() is false, the user never signed in, since there are no
+  // previously cached credentials. If the kGoogleServicesUsername pref is
+  // empty, it means that the user signed in and subsequently signed out.
+  return HasPref(local_store_, prefs::kGoogleServicesUsername) &&
+         GetStringPref(local_store_, prefs::kGoogleServicesUsername).empty();
+}
+
+void CredentialCacheService::UpdateStringPref(const std::string& pref_name,
+                                              const std::string& new_value) {
+  if (!HasUserSignedOut()) {
+    local_store_->SetValueSilently(pref_name, PackCredential(new_value));
+  } else {
+    // Write a blank value since we only use cached credentials for first-time
+    // sign-ins.
+    local_store_->SetValueSilently(pref_name, PackCredential(""));
+  }
+}
+
+void CredentialCacheService::UpdateBooleanPref(const std::string& pref_name,
+                                               bool new_value) {
+  if (!HasUserSignedOut()) {
+    local_store_->SetValueSilently(pref_name,
+                                   base::Value::CreateBooleanValue(new_value));
+  } else {
+    // Write a default value of false since we only use cached credentials for
+    // first-time sign-ins.
+    local_store_->SetValueSilently(pref_name,
+                                   base::Value::CreateBooleanValue(false));
+  }
+}
+
+void CredentialCacheService::Observe(
+    int type,
+    const content::NotificationSource& source,
+    const content::NotificationDetails& details) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+  DCHECK(local_store_);
+  switch (type) {
+    case chrome::NOTIFICATION_PREF_CHANGED: {
+      const std::string pref_name =
+          *(content::Details<const std::string>(details).ptr());
+      if (pref_name == prefs::kGoogleServicesUsername ||
+          pref_name == prefs::kSyncEncryptionBootstrapToken) {
+        UpdateStringPref(pref_name,
+                         profile_->GetPrefs()->GetString(pref_name.c_str()));
+      } else {
+        UpdateBooleanPref(pref_name,
+                          profile_->GetPrefs()->GetBoolean(pref_name.c_str()));
+      }
+      break;
+    }
+
+    case chrome::NOTIFICATION_TOKEN_AVAILABLE: {
+      const TokenService::TokenAvailableDetails& token_details =
+          *(content::Details<const TokenService::TokenAvailableDetails>(
+              details).ptr());
+      if (token_details.service() == GaiaConstants::kSyncService) {
+        UpdateStringPref(kSyncServiceToken, token_details.token());

[Andrew T Wilson (Slow), 2012/07/20 01:04:05]

I'm still not clear on why we are only syncing the sync service token, and not
the other tokens - how will the user turn on other signed-in services?

[Raghu Simha, 2012/07/20 23:35:22]

Good point re: tokens for other services. I've gone back to using lsid and sid.

+      }
+      break;
+    }
+
+    case chrome::NOTIFICATION_TOKENS_CLEARED: {
+      UpdateStringPref(kSyncServiceToken, "");
+      break;
+    }
+
+    default: {
+      NOTREACHED();
+      break;
+    }
+  }
+}
+
+}  // namespace syncer