| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/google_authenticator.h" | 5 #include "chrome/browser/chromeos/login/google_authenticator.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 76 : Authenticator(consumer), | 76 : Authenticator(consumer), |
| 77 fetcher_(NULL), | 77 fetcher_(NULL), |
| 78 getter_(NULL), | 78 getter_(NULL), |
| 79 checked_for_localaccount_(false), | 79 checked_for_localaccount_(false), |
| 80 unlock_(false), | 80 unlock_(false), |
| 81 try_again_(true) { | 81 try_again_(true) { |
| 82 CHECK(chromeos::CrosLibrary::Get()->EnsureLoaded()); | 82 CHECK(chromeos::CrosLibrary::Get()->EnsureLoaded()); |
| 83 } | 83 } |
| 84 | 84 |
| 85 GoogleAuthenticator::~GoogleAuthenticator() { | 85 GoogleAuthenticator::~GoogleAuthenticator() { |
| 86 ChromeThread::DeleteSoon(ChromeThread::FILE, FROM_HERE, fetcher_); | 86 delete fetcher_; |
| 87 } | 87 } |
| 88 | 88 |
| 89 // static | 89 // static |
| 90 URLFetcher* GoogleAuthenticator::CreateClientLoginFetcher( | 90 URLFetcher* GoogleAuthenticator::CreateClientLoginFetcher( |
| 91 URLRequestContextGetter* getter, | 91 URLRequestContextGetter* getter, |
| 92 const std::string& body, | 92 const std::string& body, |
| 93 URLFetcher::Delegate* delegate) { | 93 URLFetcher::Delegate* delegate) { |
| 94 URLFetcher* to_return = | 94 URLFetcher* to_return = |
| 95 URLFetcher::Create(0, | 95 URLFetcher::Create(0, |
| 96 GURL(AuthResponseHandler::kClientLoginUrl), | 96 GURL(AuthResponseHandler::kClientLoginUrl), |
| 97 URLFetcher::POST, | 97 URLFetcher::POST, |
| 98 delegate); | 98 delegate); |
| 99 to_return->set_request_context(getter); | 99 to_return->set_request_context(getter); |
| 100 to_return->set_load_flags(net::LOAD_DO_NOT_SEND_COOKIES); | 100 to_return->set_load_flags(net::LOAD_DO_NOT_SEND_COOKIES); |
| 101 to_return->set_upload_data("application/x-www-form-urlencoded", body); | 101 to_return->set_upload_data("application/x-www-form-urlencoded", body); |
| 102 return to_return; | 102 return to_return; |
| 103 } | 103 } |
| 104 | 104 |
| 105 bool GoogleAuthenticator::AuthenticateToLogin(Profile* profile, | 105 bool GoogleAuthenticator::AuthenticateToLogin(Profile* profile, |
| 106 const std::string& username, | 106 const std::string& username, |
| 107 const std::string& password) { | 107 const std::string& password) { |
| 108 DCHECK(ChromeThread::CurrentlyOn(ChromeThread::FILE)); | |
| 109 unlock_ = false; | 108 unlock_ = false; |
| 110 getter_ = profile->GetRequestContext(); | 109 getter_ = profile->GetRequestContext(); |
| 111 | 110 |
| 112 // TODO(cmasone): be more careful about zeroing memory that stores | 111 // TODO(cmasone): be more careful about zeroing memory that stores |
| 113 // the user's password. | 112 // the user's password. |
| 114 request_body_ = StringPrintf(kFormat, | 113 request_body_ = StringPrintf(kFormat, |
| 115 UrlEncodeString(username).c_str(), | 114 UrlEncodeString(username).c_str(), |
| 116 UrlEncodeString(password).c_str(), | 115 UrlEncodeString(password).c_str(), |
| 117 kCookiePersistence, | 116 kCookiePersistence, |
| 118 kAccountType, | 117 kAccountType, |
| (...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 247 NotificationService::current()->Notify( | 246 NotificationService::current()->Notify( |
| 248 NotificationType::LOGIN_AUTHENTICATION, | 247 NotificationType::LOGIN_AUTHENTICATION, |
| 249 NotificationService::AllSources(), | 248 NotificationService::AllSources(), |
| 250 Details<AuthenticationNotificationDetails>(&details)); | 249 Details<AuthenticationNotificationDetails>(&details)); |
| 251 LOG(WARNING) << "Login failed: " << data; | 250 LOG(WARNING) << "Login failed: " << data; |
| 252 // TODO(cmasone): what can we do to expose these OS/server-side error strings | 251 // TODO(cmasone): what can we do to expose these OS/server-side error strings |
| 253 // in an internationalizable way? | 252 // in an internationalizable way? |
| 254 consumer_->OnLoginFailure(data); | 253 consumer_->OnLoginFailure(data); |
| 255 } | 254 } |
| 256 | 255 |
| 257 void GoogleAuthenticator::LoadSystemSalt(const FilePath& path) { | 256 void GoogleAuthenticator::LoadSystemSalt() { |
| 258 if (!system_salt_.empty()) | 257 if (!system_salt_.empty()) |
| 259 return; | 258 return; |
| 260 CHECK(PathExists(path)) << path.value() << " does not exist!"; | 259 system_salt_ = CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt(); |
| 261 int64 file_size; | 260 CHECK(!system_salt_.empty()); |
| 262 CHECK(GetFileSize(path, &file_size)) << "Could not get size of " | 261 CHECK_EQ(system_salt_.size() % 2, 0U); |
| 263 << path.value(); | |
| 264 | |
| 265 char salt[file_size]; | |
| 266 int data_read = ReadFile(path, salt, file_size); | |
| 267 | |
| 268 CHECK_EQ(data_read % 2, 0); | |
| 269 system_salt_.assign(salt, salt + data_read); | |
| 270 } | 262 } |
| 271 | 263 |
| 272 void GoogleAuthenticator::LoadLocalaccount(const std::string& filename) { | 264 void GoogleAuthenticator::LoadLocalaccount(const std::string& filename) { |
| 273 if (checked_for_localaccount_) | 265 if (checked_for_localaccount_) |
| 274 return; | 266 return; |
| 275 FilePath localaccount_file; | 267 FilePath localaccount_file; |
| 276 std::string localaccount; | 268 std::string localaccount; |
| 277 if (PathService::Get(base::DIR_EXE, &localaccount_file)) { | 269 if (PathService::Get(base::DIR_EXE, &localaccount_file)) { |
| 278 localaccount_file = localaccount_file.Append(filename); | 270 localaccount_file = localaccount_file.Append(filename); |
| 279 LOG(INFO) << "looking for localaccount in " << localaccount_file.value(); | 271 LOG(INFO) << "looking for localaccount in " << localaccount_file.value(); |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 311 std::vector<unsigned char> passhash(passhash_buf, | 303 std::vector<unsigned char> passhash(passhash_buf, |
| 312 passhash_buf + sizeof(passhash_buf)); | 304 passhash_buf + sizeof(passhash_buf)); |
| 313 BinaryToHex(passhash, | 305 BinaryToHex(passhash, |
| 314 passhash.size() / 2, // only want top half, at least for now. | 306 passhash.size() / 2, // only want top half, at least for now. |
| 315 ascii_buf, | 307 ascii_buf, |
| 316 sizeof(ascii_buf)); | 308 sizeof(ascii_buf)); |
| 317 ascii_hash_.assign(ascii_buf, sizeof(ascii_buf) - 1); | 309 ascii_hash_.assign(ascii_buf, sizeof(ascii_buf) - 1); |
| 318 } | 310 } |
| 319 | 311 |
| 320 std::string GoogleAuthenticator::SaltAsAscii() { | 312 std::string GoogleAuthenticator::SaltAsAscii() { |
| 321 LoadSystemSalt(FilePath(kSystemSalt)); // no-op if it's already loaded. | 313 LoadSystemSalt(); // no-op if it's already loaded. |
| 322 unsigned int salt_len = system_salt_.size(); | 314 unsigned int salt_len = system_salt_.size(); |
| 323 char ascii_salt[2 * salt_len + 1]; | 315 char ascii_salt[2 * salt_len + 1]; |
| 324 if (GoogleAuthenticator::BinaryToHex(system_salt_, | 316 if (GoogleAuthenticator::BinaryToHex(system_salt_, |
| 325 salt_len, | 317 salt_len, |
| 326 ascii_salt, | 318 ascii_salt, |
| 327 sizeof(ascii_salt))) { | 319 sizeof(ascii_salt))) { |
| 328 return std::string(ascii_salt, sizeof(ascii_salt) - 1); | 320 return std::string(ascii_salt, sizeof(ascii_salt) - 1); |
| 329 } else { | 321 } else { |
| 330 return std::string(); | 322 return std::string(); |
| 331 } | 323 } |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 367 DCHECK_EQ(parts.size(), 2U) << "email_address should have only one @"; | 359 DCHECK_EQ(parts.size(), 2U) << "email_address should have only one @"; |
| 368 RemoveChars(parts[0], ".", &parts[0]); | 360 RemoveChars(parts[0], ".", &parts[0]); |
| 369 if (parts[0].find('+') != std::string::npos) | 361 if (parts[0].find('+') != std::string::npos) |
| 370 parts[0].erase(parts[0].find('+')); | 362 parts[0].erase(parts[0].find('+')); |
| 371 std::string new_email = StringToLowerASCII(JoinString(parts, at)); | 363 std::string new_email = StringToLowerASCII(JoinString(parts, at)); |
| 372 LOG(INFO) << "Canonicalized " << email_address << " to " << new_email; | 364 LOG(INFO) << "Canonicalized " << email_address << " to " << new_email; |
| 373 return new_email; | 365 return new_email; |
| 374 } | 366 } |
| 375 | 367 |
| 376 } // namespace chromeos | 368 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2820006:
Use GetSystemSalt from the cryptohome lib instead of reading salt off disk. (Closed)
