| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/sync/engine/authenticator.h" | |
| 6 | |
| 7 #include "chrome/browser/sync/engine/net/server_connection_manager.h" | |
| 8 #include "chrome/browser/sync/engine/syncproto.h" | |
| 9 #include "chrome/browser/sync/protocol/sync.pb.h" | |
| 10 #include "chrome/browser/sync/util/user_settings.h" | |
| 11 #include "chrome/common/deprecated/event_sys-inl.h" | |
| 12 #include "chrome/common/net/gaia/gaia_authenticator.h" | |
| 13 | |
| 14 namespace browser_sync { | |
| 15 | |
| 16 using std::string; | |
| 17 | |
| 18 Authenticator::Authenticator(ServerConnectionManager* manager, | |
| 19 UserSettings* settings) | |
| 20 : server_connection_manager_(manager), settings_(settings) { | |
| 21 } | |
| 22 | |
| 23 Authenticator::Authenticator(ServerConnectionManager* manager) | |
| 24 : server_connection_manager_(manager), settings_(NULL) { | |
| 25 } | |
| 26 | |
| 27 Authenticator::AuthenticationResult Authenticator::Authenticate() { | |
| 28 // TODO(sync): Pull and work with saved credentials. | |
| 29 return NO_SAVED_CREDENTIALS; | |
| 30 } | |
| 31 | |
| 32 Authenticator::AuthenticationResult Authenticator::Authenticate( | |
| 33 string username, string password) { | |
| 34 // TODO(sync): need to figure out if this routine is used anywhere other | |
| 35 // than the test code. | |
| 36 gaia::GaiaAuthenticator auth_service("ChromiumBrowser", "chromiumsync", | |
| 37 "https://www.google.com:443/accounts/ClientLogin"); | |
| 38 auth_service.set_message_loop(MessageLoop::current()); | |
| 39 if (!auth_service.Authenticate(username, password)) { | |
| 40 return UNSPECIFIC_ERROR_RETURN; | |
| 41 } | |
| 42 CHECK(!auth_service.auth_token().empty()); | |
| 43 return AuthenticateToken(auth_service.auth_token()); | |
| 44 } | |
| 45 | |
| 46 COMPILE_ASSERT(sync_pb::ClientToServerResponse::ErrorType_MAX == 7, | |
| 47 client_to_server_response_errors_changed); | |
| 48 | |
| 49 Authenticator::AuthenticationResult Authenticator::HandleSuccessfulTokenRequest( | |
| 50 const sync_pb::UserIdentification* user) { | |
| 51 display_email_ = user->has_email() ? user->email() : ""; | |
| 52 display_name_ = user->has_display_name() ? user->display_name() : ""; | |
| 53 obfuscated_id_ = user->has_obfuscated_id() ? user->obfuscated_id() : ""; | |
| 54 return SUCCESS; | |
| 55 } | |
| 56 | |
| 57 Authenticator::AuthenticationResult Authenticator::AuthenticateToken( | |
| 58 string auth_token) { | |
| 59 ClientToServerMessage client_to_server_message; | |
| 60 // Used to be required for all requests. | |
| 61 client_to_server_message.set_share(""); | |
| 62 client_to_server_message.set_message_contents( | |
| 63 ClientToServerMessage::AUTHENTICATE); | |
| 64 | |
| 65 string tx, rx; | |
| 66 client_to_server_message.SerializeToString(&tx); | |
| 67 HttpResponse http_response; | |
| 68 | |
| 69 ServerConnectionManager::PostBufferParams params = | |
| 70 { tx, &rx, &http_response }; | |
| 71 ScopedServerStatusWatcher watch(server_connection_manager_, &http_response); | |
| 72 if (!server_connection_manager_->PostBufferWithAuth(¶ms, auth_token, | |
| 73 &watch)) { | |
| 74 LOG(WARNING) << "Error posting from authenticator:" << http_response; | |
| 75 return SERVICE_DOWN; | |
| 76 } | |
| 77 sync_pb::ClientToServerResponse response; | |
| 78 if (!response.ParseFromString(rx)) | |
| 79 return CORRUPT_SERVER_RESPONSE; | |
| 80 | |
| 81 switch (response.error_code()) { | |
| 82 case sync_pb::ClientToServerResponse::SUCCESS: | |
| 83 if (response.has_authenticate() && response.authenticate().has_user()) | |
| 84 return HandleSuccessfulTokenRequest(&response.authenticate().user()); | |
| 85 // TODO:(sync) make this CORRUPT_SERVER_RESPONSE when all servers are | |
| 86 // returning user identification at login time. | |
| 87 return SUCCESS; | |
| 88 case sync_pb::ClientToServerResponse::USER_NOT_ACTIVATED: | |
| 89 return USER_NOT_ACTIVATED; | |
| 90 case sync_pb::ClientToServerResponse::AUTH_INVALID: | |
| 91 case sync_pb::ClientToServerResponse::AUTH_EXPIRED: | |
| 92 // TODO(tim): This is an egregious layering violation (bug 35060). | |
| 93 http_response.server_status = HttpResponse::SYNC_AUTH_ERROR; | |
| 94 return BAD_AUTH_TOKEN; | |
| 95 // should never happen (no birthday in this request). | |
| 96 case sync_pb::ClientToServerResponse::NOT_MY_BIRTHDAY: | |
| 97 // should never happen (auth isn't throttled). | |
| 98 case sync_pb::ClientToServerResponse::THROTTLED: | |
| 99 // should never happen (only for stores). | |
| 100 case sync_pb::ClientToServerResponse::ACCESS_DENIED: | |
| 101 // should never happen (only sent on get updates / commit) | |
| 102 case sync_pb::ClientToServerResponse::CLEAR_PENDING: | |
| 103 default: | |
| 104 LOG(ERROR) << "Corrupt Server packet received by auth, error code " << | |
| 105 response.error_code(); | |
| 106 return CORRUPT_SERVER_RESPONSE; | |
| 107 } | |
| 108 } | |
| 109 | |
| 110 } // namespace browser_sync | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3305003:
New authorization framework for sync. ... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/