Chromium Code Reviews Chromium Code Reviews
Issue 3442009:
[Chrome OS] Attempt offline and online login simultaneously (Closed)
| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ | |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ | |
| 7 #pragma once | |
| 8 | |
| 9 #include <string> | |
| 10 #include <vector> | |
| 11 | |
| 12 #include "base/basictypes.h" | |
| 13 #include "base/gtest_prod_util.h" | |
| 14 #include "base/scoped_ptr.h" | |
| 15 #include "base/ref_counted.h" | |
| 16 #include "chrome/browser/chromeos/cros/cros_library.h" | |
| 17 #include "chrome/browser/chromeos/cros/cryptohome_library.h" | |
| 18 #include "chrome/browser/chromeos/login/authenticator.h" | |
| 19 #include "chrome/browser/chromeos/login/auth_attempt_state.h" | |
| 20 #include "chrome/browser/chromeos/login/auth_attempt_state_resolver.h" | |
| 21 #include "chrome/browser/chromeos/login/test_attempt_state.h" | |
| 22 #include "chrome/browser/chromeos/login/cryptohome_op.h" | |
| 23 #include "chrome/browser/chromeos/login/online_attempt.h" | |
| 24 #include "chrome/common/net/gaia/gaia_auth_consumer.h" | |
| 25 | |
| 26 class GaiaAuthenticator2; | |
| 27 class Lock; | |
| 28 class LoginFailure; | |
| 29 class Profile; | |
| 30 | |
| 31 namespace chromeos { | |
| 32 | |
| 33 class LoginStatusConsumer; | |
| 34 class ParallelAuthenticatorTest; | |
| 35 | |
| 36 // Authenticates a Chromium OS user against the Google Accounts ClientLogin API. | |
| 37 // | |
| 38 // Simultaneously attempts authentication both offline and online, failing over | |
| 39 // to the "localaccount" in the event that authentication fails. | |
| 40 // | |
| 41 // At a high, level, here's what happens: | |
| 42 // AuthenticateToLogin() creates an OnlineAttempt and a CryptohomeOp that | |
| 43 // attempt to perform online and offline login simultaneously. When one of | |
| 44 // these completes, it will store results in a AuthAttemptState owned by | |
| 45 // ParallelAuthenticator and then call Resolve(). Resolve() will attempt to | |
| 46 // determine which AuthState we're in, based on the info at hand. | |
| 47 // It then triggers further action based on the calculated AuthState; this | |
| 48 // further action might include calling back the passed-in LoginStatusConsumer | |
| 49 // to signal that login succeeded or failed, waiting for more outstanding | |
| 50 // operations to complete, or triggering some more CryptohomeOps. | |
| 51 class ParallelAuthenticator : public Authenticator, | |
| 52 public AuthAttemptStateResolver { | |
| 53 public: | |
| 54 enum AuthState { | |
| 55 CONTINUE, // State indeterminate; try again when more info available. | |
| 56 NO_MOUNT, // Cryptohome doesn't exist yet. | |
| 57 FAILED_MOUNT, // Failed to mount existing cryptohome. | |
| 58 FAILED_REMOVE, // Failed to remove existing cryptohome. | |
| 59 FAILED_TMPFS, // Failed to mount tmpfs for guest user | |
| 60 CREATE_NEW, // Need to create cryptohome for a new user. | |
| 61 RECOVER_MOUNT, // After RecoverEncryptedData, mount cryptohome. | |
| 62 POSSIBLE_PW_CHANGE, // Offline login failed, user may have changed pw. | |
| 63 NEED_NEW_PW, // User changed pw, and we have the old one. | |
| 64 NEED_OLD_PW, // User changed pw, and we have the new one. | |
| 65 HAVE_NEW_PW, // We have verified new pw, time to migrate key. | |
| 66 OFFLINE_LOGIN, // Login succeeded offline. | |
| 67 ONLINE_LOGIN, // Offline and online login succeeded. | |
| 68 UNLOCK, // Screen unlock succeeded. | |
| 69 LOCAL_LOGIN, // Login with localaccount succeded. | |
| 70 ONLINE_FAILED, // Online login disallowed, but offline succeeded. | |
| 71 LOGIN_FAILED // Login denied. | |
| 72 }; | |
| 73 | |
| 74 explicit ParallelAuthenticator(LoginStatusConsumer* consumer); | |
| 75 virtual ~ParallelAuthenticator(); | |
| 76 | |
| 77 // Given a |username| and |password|, this method attempts to authenticate to | |
| 78 // the Google accounts servers and your Chrome OS device simultaneously. | |
|
Nikita (slow)
2010/10/07 16:20:16
nit: Chromium?
Chris Masone
2010/10/07 16:32:30
Done.
| |
| 79 // As soon as we have successfully mounted the encrypted home directory for | |
| 80 // |username|, we will call consumer_->OnLoginSuccess() with |username| and a | |
| 81 // vector of authentication cookies. If we're still waiting for an online | |
| 82 // result at that time, we'll also pass back a flag indicating that more | |
| 83 // callbacks are on the way; if not, we pass back false. When the pending | |
| 84 // request completes, either consumer_->OnLoginSuccess() with an indication | |
| 85 // that no more requests are outstanding will be called, or | |
| 86 // consumer_->OnLoginFailure() if appropriate. | |
| 87 // | |
| 88 // Upon failure to login (online fails, then offline fails; | |
| 89 // offline fails, then online fails) consumer_->OnLoginFailure() is called | |
| 90 // with an error message. | |
| 91 // | |
| 92 // In the event that we see an online success and then an offline failure, | |
| 93 // consumer_->OnPasswordChangeDetected() is called. | |
|
Nikita (slow)
2010/10/07 16:20:16
So in case offline ok, online failure OnPasswordCh
Chris Masone
2010/10/07 16:32:30
Exactly. You'll get OnLoginSuccess(..., ..., true
| |
| 94 // | |
| 95 // Uses |profile| when doing URL fetches. | |
| 96 // Optionally could pass CAPTCHA challenge token - |login_token| and | |
| 97 // |login_captcha| string that user has entered. | |
| 98 // | |
| 99 // Returns true if the attempt gets sent successfully and false if not. | |
| 100 bool AuthenticateToLogin(Profile* profile, | |
| 101 const std::string& username, | |
| 102 const std::string& password, | |
| 103 const std::string& login_token, | |
| 104 const std::string& login_captcha); | |
| 105 | |
| 106 // Given a |username| and |password|, this method attempts to | |
| 107 // authenticate to the cached credentials. This will never contact | |
| 108 // the server even if it's online. The auth result is sent to | |
| 109 // LoginStatusConsumer in a same way as AuthenticateToLogin does. | |
| 110 bool AuthenticateToUnlock(const std::string& username, | |
| 111 const std::string& password); | |
| 112 | |
| 113 // Initiates off the record ("browse without signing in") login. | |
| 114 // Mounts tmpfs and notifies consumer on the success/failure. | |
| 115 void LoginOffTheRecord(); | |
| 116 | |
| 117 // These methods must be called on the UI thread, as they make DBus calls | |
| 118 // and also call back to the login UI. | |
| 119 void OnLoginSuccess(const GaiaAuthConsumer::ClientLoginResult& credentials, | |
| 120 bool request_pending); | |
| 121 void OnOffTheRecordLoginSuccess(); | |
| 122 void OnPasswordChangeDetected( | |
| 123 const GaiaAuthConsumer::ClientLoginResult& credentials); | |
| 124 void OnLoginFailure(const LoginFailure& error); | |
| 125 | |
| 126 void RecoverEncryptedData( | |
| 127 const std::string& old_password, | |
| 128 const GaiaAuthConsumer::ClientLoginResult& credentials); | |
| 129 void ResyncEncryptedData( | |
| 130 const GaiaAuthConsumer::ClientLoginResult& credentials); | |
| 131 void RetryAuth(Profile* profile, | |
| 132 const std::string& username, | |
| 133 const std::string& password, | |
| 134 const std::string& login_token, | |
| 135 const std::string& login_captcha); | |
| 136 | |
| 137 // Call this on the FILE thread. | |
| 138 void CheckLocalaccount(const LoginFailure& error); | |
| 139 | |
| 140 // Attempts to make a decision and call back |consumer_| based on | |
| 141 // the state we have gathered at the time of call. If a decision | |
| 142 // can't be made, defers until the next time this is called. | |
| 143 // When a decision is made, will call back to |consumer_| on the UI thread. | |
| 144 // | |
| 145 // Must be called on the IO thread. | |
| 146 void Resolve(); | |
| 147 | |
| 148 private: | |
| 149 // Returns the AuthState we're in, given the status info we have at | |
| 150 // the time of call. | |
| 151 // Must be called on the IO thread. | |
| 152 AuthState ResolveState(); | |
| 153 | |
| 154 // Helper for ResolveState(). | |
| 155 // Given that we're attempting to auth the user again, with a new password, | |
| 156 // determine which state we're in. Returns CONTINUE if no resolution. | |
| 157 // Must be called on the IO thread. | |
| 158 AuthState ResolveReauthState(); | |
| 159 | |
| 160 // Helper for ResolveState(). | |
| 161 // Given that some cryptohome operation has failed, determine which of the | |
| 162 // possible failure states we're in. | |
| 163 // Must be called on the IO thread. | |
| 164 AuthState ResolveCryptohomeFailureState(); | |
| 165 | |
| 166 // Helper for ResolveState(). | |
| 167 // Given that some cryptohome operation has succeeded, determine which of | |
| 168 // the possible states we're in. | |
| 169 // Must be called on the IO thread. | |
| 170 AuthState ResolveCryptohomeSuccessState(); | |
| 171 | |
| 172 // Helper for ResolveState(). | |
| 173 // Given that some online auth operation has failed, determine which of the | |
| 174 // possible failure states we're in. Handles both failure to complete and | |
| 175 // actual failure responses from the server. | |
| 176 // Must be called on the IO thread. | |
| 177 AuthState ResolveOnlineFailureState(AuthState offline_state); | |
| 178 | |
| 179 // Helper for ResolveState(). | |
| 180 // Given that some online auth operation has succeeded, determine which of | |
| 181 // the possible success states we're in. | |
| 182 // Must be called on the IO thread. | |
| 183 AuthState ResolveOnlineSuccessState(AuthState offline_state); | |
| 184 | |
| 185 // Used for testing. | |
| 186 void set_attempt_state(TestAttemptState* new_state) { // takes ownership. | |
| 187 current_state_.reset(new_state); | |
| 188 } | |
| 189 | |
| 190 // Resets |current_state_| and then posts a task to the UI thread to | |
| 191 // Initiate() |to_initiate|. | |
| 192 // Call this method on the IO thread. | |
| 193 void ResyncRecoverHelper(CryptohomeOp* to_initiate); | |
| 194 | |
| 195 // If we don't have the system salt yet, loads it from the CryptohomeLibrary. | |
| 196 void LoadSystemSalt(); | |
| 197 | |
| 198 // If we haven't already, looks in a file called |filename| next to | |
| 199 // the browser executable for a "localaccount" name, and retrieves it | |
| 200 // if one is present. If someone attempts to authenticate with this | |
| 201 // username, we will mount a tmpfs for them and let them use the | |
| 202 // browser. | |
| 203 // Should only be called on the FILE thread. | |
| 204 void LoadLocalaccount(const std::string& filename); | |
| 205 | |
| 206 void SetLocalaccount(const std::string& new_name); | |
| 207 | |
| 208 // Stores a hash of |password|, salted with the ascii of |system_salt_|. | |
| 209 std::string HashPassword(const std::string& password); | |
| 210 | |
| 211 // Returns the ascii encoding of the system salt. | |
| 212 std::string SaltAsAscii(); | |
| 213 | |
| 214 // Converts the binary data |binary| into an ascii hex string and stores | |
| 215 // it in |hex_string|. Not guaranteed to be NULL-terminated. | |
| 216 // Returns false if |hex_string| is too small, true otherwise. | |
| 217 static bool BinaryToHex(const std::vector<unsigned char>& binary, | |
| 218 const unsigned int binary_len, | |
| 219 char* hex_string, | |
| 220 const unsigned int len); | |
| 221 | |
| 222 // Name of a file, next to chrome, that contains a local account username. | |
| 223 static const char kLocalaccountFile[]; | |
| 224 | |
| 225 // Milliseconds until we timeout our attempt to hit ClientLogin. | |
| 226 static const int kClientLoginTimeoutMs; | |
| 227 | |
| 228 // Milliseconds until we re-check whether we've gotten the localaccount name. | |
| 229 static const int kLocalaccountRetryIntervalMs; | |
| 230 | |
| 231 // Handles all net communications with Gaia. | |
| 232 scoped_ptr<GaiaAuthenticator2> gaia_authenticator_; | |
| 233 | |
| 234 // Used when we need to try online authentication again, after successful | |
| 235 // mount, but failed online login. | |
| 236 scoped_ptr<AuthAttemptState> reauth_state_; | |
| 237 | |
| 238 scoped_ptr<AuthAttemptState> current_state_; | |
| 239 scoped_refptr<OnlineAttempt> current_online_; | |
| 240 scoped_refptr<CryptohomeOp> mounter_; | |
| 241 scoped_refptr<CryptohomeOp> key_migrator_; | |
| 242 scoped_refptr<CryptohomeOp> data_remover_; | |
| 243 scoped_refptr<CryptohomeOp> guest_mounter_; | |
| 244 scoped_refptr<CryptohomeOp> key_checker_; | |
| 245 | |
| 246 std::string ascii_hash_; | |
| 247 chromeos::CryptohomeBlob system_salt_; | |
| 248 | |
| 249 // When the user has changed her password, but gives us the old one, we will | |
| 250 // be able to mount her cryptohome, but online authentication will fail. | |
| 251 // This allows us to present the same behavior to the caller, regardless | |
| 252 // of the order in which we receive these results. | |
| 253 bool already_reported_success_; | |
| 254 Lock success_lock_; // a lock around already_reported_success_. | |
| 255 | |
| 256 // Status relating to the local "backdoor" account. | |
| 257 std::string localaccount_; | |
| 258 bool checked_for_localaccount_; // needed because empty localaccount_ is ok. | |
| 259 Lock localaccount_lock_; // a lock around checked_for_localaccount_. | |
| 260 | |
| 261 friend class ParallelAuthenticatorTest; | |
| 262 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, SaltToAscii); | |
| 263 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadLocalaccount); | |
| 264 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, | |
| 265 ReadLocalaccountTrailingWS); | |
| 266 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadNoLocalaccount); | |
| 267 DISALLOW_COPY_AND_ASSIGN(ParallelAuthenticator); | |
| 268 }; | |
| 269 | |
| 270 } // namespace chromeos | |
| 271 | |
| 272 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ | |
| OLD | NEW |
