Chromium Code Reviews Chromium Code Reviews
Issue 4980005:
Allow sync with 2-factor StrongAuth accounts in ChromeOS. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/google_authenticator.h" | 5 #include "chrome/browser/chromeos/login/google_authenticator.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 54 const int GoogleAuthenticator::kLocalaccountRetryIntervalMs = 20; | 54 const int GoogleAuthenticator::kLocalaccountRetryIntervalMs = 20; |
| 55 | 55 |
| 56 const int kPassHashLen = 32; | 56 const int kPassHashLen = 32; |
| 57 | 57 |
| 58 GoogleAuthenticator::GoogleAuthenticator(LoginStatusConsumer* consumer) | 58 GoogleAuthenticator::GoogleAuthenticator(LoginStatusConsumer* consumer) |
| 59 : Authenticator(consumer), | 59 : Authenticator(consumer), |
| 60 user_manager_(UserManager::Get()), | 60 user_manager_(UserManager::Get()), |
| 61 hosted_policy_(GaiaAuthFetcher::HostedAccountsAllowed), | 61 hosted_policy_(GaiaAuthFetcher::HostedAccountsAllowed), |
| 62 unlock_(false), | 62 unlock_(false), |
| 63 try_again_(true), | 63 try_again_(true), |
| 64 checked_for_localaccount_(false) { | 64 checked_for_localaccount_(false), |
| 65 last_error_(GoogleServiceAuthError::None()) { | |
| 65 CHECK(chromeos::CrosLibrary::Get()->EnsureLoaded()); | 66 CHECK(chromeos::CrosLibrary::Get()->EnsureLoaded()); |
| 66 // If not already owned, this is a no-op. If it is, this loads the owner's | 67 // If not already owned, this is a no-op. If it is, this loads the owner's |
| 67 // public key off of disk. | 68 // public key off of disk. |
| 68 OwnershipService::GetSharedInstance()->StartLoadOwnerKeyAttempt(); | 69 OwnershipService::GetSharedInstance()->StartLoadOwnerKeyAttempt(); |
| 69 } | 70 } |
| 70 | 71 |
| 71 GoogleAuthenticator::~GoogleAuthenticator() {} | 72 GoogleAuthenticator::~GoogleAuthenticator() {} |
| 72 | 73 |
| 73 void GoogleAuthenticator::CancelClientLogin() { | 74 void GoogleAuthenticator::CancelClientLogin() { |
| 74 if (gaia_authenticator_->HasPendingFetch()) { | 75 if (gaia_authenticator_->HasPendingFetch()) { |
| (...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 198 return; | 199 return; |
| 199 } | 200 } |
| 200 BrowserThread::PostTask( | 201 BrowserThread::PostTask( |
| 201 BrowserThread::UI, FROM_HERE, | 202 BrowserThread::UI, FROM_HERE, |
| 202 NewRunnableMethod(this, | 203 NewRunnableMethod(this, |
| 203 &GoogleAuthenticator::OnLoginSuccess, | 204 &GoogleAuthenticator::OnLoginSuccess, |
| 204 credentials, false)); | 205 credentials, false)); |
| 205 } | 206 } |
| 206 | 207 |
| 207 void GoogleAuthenticator::OnClientLoginFailure( | 208 void GoogleAuthenticator::OnClientLoginFailure( |
| 208 const GoogleServiceAuthError& error) { | 209 const GoogleServiceAuthError& error) { |
| 210 // Save off the last error. | |
| 211 last_error_ = error; | |
| 209 | 212 |
| 210 if (error.state() == GoogleServiceAuthError::REQUEST_CANCELED) { | 213 if (error.state() == GoogleServiceAuthError::REQUEST_CANCELED) { |
| 211 if (try_again_) { | 214 if (try_again_) { |
| 212 try_again_ = false; | 215 try_again_ = false; |
| 213 LOG(ERROR) << "Login attempt canceled!?!? Trying again."; | 216 LOG(ERROR) << "Login attempt canceled!?!? Trying again."; |
| 214 TryClientLogin(); | 217 TryClientLogin(); |
| 215 return; | 218 return; |
| 216 } | 219 } |
| 217 LOG(ERROR) << "Login attempt canceled again? Already retried..."; | 220 LOG(ERROR) << "Login attempt canceled again? Already retried..."; |
| 218 } | 221 } |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 234 failure_details)); | 237 failure_details)); |
| 235 LOG(WARNING) << "Rejecting valid HOSTED account."; | 238 LOG(WARNING) << "Rejecting valid HOSTED account."; |
| 236 hosted_policy_ = GaiaAuthFetcher::HostedAccountsNotAllowed; | 239 hosted_policy_ = GaiaAuthFetcher::HostedAccountsNotAllowed; |
| 237 return; | 240 return; |
| 238 } | 241 } |
| 239 | 242 |
| 240 ClearClientLoginAttempt(); | 243 ClearClientLoginAttempt(); |
| 241 | 244 |
| 242 if (error.state() == GoogleServiceAuthError::TWO_FACTOR) { | 245 if (error.state() == GoogleServiceAuthError::TWO_FACTOR) { |
| 243 LOG(WARNING) << "Two factor authenticated. Sync will not work."; | 246 LOG(WARNING) << "Two factor authenticated. Sync will not work."; |
| 244 OnClientLoginSuccess(GaiaAuthConsumer::ClientLoginResult()); | 247 OnClientLoginSuccess(GaiaAuthConsumer::ClientLoginResult()); |
|
Chris Masone
2010/11/17 01:11:09
And then, here, you would create an appropriately
| |
| 245 return; | 248 return; |
| 246 } | 249 } |
| 247 | 250 |
| 248 BrowserThread::PostTask( | 251 BrowserThread::PostTask( |
| 249 BrowserThread::FILE, FROM_HERE, | 252 BrowserThread::FILE, FROM_HERE, |
| 250 NewRunnableMethod(this, | 253 NewRunnableMethod(this, |
| 251 &GoogleAuthenticator::LoadLocalaccount, | 254 &GoogleAuthenticator::LoadLocalaccount, |
| 252 std::string(kLocalaccountFile))); | 255 std::string(kLocalaccountFile))); |
| 253 | 256 |
| 254 LoginFailure failure_details = LoginFailure::FromNetworkAuthFailure(error); | 257 LoginFailure failure_details = LoginFailure::FromNetworkAuthFailure(error); |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 273 void GoogleAuthenticator::OnLoginSuccess( | 276 void GoogleAuthenticator::OnLoginSuccess( |
| 274 const GaiaAuthConsumer::ClientLoginResult& credentials, | 277 const GaiaAuthConsumer::ClientLoginResult& credentials, |
| 275 bool request_pending) { | 278 bool request_pending) { |
| 276 // Send notification of success | 279 // Send notification of success |
| 277 AuthenticationNotificationDetails details(true); | 280 AuthenticationNotificationDetails details(true); |
| 278 NotificationService::current()->Notify( | 281 NotificationService::current()->Notify( |
| 279 NotificationType::LOGIN_AUTHENTICATION, | 282 NotificationType::LOGIN_AUTHENTICATION, |
| 280 NotificationService::AllSources(), | 283 NotificationService::AllSources(), |
| 281 Details<AuthenticationNotificationDetails>(&details)); | 284 Details<AuthenticationNotificationDetails>(&details)); |
| 282 | 285 |
| 286 // If there was an error during the login attempt, notify the consumer. | |
| 287 if (last_error_.state() != GoogleServiceAuthError::NONE) { | |
|
Chris Masone
2010/11/17 01:11:09
You could toss this too.
| |
| 288 consumer_->SetLoginFailure( | |
| 289 LoginFailure::FromNetworkAuthFailure(last_error_)); | |
| 290 last_error_ = GoogleServiceAuthError::None(); | |
| 291 } | |
| 292 | |
| 283 int mount_error = chromeos::kCryptohomeMountErrorNone; | 293 int mount_error = chromeos::kCryptohomeMountErrorNone; |
| 284 BootTimesLoader::Get()->AddLoginTimeMarker("CryptohomeMounting", false); | 294 BootTimesLoader::Get()->AddLoginTimeMarker("CryptohomeMounting", false); |
| 285 if (unlock_ || | 295 if (unlock_ || |
| 286 (CrosLibrary::Get()->GetCryptohomeLibrary()->Mount(username_.c_str(), | 296 (CrosLibrary::Get()->GetCryptohomeLibrary()->Mount(username_.c_str(), |
| 287 ascii_hash_.c_str(), | 297 ascii_hash_.c_str(), |
| 288 &mount_error))) { | 298 &mount_error))) { |
| 289 BootTimesLoader::Get()->AddLoginTimeMarker("CryptohomeMounted", true); | 299 BootTimesLoader::Get()->AddLoginTimeMarker("CryptohomeMounted", true); |
| 290 consumer_->OnLoginSuccess(username_, | 300 consumer_->OnLoginSuccess(username_, |
| 291 password_, | 301 password_, |
| 292 credentials, | 302 credentials, |
| (...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 480 const unsigned int len) { | 490 const unsigned int len) { |
| 481 if (len < 2*binary_len) | 491 if (len < 2*binary_len) |
| 482 return false; | 492 return false; |
| 483 memset(hex_string, 0, len); | 493 memset(hex_string, 0, len); |
| 484 for (uint i = 0, j = 0; i < binary_len; i++, j+=2) | 494 for (uint i = 0, j = 0; i < binary_len; i++, j+=2) |
| 485 snprintf(hex_string + j, len - j, "%02x", binary[i]); | 495 snprintf(hex_string + j, len - j, "%02x", binary[i]); |
| 486 return true; | 496 return true; |
| 487 } | 497 } |
| 488 | 498 |
| 489 } // namespace chromeos | 499 } // namespace chromeos |
| OLD | NEW |
