Forced cookie removal before sign-in page is shown.

chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc

Index: chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc
===================================================================
--- chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc	(revision 96544)
+++ chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc	(working copy)
@@ -11,9 +11,11 @@
 #include "chrome/browser/chromeos/cros/power_library.h"
 #include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/browser/chromeos/login/webui_login_display.h"
+#include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/chromeos/user_cros_settings_provider.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/url_constants.h"
+#include "content/browser/tab_contents/tab_contents.h"
 #include "grit/generated_resources.h"
 #include "ui/base/l10n/l10n_util.h"
 
@@ -193,6 +195,19 @@
                                   help_id);
 }
 
+void SigninScreenHandler::OnBrowsingDataRemoverDone() {
+  // Show sign in screen as soon as we clear the cookie jar.
+  DictionaryValue params;
+  params.SetString("email", email_);
+  params.SetString("startUrl", kGaiaExtStartPage);
+  params.SetBoolean("createAccount",
+      UserCrosSettingsProvider::cached_allow_new_user());
+  params.SetBoolean("guestSignin",
+      UserCrosSettingsProvider::cached_allow_guest());
+  email_.clear();
+  ShowScreen(kGaiaSigninScreen, &params);
+}
+
 void SigninScreenHandler::HandleCompleteLogin(const base::ListValue* args) {
   std::string username;
   std::string password;
@@ -240,20 +255,11 @@
 
 void SigninScreenHandler::HandleShowAddUser(const base::ListValue* args) {
   if (extension_driven_) {
-    DictionaryValue params;
-    params.SetString("startUrl", kGaiaExtStartPage);
-
-    std::string email;
+    email_.clear();
     // |args| can be null if it's OOBE.
-    if (args && args->GetString(0, &email))
-      params.SetString("email", email);
-
-    params.SetBoolean("createAccount",
-        UserCrosSettingsProvider::cached_allow_new_user());
-    params.SetBoolean("guestSignin",
-        UserCrosSettingsProvider::cached_allow_guest());
-
-    ShowScreen(kGaiaSigninScreen, &params);
+    if (args && args->GetString(0, &email_)) {
+      StartClearingCookies();

[xiyuan, 2011/08/13 15:43:21]

Think we want to clear cookie regardless of whether we have an email to use or
not, e.g. http://crosbug.com/18925 where we want to show add user UI but reauth
UI might show up because of previous success sign-in.

[zel, 2011/08/15 06:24:34]

Good catch. Done.

+    }
   } else {
     ShowScreen(kSigninScreen, NULL);
   }
@@ -352,4 +358,15 @@
   delegate_->CreateAccount();
 }
 
+void SigninScreenHandler::StartClearingCookies() {
+  BrowsingDataRemover* remover = new BrowsingDataRemover(
+      Profile::FromBrowserContext(web_ui_->tab_contents()->browser_context()),
+      BrowsingDataRemover::EVERYTHING,
+      base::Time());
+  remover->AddObserver(this);
+  remover->Remove(BrowsingDataRemover::REMOVE_COOKIES |
+                  BrowsingDataRemover::REMOVE_LSO_DATA);
+

[xiyuan, 2011/08/13 15:43:21]

nit: nuke this empty line

[zel, 2011/08/15 06:24:34]

Done.

+}
+
 }  // namespace chromeos