| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ | 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 140 virtual void RecoverEncryptedData( | 140 virtual void RecoverEncryptedData( |
| 141 const std::string& old_password, | 141 const std::string& old_password, |
| 142 const GaiaAuthConsumer::ClientLoginResult& credentials) OVERRIDE; | 142 const GaiaAuthConsumer::ClientLoginResult& credentials) OVERRIDE; |
| 143 virtual void ResyncEncryptedData( | 143 virtual void ResyncEncryptedData( |
| 144 const GaiaAuthConsumer::ClientLoginResult& credentials) OVERRIDE; | 144 const GaiaAuthConsumer::ClientLoginResult& credentials) OVERRIDE; |
| 145 virtual void RetryAuth(Profile* profile, | 145 virtual void RetryAuth(Profile* profile, |
| 146 const std::string& username, | 146 const std::string& username, |
| 147 const std::string& password, | 147 const std::string& password, |
| 148 const std::string& login_token, | 148 const std::string& login_token, |
| 149 const std::string& login_captcha) OVERRIDE; | 149 const std::string& login_captcha) OVERRIDE; |
| 150 virtual void VerifyOAuth1AccessToken(const std::string& oauth1_access_token, | |
| 151 const std::string& oauth1_secret) OVERRIDE; | |
| 152 virtual std::string EncryptToken(const std::string& token) OVERRIDE; | |
| 153 virtual std::string DecryptToken(const std::string& encrypted_token) OVERRIDE; | |
| 154 | |
| 155 // AuthAttemptStateResolver overrides. | 150 // AuthAttemptStateResolver overrides. |
| 156 // Attempts to make a decision and call back |consumer_| based on | 151 // Attempts to make a decision and call back |consumer_| based on |
| 157 // the state we have gathered at the time of call. If a decision | 152 // the state we have gathered at the time of call. If a decision |
| 158 // can't be made, defers until the next time this is called. | 153 // can't be made, defers until the next time this is called. |
| 159 // When a decision is made, will call back to |consumer_| on the UI thread. | 154 // When a decision is made, will call back to |consumer_| on the UI thread. |
| 160 // | 155 // |
| 161 // Must be called on the IO thread. | 156 // Must be called on the IO thread. |
| 162 virtual void Resolve() OVERRIDE; | 157 virtual void Resolve() OVERRIDE; |
| 163 | 158 |
| 164 // Call this on the FILE thread. | 159 // Call this on the FILE thread. |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 232 // username, we will mount a tmpfs for them and let them use the | 227 // username, we will mount a tmpfs for them and let them use the |
| 233 // browser. | 228 // browser. |
| 234 // Should only be called on the FILE thread. | 229 // Should only be called on the FILE thread. |
| 235 void LoadLocalaccount(const std::string& filename); | 230 void LoadLocalaccount(const std::string& filename); |
| 236 | 231 |
| 237 void SetLocalaccount(const std::string& new_name); | 232 void SetLocalaccount(const std::string& new_name); |
| 238 | 233 |
| 239 // Records OAuth1 access token verification failure for |user_account|. | 234 // Records OAuth1 access token verification failure for |user_account|. |
| 240 void RecordOAuthCheckFailure(const std::string& user_account); | 235 void RecordOAuthCheckFailure(const std::string& user_account); |
| 241 | 236 |
| 242 // Stores a hash of |password|, salted with the ascii of |system_salt_|. | |
| 243 std::string HashPassword(const std::string& password); | |
| 244 | |
| 245 // Returns the ascii encoding of the system salt. | |
| 246 std::string SaltAsAscii(); | |
| 247 | |
| 248 // Signal login completion status for cases when a new user is added via | 237 // Signal login completion status for cases when a new user is added via |
| 249 // an external authentication provider (i.e. GAIA extension). | 238 // an external authentication provider (i.e. GAIA extension). |
| 250 void ResolveLoginCompletionStatus(); | 239 void ResolveLoginCompletionStatus(); |
| 251 | 240 |
| 252 // Name of a file, next to chrome, that contains a local account username. | 241 // Name of a file, next to chrome, that contains a local account username. |
| 253 static const char kLocalaccountFile[]; | 242 static const char kLocalaccountFile[]; |
| 254 | 243 |
| 255 // Milliseconds until we timeout our attempt to hit ClientLogin. | 244 // Milliseconds until we timeout our attempt to hit ClientLogin. |
| 256 static const int kClientLoginTimeoutMs; | 245 static const int kClientLoginTimeoutMs; |
| 257 | 246 |
| 258 // Milliseconds until we re-check whether we've gotten the localaccount name. | 247 // Milliseconds until we re-check whether we've gotten the localaccount name. |
| 259 static const int kLocalaccountRetryIntervalMs; | 248 static const int kLocalaccountRetryIntervalMs; |
| 260 | 249 |
| 261 // Handles all net communications with Gaia. | 250 // Handles all net communications with Gaia. |
| 262 scoped_ptr<GaiaAuthFetcher> gaia_authenticator_; | 251 scoped_ptr<GaiaAuthFetcher> gaia_authenticator_; |
| 263 | 252 |
| 264 // Used when we need to try online authentication again, after successful | 253 // Used when we need to try online authentication again, after successful |
| 265 // mount, but failed online login. | 254 // mount, but failed online login. |
| 266 scoped_ptr<AuthAttemptState> reauth_state_; | 255 scoped_ptr<AuthAttemptState> reauth_state_; |
| 267 | 256 |
| 268 scoped_ptr<AuthAttemptState> current_state_; | 257 scoped_ptr<AuthAttemptState> current_state_; |
| 269 scoped_refptr<OnlineAttempt> current_online_; | 258 scoped_refptr<OnlineAttempt> current_online_; |
| 270 scoped_refptr<CryptohomeOp> mounter_; | 259 scoped_refptr<CryptohomeOp> mounter_; |
| 271 scoped_refptr<CryptohomeOp> key_migrator_; | 260 scoped_refptr<CryptohomeOp> key_migrator_; |
| 272 scoped_refptr<CryptohomeOp> data_remover_; | 261 scoped_refptr<CryptohomeOp> data_remover_; |
| 273 scoped_refptr<CryptohomeOp> guest_mounter_; | 262 scoped_refptr<CryptohomeOp> guest_mounter_; |
| 274 scoped_refptr<CryptohomeOp> key_checker_; | 263 scoped_refptr<CryptohomeOp> key_checker_; |
| 275 | 264 |
| 276 std::string ascii_hash_; | |
| 277 chromeos::CryptohomeBlob system_salt_; | |
| 278 scoped_ptr<crypto::SymmetricKey> supplemental_user_key_; | |
| 279 | |
| 280 // When the user has changed her password, but gives us the old one, we will | 265 // When the user has changed her password, but gives us the old one, we will |
| 281 // be able to mount her cryptohome, but online authentication will fail. | 266 // be able to mount her cryptohome, but online authentication will fail. |
| 282 // This allows us to present the same behavior to the caller, regardless | 267 // This allows us to present the same behavior to the caller, regardless |
| 283 // of the order in which we receive these results. | 268 // of the order in which we receive these results. |
| 284 bool already_reported_success_; | 269 bool already_reported_success_; |
| 285 base::Lock success_lock_; // A lock around already_reported_success_. | 270 base::Lock success_lock_; // A lock around already_reported_success_. |
| 286 | 271 |
| 287 // Status relating to the local "backdoor" account. | 272 // Status relating to the local "backdoor" account. |
| 288 std::string localaccount_; | 273 std::string localaccount_; |
| 289 bool checked_for_localaccount_; // Needed because empty localaccount_ is ok. | 274 bool checked_for_localaccount_; // Needed because empty localaccount_ is ok. |
| 290 base::Lock localaccount_lock_; // A lock around checked_for_localaccount_. | 275 base::Lock localaccount_lock_; // A lock around checked_for_localaccount_. |
| 291 | 276 |
| 292 // True if we use OAuth-based authentication flow. | 277 // True if we use OAuth-based authentication flow. |
| 293 bool using_oauth_; | 278 bool using_oauth_; |
| 294 | 279 |
| 295 friend class ResolveChecker; | 280 friend class ResolveChecker; |
| 296 friend class ParallelAuthenticatorTest; | 281 friend class ParallelAuthenticatorTest; |
| 297 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, SaltToAscii); | |
| 298 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadLocalaccount); | 282 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadLocalaccount); |
| 299 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, | 283 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, |
| 300 ReadLocalaccountTrailingWS); | 284 ReadLocalaccountTrailingWS); |
| 301 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadNoLocalaccount); | 285 FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadNoLocalaccount); |
| 302 DISALLOW_COPY_AND_ASSIGN(ParallelAuthenticator); | 286 DISALLOW_COPY_AND_ASSIGN(ParallelAuthenticator); |
| 303 }; | 287 }; |
| 304 | 288 |
| 305 } // namespace chromeos | 289 } // namespace chromeos |
| 306 | 290 |
| 307 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ | 291 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8761016:
Shaving parallel authenticator yak to remove unnecessary dependency on this class from OAuth spec... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/