Make the login WebUI listen NOTIFICATION_AUTH_SUPPLIED and update the system request context.

chrome/browser/chromeos/login/existing_user_controller.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/existing_user_controller.h"
 
 #include <vector>
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
@@ skipping 13 matching lines @@
 #include "chrome/browser/chromeos/customization_document.h"
 #include "chrome/browser/chromeos/dbus/dbus_thread_manager.h"
 #include "chrome/browser/chromeos/dbus/session_manager_client.h"
 #include "chrome/browser/chromeos/login/helper.h"
 #include "chrome/browser/chromeos/login/login_display_host.h"
 #include "chrome/browser/chromeos/login/login_utils.h"
 #include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/browser/chromeos/login/wizard_accessibility_helper.h"
 #include "chrome/browser/chromeos/login/wizard_controller.h"
 #include "chrome/browser/google/google_util.h"
+#include "chrome/browser/policy/browser_policy_connector.h"
 #include "chrome/browser/prefs/pref_service.h"
 #include "chrome/browser/prefs/session_startup_pref.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/ui/dialog_style.h"
 #include "chrome/browser/ui/views/window.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/net/gaia/google_service_auth_error.h"
 #include "chrome/common/pref_names.h"
+#include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/notification_types.h"
 #include "grit/generated_resources.h"
+#include "net/http/http_auth_cache.h"
+#include "net/http/http_network_session.h"
+#include "net/http/http_transaction_factory.h"
+#include "net/url_request/url_request_context.h"
+#include "net/url_request/url_request_context_getter.h"
 #include "ui/base/l10n/l10n_util.h"
 #include "ui/views/widget/widget.h"
 
 namespace chromeos {
 
 namespace {
 
 // Url for setting up sync authentication.
 const char kSettingsSyncLoginURL[] = "chrome://settings/personal";
 
@@ skipping 10 matching lines @@
     "https://www.google.com/accounts/NewAccount?service=mail";
 
 // ChromeVox tutorial URL.
 const char kChromeVoxTutorialURL[] =
     "http://google-axs-chrome.googlecode.com/"
     "svn/trunk/chromevox_tutorial/interactive_tutorial_start.html";
 
 // Landing URL when launching Guest mode to fix captive portal.
 const char kCaptivePortalLaunchURL[] = "http://www.google.com/";
 
+// Makes a call to the policy subsystem to reload the policy when we detect
+// authentication change.
+void RefreshPoliciesOnUIThread() {
+  if (g_browser_process->browser_policy_connector())
+    g_browser_process->browser_policy_connector()->RefreshPolicies();
+}
+
+// Copies any authentication details that were entered in the login profile in
+// the mail profile to make sure all subsystems of Chrome can access the network
+// with the provided authentication which are possibly for a proxy server.
+void TransferContextAuthenticationsOnIOThread(
+    net::URLRequestContextGetter* browser_process_context_getter,
+    Profile* default_profile) {
+  DCHECK(browser_process_context_getter);
+  DCHECK(default_profile);
+  net::HttpAuthCache* new_cache =
+      browser_process_context_getter->GetURLRequestContext()->
+      http_transaction_factory()->GetSession()->http_auth_cache();
+  new_cache->UpdateAllFrom(
+      *default_profile->GetRequestContext()->GetURLRequestContext()->
+      http_transaction_factory()->GetSession()->http_auth_cache());
+  LOG(INFO) << "Main request context populated with authentication data.";

[Ivan Korotkov, 2012/01/12 19:37:16]

Should it really be an INFO log? Probably more appropriate to replace with VLOG
or even DVLOG.

[pastarmovj, 2012/01/13 10:15:47]

Yes you are right I only wanted at least one piece of information printed as
INFO I changed it to VLOG here (it is still useful for release builds too to
track timing compared to other possible messages.

+  // At last tell the policy subsystem to refresh now as it might have been
+  // stuck until now too.
+  content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE,
+                                   base::Bind(&RefreshPoliciesOnUIThread));
+}
+
 }  // namespace
 
 // static
 ExistingUserController* ExistingUserController::current_controller_ = NULL;
 
 ////////////////////////////////////////////////////////////////////////////////
 // ExistingUserController, public:
 
 ExistingUserController::ExistingUserController(LoginDisplayHost* host)
     : login_status_consumer_(NULL),
       host_(host),
       login_display_(host_->CreateLoginDisplay(this)),
       num_login_attempts_(0),
       cros_settings_(CrosSettings::Get()),
       weak_factory_(this),
       is_owner_login_(false),
       do_auto_enrollment_(false) {
   DCHECK(current_controller_ == NULL);
   current_controller_ = this;
 
   registrar_.Add(this,
                  chrome::NOTIFICATION_LOGIN_USER_IMAGE_CHANGED,
                  content::NotificationService::AllSources());
+  registrar_.Add(this,
+                 chrome::NOTIFICATION_AUTH_SUPPLIED,
+                 content::NotificationService::AllSources());
   cros_settings_->AddSettingsObserver(kAccountsPrefShowUserNamesOnSignIn, this);
   cros_settings_->AddSettingsObserver(kAccountsPrefAllowNewUser, this);
   cros_settings_->AddSettingsObserver(kAccountsPrefAllowGuest, this);
   cros_settings_->AddSettingsObserver(kAccountsPrefUsers, this);
 }
 
 void ExistingUserController::Init(const UserList& users) {
   UpdateLoginDisplay(users, true);
 
   LoginUtils::Get()->PrewarmAuthentication();
@@ skipping 49 matching lines @@
 void ExistingUserController::Observe(
     int type,
     const content::NotificationSource& source,
     const content::NotificationDetails& details) {
   if (type == chrome::NOTIFICATION_SYSTEM_SETTING_CHANGED) {
     // Signed settings changed notify views and update them.
     const chromeos::UserList& users = chromeos::UserManager::Get()->GetUsers();
     UpdateLoginDisplay(users, false);
     return;
   }
+  if (type == chrome::NOTIFICATION_AUTH_SUPPLIED) {
+    // Possibly the user has authenticated against a proxy server and we might
+    // need the credentials for enrollment and other system requests from the
+    // main |g_browser_process| request context (see bug
+    // http://crosbug.com/24861). So we transfer any credentials to the global
+    // request context here.
+    // The issue we have here is that the NOTIFICATION_AUTH_SUPPLIED is sent
+    // just after the UI is closed but before the new credentials were stored
+    // in the profile. Therefore we have to give it some time to make sure it
+    // has been updated before we copy it.
+    LOG(INFO) << "Authentication was entered manually, possbly for proxy-auth.";
+    net::URLRequestContextGetter* browser_process_context_getter =
+        g_browser_process->system_request_context();
+    Profile* default_profile = ProfileManager::GetDefaultProfile();
+    content::BrowserThread::PostDelayedTask(
+        content::BrowserThread::IO, FROM_HERE,
+        base::Bind(&TransferContextAuthenticationsOnIOThread,
+                   base::Unretained(browser_process_context_getter),
+                   base::Unretained(default_profile)),

[Ivan Korotkov, 2012/01/12 19:37:16]

I've been told that it's deeply wrong to pass Profile to IO thread because it is
a purely UI-thread object. Also I'm not sure if it can't go away in 2 secs.
Please pass make_scoped_refptr(X->GetRequestContext()) for both arguments
instead. 

[pastarmovj, 2012/01/13 10:15:47]

Good advice, thanks! Done as suggested and now I pass a RefCounted thread safe
object so we should be good even two seconds later.

+                   2000);

[Ivan Korotkov, 2012/01/12 19:37:16]

Define a const for 2000, please :)

[pastarmovj, 2012/01/13 10:15:47]

Done.

+
+  }
   if (type != chrome::NOTIFICATION_LOGIN_USER_IMAGE_CHANGED)
     return;
   login_display_->OnUserImageChanged(*content::Details<User>(details).ptr());
 }
 
 ////////////////////////////////////////////////////////////////////////////////
 // ExistingUserController, private:
 
 ExistingUserController::~ExistingUserController() {
   LoginUtils::Get()->DelegateDeleted(this);
@@ skipping 495 matching lines @@
   std::string owner;
   cros_settings_->GetString(kDeviceOwner, &owner);
   cryptohomed->AsyncSetOwnerUser(owner, NULL);
 
   // Do not invoke AsyncDoAutomaticFreeDiskSpaceControl(NULL) here
   // so it does not delay the following mount. Cleanup will be
   // started in Cryptohomed by timer.
 }
 
 }  // namespace chromeos