| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_MANAGED_SUPERVISED_USER_AUTHENTICATION_H_ |
| 5 #define CHROME_BROWSER_CHROMEOS_LOGIN_MANAGED_SUPERVISED_USER_AUTHENTICATION_H_ |
| 6 |
| 7 #include "base/basictypes.h" |
| 8 #include "base/compiler_specific.h" |
| 9 #include "base/memory/weak_ptr.h" |
| 10 #include "base/strings/string16.h" |
| 11 #include "base/values.h" |
| 12 #include "chrome/browser/chromeos/login/managed/supervised_user_login_flow.h" |
| 13 |
| 14 namespace chromeos { |
| 15 |
| 16 class SupervisedUserManager; |
| 17 |
| 18 // This is a class that encapsulates all details of password handling for |
| 19 // supervised users. |
| 20 // Main property is the schema used to handle password. For now it can be either |
| 21 // plain password schema, when plain text password is passed to standard |
| 22 // cryprohome authentication algorithm without modification, or hashed password |
| 23 // schema, when password is additionally hashed with user-specific salt. |
| 24 // Second schema is required to allow password syncing across devices for |
| 25 // supervised users. |
| 26 class SupervisedUserAuthentication { |
| 27 public: |
| 28 enum Schema { |
| 29 SCHEMA_PLAIN = 1, |
| 30 SCHEMA_SALT_HASHED = 2 |
| 31 }; |
| 32 |
| 33 explicit SupervisedUserAuthentication(SupervisedUserManager* owner); |
| 34 virtual ~SupervisedUserAuthentication(); |
| 35 |
| 36 // Transforms password according to schema specified in Local State. |
| 37 std::string TransformPassword(const std::string& supervised_user_id, |
| 38 const std::string& password); |
| 39 |
| 40 // Returns |true| if current password schema for user is different from |
| 41 // target schema. |
| 42 bool PasswordNeedsMigration(const std::string& user_id); |
| 43 |
| 44 // Schedules password migration for |user_id| with |password| as a plain text |
| 45 // password. Migration should happen during |user_login_flow|. |
| 46 void SchedulePasswordMigration(const std::string& user_id, |
| 47 const std::string& password, |
| 48 SupervisedUserLoginFlow* user_login_flow); |
| 49 |
| 50 // Fills |password_data| with |password|-specific data for |user_id|, |
| 51 // depending on target schema. Does not affect Local State. |
| 52 bool FillDataForNewUser(const std::string& user_id, |
| 53 const std::string& password, |
| 54 base::DictionaryValue* password_data); |
| 55 |
| 56 // Stores |password_data| for |user_id| in Local State. Only public parts |
| 57 // of |password_data| will be stored. |
| 58 void StorePasswordData(const std::string& user_id, |
| 59 const base::DictionaryValue& password_data); |
| 60 |
| 61 private: |
| 62 SupervisedUserManager* owner_; |
| 63 |
| 64 // Controls if migration is enabled. |
| 65 bool migration_enabled_; |
| 66 |
| 67 // Target schema version. Affects migration process and new user creation. |
| 68 Schema stable_schema_; |
| 69 |
| 70 // Utility method that gets schema version for |user_id| from Local State. |
| 71 Schema GetPasswordSchema(const std::string& user_id); |
| 72 |
| 73 DISALLOW_COPY_AND_ASSIGN(SupervisedUserAuthentication); |
| 74 }; |
| 75 |
| 76 } // namespace chromeos |
| 77 |
| 78 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_MANAGED_SUPERVISED_USER_AUTHENTICATION_
H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 101283003:
Add first implemenation for SU password sync (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src