ChromeOS: user whitelist check should happen before entering password.

chromeos/login/auth/login_performer.h

Index: chromeos/login/auth/login_performer.h
diff --git a/chromeos/login/auth/login_performer.h b/chromeos/login/auth/login_performer.h
index bf78330c6ed5d596a8b436252bff5658e5911e7a..e17625c5b0ff07266f9179e5ce3dc4d9a8e12fbb 100644
--- a/chromeos/login/auth/login_performer.h
+++ b/chromeos/login/auth/login_performer.h
@@ -117,6 +117,12 @@ class CHROMEOS_EXPORT LoginPerformer : public AuthStatusConsumer,
 
   AuthorizationMode auth_mode() const { return auth_mode_; }
 
+  // Check if user is allowed to sign in on device. |wildcard_match| will
+  // contain additional information whether this user is explicitly listed or
+  // not (may be relevant for extension-based sign-in).
+  virtual bool IsUserWhitelisted(const std::string& user_id,
+                                 bool* wildcard_match) = 0;
+
  protected:
   // Implements OnlineAttemptHost::Delegate.
   void OnChecked(const std::string& user_id, bool success) override;
@@ -128,12 +134,6 @@ class CHROMEOS_EXPORT LoginPerformer : public AuthStatusConsumer,
   // PolicyLoadFailed() or |callback| will be called upon actual check.
   virtual bool RunTrustedCheck(const base::Closure& callback) = 0;
 
-  // Check if user is allowed to sign in on device. |wildcard_match| will
-  // contain additional information whether this user is explicitly listed or
-  // not (may be relevant for extension-based sign-in).
-  virtual bool IsUserWhitelisted(const std::string& user_id,
-                                 bool* wildcard_match) = 0;
-
   // This method should run addional online check if user can sign in on device.
   // Either |success_callback| or |failure_callback| should be called upon this
   // check.