OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" | 5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
(...skipping 18 matching lines...) Expand all Loading... | |
29 #include "chrome/browser/signin/signin_manager_factory.h" | 29 #include "chrome/browser/signin/signin_manager_factory.h" |
30 #include "chrome/browser/signin/signin_promo.h" | 30 #include "chrome/browser/signin/signin_promo.h" |
31 #include "chrome/browser/sync/profile_sync_service.h" | 31 #include "chrome/browser/sync/profile_sync_service.h" |
32 #include "chrome/browser/sync/profile_sync_service_factory.h" | 32 #include "chrome/browser/sync/profile_sync_service_factory.h" |
33 #include "chrome/browser/ui/browser_finder.h" | 33 #include "chrome/browser/ui/browser_finder.h" |
34 #include "chrome/browser/ui/browser_window.h" | 34 #include "chrome/browser/ui/browser_window.h" |
35 #include "chrome/browser/ui/chrome_pages.h" | 35 #include "chrome/browser/ui/chrome_pages.h" |
36 #include "chrome/browser/ui/tab_modal_confirm_dialog.h" | 36 #include "chrome/browser/ui/tab_modal_confirm_dialog.h" |
37 #include "chrome/browser/ui/tab_modal_confirm_dialog_delegate.h" | 37 #include "chrome/browser/ui/tab_modal_confirm_dialog_delegate.h" |
38 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 38 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
39 #include "chrome/browser/ui/user_manager.h" | |
39 #include "chrome/browser/ui/webui/signin/inline_login_ui.h" | 40 #include "chrome/browser/ui/webui/signin/inline_login_ui.h" |
40 #include "chrome/browser/ui/webui/signin/login_ui_service.h" | 41 #include "chrome/browser/ui/webui/signin/login_ui_service.h" |
41 #include "chrome/browser/ui/webui/signin/login_ui_service_factory.h" | 42 #include "chrome/browser/ui/webui/signin/login_ui_service_factory.h" |
42 #include "chrome/common/url_constants.h" | 43 #include "chrome/common/url_constants.h" |
43 #include "chrome/grit/chromium_strings.h" | 44 #include "chrome/grit/chromium_strings.h" |
44 #include "chrome/grit/generated_resources.h" | 45 #include "chrome/grit/generated_resources.h" |
45 #include "components/signin/core/browser/about_signin_internals.h" | 46 #include "components/signin/core/browser/about_signin_internals.h" |
46 #include "components/signin/core/browser/account_tracker_service.h" | 47 #include "components/signin/core/browser/account_tracker_service.h" |
47 #include "components/signin/core/browser/profile_oauth2_token_service.h" | 48 #include "components/signin/core/browser/profile_oauth2_token_service.h" |
48 #include "components/signin/core/browser/signin_error_controller.h" | 49 #include "components/signin/core/browser/signin_error_controller.h" |
(...skipping 439 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
488 // This method is not called with webview sign in enabled. | 489 // This method is not called with webview sign in enabled. |
489 void InlineLoginHandlerImpl::DidCommitProvisionalLoadForFrame( | 490 void InlineLoginHandlerImpl::DidCommitProvisionalLoadForFrame( |
490 content::RenderFrameHost* render_frame_host, | 491 content::RenderFrameHost* render_frame_host, |
491 const GURL& url, | 492 const GURL& url, |
492 ui::PageTransition transition_type) { | 493 ui::PageTransition transition_type) { |
493 if (!web_contents()) | 494 if (!web_contents()) |
494 return; | 495 return; |
495 | 496 |
496 // Returns early if this is not a gaia iframe navigation. | 497 // Returns early if this is not a gaia iframe navigation. |
497 const GURL kGaiaExtOrigin( | 498 const GURL kGaiaExtOrigin( |
498 "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/"); | 499 GaiaUrls::GetInstance()->signin_completed_continue_url().GetOrigin()); |
499 content::RenderFrameHost* gaia_frame = InlineLoginUI::GetAuthFrame( | 500 content::RenderFrameHost* gaia_frame = InlineLoginUI::GetAuthFrame( |
500 web_contents(), kGaiaExtOrigin, "signin-frame"); | 501 web_contents(), kGaiaExtOrigin, "signin-frame"); |
501 if (render_frame_host != gaia_frame) | 502 if (render_frame_host != gaia_frame) |
502 return; | 503 return; |
503 | 504 |
504 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process | 505 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process |
505 // will require confirmation before the sign in takes effect. | 506 // will require confirmation before the sign in takes effect. |
506 if (!url.is_empty()) { | 507 if (!url.is_empty()) { |
507 GURL origin(url.GetOrigin()); | 508 GURL origin(url.GetOrigin()); |
508 if (url.spec() != url::kAboutBlankURL && | 509 if (url.spec() != url::kAboutBlankURL && |
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
633 | 634 |
634 base::string16 password_string16; | 635 base::string16 password_string16; |
635 dict->GetString("password", &password_string16); | 636 dict->GetString("password", &password_string16); |
636 std::string password(base::UTF16ToASCII(password_string16)); | 637 std::string password(base::UTF16ToASCII(password_string16)); |
637 | 638 |
638 base::string16 gaia_id_string16; | 639 base::string16 gaia_id_string16; |
639 dict->GetString("gaiaId", &gaia_id_string16); | 640 dict->GetString("gaiaId", &gaia_id_string16); |
640 DCHECK(!gaia_id_string16.empty()); | 641 DCHECK(!gaia_id_string16.empty()); |
641 std::string gaia_id = base::UTF16ToASCII(gaia_id_string16); | 642 std::string gaia_id = base::UTF16ToASCII(gaia_id_string16); |
642 | 643 |
643 // When doing a SAML sign in, this email check may result in a false | |
644 // positive. This happens when the user types one email address in the | |
645 // gaia sign in page, but signs in to a different account in the SAML sign in | |
646 // page. | |
647 std::string default_email; | |
648 std::string validate_email; | |
649 if (net::GetValueForKeyInQuery(current_url, "email", &default_email) && | |
650 net::GetValueForKeyInQuery(current_url, "validateEmail", | |
651 &validate_email) && | |
652 validate_email == "1") { | |
653 if (!gaia::AreEmailsSame(email, default_email)) { | |
654 HandleLoginError( | |
655 l10n_util::GetStringFUTF8(IDS_SYNC_WRONG_EMAIL, | |
656 base::UTF8ToUTF16(default_email))); | |
657 return; | |
658 } | |
659 } | |
660 | |
661 base::string16 session_index_string16; | 644 base::string16 session_index_string16; |
662 dict->GetString("sessionIndex", &session_index_string16); | 645 dict->GetString("sessionIndex", &session_index_string16); |
663 std::string session_index = base::UTF16ToASCII(session_index_string16); | 646 std::string session_index = base::UTF16ToASCII(session_index_string16); |
664 DCHECK(!session_index.empty()); | 647 DCHECK(!session_index.empty()); |
665 | 648 |
666 bool choose_what_to_sync = false; | 649 bool choose_what_to_sync = false; |
667 dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync); | 650 dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync); |
668 | 651 |
669 signin_metrics::Source source = signin::GetSourceForPromoURL(current_url); | 652 content::StoragePartition* partition = |
653 content::BrowserContext::GetStoragePartitionForSite( | |
654 contents->GetBrowserContext(), signin::GetSigninPartitionURL()); | |
655 | |
656 // If this was called from the user manager to reauthenticate the profile, | |
657 // the URL has a profile index parameter. In this case, the profile used with | |
658 // FinishCompleteLogin() must not be taken from web_ui(). The profile may | |
659 // not even be open, so may need to open it first. | |
660 size_t profile_index = signin::GetProfileIndexForPromoURL(current_url); | |
661 if (profile_index == std::string::npos) { | |
662 FinishCompleteLogin( | |
bcwhite
2015/07/21 13:28:39
Is this the "not called to reauthenticate" case?
Roger Tawa OOO till Jul 10th
2015/07/22 00:12:33
This is the "not called from the user manager to r
bcwhite
2015/07/22 13:42:21
The comment says "if A then B" but the code says "
Roger Tawa OOO till Jul 10th
2015/07/22 15:29:54
Switched order of code.
| |
663 FinishCompleteLoginParams(this, partition, current_url, | |
664 confirm_untrusted_signin_, email, gaia_id, | |
665 password, session_index, choose_what_to_sync), | |
666 Profile::FromWebUI(web_ui()), | |
667 Profile::CREATE_STATUS_CREATED); | |
668 } else { | |
669 // Open the profile and finish the login. Don't pass a handler pointer | |
670 // since it will be destroyed before the callback runs. | |
671 ProfileManager* manager = g_browser_process->profile_manager(); | |
672 const ProfileInfoCache& info_cache = manager->GetProfileInfoCache(); | |
673 base::FilePath path = info_cache.GetPathOfProfileAtIndex(profile_index); | |
674 FinishCompleteLoginParams params(NULL, partition, current_url, | |
675 confirm_untrusted_signin_, email, gaia_id, | |
676 password, session_index, | |
677 choose_what_to_sync); | |
678 ProfileManager::CreateCallback callback = base::Bind( | |
679 &InlineLoginHandlerImpl::FinishCompleteLogin, params); | |
680 profiles::SwitchToProfile(path, chrome::GetActiveDesktop(), true, callback, | |
681 ProfileMetrics::SWITCH_PROFILE_UNLOCK); | |
682 } | |
683 | |
684 web_ui()->CallJavascriptFunction("inline.login.closeDialog"); | |
685 } | |
686 | |
687 InlineLoginHandlerImpl::FinishCompleteLoginParams::FinishCompleteLoginParams( | |
688 InlineLoginHandlerImpl* handler, | |
689 content::StoragePartition* partition, | |
690 const GURL& url, | |
691 bool confirm_untrusted_signin, | |
692 const std::string& email, | |
693 const std::string& gaia_id, | |
694 const std::string& password, | |
695 const std::string& session_index, | |
696 bool choose_what_to_sync) | |
697 : handler(handler), | |
698 partition(partition), | |
699 url(url), | |
700 confirm_untrusted_signin(confirm_untrusted_signin), | |
701 email(email), | |
702 gaia_id(gaia_id), | |
703 password(password), | |
704 session_index(session_index), | |
705 choose_what_to_sync(choose_what_to_sync) {} | |
706 | |
707 InlineLoginHandlerImpl:: | |
708 FinishCompleteLoginParams::~FinishCompleteLoginParams() {} | |
709 | |
710 // static | |
711 void InlineLoginHandlerImpl::FinishCompleteLogin( | |
712 const FinishCompleteLoginParams& params, | |
713 Profile* profile, | |
714 Profile::CreateStatus) { | |
715 // When doing a SAML sign in, this email check may result in a false | |
716 // positive. This happens when the user types one email address in the | |
717 // gaia sign in page, but signs in to a different account in the SAML sign in | |
718 // page. | |
719 std::string default_email; | |
720 std::string validate_email; | |
721 if (net::GetValueForKeyInQuery(params.url, "email", &default_email) && | |
722 net::GetValueForKeyInQuery(params.url, "validateEmail", | |
723 &validate_email) && | |
724 validate_email == "1") { | |
725 if (!gaia::AreEmailsSame(params.email, default_email)) { | |
726 if (params.handler) { | |
727 params.handler->HandleLoginError( | |
728 l10n_util::GetStringFUTF8(IDS_SYNC_WRONG_EMAIL, | |
729 base::UTF8ToUTF16(default_email))); | |
730 } | |
731 return; | |
732 } | |
733 } | |
734 | |
735 signin_metrics::Source source = signin::GetSourceForPromoURL(params.url); | |
670 LogHistogramValue(signin_metrics::HISTOGRAM_ACCEPTED); | 736 LogHistogramValue(signin_metrics::HISTOGRAM_ACCEPTED); |
671 bool switch_to_advanced = | 737 bool switch_to_advanced = |
672 choose_what_to_sync && (source != signin_metrics::SOURCE_SETTINGS); | 738 params.choose_what_to_sync && (source != signin_metrics::SOURCE_SETTINGS); |
673 LogHistogramValue( | 739 LogHistogramValue( |
674 switch_to_advanced ? signin_metrics::HISTOGRAM_WITH_ADVANCED : | 740 switch_to_advanced ? signin_metrics::HISTOGRAM_WITH_ADVANCED : |
675 signin_metrics::HISTOGRAM_WITH_DEFAULTS); | 741 signin_metrics::HISTOGRAM_WITH_DEFAULTS); |
676 | 742 |
677 CanOfferFor can_offer_for = CAN_OFFER_FOR_ALL; | 743 CanOfferFor can_offer_for = CAN_OFFER_FOR_ALL; |
678 switch (source) { | 744 switch (source) { |
679 case signin_metrics::SOURCE_AVATAR_BUBBLE_ADD_ACCOUNT: | 745 case signin_metrics::SOURCE_AVATAR_BUBBLE_ADD_ACCOUNT: |
680 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; | 746 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; |
681 break; | 747 break; |
682 case signin_metrics::SOURCE_REAUTH: { | 748 case signin_metrics::SOURCE_REAUTH: { |
683 std::string primary_username = | 749 std::string primary_username = |
684 SigninManagerFactory::GetForProfile( | 750 SigninManagerFactory::GetForProfile(profile) |
685 Profile::FromWebUI(web_ui()))->GetAuthenticatedUsername(); | 751 ->GetAuthenticatedUsername(); |
686 if (!gaia::AreEmailsSame(default_email, primary_username)) | 752 if (!gaia::AreEmailsSame(default_email, primary_username)) |
687 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; | 753 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; |
688 break; | 754 break; |
689 } | 755 } |
690 default: | 756 default: |
691 // No need to change |can_offer_for|. | 757 // No need to change |can_offer_for|. |
692 break; | 758 break; |
693 } | 759 } |
694 | 760 |
695 std::string error_msg; | 761 std::string error_msg; |
696 bool can_offer = CanOffer(Profile::FromWebUI(web_ui()), can_offer_for, | 762 bool can_offer = CanOffer(profile, can_offer_for, params.gaia_id, |
697 gaia_id, email, &error_msg); | 763 params.email, &error_msg); |
698 if (!can_offer) { | 764 if (!can_offer) { |
699 HandleLoginError(error_msg); | 765 if (params.handler) |
766 params.handler->HandleLoginError(error_msg); | |
700 return; | 767 return; |
701 } | 768 } |
702 | 769 |
703 AboutSigninInternals* about_signin_internals = | 770 AboutSigninInternals* about_signin_internals = |
704 AboutSigninInternalsFactory::GetForProfile(Profile::FromWebUI(web_ui())); | 771 AboutSigninInternalsFactory::GetForProfile(profile); |
705 about_signin_internals->OnAuthenticationResultReceived("Successful"); | 772 about_signin_internals->OnAuthenticationResultReceived("Successful"); |
706 | 773 |
707 content::StoragePartition* partition = | |
708 content::BrowserContext::GetStoragePartitionForSite( | |
709 contents->GetBrowserContext(), signin::GetSigninPartitionURL()); | |
710 | |
711 SigninClient* signin_client = | 774 SigninClient* signin_client = |
712 ChromeSigninClientFactory::GetForProfile(Profile::FromWebUI(web_ui())); | 775 ChromeSigninClientFactory::GetForProfile(profile); |
713 std::string signin_scoped_device_id = | 776 std::string signin_scoped_device_id = |
714 signin_client->GetSigninScopedDeviceId(); | 777 signin_client->GetSigninScopedDeviceId(); |
778 base::WeakPtr<InlineLoginHandlerImpl> handler_weak_ptr; | |
779 if (params.handler) | |
780 handler_weak_ptr = params.handler->GetWeakPtr(); | |
781 | |
715 // InlineSigninHelper will delete itself. | 782 // InlineSigninHelper will delete itself. |
716 new InlineSigninHelper(GetWeakPtr(), partition->GetURLRequestContext(), | 783 new InlineSigninHelper(handler_weak_ptr, |
717 Profile::FromWebUI(web_ui()), current_url, | 784 params.partition->GetURLRequestContext(), profile, |
718 email, gaia_id, password, session_index, | 785 params.url, |
719 signin_scoped_device_id, choose_what_to_sync, | 786 params.email, params.gaia_id, params.password, |
720 confirm_untrusted_signin_); | 787 params.session_index, signin_scoped_device_id, |
788 params.choose_what_to_sync, | |
789 params.confirm_untrusted_signin); | |
721 | 790 |
722 web_ui()->CallJavascriptFunction("inline.login.closeDialog"); | 791 // If opened from user manager to reauthenticate, make sure the user manager |
792 // is closed and that the profile is marked as unlocked. | |
793 size_t profile_index = signin::GetProfileIndexForPromoURL(params.url); | |
794 if (profile_index != std::string::npos) { | |
795 UserManager::Hide(); | |
796 ProfileManager* profile_manager = g_browser_process->profile_manager(); | |
797 if (profile_manager) { | |
798 ProfileInfoCache& cache = profile_manager->GetProfileInfoCache(); | |
799 cache.SetProfileSigninRequiredAtIndex(profile_index, false); | |
800 } | |
801 } | |
723 } | 802 } |
724 | 803 |
725 void InlineLoginHandlerImpl::HandleLoginError(const std::string& error_msg) { | 804 void InlineLoginHandlerImpl::HandleLoginError(const std::string& error_msg) { |
726 SyncStarterCallback(OneClickSigninSyncStarter::SYNC_SETUP_FAILURE); | 805 SyncStarterCallback(OneClickSigninSyncStarter::SYNC_SETUP_FAILURE); |
727 | 806 |
728 Browser* browser = GetDesktopBrowser(); | 807 Browser* browser = GetDesktopBrowser(); |
729 if (browser && !error_msg.empty()) { | 808 if (browser && !error_msg.empty()) { |
730 LoginUIServiceFactory::GetForProfile(Profile::FromWebUI(web_ui()))-> | 809 LoginUIServiceFactory::GetForProfile(Profile::FromWebUI(web_ui()))-> |
731 DisplayLoginResult(browser, base::UTF8ToUTF16(error_msg)); | 810 DisplayLoginResult(browser, base::UTF8ToUTF16(error_msg)); |
732 } | 811 } |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
783 } | 862 } |
784 } | 863 } |
785 | 864 |
786 if (show_account_management) { | 865 if (show_account_management) { |
787 browser->window()->ShowAvatarBubbleFromAvatarButton( | 866 browser->window()->ShowAvatarBubbleFromAvatarButton( |
788 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, | 867 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, |
789 signin::ManageAccountsParams()); | 868 signin::ManageAccountsParams()); |
790 } | 869 } |
791 } | 870 } |
792 } | 871 } |
OLD | NEW |