OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" | 5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
(...skipping 18 matching lines...) Expand all Loading... | |
29 #include "chrome/browser/signin/signin_manager_factory.h" | 29 #include "chrome/browser/signin/signin_manager_factory.h" |
30 #include "chrome/browser/signin/signin_promo.h" | 30 #include "chrome/browser/signin/signin_promo.h" |
31 #include "chrome/browser/sync/profile_sync_service.h" | 31 #include "chrome/browser/sync/profile_sync_service.h" |
32 #include "chrome/browser/sync/profile_sync_service_factory.h" | 32 #include "chrome/browser/sync/profile_sync_service_factory.h" |
33 #include "chrome/browser/ui/browser_finder.h" | 33 #include "chrome/browser/ui/browser_finder.h" |
34 #include "chrome/browser/ui/browser_window.h" | 34 #include "chrome/browser/ui/browser_window.h" |
35 #include "chrome/browser/ui/chrome_pages.h" | 35 #include "chrome/browser/ui/chrome_pages.h" |
36 #include "chrome/browser/ui/tab_modal_confirm_dialog.h" | 36 #include "chrome/browser/ui/tab_modal_confirm_dialog.h" |
37 #include "chrome/browser/ui/tab_modal_confirm_dialog_delegate.h" | 37 #include "chrome/browser/ui/tab_modal_confirm_dialog_delegate.h" |
38 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 38 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
39 #include "chrome/browser/ui/user_manager.h" | |
39 #include "chrome/browser/ui/webui/signin/inline_login_ui.h" | 40 #include "chrome/browser/ui/webui/signin/inline_login_ui.h" |
40 #include "chrome/browser/ui/webui/signin/login_ui_service.h" | 41 #include "chrome/browser/ui/webui/signin/login_ui_service.h" |
41 #include "chrome/browser/ui/webui/signin/login_ui_service_factory.h" | 42 #include "chrome/browser/ui/webui/signin/login_ui_service_factory.h" |
42 #include "chrome/common/url_constants.h" | 43 #include "chrome/common/url_constants.h" |
43 #include "chrome/grit/chromium_strings.h" | 44 #include "chrome/grit/chromium_strings.h" |
44 #include "chrome/grit/generated_resources.h" | 45 #include "chrome/grit/generated_resources.h" |
45 #include "components/signin/core/browser/about_signin_internals.h" | 46 #include "components/signin/core/browser/about_signin_internals.h" |
46 #include "components/signin/core/browser/account_tracker_service.h" | 47 #include "components/signin/core/browser/account_tracker_service.h" |
47 #include "components/signin/core/browser/profile_oauth2_token_service.h" | 48 #include "components/signin/core/browser/profile_oauth2_token_service.h" |
48 #include "components/signin/core/browser/signin_error_controller.h" | 49 #include "components/signin/core/browser/signin_error_controller.h" |
(...skipping 439 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
488 // This method is not called with webview sign in enabled. | 489 // This method is not called with webview sign in enabled. |
489 void InlineLoginHandlerImpl::DidCommitProvisionalLoadForFrame( | 490 void InlineLoginHandlerImpl::DidCommitProvisionalLoadForFrame( |
490 content::RenderFrameHost* render_frame_host, | 491 content::RenderFrameHost* render_frame_host, |
491 const GURL& url, | 492 const GURL& url, |
492 ui::PageTransition transition_type) { | 493 ui::PageTransition transition_type) { |
493 if (!web_contents()) | 494 if (!web_contents()) |
494 return; | 495 return; |
495 | 496 |
496 // Returns early if this is not a gaia iframe navigation. | 497 // Returns early if this is not a gaia iframe navigation. |
497 const GURL kGaiaExtOrigin( | 498 const GURL kGaiaExtOrigin( |
498 "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/"); | 499 GaiaUrls::GetInstance()->signin_completed_continue_url().GetOrigin()); |
499 content::RenderFrameHost* gaia_frame = InlineLoginUI::GetAuthFrame( | 500 content::RenderFrameHost* gaia_frame = InlineLoginUI::GetAuthFrame( |
500 web_contents(), kGaiaExtOrigin, "signin-frame"); | 501 web_contents(), kGaiaExtOrigin, "signin-frame"); |
501 if (render_frame_host != gaia_frame) | 502 if (render_frame_host != gaia_frame) |
502 return; | 503 return; |
503 | 504 |
504 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process | 505 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process |
505 // will require confirmation before the sign in takes effect. | 506 // will require confirmation before the sign in takes effect. |
506 if (!url.is_empty()) { | 507 if (!url.is_empty()) { |
507 GURL origin(url.GetOrigin()); | 508 GURL origin(url.GetOrigin()); |
508 if (url.spec() != url::kAboutBlankURL && | 509 if (url.spec() != url::kAboutBlankURL && |
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
633 | 634 |
634 base::string16 password_string16; | 635 base::string16 password_string16; |
635 dict->GetString("password", &password_string16); | 636 dict->GetString("password", &password_string16); |
636 std::string password(base::UTF16ToASCII(password_string16)); | 637 std::string password(base::UTF16ToASCII(password_string16)); |
637 | 638 |
638 base::string16 gaia_id_string16; | 639 base::string16 gaia_id_string16; |
639 dict->GetString("gaiaId", &gaia_id_string16); | 640 dict->GetString("gaiaId", &gaia_id_string16); |
640 DCHECK(!gaia_id_string16.empty()); | 641 DCHECK(!gaia_id_string16.empty()); |
641 std::string gaia_id = base::UTF16ToASCII(gaia_id_string16); | 642 std::string gaia_id = base::UTF16ToASCII(gaia_id_string16); |
642 | 643 |
643 // When doing a SAML sign in, this email check may result in a false | |
644 // positive. This happens when the user types one email address in the | |
645 // gaia sign in page, but signs in to a different account in the SAML sign in | |
646 // page. | |
647 std::string default_email; | |
648 std::string validate_email; | |
649 if (net::GetValueForKeyInQuery(current_url, "email", &default_email) && | |
650 net::GetValueForKeyInQuery(current_url, "validateEmail", | |
651 &validate_email) && | |
652 validate_email == "1") { | |
653 if (!gaia::AreEmailsSame(email, default_email)) { | |
654 HandleLoginError( | |
655 l10n_util::GetStringFUTF8(IDS_SYNC_WRONG_EMAIL, | |
656 base::UTF8ToUTF16(default_email))); | |
657 return; | |
658 } | |
659 } | |
660 | |
661 base::string16 session_index_string16; | 644 base::string16 session_index_string16; |
662 dict->GetString("sessionIndex", &session_index_string16); | 645 dict->GetString("sessionIndex", &session_index_string16); |
663 std::string session_index = base::UTF16ToASCII(session_index_string16); | 646 std::string session_index = base::UTF16ToASCII(session_index_string16); |
664 DCHECK(!session_index.empty()); | 647 DCHECK(!session_index.empty()); |
665 | 648 |
666 bool choose_what_to_sync = false; | 649 bool choose_what_to_sync = false; |
667 dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync); | 650 dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync); |
668 | 651 |
669 signin_metrics::Source source = signin::GetSourceForPromoURL(current_url); | 652 content::StoragePartition* partition = |
653 content::BrowserContext::GetStoragePartitionForSite( | |
654 contents->GetBrowserContext(), signin::GetSigninPartitionURL()); | |
655 | |
656 // If this was called from the user manager to reauthenticate the profile, | |
657 // the current profile is the system profile. In this case, use the email to | |
658 // find the right profile to reauthenticate. Otherwise the profile can be | |
659 // taken from web_ui(). | |
660 Profile* profile = Profile::FromWebUI(web_ui()); | |
661 if (profile->GetOriginalProfile()->IsSystemProfile()) { | |
662 // Switch to the profile and finish the login. Don't pass a handler pointer | |
663 // since it will be destroyed before the callback runs. | |
664 ProfileManager* manager = g_browser_process->profile_manager(); | |
665 base::FilePath path = profiles::GetPathOfProfileWithEmail(manager, email); | |
666 if (!path.empty()) { | |
667 FinishCompleteLoginParams params(NULL, partition, current_url, path, | |
Alexei Svitkine (slow)
2015/07/24 16:36:42
Nit: nullptr
Roger Tawa OOO till Jul 10th
2015/07/24 17:01:29
Done.
| |
668 confirm_untrusted_signin_, email, | |
669 gaia_id, password, session_index, | |
670 choose_what_to_sync); | |
671 ProfileManager::CreateCallback callback = base::Bind( | |
672 &InlineLoginHandlerImpl::FinishCompleteLogin, params); | |
673 profiles::SwitchToProfile(path, chrome::GetActiveDesktop(), true, | |
674 callback, ProfileMetrics::SWITCH_PROFILE_UNLOCK); | |
675 } | |
676 } else { | |
677 FinishCompleteLogin( | |
678 FinishCompleteLoginParams(this, partition, current_url, | |
679 base::FilePath(), confirm_untrusted_signin_, | |
680 email, gaia_id, password, session_index, | |
681 choose_what_to_sync), | |
682 profile, | |
683 Profile::CREATE_STATUS_CREATED); | |
684 } | |
685 | |
686 web_ui()->CallJavascriptFunction("inline.login.closeDialog"); | |
687 } | |
688 | |
689 InlineLoginHandlerImpl::FinishCompleteLoginParams::FinishCompleteLoginParams( | |
690 InlineLoginHandlerImpl* handler, | |
691 content::StoragePartition* partition, | |
692 const GURL& url, | |
693 const base::FilePath& profile_path, | |
694 bool confirm_untrusted_signin, | |
695 const std::string& email, | |
696 const std::string& gaia_id, | |
697 const std::string& password, | |
698 const std::string& session_index, | |
699 bool choose_what_to_sync) | |
700 : handler(handler), | |
701 partition(partition), | |
702 url(url), | |
703 profile_path(profile_path), | |
704 confirm_untrusted_signin(confirm_untrusted_signin), | |
705 email(email), | |
706 gaia_id(gaia_id), | |
707 password(password), | |
708 session_index(session_index), | |
709 choose_what_to_sync(choose_what_to_sync) {} | |
710 | |
711 InlineLoginHandlerImpl:: | |
712 FinishCompleteLoginParams::~FinishCompleteLoginParams() {} | |
713 | |
714 // static | |
715 void InlineLoginHandlerImpl::FinishCompleteLogin( | |
716 const FinishCompleteLoginParams& params, | |
717 Profile* profile, | |
718 Profile::CreateStatus status) { | |
719 // When doing a SAML sign in, this email check may result in a false | |
720 // positive. This happens when the user types one email address in the | |
721 // gaia sign in page, but signs in to a different account in the SAML sign in | |
722 // page. | |
723 std::string default_email; | |
724 std::string validate_email; | |
725 if (net::GetValueForKeyInQuery(params.url, "email", &default_email) && | |
726 net::GetValueForKeyInQuery(params.url, "validateEmail", | |
727 &validate_email) && | |
728 validate_email == "1") { | |
729 if (!gaia::AreEmailsSame(params.email, default_email)) { | |
730 if (params.handler) { | |
731 params.handler->HandleLoginError( | |
732 l10n_util::GetStringFUTF8(IDS_SYNC_WRONG_EMAIL, | |
733 base::UTF8ToUTF16(default_email))); | |
734 } | |
735 return; | |
736 } | |
737 } | |
738 | |
739 signin_metrics::Source source = signin::GetSourceForPromoURL(params.url); | |
670 LogHistogramValue(signin_metrics::HISTOGRAM_ACCEPTED); | 740 LogHistogramValue(signin_metrics::HISTOGRAM_ACCEPTED); |
671 bool switch_to_advanced = | 741 bool switch_to_advanced = |
672 choose_what_to_sync && (source != signin_metrics::SOURCE_SETTINGS); | 742 params.choose_what_to_sync && (source != signin_metrics::SOURCE_SETTINGS); |
673 LogHistogramValue( | 743 LogHistogramValue( |
674 switch_to_advanced ? signin_metrics::HISTOGRAM_WITH_ADVANCED : | 744 switch_to_advanced ? signin_metrics::HISTOGRAM_WITH_ADVANCED : |
675 signin_metrics::HISTOGRAM_WITH_DEFAULTS); | 745 signin_metrics::HISTOGRAM_WITH_DEFAULTS); |
676 | 746 |
677 CanOfferFor can_offer_for = CAN_OFFER_FOR_ALL; | 747 CanOfferFor can_offer_for = CAN_OFFER_FOR_ALL; |
678 switch (source) { | 748 switch (source) { |
679 case signin_metrics::SOURCE_AVATAR_BUBBLE_ADD_ACCOUNT: | 749 case signin_metrics::SOURCE_AVATAR_BUBBLE_ADD_ACCOUNT: |
680 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; | 750 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; |
681 break; | 751 break; |
682 case signin_metrics::SOURCE_REAUTH: { | 752 case signin_metrics::SOURCE_REAUTH: { |
683 std::string primary_username = | 753 std::string primary_username = |
684 SigninManagerFactory::GetForProfile( | 754 SigninManagerFactory::GetForProfile(profile) |
685 Profile::FromWebUI(web_ui()))->GetAuthenticatedUsername(); | 755 ->GetAuthenticatedUsername(); |
686 if (!gaia::AreEmailsSame(default_email, primary_username)) | 756 if (!gaia::AreEmailsSame(default_email, primary_username)) |
687 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; | 757 can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; |
688 break; | 758 break; |
689 } | 759 } |
690 default: | 760 default: |
691 // No need to change |can_offer_for|. | 761 // No need to change |can_offer_for|. |
692 break; | 762 break; |
693 } | 763 } |
694 | 764 |
695 std::string error_msg; | 765 std::string error_msg; |
696 bool can_offer = CanOffer(Profile::FromWebUI(web_ui()), can_offer_for, | 766 bool can_offer = CanOffer(profile, can_offer_for, params.gaia_id, |
697 gaia_id, email, &error_msg); | 767 params.email, &error_msg); |
Alexei Svitkine (slow)
2015/07/24 16:36:42
Nit: Align.
Roger Tawa OOO till Jul 10th
2015/07/24 17:01:29
Done.
| |
698 if (!can_offer) { | 768 if (!can_offer) { |
699 HandleLoginError(error_msg); | 769 if (params.handler) |
770 params.handler->HandleLoginError(error_msg); | |
700 return; | 771 return; |
701 } | 772 } |
702 | 773 |
703 AboutSigninInternals* about_signin_internals = | 774 AboutSigninInternals* about_signin_internals = |
704 AboutSigninInternalsFactory::GetForProfile(Profile::FromWebUI(web_ui())); | 775 AboutSigninInternalsFactory::GetForProfile(profile); |
705 about_signin_internals->OnAuthenticationResultReceived("Successful"); | 776 about_signin_internals->OnAuthenticationResultReceived("Successful"); |
706 | 777 |
707 content::StoragePartition* partition = | |
708 content::BrowserContext::GetStoragePartitionForSite( | |
709 contents->GetBrowserContext(), signin::GetSigninPartitionURL()); | |
710 | |
711 SigninClient* signin_client = | 778 SigninClient* signin_client = |
712 ChromeSigninClientFactory::GetForProfile(Profile::FromWebUI(web_ui())); | 779 ChromeSigninClientFactory::GetForProfile(profile); |
713 std::string signin_scoped_device_id = | 780 std::string signin_scoped_device_id = |
714 signin_client->GetSigninScopedDeviceId(); | 781 signin_client->GetSigninScopedDeviceId(); |
782 base::WeakPtr<InlineLoginHandlerImpl> handler_weak_ptr; | |
783 if (params.handler) | |
784 handler_weak_ptr = params.handler->GetWeakPtr(); | |
785 | |
715 // InlineSigninHelper will delete itself. | 786 // InlineSigninHelper will delete itself. |
716 new InlineSigninHelper(GetWeakPtr(), partition->GetURLRequestContext(), | 787 new InlineSigninHelper(handler_weak_ptr, |
717 Profile::FromWebUI(web_ui()), current_url, | 788 params.partition->GetURLRequestContext(), profile, |
718 email, gaia_id, password, session_index, | 789 params.url, |
719 signin_scoped_device_id, choose_what_to_sync, | 790 params.email, params.gaia_id, params.password, |
720 confirm_untrusted_signin_); | 791 params.session_index, signin_scoped_device_id, |
792 params.choose_what_to_sync, | |
793 params.confirm_untrusted_signin); | |
721 | 794 |
722 web_ui()->CallJavascriptFunction("inline.login.closeDialog"); | 795 // If opened from user manager to reauthenticate, make sure the user manager |
796 // is closed and that the profile is marked as unlocked. | |
797 if (!params.profile_path.empty()) { | |
798 UserManager::Hide(); | |
799 ProfileManager* profile_manager = g_browser_process->profile_manager(); | |
800 if (profile_manager) { | |
801 ProfileAttributesEntry* entry; | |
802 if (profile_manager->GetProfileInfoCache() | |
803 .GetProfileAttributesWithPath(params.profile_path, &entry)) { | |
804 entry->SetIsSigninRequired(false); | |
805 } | |
806 } | |
807 } | |
723 } | 808 } |
724 | 809 |
725 void InlineLoginHandlerImpl::HandleLoginError(const std::string& error_msg) { | 810 void InlineLoginHandlerImpl::HandleLoginError(const std::string& error_msg) { |
726 SyncStarterCallback(OneClickSigninSyncStarter::SYNC_SETUP_FAILURE); | 811 SyncStarterCallback(OneClickSigninSyncStarter::SYNC_SETUP_FAILURE); |
727 | 812 |
728 Browser* browser = GetDesktopBrowser(); | 813 Browser* browser = GetDesktopBrowser(); |
729 if (browser && !error_msg.empty()) { | 814 if (browser && !error_msg.empty()) { |
730 LoginUIServiceFactory::GetForProfile(Profile::FromWebUI(web_ui()))-> | 815 LoginUIServiceFactory::GetForProfile(Profile::FromWebUI(web_ui()))-> |
731 DisplayLoginResult(browser, base::UTF8ToUTF16(error_msg)); | 816 DisplayLoginResult(browser, base::UTF8ToUTF16(error_msg)); |
732 } | 817 } |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
783 } | 868 } |
784 } | 869 } |
785 | 870 |
786 if (show_account_management) { | 871 if (show_account_management) { |
787 browser->window()->ShowAvatarBubbleFromAvatarButton( | 872 browser->window()->ShowAvatarBubbleFromAvatarButton( |
788 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, | 873 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, |
789 signin::ManageAccountsParams()); | 874 signin::ManageAccountsParams()); |
790 } | 875 } |
791 } | 876 } |
792 } | 877 } |
OLD | NEW |