Chromium Code Reviews Chromium Code Reviews
Issue 1220843003:
Perform online reauth when password is changed for a locked profile. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/ui/webui/signin/inline_login_handler_impl.cc |
| diff --git a/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc b/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc |
| index 8f70109c21218609e14d23fc618dce8dfa4195ee..1b3fd829b01a7e005212347069ce619bf3dcc9c4 100644 |
| --- a/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc |
| +++ b/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc |
| @@ -36,6 +36,7 @@ |
| #include "chrome/browser/ui/tab_modal_confirm_dialog.h" |
| #include "chrome/browser/ui/tab_modal_confirm_dialog_delegate.h" |
| #include "chrome/browser/ui/tabs/tab_strip_model.h" |
| +#include "chrome/browser/ui/user_manager.h" |
| #include "chrome/browser/ui/webui/signin/inline_login_ui.h" |
| #include "chrome/browser/ui/webui/signin/login_ui_service.h" |
| #include "chrome/browser/ui/webui/signin/login_ui_service_factory.h" |
| @@ -495,7 +496,7 @@ void InlineLoginHandlerImpl::DidCommitProvisionalLoadForFrame( |
| // Returns early if this is not a gaia iframe navigation. |
| const GURL kGaiaExtOrigin( |
| - "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/"); |
| + GaiaUrls::GetInstance()->signin_completed_continue_url().GetOrigin()); |
| content::RenderFrameHost* gaia_frame = InlineLoginUI::GetAuthFrame( |
| web_contents(), kGaiaExtOrigin, "signin-frame"); |
| if (render_frame_host != gaia_frame) |
| @@ -640,36 +641,105 @@ void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) { |
| DCHECK(!gaia_id_string16.empty()); |
| std::string gaia_id = base::UTF16ToASCII(gaia_id_string16); |
| + base::string16 session_index_string16; |
| + dict->GetString("sessionIndex", &session_index_string16); |
| + std::string session_index = base::UTF16ToASCII(session_index_string16); |
| + DCHECK(!session_index.empty()); |
| + |
| + bool choose_what_to_sync = false; |
| + dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync); |
| + |
| + content::StoragePartition* partition = |
| + content::BrowserContext::GetStoragePartitionForSite( |
| + contents->GetBrowserContext(), signin::GetSigninPartitionURL()); |
| + |
| + // If this was called from the user manager to reauthenticate the profile, |
| + // the current profile is the system profile. In this case, use the email to |
| + // find the right profile to reauthenticate. Otherwise the profile can be |
| + // taken from web_ui(). |
| + Profile* profile = Profile::FromWebUI(web_ui()); |
| + if (profile->GetOriginalProfile()->IsSystemProfile()) { |
| + // Switch to the profile and finish the login. Don't pass a handler pointer |
| + // since it will be destroyed before the callback runs. |
| + ProfileManager* manager = g_browser_process->profile_manager(); |
| + base::FilePath path = profiles::GetPathOfProfileWithEmail(manager, email); |
| + if (!path.empty()) { |
| + FinishCompleteLoginParams params(NULL, partition, current_url, path, |
|
Alexei Svitkine (slow)
2015/07/24 16:36:42
Nit: nullptr
Roger Tawa OOO till Jul 10th
2015/07/24 17:01:29
Done.
|
| + confirm_untrusted_signin_, email, |
| + gaia_id, password, session_index, |
| + choose_what_to_sync); |
| + ProfileManager::CreateCallback callback = base::Bind( |
| + &InlineLoginHandlerImpl::FinishCompleteLogin, params); |
| + profiles::SwitchToProfile(path, chrome::GetActiveDesktop(), true, |
| + callback, ProfileMetrics::SWITCH_PROFILE_UNLOCK); |
| + } |
| + } else { |
| + FinishCompleteLogin( |
| + FinishCompleteLoginParams(this, partition, current_url, |
| + base::FilePath(), confirm_untrusted_signin_, |
| + email, gaia_id, password, session_index, |
| + choose_what_to_sync), |
| + profile, |
| + Profile::CREATE_STATUS_CREATED); |
| + } |
| + |
| + web_ui()->CallJavascriptFunction("inline.login.closeDialog"); |
| +} |
| + |
| +InlineLoginHandlerImpl::FinishCompleteLoginParams::FinishCompleteLoginParams( |
| + InlineLoginHandlerImpl* handler, |
| + content::StoragePartition* partition, |
| + const GURL& url, |
| + const base::FilePath& profile_path, |
| + bool confirm_untrusted_signin, |
| + const std::string& email, |
| + const std::string& gaia_id, |
| + const std::string& password, |
| + const std::string& session_index, |
| + bool choose_what_to_sync) |
| + : handler(handler), |
| + partition(partition), |
| + url(url), |
| + profile_path(profile_path), |
| + confirm_untrusted_signin(confirm_untrusted_signin), |
| + email(email), |
| + gaia_id(gaia_id), |
| + password(password), |
| + session_index(session_index), |
| + choose_what_to_sync(choose_what_to_sync) {} |
| + |
| +InlineLoginHandlerImpl:: |
| + FinishCompleteLoginParams::~FinishCompleteLoginParams() {} |
| + |
| +// static |
| +void InlineLoginHandlerImpl::FinishCompleteLogin( |
| + const FinishCompleteLoginParams& params, |
| + Profile* profile, |
| + Profile::CreateStatus status) { |
| // When doing a SAML sign in, this email check may result in a false |
| // positive. This happens when the user types one email address in the |
| // gaia sign in page, but signs in to a different account in the SAML sign in |
| // page. |
| std::string default_email; |
| std::string validate_email; |
| - if (net::GetValueForKeyInQuery(current_url, "email", &default_email) && |
| - net::GetValueForKeyInQuery(current_url, "validateEmail", |
| + if (net::GetValueForKeyInQuery(params.url, "email", &default_email) && |
| + net::GetValueForKeyInQuery(params.url, "validateEmail", |
| &validate_email) && |
| validate_email == "1") { |
| - if (!gaia::AreEmailsSame(email, default_email)) { |
| - HandleLoginError( |
| - l10n_util::GetStringFUTF8(IDS_SYNC_WRONG_EMAIL, |
| - base::UTF8ToUTF16(default_email))); |
| + if (!gaia::AreEmailsSame(params.email, default_email)) { |
| + if (params.handler) { |
| + params.handler->HandleLoginError( |
| + l10n_util::GetStringFUTF8(IDS_SYNC_WRONG_EMAIL, |
| + base::UTF8ToUTF16(default_email))); |
| + } |
| return; |
| } |
| } |
| - base::string16 session_index_string16; |
| - dict->GetString("sessionIndex", &session_index_string16); |
| - std::string session_index = base::UTF16ToASCII(session_index_string16); |
| - DCHECK(!session_index.empty()); |
| - |
| - bool choose_what_to_sync = false; |
| - dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync); |
| - |
| - signin_metrics::Source source = signin::GetSourceForPromoURL(current_url); |
| + signin_metrics::Source source = signin::GetSourceForPromoURL(params.url); |
| LogHistogramValue(signin_metrics::HISTOGRAM_ACCEPTED); |
| bool switch_to_advanced = |
| - choose_what_to_sync && (source != signin_metrics::SOURCE_SETTINGS); |
| + params.choose_what_to_sync && (source != signin_metrics::SOURCE_SETTINGS); |
| LogHistogramValue( |
| switch_to_advanced ? signin_metrics::HISTOGRAM_WITH_ADVANCED : |
| signin_metrics::HISTOGRAM_WITH_DEFAULTS); |
| @@ -681,8 +751,8 @@ void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) { |
| break; |
| case signin_metrics::SOURCE_REAUTH: { |
| std::string primary_username = |
| - SigninManagerFactory::GetForProfile( |
| - Profile::FromWebUI(web_ui()))->GetAuthenticatedUsername(); |
| + SigninManagerFactory::GetForProfile(profile) |
| + ->GetAuthenticatedUsername(); |
| if (!gaia::AreEmailsSame(default_email, primary_username)) |
| can_offer_for = CAN_OFFER_FOR_SECONDARY_ACCOUNT; |
| break; |
| @@ -693,33 +763,48 @@ void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) { |
| } |
| std::string error_msg; |
| - bool can_offer = CanOffer(Profile::FromWebUI(web_ui()), can_offer_for, |
| - gaia_id, email, &error_msg); |
| + bool can_offer = CanOffer(profile, can_offer_for, params.gaia_id, |
| + params.email, &error_msg); |
|
Alexei Svitkine (slow)
2015/07/24 16:36:42
Nit: Align.
Roger Tawa OOO till Jul 10th
2015/07/24 17:01:29
Done.
|
| if (!can_offer) { |
| - HandleLoginError(error_msg); |
| + if (params.handler) |
| + params.handler->HandleLoginError(error_msg); |
| return; |
| } |
| AboutSigninInternals* about_signin_internals = |
| - AboutSigninInternalsFactory::GetForProfile(Profile::FromWebUI(web_ui())); |
| + AboutSigninInternalsFactory::GetForProfile(profile); |
| about_signin_internals->OnAuthenticationResultReceived("Successful"); |
| - content::StoragePartition* partition = |
| - content::BrowserContext::GetStoragePartitionForSite( |
| - contents->GetBrowserContext(), signin::GetSigninPartitionURL()); |
| - |
| SigninClient* signin_client = |
| - ChromeSigninClientFactory::GetForProfile(Profile::FromWebUI(web_ui())); |
| + ChromeSigninClientFactory::GetForProfile(profile); |
| std::string signin_scoped_device_id = |
| signin_client->GetSigninScopedDeviceId(); |
| - // InlineSigninHelper will delete itself. |
| - new InlineSigninHelper(GetWeakPtr(), partition->GetURLRequestContext(), |
| - Profile::FromWebUI(web_ui()), current_url, |
| - email, gaia_id, password, session_index, |
| - signin_scoped_device_id, choose_what_to_sync, |
| - confirm_untrusted_signin_); |
| + base::WeakPtr<InlineLoginHandlerImpl> handler_weak_ptr; |
| + if (params.handler) |
| + handler_weak_ptr = params.handler->GetWeakPtr(); |
| - web_ui()->CallJavascriptFunction("inline.login.closeDialog"); |
| + // InlineSigninHelper will delete itself. |
| + new InlineSigninHelper(handler_weak_ptr, |
| + params.partition->GetURLRequestContext(), profile, |
| + params.url, |
| + params.email, params.gaia_id, params.password, |
| + params.session_index, signin_scoped_device_id, |
| + params.choose_what_to_sync, |
| + params.confirm_untrusted_signin); |
| + |
| + // If opened from user manager to reauthenticate, make sure the user manager |
| + // is closed and that the profile is marked as unlocked. |
| + if (!params.profile_path.empty()) { |
| + UserManager::Hide(); |
| + ProfileManager* profile_manager = g_browser_process->profile_manager(); |
| + if (profile_manager) { |
| + ProfileAttributesEntry* entry; |
| + if (profile_manager->GetProfileInfoCache() |
| + .GetProfileAttributesWithPath(params.profile_path, &entry)) { |
| + entry->SetIsSigninRequired(false); |
| + } |
| + } |
| + } |
| } |
| void InlineLoginHandlerImpl::HandleLoginError(const std::string& error_msg) { |
