| Index: chrome/browser/ui/webui/signin/user_manager_screen_handler.cc
|
| diff --git a/chrome/browser/ui/webui/signin/user_manager_screen_handler.cc b/chrome/browser/ui/webui/signin/user_manager_screen_handler.cc
|
| index 6887224827e7b10446995c7b751d0b0e0774d125..d18f88b2baddc25eee811fba9a96566109ed005f 100644
|
| --- a/chrome/browser/ui/webui/signin/user_manager_screen_handler.cc
|
| +++ b/chrome/browser/ui/webui/signin/user_manager_screen_handler.cc
|
| @@ -124,23 +124,13 @@ std::string GetAvatarImageAtIndex(
|
| return webui::GetBitmapDataUrl(resized_image.AsBitmap());
|
| }
|
|
|
| -size_t GetIndexOfProfileWithEmail(const ProfileInfoCache& info_cache,
|
| - const std::string& email) {
|
| - const base::string16& profile_email = base::UTF8ToUTF16(email);
|
| - for (size_t i = 0; i < info_cache.GetNumberOfProfiles(); ++i) {
|
| - if (info_cache.GetUserNameOfProfileAtIndex(i) == profile_email)
|
| - return i;
|
| - }
|
| - return std::string::npos;
|
| -}
|
| -
|
| extensions::ScreenlockPrivateEventRouter* GetScreenlockRouter(
|
| const std::string& email) {
|
| - const ProfileInfoCache& info_cache =
|
| - g_browser_process->profile_manager()->GetProfileInfoCache();
|
| - const size_t profile_index = GetIndexOfProfileWithEmail(info_cache, email);
|
| + base::FilePath path =
|
| + profiles::GetPathOfProfileWithEmail(g_browser_process->profile_manager(),
|
| + email);
|
| Profile* profile = g_browser_process->profile_manager()
|
| - ->GetProfileByPath(info_cache.GetPathOfProfileAtIndex(profile_index));
|
| + ->GetProfileByPath(path);
|
| return extensions::ScreenlockPrivateEventRouter::GetFactoryInstance()->Get(
|
| profile);
|
| }
|
| @@ -366,14 +356,13 @@ UserManagerScreenHandler::GetScreenType() const {
|
| }
|
|
|
| void UserManagerScreenHandler::Unlock(const std::string& user_email) {
|
| - const ProfileInfoCache& info_cache =
|
| - g_browser_process->profile_manager()->GetProfileInfoCache();
|
| - const size_t profile_index =
|
| - GetIndexOfProfileWithEmail(info_cache, user_email);
|
| - DCHECK_LT(profile_index, info_cache.GetNumberOfProfiles());
|
| -
|
| - authenticating_profile_index_ = profile_index;
|
| - ReportAuthenticationResult(true, ProfileMetrics::AUTH_LOCAL);
|
| + base::FilePath path =
|
| + profiles::GetPathOfProfileWithEmail(g_browser_process->profile_manager(),
|
| + user_email);
|
| + if (!path.empty()) {
|
| + authenticating_profile_path_ = path;
|
| + ReportAuthenticationResult(true, ProfileMetrics::AUTH_LOCAL);
|
| + }
|
| }
|
|
|
| void UserManagerScreenHandler::AttemptEasySignin(
|
| @@ -420,6 +409,13 @@ void UserManagerScreenHandler::HandleAuthenticatedLaunchUser(
|
| if (!base::GetValueAsFilePath(*profile_path_value, &profile_path))
|
| return;
|
|
|
| + ProfileInfoCache& info_cache =
|
| + g_browser_process->profile_manager()->GetProfileInfoCache();
|
| +
|
| + ProfileAttributesEntry* entry;
|
| + if (!info_cache.GetProfileAttributesWithPath(profile_path, &entry))
|
| + return;
|
| +
|
| base::string16 email_address;
|
| if (!args->GetString(1, &email_address))
|
| return;
|
| @@ -428,22 +424,15 @@ void UserManagerScreenHandler::HandleAuthenticatedLaunchUser(
|
| if (!args->GetString(2, &password))
|
| return;
|
|
|
| - const ProfileInfoCache& info_cache =
|
| - g_browser_process->profile_manager()->GetProfileInfoCache();
|
| - size_t profile_index = info_cache.GetIndexOfProfileWithPath(profile_path);
|
| -
|
| - if (profile_index == std::string::npos) {
|
| - NOTREACHED();
|
| - return;
|
| - }
|
| + authenticating_profile_path_ = profile_path;
|
|
|
| - authenticating_profile_index_ = profile_index;
|
| + size_t profile_index = info_cache.GetIndexOfProfileWithPath(profile_path);
|
| if (LocalAuth::ValidateLocalAuthCredentials(profile_index, password)) {
|
| ReportAuthenticationResult(true, ProfileMetrics::AUTH_LOCAL);
|
| return;
|
| }
|
|
|
| - email_address_ = email_address;
|
| + email_address_ = base::UTF16ToUTF8(email_address);
|
| password_attempt_ = password;
|
|
|
| // This could be a mis-typed password or typing a new password while we
|
| @@ -453,29 +442,17 @@ void UserManagerScreenHandler::HandleAuthenticatedLaunchUser(
|
| oauth_client_.reset(new gaia::GaiaOAuthClient(
|
| web_ui()->GetWebContents()->GetBrowserContext()->GetRequestContext()));
|
| }
|
| - std::string token = info_cache.GetPasswordChangeDetectionTokenAtIndex(
|
| - profile_index);
|
| +
|
| + std::string token = entry->GetPasswordChangeDetectionToken();
|
| if (!token.empty()) {
|
| oauth_client_->GetTokenHandleInfo(token, kMaxOAuthRetries, this);
|
| return;
|
| }
|
|
|
| // In order to support the upgrade case where we have a local hash but no
|
| - // password token, we fall back on (deprecated) ClientLogin. This will
|
| - // have to be removed in future versions as the service gets turned down
|
| - // but by then we'll have seamlessly updated the majority of users.
|
| - client_login_.reset(new GaiaAuthFetcher(
|
| - this,
|
| - GaiaConstants::kChromeSource,
|
| - web_ui()->GetWebContents()->GetBrowserContext()->GetRequestContext()));
|
| -
|
| - client_login_->StartClientLogin(
|
| - base::UTF16ToUTF8(email_address),
|
| - password,
|
| - GaiaConstants::kSyncService,
|
| - std::string(),
|
| - std::string(),
|
| - GaiaAuthFetcher::HostedAccountsAllowed);
|
| + // password token, the user perform a full online reauth.
|
| + UserManager::ShowReauthDialog(web_ui()->GetWebContents()->GetBrowserContext(),
|
| + email_address_);
|
| }
|
|
|
| void UserManagerScreenHandler::HandleRemoveUser(const base::ListValue* args) {
|
| @@ -579,23 +556,10 @@ void UserManagerScreenHandler::OnGetTokenInfoResponse(
|
|
|
| void UserManagerScreenHandler::OnOAuthError() {
|
| // Password has changed. Go through online signin flow.
|
| - // ... if we had it. Until then, use deprecated ClientLogin to validate
|
| - // the password. This will have to be changed soon. (TODO: bcwhite)
|
| - oauth_client_.reset();
|
| - client_login_.reset(new GaiaAuthFetcher(
|
| - this,
|
| - GaiaConstants::kChromeSource,
|
| - web_ui()->GetWebContents()->GetBrowserContext()->GetRequestContext()));
|
| -
|
| DCHECK(!email_address_.empty());
|
| - DCHECK(!password_attempt_.empty());
|
| - client_login_->StartClientLogin(
|
| - base::UTF16ToUTF8(email_address_),
|
| - password_attempt_,
|
| - GaiaConstants::kSyncService,
|
| - std::string(),
|
| - std::string(),
|
| - GaiaAuthFetcher::HostedAccountsAllowed);
|
| + oauth_client_.reset();
|
| + UserManager::ShowReauthDialog(web_ui()->GetWebContents()->GetBrowserContext(),
|
| + email_address_);
|
| }
|
|
|
| void UserManagerScreenHandler::OnNetworkError(int response_code) {
|
| @@ -604,43 +568,6 @@ void UserManagerScreenHandler::OnNetworkError(int response_code) {
|
| ReportAuthenticationResult(false, ProfileMetrics::AUTH_FAILED_OFFLINE);
|
| }
|
|
|
| -void UserManagerScreenHandler::OnClientLoginSuccess(
|
| - const ClientLoginResult& result) {
|
| - oauth_client_.reset();
|
| - LocalAuth::SetLocalAuthCredentials(authenticating_profile_index_,
|
| - password_attempt_);
|
| - ReportAuthenticationResult(true, ProfileMetrics::AUTH_ONLINE);
|
| -}
|
| -
|
| -void UserManagerScreenHandler::OnClientLoginFailure(
|
| - const GoogleServiceAuthError& error) {
|
| - const GoogleServiceAuthError::State state = error.state();
|
| - // Some "error" results mean the password was correct but some other action
|
| - // should be taken. For our purposes, we only care that the password was
|
| - // correct so count those as a success.
|
| - bool success = (state == GoogleServiceAuthError::NONE ||
|
| - state == GoogleServiceAuthError::CAPTCHA_REQUIRED ||
|
| - state == GoogleServiceAuthError::TWO_FACTOR ||
|
| - state == GoogleServiceAuthError::ACCOUNT_DELETED ||
|
| - state == GoogleServiceAuthError::ACCOUNT_DISABLED ||
|
| - state == GoogleServiceAuthError::WEB_LOGIN_REQUIRED);
|
| -
|
| - // If the password was correct, the user must have changed it since the
|
| - // profile was locked. Save the password to streamline future unlocks.
|
| - if (success) {
|
| - DCHECK(!password_attempt_.empty());
|
| - LocalAuth::SetLocalAuthCredentials(authenticating_profile_index_,
|
| - password_attempt_);
|
| - }
|
| -
|
| - bool offline = error.IsTransientError();
|
| - ProfileMetrics::ProfileAuth failure_metric =
|
| - offline ? ProfileMetrics::AUTH_FAILED_OFFLINE :
|
| - ProfileMetrics::AUTH_FAILED;
|
| - ReportAuthenticationResult(
|
| - success, success ? ProfileMetrics::AUTH_ONLINE : failure_metric);
|
| -}
|
| -
|
| void UserManagerScreenHandler::RegisterMessages() {
|
| web_ui()->RegisterMessageCallback(kJsApiUserManagerInitialize,
|
| base::Bind(&UserManagerScreenHandler::HandleInitialize,
|
| @@ -841,12 +768,8 @@ void UserManagerScreenHandler::ReportAuthenticationResult(
|
| password_attempt_.clear();
|
|
|
| if (success) {
|
| - const ProfileInfoCache& info_cache =
|
| - g_browser_process->profile_manager()->GetProfileInfoCache();
|
| - base::FilePath path = info_cache.GetPathOfProfileAtIndex(
|
| - authenticating_profile_index_);
|
| profiles::SwitchToProfile(
|
| - path,
|
| + authenticating_profile_path_,
|
| desktop_type_,
|
| true,
|
| base::Bind(&UserManagerScreenHandler::OnSwitchToProfileComplete,
|
|
|
Chromium Code Reviews
Issue 1220843003:
Perform online reauth when password is changed for a locked profile. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master