OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/signin/signin_manager.h" | 5 #include "chrome/browser/signin/signin_manager.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
(...skipping 22 matching lines...) Expand all Loading... |
33 #include "content/public/browser/browser_thread.h" | 33 #include "content/public/browser/browser_thread.h" |
34 #include "content/public/browser/notification_service.h" | 34 #include "content/public/browser/notification_service.h" |
35 #include "google_apis/gaia/gaia_auth_fetcher.h" | 35 #include "google_apis/gaia/gaia_auth_fetcher.h" |
36 #include "google_apis/gaia/gaia_constants.h" | 36 #include "google_apis/gaia/gaia_constants.h" |
37 #include "google_apis/gaia/gaia_urls.h" | 37 #include "google_apis/gaia/gaia_urls.h" |
38 #include "net/cookies/cookie_monster.h" | 38 #include "net/cookies/cookie_monster.h" |
39 #include "net/url_request/url_request_context.h" | 39 #include "net/url_request/url_request_context.h" |
40 #include "net/url_request/url_request_context_getter.h" | 40 #include "net/url_request/url_request_context_getter.h" |
41 #include "third_party/icu/public/i18n/unicode/regex.h" | 41 #include "third_party/icu/public/i18n/unicode/regex.h" |
42 | 42 |
| 43 #if defined(ENABLE_CONFIGURATION_POLICY) && !defined(OS_CHROMEOS) |
| 44 #include "chrome/browser/policy/user_policy_signin_service.h" |
| 45 #include "chrome/browser/policy/user_policy_signin_service_factory.h" |
| 46 #endif |
| 47 |
43 using namespace signin_internals_util; | 48 using namespace signin_internals_util; |
44 | 49 |
45 using content::BrowserThread; | 50 using content::BrowserThread; |
46 | 51 |
47 namespace { | 52 namespace { |
48 | 53 |
49 const char kGetInfoDisplayEmailKey[] = "displayEmail"; | 54 const char kGetInfoDisplayEmailKey[] = "displayEmail"; |
50 const char kGetInfoEmailKey[] = "email"; | 55 const char kGetInfoEmailKey[] = "email"; |
51 | 56 |
52 const char kGoogleAccountsUrl[] = "https://accounts.google.com"; | 57 const char kGoogleAccountsUrl[] = "https://accounts.google.com"; |
(...skipping 586 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
639 | 644 |
640 void SigninManager::OnGetUserInfoSuccess(const UserInfoMap& data) { | 645 void SigninManager::OnGetUserInfoSuccess(const UserInfoMap& data) { |
641 NotifyDiagnosticsObservers(GET_USER_INFO_STATUS, "Successful"); | 646 NotifyDiagnosticsObservers(GET_USER_INFO_STATUS, "Successful"); |
642 | 647 |
643 UserInfoMap::const_iterator email_iter = data.find(kGetInfoEmailKey); | 648 UserInfoMap::const_iterator email_iter = data.find(kGetInfoEmailKey); |
644 UserInfoMap::const_iterator display_email_iter = | 649 UserInfoMap::const_iterator display_email_iter = |
645 data.find(kGetInfoDisplayEmailKey); | 650 data.find(kGetInfoDisplayEmailKey); |
646 if (email_iter == data.end()) { | 651 if (email_iter == data.end()) { |
647 OnGetUserInfoKeyNotFound(kGetInfoEmailKey); | 652 OnGetUserInfoKeyNotFound(kGetInfoEmailKey); |
648 return; | 653 return; |
649 } else if (display_email_iter == data.end()) { | 654 } |
| 655 if (display_email_iter == data.end()) { |
650 OnGetUserInfoKeyNotFound(kGetInfoDisplayEmailKey); | 656 OnGetUserInfoKeyNotFound(kGetInfoDisplayEmailKey); |
651 return; | 657 return; |
652 } else { | 658 } |
653 DCHECK(email_iter->first == kGetInfoEmailKey); | 659 DCHECK(email_iter->first == kGetInfoEmailKey); |
654 DCHECK(display_email_iter->first == kGetInfoDisplayEmailKey); | 660 DCHECK(display_email_iter->first == kGetInfoDisplayEmailKey); |
655 | 661 |
656 // When signing in with credentials, the possibly invalid name is the Gaia | 662 // When signing in with credentials, the possibly invalid name is the Gaia |
657 // display name. If the name returned by GetUserInfo does not match what is | 663 // display name. If the name returned by GetUserInfo does not match what is |
658 // expected, return an error. | 664 // expected, return an error. |
659 if (type_ == SIGNIN_TYPE_WITH_CREDENTIALS && | 665 if (type_ == SIGNIN_TYPE_WITH_CREDENTIALS && |
660 base::strcasecmp(display_email_iter->second.c_str(), | 666 base::strcasecmp(display_email_iter->second.c_str(), |
661 possibly_invalid_username_.c_str()) != 0) { | 667 possibly_invalid_username_.c_str()) != 0) { |
662 OnGetUserInfoKeyNotFound(kGetInfoDisplayEmailKey); | 668 OnGetUserInfoKeyNotFound(kGetInfoDisplayEmailKey); |
663 return; | 669 return; |
664 } | 670 } |
665 | 671 |
666 SetAuthenticatedUsername(email_iter->second); | 672 possibly_invalid_username_ = email_iter->second; |
667 possibly_invalid_username_.clear(); | 673 |
668 profile_->GetPrefs()->SetString(prefs::kGoogleServicesUsername, | 674 #if defined(ENABLE_CONFIGURATION_POLICY) && !defined(OS_CHROMEOS) |
669 authenticated_username_); | 675 // If we have an OAuth token, try loading policy for this user now, before |
| 676 // any signed in services are initialized. If there's no oauth token (the |
| 677 // user is using the old ClientLogin flow) then policy will get loaded once |
| 678 // the TokenService finishes initializing (not ideal, but it's a reasonable |
| 679 // fallback). |
| 680 if (!temp_oauth_login_tokens_.refresh_token.empty()) { |
| 681 policy::UserPolicySigninService* policy_service = |
| 682 policy::UserPolicySigninServiceFactory::GetForProfile(profile_); |
| 683 policy_service->RegisterPolicyClient( |
| 684 possibly_invalid_username_, |
| 685 temp_oauth_login_tokens_.refresh_token, |
| 686 base::Bind(&SigninManager::OnRegisteredForPolicy, |
| 687 base::Unretained(this))); |
| 688 return; |
670 } | 689 } |
| 690 #endif |
| 691 |
| 692 // Not waiting for policy load - just complete signin directly. |
| 693 CompleteSigninAfterPolicyLoad(); |
| 694 } |
| 695 |
| 696 #if defined(ENABLE_CONFIGURATION_POLICY) && !defined(OS_CHROMEOS) |
| 697 void SigninManager::OnRegisteredForPolicy( |
| 698 scoped_ptr<policy::CloudPolicyClient> client) { |
| 699 // If there's no token for the user (no policy) just finish signing in. |
| 700 if (!client.get()) { |
| 701 DVLOG(1) << "Policy registration failed"; |
| 702 CompleteSigninAfterPolicyLoad(); |
| 703 return; |
| 704 } |
| 705 |
| 706 DVLOG(1) << "Policy registration succeeded: dm_token=" << client->dm_token(); |
| 707 // TODO(dconnelly): Prompt user for whether they want to create a new profile |
| 708 // or not (http://crbug.com/171236). For now, just immediately load policy. |
| 709 policy::UserPolicySigninService* policy_service = |
| 710 policy::UserPolicySigninServiceFactory::GetForProfile(profile_); |
| 711 policy_service->FetchPolicyForSignedInUser( |
| 712 client.Pass(), |
| 713 base::Bind(&SigninManager::OnPolicyFetchComplete, |
| 714 base::Unretained(this))); |
| 715 } |
| 716 |
| 717 void SigninManager::OnPolicyFetchComplete(bool success) { |
| 718 // For now, we allow signin to complete even if the policy fetch fails. If |
| 719 // we ever want to change this behavior, we could call SignOut() here |
| 720 // instead. |
| 721 DLOG_IF(ERROR, !success) << "Error fetching policy for user"; |
| 722 DVLOG_IF(1, success) << "Policy fetch successful - completing signin"; |
| 723 CompleteSigninAfterPolicyLoad(); |
| 724 } |
| 725 #endif |
| 726 |
| 727 void SigninManager::CompleteSigninAfterPolicyLoad() { |
| 728 DCHECK(!possibly_invalid_username_.empty()); |
| 729 SetAuthenticatedUsername(possibly_invalid_username_); |
| 730 possibly_invalid_username_.clear(); |
| 731 profile_->GetPrefs()->SetString(prefs::kGoogleServicesUsername, |
| 732 authenticated_username_); |
| 733 |
671 GoogleServiceSigninSuccessDetails details(authenticated_username_, | 734 GoogleServiceSigninSuccessDetails details(authenticated_username_, |
672 password_); | 735 password_); |
673 content::NotificationService::current()->Notify( | 736 content::NotificationService::current()->Notify( |
674 chrome::NOTIFICATION_GOOGLE_SIGNIN_SUCCESSFUL, | 737 chrome::NOTIFICATION_GOOGLE_SIGNIN_SUCCESSFUL, |
675 content::Source<Profile>(profile_), | 738 content::Source<Profile>(profile_), |
676 content::Details<const GoogleServiceSigninSuccessDetails>(&details)); | 739 content::Details<const GoogleServiceSigninSuccessDetails>(&details)); |
677 | 740 |
678 password_.clear(); // Don't need it anymore. | 741 password_.clear(); // Don't need it anymore. |
679 DisableOneClickSignIn(profile_); // Don't ever offer again. | 742 DisableOneClickSignIn(profile_); // Don't ever offer again. |
680 | 743 |
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
778 NotifySigninValueChanged(field, value)); | 841 NotifySigninValueChanged(field, value)); |
779 } | 842 } |
780 | 843 |
781 void SigninManager::NotifyDiagnosticsObservers( | 844 void SigninManager::NotifyDiagnosticsObservers( |
782 const TimedSigninStatusField& field, | 845 const TimedSigninStatusField& field, |
783 const std::string& value) { | 846 const std::string& value) { |
784 FOR_EACH_OBSERVER(SigninDiagnosticsObserver, | 847 FOR_EACH_OBSERVER(SigninDiagnosticsObserver, |
785 signin_diagnostics_observers_, | 848 signin_diagnostics_observers_, |
786 NotifySigninValueChanged(field, value)); | 849 NotifySigninValueChanged(field, value)); |
787 } | 850 } |
OLD | NEW |