ChromeOS: should send old user GAPS cookie to GAIA on user reauthentication.

chrome/browser/resources/gaia_auth_host/authenticator.js

Index: chrome/browser/resources/gaia_auth_host/authenticator.js
diff --git a/chrome/browser/resources/gaia_auth_host/authenticator.js b/chrome/browser/resources/gaia_auth_host/authenticator.js
index 87580d956bd7c2cfcd74581159723d769f055ece..a2145df1e894ad24f3bc0c2059c50b548b5e7c77 100644
--- a/chrome/browser/resources/gaia_auth_host/authenticator.js
+++ b/chrome/browser/resources/gaia_auth_host/authenticator.js
@@ -25,8 +25,10 @@ cr.define('cr.login', function() {
   var SIGN_IN_HEADER = 'google-accounts-signin';
   var EMBEDDED_FORM_HEADER = 'google-accounts-embedded';
   var LOCATION_HEADER = 'location';
+  var COOKIE_HEADER = 'cookie';
   var SET_COOKIE_HEADER = 'set-cookie';
   var OAUTH_CODE_COOKIE = 'oauth_code';
+  var GAPS_COOKIE = 'GAPS';
   var SERVICE_ID = 'chromeoslogin';
   var EMBEDDED_SETUP_CHROMEOS_ENDPOINT = 'embedded/setup/chromeos';
 
@@ -87,6 +89,7 @@ cr.define('cr.login', function() {
     'platformVersion',     // Version of the OS build.
     'releaseChannel',      // Installation channel.
     'endpointGen',         // Current endpoint generation.
+    'gapsCookie',          // GAPS cookie
   ];
 
   /**
@@ -115,6 +118,9 @@ cr.define('cr.login', function() {
     this.reloadUrl_ = null;
     this.trusted_ = true;
     this.oauth_code_ = null;
+    this.gaps_cookie_ = null;

[xiyuan, 2015/07/09 23:08:29]

nit: gaps_cookie_ -> gapsCookie_

JS variable name should be like variableName. The existing |oauth_code_| also
violates the rule and should be fixed.

See http://google-styleguide.googlecode.com/svn/trunk/javascriptguide.xml#Naming

[Alexander Alekseev, 2015/07/09 23:22:40]

Done.

+    this.gaps_cookie_sent_ = false;
+    this.new_gaps_cookie_ = null;
 
     this.useEafe_ = false;
     this.clientId_ = null;
@@ -171,6 +177,9 @@ cr.define('cr.login', function() {
     this.gaiaId_ = null;
     this.password_ = null;
     this.oauth_code_ = null;
+    this.gaps_cookie_ = null;
+    this.gaps_cookie_sent_ = false;
+    this.new_gaps_cookie_ = null;
     this.chooseWhatToSync_ = false;
     this.skipForNow_ = false;
     this.sessionIndex_ = null;
@@ -209,6 +218,15 @@ cr.define('cr.login', function() {
       this.webview_.contextMenus.onShow.addListener(function(e) {
         e.preventDefault();
       });
+
+      var filterPrefix = this.idpOrigin_ + EMBEDDED_SETUP_CHROMEOS_ENDPOINT;
+      if (!this.onBeforeSetHeadersSet_) {
+        this.onBeforeSetHeadersSet_ = true;
+        this.webview_.request.onBeforeSendHeaders.addListener(

[xiyuan, 2015/07/09 23:08:29]

Why this code lives here instead of with other request filters in ctor around
line 160?

[Alexander Alekseev, 2015/07/09 23:22:40]

Because it depends on load parameter (line 199):

this.idpOrigin_ = data.gaiaUrl || IDP_ORIGIN;

[xiyuan, 2015/07/09 23:30:05]

I see. Could you add a comment to document why this is here and also mention
that we assume |idpOrigin_| would not change?

[Alexander Alekseev, 2015/07/09 23:43:22]

Done.

+            this.onBeforeSendHeaders_.bind(this),
+            {urls: [filterPrefix + '?*', filterPrefix + '/*']},
+            ['requestHeaders', 'blocking']);
+      }
     }
 
     this.webview_.src = this.reloadUrl_;
@@ -246,6 +264,9 @@ cr.define('cr.login', function() {
         url = appendParam(url, 'release_channel', data.releaseChannel);
       if (data.endpointGen)
         url = appendParam(url, 'endpoint_gen', data.endpointGen);
+      this.gaps_cookie_ = data.gapsCookie;
+      this.gaps_cookie_sent_ = false;
+      this.new_gaps_cookie_ = null;
     } else {
       url = appendParam(url, 'continue', this.continueUrl_);
       url = appendParam(url, 'service', data.service || SERVICE_ID);
@@ -375,8 +396,68 @@ cr.define('cr.login', function() {
           this.oauth_code_ =
               headerValue.substring(OAUTH_CODE_COOKIE.length + 1).split(';')[0];
         }
+        if (headerValue.indexOf(GAPS_COOKIE + '=', 0) == 0) {
+          this.new_gaps_cookie_ =
+              headerValue.substring(GAPS_COOKIE.length + 1).split(';')[0];
+        }
+      }
+    }
+  };
+
+  /**
+   * This method replaces cookie value in cookie header.
+   * @param@ {header_value} Original string value of Cookie header.

[xiyuan, 2015/07/09 23:08:29]

Wrong JSDoc format here and below.

Should be something like:

@param {string} headerValue Original string value of Cookie header.

[Alexander Alekseev, 2015/07/09 23:22:40]

Done.

+   * @param@ {cookie_name} Name of cookie to be replaced.
+   * @param@ {cookie_value} New cookie value.
+   * @return {string} New Cookie header value.
+   * @private
+   */
+  Authenticator.prototype.updateCookieValue_ = function(
+      header_value, cookie_name, cookie_value) {
+    var cookies = header_value.split(/\s*;\s*/);
+    var found = false;
+    for (var i = 0; i < cookies.length; ++i) {
+      if (cookies[i].indexOf(cookie_name + '=', 0) == 0) {
+        found = true;
+        cookies[i] = cookie_name + '=' + cookie_value;
+        break;
+      }
+    }
+    if (!found) {
+      cookies.push(cookie_name + '=' + cookie_value);
+    }
+    return cookies.join('; ');
+  };
+
+  /**
+   * Handler for webView.request.onBeforeSendHeaders .
+   * @return {!Object} Modified request headers.
+   * @private
+   */
+  Authenticator.prototype.onBeforeSendHeaders_ = function(details) {
+    if (this.isNewGaiaFlowChromeOS && this.gaps_cookie_ &&
+        !this.gaps_cookie_sent_) {
+      var headers = details.requestHeaders;
+      var found = false;
+      var gapsCookie = this.gaps_cookie_;
+
+      for (var i = 0, l = headers.length; i < l; ++i) {
+        if (headers[i].name == COOKIE_HEADER) {
+          headers[i].value = this.updateCookieValue_(headers[i].value,
+                                                     GAPS_COOKIE, gapsCookie);
+          found = true;
+          break;
+        }
       }
+      if (!found) {
+        details.requestHeaders.push(
+            {name: COOKIE_HEADER, value: GAPS_COOKIE + '=' + gapsCookie});
+      }
+      this.gaps_cookie_sent_ = true;
     }
+    return {
+      requestHeaders: details.requestHeaders
+    };
   };
 
   /**
@@ -522,22 +603,23 @@ cr.define('cr.login', function() {
   Authenticator.prototype.onAuthCompleted_ = function() {
     assert(this.skipForNow_ ||
            (this.email_ && this.gaiaId_ && this.sessionIndex_));
-    this.dispatchEvent(
-        new CustomEvent('authCompleted',
-                        // TODO(rsorokin): get rid of the stub values.
-                        {
-                          detail: {
-                            email: this.email_ || '',
-                            gaiaId: this.gaiaId_ || '',
-                            password: this.password_ || '',
-                            authCode: this.oauth_code_,
-                            usingSAML: this.authFlow == AuthFlow.SAML,
-                            chooseWhatToSync: this.chooseWhatToSync_,
-                            skipForNow: this.skipForNow_,
-                            sessionIndex: this.sessionIndex_ || '',
-                            trusted: this.trusted_
-                          }
-                        }));
+    this.dispatchEvent(new CustomEvent(
+        'authCompleted',
+        // TODO(rsorokin): get rid of the stub values.
+        {
+          detail: {
+            email: this.email_ || '',
+            gaiaId: this.gaiaId_ || '',
+            password: this.password_ || '',
+            authCode: this.oauth_code_,
+            usingSAML: this.authFlow == AuthFlow.SAML,
+            chooseWhatToSync: this.chooseWhatToSync_,
+            skipForNow: this.skipForNow_,
+            sessionIndex: this.sessionIndex_ || '',
+            trusted: this.trusted_,
+            gapsCookie: this.new_gaps_cookie_ || this.gaps_cookie_ || '',
+          }
+        }));
     this.clearCredentials_();
   };