Support for auth code based authentication flow for both app and web UI driven flow.

chrome/browser/chromeos/login/existing_user_controller.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/existing_user_controller.h"
 
 #include <vector>
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
@@ skipping 340 matching lines @@
     delegate = login_performer_delegate_.get();
   // Only one instance of LoginPerformer should exist at a time.
   login_performer_.reset(NULL);
   login_performer_.reset(new LoginPerformer(delegate));
   is_login_in_progress_ = true;
   login_performer_->
       CreateLocallyManagedUser(display_name, password);
   // TODO(nkostylev): A11y message.
 }
 
-void ExistingUserController::CompleteLogin(const std::string& username,
-                                           const std::string& password) {
+void ExistingUserController::CompleteLogin(const UserCredentials& credentials) {
   if (!host_) {
     // Complete login event was generated already from UI. Ignore notification.
     return;
   }
 
   // Stop the auto-login timer when attempting login.
   StopPublicSessionAutoLoginTimer();
 
   // Disable UI while loading user profile.
   login_display_->SetUIEnabled(false);
 
   if (!time_init_.is_null()) {
     base::TimeDelta delta = base::Time::Now() - time_init_;
     UMA_HISTOGRAM_MEDIUM_TIMES("Login.PromptToCompleteLoginTime", delta);
     time_init_ = base::Time();  // Reset to null.
   }
 
   host_->OnCompleteLogin();
 
   // Do an ownership check now to avoid auto-enrolling if the device has
   // already been owned.
   DeviceSettingsService::Get()->GetOwnershipStatusAsync(
       base::Bind(&ExistingUserController::CompleteLoginInternal,
                  weak_factory_.GetWeakPtr(),
-                 username, password));
+                 credentials));
 }
 
 void ExistingUserController::CompleteLoginInternal(
-    const std::string& username,
-    const std::string& password,
+    const UserCredentials& credentials,
     DeviceSettingsService::OwnershipStatus ownership_status,
     bool is_owner) {
   // Auto-enrollment must have made a decision by now. It's too late to enroll
   // if the protocol isn't done at this point.
   if (do_auto_enrollment_ &&
       ownership_status == DeviceSettingsService::OWNERSHIP_NONE) {
     VLOG(1) << "Forcing auto-enrollment before completing login";
     // The only way to get out of the enrollment screen from now on is to either
     // complete enrollment, or opt-out of it. So this controller shouldn't force
     // enrollment again if it is reused for another sign-in.
     do_auto_enrollment_ = false;
-    auto_enrollment_username_ = username;
+    auto_enrollment_username_ = credentials.username;
     resume_login_callback_ = base::Bind(
         &ExistingUserController::PerformLogin,
         weak_factory_.GetWeakPtr(),
-        username, password, LoginPerformer::AUTH_MODE_EXTENSION);
-    ShowEnrollmentScreen(true, username);
+        credentials, LoginPerformer::AUTH_MODE_EXTENSION);
+    ShowEnrollmentScreen(true, credentials.username);
     // Enable UI for the enrollment screen. SetUIEnabled(true) will post a
     // request to show the sign-in screen again when invoked at the sign-in
     // screen; invoke SetUIEnabled() after navigating to the enrollment screen.
     login_display_->SetUIEnabled(true);
   } else {
-    PerformLogin(username, password, LoginPerformer::AUTH_MODE_EXTENSION);
+    PerformLogin(credentials, LoginPerformer::AUTH_MODE_EXTENSION);
   }
 }
 
 string16 ExistingUserController::GetConnectedNetworkName() {
   return GetCurrentNetworkName();
 }
 
-void ExistingUserController::Login(const std::string& username,
-                                   const std::string& password) {
-  if (username.empty() || password.empty())
+void ExistingUserController::Login(const UserCredentials& credentials) {
+  if ((credentials.username.empty() || credentials.password.empty()) &&
+      credentials.auth_code.empty())

[Nikita (slow), 2013/03/21 22:17:32]

Is auth code really required for a regular user login?

[zel, 2013/03/22 05:03:15]

nope, you either need to have username+pwd or auth_code

     return;
 
   // Stop the auto-login timer when attempting login.
   StopPublicSessionAutoLoginTimer();
 
   // Disable clicking on other windows.
   login_display_->SetUIEnabled(false);
 
   BootTimesLoader::Get()->RecordLoginAttempted();
 
-  if (last_login_attempt_username_ != username) {
-    last_login_attempt_username_ = username;
+  if (last_login_attempt_username_ != credentials.username) {
+    last_login_attempt_username_ = credentials.username;
     num_login_attempts_ = 0;
     // Also reset state variables, which are used to determine password change.
     offline_failed_ = false;
     online_succeeded_for_.clear();
   }
   num_login_attempts_++;
-  PerformLogin(username, password, LoginPerformer::AUTH_MODE_INTERNAL);
+  PerformLogin(credentials, LoginPerformer::AUTH_MODE_INTERNAL);
 }
 
 void ExistingUserController::PerformLogin(
-    std::string username,
-    std::string password,
+    const UserCredentials& credentials,
     LoginPerformer::AuthorizationMode auth_mode) {
   // Disable UI while loading user profile.
   login_display_->SetUIEnabled(false);
   resume_login_callback_.Reset();
 
   // Use the same LoginPerformer for subsequent login as it has state
   // such as Authenticator instance.
   if (!login_performer_.get() || num_login_attempts_ <= 1) {
     LoginPerformer::Delegate* delegate = this;
     if (login_performer_delegate_.get())
       delegate = login_performer_delegate_.get();
     // Only one instance of LoginPerformer should exist at a time.
     login_performer_.reset(NULL);
     login_performer_.reset(new LoginPerformer(delegate));
   }
 
   is_login_in_progress_ = true;
-  if (gaia::ExtractDomainName(username) ==
+  if (gaia::ExtractDomainName(credentials.username) ==
           UserManager::kLocallyManagedUserDomain) {
-    login_performer_->LoginAsLocallyManagedUser(username, password);
+    login_performer_->LoginAsLocallyManagedUser(
+        UserCredentials(credentials.username,
+                        credentials.password,
+                        std::string()));  // auth_code
   } else {
-    login_performer_->PerformLogin(username, password, auth_mode);
+    login_performer_->PerformLogin(credentials, auth_mode);
   }
   accessibility::MaybeSpeak(
       l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNING_IN));
 }
 
 void ExistingUserController::LoginAsRetailModeUser() {
   // Stop the auto-login timer when attempting login.
   StopPublicSessionAutoLoginTimer();
 
   // Disable clicking on other windows.
@@ skipping 261 matching lines @@
   UserManager::Get()->ResetUserFlow(last_login_attempt_username_);
 
   if (login_status_consumer_)
     login_status_consumer_->OnLoginFailure(failure);
 
   // Clear the recorded displayed email so it won't affect any future attempts.
   display_email_.clear();
 }
 
 void ExistingUserController::OnLoginSuccess(
-    const std::string& username,
-    const std::string& password,
+    const UserCredentials& credentials,
     bool pending_requests,
     bool using_oauth) {
   is_login_in_progress_ = false;
   offline_failed_ = false;
 
   StopPublicSessionAutoLoginTimer();
 
   bool has_cookies =
-      login_performer_->auth_mode() == LoginPerformer::AUTH_MODE_EXTENSION;
+      login_performer_->auth_mode() == LoginPerformer::AUTH_MODE_EXTENSION &&
+      credentials.auth_code.empty();
 
   // Login performer will be gone so cache this value to use
   // once profile is loaded.
   password_changed_ = login_performer_->password_changed();
 
   // LoginPerformer instance will delete itself once online auth result is OK.
   // In case of failure it'll bring up ScreenLock and ask for
   // correct password/display error message.
   // Even in case when following online,offline protocol and returning
   // requests_pending = false, let LoginPerformer delete itself.
   login_performer_->set_delegate(NULL);
   ignore_result(login_performer_.release());
 
   // Will call OnProfilePrepared() in the end.
-  LoginUtils::Get()->PrepareProfile(username,
+  LoginUtils::Get()->PrepareProfile(credentials,
                                     display_email_,
-                                    password,
                                     using_oauth,
                                     has_cookies,
                                     this);
 
   display_email_.clear();
 
   // Notify LoginDisplay to allow it provide visual feedback to user.
-  login_display_->OnLoginSuccess(username);
+  login_display_->OnLoginSuccess(credentials.username);
 }
 
 void ExistingUserController::OnProfilePrepared(Profile* profile) {
   OptionallyShowReleaseNotes(profile);
 
   // Reenable clicking on other windows and status area.
   login_display_->SetUIEnabled(true);
 
   if (UserManager::Get()->IsCurrentUserNew() &&
       !UserManager::Get()->GetCurrentUserFlow()->ShouldSkipPostLoginScreens() &&
@@ skipping 15 matching lines @@
 #ifndef NDEBUG
     }
 #endif
   } else {
     LoginUtils::Get()->DoBrowserLaunch(profile, host_);
     host_ = NULL;
   }
   // Inform |login_status_consumer_| about successful login. Set most
   // parameters to empty since they're not needed.
   if (login_status_consumer_)
-    login_status_consumer_->OnLoginSuccess("", "", false, false);
+    login_status_consumer_->OnLoginSuccess(UserCredentials(),
+                                           false,    // pending_requests
+                                           false);   // using_oauth
   login_display_->OnFadeOut();
 }
 
 void ExistingUserController::OnOffTheRecordLoginSuccess() {
   is_login_in_progress_ = false;
   offline_failed_ = false;
   if (WizardController::IsDeviceRegistered()) {
     LoginUtils::Get()->CompleteOffTheRecordLogin(guest_mode_url_);
   } else {
     // Postpone CompleteOffTheRecordLogin until registration completion.
@@ skipping 284 matching lines @@
   // changed.
   UserManager::Get()->SaveUserOAuthStatus(
       username,
       User::OAUTH2_TOKEN_STATUS_INVALID);
 
   login_display_->SetUIEnabled(true);
   login_display_->ShowGaiaPasswordChanged(username);
 }
 
 }  // namespace chromeos