| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/login_performer.h" | 5 #include "chrome/browser/chromeos/login/login_performer.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 120 } | 120 } |
| 121 | 121 |
| 122 void LoginPerformer::OnRetailModeLoginSuccess() { | 122 void LoginPerformer::OnRetailModeLoginSuccess() { |
| 123 content::RecordAction( | 123 content::RecordAction( |
| 124 UserMetricsAction("Login_DemoUserLoginSuccess")); | 124 UserMetricsAction("Login_DemoUserLoginSuccess")); |
| 125 | 125 |
| 126 LoginStatusConsumer::OnRetailModeLoginSuccess(); | 126 LoginStatusConsumer::OnRetailModeLoginSuccess(); |
| 127 } | 127 } |
| 128 | 128 |
| 129 void LoginPerformer::OnLoginSuccess( | 129 void LoginPerformer::OnLoginSuccess( |
| 130 const std::string& username, | 130 const UserCredentials& credentials, |
| 131 const std::string& password, | |
| 132 bool pending_requests, | 131 bool pending_requests, |
| 133 bool using_oauth) { | 132 bool using_oauth) { |
| 134 content::RecordAction(UserMetricsAction("Login_Success")); | 133 content::RecordAction(UserMetricsAction("Login_Success")); |
| 135 // The value of |pending_requests| indicates: | 134 // The value of |pending_requests| indicates: |
| 136 // 0 - New regular user, login success offline and online. | 135 // 0 - New regular user, login success offline and online. |
| 137 // - or - | 136 // - or - |
| 138 // Existing regular user, login success offline and online, offline | 137 // Existing regular user, login success offline and online, offline |
| 139 // authentication took longer than online authentication. | 138 // authentication took longer than online authentication. |
| 140 // - or - | 139 // - or - |
| 141 // Public account user, login successful. | 140 // Public account user, login successful. |
| 142 // 1 - Existing regular user, login success offline only. | 141 // 1 - Existing regular user, login success offline only. |
| 143 UMA_HISTOGRAM_ENUMERATION("Login.SuccessReason", pending_requests, 2); | 142 UMA_HISTOGRAM_ENUMERATION("Login.SuccessReason", pending_requests, 2); |
| 144 | 143 |
| 145 VLOG(1) << "LoginSuccess, pending_requests " << pending_requests; | 144 VLOG(1) << "LoginSuccess, pending_requests " << pending_requests; |
| 146 DCHECK(delegate_); | 145 DCHECK(delegate_); |
| 147 // After delegate_->OnLoginSuccess(...) is called, delegate_ releases | 146 // After delegate_->OnLoginSuccess(...) is called, delegate_ releases |
| 148 // LoginPerformer ownership. LP now manages it's lifetime on its own. | 147 // LoginPerformer ownership. LP now manages it's lifetime on its own. |
| 149 // 2 things could make it exist longer: | 148 // 2 things could make it exist longer: |
| 150 // 1. ScreenLock active (pending correct new password input) | 149 // 1. ScreenLock active (pending correct new password input) |
| 151 // 2. Pending online auth request. | 150 // 2. Pending online auth request. |
| 152 if (!pending_requests) | 151 if (!pending_requests) |
| 153 MessageLoop::current()->DeleteSoon(FROM_HERE, this); | 152 MessageLoop::current()->DeleteSoon(FROM_HERE, this); |
| 154 else | 153 else |
| 155 initial_online_auth_pending_ = true; | 154 initial_online_auth_pending_ = true; |
| 156 | 155 |
| 157 delegate_->OnLoginSuccess(username, | 156 delegate_->OnLoginSuccess(credentials, |
| 158 password, | |
| 159 pending_requests, | 157 pending_requests, |
| 160 using_oauth); | 158 using_oauth); |
| 161 } | 159 } |
| 162 | 160 |
| 163 void LoginPerformer::OnOffTheRecordLoginSuccess() { | 161 void LoginPerformer::OnOffTheRecordLoginSuccess() { |
| 164 content::RecordAction( | 162 content::RecordAction( |
| 165 UserMetricsAction("Login_GuestLoginSuccess")); | 163 UserMetricsAction("Login_GuestLoginSuccess")); |
| 166 | 164 |
| 167 if (delegate_) | 165 if (delegate_) |
| 168 delegate_->OnOffTheRecordLoginSuccess(); | 166 delegate_->OnOffTheRecordLoginSuccess(); |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 212 ResolveScreenLocked(); | 210 ResolveScreenLocked(); |
| 213 } | 211 } |
| 214 } else { | 212 } else { |
| 215 ResolveScreenUnlocked(); | 213 ResolveScreenUnlocked(); |
| 216 } | 214 } |
| 217 } | 215 } |
| 218 | 216 |
| 219 //////////////////////////////////////////////////////////////////////////////// | 217 //////////////////////////////////////////////////////////////////////////////// |
| 220 // LoginPerformer, public: | 218 // LoginPerformer, public: |
| 221 | 219 |
| 222 void LoginPerformer::PerformLogin(const std::string& username, | 220 void LoginPerformer::PerformLogin(const UserCredentials& credentials, |
| 223 const std::string& password, | |
| 224 AuthorizationMode auth_mode) { | 221 AuthorizationMode auth_mode) { |
| 225 auth_mode_ = auth_mode; | 222 auth_mode_ = auth_mode; |
| 226 username_ = username; | 223 credentials_ = credentials; |
| 227 password_ = password; | |
| 228 | 224 |
| 229 CrosSettings* cros_settings = CrosSettings::Get(); | 225 CrosSettings* cros_settings = CrosSettings::Get(); |
| 230 | 226 |
| 231 // Whitelist check is always performed during initial login and | 227 // Whitelist check is always performed during initial login and |
| 232 // should not be performed when ScreenLock is active (pending online auth). | 228 // should not be performed when ScreenLock is active (pending online auth). |
| 233 if (!ScreenLocker::default_screen_locker()) { | 229 if (!ScreenLocker::default_screen_locker()) { |
| 234 CrosSettingsProvider::TrustedStatus status = | 230 CrosSettingsProvider::TrustedStatus status = |
| 235 cros_settings->PrepareTrustedValues( | 231 cros_settings->PrepareTrustedValues( |
| 236 base::Bind(&LoginPerformer::PerformLogin, | 232 base::Bind(&LoginPerformer::PerformLogin, |
| 237 weak_factory_.GetWeakPtr(), | 233 weak_factory_.GetWeakPtr(), |
| 238 username, password, auth_mode)); | 234 credentials_, auth_mode)); |
| 239 // Must not proceed without signature verification. | 235 // Must not proceed without signature verification. |
| 240 if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) { | 236 if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) { |
| 241 if (delegate_) | 237 if (delegate_) |
| 242 delegate_->PolicyLoadFailed(); | 238 delegate_->PolicyLoadFailed(); |
| 243 else | 239 else |
| 244 NOTREACHED(); | 240 NOTREACHED(); |
| 245 return; | 241 return; |
| 246 } else if (status != CrosSettingsProvider::TRUSTED) { | 242 } else if (status != CrosSettingsProvider::TRUSTED) { |
| 247 // Value of AllowNewUser setting is still not verified. | 243 // Value of AllowNewUser setting is still not verified. |
| 248 // Another attempt will be invoked after verification completion. | 244 // Another attempt will be invoked after verification completion. |
| 249 return; | 245 return; |
| 250 } | 246 } |
| 251 } | 247 } |
| 252 | 248 |
| 253 bool is_whitelisted = LoginUtils::IsWhitelisted( | 249 bool is_whitelisted = LoginUtils::IsWhitelisted( |
| 254 gaia::CanonicalizeEmail(username)); | 250 gaia::CanonicalizeEmail(credentials.username)); |
| 255 if (ScreenLocker::default_screen_locker() || is_whitelisted) { | 251 if (ScreenLocker::default_screen_locker() || is_whitelisted) { |
| 256 switch (auth_mode_) { | 252 switch (auth_mode_) { |
| 257 case AUTH_MODE_EXTENSION: | 253 case AUTH_MODE_EXTENSION: |
| 258 StartLoginCompletion(); | 254 StartLoginCompletion(); |
| 259 break; | 255 break; |
| 260 case AUTH_MODE_INTERNAL: | 256 case AUTH_MODE_INTERNAL: |
| 261 StartAuthentication(); | 257 StartAuthentication(); |
| 262 break; | 258 break; |
| 263 } | 259 } |
| 264 } else { | 260 } else { |
| 265 if (delegate_) | 261 if (delegate_) |
| 266 delegate_->WhiteListCheckFailed(username); | 262 delegate_->WhiteListCheckFailed(credentials.username); |
| 267 else | 263 else |
| 268 NOTREACHED(); | 264 NOTREACHED(); |
| 269 } | 265 } |
| 270 } | 266 } |
| 271 | 267 |
| 272 void LoginPerformer::CreateLocallyManagedUser(const string16& display_name, | 268 void LoginPerformer::CreateLocallyManagedUser(const string16& display_name, |
| 273 const std::string& password) { | 269 const std::string& password) { |
| 274 std::string id = UserManager::Get()->GenerateUniqueLocallyManagedUserId(); | 270 std::string id = UserManager::Get()->GenerateUniqueLocallyManagedUserId(); |
| 275 const User* user = UserManager::Get()-> | 271 const User* user = UserManager::Get()-> |
| 276 CreateLocallyManagedUserRecord(id, display_name); | 272 CreateLocallyManagedUserRecord(id, display_name); |
| 277 LoginAsLocallyManagedUser(user->email(), password); | 273 LoginAsLocallyManagedUser(UserCredentials(user->email(), |
| 274 password, |
| 275 std::string())); // auth_code |
| 278 } | 276 } |
| 279 | 277 |
| 280 void LoginPerformer::LoginAsLocallyManagedUser(const std::string& username, | 278 void LoginPerformer::LoginAsLocallyManagedUser( |
| 281 const std::string& password) { | 279 const UserCredentials& credentials) { |
| 282 DCHECK_EQ(UserManager::kLocallyManagedUserDomain, | 280 DCHECK_EQ(UserManager::kLocallyManagedUserDomain, |
| 283 gaia::ExtractDomainName(username)); | 281 gaia::ExtractDomainName(credentials.username)); |
| 284 // TODO(nkostylev): Check that policy allows locally managed user login. | 282 // TODO(nkostylev): Check that policy allows locally managed user login. |
| 285 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 283 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); |
| 286 BrowserThread::PostTask( | 284 BrowserThread::PostTask( |
| 287 BrowserThread::UI, FROM_HERE, | 285 BrowserThread::UI, FROM_HERE, |
| 288 base::Bind(&Authenticator::LoginAsLocallyManagedUser, | 286 base::Bind(&Authenticator::LoginAsLocallyManagedUser, |
| 289 authenticator_.get(), | 287 authenticator_.get(), |
| 290 username, | 288 credentials)); |
| 291 password)); | |
| 292 } | 289 } |
| 293 | 290 |
| 294 void LoginPerformer::LoginRetailMode() { | 291 void LoginPerformer::LoginRetailMode() { |
| 295 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 292 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); |
| 296 BrowserThread::PostTask( | 293 BrowserThread::PostTask( |
| 297 BrowserThread::UI, FROM_HERE, | 294 BrowserThread::UI, FROM_HERE, |
| 298 base::Bind(&Authenticator::LoginRetailMode, authenticator_.get())); | 295 base::Bind(&Authenticator::LoginRetailMode, authenticator_.get())); |
| 299 } | 296 } |
| 300 | 297 |
| 301 void LoginPerformer::LoginOffTheRecord() { | 298 void LoginPerformer::LoginOffTheRecord() { |
| (...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 487 void LoginPerformer::StartLoginCompletion() { | 484 void LoginPerformer::StartLoginCompletion() { |
| 488 DVLOG(1) << "Login completion started"; | 485 DVLOG(1) << "Login completion started"; |
| 489 BootTimesLoader::Get()->AddLoginTimeMarker("AuthStarted", false); | 486 BootTimesLoader::Get()->AddLoginTimeMarker("AuthStarted", false); |
| 490 Profile* profile = g_browser_process->profile_manager()->GetDefaultProfile(); | 487 Profile* profile = g_browser_process->profile_manager()->GetDefaultProfile(); |
| 491 | 488 |
| 492 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 489 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); |
| 493 BrowserThread::PostTask( | 490 BrowserThread::PostTask( |
| 494 BrowserThread::UI, FROM_HERE, | 491 BrowserThread::UI, FROM_HERE, |
| 495 base::Bind(&Authenticator::CompleteLogin, authenticator_.get(), | 492 base::Bind(&Authenticator::CompleteLogin, authenticator_.get(), |
| 496 profile, | 493 profile, |
| 497 username_, | 494 credentials_)); |
| 498 password_)); | |
| 499 | 495 |
| 500 password_.clear(); | 496 credentials_.password.clear(); |
| 497 credentials_.auth_code.clear(); |
| 501 } | 498 } |
| 502 | 499 |
| 503 void LoginPerformer::StartAuthentication() { | 500 void LoginPerformer::StartAuthentication() { |
| 504 DVLOG(1) << "Auth started"; | 501 DVLOG(1) << "Auth started"; |
| 505 BootTimesLoader::Get()->AddLoginTimeMarker("AuthStarted", false); | 502 BootTimesLoader::Get()->AddLoginTimeMarker("AuthStarted", false); |
| 506 Profile* profile; | 503 Profile* profile; |
| 507 { | 504 { |
| 508 // This should be the first place where GetDefaultProfile() is called with | 505 // This should be the first place where GetDefaultProfile() is called with |
| 509 // logged_in_ = true. This will trigger a call to Profile::CreateProfile() | 506 // logged_in_ = true. This will trigger a call to Profile::CreateProfile() |
| 510 // which requires IO access. | 507 // which requires IO access. |
| 511 base::ThreadRestrictions::ScopedAllowIO allow_io; | 508 base::ThreadRestrictions::ScopedAllowIO allow_io; |
| 512 profile = g_browser_process->profile_manager()->GetDefaultProfile(); | 509 profile = g_browser_process->profile_manager()->GetDefaultProfile(); |
| 513 } | 510 } |
| 514 if (delegate_) { | 511 if (delegate_) { |
| 515 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 512 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); |
| 516 BrowserThread::PostTask( | 513 BrowserThread::PostTask( |
| 517 BrowserThread::UI, FROM_HERE, | 514 BrowserThread::UI, FROM_HERE, |
| 518 base::Bind(&Authenticator::AuthenticateToLogin, authenticator_.get(), | 515 base::Bind(&Authenticator::AuthenticateToLogin, authenticator_.get(), |
| 519 profile, | 516 profile, |
| 520 username_, | 517 credentials_, |
| 521 password_, | |
| 522 std::string(), | 518 std::string(), |
| 523 std::string())); | 519 std::string())); |
| 524 // Make unobtrusive online check. It helps to determine password change | 520 // Make unobtrusive online check. It helps to determine password change |
| 525 // state in the case when offline login fails. | 521 // state in the case when offline login fails. |
| 526 online_attempt_host_.Check(profile, username_, password_); | 522 online_attempt_host_.Check(profile, credentials_); |
| 527 } else { | 523 } else { |
| 528 DCHECK(authenticator_.get()) | 524 DCHECK(authenticator_.get()) |
| 529 << "Authenticator instance doesn't exist for login attempt retry."; | 525 << "Authenticator instance doesn't exist for login attempt retry."; |
| 530 // At this point offline auth has been successful, | 526 // At this point offline auth has been successful, |
| 531 // retry online auth, using existing Authenticator instance. | 527 // retry online auth, using existing Authenticator instance. |
| 532 BrowserThread::PostTask( | 528 BrowserThread::PostTask( |
| 533 BrowserThread::UI, FROM_HERE, | 529 BrowserThread::UI, FROM_HERE, |
| 534 base::Bind(&Authenticator::RetryAuth, authenticator_.get(), | 530 base::Bind(&Authenticator::RetryAuth, authenticator_.get(), |
| 535 profile, | 531 profile, |
| 536 username_, | 532 credentials_, |
| 537 password_, | |
| 538 std::string(), | 533 std::string(), |
| 539 std::string())); | 534 std::string())); |
| 540 } | 535 } |
| 541 password_.clear(); | 536 credentials_.password.clear(); |
| 537 credentials_.auth_code.clear(); |
| 542 } | 538 } |
| 543 | 539 |
| 544 } // namespace chromeos | 540 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12704002:
Support for auth code based authentication flow for both app and web UI driven flow. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src