Implement new password separated sign in flow for chrome desktop.

chrome/browser/ui/webui/signin/inline_login_handler_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h"
 
 #include <string>
 
 #include "base/bind.h"
 #include "base/callback_helpers.h"
@@ skipping 35 matching lines @@
 #include "components/signin/core/browser/about_signin_internals.h"
 #include "components/signin/core/browser/account_tracker_service.h"
 #include "components/signin/core/browser/profile_oauth2_token_service.h"
 #include "components/signin/core/browser/signin_error_controller.h"
 #include "components/signin/core/browser/signin_header_helper.h"
 #include "components/signin/core/browser/signin_metrics.h"
 #include "components/signin/core/common/profile_management_switches.h"
 #include "components/signin/core/common/signin_pref_names.h"
 #include "content/public/browser/storage_partition.h"
 #include "content/public/browser/web_ui.h"
-#include "google_apis/gaia/gaia_auth_consumer.h"
 #include "google_apis/gaia/gaia_auth_fetcher.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 #include "google_apis/gaia/gaia_constants.h"
 #include "google_apis/gaia/gaia_urls.h"
 #include "grit/components_strings.h"
 #include "net/base/url_util.h"
 #include "ui/base/l10n/l10n_util.h"
 
 namespace {
 
@@ skipping 28 matching lines @@
 }
 
 void RedirectToNtpOrAppsPageIfNecessary(content::WebContents* contents,
                                         signin_metrics::Source source) {
   if (source != signin_metrics::SOURCE_SETTINGS)
     RedirectToNtpOrAppsPage(contents, source);
 }
 
 class ConfirmEmailDialogDelegate : public TabModalConfirmDialogDelegate {
  public:
-  enum Action {
-    CREATE_NEW_USER,
-    START_SYNC,
-    CLOSE
-  };
-
   // Callback indicating action performed by the user.
-  typedef base::Callback<void(Action)> Callback;
+  typedef base::Callback<void(InlineSigninHelper::Action)> Callback;
 
   // Ask the user for confirmation before starting to sync.
   static void AskForConfirmation(content::WebContents* contents,
                                  const std::string& last_email,
                                  const std::string& email,
                                  Callback callback);
 
  private:
   ConfirmEmailDialogDelegate(content::WebContents* contents,
                              const std::string& last_email,
@@ skipping 67 matching lines @@
 base::string16 ConfirmEmailDialogDelegate::GetCancelButtonTitle() {
   return l10n_util::GetStringUTF16(
       IDS_ONE_CLICK_SIGNIN_CONFIRM_EMAIL_DIALOG_CANCEL_BUTTON);
 }
 
 base::string16 ConfirmEmailDialogDelegate::GetLinkText() const {
   return l10n_util::GetStringUTF16(IDS_LEARN_MORE);
 }
 
 void ConfirmEmailDialogDelegate::OnAccepted() {
-  base::ResetAndReturn(&callback_).Run(CREATE_NEW_USER);
+  base::ResetAndReturn(&callback_).Run(InlineSigninHelper::CREATE_NEW_USER);
 }
 
 void ConfirmEmailDialogDelegate::OnCanceled() {
-  base::ResetAndReturn(&callback_).Run(START_SYNC);
+  base::ResetAndReturn(&callback_).Run(InlineSigninHelper::START_SYNC);
 }
 
 void ConfirmEmailDialogDelegate::OnClosed() {
-  base::ResetAndReturn(&callback_).Run(CLOSE);
+  base::ResetAndReturn(&callback_).Run(InlineSigninHelper::CLOSE);
 }
 
 void ConfirmEmailDialogDelegate::OnLinkClicked(
     WindowOpenDisposition disposition) {
   content::OpenURLParams params(
       GURL(chrome::kChromeSyncMergeTroubleshootingURL),
       content::Referrer(),
       NEW_POPUP,
       ui::PAGE_TRANSITION_AUTO_TOPLEVEL,
       false);
   // It is guaranteed that |web_contents_| is valid here because when it's
   // deleted, the dialog is immediately closed and no further action can be
   // performed.
   web_contents_->OpenURL(params);
 }
 
-class InlineSigninHelper : public GaiaAuthConsumer {
- public:
-  InlineSigninHelper(
-      base::WeakPtr<InlineLoginHandlerImpl> handler,
-      net::URLRequestContextGetter* getter,
-      Profile* profile,
-      const GURL& current_url,
-      const std::string& email,
-      const std::string& gaia_id,
-      const std::string& password,
-      const std::string& session_index,
-      const std::string& signin_scoped_device_id,
-      bool choose_what_to_sync,
-      bool confirm_untrusted_signin);
-
- private:
-  // Handles cross account sign in error. If the supplied |email| does not match
-  // the last signed in email of the current profile, then Chrome will show a
-  // confirmation dialog before starting sync. It returns true if there is a
-  // cross account error, and false otherwise.
-  bool HandleCrossAccountError(
-      const std::string& refresh_token,
-      signin_metrics::Source source,
-      OneClickSigninSyncStarter::ConfirmationRequired confirmation_required,
-      OneClickSigninSyncStarter::StartSyncMode start_mode);
-
-  // Callback used with ConfirmEmailDialogDelegate.
-  void ConfirmEmailAction(
-      content::WebContents* web_contents,
-      const std::string& refresh_token,
-      signin_metrics::Source source,
-      OneClickSigninSyncStarter::ConfirmationRequired confirmation_required,
-      OneClickSigninSyncStarter::StartSyncMode start_mode,
-      ConfirmEmailDialogDelegate::Action action);
-
-  // Overridden from GaiaAuthConsumer.
-  void OnClientOAuthSuccess(const ClientOAuthResult& result) override;
-  void OnClientOAuthFailure(const GoogleServiceAuthError& error)
-      override;
-
-  GaiaAuthFetcher gaia_auth_fetcher_;
-  base::WeakPtr<InlineLoginHandlerImpl> handler_;
-  Profile* profile_;
-  GURL current_url_;
-  std::string email_;
-  std::string gaia_id_;
-  std::string password_;
-  std::string session_index_;
-  bool choose_what_to_sync_;
-  bool confirm_untrusted_signin_;
-
-  DISALLOW_COPY_AND_ASSIGN(InlineSigninHelper);
-};
+}  // namespace
 
 InlineSigninHelper::InlineSigninHelper(
     base::WeakPtr<InlineLoginHandlerImpl> handler,
     net::URLRequestContextGetter* getter,
     Profile* profile,
     const GURL& current_url,
     const std::string& email,
     const std::string& gaia_id,
     const std::string& password,
     const std::string& session_index,
+    const std::string& auth_code,
     const std::string& signin_scoped_device_id,
     bool choose_what_to_sync,
     bool confirm_untrusted_signin)
     : gaia_auth_fetcher_(this, GaiaConstants::kChromeSource, getter),
       handler_(handler),
       profile_(profile),
       current_url_(current_url),
       email_(email),
       gaia_id_(gaia_id),
       password_(password),
       session_index_(session_index),
+      auth_code_(auth_code),
       choose_what_to_sync_(choose_what_to_sync),
       confirm_untrusted_signin_(confirm_untrusted_signin) {
   DCHECK(profile_);
   DCHECK(!email_.empty());
-  gaia_auth_fetcher_.StartCookieForOAuthLoginTokenExchangeWithDeviceId(
-      session_index, signin_scoped_device_id);
+  if (!auth_code_.empty()) {
+    gaia_auth_fetcher_.StartAuthCodeForOAuth2TokenExchangeWithDeviceId(
+        auth_code, signin_scoped_device_id);
+  } else {
+    DCHECK(!session_index_.empty());
+    gaia_auth_fetcher_.StartCookieForOAuthLoginTokenExchangeWithDeviceId(
+        session_index_, signin_scoped_device_id);
+  }
 }
 
+InlineSigninHelper::~InlineSigninHelper() {}
+
 void InlineSigninHelper::OnClientOAuthSuccess(const ClientOAuthResult& result) {
   content::WebContents* contents = NULL;
   Browser* browser = NULL;
   if (handler_) {
     contents = handler_->web_ui()->GetWebContents();
     browser = handler_->GetDesktopBrowser();
   }
 
   AboutSigninInternals* about_signin_internals =
       AboutSigninInternalsFactory::GetForProfile(profile_);
@@ skipping 66 matching lines @@
       confirmation_required =
           source == signin_metrics::SOURCE_SETTINGS ||
           choose_what_to_sync_ ?
               OneClickSigninSyncStarter::NO_CONFIRMATION :
               OneClickSigninSyncStarter::CONFIRM_AFTER_SIGNIN;
     }
 
     bool start_signin = !HandleCrossAccountError(result.refresh_token, source,
         confirmation_required, start_mode);
     if (start_signin) {
       // Call OneClickSigninSyncStarter to exchange oauth code for tokens.

[achuithb, 2015/10/02 21:51:06]

This comment should go in the header file I think

[Roger Tawa OOO till Jul 10th, 2015/10/05 12:18:59]

Done.

       // OneClickSigninSyncStarter will delete itself once the job is done.

[achuithb, 2015/10/02 21:51:06]

This comment should go right before you create a new instance of
OneClickSigninSyncStarter

[Roger Tawa OOO till Jul 10th, 2015/10/05 12:18:59]

Done.

-      new OneClickSigninSyncStarter(
-          profile_, browser,
-          gaia_id_, email_, password_, result.refresh_token,
-          start_mode,
-          contents,
-          confirmation_required,
-          signin::GetNextPageURLForPromoURL(current_url_),
-          base::Bind(&InlineLoginHandlerImpl::SyncStarterCallback, handler_));
+      CreateSyncStarter(browser,
+                        contents,
+                        signin::GetNextPageURLForPromoURL(current_url_),
+                        result.refresh_token,
+                        start_mode,
+                        confirmation_required);
       base::ThreadTaskRunnerHandle::Get()->DeleteSoon(FROM_HERE, this);
     }
   }
 }
 
+void InlineSigninHelper::CreateSyncStarter(
+    Browser* browser,
+    content::WebContents* contents,
+    const GURL& url,
+    const std::string& refresh_token,
+    OneClickSigninSyncStarter::StartSyncMode start_mode,
+    OneClickSigninSyncStarter::ConfirmationRequired confirmation_required) {
+  new OneClickSigninSyncStarter(
+      profile_, browser,
+      gaia_id_, email_, password_, refresh_token,
+      start_mode,
+      contents,
+      confirmation_required,
+      url,
+      base::Bind(&InlineLoginHandlerImpl::SyncStarterCallback, handler_));
+}
+
 bool InlineSigninHelper::HandleCrossAccountError(
     const std::string& refresh_token,
     signin_metrics::Source source,
     OneClickSigninSyncStarter::ConfirmationRequired confirmation_required,
     OneClickSigninSyncStarter::StartSyncMode start_mode) {
   std::string last_email =
       profile_->GetPrefs()->GetString(prefs::kGoogleServicesLastUsername);
 
   if (last_email.empty() || gaia::AreEmailsSame(last_email, email_))
     return false;
@@ skipping 16 matching lines @@
                  start_mode));
   return true;
 }
 
 void InlineSigninHelper::ConfirmEmailAction(
     content::WebContents* web_contents,
     const std::string& refresh_token,
     signin_metrics::Source source,
     OneClickSigninSyncStarter::ConfirmationRequired confirmation_required,
     OneClickSigninSyncStarter::StartSyncMode start_mode,
-    ConfirmEmailDialogDelegate::Action action) {
+    InlineSigninHelper::Action action) {
   Browser* browser = chrome::FindLastActiveWithProfile(
       profile_, chrome::GetActiveDesktop());
   switch (action) {
-    case ConfirmEmailDialogDelegate::CREATE_NEW_USER:
+    case InlineSigninHelper::CREATE_NEW_USER:
       if (handler_) {
         handler_->SyncStarterCallback(
             OneClickSigninSyncStarter::SYNC_SETUP_FAILURE);
       }
       chrome::ShowSettingsSubPage(browser,
                                   std::string(chrome::kCreateProfileSubPage));
       break;
-    case ConfirmEmailDialogDelegate::START_SYNC:
-      new OneClickSigninSyncStarter(
-          profile_, browser, gaia_id_, email_, password_, refresh_token,
-          start_mode, web_contents, confirmation_required, GURL(),
-          base::Bind(&InlineLoginHandlerImpl::SyncStarterCallback, handler_));
+    case InlineSigninHelper::START_SYNC:
+      CreateSyncStarter(browser, web_contents, GURL(), refresh_token,
+          start_mode, confirmation_required);
       break;
-    case ConfirmEmailDialogDelegate::CLOSE:
+    case InlineSigninHelper::CLOSE:
       if (handler_) {
         handler_->SyncStarterCallback(
             OneClickSigninSyncStarter::SYNC_SETUP_FAILURE);
       }
       break;
     default:
       DCHECK(false) << "Invalid action";
   }
   base::ThreadTaskRunnerHandle::Get()->DeleteSoon(FROM_HERE, this);
 }
 
 void InlineSigninHelper::OnClientOAuthFailure(
   const GoogleServiceAuthError& error) {
   if (handler_)
     handler_->HandleLoginError(error.ToString());
 
   AboutSigninInternals* about_signin_internals =
     AboutSigninInternalsFactory::GetForProfile(profile_);
   about_signin_internals->OnRefreshTokenReceived("Failure");
 
   base::ThreadTaskRunnerHandle::Get()->DeleteSoon(FROM_HERE, this);
 }
 
-}  // namespace
-
 InlineLoginHandlerImpl::InlineLoginHandlerImpl()
       : confirm_untrusted_signin_(false),
         weak_factory_(this) {
 }
 
 InlineLoginHandlerImpl::~InlineLoginHandlerImpl() {}
 
 // This method is not called with webview sign in enabled.
 void InlineLoginHandlerImpl::DidCommitProvisionalLoadForFrame(
     content::RenderFrameHost* render_frame_host,
@@ skipping 106 matching lines @@
 void InlineLoginHandlerImpl::SetExtraInitParams(base::DictionaryValue& params) {
   params.SetString("service", "chromiumsync");
 
   // If this was called from the user manager to reauthenticate the profile,
   // make sure the webui is aware.
   Profile* profile = Profile::FromWebUI(web_ui());
   if (IsSystemProfile(profile))
     params.SetBoolean("dontResizeNonEmbeddedPages", true);
 
   content::WebContents* contents = web_ui()->GetWebContents();
+  const GURL& current_url = contents->GetURL();
+  signin_metrics::Source source = signin::GetSourceForPromoURL(current_url);
+
+  std::string is_constrained;
+  net::GetValueForKeyInQuery(current_url, "constrained", &is_constrained);
+
+  // Use new embedded flow if in constrained window.
+  if (is_constrained == "1") {
+    const bool is_new_gaia_flow = switches::UsePasswordSeparatedSigninFlow();
+    const GURL url = is_new_gaia_flow

[achuithb, 2015/10/02 21:51:06]

const GURL&, you don't need to copy

[Roger Tawa OOO till Jul 10th, 2015/10/05 12:18:59]

Done.

+            ? GaiaUrls::GetInstance()->embedded_signin_url()
+            : GaiaUrls::GetInstance()->password_combined_embedded_signin_url();
+    params.SetBoolean("isNewGaiaFlow", is_new_gaia_flow);
+    params.SetString("clientId",
+                     GaiaUrls::GetInstance()->oauth2_chrome_client_id());
+    params.SetString("gaiaPath", url.path().substr(1));
+
+    std::string flow;
+    switch (source) {
+      case signin_metrics::SOURCE_AVATAR_BUBBLE_ADD_ACCOUNT:
+        flow = "addaccount";
+        break;
+      case signin_metrics::SOURCE_REAUTH:
+        flow = "reauth";
+        break;
+      default:
+        flow = "signin";
+        break;
+    }
+    params.SetString("flow", flow);
+  }
+
   content::WebContentsObserver::Observe(contents);
   LogHistogramValue(signin_metrics::HISTOGRAM_SHOWN);
 }
 
 void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) {
   content::WebContents* contents = web_ui()->GetWebContents();
   const GURL& current_url = contents->GetURL();
 
   const base::DictionaryValue* dict = NULL;
   args->GetDictionary(0, &dict);
@@ skipping 18 matching lines @@
 
   base::string16 password_string16;
   dict->GetString("password", &password_string16);
   std::string password(base::UTF16ToASCII(password_string16));
 
   base::string16 gaia_id_string16;
   dict->GetString("gaiaId", &gaia_id_string16);
   DCHECK(!gaia_id_string16.empty());
   std::string gaia_id = base::UTF16ToASCII(gaia_id_string16);
 
+  std::string is_constrained;
+  net::GetValueForKeyInQuery(current_url, "constrained", &is_constrained);
+  const bool is_password_separated_signin_flow = is_constrained == "1" &&
+      switches::UsePasswordSeparatedSigninFlow();
+
   base::string16 session_index_string16;
   dict->GetString("sessionIndex", &session_index_string16);
   std::string session_index = base::UTF16ToASCII(session_index_string16);
-  DCHECK(!session_index.empty());
+  DCHECK(is_password_separated_signin_flow || !session_index.empty());
+
+  base::string16 auth_code_string16;
+  dict->GetString("authCode", &auth_code_string16);
+  std::string auth_code = base::UTF16ToASCII(auth_code_string16);
+  DCHECK(!is_password_separated_signin_flow || !auth_code.empty());
 
   bool choose_what_to_sync = false;
   dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync);
 
   content::StoragePartition* partition =
       content::BrowserContext::GetStoragePartitionForSite(
           contents->GetBrowserContext(), signin::GetSigninPartitionURL());
 
   // If this was called from the user manager to reauthenticate the profile,
   // the current profile is the system profile.  In this case, use the email to
   // find the right profile to reauthenticate.  Otherwise the profile can be
   // taken from web_ui().
   Profile* profile = Profile::FromWebUI(web_ui());
   if (IsSystemProfile(profile)) {
     // Switch to the profile and finish the login.  Don't pass a handler pointer
     // since it will be destroyed before the callback runs.
     ProfileManager* manager = g_browser_process->profile_manager();
     base::FilePath path = profiles::GetPathOfProfileWithEmail(manager, email);
     if (!path.empty()) {
       FinishCompleteLoginParams params(nullptr, partition, current_url, path,
                                        confirm_untrusted_signin_, email,
                                        gaia_id, password, session_index,
-                                       choose_what_to_sync);
+                                       auth_code, choose_what_to_sync);
       ProfileManager::CreateCallback callback = base::Bind(
           &InlineLoginHandlerImpl::FinishCompleteLogin, params);
       profiles::SwitchToProfile(path, chrome::GetActiveDesktop(), true,
           callback, ProfileMetrics::SWITCH_PROFILE_UNLOCK);
     }
   } else {
     FinishCompleteLogin(
         FinishCompleteLoginParams(this, partition, current_url,
                                   base::FilePath(), confirm_untrusted_signin_,
                                   email, gaia_id, password, session_index,
-                                  choose_what_to_sync),
+                                  auth_code, choose_what_to_sync),
         profile,
         Profile::CREATE_STATUS_CREATED);
   }
 }
 
 InlineLoginHandlerImpl::FinishCompleteLoginParams::FinishCompleteLoginParams(
     InlineLoginHandlerImpl* handler,
     content::StoragePartition* partition,
     const GURL& url,
     const base::FilePath& profile_path,
     bool confirm_untrusted_signin,
     const std::string& email,
     const std::string& gaia_id,
     const std::string& password,
     const std::string& session_index,
+    const std::string& auth_code,
     bool choose_what_to_sync)
     : handler(handler),
       partition(partition),
       url(url),
       profile_path(profile_path),
       confirm_untrusted_signin(confirm_untrusted_signin),
       email(email),
       gaia_id(gaia_id),
       password(password),
       session_index(session_index),
+      auth_code(auth_code),
       choose_what_to_sync(choose_what_to_sync) {}
 
 InlineLoginHandlerImpl::
     FinishCompleteLoginParams::~FinishCompleteLoginParams() {}
 
 // static
 void InlineLoginHandlerImpl::FinishCompleteLogin(
     const FinishCompleteLoginParams& params,
     Profile* profile,
     Profile::CreateStatus status) {
@@ skipping 63 matching lines @@
       signin_client->GetSigninScopedDeviceId();
   base::WeakPtr<InlineLoginHandlerImpl> handler_weak_ptr;
   if (params.handler)
     handler_weak_ptr = params.handler->GetWeakPtr();
 
   // InlineSigninHelper will delete itself.
   new InlineSigninHelper(handler_weak_ptr,
                          params.partition->GetURLRequestContext(), profile,
                          params.url,
                          params.email, params.gaia_id, params.password,
-                         params.session_index, signin_scoped_device_id,
+                         params.session_index, params.auth_code,
+                         signin_scoped_device_id,
                          params.choose_what_to_sync,
                          params.confirm_untrusted_signin);
 
   // If opened from user manager to reauthenticate, make sure the user manager
   // is closed and that the profile is marked as unlocked.
   if (!params.profile_path.empty()) {
     UserManager::Hide();
     ProfileManager* profile_manager = g_browser_process->profile_manager();
     if (profile_manager) {
       ProfileAttributesEntry* entry;
@@ skipping 70 matching lines @@
       }
     }
 
     if (show_account_management) {
       browser->window()->ShowAvatarBubbleFromAvatarButton(
             BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT,
             signin::ManageAccountsParams());
     }
   }
 }