Retrieve the authenticated user's e-mail from GAIA during SAML login

chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/webui/chromeos/login/signin_screen_handler.h"
 
-#include "base/callback.h"
+#include "base/bind.h"
+#include "base/bind_helpers.h"
 #include "base/command_line.h"
 #include "base/debug/trace_event.h"
+#include "base/location.h"
 #include "base/logging.h"
-#include "base/memory/scoped_ptr.h"
 #include "base/metrics/histogram.h"
 #include "base/prefs/pref_registry_simple.h"
 #include "base/prefs/pref_service.h"
 #include "base/prefs/scoped_user_pref_update.h"
 #include "base/strings/string16.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/browser_process_platform_part_chromeos.h"
@@ skipping 23 matching lines @@
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/url_constants.h"
 #include "chromeos/chromeos_switches.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "chromeos/dbus/power_manager_client.h"
 #include "chromeos/ime/input_method_manager.h"
 #include "chromeos/ime/xkeyboard.h"
 #include "chromeos/network/network_state.h"
 #include "chromeos/network/network_state_handler.h"
+#include "content/public/browser/browser_thread.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/web_contents.h"
+#include "google_apis/gaia/gaia_auth_consumer.h"
+#include "google_apis/gaia/gaia_auth_fetcher.h"
 #include "google_apis/gaia/gaia_auth_util.h"
+#include "google_apis/gaia/gaia_constants.h"
+#include "google_apis/gaia/gaia_urls.h"
+#include "google_apis/gaia/google_service_auth_error.h"
 #include "grit/chromium_strings.h"
 #include "grit/generated_resources.h"
+#include "net/cookies/canonical_cookie.h"
+#include "net/cookies/cookie_monster.h"
+#include "net/cookies/cookie_store.h"
+#include "net/url_request/url_request_context.h"
+#include "net/url_request/url_request_context_getter.h"
 #include "third_party/cros_system_api/dbus/service_constants.h"
+#include "url/gurl.h"
 
 #if defined(USE_AURA)
 #include "ash/shell.h"
 #include "ash/wm/lock_state_controller.h"
 #endif
 
 using content::BrowserThread;
 using content::RenderViewHost;
 
 namespace {
@@ skipping 137 matching lines @@
       DLOG(ERROR) << "SigninScreenHandler::SetUserInputMethod('" << username
                   << "'): user input method '" << input_method
                   << "' is not enabled and enabling failed (ignored!).";
     }
   }
   manager->ChangeInputMethod(input_method);
 
   return true;
 }
 
+scoped_refptr<net::CookieStore> GetCookieStoreOnIO(
+    scoped_refptr<net::URLRequestContextGetter> url_request_context_getter) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+  return url_request_context_getter->GetURLRequestContext()->cookie_store();
+}
+
 }  // namespace
 
 // LoginScreenContext implementation ------------------------------------------
 
 LoginScreenContext::LoginScreenContext() {
   Init();
 }
 
 LoginScreenContext::LoginScreenContext(const base::ListValue* args) {
   Init();
 
   if (!args || args->GetSize() == 0)
     return;
   std::string email;
   if (args->GetString(0, &email))
     email_ = email;
 }
 
 void LoginScreenContext::Init() {
   oobe_ui_ = false;
 }
 
 // SigninScreenHandler implementation ------------------------------------------
 
+// Helper class that retrieves the authenticated user's e-mail address.
+class SigninScreenHandler::AuthenticatedUserEmailRetriever

[xiyuan, 2014/01/13 22:05:59]

This class seem generic enough to live out of SigninScreenHandler. Let's put it
in its own file.

[bartfab (slow), 2014/01/14 14:41:33]

Done.

+    : public GaiaAuthConsumer {
+ public:
+  typedef base::Callback<void(const std::string&)>
+      AuthenticatedUserEmailCallback;
+
+  // Extracts the GAIA cookies from |url_request_context_getter|, retrieves the
+  // authenticated user's e-mail address from GAIA and passes it to |callback|.
+  // If the e-mail address cannot be retrieved, an empty string is passed to
+  // the |callback|.
+  AuthenticatedUserEmailRetriever(
+      const AuthenticatedUserEmailCallback& callback,
+      scoped_refptr<net::URLRequestContextGetter> url_request_context_getter);
+  virtual ~AuthenticatedUserEmailRetriever();
+
+  // GaiaAuthConsumer:
+  virtual void OnGetUserInfoSuccess(const UserInfoMap& data) OVERRIDE;
+  virtual void OnGetUserInfoFailure(
+      const GoogleServiceAuthError& error) OVERRIDE;
+
+ private:
+  void ExtractCookies(scoped_refptr<net::CookieStore> cookie_store);
+  void ExtractLSIDFromCookies(const net::CookieList& cookies);
+
+  AuthenticatedUserEmailCallback callback_;
+
+  scoped_refptr<net::URLRequestContextGetter> url_request_context_getter_;
+  scoped_ptr<GaiaAuthFetcher> gaia_auth_fetcher_;
+
+  base::WeakPtrFactory<AuthenticatedUserEmailRetriever> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(AuthenticatedUserEmailRetriever);
+};
+
+SigninScreenHandler::AuthenticatedUserEmailRetriever::
+    AuthenticatedUserEmailRetriever(
+        const AuthenticatedUserEmailCallback& callback,
+        scoped_refptr<net::URLRequestContextGetter> url_request_context_getter)
+    : callback_(callback),
+      url_request_context_getter_(url_request_context_getter),
+      weak_factory_(this) {
+  BrowserThread::PostTaskAndReplyWithResult(
+      BrowserThread::IO,
+      FROM_HERE,
+      base::Bind(&GetCookieStoreOnIO, url_request_context_getter),
+      base::Bind(&AuthenticatedUserEmailRetriever::ExtractCookies,
+                 weak_factory_.GetWeakPtr()));
+}
+
+SigninScreenHandler::AuthenticatedUserEmailRetriever::
+    ~AuthenticatedUserEmailRetriever() {
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::OnGetUserInfoSuccess(
+    const UserInfoMap& data) {
+  UserInfoMap::const_iterator it = data.find("email");
+  callback_.Run(it != data.end() ? it->second : "");
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::OnGetUserInfoFailure(
+    const GoogleServiceAuthError& error) {
+  callback_.Run(std::string());
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::ExtractCookies(
+    scoped_refptr<net::CookieStore> cookie_store) {
+  if (!cookie_store) {
+    callback_.Run(std::string());
+    return;
+  }
+  cookie_store->GetCookieMonster()->GetAllCookiesForURLAsync(
+      GaiaUrls::GetInstance()->gaia_url(),
+      base::Bind(&AuthenticatedUserEmailRetriever::ExtractLSIDFromCookies,
+                 weak_factory_.GetWeakPtr()));
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::
+    ExtractLSIDFromCookies(const net::CookieList& cookies) {
+  for (net::CookieList::const_iterator it = cookies.begin();
+       it != cookies.end(); ++it) {
+    if (it->Name() == "LSID") {
+      gaia_auth_fetcher_.reset(new GaiaAuthFetcher(
+          this,
+          GaiaConstants::kChromeSource,
+          url_request_context_getter_));
+      gaia_auth_fetcher_->StartGetUserInfo(it->Value());
+      return;
+    }
+  }
+  callback_.Run(std::string());
+}
+
 SigninScreenHandler::SigninScreenHandler(
     const scoped_refptr<NetworkStateInformer>& network_state_informer,
     ErrorScreenActor* error_screen_actor,
     CoreOobeActor* core_oobe_actor,
     GaiaScreenHandler* gaia_screen_handler)
     : ui_state_(UI_STATE_UNKNOWN),
       delegate_(NULL),
       native_window_delegate_(NULL),
       show_on_init_(false),
       oobe_ui_(false),
@@ skipping 470 matching lines @@
               &SigninScreenHandler::HandleLoginUIStateChanged);
   AddCallback("unlockOnLoginSuccess",
               &SigninScreenHandler::HandleUnlockOnLoginSuccess);
   AddCallback("showLoadingTimeoutError",
               &SigninScreenHandler::HandleShowLoadingTimeoutError);
   AddCallback("updateOfflineLogin",
               &SigninScreenHandler::HandleUpdateOfflineLogin);
   AddCallback("focusPod", &SigninScreenHandler::HandleFocusPod);
   AddCallback("customButtonClicked",
               &SigninScreenHandler::HandleCustomButtonClicked);
+  AddCallback("retrieveAuthenticatedUserEmail",
+              &SigninScreenHandler::HandleRetrieveAuthenticatedUserEmail);
 
   // This message is sent by the kiosk app menu, but is handled here
   // so we can tell the delegate to launch the app.
   AddCallback("launchKioskApp", &SigninScreenHandler::HandleLaunchKioskApp);
 }
 
 void SigninScreenHandler::RegisterPrefs(PrefRegistrySimple* registry) {
   registry->RegisterDictionaryPref(prefs::kUsersLRUInputMethod);
 }
 
@@ skipping 696 matching lines @@
 void SigninScreenHandler::HandleCustomButtonClicked(
     const std::string& username) {
   if (user_pod_button_callback_map_.find(username)
       == user_pod_button_callback_map_.end()) {
     LOG(WARNING) << "User pod custom button clicked but no callback found";
     return;
   }
   user_pod_button_callback_map_[username].Run();
 }
 
+void SigninScreenHandler::HandleRetrieveAuthenticatedUserEmail(
+    double attempt_token) {
+  email_retriever_.reset(new AuthenticatedUserEmailRetriever(
+      base::Bind(&SigninScreenHandler::CallJS<double, std::string>,
+                 base::Unretained(this),
+                 "login.GaiaSigninScreen.setAuthenticatedUserEmail",
+                 attempt_token),
+      Profile::FromWebUI(web_ui())->GetRequestContext()));
+}
+
 void SigninScreenHandler::HandleLaunchKioskApp(const std::string& app_id) {
   delegate_->LoginAsKioskApp(app_id);
 }
 
 void SigninScreenHandler::StartClearingDnsCache() {
   if (dns_clear_task_running_ || !g_browser_process->io_thread())
     return;
 
   dns_cleared_ = false;
   BrowserThread::PostTaskAndReply(
@@ skipping 167 matching lines @@
   DCHECK(gaia_screen_handler_);
   return gaia_screen_handler_->frame_state();
 }
 
 net::Error SigninScreenHandler::FrameError() const {
   DCHECK(gaia_screen_handler_);
   return gaia_screen_handler_->frame_error();
 }
 
 }  // namespace chromeos