Retrieve the authenticated user's e-mail from GAIA during SAML login

chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc

Index: chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc
diff --git a/chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc b/chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc
index 080284cf1c156abbc585472fe1298ffe6e248aa9..a85b51e7107cf5d2fd46afa42ec7db00b7e1330f 100644
--- a/chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc
+++ b/chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc
@@ -4,11 +4,12 @@
 
 #include "chrome/browser/ui/webui/chromeos/login/signin_screen_handler.h"
 
-#include "base/callback.h"
+#include "base/bind.h"
+#include "base/bind_helpers.h"
 #include "base/command_line.h"
 #include "base/debug/trace_event.h"
+#include "base/location.h"
 #include "base/logging.h"
-#include "base/memory/scoped_ptr.h"
 #include "base/metrics/histogram.h"
 #include "base/prefs/pref_registry_simple.h"
 #include "base/prefs/pref_service.h"
@@ -52,12 +53,24 @@
 #include "chromeos/ime/xkeyboard.h"
 #include "chromeos/network/network_state.h"
 #include "chromeos/network/network_state_handler.h"
+#include "content/public/browser/browser_thread.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/web_contents.h"
+#include "google_apis/gaia/gaia_auth_consumer.h"
+#include "google_apis/gaia/gaia_auth_fetcher.h"
 #include "google_apis/gaia/gaia_auth_util.h"
+#include "google_apis/gaia/gaia_constants.h"
+#include "google_apis/gaia/gaia_urls.h"
+#include "google_apis/gaia/google_service_auth_error.h"
 #include "grit/chromium_strings.h"
 #include "grit/generated_resources.h"
+#include "net/cookies/canonical_cookie.h"
+#include "net/cookies/cookie_monster.h"
+#include "net/cookies/cookie_store.h"
+#include "net/url_request/url_request_context.h"
+#include "net/url_request/url_request_context_getter.h"
 #include "third_party/cros_system_api/dbus/service_constants.h"
+#include "url/gurl.h"
 
 #if defined(USE_AURA)
 #include "ash/shell.h"
@@ -215,6 +228,12 @@ static bool SetUserInputMethodImpl(
   return true;
 }
 
+scoped_refptr<net::CookieStore> GetCookieStoreOnIO(
+    scoped_refptr<net::URLRequestContextGetter> url_request_context_getter) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+  return url_request_context_getter->GetURLRequestContext()->cookie_store();
+}
+
 }  // namespace
 
 // LoginScreenContext implementation ------------------------------------------
@@ -239,6 +258,99 @@ void LoginScreenContext::Init() {
 
 // SigninScreenHandler implementation ------------------------------------------
 
+// Helper class that retrieves the authenticated user's e-mail address.
+class SigninScreenHandler::AuthenticatedUserEmailRetriever

[xiyuan, 2014/01/13 22:05:59]

This class seem generic enough to live out of SigninScreenHandler. Let's put it
in its own file.

[bartfab (slow), 2014/01/14 14:41:33]

Done.

+    : public GaiaAuthConsumer {
+ public:
+  typedef base::Callback<void(const std::string&)>
+      AuthenticatedUserEmailCallback;
+
+  // Extracts the GAIA cookies from |url_request_context_getter|, retrieves the
+  // authenticated user's e-mail address from GAIA and passes it to |callback|.
+  // If the e-mail address cannot be retrieved, an empty string is passed to
+  // the |callback|.
+  AuthenticatedUserEmailRetriever(
+      const AuthenticatedUserEmailCallback& callback,
+      scoped_refptr<net::URLRequestContextGetter> url_request_context_getter);
+  virtual ~AuthenticatedUserEmailRetriever();
+
+  // GaiaAuthConsumer:
+  virtual void OnGetUserInfoSuccess(const UserInfoMap& data) OVERRIDE;
+  virtual void OnGetUserInfoFailure(
+      const GoogleServiceAuthError& error) OVERRIDE;
+
+ private:
+  void ExtractCookies(scoped_refptr<net::CookieStore> cookie_store);
+  void ExtractLSIDFromCookies(const net::CookieList& cookies);
+
+  AuthenticatedUserEmailCallback callback_;
+
+  scoped_refptr<net::URLRequestContextGetter> url_request_context_getter_;
+  scoped_ptr<GaiaAuthFetcher> gaia_auth_fetcher_;
+
+  base::WeakPtrFactory<AuthenticatedUserEmailRetriever> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(AuthenticatedUserEmailRetriever);
+};
+
+SigninScreenHandler::AuthenticatedUserEmailRetriever::
+    AuthenticatedUserEmailRetriever(
+        const AuthenticatedUserEmailCallback& callback,
+        scoped_refptr<net::URLRequestContextGetter> url_request_context_getter)
+    : callback_(callback),
+      url_request_context_getter_(url_request_context_getter),
+      weak_factory_(this) {
+  BrowserThread::PostTaskAndReplyWithResult(
+      BrowserThread::IO,
+      FROM_HERE,
+      base::Bind(&GetCookieStoreOnIO, url_request_context_getter),
+      base::Bind(&AuthenticatedUserEmailRetriever::ExtractCookies,
+                 weak_factory_.GetWeakPtr()));
+}
+
+SigninScreenHandler::AuthenticatedUserEmailRetriever::
+    ~AuthenticatedUserEmailRetriever() {
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::OnGetUserInfoSuccess(
+    const UserInfoMap& data) {
+  UserInfoMap::const_iterator it = data.find("email");
+  callback_.Run(it != data.end() ? it->second : "");
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::OnGetUserInfoFailure(
+    const GoogleServiceAuthError& error) {
+  callback_.Run(std::string());
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::ExtractCookies(
+    scoped_refptr<net::CookieStore> cookie_store) {
+  if (!cookie_store) {
+    callback_.Run(std::string());
+    return;
+  }
+  cookie_store->GetCookieMonster()->GetAllCookiesForURLAsync(
+      GaiaUrls::GetInstance()->gaia_url(),
+      base::Bind(&AuthenticatedUserEmailRetriever::ExtractLSIDFromCookies,
+                 weak_factory_.GetWeakPtr()));
+}
+
+void SigninScreenHandler::AuthenticatedUserEmailRetriever::
+    ExtractLSIDFromCookies(const net::CookieList& cookies) {
+  for (net::CookieList::const_iterator it = cookies.begin();
+       it != cookies.end(); ++it) {
+    if (it->Name() == "LSID") {
+      gaia_auth_fetcher_.reset(new GaiaAuthFetcher(
+          this,
+          GaiaConstants::kChromeSource,
+          url_request_context_getter_));
+      gaia_auth_fetcher_->StartGetUserInfo(it->Value());
+      return;
+    }
+  }
+  callback_.Run(std::string());
+}
+
 SigninScreenHandler::SigninScreenHandler(
     const scoped_refptr<NetworkStateInformer>& network_state_informer,
     ErrorScreenActor* error_screen_actor,
@@ -729,6 +841,8 @@ void SigninScreenHandler::RegisterMessages() {
   AddCallback("focusPod", &SigninScreenHandler::HandleFocusPod);
   AddCallback("customButtonClicked",
               &SigninScreenHandler::HandleCustomButtonClicked);
+  AddCallback("retrieveAuthenticatedUserEmail",
+              &SigninScreenHandler::HandleRetrieveAuthenticatedUserEmail);
 
   // This message is sent by the kiosk app menu, but is handled here
   // so we can tell the delegate to launch the app.
@@ -1445,6 +1559,16 @@ void SigninScreenHandler::HandleCustomButtonClicked(
   user_pod_button_callback_map_[username].Run();
 }
 
+void SigninScreenHandler::HandleRetrieveAuthenticatedUserEmail(
+    double attempt_token) {
+  email_retriever_.reset(new AuthenticatedUserEmailRetriever(
+      base::Bind(&SigninScreenHandler::CallJS<double, std::string>,
+                 base::Unretained(this),
+                 "login.GaiaSigninScreen.setAuthenticatedUserEmail",
+                 attempt_token),
+      Profile::FromWebUI(web_ui())->GetRequestContext()));
+}
+
 void SigninScreenHandler::HandleLaunchKioskApp(const std::string& app_id) {
   delegate_->LoginAsKioskApp(app_id);
 }