Hook up ProximityAuthSystem in EasyUnlockService.

chrome/browser/signin/easy_unlock_service_regular.h

Index: chrome/browser/signin/easy_unlock_service_regular.h
diff --git a/chrome/browser/signin/easy_unlock_service_regular.h b/chrome/browser/signin/easy_unlock_service_regular.h
index d1febbdf34cfcb3a70a96f3fce47eb16d9edc068..24837a6e3d193cc5c8050432dbbc6df393ff3fec 100644
--- a/chrome/browser/signin/easy_unlock_service_regular.h
+++ b/chrome/browser/signin/easy_unlock_service_regular.h
@@ -13,6 +13,7 @@
 #include "base/prefs/pref_change_registrar.h"
 #include "base/time/time.h"
 #include "chrome/browser/signin/easy_unlock_service.h"
+#include "components/proximity_auth/cryptauth/cryptauth_device_manager.h"
 #include "components/proximity_auth/screenlock_bridge.h"
 #include "google_apis/gaia/oauth2_token_service.h"
 
@@ -33,7 +34,7 @@ namespace proximity_auth {
 class CryptAuthClient;
 class CryptAuthGCMManager;
 class CryptAuthEnrollmentManager;
-class CryptAuthDeviceManager;
+class RemoteDeviceLoader;
 }
 
 class EasyUnlockAppManager;
@@ -45,6 +46,7 @@ class Profile;
 class EasyUnlockServiceRegular
     : public EasyUnlockService,
       public proximity_auth::ScreenlockBridge::Observer,
+      public proximity_auth::CryptAuthDeviceManager::Observer,
       public OAuth2TokenService::Observer {
  public:
   explicit EasyUnlockServiceRegular(Profile* profile);
@@ -59,6 +61,14 @@ class EasyUnlockServiceRegular
   proximity_auth::CryptAuthDeviceManager* GetCryptAuthDeviceManager();
 
  private:
+  // Loads the RemoteDevice instances that will be supplied to
+  // ProximityAuthSystem.
+  void LoadRemoteDevices();
+
+  // Called when |remote_device_loader_| completes.
+  void OnRemoteDevicesLoaded(
+      const std::vector<proximity_auth::RemoteDevice>& remote_devices);
+
   // EasyUnlockService implementation:
   EasyUnlockService::Type GetType() const override;
   std::string GetUserEmail() const override;
@@ -82,11 +92,18 @@ class EasyUnlockServiceRegular
   void ShutdownInternal() override;
   bool IsAllowedInternal() const override;
   void OnWillFinalizeUnlock(bool success) override;
-  void OnSuspendDone() override;
+  void OnSuspendDoneInternal() override;
 
   // OAuth2TokenService::Observer:
   void OnRefreshTokenAvailable(const std::string& account_id) override;
 
+  // CryptAuthDeviceManager::Observer:
+  void OnSyncStarted() override;
+  void OnSyncFinished(
+      proximity_auth::CryptAuthDeviceManager::SyncResult sync_result,
+      proximity_auth::CryptAuthDeviceManager::DeviceChangeResult
+          device_change_result) override;
+
   // proximity_auth::ScreenlockBridge::Observer implementation:
   void OnScreenDidLock(proximity_auth::ScreenlockBridge::LockHandler::ScreenType
                            screen_type) override;
@@ -156,6 +173,13 @@ class EasyUnlockServiceRegular
   scoped_ptr<proximity_auth::CryptAuthEnrollmentManager> enrollment_manager_;
   scoped_ptr<proximity_auth::CryptAuthDeviceManager> device_manager_;
 
+  // Loads the RemoteDevice instances from CryptAuth and local data.
+  scoped_ptr<proximity_auth::RemoteDeviceLoader> remote_device_loader_;
+
+  // If a new RemoteDevice was synced while the screen is locked, for security
+  // reasons, we defer loading the RemoteDevice until the screen is unlocked.
+  bool deferring_device_load_;

[sacomoto, 2015/09/29 18:45:57]

What exactly do you mean by security reasons?

[Tim Song, 2015/09/30 00:05:04]

Basically, we don't want a network event to change things on the lock screen.
For example, if an attacker gets access to your Google account, they can
register their own unlock key. We also have another flow where syncing a new
device while logged in will require you to enter your password once after
locking.

I clarified the comments.

+
   base::WeakPtrFactory<EasyUnlockServiceRegular> weak_ptr_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(EasyUnlockServiceRegular);