Chromium Code Reviews Chromium Code Reviews
Issue 138133006:
Add credential passing API for Chrome OS SAML login (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 /** | 5 /** |
| 6 * @fileoverview | 6 * @fileoverview |
| 7 * The background script of auth extension that bridges the communications | 7 * A background script of the auth extension that bridges the communication |
| 8 * between main and injected script. | 8 * between the main and injected scripts. |
| 9 * Here are the communications along a SAML sign-in flow: | 9 * |
| 10 * 1. Main script sends an 'onAuthStarted' signal to indicate the authentication | 10 * Here is an overview of the communication flow when SAML is being used: |
| 11 * flow is started and SAML pages might be loaded from now on; | 11 * 1. The main script sends the |startAuth| signal to this background script, |
| 12 * 2. After the 'onAuthTstarted' signal, injected script starts to scraping | 12 * indicating that the authentication flow has started and SAML pages may be |
| 13 * all password fields on normal page (i.e. http or https) and sends page | 13 * loaded from now on. |
| 14 * load signal as well as the passwords to the background script here; | 14 * 2. A script is injected into each SAML page. The injected script sends three |
| 15 * main types of messages to this background script: | |
| 16 * a) A |pageLoaded| message is sent when the page has been loaded. This is | |
| 17 * forwarded to the main script as |onAuthPageLoaded|. | |
| 18 * b) If the SAML provider supports the credential passing API, the API calls | |
| 19 * are sent to this backgroudn script as |apiCall| messages. These | |
| 20 * messages are forwarded unmodified to the main script. | |
| 21 * c) The injected script scrapes passwords. They are sent to this background | |
| 22 * script in |updatePassword| messages. The main script can request a list | |
| 23 * of the scraped passwords by sending the |getScrapedPasswords| message. | |
|
xiyuan
2014/01/14 21:21:30
Thank you for the better documentation.
| |
| 15 */ | 24 */ |
| 16 | 25 |
| 17 /** | 26 /** |
| 18 * BackgroundBridge holds the main script's state and the scraped passwords | 27 * BackgroundBridge allows the main script and the injected script to |
| 19 * from the injected script to help the two collaborate. | 28 * collaborate. It forwards credentials API calls to the main script and |
| 29 * maintains a list of scraped passwords. | |
| 20 */ | 30 */ |
| 21 function BackgroundBridge() { | 31 function BackgroundBridge() { |
| 22 } | 32 } |
| 23 | 33 |
| 24 BackgroundBridge.prototype = { | 34 BackgroundBridge.prototype = { |
| 25 // Gaia URL base that is set from main auth script. | 35 // Gaia URL base that is set from main auth script. |
| 26 gaiaUrl_: null, | 36 gaiaUrl_: null, |
| 27 | 37 |
| 28 // Whether auth flow has started. It is used as a signal of whether the | 38 // Whether auth flow has started. It is used as a signal of whether the |
| 29 // injected script should scrape passwords. | 39 // injected script should scrape passwords. |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 82 this.onGetScrapedPasswords_.bind(this)); | 92 this.onGetScrapedPasswords_.bind(this)); |
| 83 }, | 93 }, |
| 84 | 94 |
| 85 /** | 95 /** |
| 86 * Sets up the communication channel with the injected script. | 96 * Sets up the communication channel with the injected script. |
| 87 */ | 97 */ |
| 88 setupForInjected_: function(port) { | 98 setupForInjected_: function(port) { |
| 89 this.channelInjected_ = new Channel(); | 99 this.channelInjected_ = new Channel(); |
| 90 this.channelInjected_.init(port); | 100 this.channelInjected_.init(port); |
| 91 this.channelInjected_.registerMessage( | 101 this.channelInjected_.registerMessage( |
| 102 'apiCall', this.onAPICall_.bind(this)); | |
| 103 this.channelInjected_.registerMessage( | |
| 92 'updatePassword', this.onUpdatePassword_.bind(this)); | 104 'updatePassword', this.onUpdatePassword_.bind(this)); |
| 93 this.channelInjected_.registerMessage( | 105 this.channelInjected_.registerMessage( |
| 94 'pageLoaded', this.onPageLoaded_.bind(this)); | 106 'pageLoaded', this.onPageLoaded_.bind(this)); |
| 95 }, | 107 }, |
| 96 | 108 |
| 97 /** | 109 /** |
| 98 * Handler for 'setGaiaUrl' signal sent from the main script. | 110 * Handler for 'setGaiaUrl' signal sent from the main script. |
| 99 */ | 111 */ |
| 100 onSetGaiaUrl_: function(msg) { | 112 onSetGaiaUrl_: function(msg) { |
| 101 this.gaiaUrl_ = msg.gaiaUrl; | 113 this.gaiaUrl_ = msg.gaiaUrl; |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 134 * @return {Array.<string>} The array with de-duped scraped passwords. | 146 * @return {Array.<string>} The array with de-duped scraped passwords. |
| 135 */ | 147 */ |
| 136 onGetScrapedPasswords_: function() { | 148 onGetScrapedPasswords_: function() { |
| 137 var passwords = {}; | 149 var passwords = {}; |
| 138 for (var property in this.passwordStore_) { | 150 for (var property in this.passwordStore_) { |
| 139 passwords[this.passwordStore_[property]] = true; | 151 passwords[this.passwordStore_[property]] = true; |
| 140 } | 152 } |
| 141 return Object.keys(passwords); | 153 return Object.keys(passwords); |
| 142 }, | 154 }, |
| 143 | 155 |
| 156 onAPICall_: function(msg) { | |
| 157 this.channelMain_.send(msg); | |
| 158 }, | |
| 159 | |
| 144 onUpdatePassword_: function(msg) { | 160 onUpdatePassword_: function(msg) { |
| 145 if (!this.authStarted_) | 161 if (!this.authStarted_) |
| 146 return; | 162 return; |
| 147 | 163 |
| 148 this.passwordStore_[msg.id] = msg.password; | 164 this.passwordStore_[msg.id] = msg.password; |
| 149 }, | 165 }, |
| 150 | 166 |
| 151 onPageLoaded_: function(msg) { | 167 onPageLoaded_: function(msg) { |
| 152 this.channelMain_.send({name: 'onAuthPageLoaded', url: msg.url}); | 168 this.channelMain_.send({name: 'onAuthPageLoaded', url: msg.url}); |
| 153 } | 169 } |
| 154 }; | 170 }; |
| 155 | 171 |
| 156 var backgroundBridge = new BackgroundBridge(); | 172 var backgroundBridge = new BackgroundBridge(); |
| 157 backgroundBridge.run(); | 173 backgroundBridge.run(); |
| OLD | NEW |
