| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" | 5 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/json/json_file_value_serializer.h" | 8 #include "base/json/json_file_value_serializer.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 SupervisedUserAuthentication::~SupervisedUserAuthentication() {} | 97 SupervisedUserAuthentication::~SupervisedUserAuthentication() {} |
| 98 | 98 |
| 99 SupervisedUserAuthentication::Schema | 99 SupervisedUserAuthentication::Schema |
| 100 SupervisedUserAuthentication::GetStableSchema() { | 100 SupervisedUserAuthentication::GetStableSchema() { |
| 101 return stable_schema_; | 101 return stable_schema_; |
| 102 } | 102 } |
| 103 | 103 |
| 104 UserContext SupervisedUserAuthentication::TransformKey( | 104 UserContext SupervisedUserAuthentication::TransformKey( |
| 105 const UserContext& context) { | 105 const UserContext& context) { |
| 106 UserContext result = context; | 106 UserContext result = context; |
| 107 int user_schema = GetPasswordSchema(context.GetUserID()); | 107 int user_schema = GetPasswordSchema(context.GetUserID().GetUserEmail()); |
| 108 if (user_schema == SCHEMA_PLAIN) | 108 if (user_schema == SCHEMA_PLAIN) |
| 109 return result; | 109 return result; |
| 110 | 110 |
| 111 if (user_schema == SCHEMA_SALT_HASHED) { | 111 if (user_schema == SCHEMA_SALT_HASHED) { |
| 112 base::DictionaryValue holder; | 112 base::DictionaryValue holder; |
| 113 std::string salt; | 113 std::string salt; |
| 114 owner_->GetPasswordInformation(context.GetUserID(), &holder); | 114 owner_->GetPasswordInformation(context.GetUserID().GetUserEmail(), &holder); |
| 115 holder.GetStringWithoutPathExpansion(kSalt, &salt); | 115 holder.GetStringWithoutPathExpansion(kSalt, &salt); |
| 116 DCHECK(!salt.empty()); | 116 DCHECK(!salt.empty()); |
| 117 Key* const key = result.GetKey(); | 117 Key* const key = result.GetKey(); |
| 118 key->Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, salt); | 118 key->Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, salt); |
| 119 key->SetLabel(kCryptohomeSupervisedUserKeyLabel); | 119 key->SetLabel(kCryptohomeSupervisedUserKeyLabel); |
| 120 result.SetIsUsingOAuth(false); | 120 result.SetIsUsingOAuth(false); |
| 121 return result; | 121 return result; |
| 122 } | 122 } |
| 123 NOTREACHED() << "Unknown password schema for " << context.GetUserID(); | 123 NOTREACHED() << "Unknown password schema for " |
| 124 << context.GetUserID().GetUserEmail(); |
| 124 return context; | 125 return context; |
| 125 } | 126 } |
| 126 | 127 |
| 127 bool SupervisedUserAuthentication::FillDataForNewUser( | 128 bool SupervisedUserAuthentication::FillDataForNewUser( |
| 128 const std::string& user_id, | 129 const std::string& user_id, |
| 129 const std::string& password, | 130 const std::string& password, |
| 130 base::DictionaryValue* password_data, | 131 base::DictionaryValue* password_data, |
| 131 base::DictionaryValue* extra_data) { | 132 base::DictionaryValue* extra_data) { |
| 132 Schema schema = stable_schema_; | 133 Schema schema = stable_schema_; |
| 133 if (schema == SCHEMA_PLAIN) | 134 if (schema == SCHEMA_PLAIN) |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 216 &updated_revision); | 217 &updated_revision); |
| 217 if (updated_schema > local_schema) | 218 if (updated_schema > local_schema) |
| 218 return true; | 219 return true; |
| 219 DCHECK_EQ(updated_schema, local_schema); | 220 DCHECK_EQ(updated_schema, local_schema); |
| 220 return updated_revision > local_revision; | 221 return updated_revision > local_revision; |
| 221 } | 222 } |
| 222 | 223 |
| 223 void SupervisedUserAuthentication::ScheduleSupervisedPasswordChange( | 224 void SupervisedUserAuthentication::ScheduleSupervisedPasswordChange( |
| 224 const std::string& supervised_user_id, | 225 const std::string& supervised_user_id, |
| 225 const base::DictionaryValue* password_data) { | 226 const base::DictionaryValue* password_data) { |
| 226 const user_manager::User* user = | 227 const user_manager::User* user = user_manager::UserManager::Get()->FindUser( |
| 227 user_manager::UserManager::Get()->FindUser(supervised_user_id); | 228 AccountId::FromUserEmail(supervised_user_id)); |
| 228 base::FilePath profile_path = ProfileHelper::GetProfilePathByUserIdHash( | 229 base::FilePath profile_path = ProfileHelper::GetProfilePathByUserIdHash( |
| 229 user->username_hash()); | 230 user->username_hash()); |
| 230 JSONFileValueSerializer serializer(profile_path.Append(kPasswordUpdateFile)); | 231 JSONFileValueSerializer serializer(profile_path.Append(kPasswordUpdateFile)); |
| 231 if (!serializer.Serialize(*password_data)) { | 232 if (!serializer.Serialize(*password_data)) { |
| 232 LOG(ERROR) << "Failed to schedule password update for supervised user " | 233 LOG(ERROR) << "Failed to schedule password update for supervised user " |
| 233 << supervised_user_id; | 234 << supervised_user_id; |
| 234 UMA_HISTOGRAM_ENUMERATION( | 235 UMA_HISTOGRAM_ENUMERATION( |
| 235 "ManagedUsers.ChromeOS.PasswordChange", | 236 "ManagedUsers.ChromeOS.PasswordChange", |
| 236 SupervisedUserAuthentication::PASSWORD_CHANGE_FAILED_STORE_DATA, | 237 SupervisedUserAuthentication::PASSWORD_CHANGE_FAILED_STORE_DATA, |
| 237 SupervisedUserAuthentication::PASSWORD_CHANGE_RESULT_MAX_VALUE); | 238 SupervisedUserAuthentication::PASSWORD_CHANGE_RESULT_MAX_VALUE); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 274 base::DictionaryValue holder; | 275 base::DictionaryValue holder; |
| 275 owner_->GetPasswordInformation(user_id, &holder); | 276 owner_->GetPasswordInformation(user_id, &holder); |
| 276 holder.SetBoolean(kHasIncompleteKey, incomplete); | 277 holder.SetBoolean(kHasIncompleteKey, incomplete); |
| 277 owner_->SetPasswordInformation(user_id, &holder); | 278 owner_->SetPasswordInformation(user_id, &holder); |
| 278 } | 279 } |
| 279 | 280 |
| 280 void SupervisedUserAuthentication::LoadPasswordUpdateData( | 281 void SupervisedUserAuthentication::LoadPasswordUpdateData( |
| 281 const std::string& user_id, | 282 const std::string& user_id, |
| 282 const PasswordDataCallback& success_callback, | 283 const PasswordDataCallback& success_callback, |
| 283 const base::Closure& failure_callback) { | 284 const base::Closure& failure_callback) { |
| 284 const user_manager::User* user = | 285 const user_manager::User* user = user_manager::UserManager::Get()->FindUser( |
| 285 user_manager::UserManager::Get()->FindUser(user_id); | 286 AccountId::FromUserEmail(user_id)); |
| 286 base::FilePath profile_path = | 287 base::FilePath profile_path = |
| 287 ProfileHelper::GetProfilePathByUserIdHash(user->username_hash()); | 288 ProfileHelper::GetProfilePathByUserIdHash(user->username_hash()); |
| 288 PostTaskAndReplyWithResult( | 289 PostTaskAndReplyWithResult( |
| 289 content::BrowserThread::GetBlockingPool() | 290 content::BrowserThread::GetBlockingPool() |
| 290 ->GetTaskRunnerWithShutdownBehavior( | 291 ->GetTaskRunnerWithShutdownBehavior( |
| 291 base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN) | 292 base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN) |
| 292 .get(), | 293 .get(), |
| 293 FROM_HERE, base::Bind(&LoadPasswordData, profile_path), | 294 FROM_HERE, base::Bind(&LoadPasswordData, profile_path), |
| 294 base::Bind(&OnPasswordDataLoaded, success_callback, failure_callback)); | 295 base::Bind(&OnPasswordDataLoaded, success_callback, failure_callback)); |
| 295 } | 296 } |
| (...skipping 20 matching lines...) Expand all Loading... |
| 316 LOG(FATAL) << "HMAC::Sign failed"; | 317 LOG(FATAL) << "HMAC::Sign failed"; |
| 317 | 318 |
| 318 std::string raw_result(out_bytes, out_bytes + sizeof(out_bytes)); | 319 std::string raw_result(out_bytes, out_bytes + sizeof(out_bytes)); |
| 319 | 320 |
| 320 std::string result; | 321 std::string result; |
| 321 base::Base64Encode(raw_result, &result); | 322 base::Base64Encode(raw_result, &result); |
| 322 return result; | 323 return result; |
| 323 } | 324 } |
| 324 | 325 |
| 325 } // namespace chromeos | 326 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1412813003:
This CL replaces user_manager::UserID with AccountId. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@468875--Chrome-OS-handles-deletion-of-Gmail-account-poorly--Create-AccountID-structure-part2--user_names