| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/signin/oauth2_login_manager.h" | 5 #include "chrome/browser/chromeos/login/signin/oauth2_login_manager.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| 11 #include "base/metrics/histogram.h" | 11 #include "base/metrics/histogram.h" |
| 12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 13 #include "chrome/browser/signin/account_tracker_service_factory.h" | 13 #include "chrome/browser/signin/account_tracker_service_factory.h" |
| 14 #include "chrome/browser/signin/chrome_signin_client_factory.h" | 14 #include "chrome/browser/signin/chrome_signin_client_factory.h" |
| 15 #include "chrome/browser/signin/gaia_cookie_manager_service_factory.h" | 15 #include "chrome/browser/signin/gaia_cookie_manager_service_factory.h" |
| 16 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" | 16 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
| 17 #include "chrome/browser/signin/signin_manager_factory.h" | 17 #include "chrome/browser/signin/signin_manager_factory.h" |
| 18 #include "chromeos/chromeos_switches.h" | 18 #include "chromeos/chromeos_switches.h" |
| 19 #include "components/signin/core/account_id/account_id.h" |
| 19 #include "components/signin/core/browser/account_tracker_service.h" | 20 #include "components/signin/core/browser/account_tracker_service.h" |
| 20 #include "components/signin/core/browser/profile_oauth2_token_service.h" | 21 #include "components/signin/core/browser/profile_oauth2_token_service.h" |
| 21 #include "components/signin/core/browser/signin_client.h" | 22 #include "components/signin/core/browser/signin_client.h" |
| 22 #include "components/signin/core/browser/signin_manager.h" | 23 #include "components/signin/core/browser/signin_manager.h" |
| 23 #include "components/user_manager/user.h" | 24 #include "components/user_manager/user.h" |
| 24 #include "components/user_manager/user_manager.h" | 25 #include "components/user_manager/user_manager.h" |
| 25 #include "google_apis/gaia/gaia_auth_util.h" | 26 #include "google_apis/gaia/gaia_auth_util.h" |
| 26 #include "google_apis/gaia/gaia_urls.h" | 27 #include "google_apis/gaia/gaia_urls.h" |
| 27 | 28 |
| 28 namespace chromeos { | 29 namespace chromeos { |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 101 VLOG(1) << "OAuth2 refresh token is already loaded."; | 102 VLOG(1) << "OAuth2 refresh token is already loaded."; |
| 102 VerifySessionCookies(); | 103 VerifySessionCookies(); |
| 103 } else { | 104 } else { |
| 104 VLOG(1) << "Loading OAuth2 refresh token from database."; | 105 VLOG(1) << "Loading OAuth2 refresh token from database."; |
| 105 | 106 |
| 106 // Flag user with unknown token status in case there are no saved tokens | 107 // Flag user with unknown token status in case there are no saved tokens |
| 107 // and OnRefreshTokenAvailable is not called. Flagging it here would | 108 // and OnRefreshTokenAvailable is not called. Flagging it here would |
| 108 // cause user to go through Gaia in next login to obtain a new refresh | 109 // cause user to go through Gaia in next login to obtain a new refresh |
| 109 // token. | 110 // token. |
| 110 user_manager::UserManager::Get()->SaveUserOAuthStatus( | 111 user_manager::UserManager::Get()->SaveUserOAuthStatus( |
| 111 primary_account_id, user_manager::User::OAUTH_TOKEN_STATUS_UNKNOWN); | 112 AccountId::FromUserEmail(primary_account_id), |
| 113 user_manager::User::OAUTH_TOKEN_STATUS_UNKNOWN); |
| 112 | 114 |
| 113 token_service->LoadCredentials(primary_account_id); | 115 token_service->LoadCredentials(primary_account_id); |
| 114 } | 116 } |
| 115 } | 117 } |
| 116 | 118 |
| 117 void OAuth2LoginManager::Stop() { | 119 void OAuth2LoginManager::Stop() { |
| 118 oauth2_token_fetcher_.reset(); | 120 oauth2_token_fetcher_.reset(); |
| 119 login_verifier_.reset(); | 121 login_verifier_.reset(); |
| 120 } | 122 } |
| 121 | 123 |
| 122 bool OAuth2LoginManager::SessionRestoreIsRunning() const { | 124 bool OAuth2LoginManager::SessionRestoreIsRunning() const { |
| 123 return state_ == SESSION_RESTORE_PREPARING || | 125 return state_ == SESSION_RESTORE_PREPARING || |
| 124 state_ == SESSION_RESTORE_IN_PROGRESS; | 126 state_ == SESSION_RESTORE_IN_PROGRESS; |
| 125 } | 127 } |
| 126 | 128 |
| 127 bool OAuth2LoginManager::ShouldBlockTabLoading() const { | 129 bool OAuth2LoginManager::ShouldBlockTabLoading() const { |
| 128 return SessionRestoreIsRunning(); | 130 return SessionRestoreIsRunning(); |
| 129 } | 131 } |
| 130 | 132 |
| 131 void OAuth2LoginManager::OnRefreshTokenAvailable( | 133 void OAuth2LoginManager::OnRefreshTokenAvailable( |
| 132 const std::string& account_id) { | 134 const std::string& user_email) { |
| 133 VLOG(1) << "OnRefreshTokenAvailable"; | 135 VLOG(1) << "OnRefreshTokenAvailable"; |
| 134 | 136 |
| 135 if (state_ == SESSION_RESTORE_NOT_STARTED) | 137 if (state_ == SESSION_RESTORE_NOT_STARTED) |
| 136 return; | 138 return; |
| 137 | 139 |
| 138 // TODO(fgorski): Once ProfileOAuth2TokenService supports multi-login, make | 140 // TODO(fgorski): Once ProfileOAuth2TokenService supports multi-login, make |
| 139 // sure to restore session cookies in the context of the correct account_id. | 141 // sure to restore session cookies in the context of the correct user_email. |
| 140 | 142 |
| 141 // Do not validate tokens for supervised users, as they don't actually have | 143 // Do not validate tokens for supervised users, as they don't actually have |
| 142 // oauth2 token. | 144 // oauth2 token. |
| 143 if (user_manager::UserManager::Get()->IsLoggedInAsSupervisedUser()) { | 145 if (user_manager::UserManager::Get()->IsLoggedInAsSupervisedUser()) { |
| 144 VLOG(1) << "Logged in as supervised user, skip token validation."; | 146 VLOG(1) << "Logged in as supervised user, skip token validation."; |
| 145 return; | 147 return; |
| 146 } | 148 } |
| 147 // Only restore session cookies for the primary account in the profile. | 149 // Only restore session cookies for the primary account in the profile. |
| 148 if (GetPrimaryAccountId() == account_id) { | 150 if (GetPrimaryAccountId() == user_email) { |
| 149 // Token is loaded. Undo the flagging before token loading. | 151 // Token is loaded. Undo the flagging before token loading. |
| 150 user_manager::UserManager::Get()->SaveUserOAuthStatus( | 152 user_manager::UserManager::Get()->SaveUserOAuthStatus( |
| 151 account_id, user_manager::User::OAUTH2_TOKEN_STATUS_VALID); | 153 AccountId::FromUserEmail(user_email), |
| 154 user_manager::User::OAUTH2_TOKEN_STATUS_VALID); |
| 152 VerifySessionCookies(); | 155 VerifySessionCookies(); |
| 153 } | 156 } |
| 154 } | 157 } |
| 155 | 158 |
| 156 ProfileOAuth2TokenService* OAuth2LoginManager::GetTokenService() { | 159 ProfileOAuth2TokenService* OAuth2LoginManager::GetTokenService() { |
| 157 return ProfileOAuth2TokenServiceFactory::GetForProfile(user_profile_); | 160 return ProfileOAuth2TokenServiceFactory::GetForProfile(user_profile_); |
| 158 } | 161 } |
| 159 | 162 |
| 160 const std::string& OAuth2LoginManager::GetPrimaryAccountId() { | 163 const std::string& OAuth2LoginManager::GetPrimaryAccountId() { |
| 161 SigninManagerBase* signin_manager = | 164 SigninManagerBase* signin_manager = |
| (...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 409 FOR_EACH_OBSERVER(Observer, observer_list_, | 412 FOR_EACH_OBSERVER(Observer, observer_list_, |
| 410 OnSessionRestoreStateChanged(user_profile_, state_)); | 413 OnSessionRestoreStateChanged(user_profile_, state_)); |
| 411 } | 414 } |
| 412 | 415 |
| 413 void OAuth2LoginManager::SetSessionRestoreStartForTesting( | 416 void OAuth2LoginManager::SetSessionRestoreStartForTesting( |
| 414 const base::Time& time) { | 417 const base::Time& time) { |
| 415 session_restore_start_ = time; | 418 session_restore_start_ = time; |
| 416 } | 419 } |
| 417 | 420 |
| 418 } // namespace chromeos | 421 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1412813003:
This CL replaces user_manager::UserID with AccountId. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@468875--Chrome-OS-handles-deletion-of-Gmail-account-poorly--Create-AccountID-structure-part2--user_names