| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" | 5 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/json/json_file_value_serializer.h" | 8 #include "base/json/json_file_value_serializer.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 SupervisedUserAuthentication::~SupervisedUserAuthentication() {} | 97 SupervisedUserAuthentication::~SupervisedUserAuthentication() {} |
| 98 | 98 |
| 99 SupervisedUserAuthentication::Schema | 99 SupervisedUserAuthentication::Schema |
| 100 SupervisedUserAuthentication::GetStableSchema() { | 100 SupervisedUserAuthentication::GetStableSchema() { |
| 101 return stable_schema_; | 101 return stable_schema_; |
| 102 } | 102 } |
| 103 | 103 |
| 104 UserContext SupervisedUserAuthentication::TransformKey( | 104 UserContext SupervisedUserAuthentication::TransformKey( |
| 105 const UserContext& context) { | 105 const UserContext& context) { |
| 106 UserContext result = context; | 106 UserContext result = context; |
| 107 int user_schema = GetPasswordSchema(context.GetUserID()); | 107 int user_schema = GetPasswordSchema(context.GetAccountId().GetUserEmail()); |
| 108 if (user_schema == SCHEMA_PLAIN) | 108 if (user_schema == SCHEMA_PLAIN) |
| 109 return result; | 109 return result; |
| 110 | 110 |
| 111 if (user_schema == SCHEMA_SALT_HASHED) { | 111 if (user_schema == SCHEMA_SALT_HASHED) { |
| 112 base::DictionaryValue holder; | 112 base::DictionaryValue holder; |
| 113 std::string salt; | 113 std::string salt; |
| 114 owner_->GetPasswordInformation(context.GetUserID(), &holder); | 114 owner_->GetPasswordInformation(context.GetAccountId().GetUserEmail(), |
| 115 &holder); |
| 115 holder.GetStringWithoutPathExpansion(kSalt, &salt); | 116 holder.GetStringWithoutPathExpansion(kSalt, &salt); |
| 116 DCHECK(!salt.empty()); | 117 DCHECK(!salt.empty()); |
| 117 Key* const key = result.GetKey(); | 118 Key* const key = result.GetKey(); |
| 118 key->Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, salt); | 119 key->Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, salt); |
| 119 key->SetLabel(kCryptohomeSupervisedUserKeyLabel); | 120 key->SetLabel(kCryptohomeSupervisedUserKeyLabel); |
| 120 result.SetIsUsingOAuth(false); | 121 result.SetIsUsingOAuth(false); |
| 121 return result; | 122 return result; |
| 122 } | 123 } |
| 123 NOTREACHED() << "Unknown password schema for " << context.GetUserID(); | 124 NOTREACHED() << "Unknown password schema for " |
| 125 << context.GetAccountId().GetUserEmail(); |
| 124 return context; | 126 return context; |
| 125 } | 127 } |
| 126 | 128 |
| 127 bool SupervisedUserAuthentication::FillDataForNewUser( | 129 bool SupervisedUserAuthentication::FillDataForNewUser( |
| 128 const std::string& user_id, | 130 const std::string& user_id, |
| 129 const std::string& password, | 131 const std::string& password, |
| 130 base::DictionaryValue* password_data, | 132 base::DictionaryValue* password_data, |
| 131 base::DictionaryValue* extra_data) { | 133 base::DictionaryValue* extra_data) { |
| 132 Schema schema = stable_schema_; | 134 Schema schema = stable_schema_; |
| 133 if (schema == SCHEMA_PLAIN) | 135 if (schema == SCHEMA_PLAIN) |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 216 &updated_revision); | 218 &updated_revision); |
| 217 if (updated_schema > local_schema) | 219 if (updated_schema > local_schema) |
| 218 return true; | 220 return true; |
| 219 DCHECK_EQ(updated_schema, local_schema); | 221 DCHECK_EQ(updated_schema, local_schema); |
| 220 return updated_revision > local_revision; | 222 return updated_revision > local_revision; |
| 221 } | 223 } |
| 222 | 224 |
| 223 void SupervisedUserAuthentication::ScheduleSupervisedPasswordChange( | 225 void SupervisedUserAuthentication::ScheduleSupervisedPasswordChange( |
| 224 const std::string& supervised_user_id, | 226 const std::string& supervised_user_id, |
| 225 const base::DictionaryValue* password_data) { | 227 const base::DictionaryValue* password_data) { |
| 226 const user_manager::User* user = | 228 const user_manager::User* user = user_manager::UserManager::Get()->FindUser( |
| 227 user_manager::UserManager::Get()->FindUser(supervised_user_id); | 229 AccountId::FromUserEmail(supervised_user_id)); |
| 228 base::FilePath profile_path = ProfileHelper::GetProfilePathByUserIdHash( | 230 base::FilePath profile_path = ProfileHelper::GetProfilePathByUserIdHash( |
| 229 user->username_hash()); | 231 user->username_hash()); |
| 230 JSONFileValueSerializer serializer(profile_path.Append(kPasswordUpdateFile)); | 232 JSONFileValueSerializer serializer(profile_path.Append(kPasswordUpdateFile)); |
| 231 if (!serializer.Serialize(*password_data)) { | 233 if (!serializer.Serialize(*password_data)) { |
| 232 LOG(ERROR) << "Failed to schedule password update for supervised user " | 234 LOG(ERROR) << "Failed to schedule password update for supervised user " |
| 233 << supervised_user_id; | 235 << supervised_user_id; |
| 234 UMA_HISTOGRAM_ENUMERATION( | 236 UMA_HISTOGRAM_ENUMERATION( |
| 235 "ManagedUsers.ChromeOS.PasswordChange", | 237 "ManagedUsers.ChromeOS.PasswordChange", |
| 236 SupervisedUserAuthentication::PASSWORD_CHANGE_FAILED_STORE_DATA, | 238 SupervisedUserAuthentication::PASSWORD_CHANGE_FAILED_STORE_DATA, |
| 237 SupervisedUserAuthentication::PASSWORD_CHANGE_RESULT_MAX_VALUE); | 239 SupervisedUserAuthentication::PASSWORD_CHANGE_RESULT_MAX_VALUE); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 274 base::DictionaryValue holder; | 276 base::DictionaryValue holder; |
| 275 owner_->GetPasswordInformation(user_id, &holder); | 277 owner_->GetPasswordInformation(user_id, &holder); |
| 276 holder.SetBoolean(kHasIncompleteKey, incomplete); | 278 holder.SetBoolean(kHasIncompleteKey, incomplete); |
| 277 owner_->SetPasswordInformation(user_id, &holder); | 279 owner_->SetPasswordInformation(user_id, &holder); |
| 278 } | 280 } |
| 279 | 281 |
| 280 void SupervisedUserAuthentication::LoadPasswordUpdateData( | 282 void SupervisedUserAuthentication::LoadPasswordUpdateData( |
| 281 const std::string& user_id, | 283 const std::string& user_id, |
| 282 const PasswordDataCallback& success_callback, | 284 const PasswordDataCallback& success_callback, |
| 283 const base::Closure& failure_callback) { | 285 const base::Closure& failure_callback) { |
| 284 const user_manager::User* user = | 286 const user_manager::User* user = user_manager::UserManager::Get()->FindUser( |
| 285 user_manager::UserManager::Get()->FindUser(user_id); | 287 AccountId::FromUserEmail(user_id)); |
| 286 base::FilePath profile_path = | 288 base::FilePath profile_path = |
| 287 ProfileHelper::GetProfilePathByUserIdHash(user->username_hash()); | 289 ProfileHelper::GetProfilePathByUserIdHash(user->username_hash()); |
| 288 PostTaskAndReplyWithResult( | 290 PostTaskAndReplyWithResult( |
| 289 content::BrowserThread::GetBlockingPool() | 291 content::BrowserThread::GetBlockingPool() |
| 290 ->GetTaskRunnerWithShutdownBehavior( | 292 ->GetTaskRunnerWithShutdownBehavior( |
| 291 base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN) | 293 base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN) |
| 292 .get(), | 294 .get(), |
| 293 FROM_HERE, base::Bind(&LoadPasswordData, profile_path), | 295 FROM_HERE, base::Bind(&LoadPasswordData, profile_path), |
| 294 base::Bind(&OnPasswordDataLoaded, success_callback, failure_callback)); | 296 base::Bind(&OnPasswordDataLoaded, success_callback, failure_callback)); |
| 295 } | 297 } |
| (...skipping 20 matching lines...) Expand all Loading... |
| 316 LOG(FATAL) << "HMAC::Sign failed"; | 318 LOG(FATAL) << "HMAC::Sign failed"; |
| 317 | 319 |
| 318 std::string raw_result(out_bytes, out_bytes + sizeof(out_bytes)); | 320 std::string raw_result(out_bytes, out_bytes + sizeof(out_bytes)); |
| 319 | 321 |
| 320 std::string result; | 322 std::string result; |
| 321 base::Base64Encode(raw_result, &result); | 323 base::Base64Encode(raw_result, &result); |
| 322 return result; | 324 return result; |
| 323 } | 325 } |
| 324 | 326 |
| 325 } // namespace chromeos | 327 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1412813003:
This CL replaces user_manager::UserID with AccountId. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@468875--Chrome-OS-handles-deletion-of-Gmail-account-poorly--Create-AccountID-structure-part2--user_names