| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" | 5 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/json/json_file_value_serializer.h" | 8 #include "base/json/json_file_value_serializer.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 SupervisedUserAuthentication::~SupervisedUserAuthentication() {} | 97 SupervisedUserAuthentication::~SupervisedUserAuthentication() {} |
| 98 | 98 |
| 99 SupervisedUserAuthentication::Schema | 99 SupervisedUserAuthentication::Schema |
| 100 SupervisedUserAuthentication::GetStableSchema() { | 100 SupervisedUserAuthentication::GetStableSchema() { |
| 101 return stable_schema_; | 101 return stable_schema_; |
| 102 } | 102 } |
| 103 | 103 |
| 104 UserContext SupervisedUserAuthentication::TransformKey( | 104 UserContext SupervisedUserAuthentication::TransformKey( |
| 105 const UserContext& context) { | 105 const UserContext& context) { |
| 106 UserContext result = context; | 106 UserContext result = context; |
| 107 int user_schema = GetPasswordSchema(context.GetAccountId().GetUserEmail()); | 107 int user_schema = GetPasswordSchema(context.GetUserID()); |
| 108 if (user_schema == SCHEMA_PLAIN) | 108 if (user_schema == SCHEMA_PLAIN) |
| 109 return result; | 109 return result; |
| 110 | 110 |
| 111 if (user_schema == SCHEMA_SALT_HASHED) { | 111 if (user_schema == SCHEMA_SALT_HASHED) { |
| 112 base::DictionaryValue holder; | 112 base::DictionaryValue holder; |
| 113 std::string salt; | 113 std::string salt; |
| 114 owner_->GetPasswordInformation(context.GetAccountId().GetUserEmail(), | 114 owner_->GetPasswordInformation(context.GetUserID(), &holder); |
| 115 &holder); | |
| 116 holder.GetStringWithoutPathExpansion(kSalt, &salt); | 115 holder.GetStringWithoutPathExpansion(kSalt, &salt); |
| 117 DCHECK(!salt.empty()); | 116 DCHECK(!salt.empty()); |
| 118 Key* const key = result.GetKey(); | 117 Key* const key = result.GetKey(); |
| 119 key->Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, salt); | 118 key->Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, salt); |
| 120 key->SetLabel(kCryptohomeSupervisedUserKeyLabel); | 119 key->SetLabel(kCryptohomeSupervisedUserKeyLabel); |
| 121 result.SetIsUsingOAuth(false); | 120 result.SetIsUsingOAuth(false); |
| 122 return result; | 121 return result; |
| 123 } | 122 } |
| 124 NOTREACHED() << "Unknown password schema for " | 123 NOTREACHED() << "Unknown password schema for " << context.GetUserID(); |
| 125 << context.GetAccountId().GetUserEmail(); | |
| 126 return context; | 124 return context; |
| 127 } | 125 } |
| 128 | 126 |
| 129 bool SupervisedUserAuthentication::FillDataForNewUser( | 127 bool SupervisedUserAuthentication::FillDataForNewUser( |
| 130 const std::string& user_id, | 128 const std::string& user_id, |
| 131 const std::string& password, | 129 const std::string& password, |
| 132 base::DictionaryValue* password_data, | 130 base::DictionaryValue* password_data, |
| 133 base::DictionaryValue* extra_data) { | 131 base::DictionaryValue* extra_data) { |
| 134 Schema schema = stable_schema_; | 132 Schema schema = stable_schema_; |
| 135 if (schema == SCHEMA_PLAIN) | 133 if (schema == SCHEMA_PLAIN) |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 218 &updated_revision); | 216 &updated_revision); |
| 219 if (updated_schema > local_schema) | 217 if (updated_schema > local_schema) |
| 220 return true; | 218 return true; |
| 221 DCHECK_EQ(updated_schema, local_schema); | 219 DCHECK_EQ(updated_schema, local_schema); |
| 222 return updated_revision > local_revision; | 220 return updated_revision > local_revision; |
| 223 } | 221 } |
| 224 | 222 |
| 225 void SupervisedUserAuthentication::ScheduleSupervisedPasswordChange( | 223 void SupervisedUserAuthentication::ScheduleSupervisedPasswordChange( |
| 226 const std::string& supervised_user_id, | 224 const std::string& supervised_user_id, |
| 227 const base::DictionaryValue* password_data) { | 225 const base::DictionaryValue* password_data) { |
| 228 const user_manager::User* user = user_manager::UserManager::Get()->FindUser( | 226 const user_manager::User* user = |
| 229 AccountId::FromUserEmail(supervised_user_id)); | 227 user_manager::UserManager::Get()->FindUser(supervised_user_id); |
| 230 base::FilePath profile_path = ProfileHelper::GetProfilePathByUserIdHash( | 228 base::FilePath profile_path = ProfileHelper::GetProfilePathByUserIdHash( |
| 231 user->username_hash()); | 229 user->username_hash()); |
| 232 JSONFileValueSerializer serializer(profile_path.Append(kPasswordUpdateFile)); | 230 JSONFileValueSerializer serializer(profile_path.Append(kPasswordUpdateFile)); |
| 233 if (!serializer.Serialize(*password_data)) { | 231 if (!serializer.Serialize(*password_data)) { |
| 234 LOG(ERROR) << "Failed to schedule password update for supervised user " | 232 LOG(ERROR) << "Failed to schedule password update for supervised user " |
| 235 << supervised_user_id; | 233 << supervised_user_id; |
| 236 UMA_HISTOGRAM_ENUMERATION( | 234 UMA_HISTOGRAM_ENUMERATION( |
| 237 "ManagedUsers.ChromeOS.PasswordChange", | 235 "ManagedUsers.ChromeOS.PasswordChange", |
| 238 SupervisedUserAuthentication::PASSWORD_CHANGE_FAILED_STORE_DATA, | 236 SupervisedUserAuthentication::PASSWORD_CHANGE_FAILED_STORE_DATA, |
| 239 SupervisedUserAuthentication::PASSWORD_CHANGE_RESULT_MAX_VALUE); | 237 SupervisedUserAuthentication::PASSWORD_CHANGE_RESULT_MAX_VALUE); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 276 base::DictionaryValue holder; | 274 base::DictionaryValue holder; |
| 277 owner_->GetPasswordInformation(user_id, &holder); | 275 owner_->GetPasswordInformation(user_id, &holder); |
| 278 holder.SetBoolean(kHasIncompleteKey, incomplete); | 276 holder.SetBoolean(kHasIncompleteKey, incomplete); |
| 279 owner_->SetPasswordInformation(user_id, &holder); | 277 owner_->SetPasswordInformation(user_id, &holder); |
| 280 } | 278 } |
| 281 | 279 |
| 282 void SupervisedUserAuthentication::LoadPasswordUpdateData( | 280 void SupervisedUserAuthentication::LoadPasswordUpdateData( |
| 283 const std::string& user_id, | 281 const std::string& user_id, |
| 284 const PasswordDataCallback& success_callback, | 282 const PasswordDataCallback& success_callback, |
| 285 const base::Closure& failure_callback) { | 283 const base::Closure& failure_callback) { |
| 286 const user_manager::User* user = user_manager::UserManager::Get()->FindUser( | 284 const user_manager::User* user = |
| 287 AccountId::FromUserEmail(user_id)); | 285 user_manager::UserManager::Get()->FindUser(user_id); |
| 288 base::FilePath profile_path = | 286 base::FilePath profile_path = |
| 289 ProfileHelper::GetProfilePathByUserIdHash(user->username_hash()); | 287 ProfileHelper::GetProfilePathByUserIdHash(user->username_hash()); |
| 290 PostTaskAndReplyWithResult( | 288 PostTaskAndReplyWithResult( |
| 291 content::BrowserThread::GetBlockingPool() | 289 content::BrowserThread::GetBlockingPool() |
| 292 ->GetTaskRunnerWithShutdownBehavior( | 290 ->GetTaskRunnerWithShutdownBehavior( |
| 293 base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN) | 291 base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN) |
| 294 .get(), | 292 .get(), |
| 295 FROM_HERE, base::Bind(&LoadPasswordData, profile_path), | 293 FROM_HERE, base::Bind(&LoadPasswordData, profile_path), |
| 296 base::Bind(&OnPasswordDataLoaded, success_callback, failure_callback)); | 294 base::Bind(&OnPasswordDataLoaded, success_callback, failure_callback)); |
| 297 } | 295 } |
| (...skipping 20 matching lines...) Expand all Loading... |
| 318 LOG(FATAL) << "HMAC::Sign failed"; | 316 LOG(FATAL) << "HMAC::Sign failed"; |
| 319 | 317 |
| 320 std::string raw_result(out_bytes, out_bytes + sizeof(out_bytes)); | 318 std::string raw_result(out_bytes, out_bytes + sizeof(out_bytes)); |
| 321 | 319 |
| 322 std::string result; | 320 std::string result; |
| 323 base::Base64Encode(raw_result, &result); | 321 base::Base64Encode(raw_result, &result); |
| 324 return result; | 322 return result; |
| 325 } | 323 } |
| 326 | 324 |
| 327 } // namespace chromeos | 325 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1425093004:
Revert of This CL replaces user_manager::UserID with AccountId. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@468875--Chrome-OS-handles-deletion-of-Gmail-account-poorly--Create-AccountID-structure-part2--user_names