| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ |
| 7 |
| 8 #include "base/basictypes.h" |
| 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/prefs/pref_change_registrar.h" |
| 11 #include "base/time/default_clock.h" |
| 12 #include "base/time/time.h" |
| 13 #include "base/timer/timer.h" |
| 14 #include "chrome/browser/chromeos/login/user.h" |
| 15 #include "components/browser_context_keyed_service/browser_context_keyed_service
.h" |
| 16 |
| 17 class Profile; |
| 18 |
| 19 namespace base { |
| 20 class Clock; |
| 21 } |
| 22 |
| 23 namespace user_prefs { |
| 24 class PrefRegistrySyncable; |
| 25 } |
| 26 |
| 27 namespace chromeos { |
| 28 |
| 29 // Enforces a limit on the length of time for which a user authenticated via |
| 30 // SAML can use offline authentication against a cached password before being |
| 31 // forced to go through online authentication against GAIA again. |
| 32 class SAMLOfflineSigninLimiter : public BrowserContextKeyedService { |
| 33 public: |
| 34 // Registers preferences. |
| 35 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); |
| 36 |
| 37 // Called when the user successfully authenticates. |auth_flow| indicates |
| 38 // the type of authentication flow that the user went through. |
| 39 void SignedIn(UserContext::AuthFlow auth_flow); |
| 40 |
| 41 // BrowserContextKeyedService: |
| 42 virtual void Shutdown() OVERRIDE; |
| 43 |
| 44 private: |
| 45 friend class SAMLOfflineSigninLimiterFactory; |
| 46 friend class SAMLOfflineSigninLimiterTest; |
| 47 |
| 48 // |profile| and |clock| must remain valid until Shutdown() is called. If |
| 49 // |clock| is NULL, the |default_clock_| will be used. |
| 50 SAMLOfflineSigninLimiter(Profile* profile, base::Clock* clock); |
| 51 virtual ~SAMLOfflineSigninLimiter(); |
| 52 |
| 53 // Recalculates the amount of time remaining until online login should be |
| 54 // forced and sets the |offline_signin_limit_timer_| accordingly. If the limit |
| 55 // has expired already, sets the flag enforcing online login immediately. |
| 56 void UpdateLimit(); |
| 57 |
| 58 // Sets the flag enforcing online login. This will cause the user's next login |
| 59 // to use online authentication against GAIA. |
| 60 void ForceOnlineLogin(); |
| 61 |
| 62 base::DefaultClock default_clock_; |
| 63 |
| 64 Profile* profile_; |
| 65 base::Clock* clock_; |
| 66 |
| 67 PrefChangeRegistrar pref_change_registrar_; |
| 68 |
| 69 scoped_ptr<base::OneShotTimer<SAMLOfflineSigninLimiter> > |
| 70 offline_signin_limit_timer_; |
| 71 |
| 72 DISALLOW_COPY_AND_ASSIGN(SAMLOfflineSigninLimiter); |
| 73 }; |
| 74 |
| 75 } // namespace chromeos |
| 76 |
| 77 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 143463009:
Add policy that forces SAML users to log in online periodically (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src