| Index: chrome/browser/chromeos/login/saml/saml_offline_signin_limiter.h
|
| diff --git a/chrome/browser/chromeos/login/saml/saml_offline_signin_limiter.h b/chrome/browser/chromeos/login/saml/saml_offline_signin_limiter.h
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..c00c791bbb2eda38f272ba474262c12f6f27ff6e
|
| --- /dev/null
|
| +++ b/chrome/browser/chromeos/login/saml/saml_offline_signin_limiter.h
|
| @@ -0,0 +1,77 @@
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_
|
| +#define CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_
|
| +
|
| +#include "base/basictypes.h"
|
| +#include "base/memory/scoped_ptr.h"
|
| +#include "base/prefs/pref_change_registrar.h"
|
| +#include "base/time/default_clock.h"
|
| +#include "base/time/time.h"
|
| +#include "base/timer/timer.h"
|
| +#include "chrome/browser/chromeos/login/user.h"
|
| +#include "components/browser_context_keyed_service/browser_context_keyed_service.h"
|
| +
|
| +class Profile;
|
| +
|
| +namespace base {
|
| +class Clock;
|
| +}
|
| +
|
| +namespace user_prefs {
|
| +class PrefRegistrySyncable;
|
| +}
|
| +
|
| +namespace chromeos {
|
| +
|
| +// Enforces a limit on the length of time for which a user authenticated via
|
| +// SAML can use offline authentication against a cached password before being
|
| +// forced to go through online authentication against GAIA again.
|
| +class SAMLOfflineSigninLimiter : public BrowserContextKeyedService {
|
| + public:
|
| + // Registers preferences.
|
| + static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry);
|
| +
|
| + // Called when the user successfully authenticates. |auth_flow| indicates
|
| + // the type of authentication flow that the user went through.
|
| + void SignedIn(UserContext::AuthFlow auth_flow);
|
| +
|
| + // BrowserContextKeyedService:
|
| + virtual void Shutdown() OVERRIDE;
|
| +
|
| + private:
|
| + friend class SAMLOfflineSigninLimiterFactory;
|
| + friend class SAMLOfflineSigninLimiterTest;
|
| +
|
| + // |profile| and |clock| must remain valid until Shutdown() is called. If
|
| + // |clock| is NULL, the |default_clock_| will be used.
|
| + SAMLOfflineSigninLimiter(Profile* profile, base::Clock* clock);
|
| + virtual ~SAMLOfflineSigninLimiter();
|
| +
|
| + // Recalculates the amount of time remaining until online login should be
|
| + // forced and sets the |offline_signin_limit_timer_| accordingly. If the limit
|
| + // has expired already, sets the flag enforcing online login immediately.
|
| + void UpdateLimit();
|
| +
|
| + // Sets the flag enforcing online login. This will cause the user's next login
|
| + // to use online authentication against GAIA.
|
| + void ForceOnlineLogin();
|
| +
|
| + base::DefaultClock default_clock_;
|
| +
|
| + Profile* profile_;
|
| + base::Clock* clock_;
|
| +
|
| + PrefChangeRegistrar pref_change_registrar_;
|
| +
|
| + scoped_ptr<base::OneShotTimer<SAMLOfflineSigninLimiter> >
|
| + offline_signin_limit_timer_;
|
| +
|
| + DISALLOW_COPY_AND_ASSIGN(SAMLOfflineSigninLimiter);
|
| +};
|
| +
|
| +} // namespace chromeos
|
| +
|
| +#endif // CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_
|
|
|
Chromium Code Reviews
Issue 143463009:
Add policy that forces SAML users to log in online periodically (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src