Add local state flag to force online login for a user

chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/webui/chromeos/login/signin_screen_handler.h"
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/command_line.h"
 #include "base/debug/trace_event.h"
@@ skipping 1157 matching lines @@
   if (!help_app_.get())
     help_app_ = new HelpAppLauncher(GetNativeWindow());
   help_app_->ShowHelpTopic(
       static_cast<HelpAppLauncher::HelpTopic>(help_topic_id));
 }
 
 void SigninScreenHandler::FillUserDictionary(User* user,
                                              bool is_owner,
                                              base::DictionaryValue* user_dict) {
   const std::string& email = user->email();
-  bool is_public_account =
+  const bool is_public_account =
       user->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT;
-  bool is_locally_managed_user =
+  const bool is_locally_managed_user =
       user->GetType() == User::USER_TYPE_LOCALLY_MANAGED;
   const User::OAuthTokenStatus token_status = user->oauth_token_status();
 
-  // Allow offline sign-in if the oauth token is valid. For supervised users,
-  // allow offline sign-in if the token status is unknown as well. The token
-  // will be invalidated inside the session in case it has been revoked.
-  const bool allow_offline_signin =
-      token_status == User::OAUTH2_TOKEN_STATUS_VALID ||
-      (is_locally_managed_user &&
+  // Force online sign-in if at least one of the following is true:
+  // * The flag to force online sign-in is set for the user.
+  // * The user's oauth token is invalid.
+  // * The user's oauth token status is unknown. This condition does not apply
+  //   to supervised users: A supervised user whose oauth token status is
+  //   unknown may still log in offline. The token will be invalidated inside
+  //   the session in case it has been revoked.
+  const bool force_online_signin =
+      user->force_online_signin() ||
+      (token_status == User::OAUTH2_TOKEN_STATUS_INVALID) ||
+      (!is_locally_managed_user &&
            token_status == User::OAUTH_TOKEN_STATUS_UNKNOWN);
 
   user_dict->SetString(kKeyUsername, email);
   user_dict->SetString(kKeyEmailAddress, user->display_email());
   user_dict->SetString(kKeyDisplayName, user->GetDisplayName());
   user_dict->SetBoolean(kKeyPublicAccount, is_public_account);
   user_dict->SetBoolean(kKeyLocallyManagedUser, is_locally_managed_user);
-  user_dict->SetInteger(kKeyForceOnlineSignin, !allow_offline_signin);
+  user_dict->SetInteger(kKeyForceOnlineSignin, force_online_signin);
   user_dict->SetBoolean(kKeySignedIn, user->is_logged_in());
   user_dict->SetBoolean(kKeyIsOwner, is_owner);
 
   if (is_public_account) {
     policy::BrowserPolicyConnectorChromeOS* policy_connector =
         g_browser_process->platform_part()->browser_policy_connector_chromeos();
 
     if (policy_connector->IsEnterpriseManaged()) {
       user_dict->SetString(kKeyEnterpriseDomain,
                            policy_connector->GetEnterpriseDomain());
@@ skipping 437 matching lines @@
   DCHECK(gaia_screen_handler_);
   return gaia_screen_handler_->frame_state();
 }
 
 net::Error SigninScreenHandler::FrameError() const {
   DCHECK(gaia_screen_handler_);
   return gaia_screen_handler_->frame_error();
 }
 
 }  // namespace chromeos