Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(453)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/login/login_performer.cc

Issue 148843002: Make an online wildcard login check for enterprise devices. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address Joao's comments. Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/chromeos/login/login_performer.h ('K') | « chrome/browser/chromeos/login/login_performer.h ('k') | chrome/browser/chromeos/login/login_utils.h » ('j') | chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/login/login_performer.cc
diff --git a/chrome/browser/chromeos/login/login_performer.cc b/chrome/browser/chromeos/login/login_performer.cc
index be542382b4c8a6a221d792a8046231adaf680469..3d5471136a6e66b933d44895f70a0493236afd99 100644
--- a/chrome/browser/chromeos/login/login_performer.cc
+++ b/chrome/browser/chromeos/login/login_performer.cc
@@ -23,6 +23,7 @@
#include "chrome/browser/chromeos/login/user_manager.h"
#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
#include "chrome/browser/chromeos/policy/device_local_account_policy_service.h"
+#include "chrome/browser/chromeos/policy/wildcard_login_checker.h"
#include "chrome/browser/chromeos/profiles/profile_helper.h"
#include "chrome/browser/chromeos/settings/cros_settings.h"
#include "chrome/common/pref_names.h"
@@ -162,13 +163,28 @@ void LoginPerformer::PerformLogin(const UserContext& user_context,
return;
}
- bool is_whitelisted = LoginUtils::IsWhitelisted(
- gaia::CanonicalizeEmail(user_context.username));
+ bool wildcard_match = false;
+ std::string email = gaia::CanonicalizeEmail(user_context.username);
+ bool is_whitelisted = LoginUtils::IsWhitelisted(email, &wildcard_match);
if (is_whitelisted) {
switch (auth_mode_) {
- case AUTH_MODE_EXTENSION:
- StartLoginCompletion();
+ case AUTH_MODE_EXTENSION: {
+ // On enterprise devices, reconfirm login permission with the server.
+ policy::BrowserPolicyConnectorChromeOS* connector =
+ g_browser_process->platform_part()
+ ->browser_policy_connector_chromeos();
+ if (connector->IsEnterpriseManaged() && wildcard_match &&
+ !connector->IsNonEnterpriseUser(email)) {
+ wildcard_login_checker_.reset(new policy::WildcardLoginChecker());
+ wildcard_login_checker_->Start(
+ ProfileHelper::GetSigninProfile()->GetRequestContext(),
+ base::Bind(&LoginPerformer::OnlineWildcardLoginCheckCompleted,
+ weak_factory_.GetWeakPtr()));
+ } else {
+ StartLoginCompletion();
+ }
break;
+ }
case AUTH_MODE_INTERNAL:
StartAuthentication();
break;
@@ -341,4 +357,13 @@ void LoginPerformer::StartAuthentication() {
user_context_.auth_code.clear();
}
+void LoginPerformer::OnlineWildcardLoginCheckCompleted(bool result) {
+ if (result) {
+ StartLoginCompletion();
+ } else {
+ if (delegate_)
+ delegate_->WhiteListCheckFailed(user_context_.username);
+ }
+}
+
} // namespace chromeos
« chrome/browser/chromeos/login/login_performer.h ('K') | « chrome/browser/chromeos/login/login_performer.h ('k') | chrome/browser/chromeos/login/login_utils.h » ('j') | chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698