chrome/browser/resources/gaia_auth_host/authenticator.js - Issue 2049103002: Fix SAML single-password scrapping authenticating with an empty password - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(700)

My Issues | Starred Open | Closed | All

Side by Side Diff: chrome/browser/resources/gaia_auth_host/authenticator.js

Issue 2049103002: Fix SAML single-password scrapping authenticating with an empty password (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « no previous file | ui/login/display_manager.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 <include src="saml_handler.js">	5 <include src="saml_handler.js">

6	6

7 /**	7 /**

8 * @fileoverview An UI component to authenciate to Chrome. The component hosts	8 * @fileoverview An UI component to authenciate to Chrome. The component hosts

9 * IdP web pages in a webview. A client who is interested in monitoring	9 * IdP web pages in a webview. A client who is interested in monitoring

10 * authentication events should pass a listener object of type	10 * authentication events should pass a listener object of type

(...skipping 644 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
655 }	655 }

656	656

657 // Fall through to finish the auth flow even if this.needPassword	657 // Fall through to finish the auth flow even if this.needPassword

658 // is true. This is because the flag is used as an intention to get	658 // is true. This is because the flag is used as an intention to get

659 // password when it is available but not a mandatory requirement.	659 // password when it is available but not a mandatory requirement.

660 console.warn('Authenticator: No password scraped for SAML.');	660 console.warn('Authenticator: No password scraped for SAML.');

661 } else if (this.needPassword) {	661 } else if (this.needPassword) {

662 if (this.samlHandler_.scrapedPasswordCount == 1) {	662 if (this.samlHandler_.scrapedPasswordCount == 1) {

663 // If we scraped exactly one password, we complete the authentication	663 // If we scraped exactly one password, we complete the authentication

664 // right away.	664 // right away.

665 this.password = this.samlHandler_.firstScrapedPassword;	665 this.password_ = this.samlHandler_.firstScrapedPassword;
	xiyuan 2016/06/08 15:52:01 Oops. Missed this on review. :p Oops. Missed this on review. :p xiyuan 2016/06/08 15:53:16 I wonder whether we should extend SamlTest.Scraped Show quoted text On 2016/06/08 15:52:01, xiyuan wrote: > Oops. Missed this on review. :p I wonder whether we should extend SamlTest.ScrapedSingle to verify the scraped password. afakhry 2016/06/08 16:34:28 Done. Please take a look. Show quoted text On 2016/06/08 15:53:16, xiyuan wrote: > On 2016/06/08 15:52:01, xiyuan wrote: > > Oops. Missed this on review. :p > > I wonder whether we should extend SamlTest.ScrapedSingle to verify the scraped > password. Done. Please take a look.
666 this.onAuthCompleted_();	666 this.onAuthCompleted_();

667 return;	667 return;

668 }	668 }

669	669

670 if (this.confirmPasswordCallback) {	670 if (this.confirmPasswordCallback) {

671 // Confirm scraped password. The flow follows in	671 // Confirm scraped password. The flow follows in

672 // verifyConfirmedPassword.	672 // verifyConfirmedPassword.

673 this.confirmPasswordCallback(this.email_,	673 this.confirmPasswordCallback(this.email_,

674 this.samlHandler_.scrapedPasswordCount);	674 this.samlHandler_.scrapedPasswordCount);

675 return;	675 return;

(...skipping 187 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
863 Authenticator.AuthMode = AuthMode;	863 Authenticator.AuthMode = AuthMode;

864 Authenticator.SUPPORTED_PARAMS = SUPPORTED_PARAMS;	864 Authenticator.SUPPORTED_PARAMS = SUPPORTED_PARAMS;

865	865

866 return {	866 return {

867 // TODO(guohui, xiyuan): Rename GaiaAuthHost to Authenticator once the old	867 // TODO(guohui, xiyuan): Rename GaiaAuthHost to Authenticator once the old

868 // iframe-based flow is deprecated.	868 // iframe-based flow is deprecated.

869 GaiaAuthHost: Authenticator,	869 GaiaAuthHost: Authenticator,

870 Authenticator: Authenticator	870 Authenticator: Authenticator

871 };	871 };

872 });	872 });

OLD	NEW

« no previous file with comments | « no previous file | ui/login/display_manager.js » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698