| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 <include src="saml_handler.js"> | 5 <include src="saml_handler.js"> |
| 6 | 6 |
| 7 /** | 7 /** |
| 8 * @fileoverview An UI component to authenciate to Chrome. The component hosts | 8 * @fileoverview An UI component to authenciate to Chrome. The component hosts |
| 9 * IdP web pages in a webview. A client who is interested in monitoring | 9 * IdP web pages in a webview. A client who is interested in monitoring |
| 10 * authentication events should pass a listener object of type | 10 * authentication events should pass a listener object of type |
| (...skipping 14 matching lines...) Expand all Loading... |
| 25 var SIGN_IN_HEADER = 'google-accounts-signin'; | 25 var SIGN_IN_HEADER = 'google-accounts-signin'; |
| 26 var EMBEDDED_FORM_HEADER = 'google-accounts-embedded'; | 26 var EMBEDDED_FORM_HEADER = 'google-accounts-embedded'; |
| 27 var LOCATION_HEADER = 'location'; | 27 var LOCATION_HEADER = 'location'; |
| 28 var COOKIE_HEADER = 'cookie'; | 28 var COOKIE_HEADER = 'cookie'; |
| 29 var SET_COOKIE_HEADER = 'set-cookie'; | 29 var SET_COOKIE_HEADER = 'set-cookie'; |
| 30 var OAUTH_CODE_COOKIE = 'oauth_code'; | 30 var OAUTH_CODE_COOKIE = 'oauth_code'; |
| 31 var GAPS_COOKIE = 'GAPS'; | 31 var GAPS_COOKIE = 'GAPS'; |
| 32 var SERVICE_ID = 'chromeoslogin'; | 32 var SERVICE_ID = 'chromeoslogin'; |
| 33 var EMBEDDED_SETUP_CHROMEOS_ENDPOINT = 'embedded/setup/chromeos'; | 33 var EMBEDDED_SETUP_CHROMEOS_ENDPOINT = 'embedded/setup/chromeos'; |
| 34 var SAML_REDIRECTION_PATH = 'samlredirect'; | 34 var SAML_REDIRECTION_PATH = 'samlredirect'; |
| 35 var BLANK_PAGE_URL = 'about:blank'; |
| 35 | 36 |
| 36 /** | 37 /** |
| 37 * The source URL parameter for the constrained signin flow. | 38 * The source URL parameter for the constrained signin flow. |
| 38 */ | 39 */ |
| 39 var CONSTRAINED_FLOW_SOURCE = 'chrome'; | 40 var CONSTRAINED_FLOW_SOURCE = 'chrome'; |
| 40 | 41 |
| 41 /** | 42 /** |
| 42 * Enum for the authorization mode, must match AuthMode defined in | 43 * Enum for the authorization mode, must match AuthMode defined in |
| 43 * chrome/browser/ui/webui/inline_login_ui.cc. | 44 * chrome/browser/ui/webui/inline_login_ui.cc. |
| 44 * @enum {number} | 45 * @enum {number} |
| (...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 189 window.addEventListener( | 190 window.addEventListener( |
| 190 'popstate', this.onPopState_.bind(this), false); | 191 'popstate', this.onPopState_.bind(this), false); |
| 191 } | 192 } |
| 192 | 193 |
| 193 Authenticator.prototype = Object.create(cr.EventTarget.prototype); | 194 Authenticator.prototype = Object.create(cr.EventTarget.prototype); |
| 194 | 195 |
| 195 /** | 196 /** |
| 196 * Reinitializes authentication parameters so that a failed login attempt | 197 * Reinitializes authentication parameters so that a failed login attempt |
| 197 * would not result in an infinite loop. | 198 * would not result in an infinite loop. |
| 198 */ | 199 */ |
| 199 Authenticator.prototype.resetStates_ = function() { | 200 Authenticator.prototype.resetStates = function() { |
| 200 this.isLoaded_ = false; | 201 this.isLoaded_ = false; |
| 201 this.email_ = null; | 202 this.email_ = null; |
| 202 this.gaiaId_ = null; | 203 this.gaiaId_ = null; |
| 203 this.password_ = null; | 204 this.password_ = null; |
| 204 this.oauthCode_ = null; | 205 this.oauthCode_ = null; |
| 205 this.gapsCookie_ = null; | 206 this.gapsCookie_ = null; |
| 206 this.gapsCookieSent_ = false; | 207 this.gapsCookieSent_ = false; |
| 207 this.newGapsCookie_ = null; | 208 this.newGapsCookie_ = null; |
| 208 this.readyFired_ = false; | 209 this.readyFired_ = false; |
| 209 this.chooseWhatToSync_ = false; | 210 this.chooseWhatToSync_ = false; |
| 210 this.skipForNow_ = false; | 211 this.skipForNow_ = false; |
| 211 this.sessionIndex_ = null; | 212 this.sessionIndex_ = null; |
| 212 this.trusted_ = true; | 213 this.trusted_ = true; |
| 213 this.authFlow = AuthFlow.DEFAULT; | 214 this.authFlow = AuthFlow.DEFAULT; |
| 214 this.samlHandler_.reset(); | 215 this.samlHandler_.reset(); |
| 215 this.videoEnabled = false; | 216 this.videoEnabled = false; |
| 216 }; | 217 }; |
| 217 | 218 |
| 218 /** | 219 /** |
| 220 * Resets the webview to the blank page. |
| 221 */ |
| 222 Authenticator.prototype.resetWebview = function() { |
| 223 if (this.webview_.src && this.webview_.src != BLANK_PAGE_URL) |
| 224 this.webview_.src = BLANK_PAGE_URL; |
| 225 }; |
| 226 |
| 227 /** |
| 219 * Loads the authenticator component with the given parameters. | 228 * Loads the authenticator component with the given parameters. |
| 220 * @param {AuthMode} authMode Authorization mode. | 229 * @param {AuthMode} authMode Authorization mode. |
| 221 * @param {Object} data Parameters for the authorization flow. | 230 * @param {Object} data Parameters for the authorization flow. |
| 222 */ | 231 */ |
| 223 Authenticator.prototype.load = function(authMode, data) { | 232 Authenticator.prototype.load = function(authMode, data) { |
| 224 this.authMode = authMode; | 233 this.authMode = authMode; |
| 225 this.resetStates_(); | 234 this.resetStates(); |
| 226 // gaiaUrl parameter is used for testing. Once defined, it is never changed. | 235 // gaiaUrl parameter is used for testing. Once defined, it is never changed. |
| 227 this.idpOrigin_ = data.gaiaUrl || IDP_ORIGIN; | 236 this.idpOrigin_ = data.gaiaUrl || IDP_ORIGIN; |
| 228 this.continueUrl_ = data.continueUrl || CONTINUE_URL; | 237 this.continueUrl_ = data.continueUrl || CONTINUE_URL; |
| 229 this.continueUrlWithoutParams_ = | 238 this.continueUrlWithoutParams_ = |
| 230 this.continueUrl_.substring(0, this.continueUrl_.indexOf('?')) || | 239 this.continueUrl_.substring(0, this.continueUrl_.indexOf('?')) || |
| 231 this.continueUrl_; | 240 this.continueUrl_; |
| 232 this.isConstrainedWindow_ = data.constrained == '1'; | 241 this.isConstrainedWindow_ = data.constrained == '1'; |
| 233 this.isNewGaiaFlow = data.isNewGaiaFlow; | 242 this.isNewGaiaFlow = data.isNewGaiaFlow; |
| 234 this.useEafe_ = data.useEafe || false; | 243 this.useEafe_ = data.useEafe || false; |
| 235 this.clientId_ = data.clientId; | 244 this.clientId_ = data.clientId; |
| (...skipping 27 matching lines...) Expand all Loading... |
| 263 } | 272 } |
| 264 | 273 |
| 265 this.webview_.src = this.reloadUrl_; | 274 this.webview_.src = this.reloadUrl_; |
| 266 this.isLoaded_ = true; | 275 this.isLoaded_ = true; |
| 267 }; | 276 }; |
| 268 | 277 |
| 269 /** | 278 /** |
| 270 * Reloads the authenticator component. | 279 * Reloads the authenticator component. |
| 271 */ | 280 */ |
| 272 Authenticator.prototype.reload = function() { | 281 Authenticator.prototype.reload = function() { |
| 273 this.resetStates_(); | 282 this.resetStates(); |
| 274 this.webview_.src = this.reloadUrl_; | 283 this.webview_.src = this.reloadUrl_; |
| 275 this.isLoaded_ = true; | 284 this.isLoaded_ = true; |
| 276 }; | 285 }; |
| 277 | 286 |
| 278 Authenticator.prototype.constructInitialFrameUrl_ = function(data) { | 287 Authenticator.prototype.constructInitialFrameUrl_ = function(data) { |
| 279 if (data.doSamlRedirect) { | 288 if (data.doSamlRedirect) { |
| 280 var url = this.idpOrigin_ + SAML_REDIRECTION_PATH; | 289 var url = this.idpOrigin_ + SAML_REDIRECTION_PATH; |
| 281 url = appendParam(url, 'domain', data.enterpriseDomain); | 290 url = appendParam(url, 'domain', data.enterpriseDomain); |
| 282 url = appendParam(url, 'continue', data.gaiaUrl + | 291 url = appendParam(url, 'continue', data.gaiaUrl + |
| 283 'o/oauth2/programmatic_auth?hl=' + data.hl + | 292 'o/oauth2/programmatic_auth?hl=' + data.hl + |
| (...skipping 412 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 696 password: this.password_ || '', | 705 password: this.password_ || '', |
| 697 authCode: this.oauthCode_, | 706 authCode: this.oauthCode_, |
| 698 usingSAML: this.authFlow == AuthFlow.SAML, | 707 usingSAML: this.authFlow == AuthFlow.SAML, |
| 699 chooseWhatToSync: this.chooseWhatToSync_, | 708 chooseWhatToSync: this.chooseWhatToSync_, |
| 700 skipForNow: this.skipForNow_, | 709 skipForNow: this.skipForNow_, |
| 701 sessionIndex: this.sessionIndex_ || '', | 710 sessionIndex: this.sessionIndex_ || '', |
| 702 trusted: this.trusted_, | 711 trusted: this.trusted_, |
| 703 gapsCookie: this.newGapsCookie_ || this.gapsCookie_ || '', | 712 gapsCookie: this.newGapsCookie_ || this.gapsCookie_ || '', |
| 704 } | 713 } |
| 705 })); | 714 })); |
| 706 this.resetStates_(); | 715 this.resetStates(); |
| 707 }; | 716 }; |
| 708 | 717 |
| 709 /** | 718 /** |
| 710 * Invoked when |samlHandler_| fires 'insecureContentBlocked' event. | 719 * Invoked when |samlHandler_| fires 'insecureContentBlocked' event. |
| 711 * @private | 720 * @private |
| 712 */ | 721 */ |
| 713 Authenticator.prototype.onInsecureContentBlocked_ = function(e) { | 722 Authenticator.prototype.onInsecureContentBlocked_ = function(e) { |
| 714 if (!this.isLoaded_) | 723 if (!this.isLoaded_) |
| 715 return; | 724 return; |
| 716 | 725 |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 779 if (currentUrl.lastIndexOf(this.idpOrigin_) == 0) { | 788 if (currentUrl.lastIndexOf(this.idpOrigin_) == 0) { |
| 780 var msg = { | 789 var msg = { |
| 781 'method': 'handshake', | 790 'method': 'handshake', |
| 782 }; | 791 }; |
| 783 | 792 |
| 784 this.webview_.contentWindow.postMessage(msg, currentUrl); | 793 this.webview_.contentWindow.postMessage(msg, currentUrl); |
| 785 | 794 |
| 786 this.fireReadyEvent_(); | 795 this.fireReadyEvent_(); |
| 787 // Focus webview after dispatching event when webview is already visible. | 796 // Focus webview after dispatching event when webview is already visible. |
| 788 this.webview_.focus(); | 797 this.webview_.focus(); |
| 798 } else if (currentUrl == BLANK_PAGE_URL) { |
| 799 this.fireReadyEvent_(); |
| 789 } | 800 } |
| 790 }; | 801 }; |
| 791 | 802 |
| 792 /** | 803 /** |
| 793 * Invoked when the webview fails loading a page. | 804 * Invoked when the webview fails loading a page. |
| 794 * @private | 805 * @private |
| 795 */ | 806 */ |
| 796 Authenticator.prototype.onLoadAbort_ = function(e) { | 807 Authenticator.prototype.onLoadAbort_ = function(e) { |
| 797 this.dispatchEvent(new CustomEvent('loadAbort', | 808 this.dispatchEvent(new CustomEvent('loadAbort', |
| 798 {detail: {error: e.reason, | 809 {detail: {error: e.reason, |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 863 Authenticator.AuthMode = AuthMode; | 874 Authenticator.AuthMode = AuthMode; |
| 864 Authenticator.SUPPORTED_PARAMS = SUPPORTED_PARAMS; | 875 Authenticator.SUPPORTED_PARAMS = SUPPORTED_PARAMS; |
| 865 | 876 |
| 866 return { | 877 return { |
| 867 // TODO(guohui, xiyuan): Rename GaiaAuthHost to Authenticator once the old | 878 // TODO(guohui, xiyuan): Rename GaiaAuthHost to Authenticator once the old |
| 868 // iframe-based flow is deprecated. | 879 // iframe-based flow is deprecated. |
| 869 GaiaAuthHost: Authenticator, | 880 GaiaAuthHost: Authenticator, |
| 870 Authenticator: Authenticator | 881 Authenticator: Authenticator |
| 871 }; | 882 }; |
| 872 }); | 883 }); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2134543003:
Reland of Clear the login webview when SAML flow is canceled (original CL crrev.com/1988113004). (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@2743