| Index: chrome/browser/signin/signin_manager_factory.cc
|
| diff --git a/chrome/browser/signin/signin_manager_factory.cc b/chrome/browser/signin/signin_manager_factory.cc
|
| index 10f458d7a3c6c1735c1bb8df5bf2a1324015e233..9a02788e9822a7c2b50b42ab8d32436024511892 100644
|
| --- a/chrome/browser/signin/signin_manager_factory.cc
|
| +++ b/chrome/browser/signin/signin_manager_factory.cc
|
| @@ -6,7 +6,10 @@
|
|
|
| #include "build/build_config.h"
|
| #include "chrome/browser/browser_process.h"
|
| +#include "chrome/browser/first_run/first_run.h"
|
| #include "chrome/browser/profiles/profile.h"
|
| +#include "chrome/browser/profiles/profile_manager.h"
|
| +#include "chrome/browser/signin/about_signin_internals_factory.h"
|
| #include "chrome/browser/signin/account_fetcher_service_factory.h"
|
| #include "chrome/browser/signin/account_tracker_service_factory.h"
|
| #include "chrome/browser/signin/chrome_signin_client_factory.h"
|
| @@ -15,16 +18,70 @@
|
| #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
|
| #include "components/keyed_service/content/browser_context_dependency_manager.h"
|
| #include "components/prefs/pref_registry_simple.h"
|
| +#include "components/signin/core/browser/about_signin_internals.h"
|
| +#include "components/signin/core/browser/signin_internals_util.h"
|
| #include "components/signin/core/browser/signin_manager.h"
|
|
|
| +#if defined(OS_WIN)
|
| +#include "base/base64.h"
|
| +#include "base/strings/sys_string_conversions.h"
|
| +#include "base/win/registry.h"
|
| +#include "base/win/win_util.h"
|
| +#include "chrome/browser/ui/sync/one_click_signin_sync_starter.h"
|
| +#include "components/os_crypt/os_crypt.h"
|
| +#include "google_apis/google_api_keys.h"
|
| +
|
| +namespace {
|
| +
|
| +std::string DecryptRefreshToken(const std::string& cipher_text) {
|
| + std::string refresh_token;
|
| + if (!OSCrypt::DecryptString(cipher_text, &refresh_token)) {
|
| + LOG(ERROR) << "\n\n*** rogerta: unable to decrypt";
|
| + return std::string();
|
| + }
|
| +
|
| + return refresh_token;
|
| +}
|
| +
|
| +// This function is posted from SigninManagerFactory::BuildServiceInstanceFor()
|
| +void StartOneClickSigninSyncStarter(Profile* profile,
|
| + const base::string16& gaia_id,
|
| + const base::string16& email,
|
| + const std::string& refresh_token) {
|
| + AboutSigninInternals* signin_internals =
|
| + AboutSigninInternalsFactory::GetInstance()
|
| + ->GetForProfile(profile);
|
| + signin_internals->OnAuthenticationResultReceived("GCP");
|
| +
|
| + // OneClickSigninSyncStarter will delete itself once done.
|
| + new OneClickSigninSyncStarter(
|
| + profile,
|
| + nullptr, // Browser*
|
| + base::SysWideToUTF8(gaia_id),
|
| + base::SysWideToUTF8(email),
|
| + std::string(), // password
|
| + refresh_token,
|
| + OneClickSigninSyncStarter::CURRENT_PROFILE,
|
| + OneClickSigninSyncStarter::SYNC_WITH_DEFAULT_SETTINGS,
|
| + nullptr, // WebContent*
|
| + OneClickSigninSyncStarter::CONFIRM_AFTER_SIGNIN,
|
| + GURL(), // current_url
|
| + GURL(), // continue_url
|
| + OneClickSigninSyncStarter::Callback());
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +#endif
|
| +
|
| SigninManagerFactory::SigninManagerFactory()
|
| : BrowserContextKeyedServiceFactory(
|
| "SigninManager",
|
| BrowserContextDependencyManager::GetInstance()) {
|
| + DependsOn(AccountTrackerServiceFactory::GetInstance());
|
| DependsOn(ChromeSigninClientFactory::GetInstance());
|
| DependsOn(GaiaCookieManagerServiceFactory::GetInstance());
|
| DependsOn(ProfileOAuth2TokenServiceFactory::GetInstance());
|
| - DependsOn(AccountTrackerServiceFactory::GetInstance());
|
| }
|
|
|
| SigninManagerFactory::~SigninManagerFactory() {
|
| @@ -123,6 +180,72 @@ KeyedService* SigninManagerFactory::BuildServiceInstanceFor(
|
| AccountFetcherServiceFactory::GetForProfile(profile);
|
| #endif
|
| service->Initialize(g_browser_process->local_state());
|
| +
|
| + // Check to see if auto signin information is available. Only applies if:
|
| + //
|
| + // - running on windows
|
| + // - is an enterprise install
|
| + // - this is first run
|
| + // - opening the default profile (i.e. count==0 at this point)
|
| + // - not already signed in
|
| +#if defined(OS_WIN)
|
| + LOG(ERROR) << "\n\n*** rogerta: client_id="
|
| + << google_apis::GetOAuth2ClientID(google_apis::CLIENT_MAIN);
|
| +
|
| + bool check_for_auto_signin = first_run::IsChromeFirstRun() &&
|
| + g_browser_process->profile_manager()->GetNumberOfProfiles() == 0 &&
|
| + /*base::win::IsEnrolledToDomain() &&*/ !service->IsAuthenticated();
|
| + LOG(ERROR) << "\n\n*** rogerta: check=" << check_for_auto_signin;
|
| + if (check_for_auto_signin) {
|
| + base::win::RegKey key;
|
| + LONG sts = key.Open(HKEY_CURRENT_USER, L"Software\\Google\\Accounts",
|
| + KEY_READ);
|
| + if (sts == ERROR_SUCCESS) {
|
| + LOG(ERROR) << "\n\n*** rogerta: opened a/g/a";
|
| + base::win::RegistryKeyIterator it(key.Handle(), L"");
|
| + if (it.Valid() && it.SubkeyCount() > 0) {
|
| + LOG(ERROR) << "\n\n*** rogerta: subkey count=" << it.SubkeyCount();
|
| + base::win::RegKey key_account(key.Handle(), it.Name(), KEY_READ);
|
| + if (key_account.Valid()) {
|
| + base::string16 gaia_id = it.Name();
|
| + base::string16 email;
|
| + key_account.ReadValue(L"email", &email);
|
| + LOG(ERROR) << "\n\n*** rogerta: id=" << it.Name()
|
| + << " email=" << email;
|
| +
|
| + // Read the encrypted refresh token. The data is stored in
|
| + // binary format.
|
| + std::string encrypted_refresh_token;
|
| + DWORD size = 0;
|
| + DWORD type;
|
| + if (key_account.ReadValue(L"refresh_token", nullptr, &size, &type)
|
| + == ERROR_SUCCESS) {
|
| + LOG(ERROR) << "\n\n*** rogerta: rt size=" << size;
|
| + encrypted_refresh_token.resize(size);
|
| + key_account.ReadValue(
|
| + L"refresh_token",
|
| + const_cast<char*>(encrypted_refresh_token.c_str()),
|
| + &size, &type);
|
| + LOG(ERROR) << "\n\n*** rogerta: rt type=" << type;
|
| + if (!gaia_id.empty() && !email.empty() && type == REG_BINARY &&
|
| + !encrypted_refresh_token.empty()) {
|
| + LOG(ERROR) << "\n\n*** rogerta: do autologin";
|
| + // Delay the OneClickSigninSyncStarter since it will try to get
|
| + // PKS pointers, and this won't work very from within this PKS
|
| + // factory function.
|
| + base::ThreadTaskRunnerHandle::Get()->PostTask(
|
| + FROM_HERE,
|
| + base::Bind(&StartOneClickSigninSyncStarter,
|
| + profile, gaia_id, email,
|
| + DecryptRefreshToken(encrypted_refresh_token)));
|
| + }
|
| + }
|
| + }
|
| + }
|
| + }
|
| + }
|
| +#endif
|
| +
|
| for (Observer& observer : observer_list_)
|
| observer.SigninManagerCreated(service);
|
| return service;
|
|
|
Chromium Code Reviews
Issue 2343663003:
WIP: Experiment with auto sign-in for chrome enterprise support.
