Chromium Code Reviews Chromium Code Reviews
Issue 2602973002:
Add Active Directory password change screen. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/chromeos/login/gaia_screen_handler.h" | 5 #include "chrome/browser/ui/webui/chromeos/login/gaia_screen_handler.h" |
| 6 | 6 |
| 7 #include "ash/common/system/chromeos/devicetype_utils.h" | 7 #include "ash/common/system/chromeos/devicetype_utils.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/callback.h" | 9 #include "base/callback.h" |
| 10 #include "base/guid.h" | 10 #include "base/guid.h" |
| (...skipping 398 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 409 AddCallback("loginWebuiReady", &GaiaScreenHandler::HandleGaiaUIReady); | 409 AddCallback("loginWebuiReady", &GaiaScreenHandler::HandleGaiaUIReady); |
| 410 AddCallback("toggleEasyBootstrap", | 410 AddCallback("toggleEasyBootstrap", |
| 411 &GaiaScreenHandler::HandleToggleEasyBootstrap); | 411 &GaiaScreenHandler::HandleToggleEasyBootstrap); |
| 412 AddCallback("identifierEntered", &GaiaScreenHandler::HandleIdentifierEntered); | 412 AddCallback("identifierEntered", &GaiaScreenHandler::HandleIdentifierEntered); |
| 413 AddCallback("updateOfflineLogin", | 413 AddCallback("updateOfflineLogin", |
| 414 &GaiaScreenHandler::set_offline_login_is_active); | 414 &GaiaScreenHandler::set_offline_login_is_active); |
| 415 AddCallback("authExtensionLoaded", | 415 AddCallback("authExtensionLoaded", |
| 416 &GaiaScreenHandler::HandleAuthExtensionLoaded); | 416 &GaiaScreenHandler::HandleAuthExtensionLoaded); |
| 417 AddCallback("completeAdAuthentication", | 417 AddCallback("completeAdAuthentication", |
| 418 &GaiaScreenHandler::HandleCompleteAdAuthentication); | 418 &GaiaScreenHandler::HandleCompleteAdAuthentication); |
| 419 AddCallback("completeAdPasswordChange", | |
| 420 &GaiaScreenHandler::HandleCompleteAdPasswordChange); | |
| 419 } | 421 } |
| 420 | 422 |
| 421 void GaiaScreenHandler::OnPortalDetectionCompleted( | 423 void GaiaScreenHandler::OnPortalDetectionCompleted( |
| 422 const NetworkState* network, | 424 const NetworkState* network, |
| 423 const NetworkPortalDetector::CaptivePortalState& state) { | 425 const NetworkPortalDetector::CaptivePortalState& state) { |
| 424 VLOG(1) << "OnPortalDetectionCompleted " | 426 VLOG(1) << "OnPortalDetectionCompleted " |
| 425 << NetworkPortalDetector::CaptivePortalStatusString(state.status); | 427 << NetworkPortalDetector::CaptivePortalStatusString(state.status); |
| 426 | 428 |
| 427 const NetworkPortalDetector::CaptivePortalStatus previous_status = | 429 const NetworkPortalDetector::CaptivePortalStatus previous_status = |
| 428 captive_portal_status_; | 430 captive_portal_status_; |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 496 << "' authenticated by alias '" << canonicalized_email << "'."; | 498 << "' authenticated by alias '" << canonicalized_email << "'."; |
| 497 } | 499 } |
| 498 | 500 |
| 499 return account_id; | 501 return account_id; |
| 500 } | 502 } |
| 501 | 503 |
| 502 void GaiaScreenHandler::DoAdAuth(const std::string& username, | 504 void GaiaScreenHandler::DoAdAuth(const std::string& username, |
| 503 const Key& key, | 505 const Key& key, |
| 504 authpolicy::ErrorType error, | 506 authpolicy::ErrorType error, |
| 505 const std::string& uid) { | 507 const std::string& uid) { |
| 506 if (error == authpolicy::ERROR_NONE && !uid.empty()) { | 508 switch (error) { |
| 507 const AccountId account_id( | 509 case authpolicy::ERROR_NONE: { |
| 508 GetAccountId(username, uid, AccountType::ACTIVE_DIRECTORY)); | 510 DCHECK(!uid.empty()); |
| 509 UserContext user_context(account_id); | 511 const AccountId account_id( |
| 510 user_context.SetKey(key); | 512 GetAccountId(username, uid, AccountType::ACTIVE_DIRECTORY)); |
| 511 user_context.SetAuthFlow(UserContext::AUTH_FLOW_ACTIVE_DIRECTORY); | 513 UserContext user_context(account_id); |
| 512 user_context.SetIsUsingOAuth(false); | 514 user_context.SetKey(key); |
| 513 user_context.SetUserType( | 515 user_context.SetAuthFlow(UserContext::AUTH_FLOW_ACTIVE_DIRECTORY); |
| 514 user_manager::UserType::USER_TYPE_ACTIVE_DIRECTORY); | 516 user_context.SetIsUsingOAuth(false); |
| 515 Delegate()->CompleteLogin(user_context); | 517 user_context.SetUserType( |
| 516 } else { | 518 user_manager::UserType::USER_TYPE_ACTIVE_DIRECTORY); |
| 517 // TODO(rsorokin): Proper error handling. | 519 Delegate()->CompleteLogin(user_context); |
| 518 DLOG(ERROR) << "Failed to auth " << username << ", code " << error; | 520 break; |
| 519 LoadAuthExtension(true, false /* offline */); | 521 } |
| 522 case authpolicy::ERROR_PASSWORD_EXPIRED: { | |
|
michaelpg
2017/01/16 18:04:42
nit: {} block not necessary
| |
| 523 core_oobe_actor_->ShowActiveDirectoryPasswordChangeScreen(username); | |
| 524 break; | |
| 525 } | |
| 526 case authpolicy::ERROR_UNKNOWN: | |
| 527 case authpolicy::ERROR_DBUS_FAILURE: | |
| 528 case authpolicy::ERROR_PARSE_UPN_FAILED: | |
| 529 case authpolicy::ERROR_BAD_USER_NAME: | |
| 530 case authpolicy::ERROR_BAD_PASSWORD: | |
| 531 case authpolicy::ERROR_CANNOT_RESOLVE_KDC: | |
| 532 case authpolicy::ERROR_KINIT_FAILED: | |
| 533 case authpolicy::ERROR_NET_FAILED: | |
| 534 case authpolicy::ERROR_SMBCLIENT_FAILED: | |
| 535 case authpolicy::ERROR_PARSE_FAILED: | |
| 536 case authpolicy::ERROR_PARSE_PREG_FAILED: | |
| 537 case authpolicy::ERROR_BAD_GPOS: | |
| 538 case authpolicy::ERROR_LOCAL_IO: | |
| 539 case authpolicy::ERROR_NOT_JOINED: | |
| 540 case authpolicy::ERROR_NOT_LOGGED_IN: | |
| 541 case authpolicy::ERROR_STORE_POLICY_FAILED: | |
| 542 LoadAuthExtension(true, false /* offline */); | |
| 543 break; | |
| 544 default: | |
| 545 // TODO(rsorokin): Proper error handling. | |
| 546 DLOG(WARNING) << "Unhandled error code: " << error; | |
| 547 LoadAuthExtension(true, false /* offline */); | |
| 520 } | 548 } |
| 521 } | 549 } |
| 522 | 550 |
| 523 void GaiaScreenHandler::HandleCompleteAdAuthentication( | 551 void GaiaScreenHandler::HandleCompleteAdAuthentication( |
| 524 const std::string& user_name, | 552 const std::string& username, |
| 525 const std::string& password) { | 553 const std::string& password) { |
| 526 Delegate()->SetDisplayEmail(user_name); | 554 Delegate()->SetDisplayEmail(username); |
| 527 set_populated_email(user_name); | 555 set_populated_email(username); |
| 528 | 556 |
| 529 login::GetPipeReadEnd( | 557 login::GetPipeReadEnd( |
| 530 password, | 558 password, |
| 531 base::Bind(&GaiaScreenHandler::OnPasswordPipeReady, | 559 base::Bind(&GaiaScreenHandler::OnPasswordPipeReady, |
| 532 weak_factory_.GetWeakPtr(), user_name, Key(password))); | 560 weak_factory_.GetWeakPtr(), username, Key(password))); |
| 533 } | 561 } |
| 534 | 562 |
| 535 void GaiaScreenHandler::OnPasswordPipeReady(const std::string& user_name, | 563 void GaiaScreenHandler::HandleCompleteAdPasswordChange( |
| 564 const std::string& username, | |
| 565 const std::string& old_password, | |
| 566 const std::string& new_password) { | |
| 567 Delegate()->SetDisplayEmail(username); | |
| 568 set_populated_email(username); | |
| 569 | |
| 570 login::GetPipeReadEnd( | |
| 571 old_password + "\n" + new_password + "\n" + new_password, | |
| 572 base::Bind(&GaiaScreenHandler::OnPasswordPipeReady, | |
| 573 weak_factory_.GetWeakPtr(), username, Key(new_password))); | |
| 574 } | |
| 575 | |
| 576 void GaiaScreenHandler::OnPasswordPipeReady(const std::string& username, | |
| 536 const Key& key, | 577 const Key& key, |
| 537 base::ScopedFD password_fd) { | 578 base::ScopedFD password_fd) { |
| 538 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 579 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 539 if (!password_fd.is_valid()) { | 580 if (!password_fd.is_valid()) { |
| 540 DLOG(ERROR) << "Got invalid password_fd"; | 581 DLOG(ERROR) << "Got invalid password_fd"; |
| 541 return; | 582 return; |
| 542 } | 583 } |
| 543 chromeos::AuthPolicyClient* client = | 584 chromeos::AuthPolicyClient* client = |
| 544 chromeos::DBusThreadManager::Get()->GetAuthPolicyClient(); | 585 chromeos::DBusThreadManager::Get()->GetAuthPolicyClient(); |
| 545 client->AuthenticateUser( | 586 client->AuthenticateUser( |
| 546 user_name, password_fd.get(), | 587 username, password_fd.get(), |
| 547 base::Bind(&GaiaScreenHandler::DoAdAuth, weak_factory_.GetWeakPtr(), | 588 base::Bind(&GaiaScreenHandler::DoAdAuth, weak_factory_.GetWeakPtr(), |
| 548 user_name, key)); | 589 username, key)); |
| 549 } | 590 } |
| 550 | 591 |
| 551 void GaiaScreenHandler::HandleCompleteAuthentication( | 592 void GaiaScreenHandler::HandleCompleteAuthentication( |
| 552 const std::string& gaia_id, | 593 const std::string& gaia_id, |
| 553 const std::string& email, | 594 const std::string& email, |
| 554 const std::string& password, | 595 const std::string& password, |
| 555 const std::string& auth_code, | 596 const std::string& auth_code, |
| 556 bool using_saml, | 597 bool using_saml, |
| 557 const std::string& gaps_cookie) { | 598 const std::string& gaps_cookie) { |
| 558 if (!Delegate()) | 599 if (!Delegate()) |
| (...skipping 365 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 924 bool GaiaScreenHandler::IsRestrictiveProxy() const { | 965 bool GaiaScreenHandler::IsRestrictiveProxy() const { |
| 925 return !disable_restrictive_proxy_check_for_test_ && | 966 return !disable_restrictive_proxy_check_for_test_ && |
| 926 !IsOnline(captive_portal_status_); | 967 !IsOnline(captive_portal_status_); |
| 927 } | 968 } |
| 928 | 969 |
| 929 void GaiaScreenHandler::DisableRestrictiveProxyCheckForTest() { | 970 void GaiaScreenHandler::DisableRestrictiveProxyCheckForTest() { |
| 930 disable_restrictive_proxy_check_for_test_ = true; | 971 disable_restrictive_proxy_check_for_test_ = true; |
| 931 } | 972 } |
| 932 | 973 |
| 933 } // namespace chromeos | 974 } // namespace chromeos |
| OLD | NEW |
