Track whether a given user session has completed initialization, and use

chrome/browser/chromeos/login/screens/user_selection_screen.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/screens/user_selection_screen.h"
 
 #include <stddef.h>
 
 #include <utility>
 
@@ skipping 242 matching lines @@
 
   if (user->GetType() == user_manager::USER_TYPE_ACTIVE_DIRECTORY) {
     return true;
   }
 
   // At this point the reason for invalid token should be already set. If not,
   // this might be a leftover from an old version.
   if (token_status == user_manager::User::OAUTH2_TOKEN_STATUS_INVALID)
     RecordReauthReason(user->GetAccountId(), ReauthReason::OTHER);
 
-  return user->force_online_signin() ||
+  // We need to force an online signin if the user is marked as requiring it,
+  // or if the user's session never completed initialization (still need to
+  // check for policy/management state) or if there's an invalid OAUTH token
+  // that needs to be refreshed.
+  return user->force_online_signin() || !user->session_initialized() ||
          (token_status == user_manager::User::OAUTH2_TOKEN_STATUS_INVALID) ||
          (token_status == user_manager::User::OAUTH_TOKEN_STATUS_UNKNOWN);
 }
 
 void UserSelectionScreen::SetHandler(LoginDisplayWebUIHandler* handler) {
   handler_ = handler;
 
   if (handler_) {
     // Forcibly refresh all of the user images, as the |handler_| instance may
     // have been reused.
@@ skipping 303 matching lines @@
   // The user profile should exist if and only if this is the lock screen.
   DCHECK_EQ(!!profile, GetScreenType() == LOCK_SCREEN);
 
   if (!profile)
     profile = profile_helper->GetSigninProfile();
 
   return EasyUnlockService::Get(profile);
 }
 
 }  // namespace chromeos