OLD | NEW |
(Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/chromeos/authpolicy/auth_policy_credentials_manager.h" |
| 6 |
| 7 #include "base/location.h" |
| 8 #include "base/memory/singleton.h" |
| 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "chrome/browser/browser_process.h" |
| 11 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 12 #include "chrome/browser/lifetime/application_lifetime.h" |
| 13 #include "chrome/browser/notifications/notification.h" |
| 14 #include "chrome/browser/notifications/notification_delegate.h" |
| 15 #include "chrome/browser/notifications/notification_ui_manager.h" |
| 16 #include "chrome/browser/profiles/profile.h" |
| 17 #include "chrome/grit/chromium_strings.h" |
| 18 #include "chrome/grit/generated_resources.h" |
| 19 #include "chrome/grit/theme_resources.h" |
| 20 #include "chromeos/dbus/auth_policy_client.h" |
| 21 #include "chromeos/dbus/dbus_thread_manager.h" |
| 22 #include "chromeos/network/network_handler.h" |
| 23 #include "chromeos/network/network_state.h" |
| 24 #include "chromeos/network/network_state_handler.h" |
| 25 #include "components/keyed_service/content/browser_context_dependency_manager.h" |
| 26 #include "ui/base/l10n/l10n_util.h" |
| 27 #include "ui/base/resource/resource_bundle.h" |
| 28 |
| 29 namespace { |
| 30 |
| 31 constexpr base::TimeDelta kGetUserStatusCallsInterval = |
| 32 base::TimeDelta::FromHours(1); |
| 33 const char kProfileSigninNotificationId[] = "chrome://settings/signin/"; |
| 34 |
| 35 // A notification delegate for the sign-out button. |
| 36 class SigninNotificationDelegate : public NotificationDelegate { |
| 37 public: |
| 38 explicit SigninNotificationDelegate(const std::string& id); |
| 39 |
| 40 // NotificationDelegate: |
| 41 void Click() override; |
| 42 void ButtonClick(int button_index) override; |
| 43 std::string id() const override; |
| 44 |
| 45 protected: |
| 46 ~SigninNotificationDelegate() override = default; |
| 47 |
| 48 private: |
| 49 // Unique id of the notification. |
| 50 const std::string id_; |
| 51 |
| 52 DISALLOW_COPY_AND_ASSIGN(SigninNotificationDelegate); |
| 53 }; |
| 54 |
| 55 SigninNotificationDelegate::SigninNotificationDelegate(const std::string& id) |
| 56 : id_(id) {} |
| 57 |
| 58 void SigninNotificationDelegate::Click() { |
| 59 chrome::AttemptUserExit(); |
| 60 } |
| 61 |
| 62 void SigninNotificationDelegate::ButtonClick(int button_index) { |
| 63 chrome::AttemptUserExit(); |
| 64 } |
| 65 |
| 66 std::string SigninNotificationDelegate::id() const { |
| 67 return id_; |
| 68 } |
| 69 |
| 70 } // namespace |
| 71 |
| 72 AuthPolicyCredentialsManager::AuthPolicyCredentialsManager(Profile* profile) |
| 73 : profile_(profile) { |
| 74 const user_manager::User* user = |
| 75 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
| 76 CHECK(user && user->IsActiveDirectoryUser()); |
| 77 StartObserveNetwork(); |
| 78 account_id_ = user->GetAccountId(); |
| 79 GetUserStatus(); |
| 80 } |
| 81 |
| 82 AuthPolicyCredentialsManager::~AuthPolicyCredentialsManager() {} |
| 83 |
| 84 void AuthPolicyCredentialsManager::Shutdown() { |
| 85 StopObserveNetwork(); |
| 86 } |
| 87 |
| 88 void AuthPolicyCredentialsManager::DefaultNetworkChanged( |
| 89 const chromeos::NetworkState* network) { |
| 90 GetUserStatusIfConnected(network); |
| 91 } |
| 92 |
| 93 void AuthPolicyCredentialsManager::NetworkConnectionStateChanged( |
| 94 const chromeos::NetworkState* network) { |
| 95 GetUserStatusIfConnected(network); |
| 96 } |
| 97 |
| 98 void AuthPolicyCredentialsManager::OnShuttingDown() { |
| 99 StopObserveNetwork(); |
| 100 } |
| 101 |
| 102 void AuthPolicyCredentialsManager::GetUserStatus() { |
| 103 DCHECK(!weak_factory_.HasWeakPtrs()); |
| 104 rerun_get_status_on_error_ = false; |
| 105 scheduled_get_user_status_call_.Cancel(); |
| 106 chromeos::DBusThreadManager::Get()->GetAuthPolicyClient()->GetUserStatus( |
| 107 account_id_.GetObjGuid(), |
| 108 base::BindOnce(&AuthPolicyCredentialsManager::OnGetUserStatusCallback, |
| 109 weak_factory_.GetWeakPtr())); |
| 110 } |
| 111 |
| 112 void AuthPolicyCredentialsManager::OnGetUserStatusCallback( |
| 113 authpolicy::ErrorType error, |
| 114 const authpolicy::ActiveDirectoryUserStatus& user_status) { |
| 115 DCHECK(weak_factory_.HasWeakPtrs()); |
| 116 ScheduleGetUserStatus(); |
| 117 last_error_ = error; |
| 118 if (error != authpolicy::ERROR_NONE) { |
| 119 DLOG(ERROR) << "GetUserStatus failed with " << error; |
| 120 if (rerun_get_status_on_error_) { |
| 121 rerun_get_status_on_error_ = false; |
| 122 GetUserStatus(); |
| 123 } |
| 124 return; |
| 125 } |
| 126 CHECK(user_status.account_info().account_id() == account_id_.GetObjGuid()); |
| 127 rerun_get_status_on_error_ = false; |
| 128 if (user_status.has_account_info()) |
| 129 UpdateDisplayAndGivenName(user_status.account_info()); |
| 130 |
| 131 DCHECK(user_status.has_password_status()); |
| 132 switch (user_status.password_status()) { |
| 133 case authpolicy::ActiveDirectoryUserStatus::PASSWORD_VALID: |
| 134 // do nothing |
| 135 break; |
| 136 case authpolicy::ActiveDirectoryUserStatus::PASSWORD_EXPIRED: |
| 137 ShowNotification(IDS_ACTIVE_DIRECTORY_PASSWORD_EXPIRED); |
| 138 return; |
| 139 case authpolicy::ActiveDirectoryUserStatus::PASSWORD_CHANGED: |
| 140 ShowNotification(IDS_ACTIVE_DIRECTORY_PASSWORD_CHANGED); |
| 141 return; |
| 142 } |
| 143 |
| 144 DCHECK(user_status.has_tgt_status()); |
| 145 switch (user_status.tgt_status()) { |
| 146 case authpolicy::ActiveDirectoryUserStatus::TGT_VALID: |
| 147 // do nothing |
| 148 break; |
| 149 case authpolicy::ActiveDirectoryUserStatus::TGT_EXPIRED: |
| 150 case authpolicy::ActiveDirectoryUserStatus::TGT_NOT_FOUND: |
| 151 ShowNotification(IDS_ACTIVE_DIRECTORY_REFRESH_AUTH_TOKEN); |
| 152 return; |
| 153 } |
| 154 // Everything is ok. |
| 155 user_manager::UserManager::Get()->SaveForceOnlineSignin(account_id_, false); |
| 156 } |
| 157 |
| 158 void AuthPolicyCredentialsManager::ScheduleGetUserStatus() { |
| 159 // Unretained is safe here because it is a CancelableClosure and owned by this |
| 160 // object. |
| 161 scheduled_get_user_status_call_.Reset(base::Bind( |
| 162 &AuthPolicyCredentialsManager::GetUserStatus, base::Unretained(this))); |
| 163 // TODO(rsorokin): This does not re-schedule after wake from sleep |
| 164 // (and thus the maximal interval between two calls can be (sleep time + |
| 165 // kGetUserStatusCallsInterval)) (see crbug.com/726672). |
| 166 base::ThreadTaskRunnerHandle::Get()->PostDelayedTask( |
| 167 FROM_HERE, scheduled_get_user_status_call_.callback(), |
| 168 kGetUserStatusCallsInterval); |
| 169 } |
| 170 |
| 171 void AuthPolicyCredentialsManager::StartObserveNetwork() { |
| 172 DCHECK(chromeos::NetworkHandler::IsInitialized()); |
| 173 if (is_observing_network_) |
| 174 return; |
| 175 is_observing_network_ = true; |
| 176 chromeos::NetworkHandler::Get()->network_state_handler()->AddObserver( |
| 177 this, FROM_HERE); |
| 178 } |
| 179 |
| 180 void AuthPolicyCredentialsManager::StopObserveNetwork() { |
| 181 DCHECK(chromeos::NetworkHandler::IsInitialized()); |
| 182 if (!is_observing_network_) |
| 183 return; |
| 184 is_observing_network_ = false; |
| 185 chromeos::NetworkHandler::Get()->network_state_handler()->RemoveObserver( |
| 186 this, FROM_HERE); |
| 187 } |
| 188 |
| 189 void AuthPolicyCredentialsManager::UpdateDisplayAndGivenName( |
| 190 const authpolicy::ActiveDirectoryAccountInfo& account_info) { |
| 191 if (display_name_ == account_info.display_name() && |
| 192 given_name_ == account_info.given_name()) { |
| 193 return; |
| 194 } |
| 195 display_name_ = account_info.display_name(); |
| 196 given_name_ = account_info.given_name(); |
| 197 user_manager::UserManager::Get()->UpdateUserAccountData( |
| 198 account_id_, |
| 199 user_manager::UserManager::UserAccountData( |
| 200 base::UTF8ToUTF16(display_name_), base::UTF8ToUTF16(given_name_), |
| 201 std::string() /* locale */)); |
| 202 } |
| 203 |
| 204 void AuthPolicyCredentialsManager::ShowNotification(int message_id) { |
| 205 user_manager::UserManager::Get()->SaveForceOnlineSignin(account_id_, true); |
| 206 |
| 207 if (shown_notifications_.count(message_id) > 0) |
| 208 return; |
| 209 |
| 210 message_center::RichNotificationData data; |
| 211 data.buttons.push_back(message_center::ButtonInfo( |
| 212 l10n_util::GetStringUTF16(IDS_SYNC_RELOGIN_LINK_LABEL))); |
| 213 |
| 214 const std::string notification_id = kProfileSigninNotificationId + |
| 215 profile_->GetProfileUserName() + |
| 216 std::to_string(message_id); |
| 217 // Set the delegate for the notification's sign-out button. |
| 218 SigninNotificationDelegate* delegate = |
| 219 new SigninNotificationDelegate(notification_id); |
| 220 |
| 221 message_center::NotifierId notifier_id( |
| 222 message_center::NotifierId::SYSTEM_COMPONENT, |
| 223 kProfileSigninNotificationId); |
| 224 |
| 225 // Set |profile_id| for multi-user notification blocker. |
| 226 notifier_id.profile_id = profile_->GetProfileUserName(); |
| 227 |
| 228 Notification notification( |
| 229 message_center::NOTIFICATION_TYPE_SIMPLE, |
| 230 l10n_util::GetStringUTF16(IDS_SIGNIN_ERROR_BUBBLE_VIEW_TITLE), |
| 231 l10n_util::GetStringUTF16(message_id), |
| 232 ui::ResourceBundle::GetSharedInstance().GetImageNamed( |
| 233 IDR_NOTIFICATION_ALERT), |
| 234 notifier_id, |
| 235 base::string16(), // display_source |
| 236 GURL(notification_id), notification_id, data, delegate); |
| 237 notification.SetSystemPriority(); |
| 238 |
| 239 NotificationUIManager* notification_ui_manager = |
| 240 g_browser_process->notification_ui_manager(); |
| 241 // Add the notification. |
| 242 notification_ui_manager->Add(notification, profile_); |
| 243 shown_notifications_.insert(message_id); |
| 244 } |
| 245 |
| 246 void AuthPolicyCredentialsManager::GetUserStatusIfConnected( |
| 247 const chromeos::NetworkState* network) { |
| 248 if (!network || !network->IsConnectedState()) |
| 249 return; |
| 250 if (weak_factory_.HasWeakPtrs()) { |
| 251 // Another call is in progress. |
| 252 rerun_get_status_on_error_ = true; |
| 253 return; |
| 254 } |
| 255 if (last_error_ != authpolicy::ERROR_NONE) |
| 256 GetUserStatus(); |
| 257 } |
| 258 |
| 259 // static |
| 260 AuthPolicyCredentialsManagerFactory* |
| 261 AuthPolicyCredentialsManagerFactory::GetInstance() { |
| 262 return base::Singleton<AuthPolicyCredentialsManagerFactory>::get(); |
| 263 } |
| 264 |
| 265 // static |
| 266 void AuthPolicyCredentialsManagerFactory::BuildForProfileIfActiveDirectory( |
| 267 Profile* profile) { |
| 268 const user_manager::User* user = |
| 269 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
| 270 if (!user || !user->IsActiveDirectoryUser()) |
| 271 return; |
| 272 GetInstance()->GetServiceForBrowserContext(profile, true /* create */); |
| 273 } |
| 274 |
| 275 AuthPolicyCredentialsManagerFactory::AuthPolicyCredentialsManagerFactory() |
| 276 : BrowserContextKeyedServiceFactory( |
| 277 "AuthPolicyCredentialsManager", |
| 278 BrowserContextDependencyManager::GetInstance()) {} |
| 279 |
| 280 AuthPolicyCredentialsManagerFactory::~AuthPolicyCredentialsManagerFactory() {} |
| 281 |
| 282 KeyedService* AuthPolicyCredentialsManagerFactory::BuildServiceInstanceFor( |
| 283 content::BrowserContext* context) const { |
| 284 Profile* profile = Profile::FromBrowserContext(context); |
| 285 return new AuthPolicyCredentialsManager(profile); |
| 286 } |
OLD | NEW |