OLD | NEW |
(Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/chromeos/authpolicy/auth_policy_credentials_manager.h" |
| 6 |
| 7 #include "base/location.h" |
| 8 #include "base/memory/singleton.h" |
| 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "chrome/browser/browser_process.h" |
| 11 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 12 #include "chrome/browser/lifetime/application_lifetime.h" |
| 13 #include "chrome/browser/notifications/notification.h" |
| 14 #include "chrome/browser/notifications/notification_delegate.h" |
| 15 #include "chrome/browser/notifications/notification_ui_manager.h" |
| 16 #include "chrome/browser/profiles/profile.h" |
| 17 #include "chrome/grit/chromium_strings.h" |
| 18 #include "chrome/grit/generated_resources.h" |
| 19 #include "chrome/grit/theme_resources.h" |
| 20 #include "chromeos/dbus/auth_policy_client.h" |
| 21 #include "chromeos/dbus/dbus_thread_manager.h" |
| 22 #include "chromeos/network/network_handler.h" |
| 23 #include "chromeos/network/network_state.h" |
| 24 #include "chromeos/network/network_state_handler.h" |
| 25 #include "components/keyed_service/content/browser_context_dependency_manager.h" |
| 26 #include "content/public/browser/browser_thread.h" |
| 27 #include "ui/base/l10n/l10n_util.h" |
| 28 #include "ui/base/resource/resource_bundle.h" |
| 29 |
| 30 namespace { |
| 31 |
| 32 const base::TimeDelta kGetUserStatusCallsInterval = |
| 33 base::TimeDelta::FromHours(1); |
| 34 const char kProfileSigninNotificationId[] = "chrome://settings/signin/"; |
| 35 |
| 36 // A notification delegate for the sign-out button. |
| 37 class SigninNotificationDelegate : public NotificationDelegate { |
| 38 public: |
| 39 explicit SigninNotificationDelegate(const std::string& id); |
| 40 |
| 41 // NotificationDelegate: |
| 42 void Click() override; |
| 43 void ButtonClick(int button_index) override; |
| 44 std::string id() const override; |
| 45 |
| 46 protected: |
| 47 ~SigninNotificationDelegate() override; |
| 48 |
| 49 private: |
| 50 // Unique id of the notification. |
| 51 const std::string id_; |
| 52 |
| 53 DISALLOW_COPY_AND_ASSIGN(SigninNotificationDelegate); |
| 54 }; |
| 55 |
| 56 SigninNotificationDelegate::SigninNotificationDelegate(const std::string& id) |
| 57 : id_(id) {} |
| 58 |
| 59 SigninNotificationDelegate::~SigninNotificationDelegate() {} |
| 60 |
| 61 void SigninNotificationDelegate::Click() { |
| 62 chrome::AttemptUserExit(); |
| 63 } |
| 64 |
| 65 void SigninNotificationDelegate::ButtonClick(int button_index) { |
| 66 chrome::AttemptUserExit(); |
| 67 } |
| 68 |
| 69 std::string SigninNotificationDelegate::id() const { |
| 70 return id_; |
| 71 } |
| 72 |
| 73 } // namespace |
| 74 |
| 75 AuthPolicyCredentialsManager::AuthPolicyCredentialsManager(Profile* profile) |
| 76 : profile_(profile), weak_factory_(this) { |
| 77 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 78 StartObserveNetwork(); |
| 79 const user_manager::User* user = |
| 80 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
| 81 CHECK(user && user->IsActiveDirectoryUser()); |
| 82 account_id_ = user->GetAccountId(); |
| 83 GetUserStatus(); |
| 84 } |
| 85 |
| 86 AuthPolicyCredentialsManager::~AuthPolicyCredentialsManager() {} |
| 87 |
| 88 void AuthPolicyCredentialsManager::Shutdown() { |
| 89 StopObserveNetwork(); |
| 90 } |
| 91 |
| 92 void AuthPolicyCredentialsManager::DefaultNetworkChanged( |
| 93 const chromeos::NetworkState* network) { |
| 94 GetUserStatusIfConnected(network); |
| 95 } |
| 96 |
| 97 void AuthPolicyCredentialsManager::NetworkConnectionStateChanged( |
| 98 const chromeos::NetworkState* network) { |
| 99 GetUserStatusIfConnected(network); |
| 100 } |
| 101 |
| 102 void AuthPolicyCredentialsManager::OnShuttingDown() { |
| 103 StopObserveNetwork(); |
| 104 } |
| 105 |
| 106 void AuthPolicyCredentialsManager::GetUserStatus() { |
| 107 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 108 should_call_get_status_again_ = false; |
| 109 chromeos::DBusThreadManager::Get()->GetAuthPolicyClient()->GetUserStatus( |
| 110 account_id_.GetObjGuid(), |
| 111 base::BindOnce(&AuthPolicyCredentialsManager::OnGetUserStatusCallback, |
| 112 weak_factory_.GetWeakPtr())); |
| 113 } |
| 114 |
| 115 void AuthPolicyCredentialsManager::OnGetUserStatusCallback( |
| 116 authpolicy::ErrorType error, |
| 117 const authpolicy::ActiveDirectoryUserStatus& user_status) { |
| 118 last_error_ = error; |
| 119 if (error != authpolicy::ERROR_NONE) { |
| 120 DLOG(ERROR) << "GetUserStatus failed with " << error; |
| 121 return; |
| 122 } |
| 123 CHECK(user_status.account_info().account_id() == account_id_.GetObjGuid()); |
| 124 if (user_status.has_account_info()) |
| 125 UpdateDisplayAndGivenName(user_status.account_info()); |
| 126 |
| 127 if (should_call_get_status_again_) { |
| 128 GetUserStatus(); |
| 129 return; |
| 130 } |
| 131 |
| 132 ScheduleGetUserStatus(); |
| 133 |
| 134 if (user_status.has_password_status()) { |
| 135 switch (user_status.password_status()) { |
| 136 case authpolicy::ActiveDirectoryUserStatus::PASSWORD_VALID: |
| 137 // do nothing |
| 138 break; |
| 139 case authpolicy::ActiveDirectoryUserStatus::PASSWORD_EXPIRED: |
| 140 ShowNotification(IDS_ACTIVE_DIRECTORY_PASSWORD_EXPIRED); |
| 141 return; |
| 142 case authpolicy::ActiveDirectoryUserStatus::PASSWORD_CHANGED: |
| 143 ShowNotification(IDS_ACTIVE_DIRECTORY_PASSWORD_CHANGED); |
| 144 return; |
| 145 } |
| 146 } |
| 147 |
| 148 if (user_status.has_tgt_status()) { |
| 149 switch (user_status.tgt_status()) { |
| 150 case authpolicy::ActiveDirectoryUserStatus::TGT_VALID: |
| 151 // do nothing |
| 152 break; |
| 153 case authpolicy::ActiveDirectoryUserStatus::TGT_EXPIRED: |
| 154 case authpolicy::ActiveDirectoryUserStatus::TGT_NOT_FOUND: |
| 155 ShowNotification(IDS_ACTIVE_DIRECTORY_REFRESH_AUTH_TOKEN); |
| 156 return; |
| 157 } |
| 158 } |
| 159 // Everything is ok. |
| 160 user_manager::UserManager::Get()->SaveForceOnlineSignin(account_id_, false); |
| 161 } |
| 162 |
| 163 void AuthPolicyCredentialsManager::ScheduleGetUserStatus() { |
| 164 scheduled_get_user_status_call_.Reset(base::Bind( |
| 165 &AuthPolicyCredentialsManager::GetUserStatus, base::Unretained(this))); |
| 166 base::ThreadTaskRunnerHandle::Get()->PostDelayedTask( |
| 167 FROM_HERE, scheduled_get_user_status_call_.callback(), |
| 168 kGetUserStatusCallsInterval); |
| 169 } |
| 170 |
| 171 void AuthPolicyCredentialsManager::StartObserveNetwork() { |
| 172 DCHECK(chromeos::NetworkHandler::IsInitialized()); |
| 173 chromeos::NetworkHandler::Get()->network_state_handler()->AddObserver( |
| 174 this, FROM_HERE); |
| 175 } |
| 176 |
| 177 void AuthPolicyCredentialsManager::StopObserveNetwork() { |
| 178 DCHECK(chromeos::NetworkHandler::IsInitialized()); |
| 179 chromeos::NetworkHandler::Get()->network_state_handler()->RemoveObserver( |
| 180 this, FROM_HERE); |
| 181 } |
| 182 |
| 183 void AuthPolicyCredentialsManager::UpdateDisplayAndGivenName( |
| 184 const authpolicy::ActiveDirectoryAccountInfo& account_info) { |
| 185 if (display_name_ == account_info.display_name() && |
| 186 given_name_ == account_info.given_name()) { |
| 187 return; |
| 188 } |
| 189 display_name_ = account_info.display_name(); |
| 190 given_name_ = account_info.given_name(); |
| 191 user_manager::UserManager::Get()->UpdateUserAccountData( |
| 192 account_id_, |
| 193 user_manager::UserManager::UserAccountData( |
| 194 base::UTF8ToUTF16(display_name_), base::UTF8ToUTF16(given_name_), |
| 195 std::string() /* locale */)); |
| 196 } |
| 197 |
| 198 void AuthPolicyCredentialsManager::ShowNotification(int message_id) const { |
| 199 user_manager::UserManager::Get()->SaveForceOnlineSignin(account_id_, true); |
| 200 |
| 201 message_center::RichNotificationData data; |
| 202 data.buttons.push_back(message_center::ButtonInfo( |
| 203 l10n_util::GetStringUTF16(IDS_SYNC_RELOGIN_LINK_LABEL))); |
| 204 |
| 205 const std::string notification_id = |
| 206 kProfileSigninNotificationId + profile_->GetProfileUserName(); |
| 207 // Set the delegate for the notification's sign-out button. |
| 208 SigninNotificationDelegate* delegate = |
| 209 new SigninNotificationDelegate(notification_id); |
| 210 |
| 211 message_center::NotifierId notifier_id( |
| 212 message_center::NotifierId::SYSTEM_COMPONENT, |
| 213 kProfileSigninNotificationId); |
| 214 |
| 215 // Set |profile_id| for multi-user notification blocker. |
| 216 notifier_id.profile_id = profile_->GetProfileUserName(); |
| 217 |
| 218 Notification notification( |
| 219 message_center::NOTIFICATION_TYPE_SIMPLE, |
| 220 l10n_util::GetStringUTF16(IDS_SIGNIN_ERROR_BUBBLE_VIEW_TITLE), |
| 221 l10n_util::GetStringUTF16(message_id), |
| 222 ui::ResourceBundle::GetSharedInstance().GetImageNamed( |
| 223 IDR_NOTIFICATION_ALERT), |
| 224 notifier_id, |
| 225 base::string16(), // display_source |
| 226 GURL(notification_id), notification_id, data, delegate); |
| 227 notification.SetSystemPriority(); |
| 228 |
| 229 NotificationUIManager* notification_ui_manager = |
| 230 g_browser_process->notification_ui_manager(); |
| 231 // Update or add the notification. |
| 232 if (notification_ui_manager->FindById( |
| 233 notification_id, NotificationUIManager::GetProfileID(profile_))) |
| 234 notification_ui_manager->Update(notification, profile_); |
| 235 else |
| 236 notification_ui_manager->Add(notification, profile_); |
| 237 } |
| 238 |
| 239 void AuthPolicyCredentialsManager::GetUserStatusIfConnected( |
| 240 const chromeos::NetworkState* network) { |
| 241 if (last_error_ == authpolicy::ERROR_NONE) |
| 242 return; |
| 243 if (!network || !network->IsConnectedState()) |
| 244 return; |
| 245 if (weak_factory_.HasWeakPtrs()) { |
| 246 // Another call is in progress. |
| 247 should_call_get_status_again_ = true; |
| 248 return; |
| 249 } |
| 250 GetUserStatus(); |
| 251 } |
| 252 |
| 253 // static |
| 254 AuthPolicyCredentialsManagerFactory* |
| 255 AuthPolicyCredentialsManagerFactory::GetInstance() { |
| 256 return base::Singleton<AuthPolicyCredentialsManagerFactory>::get(); |
| 257 } |
| 258 |
| 259 // static |
| 260 void AuthPolicyCredentialsManagerFactory::BuildForProfileIfActiveDirectory( |
| 261 Profile* profile) { |
| 262 const user_manager::User* user = |
| 263 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
| 264 if (!user || !user->IsActiveDirectoryUser()) |
| 265 return; |
| 266 GetInstance()->GetServiceForBrowserContext(profile, true /* create */); |
| 267 } |
| 268 |
| 269 AuthPolicyCredentialsManagerFactory::AuthPolicyCredentialsManagerFactory() |
| 270 : BrowserContextKeyedServiceFactory( |
| 271 "AuthPolicyCredentialsManager", |
| 272 BrowserContextDependencyManager::GetInstance()) {} |
| 273 |
| 274 AuthPolicyCredentialsManagerFactory::~AuthPolicyCredentialsManagerFactory() {} |
| 275 |
| 276 KeyedService* AuthPolicyCredentialsManagerFactory::BuildServiceInstanceFor( |
| 277 content::BrowserContext* context) const { |
| 278 Profile* profile = Profile::FromBrowserContext(context); |
| 279 return new AuthPolicyCredentialsManager(profile); |
| 280 } |
OLD | NEW |