mojo api for view based lockscreen

ash/login/lock_screen_controller.cc

+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "ash/login/lock_screen_controller.h"
+
+#include "chromeos/cryptohome/system_salt_getter.h"
+#include "chromeos/login/auth/user_context.h"
+
+namespace ash {
+
+LockScreenController::LockScreenController() {
+  chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::Bind(

[xiyuan, 2017/05/15 20:39:41]

SystemSaltGetter::Get() could return nullptr on tests. It probably not needed to
pre-fetch and cache the salt. SystemSaltGetter already does that.

It would be nice to make this code work for mash as well. Ash would run in a
separate process in this config. We need to initialize/shutdown SystemSaltGetter
for ash in WindowManagerApplication::InitializeComponents
[1]/ShutdownComponents.

[1]:
https://cs.chromium.org/chromium/src/ash/mus/window_manager_application.cc?rc...

[xiaoyinh(OOO Sep 11-29), 2017/05/16 17:32:50]

Done. Added "+chromeos/cryptohome" in ash/mus/DEPS also.

+      &LockScreenController::OnSaltObtained, base::Unretained(this)));
+}
+
+LockScreenController::~LockScreenController() {}
+
+void LockScreenController::BindRequest(mojom::LockScreenRequest request) {
+  bindings_.AddBinding(this, std::move(request));
+}
+
+void LockScreenController::AuthenticateUser(const AccountId& account_id,
+                                            const std::string& password,
+                                            bool authenticated_by_pin) {
+  if (!system_salt_.empty()) {
+    DoAuthenticateUser(account_id, password, authenticated_by_pin,
+                       system_salt_);
+    return;
+  }
+
+  chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::Bind(
+      &LockScreenController::DoAuthenticateUser, base::Unretained(this),
+      account_id, password, authenticated_by_pin));
+}
+
+void LockScreenController::SetClient(mojom::LockScreenClientPtr client) {
+  lock_screen_client_ = std::move(client);
+}
+
+void LockScreenController::ShowErrorMessage() {
+  NOTIMPLEMENTED();
+}
+
+void LockScreenController::ClearErrors() {
+  NOTIMPLEMENTED();
+}
+
+void LockScreenController::DoAuthenticateUser(const AccountId& account_id,
+                                              const std::string& password,
+                                              bool authenticated_by_pin,
+                                              const std::string& system_salt) {
+  system_salt_ = system_salt;
+
+  // Hash password before sending through mojo.
+  // TODO(xiaoyinh@): Pin is hashed differently by using a different salt and
+  // a different hash algorithm. Update this part in PinStorage.
+  chromeos::UserContext user_context(account_id);

[xiyuan, 2017/05/15 20:39:41]

|user_context| not used?

[xiaoyinh(OOO Sep 11-29), 2017/05/16 17:32:49]

Removed, thanks!

+  chromeos::Key key(password);
+  key.Transform(chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt);
+  if (lock_screen_client_) {
+    lock_screen_client_->AuthenticateUser(account_id, key.GetSecret(),
+                                          authenticated_by_pin);
+  }
+}
+
+void LockScreenController::OnSaltObtained(const std::string& system_salt) {
+  system_salt_ = system_salt;
+}

[James Cook, 2017/05/15 21:15:00]

Please write a test for this class. It can be something small/stupid, like
verifying AuthenticateUser() on the class invokes the mojo method. But that will
give us a framework for future tests.

[xiaoyinh(OOO Sep 11-29), 2017/05/16 17:32:49]

Thanks!
I wrote a very simple test to verify that LockScreenClient receives
AuthenticateUser request. I will add more once we have more implementation
details.

+
+}  // namespace ash