OLD | NEW |
---|---|
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "ash/login/lock_screen_controller.h" | 5 #include "ash/login/lock_screen_controller.h" |
6 | 6 |
7 #include "ash/login/ui/lock_screen.h" | |
7 #include "chromeos/cryptohome/system_salt_getter.h" | 8 #include "chromeos/cryptohome/system_salt_getter.h" |
8 #include "chromeos/login/auth/user_context.h" | 9 #include "chromeos/login/auth/user_context.h" |
9 | 10 |
10 namespace ash { | 11 namespace ash { |
11 | 12 |
12 LockScreenController::LockScreenController() = default; | 13 LockScreenController::LockScreenController() = default; |
13 | 14 |
14 LockScreenController::~LockScreenController() = default; | 15 LockScreenController::~LockScreenController() = default; |
15 | 16 |
16 void LockScreenController::BindRequest(mojom::LockScreenRequest request) { | 17 void LockScreenController::BindRequest(mojom::LockScreenRequest request) { |
17 bindings_.AddBinding(this, std::move(request)); | 18 bindings_.AddBinding(this, std::move(request)); |
18 } | 19 } |
19 | 20 |
20 void LockScreenController::AuthenticateUser(const AccountId& account_id, | 21 void LockScreenController::AuthenticateUser( |
21 const std::string& password, | 22 const AccountId& account_id, |
22 bool authenticated_by_pin) { | 23 const std::string& password, |
24 bool authenticated_by_pin, | |
25 mojom::LockScreenClient::AuthenticateUserCallback callback) { | |
23 if (!lock_screen_client_) | 26 if (!lock_screen_client_) |
24 return; | 27 return; |
25 | 28 |
29 // We cannot execute auth requests directly via GetSystemSalt because it | |
30 // expects a base::Callback instance, but |callback| is a base::OnceCallback. | |
31 // Instead, we store |callback| on this object and invoke it locally once we | |
32 // have the system salt. | |
33 pending_user_auths_.emplace_back(base::BindOnce( | |
34 &LockScreenController::DoAuthenticateUser, base::Unretained(this), | |
35 account_id, password, authenticated_by_pin, std::move(callback))); | |
xiyuan
2017/06/06 22:37:51
nit: DCHECK_EQ(1u, pending_user_auths_.size()), si
jdufault
2017/06/07 18:58:35
Removed support for >1 concurrent auth.
| |
26 chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::Bind( | 36 chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::Bind( |
27 &LockScreenController::DoAuthenticateUser, base::Unretained(this), | 37 &LockScreenController::OnGetSystemSalt, base::Unretained(this))); |
28 account_id, password, authenticated_by_pin)); | 38 } |
39 | |
40 void LockScreenController::ShowLockScreen(ShowLockScreenCallback on_shown) { | |
41 ::ash::ShowLockScreen(); | |
42 std::move(on_shown).Run(true); | |
29 } | 43 } |
30 | 44 |
31 void LockScreenController::SetClient(mojom::LockScreenClientPtr client) { | 45 void LockScreenController::SetClient(mojom::LockScreenClientPtr client) { |
32 lock_screen_client_ = std::move(client); | 46 lock_screen_client_ = std::move(client); |
33 } | 47 } |
34 | 48 |
35 void LockScreenController::ShowErrorMessage(int32_t login_attempts, | 49 void LockScreenController::ShowErrorMessage(int32_t login_attempts, |
36 const std::string& error_text, | 50 const std::string& error_text, |
37 const std::string& help_link_text, | 51 const std::string& help_link_text, |
38 int32_t help_topic_id) { | 52 int32_t help_topic_id) { |
39 NOTIMPLEMENTED(); | 53 NOTIMPLEMENTED(); |
40 } | 54 } |
41 | 55 |
42 void LockScreenController::ClearErrors() { | 56 void LockScreenController::ClearErrors() { |
43 NOTIMPLEMENTED(); | 57 NOTIMPLEMENTED(); |
44 } | 58 } |
45 | 59 |
46 void LockScreenController::DoAuthenticateUser(const AccountId& account_id, | 60 void LockScreenController::DoAuthenticateUser( |
47 const std::string& password, | 61 const AccountId& account_id, |
48 bool authenticated_by_pin, | 62 const std::string& password, |
49 const std::string& system_salt) { | 63 bool authenticated_by_pin, |
64 mojom::LockScreenClient::AuthenticateUserCallback callback, | |
65 const std::string& system_salt) { | |
50 // Hash password before sending through mojo. | 66 // Hash password before sending through mojo. |
51 // TODO(xiaoyinh): Pin is hashed differently by using a different salt and | 67 // TODO(xiaoyinh): Pin is hashed differently by using a different salt and |
52 // a different hash algorithm. Update this part in PinStorage. | 68 // a different hash algorithm. Update this part in PinStorage. |
53 chromeos::Key key(password); | 69 chromeos::Key key(password); |
54 key.Transform(chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); | 70 key.Transform(chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); |
55 lock_screen_client_->AuthenticateUser(account_id, key.GetSecret(), | 71 lock_screen_client_->AuthenticateUser( |
56 authenticated_by_pin); | 72 account_id, key.GetSecret(), authenticated_by_pin, std::move(callback)); |
73 } | |
74 | |
75 void LockScreenController::OnGetSystemSalt(const std::string& system_salt) { | |
76 std::vector<PendingAuthenticateUserCall> auths; | |
77 std::swap(auths, pending_user_auths_); | |
78 for (auto& auth_call : auths) | |
79 std::move(auth_call).Run(system_salt); | |
57 } | 80 } |
58 | 81 |
59 } // namespace ash | 82 } // namespace ash |
OLD | NEW |