| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/session/user_session_manager.h" | 5 #include "chrome/browser/chromeos/login/session/user_session_manager.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <set> | 9 #include <set> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 849 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 860 // error. http://crbug.com/295245 | 860 // error. http://crbug.com/295245 |
| 861 if (!connection_error) { | 861 if (!connection_error) { |
| 862 // We are in one of "done" states here. | 862 // We are in one of "done" states here. |
| 863 user_manager::UserManager::Get()->SaveUserOAuthStatus( | 863 user_manager::UserManager::Get()->SaveUserOAuthStatus( |
| 864 user_manager::UserManager::Get()->GetActiveUser()->GetAccountId(), | 864 user_manager::UserManager::Get()->GetActiveUser()->GetAccountId(), |
| 865 user_status); | 865 user_status); |
| 866 } | 866 } |
| 867 | 867 |
| 868 login_manager->RemoveObserver(this); | 868 login_manager->RemoveObserver(this); |
| 869 | 869 |
| 870 // Terminate user session if merge session fails for an online sign-in. |
| 871 // Otherwise, auth token dependent code would be in an invalid state. |
| 872 // Important piece such as policy code might be broken because of this and |
| 873 // subject to an exploit. See http://crbug.com/677312. |
| 874 const bool is_online_signin = |
| 875 user_context_.GetAuthFlow() == UserContext::AUTH_FLOW_GAIA_WITH_SAML || |
| 876 user_context_.GetAuthFlow() == UserContext::AUTH_FLOW_GAIA_WITHOUT_SAML; |
| 877 if (is_online_signin && state == OAuth2LoginManager::SESSION_RESTORE_FAILED) { |
| 878 LOG(ERROR) |
| 879 << "Session restore failed for online sign-in, terminating session."; |
| 880 chrome::AttemptUserExit(); |
| 881 return; |
| 882 } |
| 883 |
| 870 if (exit_after_session_restore_ && | 884 if (exit_after_session_restore_ && |
| 871 (state == OAuth2LoginManager::SESSION_RESTORE_DONE || | 885 (state == OAuth2LoginManager::SESSION_RESTORE_DONE || |
| 872 state == OAuth2LoginManager::SESSION_RESTORE_FAILED || | 886 state == OAuth2LoginManager::SESSION_RESTORE_FAILED || |
| 873 state == OAuth2LoginManager::SESSION_RESTORE_CONNECTION_FAILED)) { | 887 state == OAuth2LoginManager::SESSION_RESTORE_CONNECTION_FAILED)) { |
| 874 LOG(WARNING) << "Restarting Chrome after session restore finishes, " | 888 LOG(WARNING) << "Restarting Chrome after session restore finishes, " |
| 875 << "most likely due to custom flags."; | 889 << "most likely due to custom flags."; |
| 876 | 890 |
| 877 // We need to restart cleanly in this case to make sure OAuth2 RT is | 891 // We need to restart cleanly in this case to make sure OAuth2 RT is |
| 878 // actually saved. | 892 // actually saved. |
| 879 chrome::AttemptRestart(); | 893 chrome::AttemptRestart(); |
| (...skipping 1064 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1944 ->browser_policy_connector_chromeos() | 1958 ->browser_policy_connector_chromeos() |
| 1945 ->IsEnterpriseManaged()) { | 1959 ->IsEnterpriseManaged()) { |
| 1946 return false; | 1960 return false; |
| 1947 } | 1961 } |
| 1948 | 1962 |
| 1949 // Do not show end of life notification if this is a guest session | 1963 // Do not show end of life notification if this is a guest session |
| 1950 return !profile->IsGuestSession(); | 1964 return !profile->IsGuestSession(); |
| 1951 } | 1965 } |
| 1952 | 1966 |
| 1953 } // namespace chromeos | 1967 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2903123002:
cros: Terminate if merge session fails for online sign-in (Closed)
