| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" | 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/strings/string_number_conversions.h" | 11 #include "base/strings/string_number_conversions.h" |
| 12 #include "base/strings/string_util.h" | 12 #include "base/strings/string_util.h" |
| 13 #include "chrome/browser/chrome_notification_types.h" | 13 #include "chrome/browser/chrome_notification_types.h" |
| 14 #include "chrome/browser/chromeos/boot_times_loader.h" | 14 #include "chrome/browser/chromeos/boot_times_loader.h" |
| 15 #include "chrome/browser/chromeos/login/auth/authentication_notification_details
.h" | 15 #include "chrome/browser/chromeos/login/auth/authentication_notification_details
.h" |
| 16 #include "chrome/browser/chromeos/login/auth/login_status_consumer.h" | 16 #include "chrome/browser/chromeos/login/auth/login_status_consumer.h" |
| 17 #include "chrome/browser/chromeos/login/users/user.h" | 17 #include "chrome/browser/chromeos/login/users/user.h" |
| 18 #include "chrome/browser/chromeos/login/users/user_manager.h" | 18 #include "chrome/browser/chromeos/login/users/user_manager.h" |
| 19 #include "chrome/browser/chromeos/settings/cros_settings.h" | 19 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 20 #include "chrome/common/chrome_switches.h" | 20 #include "chrome/common/chrome_switches.h" |
| 21 #include "chromeos/cryptohome/async_method_caller.h" | 21 #include "chromeos/cryptohome/async_method_caller.h" |
| 22 #include "chromeos/cryptohome/system_salt_getter.h" | 22 #include "chromeos/cryptohome/system_salt_getter.h" |
| 23 #include "chromeos/dbus/cryptohome_client.h" | 23 #include "chromeos/dbus/cryptohome_client.h" |
| 24 #include "chromeos/dbus/dbus_thread_manager.h" | 24 #include "chromeos/dbus/dbus_thread_manager.h" |
| 25 #include "chromeos/login/login_state.h" | 25 #include "chromeos/login/login_state.h" |
| 26 #include "content/public/browser/browser_thread.h" | 26 #include "content/public/browser/browser_thread.h" |
| 27 #include "content/public/browser/notification_service.h" | 27 #include "content/public/browser/notification_service.h" |
| 28 #include "crypto/sha2.h" | 28 #include "crypto/sha2.h" |
| 29 #include "google_apis/gaia/gaia_auth_util.h" | |
| 30 #include "third_party/cros_system_api/dbus/service_constants.h" | 29 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 31 | 30 |
| 32 using content::BrowserThread; | 31 using content::BrowserThread; |
| 33 | 32 |
| 34 namespace chromeos { | 33 namespace chromeos { |
| 35 | 34 |
| 36 namespace { | 35 namespace { |
| 37 | 36 |
| 38 // Length of password hashed with SHA-256. | 37 // Length of password hashed with SHA-256. |
| 39 const int kPasswordHashLength = 32; | 38 const int kPasswordHashLength = 32; |
| (...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 219 already_reported_success_(false), | 218 already_reported_success_(false), |
| 220 owner_is_verified_(false), | 219 owner_is_verified_(false), |
| 221 user_can_login_(false), | 220 user_can_login_(false), |
| 222 remove_user_data_on_failure_(false), | 221 remove_user_data_on_failure_(false), |
| 223 delayed_login_failure_(NULL) { | 222 delayed_login_failure_(NULL) { |
| 224 } | 223 } |
| 225 | 224 |
| 226 void ParallelAuthenticator::AuthenticateToLogin( | 225 void ParallelAuthenticator::AuthenticateToLogin( |
| 227 Profile* profile, | 226 Profile* profile, |
| 228 const UserContext& user_context) { | 227 const UserContext& user_context) { |
| 229 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); | |
| 230 authentication_profile_ = profile; | 228 authentication_profile_ = profile; |
| 231 current_state_.reset( | 229 current_state_.reset(new AuthAttemptState( |
| 232 new AuthAttemptState( | 230 user_context, |
| 233 UserContext(canonicalized, | 231 User::USER_TYPE_REGULAR, |
| 234 user_context.GetPassword(), | 232 false, // unlock |
| 235 user_context.GetAuthCode()), | 233 false, // online_complete |
| 236 std::string(), // login_token, not used. | 234 !UserManager::Get()->IsKnownUser(user_context.GetUserID()))); |
| 237 std::string(), // login_captcha, not used. | |
| 238 User::USER_TYPE_REGULAR, | |
| 239 !UserManager::Get()->IsKnownUser(canonicalized))); | |
| 240 // Reset the verified flag. | 235 // Reset the verified flag. |
| 241 owner_is_verified_ = false; | 236 owner_is_verified_ = false; |
| 242 | 237 |
| 243 SystemSaltGetter::Get()->GetSystemSalt( | 238 SystemSaltGetter::Get()->GetSystemSalt( |
| 244 base::Bind(&Mount, | 239 base::Bind(&Mount, |
| 245 current_state_.get(), | 240 current_state_.get(), |
| 246 scoped_refptr<ParallelAuthenticator>(this), | 241 scoped_refptr<ParallelAuthenticator>(this), |
| 247 cryptohome::MOUNT_FLAGS_NONE)); | 242 cryptohome::MOUNT_FLAGS_NONE)); |
| 248 } | 243 } |
| 249 | 244 |
| 250 void ParallelAuthenticator::CompleteLogin(Profile* profile, | 245 void ParallelAuthenticator::CompleteLogin(Profile* profile, |
| 251 const UserContext& user_context) { | 246 const UserContext& user_context) { |
| 252 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); | |
| 253 authentication_profile_ = profile; | 247 authentication_profile_ = profile; |
| 254 current_state_.reset( | 248 current_state_.reset(new AuthAttemptState( |
| 255 new AuthAttemptState( | 249 user_context, |
| 256 UserContext(canonicalized, | 250 User::USER_TYPE_REGULAR, |
| 257 user_context.GetPassword(), | 251 true, // unlock |
| 258 user_context.GetAuthCode(), | 252 false, // online_complete |
| 259 user_context.GetUserIDHash(), | 253 !UserManager::Get()->IsKnownUser(user_context.GetUserID()))); |
| 260 user_context.IsUsingOAuth(), | |
| 261 user_context.GetAuthFlow()), | |
| 262 !UserManager::Get()->IsKnownUser(canonicalized))); | |
| 263 | 254 |
| 264 // Reset the verified flag. | 255 // Reset the verified flag. |
| 265 owner_is_verified_ = false; | 256 owner_is_verified_ = false; |
| 266 | 257 |
| 267 SystemSaltGetter::Get()->GetSystemSalt( | 258 SystemSaltGetter::Get()->GetSystemSalt( |
| 268 base::Bind(&Mount, | 259 base::Bind(&Mount, |
| 269 current_state_.get(), | 260 current_state_.get(), |
| 270 scoped_refptr<ParallelAuthenticator>(this), | 261 scoped_refptr<ParallelAuthenticator>(this), |
| 271 cryptohome::MOUNT_FLAGS_NONE)); | 262 cryptohome::MOUNT_FLAGS_NONE)); |
| 272 | 263 |
| 273 // For login completion from extension, we just need to resolve the current | 264 // For login completion from extension, we just need to resolve the current |
| 274 // auth attempt state, the rest of OAuth related tasks will be done in | 265 // auth attempt state, the rest of OAuth related tasks will be done in |
| 275 // parallel. | 266 // parallel. |
| 276 BrowserThread::PostTask( | 267 BrowserThread::PostTask( |
| 277 BrowserThread::UI, FROM_HERE, | 268 BrowserThread::UI, FROM_HERE, |
| 278 base::Bind(&ParallelAuthenticator::ResolveLoginCompletionStatus, this)); | 269 base::Bind(&ParallelAuthenticator::ResolveLoginCompletionStatus, this)); |
| 279 } | 270 } |
| 280 | 271 |
| 281 void ParallelAuthenticator::AuthenticateToUnlock( | 272 void ParallelAuthenticator::AuthenticateToUnlock( |
| 282 const UserContext& user_context) { | 273 const UserContext& user_context) { |
| 283 current_state_.reset( | 274 current_state_.reset(new AuthAttemptState(user_context, |
| 284 new AuthAttemptState( | 275 User::USER_TYPE_REGULAR, |
| 285 gaia::CanonicalizeEmail(user_context.GetUserID()), | 276 true, // unlock |
| 286 user_context.GetPassword())); | 277 true, // online_complete |
| 278 false)); // user_is_new |
| 287 remove_user_data_on_failure_ = false; | 279 remove_user_data_on_failure_ = false; |
| 288 check_key_attempted_ = true; | 280 check_key_attempted_ = true; |
| 289 SystemSaltGetter::Get()->GetSystemSalt( | 281 SystemSaltGetter::Get()->GetSystemSalt( |
| 290 base::Bind(&CheckKey, | 282 base::Bind(&CheckKey, |
| 291 current_state_.get(), | 283 current_state_.get(), |
| 292 scoped_refptr<ParallelAuthenticator>(this))); | 284 scoped_refptr<ParallelAuthenticator>(this))); |
| 293 } | 285 } |
| 294 | 286 |
| 295 void ParallelAuthenticator::LoginAsLocallyManagedUser( | 287 void ParallelAuthenticator::LoginAsLocallyManagedUser( |
| 296 const UserContext& user_context) { | 288 const UserContext& user_context) { |
| 297 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 289 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 298 // TODO(nkostylev): Pass proper value for |user_is_new| or remove (not used). | 290 // TODO(nkostylev): Pass proper value for |user_is_new| or remove (not used). |
| 299 current_state_.reset( | 291 current_state_.reset( |
| 300 new AuthAttemptState(user_context, | 292 new AuthAttemptState(user_context, |
| 301 "", // login_token | |
| 302 "", // login_captcha | |
| 303 User::USER_TYPE_LOCALLY_MANAGED, | 293 User::USER_TYPE_LOCALLY_MANAGED, |
| 304 false)); | 294 false, // unlock |
| 295 false, // online_complete |
| 296 false)); // user_is_new |
| 305 remove_user_data_on_failure_ = false; | 297 remove_user_data_on_failure_ = false; |
| 306 SystemSaltGetter::Get()->GetSystemSalt( | 298 SystemSaltGetter::Get()->GetSystemSalt( |
| 307 base::Bind(&Mount, | 299 base::Bind(&Mount, |
| 308 current_state_.get(), | 300 current_state_.get(), |
| 309 scoped_refptr<ParallelAuthenticator>(this), | 301 scoped_refptr<ParallelAuthenticator>(this), |
| 310 cryptohome::MOUNT_FLAGS_NONE)); | 302 cryptohome::MOUNT_FLAGS_NONE)); |
| 311 } | 303 } |
| 312 | 304 |
| 313 void ParallelAuthenticator::LoginRetailMode() { | 305 void ParallelAuthenticator::LoginRetailMode() { |
| 314 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 306 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 315 // Note: |kRetailModeUserEMail| is used in other places to identify a retail | 307 // Note: |kRetailModeUserEMail| is used in other places to identify a retail |
| 316 // mode session. | 308 // mode session. |
| 317 current_state_.reset(new AuthAttemptState( | 309 current_state_.reset(new AuthAttemptState( |
| 318 UserContext(UserManager::kRetailModeUserName, | 310 UserContext(UserManager::kRetailModeUserName), |
| 319 std::string(), // password | 311 User::USER_TYPE_RETAIL_MODE, |
| 320 std::string()), // auth_code | 312 false, // unlock |
| 321 std::string(), // login_token | 313 false, // online_complete |
| 322 std::string(), // login_captcha | 314 false)); // user_is_new |
| 323 User::USER_TYPE_RETAIL_MODE, | |
| 324 false)); | |
| 325 remove_user_data_on_failure_ = false; | 315 remove_user_data_on_failure_ = false; |
| 326 ephemeral_mount_attempted_ = true; | 316 ephemeral_mount_attempted_ = true; |
| 327 MountGuest(current_state_.get(), | 317 MountGuest(current_state_.get(), |
| 328 scoped_refptr<ParallelAuthenticator>(this)); | 318 scoped_refptr<ParallelAuthenticator>(this)); |
| 329 } | 319 } |
| 330 | 320 |
| 331 void ParallelAuthenticator::LoginOffTheRecord() { | 321 void ParallelAuthenticator::LoginOffTheRecord() { |
| 332 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 322 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 333 current_state_.reset(new AuthAttemptState( | 323 current_state_.reset(new AuthAttemptState( |
| 334 UserContext(UserManager::kGuestUserName, // username | 324 UserContext(UserManager::kGuestUserName), |
| 335 std::string(), // password | |
| 336 std::string()), // auth_code | |
| 337 std::string(), // login_token | |
| 338 std::string(), // login_captcha | |
| 339 User::USER_TYPE_GUEST, | 325 User::USER_TYPE_GUEST, |
| 340 false)); | 326 false, // unlock |
| 327 false, // online_complete |
| 328 false)); // user_is_new |
| 341 remove_user_data_on_failure_ = false; | 329 remove_user_data_on_failure_ = false; |
| 342 ephemeral_mount_attempted_ = true; | 330 ephemeral_mount_attempted_ = true; |
| 343 MountGuest(current_state_.get(), | 331 MountGuest(current_state_.get(), |
| 344 scoped_refptr<ParallelAuthenticator>(this)); | 332 scoped_refptr<ParallelAuthenticator>(this)); |
| 345 } | 333 } |
| 346 | 334 |
| 347 void ParallelAuthenticator::LoginAsPublicAccount(const std::string& username) { | 335 void ParallelAuthenticator::LoginAsPublicAccount(const std::string& username) { |
| 348 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 336 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 349 current_state_.reset(new AuthAttemptState( | 337 current_state_.reset(new AuthAttemptState(UserContext(username), |
| 350 UserContext(username, | 338 User::USER_TYPE_PUBLIC_ACCOUNT, |
| 351 std::string(), // password | 339 false, // unlock |
| 352 std::string()), // auth_code | 340 false, // online_complete |
| 353 std::string(), // login_token | 341 false)); // user_is_new |
| 354 std::string(), // login_captcha | |
| 355 User::USER_TYPE_PUBLIC_ACCOUNT, | |
| 356 false)); | |
| 357 remove_user_data_on_failure_ = false; | 342 remove_user_data_on_failure_ = false; |
| 358 ephemeral_mount_attempted_ = true; | 343 ephemeral_mount_attempted_ = true; |
| 359 SystemSaltGetter::Get()->GetSystemSalt( | 344 SystemSaltGetter::Get()->GetSystemSalt( |
| 360 base::Bind(&Mount, | 345 base::Bind(&Mount, |
| 361 current_state_.get(), | 346 current_state_.get(), |
| 362 scoped_refptr<ParallelAuthenticator>(this), | 347 scoped_refptr<ParallelAuthenticator>(this), |
| 363 cryptohome::CREATE_IF_MISSING | cryptohome::ENSURE_EPHEMERAL)); | 348 cryptohome::CREATE_IF_MISSING | cryptohome::ENSURE_EPHEMERAL)); |
| 364 } | 349 } |
| 365 | 350 |
| 366 void ParallelAuthenticator::LoginAsKioskAccount( | 351 void ParallelAuthenticator::LoginAsKioskAccount( |
| 367 const std::string& app_user_id, | 352 const std::string& app_user_id, |
| 368 bool use_guest_mount) { | 353 bool use_guest_mount) { |
| 369 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 354 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 370 | 355 |
| 371 const std::string user_id = | 356 const std::string user_id = |
| 372 use_guest_mount ? UserManager::kGuestUserName : app_user_id; | 357 use_guest_mount ? UserManager::kGuestUserName : app_user_id; |
| 373 current_state_.reset(new AuthAttemptState( | 358 current_state_.reset(new AuthAttemptState(UserContext(user_id), |
| 374 UserContext(user_id, | 359 User::USER_TYPE_KIOSK_APP, |
| 375 std::string(), // password | 360 false, // unlock |
| 376 std::string()), // auth_code | 361 false, // online_complete |
| 377 std::string(), // login_token | 362 false)); // user_is_new |
| 378 std::string(), // login_captcha | |
| 379 User::USER_TYPE_KIOSK_APP, | |
| 380 false)); | |
| 381 | 363 |
| 382 remove_user_data_on_failure_ = true; | 364 remove_user_data_on_failure_ = true; |
| 383 if (!use_guest_mount) { | 365 if (!use_guest_mount) { |
| 384 MountPublic(current_state_.get(), | 366 MountPublic(current_state_.get(), |
| 385 scoped_refptr<ParallelAuthenticator>(this), | 367 scoped_refptr<ParallelAuthenticator>(this), |
| 386 cryptohome::CREATE_IF_MISSING); | 368 cryptohome::CREATE_IF_MISSING); |
| 387 } else { | 369 } else { |
| 388 ephemeral_mount_attempted_ = true; | 370 ephemeral_mount_attempted_ = true; |
| 389 MountGuestAndGetHash(current_state_.get(), | 371 MountGuestAndGetHash(current_state_.get(), |
| 390 scoped_refptr<ParallelAuthenticator>(this)); | 372 scoped_refptr<ParallelAuthenticator>(this)); |
| (...skipping 444 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 835 Resolve(); | 817 Resolve(); |
| 836 } | 818 } |
| 837 | 819 |
| 838 void ParallelAuthenticator::SetOwnerState(bool owner_check_finished, | 820 void ParallelAuthenticator::SetOwnerState(bool owner_check_finished, |
| 839 bool check_result) { | 821 bool check_result) { |
| 840 owner_is_verified_ = owner_check_finished; | 822 owner_is_verified_ = owner_check_finished; |
| 841 user_can_login_ = check_result; | 823 user_can_login_ = check_result; |
| 842 } | 824 } |
| 843 | 825 |
| 844 } // namespace chromeos | 826 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 290483003:
Tame the proliferation of UserContext constructors (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src