OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 | 6 |
| 7 #include "base/bind.h" |
7 #include "chrome/browser/profiles/profile.h" | 8 #include "chrome/browser/profiles/profile.h" |
8 #include "chrome/browser/signin/force_signin_verifier.h" | 9 #include "chrome/browser/signin/force_signin_verifier.h" |
9 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" | 10 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
10 #include "chrome/browser/signin/signin_manager_factory.h" | 11 #include "chrome/browser/signin/signin_manager_factory.h" |
| 12 #include "chrome/browser/ui/browser_dialogs.h" |
11 #include "components/signin/core/browser/signin_manager.h" | 13 #include "components/signin/core/browser/signin_manager.h" |
12 #include "google_apis/gaia/gaia_constants.h" | 14 #include "google_apis/gaia/gaia_constants.h" |
13 | 15 |
14 namespace { | 16 namespace { |
15 const net::BackoffEntry::Policy kBackoffPolicy = { | 17 const net::BackoffEntry::Policy kBackoffPolicy = { |
16 0, // Number of initial errors to ignore before applying | 18 0, // Number of initial errors to ignore before applying |
17 // exponential back-off rules. | 19 // exponential back-off rules. |
18 2000, // Initial delay in ms. | 20 2000, // Initial delay in ms. |
19 2, // Factor by which the waiting time will be multiplied. | 21 2, // Factor by which the waiting time will be multiplied. |
20 0.2, // Fuzzing percentage. | 22 0.2, // Fuzzing percentage. |
21 4 * 60 * 1000, // Maximum amount of time to delay th request in ms. | 23 4 * 60 * 1000, // Maximum amount of time to delay th request in ms. |
22 -1, // Never discard the entry. | 24 -1, // Never discard the entry. |
23 false // Do not always use initial delay. | 25 false // Do not always use initial delay. |
24 }; | 26 }; |
25 | 27 |
| 28 // The duration of window closing countdown when verification failed. Use the |
| 29 // short countdown if the verfication is finished in |
| 30 // |kShortCountdownVerificationTimeLimitInSeconds|, otherwise use the normal |
| 31 // countdown. |
| 32 const int kShortCountdownVerificationTimeLimitInSeconds = 3; |
| 33 const int kWindowClosingNormalCountdownDurationInSecond = 300; |
| 34 const int kWindowClosingShortCountdownDurationInSecond = 30; |
| 35 |
26 } // namespace | 36 } // namespace |
27 | 37 |
28 ForceSigninVerifier::ForceSigninVerifier(Profile* profile) | 38 ForceSigninVerifier::ForceSigninVerifier(Profile* profile) |
29 : OAuth2TokenService::Consumer("force_signin_verifier"), | 39 : OAuth2TokenService::Consumer("force_signin_verifier"), |
| 40 #if !defined(OS_MACOSX) |
| 41 profile_(profile), |
| 42 #endif |
30 has_token_verified_(false), | 43 has_token_verified_(false), |
31 backoff_entry_(&kBackoffPolicy), | 44 backoff_entry_(&kBackoffPolicy), |
32 oauth2_token_service_( | 45 oauth2_token_service_( |
33 ProfileOAuth2TokenServiceFactory::GetForProfile(profile)), | 46 ProfileOAuth2TokenServiceFactory::GetForProfile(profile)), |
34 signin_manager_(SigninManagerFactory::GetForProfile(profile)), | 47 signin_manager_(SigninManagerFactory::GetForProfile(profile)), |
35 token_request_time_(base::Time::Now()) { | 48 token_request_time_(base::Time::Now()) { |
36 net::NetworkChangeNotifier::AddNetworkChangeObserver(this); | 49 net::NetworkChangeNotifier::AddNetworkChangeObserver(this); |
37 SendRequest(); | 50 SendRequest(); |
38 } | 51 } |
39 | 52 |
40 ForceSigninVerifier::~ForceSigninVerifier() { | 53 ForceSigninVerifier::~ForceSigninVerifier() { |
41 Cancel(); | 54 Cancel(); |
| 55 #if !defined(OS_MACOSX) |
| 56 chrome::HideForcedReauthenticationDialog(profile_); |
| 57 #endif |
42 } | 58 } |
43 | 59 |
44 void ForceSigninVerifier::OnGetTokenSuccess( | 60 void ForceSigninVerifier::OnGetTokenSuccess( |
45 const OAuth2TokenService::Request* request, | 61 const OAuth2TokenService::Request* request, |
46 const std::string& access_token, | 62 const std::string& access_token, |
47 const base::Time& expiration_time) { | 63 const base::Time& expiration_time) { |
48 has_token_verified_ = true; | 64 has_token_verified_ = true; |
49 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); | 65 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); |
50 Cancel(); | 66 Cancel(); |
51 } | 67 } |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
83 backoff_entry_.Reset(); | 99 backoff_entry_.Reset(); |
84 backoff_request_timer_.Stop(); | 100 backoff_request_timer_.Stop(); |
85 access_token_request_.reset(); | 101 access_token_request_.reset(); |
86 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); | 102 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); |
87 } | 103 } |
88 | 104 |
89 bool ForceSigninVerifier::HasTokenBeenVerified() { | 105 bool ForceSigninVerifier::HasTokenBeenVerified() { |
90 return has_token_verified_; | 106 return has_token_verified_; |
91 } | 107 } |
92 | 108 |
| 109 void ForceSigninVerifier::AbortSignoutCountdownIfExisted() { |
| 110 window_close_timer_.Stop(); |
| 111 } |
| 112 |
93 void ForceSigninVerifier::SendRequest() { | 113 void ForceSigninVerifier::SendRequest() { |
94 if (!ShouldSendRequest()) | 114 if (!ShouldSendRequest()) |
95 return; | 115 return; |
96 | 116 |
97 std::string account_id = signin_manager_->GetAuthenticatedAccountId(); | 117 std::string account_id = signin_manager_->GetAuthenticatedAccountId(); |
98 OAuth2TokenService::ScopeSet oauth2_scopes; | 118 OAuth2TokenService::ScopeSet oauth2_scopes; |
99 oauth2_scopes.insert(GaiaConstants::kChromeSyncOAuth2Scope); | 119 oauth2_scopes.insert(GaiaConstants::kChromeSyncOAuth2Scope); |
100 access_token_request_ = | 120 access_token_request_ = |
101 oauth2_token_service_->StartRequest(account_id, oauth2_scopes, this); | 121 oauth2_token_service_->StartRequest(account_id, oauth2_scopes, this); |
102 } | 122 } |
103 | 123 |
104 bool ForceSigninVerifier::ShouldSendRequest() { | 124 bool ForceSigninVerifier::ShouldSendRequest() { |
105 return !has_token_verified_ && access_token_request_.get() == nullptr && | 125 return !has_token_verified_ && access_token_request_.get() == nullptr && |
106 !net::NetworkChangeNotifier::IsOffline() && | 126 !net::NetworkChangeNotifier::IsOffline() && |
107 signin_manager_->IsAuthenticated(); | 127 signin_manager_->IsAuthenticated(); |
108 } | 128 } |
109 | 129 |
| 130 base::TimeDelta ForceSigninVerifier::StartCountdown() { |
| 131 base::TimeDelta countdown_duration; |
| 132 if (base::Time::Now() - token_request_time_ > |
| 133 base::TimeDelta::FromSeconds( |
| 134 kShortCountdownVerificationTimeLimitInSeconds)) { |
| 135 countdown_duration = base::TimeDelta::FromSeconds( |
| 136 kWindowClosingNormalCountdownDurationInSecond); |
| 137 } else { |
| 138 countdown_duration = base::TimeDelta::FromSeconds( |
| 139 kWindowClosingShortCountdownDurationInSecond); |
| 140 } |
| 141 |
| 142 window_close_timer_.Start(FROM_HERE, countdown_duration, this, |
| 143 &ForceSigninVerifier::CloseAllBrowserWindows); |
| 144 return countdown_duration; |
| 145 } |
| 146 |
110 void ForceSigninVerifier::ShowDialog() { | 147 void ForceSigninVerifier::ShowDialog() { |
111 // TODO(zmin): Show app modal dialog. | 148 #if !defined(OS_MACOSX) |
| 149 base::TimeDelta countdown_duration = StartCountdown(); |
| 150 chrome::ShowForcedReauthenticationDialog(profile_, signin_manager_, |
| 151 countdown_duration); |
| 152 #endif |
| 153 } |
| 154 |
| 155 void ForceSigninVerifier::CloseAllBrowserWindows() { |
| 156 // Do not close window if there is ongoing reauth. If it fails later, the |
| 157 // signin process should take care of the signout. |
| 158 if (signin_manager_->AuthInProgress()) |
| 159 return; |
| 160 signin_manager_->SignOut( |
| 161 signin_metrics::AUTHENTICATION_FAILED_WITH_FORCE_SIGNIN, |
| 162 signin_metrics::SignoutDelete::IGNORE_METRIC); |
112 } | 163 } |
113 | 164 |
114 OAuth2TokenService::Request* ForceSigninVerifier::GetRequestForTesting() { | 165 OAuth2TokenService::Request* ForceSigninVerifier::GetRequestForTesting() { |
115 return access_token_request_.get(); | 166 return access_token_request_.get(); |
116 } | 167 } |
117 | 168 |
118 net::BackoffEntry* ForceSigninVerifier::GetBackoffEntryForTesting() { | 169 net::BackoffEntry* ForceSigninVerifier::GetBackoffEntryForTesting() { |
119 return &backoff_entry_; | 170 return &backoff_entry_; |
120 } | 171 } |
121 | 172 |
122 base::OneShotTimer* ForceSigninVerifier::GetOneShotTimerForTesting() { | 173 base::OneShotTimer* ForceSigninVerifier::GetOneShotTimerForTesting() { |
123 return &backoff_request_timer_; | 174 return &backoff_request_timer_; |
124 } | 175 } |
| 176 |
| 177 base::OneShotTimer* ForceSigninVerifier::GetWindowCloseTimerForTesting() { |
| 178 return &window_close_timer_; |
| 179 } |
OLD | NEW |