| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/bind.h" |
| 7 #include "chrome/browser/profiles/profile.h" | 8 #include "chrome/browser/profiles/profile.h" |
| 8 #include "chrome/browser/signin/force_signin_verifier.h" | 9 #include "chrome/browser/signin/force_signin_verifier.h" |
| 9 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" | 10 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
| 10 #include "chrome/browser/signin/signin_manager_factory.h" | 11 #include "chrome/browser/signin/signin_manager_factory.h" |
| 12 #include "chrome/browser/ui/forced_reauthentication_dialog_delegate.h" |
| 11 #include "components/signin/core/browser/signin_manager.h" | 13 #include "components/signin/core/browser/signin_manager.h" |
| 12 #include "google_apis/gaia/gaia_constants.h" | 14 #include "google_apis/gaia/gaia_constants.h" |
| 13 | 15 |
| 14 namespace { | 16 namespace { |
| 15 const net::BackoffEntry::Policy kBackoffPolicy = { | 17 const net::BackoffEntry::Policy kBackoffPolicy = { |
| 16 0, // Number of initial errors to ignore before applying | 18 0, // Number of initial errors to ignore before applying |
| 17 // exponential back-off rules. | 19 // exponential back-off rules. |
| 18 2000, // Initial delay in ms. | 20 2000, // Initial delay in ms. |
| 19 2, // Factor by which the waiting time will be multiplied. | 21 2, // Factor by which the waiting time will be multiplied. |
| 20 0.2, // Fuzzing percentage. | 22 0.2, // Fuzzing percentage. |
| 21 4 * 60 * 1000, // Maximum amount of time to delay th request in ms. | 23 4 * 60 * 1000, // Maximum amount of time to delay th request in ms. |
| 22 -1, // Never discard the entry. | 24 -1, // Never discard the entry. |
| 23 false // Do not always use initial delay. | 25 false // Do not always use initial delay. |
| 24 }; | 26 }; |
| 25 | 27 |
| 28 // The duration of window closing countdown when verification failed. Use the |
| 29 // short countdown if the verfication is finished in |
| 30 // |kShortCountdownVerificationTimeLimitInSeconds|, otherwise use the normal |
| 31 // countdown. |
| 32 const int kShortCountdownVerificationTimeLimitInSeconds = 3; |
| 33 const int kWindowClosingNormalCountdownDurationInSecond = 300; |
| 34 const int kWindowClosingShortCountdownDurationInSecond = 30; |
| 35 |
| 26 } // namespace | 36 } // namespace |
| 27 | 37 |
| 28 ForceSigninVerifier::ForceSigninVerifier(Profile* profile) | 38 ForceSigninVerifier::ForceSigninVerifier(Profile* profile) |
| 29 : OAuth2TokenService::Consumer("force_signin_verifier"), | 39 : OAuth2TokenService::Consumer("force_signin_verifier"), |
| 40 #if !defined(OS_MACOSX) |
| 41 profile_(profile), |
| 42 #endif |
| 30 has_token_verified_(false), | 43 has_token_verified_(false), |
| 31 backoff_entry_(&kBackoffPolicy), | 44 backoff_entry_(&kBackoffPolicy), |
| 32 oauth2_token_service_( | 45 oauth2_token_service_( |
| 33 ProfileOAuth2TokenServiceFactory::GetForProfile(profile)), | 46 ProfileOAuth2TokenServiceFactory::GetForProfile(profile)), |
| 34 signin_manager_(SigninManagerFactory::GetForProfile(profile)), | 47 signin_manager_(SigninManagerFactory::GetForProfile(profile)), |
| 35 token_request_time_(base::Time::Now()) { | 48 token_request_time_(base::Time::Now()) { |
| 36 net::NetworkChangeNotifier::AddNetworkChangeObserver(this); | 49 net::NetworkChangeNotifier::AddNetworkChangeObserver(this); |
| 37 SendRequest(); | 50 SendRequest(); |
| 38 } | 51 } |
| 39 | 52 |
| 40 ForceSigninVerifier::~ForceSigninVerifier() { | 53 ForceSigninVerifier::~ForceSigninVerifier() { |
| 41 Cancel(); | 54 Cancel(); |
| 55 #if !defined(OS_MACOSX) |
| 56 dialog_delegate_.CloseDialog(); |
| 57 #endif |
| 42 } | 58 } |
| 43 | 59 |
| 44 void ForceSigninVerifier::OnGetTokenSuccess( | 60 void ForceSigninVerifier::OnGetTokenSuccess( |
| 45 const OAuth2TokenService::Request* request, | 61 const OAuth2TokenService::Request* request, |
| 46 const std::string& access_token, | 62 const std::string& access_token, |
| 47 const base::Time& expiration_time) { | 63 const base::Time& expiration_time) { |
| 48 has_token_verified_ = true; | 64 has_token_verified_ = true; |
| 49 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); | 65 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); |
| 50 Cancel(); | 66 Cancel(); |
| 51 } | 67 } |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 83 backoff_entry_.Reset(); | 99 backoff_entry_.Reset(); |
| 84 backoff_request_timer_.Stop(); | 100 backoff_request_timer_.Stop(); |
| 85 access_token_request_.reset(); | 101 access_token_request_.reset(); |
| 86 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); | 102 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); |
| 87 } | 103 } |
| 88 | 104 |
| 89 bool ForceSigninVerifier::HasTokenBeenVerified() { | 105 bool ForceSigninVerifier::HasTokenBeenVerified() { |
| 90 return has_token_verified_; | 106 return has_token_verified_; |
| 91 } | 107 } |
| 92 | 108 |
| 109 void ForceSigninVerifier::AbortSignoutCountdownIfExisted() { |
| 110 window_close_timer_.Stop(); |
| 111 } |
| 112 |
| 93 void ForceSigninVerifier::SendRequest() { | 113 void ForceSigninVerifier::SendRequest() { |
| 94 if (!ShouldSendRequest()) | 114 if (!ShouldSendRequest()) |
| 95 return; | 115 return; |
| 96 | 116 |
| 97 std::string account_id = signin_manager_->GetAuthenticatedAccountId(); | 117 std::string account_id = signin_manager_->GetAuthenticatedAccountId(); |
| 98 OAuth2TokenService::ScopeSet oauth2_scopes; | 118 OAuth2TokenService::ScopeSet oauth2_scopes; |
| 99 oauth2_scopes.insert(GaiaConstants::kChromeSyncOAuth2Scope); | 119 oauth2_scopes.insert(GaiaConstants::kChromeSyncOAuth2Scope); |
| 100 access_token_request_ = | 120 access_token_request_ = |
| 101 oauth2_token_service_->StartRequest(account_id, oauth2_scopes, this); | 121 oauth2_token_service_->StartRequest(account_id, oauth2_scopes, this); |
| 102 } | 122 } |
| 103 | 123 |
| 104 bool ForceSigninVerifier::ShouldSendRequest() { | 124 bool ForceSigninVerifier::ShouldSendRequest() { |
| 105 return !has_token_verified_ && access_token_request_.get() == nullptr && | 125 return !has_token_verified_ && access_token_request_.get() == nullptr && |
| 106 !net::NetworkChangeNotifier::IsOffline() && | 126 !net::NetworkChangeNotifier::IsOffline() && |
| 107 signin_manager_->IsAuthenticated(); | 127 signin_manager_->IsAuthenticated(); |
| 108 } | 128 } |
| 109 | 129 |
| 130 base::TimeDelta ForceSigninVerifier::StartCountdown() { |
| 131 base::TimeDelta countdown_duration; |
| 132 if (base::Time::Now() - token_request_time_ > |
| 133 base::TimeDelta::FromSeconds( |
| 134 kShortCountdownVerificationTimeLimitInSeconds)) { |
| 135 countdown_duration = base::TimeDelta::FromSeconds( |
| 136 kWindowClosingNormalCountdownDurationInSecond); |
| 137 } else { |
| 138 countdown_duration = base::TimeDelta::FromSeconds( |
| 139 kWindowClosingShortCountdownDurationInSecond); |
| 140 } |
| 141 |
| 142 window_close_timer_.Start(FROM_HERE, countdown_duration, this, |
| 143 &ForceSigninVerifier::CloseAllBrowserWindows); |
| 144 return countdown_duration; |
| 145 } |
| 146 |
| 110 void ForceSigninVerifier::ShowDialog() { | 147 void ForceSigninVerifier::ShowDialog() { |
| 111 // TODO(zmin): Show app modal dialog. | 148 #if !defined(OS_MACOSX) |
| 149 base::TimeDelta countdown_duration = StartCountdown(); |
| 150 dialog_delegate_.ShowDialog(profile_, signin_manager_, countdown_duration); |
| 151 #endif |
| 152 } |
| 153 |
| 154 void ForceSigninVerifier::CloseAllBrowserWindows() { |
| 155 // Do not close window if there is ongoing reauth. If it fails later, the |
| 156 // signin process should take care of the signout. |
| 157 if (signin_manager_->AuthInProgress()) |
| 158 return; |
| 159 signin_manager_->SignOut( |
| 160 signin_metrics::AUTHENTICATION_FAILED_WITH_FORCE_SIGNIN, |
| 161 signin_metrics::SignoutDelete::IGNORE_METRIC); |
| 112 } | 162 } |
| 113 | 163 |
| 114 OAuth2TokenService::Request* ForceSigninVerifier::GetRequestForTesting() { | 164 OAuth2TokenService::Request* ForceSigninVerifier::GetRequestForTesting() { |
| 115 return access_token_request_.get(); | 165 return access_token_request_.get(); |
| 116 } | 166 } |
| 117 | 167 |
| 118 net::BackoffEntry* ForceSigninVerifier::GetBackoffEntryForTesting() { | 168 net::BackoffEntry* ForceSigninVerifier::GetBackoffEntryForTesting() { |
| 119 return &backoff_entry_; | 169 return &backoff_entry_; |
| 120 } | 170 } |
| 121 | 171 |
| 122 base::OneShotTimer* ForceSigninVerifier::GetOneShotTimerForTesting() { | 172 base::OneShotTimer* ForceSigninVerifier::GetOneShotTimerForTesting() { |
| 123 return &backoff_request_timer_; | 173 return &backoff_request_timer_; |
| 124 } | 174 } |
| 175 |
| 176 base::OneShotTimer* ForceSigninVerifier::GetWindowCloseTimerForTesting() { |
| 177 return &window_close_timer_; |
| 178 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2944713003:
After signin token check failed, show force reauth dialog and start window closing countdown. (Closed)
