| OLD | NEW |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/chromeos/login/signin_screen_handler.h" | 5 #include "chrome/browser/ui/webui/chromeos/login/signin_screen_handler.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 | 75 |
| 76 #if defined(USE_AURA) | 76 #if defined(USE_AURA) |
| 77 #include "ash/shell.h" | 77 #include "ash/shell.h" |
| 78 #include "ash/wm/lock_state_controller.h" | 78 #include "ash/wm/lock_state_controller.h" |
| 79 #endif | 79 #endif |
| 80 | 80 |
| 81 using content::BrowserThread; | 81 using content::BrowserThread; |
| 82 | 82 |
| 83 namespace { | 83 namespace { |
| 84 | 84 |
| 85 // User dictionary keys. | |
| 86 const char kKeyUsername[] = "username"; | |
| 87 const char kKeyDisplayName[] = "displayName"; | |
| 88 const char kKeyEmailAddress[] = "emailAddress"; | |
| 89 const char kKeyEnterpriseDomain[] = "enterpriseDomain"; | |
| 90 const char kKeyPublicAccount[] = "publicAccount"; | |
| 91 const char kKeyLocallyManagedUser[] = "locallyManagedUser"; | |
| 92 const char kKeySignedIn[] = "signedIn"; | |
| 93 const char kKeyCanRemove[] = "canRemove"; | |
| 94 const char kKeyIsOwner[] = "isOwner"; | |
| 95 const char kKeyInitialAuthType[] = "initialAuthType"; | |
| 96 const char kKeyMultiProfilesAllowed[] = "isMultiProfilesAllowed"; | |
| 97 const char kKeyMultiProfilesPolicy[] = "multiProfilesPolicy"; | |
| 98 | |
| 99 // Max number of users to show. | 85 // Max number of users to show. |
| 100 const size_t kMaxUsers = 18; | 86 const size_t kMaxUsers = 18; |
| 101 | 87 |
| 102 // Timeout to delay first notification about offline state for a | 88 // Timeout to delay first notification about offline state for a |
| 103 // current network. | 89 // current network. |
| 104 const int kOfflineTimeoutSec = 5; | 90 const int kOfflineTimeoutSec = 5; |
| 105 | 91 |
| 106 // Timeout used to prevent infinite connecting to a flaky network. | 92 // Timeout used to prevent infinite connecting to a flaky network. |
| 107 const int kConnectingTimeoutSec = 60; | 93 const int kConnectingTimeoutSec = 60; |
| 108 | 94 |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 227 } | 213 } |
| 228 manager->ChangeInputMethod(input_method); | 214 manager->ChangeInputMethod(input_method); |
| 229 | 215 |
| 230 return true; | 216 return true; |
| 231 } | 217 } |
| 232 | 218 |
| 233 void RecordSAMLScrapingVerificationResultInHistogram(bool success) { | 219 void RecordSAMLScrapingVerificationResultInHistogram(bool success) { |
| 234 UMA_HISTOGRAM_BOOLEAN("ChromeOS.SAML.Scraping.VerificationResult", success); | 220 UMA_HISTOGRAM_BOOLEAN("ChromeOS.SAML.Scraping.VerificationResult", success); |
| 235 } | 221 } |
| 236 | 222 |
| 237 bool ShouldForceOnlineSignIn(const User* user) { | |
| 238 // Public sessions are always allowed to log in offline. | |
| 239 // Supervised user are allowed to log in offline if their OAuth token status | |
| 240 // is unknown or valid. | |
| 241 // For all other users, force online sign in if: | |
| 242 // * The flag to force online sign-in is set for the user. | |
| 243 // * The user's OAuth token is invalid. | |
| 244 // * The user's OAuth token status is unknown (except supervised users, | |
| 245 // see above). | |
| 246 if (user->is_logged_in()) | |
| 247 return false; | |
| 248 | |
| 249 const User::OAuthTokenStatus token_status = user->oauth_token_status(); | |
| 250 const bool is_locally_managed_user = | |
| 251 user->GetType() == User::USER_TYPE_LOCALLY_MANAGED; | |
| 252 const bool is_public_session = | |
| 253 user->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT; | |
| 254 | |
| 255 if (is_locally_managed_user && | |
| 256 token_status == User::OAUTH_TOKEN_STATUS_UNKNOWN) { | |
| 257 return false; | |
| 258 } | |
| 259 | |
| 260 if (is_public_session) | |
| 261 return false; | |
| 262 | |
| 263 return user->force_online_signin() || | |
| 264 (token_status == User::OAUTH2_TOKEN_STATUS_INVALID) || | |
| 265 (token_status == User::OAUTH_TOKEN_STATUS_UNKNOWN); | |
| 266 } | |
| 267 | |
| 268 } // namespace | 223 } // namespace |
| 269 | 224 |
| 270 // LoginScreenContext implementation ------------------------------------------ | 225 // LoginScreenContext implementation ------------------------------------------ |
| 271 | 226 |
| 272 LoginScreenContext::LoginScreenContext() { | 227 LoginScreenContext::LoginScreenContext() { |
| 273 Init(); | 228 Init(); |
| 274 } | 229 } |
| 275 | 230 |
| 276 LoginScreenContext::LoginScreenContext(const base::ListValue* args) { | 231 LoginScreenContext::LoginScreenContext(const base::ListValue* args) { |
| 277 Init(); | 232 Init(); |
| (...skipping 239 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 517 show_on_init_ = true; | 472 show_on_init_ = true; |
| 518 return; | 473 return; |
| 519 } | 474 } |
| 520 | 475 |
| 521 if (oobe_ui_) { | 476 if (oobe_ui_) { |
| 522 // Shows new user sign-in for OOBE. | 477 // Shows new user sign-in for OOBE. |
| 523 OnShowAddUser(email_); | 478 OnShowAddUser(email_); |
| 524 } else { | 479 } else { |
| 525 // Populates account picker. Animation is turned off for now until we | 480 // Populates account picker. Animation is turned off for now until we |
| 526 // figure out how to make it fast enough. | 481 // figure out how to make it fast enough. |
| 527 SendUserList(false); | 482 delegate_->HandleGetUsers(); |
| 528 | 483 |
| 529 // Reset Caps Lock state when login screen is shown. | 484 // Reset Caps Lock state when login screen is shown. |
| 530 input_method::InputMethodManager::Get() | 485 input_method::InputMethodManager::Get() |
| 531 ->GetImeKeyboard() | 486 ->GetImeKeyboard() |
| 532 ->SetCapsLockEnabled(false); | 487 ->SetCapsLockEnabled(false); |
| 533 | 488 |
| 534 base::DictionaryValue params; | 489 base::DictionaryValue params; |
| 535 params.SetBoolean("disableAddUser", AllWhitelistedUsersPresent()); | 490 params.SetBoolean("disableAddUser", AllWhitelistedUsersPresent()); |
| 536 UpdateUIState(UI_STATE_ACCOUNT_PICKER, ¶ms); | 491 UpdateUIState(UI_STATE_ACCOUNT_PICKER, ¶ms); |
| 537 } | 492 } |
| (...skipping 282 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 820 // This message is sent by the kiosk app menu, but is handled here | 775 // This message is sent by the kiosk app menu, but is handled here |
| 821 // so we can tell the delegate to launch the app. | 776 // so we can tell the delegate to launch the app. |
| 822 AddCallback("launchKioskApp", &SigninScreenHandler::HandleLaunchKioskApp); | 777 AddCallback("launchKioskApp", &SigninScreenHandler::HandleLaunchKioskApp); |
| 823 } | 778 } |
| 824 | 779 |
| 825 void SigninScreenHandler::RegisterPrefs(PrefRegistrySimple* registry) { | 780 void SigninScreenHandler::RegisterPrefs(PrefRegistrySimple* registry) { |
| 826 registry->RegisterDictionaryPref(prefs::kUsersLRUInputMethod); | 781 registry->RegisterDictionaryPref(prefs::kUsersLRUInputMethod); |
| 827 } | 782 } |
| 828 | 783 |
| 829 void SigninScreenHandler::HandleGetUsers() { | 784 void SigninScreenHandler::HandleGetUsers() { |
| 830 SendUserList(false); | 785 if (delegate_) |
| 786 delegate_->HandleGetUsers(); |
| 831 } | 787 } |
| 832 | 788 |
| 833 void SigninScreenHandler::ClearAndEnablePassword() { | 789 void SigninScreenHandler::ClearAndEnablePassword() { |
| 834 core_oobe_actor_->ResetSignInUI(false); | 790 core_oobe_actor_->ResetSignInUI(false); |
| 835 } | 791 } |
| 836 | 792 |
| 837 void SigninScreenHandler::ClearUserPodPassword() { | 793 void SigninScreenHandler::ClearUserPodPassword() { |
| 838 core_oobe_actor_->ClearUserPodPassword(); | 794 core_oobe_actor_->ClearUserPodPassword(); |
| 839 } | 795 } |
| 840 | 796 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 858 // preferences update would be picked up next time it will be shown. | 814 // preferences update would be picked up next time it will be shown. |
| 859 if (!webui_visible_) { | 815 if (!webui_visible_) { |
| 860 LOG(WARNING) << "Login UI is not active - postponed prefs change."; | 816 LOG(WARNING) << "Login UI is not active - postponed prefs change."; |
| 861 preferences_changed_delayed_ = true; | 817 preferences_changed_delayed_ = true; |
| 862 return; | 818 return; |
| 863 } | 819 } |
| 864 | 820 |
| 865 if (delegate_ && !delegate_->IsShowUsers()) { | 821 if (delegate_ && !delegate_->IsShowUsers()) { |
| 866 HandleShowAddUser(NULL); | 822 HandleShowAddUser(NULL); |
| 867 } else { | 823 } else { |
| 868 SendUserList(false); | 824 if (delegate_) |
| 825 delegate_->HandleGetUsers(); |
| 869 UpdateUIState(UI_STATE_ACCOUNT_PICKER, NULL); | 826 UpdateUIState(UI_STATE_ACCOUNT_PICKER, NULL); |
| 870 } | 827 } |
| 871 preferences_changed_delayed_ = false; | 828 preferences_changed_delayed_ = false; |
| 872 } | 829 } |
| 873 | 830 |
| 874 void SigninScreenHandler::ResetSigninScreenHandlerDelegate() { | 831 void SigninScreenHandler::ResetSigninScreenHandlerDelegate() { |
| 875 SetDelegate(NULL); | 832 SetDelegate(NULL); |
| 876 } | 833 } |
| 877 | 834 |
| 878 void SigninScreenHandler::ShowError(int login_attempts, | 835 void SigninScreenHandler::ShowError(int login_attempts, |
| (...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1000 | 957 |
| 1001 void SigninScreenHandler::EnableInput() { | 958 void SigninScreenHandler::EnableInput() { |
| 1002 // Only for lock screen at the moment. | 959 // Only for lock screen at the moment. |
| 1003 ScreenLocker::default_screen_locker()->EnableInput(); | 960 ScreenLocker::default_screen_locker()->EnableInput(); |
| 1004 } | 961 } |
| 1005 | 962 |
| 1006 void SigninScreenHandler::SetAuthType( | 963 void SigninScreenHandler::SetAuthType( |
| 1007 const std::string& username, | 964 const std::string& username, |
| 1008 ScreenlockBridge::LockHandler::AuthType auth_type, | 965 ScreenlockBridge::LockHandler::AuthType auth_type, |
| 1009 const std::string& initial_value) { | 966 const std::string& initial_value) { |
| 1010 user_auth_type_map_[username] = auth_type; | 967 delegate_->SetAuthType(username, auth_type); |
| 968 |
| 1011 CallJS("login.AccountPickerScreen.setAuthType", | 969 CallJS("login.AccountPickerScreen.setAuthType", |
| 1012 username, | 970 username, |
| 1013 static_cast<int>(auth_type), | 971 static_cast<int>(auth_type), |
| 1014 base::StringValue(initial_value)); | 972 base::StringValue(initial_value)); |
| 1015 } | 973 } |
| 1016 | 974 |
| 1017 ScreenlockBridge::LockHandler::AuthType SigninScreenHandler::GetAuthType( | 975 ScreenlockBridge::LockHandler::AuthType SigninScreenHandler::GetAuthType( |
| 1018 const std::string& username) const { | 976 const std::string& username) const { |
| 1019 if (user_auth_type_map_.find(username) == user_auth_type_map_.end()) | 977 return delegate_->GetAuthType(username); |
| 1020 return OFFLINE_PASSWORD; | |
| 1021 return user_auth_type_map_.find(username)->second; | |
| 1022 } | 978 } |
| 1023 | 979 |
| 1024 void SigninScreenHandler::Unlock(const std::string& user_email) { | 980 void SigninScreenHandler::Unlock(const std::string& user_email) { |
| 1025 DCHECK(ScreenLocker::default_screen_locker()); | 981 DCHECK(ScreenLocker::default_screen_locker()); |
| 1026 ScreenLocker::Hide(); | 982 ScreenLocker::Hide(); |
| 1027 } | 983 } |
| 1028 | 984 |
| 1029 void SigninScreenHandler::OnDnsCleared() { | 985 void SigninScreenHandler::OnDnsCleared() { |
| 1030 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 986 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 1031 dns_clear_task_running_ = false; | 987 dns_clear_task_running_ = false; |
| (...skipping 285 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1317 } | 1273 } |
| 1318 } | 1274 } |
| 1319 | 1275 |
| 1320 void SigninScreenHandler::HandleToggleKioskAutolaunchScreen() { | 1276 void SigninScreenHandler::HandleToggleKioskAutolaunchScreen() { |
| 1321 policy::BrowserPolicyConnectorChromeOS* connector = | 1277 policy::BrowserPolicyConnectorChromeOS* connector = |
| 1322 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | 1278 g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
| 1323 if (delegate_ && !connector->IsEnterpriseManaged()) | 1279 if (delegate_ && !connector->IsEnterpriseManaged()) |
| 1324 delegate_->ShowKioskAutolaunchScreen(); | 1280 delegate_->ShowKioskAutolaunchScreen(); |
| 1325 } | 1281 } |
| 1326 | 1282 |
| 1327 void SigninScreenHandler::FillUserDictionary( | 1283 void SigninScreenHandler::LoadUsers(const base::ListValue& users_list, |
| 1328 User* user, | 1284 bool animated, |
| 1329 bool is_owner, | 1285 bool showGuest) { |
| 1330 bool is_signin_to_add, | 1286 CallJS("login.AccountPickerScreen.loadUsers", |
| 1331 ScreenlockBridge::LockHandler::AuthType auth_type, | 1287 users_list, |
| 1332 base::DictionaryValue* user_dict) { | 1288 animated, |
| 1333 const std::string& email = user->email(); | |
| 1334 const bool is_public_account = | |
| 1335 user->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT; | |
| 1336 const bool is_locally_managed_user = | |
| 1337 user->GetType() == User::USER_TYPE_LOCALLY_MANAGED; | |
| 1338 | |
| 1339 user_dict->SetString(kKeyUsername, email); | |
| 1340 user_dict->SetString(kKeyEmailAddress, user->display_email()); | |
| 1341 user_dict->SetString(kKeyDisplayName, user->GetDisplayName()); | |
| 1342 user_dict->SetBoolean(kKeyPublicAccount, is_public_account); | |
| 1343 user_dict->SetBoolean(kKeyLocallyManagedUser, is_locally_managed_user); | |
| 1344 user_dict->SetInteger(kKeyInitialAuthType, auth_type); | |
| 1345 user_dict->SetBoolean(kKeySignedIn, user->is_logged_in()); | |
| 1346 user_dict->SetBoolean(kKeyIsOwner, is_owner); | |
| 1347 | |
| 1348 // Fill in multi-profiles related fields. | |
| 1349 if (is_signin_to_add) { | |
| 1350 MultiProfileUserController* multi_profile_user_controller = | |
| 1351 UserManager::Get()->GetMultiProfileUserController(); | |
| 1352 std::string behavior = multi_profile_user_controller-> | |
| 1353 GetCachedValue(user->email()); | |
| 1354 user_dict->SetBoolean(kKeyMultiProfilesAllowed, | |
| 1355 multi_profile_user_controller->IsUserAllowedInSession(email) == | |
| 1356 MultiProfileUserController::ALLOWED); | |
| 1357 user_dict->SetString(kKeyMultiProfilesPolicy, behavior); | |
| 1358 } else { | |
| 1359 user_dict->SetBoolean(kKeyMultiProfilesAllowed, true); | |
| 1360 } | |
| 1361 | |
| 1362 if (is_public_account) { | |
| 1363 policy::BrowserPolicyConnectorChromeOS* policy_connector = | |
| 1364 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | |
| 1365 | |
| 1366 if (policy_connector->IsEnterpriseManaged()) { | |
| 1367 user_dict->SetString(kKeyEnterpriseDomain, | |
| 1368 policy_connector->GetEnterpriseDomain()); | |
| 1369 } | |
| 1370 } | |
| 1371 } | |
| 1372 | |
| 1373 void SigninScreenHandler::SendUserList(bool animated) { | |
| 1374 if (!delegate_) | |
| 1375 return; | |
| 1376 TRACE_EVENT_ASYNC_STEP_INTO0("ui", | |
| 1377 "ShowLoginWebUI", | |
| 1378 LoginDisplayHostImpl::kShowLoginWebUIid, | |
| 1379 "SendUserList"); | |
| 1380 BootTimesLoader::Get()->RecordCurrentStats("login-send-user-list"); | |
| 1381 | |
| 1382 base::ListValue users_list; | |
| 1383 const UserList& users = delegate_->GetUsers(); | |
| 1384 | |
| 1385 // TODO(nkostylev): Move to a separate method in UserManager. | |
| 1386 // http://crbug.com/230852 | |
| 1387 bool is_signin_to_add = LoginDisplayHostImpl::default_host() && | |
| 1388 UserManager::Get()->IsUserLoggedIn(); | |
| 1389 | |
| 1390 user_auth_type_map_.clear(); | |
| 1391 | |
| 1392 bool single_user = users.size() == 1; | |
| 1393 std::string owner; | |
| 1394 chromeos::CrosSettings::Get()->GetString(chromeos::kDeviceOwner, &owner); | |
| 1395 bool has_owner = owner.size() > 0; | |
| 1396 size_t max_non_owner_users = has_owner ? kMaxUsers - 1 : kMaxUsers; | |
| 1397 size_t non_owner_count = 0; | |
| 1398 policy::BrowserPolicyConnectorChromeOS* connector = | |
| 1399 g_browser_process->platform_part()-> | |
| 1400 browser_policy_connector_chromeos(); | |
| 1401 bool is_enterprise_managed = connector->IsEnterpriseManaged(); | |
| 1402 | |
| 1403 | |
| 1404 for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) { | |
| 1405 const std::string& email = (*it)->email(); | |
| 1406 bool is_owner = (email == owner); | |
| 1407 bool is_public_account = | |
| 1408 ((*it)->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT); | |
| 1409 | |
| 1410 if ((is_public_account && !is_signin_to_add) || | |
| 1411 is_owner || | |
| 1412 (!is_public_account && non_owner_count < max_non_owner_users)) { | |
| 1413 AuthType initial_auth_type = | |
| 1414 ShouldForceOnlineSignIn(*it) ? ONLINE_SIGN_IN : OFFLINE_PASSWORD; | |
| 1415 user_auth_type_map_[email] = initial_auth_type; | |
| 1416 | |
| 1417 base::DictionaryValue* user_dict = new base::DictionaryValue(); | |
| 1418 FillUserDictionary( | |
| 1419 *it, is_owner, is_signin_to_add, initial_auth_type, user_dict); | |
| 1420 bool signed_in = (*it)->is_logged_in(); | |
| 1421 // Single user check here is necessary because owner info might not be | |
| 1422 // available when running into login screen on first boot. | |
| 1423 // See http://crosbug.com/12723 | |
| 1424 bool can_remove_user = ((!single_user || is_enterprise_managed) && | |
| 1425 !email.empty() && !is_owner && !is_public_account && | |
| 1426 !signed_in && !is_signin_to_add); | |
| 1427 user_dict->SetBoolean(kKeyCanRemove, can_remove_user); | |
| 1428 | |
| 1429 if (!is_owner) | |
| 1430 ++non_owner_count; | |
| 1431 if (is_owner && users_list.GetSize() > kMaxUsers) { | |
| 1432 // Owner is always in the list. | |
| 1433 users_list.Insert(kMaxUsers - 1, user_dict); | |
| 1434 } else { | |
| 1435 users_list.Append(user_dict); | |
| 1436 } | |
| 1437 } | |
| 1438 } | |
| 1439 while (users_list.GetSize() > kMaxUsers) | |
| 1440 users_list.Remove(kMaxUsers, NULL); | |
| 1441 | |
| 1442 CallJS("login.AccountPickerScreen.loadUsers", users_list, animated, | |
| 1443 delegate_->IsShowGuest()); | 1289 delegate_->IsShowGuest()); |
| 1444 } | 1290 } |
| 1445 | 1291 |
| 1446 void SigninScreenHandler::HandleAccountPickerReady() { | 1292 void SigninScreenHandler::HandleAccountPickerReady() { |
| 1447 VLOG(0) << "Login WebUI >> AccountPickerReady"; | 1293 VLOG(0) << "Login WebUI >> AccountPickerReady"; |
| 1448 | 1294 |
| 1449 if (delegate_ && !ScreenLocker::default_screen_locker() && | 1295 if (delegate_ && !ScreenLocker::default_screen_locker() && |
| 1450 !chromeos::IsMachineHWIDCorrect() && | 1296 !chromeos::IsMachineHWIDCorrect() && |
| 1451 !oobe_ui_) { | 1297 !oobe_ui_) { |
| 1452 delegate_->ShowWrongHWIDScreen(); | 1298 delegate_->ShowWrongHWIDScreen(); |
| (...skipping 369 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1822 return gaia_screen_handler_->frame_error(); | 1668 return gaia_screen_handler_->frame_error(); |
| 1823 } | 1669 } |
| 1824 | 1670 |
| 1825 void SigninScreenHandler::OnCapsLockChanged(bool enabled) { | 1671 void SigninScreenHandler::OnCapsLockChanged(bool enabled) { |
| 1826 caps_lock_enabled_ = enabled; | 1672 caps_lock_enabled_ = enabled; |
| 1827 if (page_is_ready()) | 1673 if (page_is_ready()) |
| 1828 CallJS("login.AccountPickerScreen.setCapsLockState", caps_lock_enabled_); | 1674 CallJS("login.AccountPickerScreen.setCapsLockState", caps_lock_enabled_); |
| 1829 } | 1675 } |
| 1830 | 1676 |
| 1831 } // namespace chromeos | 1677 } // namespace chromeos |
| OLD | NEW |