| Index: chrome/browser/ui/webui/signin/inline_login_handler_impl.cc
|
| diff --git a/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc b/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc
|
| index 037cbde695a0790c8a4f879e847961cd012ce724..38b928e2caa4931567509f3fefaacf680b849eaf 100644
|
| --- a/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc
|
| +++ b/chrome/browser/ui/webui/signin/inline_login_handler_impl.cc
|
| @@ -23,6 +23,7 @@
|
| #include "chrome/browser/ui/sync/one_click_signin_helper.h"
|
| #include "chrome/browser/ui/sync/one_click_signin_histogram.h"
|
| #include "chrome/browser/ui/tabs/tab_strip_model.h"
|
| +#include "chrome/browser/ui/webui/signin/inline_login_ui.h"
|
| #include "chrome/common/url_constants.h"
|
| #include "components/signin/core/browser/about_signin_internals.h"
|
| #include "components/signin/core/browser/profile_oauth2_token_service.h"
|
| @@ -50,7 +51,8 @@ class InlineSigninHelper : public SigninOAuthHelper::Consumer {
|
| const std::string& password,
|
| const std::string& session_index,
|
| const std::string& signin_scoped_device_id,
|
| - bool choose_what_to_sync);
|
| + bool choose_what_to_sync,
|
| + bool confirm_untrusted_signin);
|
|
|
| private:
|
| // Overriden from SigninOAuthHelper::Consumer.
|
| @@ -69,6 +71,7 @@ class InlineSigninHelper : public SigninOAuthHelper::Consumer {
|
| std::string password_;
|
| std::string session_index_;
|
| bool choose_what_to_sync_;
|
| + bool confirm_untrusted_signin_;
|
|
|
| DISALLOW_COPY_AND_ASSIGN(InlineSigninHelper);
|
| };
|
| @@ -82,7 +85,8 @@ InlineSigninHelper::InlineSigninHelper(
|
| const std::string& password,
|
| const std::string& session_index,
|
| const std::string& signin_scoped_device_id,
|
| - bool choose_what_to_sync)
|
| + bool choose_what_to_sync,
|
| + bool confirm_untrusted_signin)
|
| : signin_oauth_helper_(getter, session_index, signin_scoped_device_id,
|
| this),
|
| handler_(handler),
|
| @@ -90,7 +94,9 @@ InlineSigninHelper::InlineSigninHelper(
|
| current_url_(current_url),
|
| email_(email),
|
| password_(password),
|
| - choose_what_to_sync_(choose_what_to_sync) {
|
| + session_index_(session_index),
|
| + choose_what_to_sync_(choose_what_to_sync),
|
| + confirm_untrusted_signin_(confirm_untrusted_signin) {
|
| DCHECK(profile_);
|
| DCHECK(!email_.empty());
|
| }
|
| @@ -152,13 +158,20 @@ void InlineSigninHelper::OnSigninOAuthInformationAvailable(
|
| OneClickSigninSyncStarter::SYNC_WITH_DEFAULT_SETTINGS;
|
| }
|
|
|
| - OneClickSigninSyncStarter::ConfirmationRequired confirmation_required =
|
| - source == signin::SOURCE_SETTINGS ||
|
| - source == signin::SOURCE_WEBSTORE_INSTALL ||
|
| - choose_what_to_sync_ ||
|
| - show_inline_confirmation_for_sync ?
|
| - OneClickSigninSyncStarter::NO_CONFIRMATION :
|
| - OneClickSigninSyncStarter::CONFIRM_AFTER_SIGNIN;
|
| + OneClickSigninSyncStarter::ConfirmationRequired confirmation_required;
|
| + if (confirm_untrusted_signin_) {
|
| + confirmation_required =
|
| + OneClickSigninSyncStarter::CONFIRM_UNTRUSTED_SIGNIN;
|
| + } else {
|
| + confirmation_required =
|
| + source == signin::SOURCE_SETTINGS ||
|
| + source == signin::SOURCE_WEBSTORE_INSTALL ||
|
| + choose_what_to_sync_ ||
|
| + show_inline_confirmation_for_sync ?
|
| + OneClickSigninSyncStarter::NO_CONFIRMATION :
|
| + OneClickSigninSyncStarter::CONFIRM_AFTER_SIGNIN;
|
| + }
|
| +
|
| bool start_signin =
|
| !OneClickSigninHelper::HandleCrossAccountError(
|
| profile_, "",
|
| @@ -200,7 +213,7 @@ void InlineSigninHelper::OnSigninOAuthInformationFailure(
|
|
|
| InlineLoginHandlerImpl::InlineLoginHandlerImpl()
|
| : weak_factory_(this),
|
| - choose_what_to_sync_(false) {
|
| + confirm_untrusted_signin_(false) {
|
| }
|
|
|
| InlineLoginHandlerImpl::~InlineLoginHandlerImpl() {}
|
| @@ -214,6 +227,31 @@ bool InlineLoginHandlerImpl::HandleContextMenu(
|
| #endif
|
| }
|
|
|
| +void InlineLoginHandlerImpl::DidCommitProvisionalLoadForFrame(
|
| + content::RenderFrameHost* render_frame_host,
|
| + const GURL& url,
|
| + content::PageTransition transition_type) {
|
| + if (!web_contents())
|
| + return;
|
| +
|
| + // Returns early if this is not a gaia iframe navigation.
|
| + const GURL kGaiaExtOrigin(
|
| + "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/");
|
| + content::RenderFrameHost* gaia_iframe = InlineLoginUI::GetAuthIframe(
|
| + web_contents(), kGaiaExtOrigin, "signin-frame");
|
| + if (render_frame_host != gaia_iframe)
|
| + return;
|
| +
|
| + // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process
|
| + // will require confirmation before the sign in takes effect.
|
| + if (!url.is_empty() &&
|
| + url.spec() != url::kAboutBlankURL &&
|
| + !gaia::IsGaiaSignonRealm(url.GetOrigin()) &&
|
| + !signin::IsContinueUrlForWebBasedSigninFlow(url)) {
|
| + confirm_untrusted_signin_ = true;
|
| + }
|
| +}
|
| +
|
| void InlineLoginHandlerImpl::SetExtraInitParams(base::DictionaryValue& params) {
|
| params.SetString("service", "chromiumsync");
|
|
|
| @@ -224,6 +262,8 @@ void InlineLoginHandlerImpl::SetExtraInitParams(base::DictionaryValue& params) {
|
| if (is_constrained == "1")
|
| contents->SetDelegate(this);
|
|
|
| + content::WebContentsObserver::Observe(contents);
|
| +
|
| signin::Source source = signin::GetSourceForPromoURL(current_url);
|
| OneClickSigninHelper::LogHistogramValue(
|
| source, one_click_signin::HISTOGRAM_SHOWN);
|
| @@ -244,13 +284,14 @@ void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) {
|
| return;
|
| }
|
|
|
| - base::string16 email;
|
| - dict->GetString("email", &email);
|
| - DCHECK(!email.empty());
|
| - email_ = base::UTF16ToASCII(email);
|
| - base::string16 password;
|
| - dict->GetString("password", &password);
|
| - password_ = base::UTF16ToASCII(password);
|
| + base::string16 email_string16;
|
| + dict->GetString("email", &email_string16);
|
| + DCHECK(!email_string16.empty());
|
| + std::string email(base::UTF16ToASCII(email_string16));
|
| +
|
| + base::string16 password_string16;
|
| + dict->GetString("password", &password_string16);
|
| + std::string password(base::UTF16ToASCII(password_string16));
|
|
|
| // When doing a SAML sign in, this email check may result in a false
|
| // positive. This happens when the user types one email address in the
|
| @@ -262,23 +303,25 @@ void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) {
|
| net::GetValueForKeyInQuery(current_url, "validateEmail",
|
| &validate_email) &&
|
| validate_email == "1") {
|
| - if (!gaia::AreEmailsSame(email_, default_email)) {
|
| + if (!gaia::AreEmailsSame(email, default_email)) {
|
| SyncStarterCallback(OneClickSigninSyncStarter::SYNC_SETUP_FAILURE);
|
| return;
|
| }
|
| }
|
|
|
| - base::string16 session_index;
|
| - dict->GetString("sessionIndex", &session_index);
|
| - session_index_ = base::UTF16ToASCII(session_index);
|
| - DCHECK(!session_index_.empty());
|
| - dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync_);
|
| + base::string16 session_index_string16;
|
| + dict->GetString("sessionIndex", &session_index_string16);
|
| + std::string session_index = base::UTF16ToASCII(session_index_string16);
|
| + DCHECK(!session_index.empty());
|
| +
|
| + bool choose_what_to_sync = false;
|
| + dict->GetBoolean("chooseWhatToSync", &choose_what_to_sync);
|
|
|
| signin::Source source = signin::GetSourceForPromoURL(current_url);
|
| OneClickSigninHelper::LogHistogramValue(
|
| source, one_click_signin::HISTOGRAM_ACCEPTED);
|
| bool switch_to_advanced =
|
| - choose_what_to_sync_ && (source != signin::SOURCE_SETTINGS);
|
| + choose_what_to_sync && (source != signin::SOURCE_SETTINGS);
|
| OneClickSigninHelper::LogHistogramValue(
|
| source,
|
| switch_to_advanced ? one_click_signin::HISTOGRAM_WITH_ADVANCED :
|
| @@ -305,7 +348,7 @@ void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) {
|
|
|
| std::string error_msg;
|
| bool can_offer = OneClickSigninHelper::CanOffer(
|
| - contents, can_offer_for, email_, &error_msg);
|
| + contents, can_offer_for, email, &error_msg);
|
| if (!can_offer) {
|
| HandleLoginError(error_msg);
|
| return;
|
| @@ -328,12 +371,10 @@ void InlineLoginHandlerImpl::CompleteLogin(const base::ListValue* args) {
|
| // InlineSigninHelper will delete itself.
|
| new InlineSigninHelper(GetWeakPtr(), partition->GetURLRequestContext(),
|
| Profile::FromWebUI(web_ui()), current_url,
|
| - email_, password_, session_index_,
|
| - signin_scoped_device_id, choose_what_to_sync_);
|
| + email, password, session_index,
|
| + signin_scoped_device_id, choose_what_to_sync,
|
| + confirm_untrusted_signin_);
|
|
|
| - email_.clear();
|
| - password_.clear();
|
| - session_index_.clear();
|
| web_ui()->CallJavascriptFunction("inline.login.closeDialog");
|
| }
|
|
|
| @@ -346,10 +387,6 @@ void InlineLoginHandlerImpl::HandleLoginError(const std::string& error_msg) {
|
| << error_msg;
|
| OneClickSigninHelper::ShowSigninErrorBubble(browser, error_msg);
|
| }
|
| -
|
| - email_.clear();
|
| - password_.clear();
|
| - session_index_.clear();
|
| }
|
|
|
| Browser* InlineLoginHandlerImpl::GetDesktopBrowser() {
|
|
|
Chromium Code Reviews
Issue 317093002:
Show confirmation dialog for unsecure signin (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src