OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" | 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
9 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "chrome/browser/chrome_notification_types.h" | |
12 #include "chrome/browser/chromeos/boot_times_loader.h" | |
13 #include "chrome/browser/chromeos/login/auth/authentication_notification_details
.h" | |
14 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" | 11 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" |
15 #include "chrome/browser/chromeos/settings/cros_settings.h" | 12 #include "chrome/browser/chromeos/settings/cros_settings.h" |
16 #include "chrome/common/chrome_switches.h" | 13 #include "chrome/common/chrome_switches.h" |
17 #include "chromeos/cryptohome/async_method_caller.h" | 14 #include "chromeos/cryptohome/async_method_caller.h" |
18 #include "chromeos/cryptohome/system_salt_getter.h" | 15 #include "chromeos/cryptohome/system_salt_getter.h" |
19 #include "chromeos/dbus/cryptohome_client.h" | 16 #include "chromeos/dbus/cryptohome_client.h" |
20 #include "chromeos/dbus/dbus_thread_manager.h" | 17 #include "chromeos/dbus/dbus_thread_manager.h" |
21 #include "chromeos/login/auth/auth_status_consumer.h" | 18 #include "chromeos/login/auth/auth_status_consumer.h" |
22 #include "chromeos/login/auth/key.h" | 19 #include "chromeos/login/auth/key.h" |
23 #include "chromeos/login/auth/user_context.h" | 20 #include "chromeos/login/auth/user_context.h" |
24 #include "chromeos/login/login_state.h" | 21 #include "chromeos/login/login_state.h" |
25 #include "chromeos/login/user_names.h" | 22 #include "chromeos/login/user_names.h" |
| 23 #include "chromeos/login_event_recorder.h" |
26 #include "components/user_manager/user_manager.h" | 24 #include "components/user_manager/user_manager.h" |
27 #include "components/user_manager/user_type.h" | 25 #include "components/user_manager/user_type.h" |
28 #include "content/public/browser/browser_thread.h" | 26 #include "content/public/browser/browser_thread.h" |
29 #include "content/public/browser/notification_service.h" | |
30 #include "third_party/cros_system_api/dbus/service_constants.h" | 27 #include "third_party/cros_system_api/dbus/service_constants.h" |
31 | 28 |
32 using content::BrowserThread; | 29 using content::BrowserThread; |
33 | 30 |
34 namespace chromeos { | 31 namespace chromeos { |
35 | 32 |
36 namespace { | 33 namespace { |
37 | 34 |
38 // Hashes |key| with |system_salt| if it its type is KEY_TYPE_PASSWORD_PLAIN. | 35 // Hashes |key| with |system_salt| if it its type is KEY_TYPE_PASSWORD_PLAIN. |
39 // Returns the keys unmodified otherwise. | 36 // Returns the keys unmodified otherwise. |
(...skipping 29 matching lines...) Expand all Loading... |
69 resolver->Resolve(); | 66 resolver->Resolve(); |
70 } | 67 } |
71 | 68 |
72 // Calls TriggerResolve while adding login time marker. | 69 // Calls TriggerResolve while adding login time marker. |
73 void TriggerResolveWithLoginTimeMarker( | 70 void TriggerResolveWithLoginTimeMarker( |
74 const std::string& marker_name, | 71 const std::string& marker_name, |
75 AuthAttemptState* attempt, | 72 AuthAttemptState* attempt, |
76 scoped_refptr<ParallelAuthenticator> resolver, | 73 scoped_refptr<ParallelAuthenticator> resolver, |
77 bool success, | 74 bool success, |
78 cryptohome::MountError return_code) { | 75 cryptohome::MountError return_code) { |
79 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker(marker_name, false); | 76 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker(marker_name, false); |
80 TriggerResolve(attempt, resolver, success, return_code); | 77 TriggerResolve(attempt, resolver, success, return_code); |
81 } | 78 } |
82 | 79 |
83 // Calls cryptohome's mount method. | 80 // Calls cryptohome's mount method. |
84 void Mount(AuthAttemptState* attempt, | 81 void Mount(AuthAttemptState* attempt, |
85 scoped_refptr<ParallelAuthenticator> resolver, | 82 scoped_refptr<ParallelAuthenticator> resolver, |
86 int flags, | 83 int flags, |
87 const std::string& system_salt) { | 84 const std::string& system_salt) { |
88 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 85 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
89 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 86 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker( |
90 "CryptohomeMount-Start", false); | 87 "CryptohomeMount-Start", false); |
91 // Set state that username_hash is requested here so that test implementation | 88 // Set state that username_hash is requested here so that test implementation |
92 // that returns directly would not generate 2 OnLoginSucces() calls. | 89 // that returns directly would not generate 2 OnLoginSucces() calls. |
93 attempt->UsernameHashRequested(); | 90 attempt->UsernameHashRequested(); |
94 | 91 |
95 scoped_ptr<Key> key = | 92 scoped_ptr<Key> key = |
96 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); | 93 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); |
97 cryptohome::AsyncMethodCaller::GetInstance()->AsyncMount( | 94 cryptohome::AsyncMethodCaller::GetInstance()->AsyncMount( |
98 attempt->user_context.GetUserID(), | 95 attempt->user_context.GetUserID(), |
99 key->GetSecret(), | 96 key->GetSecret(), |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
157 resolver)); | 154 resolver)); |
158 } | 155 } |
159 | 156 |
160 // Calls cryptohome's key migration method. | 157 // Calls cryptohome's key migration method. |
161 void Migrate(AuthAttemptState* attempt, | 158 void Migrate(AuthAttemptState* attempt, |
162 scoped_refptr<ParallelAuthenticator> resolver, | 159 scoped_refptr<ParallelAuthenticator> resolver, |
163 bool passing_old_hash, | 160 bool passing_old_hash, |
164 const std::string& old_password, | 161 const std::string& old_password, |
165 const std::string& system_salt) { | 162 const std::string& system_salt) { |
166 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 163 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
167 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 164 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker( |
168 "CryptohomeMigrate-Start", false); | 165 "CryptohomeMigrate-Start", false); |
169 cryptohome::AsyncMethodCaller* caller = | 166 cryptohome::AsyncMethodCaller* caller = |
170 cryptohome::AsyncMethodCaller::GetInstance(); | 167 cryptohome::AsyncMethodCaller::GetInstance(); |
171 | 168 |
172 // TODO(bartfab): Retrieve the hashing algorithm and salt to use for |old_key| | 169 // TODO(bartfab): Retrieve the hashing algorithm and salt to use for |old_key| |
173 // from cryptohomed. | 170 // from cryptohomed. |
174 scoped_ptr<Key> old_key = | 171 scoped_ptr<Key> old_key = |
175 TransformKeyIfNeeded(Key(old_password), system_salt); | 172 TransformKeyIfNeeded(Key(old_password), system_salt); |
176 scoped_ptr<Key> new_key = | 173 scoped_ptr<Key> new_key = |
177 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); | 174 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); |
(...skipping 13 matching lines...) Expand all Loading... |
191 "CryptohomeMount-End", | 188 "CryptohomeMount-End", |
192 attempt, | 189 attempt, |
193 resolver)); | 190 resolver)); |
194 } | 191 } |
195 } | 192 } |
196 | 193 |
197 // Calls cryptohome's remove method. | 194 // Calls cryptohome's remove method. |
198 void Remove(AuthAttemptState* attempt, | 195 void Remove(AuthAttemptState* attempt, |
199 scoped_refptr<ParallelAuthenticator> resolver) { | 196 scoped_refptr<ParallelAuthenticator> resolver) { |
200 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 197 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
201 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 198 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker( |
202 "CryptohomeRemove-Start", false); | 199 "CryptohomeRemove-Start", false); |
203 cryptohome::AsyncMethodCaller::GetInstance()->AsyncRemove( | 200 cryptohome::AsyncMethodCaller::GetInstance()->AsyncRemove( |
204 attempt->user_context.GetUserID(), | 201 attempt->user_context.GetUserID(), |
205 base::Bind(&TriggerResolveWithLoginTimeMarker, | 202 base::Bind(&TriggerResolveWithLoginTimeMarker, |
206 "CryptohomeRemove-End", | 203 "CryptohomeRemove-End", |
207 attempt, | 204 attempt, |
208 resolver)); | 205 resolver)); |
209 } | 206 } |
210 | 207 |
211 // Calls cryptohome's key check method. | 208 // Calls cryptohome's key check method. |
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
388 } else { | 385 } else { |
389 ephemeral_mount_attempted_ = true; | 386 ephemeral_mount_attempted_ = true; |
390 MountGuestAndGetHash(current_state_.get(), | 387 MountGuestAndGetHash(current_state_.get(), |
391 scoped_refptr<ParallelAuthenticator>(this)); | 388 scoped_refptr<ParallelAuthenticator>(this)); |
392 } | 389 } |
393 } | 390 } |
394 | 391 |
395 void ParallelAuthenticator::OnRetailModeAuthSuccess() { | 392 void ParallelAuthenticator::OnRetailModeAuthSuccess() { |
396 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 393 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
397 VLOG(1) << "Retail mode login success"; | 394 VLOG(1) << "Retail mode login success"; |
398 // Send notification of success | 395 chromeos::LoginEventRecorder::Get()->RecordAuthenticationSuccess(); |
399 AuthenticationNotificationDetails details(true); | |
400 content::NotificationService::current()->Notify( | |
401 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
402 content::NotificationService::AllSources(), | |
403 content::Details<AuthenticationNotificationDetails>(&details)); | |
404 if (consumer_) | 396 if (consumer_) |
405 consumer_->OnRetailModeAuthSuccess(current_state_->user_context); | 397 consumer_->OnRetailModeAuthSuccess(current_state_->user_context); |
406 } | 398 } |
407 | 399 |
408 void ParallelAuthenticator::OnAuthSuccess() { | 400 void ParallelAuthenticator::OnAuthSuccess() { |
409 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 401 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
410 VLOG(1) << "Login success"; | 402 VLOG(1) << "Login success"; |
411 // Send notification of success | 403 // Send notification of success |
412 AuthenticationNotificationDetails details(true); | 404 chromeos::LoginEventRecorder::Get()->RecordAuthenticationSuccess(); |
413 content::NotificationService::current()->Notify( | |
414 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
415 content::NotificationService::AllSources(), | |
416 content::Details<AuthenticationNotificationDetails>(&details)); | |
417 { | 405 { |
418 base::AutoLock for_this_block(success_lock_); | 406 base::AutoLock for_this_block(success_lock_); |
419 already_reported_success_ = true; | 407 already_reported_success_ = true; |
420 } | 408 } |
421 if (consumer_) | 409 if (consumer_) |
422 consumer_->OnAuthSuccess(current_state_->user_context); | 410 consumer_->OnAuthSuccess(current_state_->user_context); |
423 } | 411 } |
424 | 412 |
425 void ParallelAuthenticator::OnOffTheRecordAuthSuccess() { | 413 void ParallelAuthenticator::OnOffTheRecordAuthSuccess() { |
426 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 414 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
427 // Send notification of success | 415 chromeos::LoginEventRecorder::Get()->RecordAuthenticationSuccess(); |
428 AuthenticationNotificationDetails details(true); | |
429 content::NotificationService::current()->Notify( | |
430 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
431 content::NotificationService::AllSources(), | |
432 content::Details<AuthenticationNotificationDetails>(&details)); | |
433 if (consumer_) | 416 if (consumer_) |
434 consumer_->OnOffTheRecordAuthSuccess(); | 417 consumer_->OnOffTheRecordAuthSuccess(); |
435 } | 418 } |
436 | 419 |
437 void ParallelAuthenticator::OnPasswordChangeDetected() { | 420 void ParallelAuthenticator::OnPasswordChangeDetected() { |
438 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 421 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
439 if (consumer_) | 422 if (consumer_) |
440 consumer_->OnPasswordChangeDetected(); | 423 consumer_->OnPasswordChangeDetected(); |
441 } | 424 } |
442 | 425 |
443 void ParallelAuthenticator::OnAuthFailure(const AuthFailure& error) { | 426 void ParallelAuthenticator::OnAuthFailure(const AuthFailure& error) { |
444 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 427 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
445 | 428 |
446 // OnAuthFailure will be called again with the same |error| | 429 // OnAuthFailure will be called again with the same |error| |
447 // after the cryptohome has been removed. | 430 // after the cryptohome has been removed. |
448 if (remove_user_data_on_failure_) { | 431 if (remove_user_data_on_failure_) { |
449 delayed_login_failure_ = &error; | 432 delayed_login_failure_ = &error; |
450 RemoveEncryptedData(); | 433 RemoveEncryptedData(); |
451 return; | 434 return; |
452 } | 435 } |
453 | 436 chromeos::LoginEventRecorder::Get()->RecordAuthenticationFailure(); |
454 // Send notification of failure | |
455 AuthenticationNotificationDetails details(false); | |
456 content::NotificationService::current()->Notify( | |
457 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
458 content::NotificationService::AllSources(), | |
459 content::Details<AuthenticationNotificationDetails>(&details)); | |
460 LOG(WARNING) << "Login failed: " << error.GetErrorString(); | 437 LOG(WARNING) << "Login failed: " << error.GetErrorString(); |
461 if (consumer_) | 438 if (consumer_) |
462 consumer_->OnAuthFailure(error); | 439 consumer_->OnAuthFailure(error); |
463 } | 440 } |
464 | 441 |
465 void ParallelAuthenticator::RecoverEncryptedData( | 442 void ParallelAuthenticator::RecoverEncryptedData( |
466 const std::string& old_password) { | 443 const std::string& old_password) { |
467 migrate_attempted_ = true; | 444 migrate_attempted_ = true; |
468 current_state_->ResetCryptohomeStatus(); | 445 current_state_->ResetCryptohomeStatus(); |
469 SystemSaltGetter::Get()->GetSystemSalt( | 446 SystemSaltGetter::Get()->GetSystemSalt( |
(...skipping 362 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
832 Resolve(); | 809 Resolve(); |
833 } | 810 } |
834 | 811 |
835 void ParallelAuthenticator::SetOwnerState(bool owner_check_finished, | 812 void ParallelAuthenticator::SetOwnerState(bool owner_check_finished, |
836 bool check_result) { | 813 bool check_result) { |
837 owner_is_verified_ = owner_check_finished; | 814 owner_is_verified_ = owner_check_finished; |
838 user_can_login_ = check_result; | 815 user_can_login_ = check_result; |
839 } | 816 } |
840 | 817 |
841 } // namespace chromeos | 818 } // namespace chromeos |
OLD | NEW |