Inline sign in extracts gaia id from HTTP header and seeds account tracker

google_apis/gaia/fake_gaia.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "google_apis/gaia/fake_gaia.h"
 
 #include <vector>
 
 #include "base/base_paths.h"
 #include "base/bind.h"
@@ skipping 124 matching lines @@
   base::FilePath source_root_dir;
   PathService::Get(base::DIR_SOURCE_ROOT, &source_root_dir);
   CHECK(base::ReadFileToString(
       source_root_dir.Append(base::FilePath(kServiceLogin)),
       &service_login_response_));
 }
 
 FakeGaia::~FakeGaia() {}
 
 void FakeGaia::SetFakeMergeSessionParams(
+    const std::string& gaia_id,
     const std::string& email,
     const std::string& auth_sid_cookie,
     const std::string& auth_lsid_cookie) {
   FakeGaia::MergeSessionParams params;
   params.auth_sid_cookie = auth_sid_cookie;
   params.auth_lsid_cookie = auth_lsid_cookie;
   params.auth_code = kTestAuthCode;
   params.refresh_token = kTestRefreshToken;
   params.access_token = kTestAuthLoginAccessToken;
   params.gaia_uber_token = kTestGaiaUberToken;
   params.session_sid_cookie = kTestSessionSIDCookie;
   params.session_lsid_cookie = kTestSessionLSIDCookie;
   params.email = email;
+  params.gaia_id = gaia_id;
   SetMergeSessionParams(params);
 }
 
 void FakeGaia::SetMergeSessionParams(
     const MergeSessionParams& params) {
   merge_session_params_ = params;
 }
 
 void FakeGaia::Initialize() {
   GaiaUrls* gaia_urls = GaiaUrls::GetInstance();
@@ skipping 27 matching lines @@
   // Handles /oauth2/v2/tokeninfo GAIA call.
   REGISTER_RESPONSE_HANDLER(
       gaia_urls->oauth2_token_info_url(), HandleTokenInfo);
 
   // Handles /oauth2/v2/IssueToken GAIA call.
   REGISTER_RESPONSE_HANDLER(
       gaia_urls->oauth2_issue_token_url(), HandleIssueToken);
 
   // Handles /ListAccounts GAIA call.
   REGISTER_RESPONSE_HANDLER(
       gaia_urls->ListAccountsURLWithSource(std::string()), HandleListAccounts);

[bartfab (slow), 2014/10/17 09:54:56]

I think the Chrome OS login code may have been the only user of /ListAccounts in
FakeGAIA. Could you do a try run with this method removed? If no tests fail, we
can kill the method and associated plumbing.

[Roger Tawa OOO till Jul 10th, 2014/10/20 16:04:01]

Best done in a separate CL.

[bartfab (slow), 2014/10/21 14:47:46]

Sure. If you are not planning to do this clean-up straight away, could you file
a bug so we do not forget about it? You can assign it to me.

 
   // Handles /GetUserInfo GAIA call.
   REGISTER_RESPONSE_HANDLER(
       gaia_urls->get_user_info_url(), HandleGetUserInfo);
 }
 
 scoped_ptr<HttpResponse> FakeGaia::HandleRequest(const HttpRequest& request) {
   // The scheme and host of the URL is actually not important but required to
   // get a valid GURL in order to parse |request.relative_url|.
   GURL request_url = GURL("http://localhost").Resolve(request.relative_url);
@@ skipping 208 matching lines @@
     http_response->AddCustomHeader("Google-Accounts-SAML", "Start");
   } else if (!merge_session_params_.auth_sid_cookie.empty() &&
              !merge_session_params_.auth_lsid_cookie.empty()) {
     SetCookies(http_response,
                merge_session_params_.auth_sid_cookie,
                merge_session_params_.auth_lsid_cookie);
   }
 
   http_response->set_code(net::HTTP_TEMPORARY_REDIRECT);
   http_response->AddCustomHeader("Location", redirect_url);
   http_response->AddCustomHeader("google-accounts-signin",

[bartfab (slow), 2014/10/17 09:54:56]

This line is actually wrong - and was wrong before your CL already:

* For regular GAIA users, all is well. Login succeeds the moment you submit the
login form and it is correct to return the user's e-mail address and GAIA ID
here.

* For SAML users, we redirect to the SAML IdP. The user is not authenticated
yet. We should not be returning an e-mail address or GAIA ID yet. We should do
it in HandleSSO() instead, based on the user who actually authenticated via SAML
(we use the e-mail address in |merge_session_params_| as the SAML user's e-mail
address for now).

[Roger Tawa OOO till Jul 10th, 2014/10/20 16:04:01]

Done.

-      base::StringPrintf("email=\"%s\", sessionindex=0", email.c_str()));
+      base::StringPrintf(
+          "email=\"%s\", obfuscatedid=\"%s\", sessionindex=0",
+          email.c_str(), merge_session_params_.gaia_id.c_str()));

[bartfab (slow), 2014/10/17 09:54:56]

We have tests that set up multiple accounts and verify that an attempt to log in
as Alice really logs you in as Alice, not as Bob. Right now, the tests do this
by verifying that the logged-in user's e-mail address is correct, because the
e-mail address is the primary account identifier.

You are making these changes to pave the way for the GAIA ID to become the
primary account identifier. This means that tests using multiple accounts will
need to be able to tell these accounts apart by looking at their GAIA IDs.
Returning the same GAIA ID for all login attempts will not work at that point.
We can fix it later, or we can fix it now: The GAIA ID should depend on the
user's e-mail address. It should not be a fixed value read from
|merge_session_params_|.

[Roger Tawa OOO till Jul 10th, 2014/10/20 16:04:01]

Not sure you can do that, or that it's needed.  Today the user enters and email
into gaia, and then reenters that email into saml page.  At the end we check
that the emails match.  You can't do that with gaia-ids; the user won't enter
them, and we can't get it until after sign in.  We only get one id and there is
nothing to check against.

I think the email checking logic is good even after the gaia-id migration.  No
need to change anything.

In any case, fixed this to make all tests work.

 }
 
 void FakeGaia::HandleSSO(const HttpRequest& request,
                          BasicHttpResponse* http_response) {
   if (!merge_session_params_.auth_sid_cookie.empty() &&
       !merge_session_params_.auth_lsid_cookie.empty()) {
     SetCookies(http_response,
                merge_session_params_.auth_sid_cookie,
                merge_session_params_.auth_lsid_cookie);
   }
@@ skipping 127 matching lines @@
 }
 
 void FakeGaia::HandleGetUserInfo(const HttpRequest& request,
                                  BasicHttpResponse* http_response) {
   http_response->set_content(base::StringPrintf(
       "email=%s\ndisplayEmail=%s",
       merge_session_params_.email.c_str(),
       merge_session_params_.email.c_str()));
   http_response->set_code(net::HTTP_OK);
 }