Inline sign in extracts gaia id from HTTP header and seeds account tracker

chrome/browser/resources/gaia_auth/main.js

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 /**
  * Authenticator class wraps the communications between Gaia and its host.
  */
 function Authenticator() {
 }
 
@@ skipping 30 matching lines @@
  */
 Authenticator.getInstance = function() {
   if (!Authenticator.instance_) {
     Authenticator.instance_ = new Authenticator();
   }
   return Authenticator.instance_;
 };
 
 Authenticator.prototype = {
   email_: null,
+  gaiaId_: null,
 
   // Depending on the key type chosen, this will contain the plain text password
   // or a credential derived from it along with the information required to
   // repeat the derivation, such as a salt. The information will be encoded so
   // that it contains printable ASCII characters only. The exact encoding is TBD
   // when support for key types other than plain text password is added.
   passwordBytes_: null,
 
   attemptToken_: null,
 
@@ skipping 153 matching lines @@
    */
   completeLogin_: function(opt_extraMsg) {
     var msg = {
       'method': 'completeLogin',
       'email': (opt_extraMsg && opt_extraMsg.email) || this.email_,
       'password': (opt_extraMsg && opt_extraMsg.password) ||
                   this.passwordBytes_,
       'usingSAML': this.isSAMLFlow_,
       'chooseWhatToSync': this.chooseWhatToSync_ || false,
       'skipForNow': opt_extraMsg && opt_extraMsg.skipForNow,
-      'sessionIndex': opt_extraMsg && opt_extraMsg.sessionIndex
-    };
+      'sessionIndex': opt_extraMsg && opt_extraMsg.sessionIndex,
+      'gaiaId': (opt_extraMsg && opt_extraMsg.gaiaId) || this.gaiaId_
+  };
     window.parent.postMessage(msg, this.parentPage_);
     this.supportChannel_.send({name: 'resetAuth'});
   },
 
   /**
    * Invoked when support channel is connected.
    */
   initSAML_: function() {
     this.isSAMLFlow_ = false;
 
@@ skipping 25 matching lines @@
    */
   onAuthPageLoaded_: function(msg) {
     var isSAMLPage = msg.url.indexOf(this.gaiaUrl_) != 0;
 
     if (isSAMLPage && !this.isSAMLFlow_) {
       // GAIA redirected to a SAML login page. The credentials provided to this
       // page will determine what user gets logged in. The credentials obtained
       // from the GAIA login form are no longer relevant and can be discarded.
       this.isSAMLFlow_ = true;
       this.email_ = null;
+      this.gaiaId_ = null;
       this.passwordBytes_ = null;
     }
 
     window.parent.postMessage({
       'method': 'authPageLoaded',
       'isSAML': this.isSAMLFlow_,
       'domain': extractDomain(msg.url)
     }, this.parentPage_);
   },
 
@@ skipping 30 matching lines @@
       return;
     }
 
     if (call.method == 'add') {
       if (Authenticator.API_KEY_TYPES.indexOf(call.keyType) == -1) {
         console.error('Authenticator.onAPICall_: unsupported key type');
         return;
       }
       this.apiToken_ = call.token;
       this.email_ = call.user;
+      this.gaiaId_ = null;  // TODO(rogerta): no idea what to do here.
       this.passwordBytes_ = call.passwordBytes;
     } else if (call.method == 'confirm') {
       if (call.token != this.apiToken_)
         console.error('Authenticator.onAPICall_: token mismatch');
     } else {
       console.error('Authenticator.onAPICall_: unknown message');
     }
   },
 
   sendInitializationSuccess_: function() {
@@ skipping 39 matching lines @@
                                          passwordCount: passwords.length},
                                         this.parentPage_);
             }
           }.bind(this));
     }
   },
 
   maybeCompleteSAMLLogin_: function() {
     // SAML login is complete when the user's e-mail address has been retrieved
     // from GAIA and the user has successfully confirmed the password.
-    if (this.email_ !== null && this.passwordBytes_ !== null)
+    if (this.email_ !== null && this.gaiaId_ !== null &&
+        this.passwordBytes_ !== null) {
       this.completeLogin_();
+    }
   },
 
   onVerifyConfirmedPassword_: function(password) {
     this.supportChannel_.sendWithCallback(
         {name: 'getScrapedPasswords'},
         function(passwords) {
           for (var i = 0; i < passwords.length; ++i) {
             if (passwords[i] == password) {
               this.passwordBytes_ = passwords[i];
               this.maybeCompleteSAMLLogin_();
               return;
             }
           }
           window.parent.postMessage(
               {method: 'confirmPassword', email: this.email_},
               this.parentPage_);
         }.bind(this));
   },
 
   onMessage: function(e) {
     var msg = e.data;
     if (msg.method == 'attemptLogin' && this.isGaiaMessage_(e)) {
       this.email_ = msg.email;
+      this.gaiaId_ = msg.gaiaId;

[xiyuan, 2014/09/22 21:48:56]

This does not work for cros login. 'attemptLogin' message is sent from Gaia when
submitting the login form and gaiaId. The posting code on Gaia page does not
post gaiaId info and gaiaId is not available either.

We need to change the logic so that it waits for the background.js to post back
the gaia id to continue the cros sign-in. That is, we cannot do
"this.onConfirmLogin_();" when 'confirmLogin' message is received. It needs to
be deferred until background.js pinged back.

[Roger Tawa OOO till Jul 10th, 2014/09/23 19:43:42]

Done.

       this.passwordBytes_ = msg.password;
       this.attemptToken_ = msg.attemptToken;
       this.chooseWhatToSync_ = msg.chooseWhatToSync;
       this.isSAMLFlow_ = false;
       if (this.supportChannel_)
         this.supportChannel_.send({name: 'startAuth'});
       else
         console.error('Support channel is not initialized.');
     } else if (msg.method == 'clearOldAttempts' && this.isGaiaMessage_(e)) {
       if (!this.gaiaLoaded_) {
         this.gaiaLoaded_ = true;
         this.maybeInitialized_();
       }
       this.email_ = null;
+      this.gaiaId_ = null;
       this.passwordBytes_ = null;
       this.attemptToken_ = null;
       this.isSAMLFlow_ = false;
       if (this.supportChannel_)
         this.supportChannel_.send({name: 'resetAuth'});
     } else if (msg.method == 'setAuthenticatedUserEmail' &&
                this.isParentMessage_(e)) {
       if (this.attemptToken_ == msg.attemptToken) {
         this.email_ = msg.email;
+        this.gaiaId_ = msg.gaiaId;

[xiyuan, 2014/09/22 21:48:56]

This probably does not work either. 'setAuthenticatedUserEmail' does not have
gaiaId sent with it.

[Roger Tawa OOO till Jul 10th, 2014/09/23 19:43:43]

Done.

         this.maybeCompleteSAMLLogin_();
       }
     } else if (msg.method == 'confirmLogin' && this.isInternalMessage_(e)) {
       // In the desktop mode, Chrome needs to wait for extra info such as
       // session index from the background JS.
       if (this.desktopMode_)
         return;
 
       if (this.attemptToken_ == msg.attemptToken)
         this.onConfirmLogin_();

[xiyuan, 2014/09/22 21:48:56]

This needs to be patched to defer until gaiaId is received from background.js.

[Roger Tawa OOO till Jul 10th, 2014/09/23 19:43:43]

Done.

       else
         console.error('Authenticator.onMessage: unexpected attemptToken!?');
     } else if (msg.method == 'verifyConfirmedPassword' &&
                this.isParentMessage_(e)) {
       this.onVerifyConfirmedPassword_(msg.password);
     } else if (msg.method == 'redirectToSignin' &&
                this.isParentMessage_(e)) {
       $('gaia-frame').src = this.constructInitialFrameUrl_();
     } else {
        console.error('Authenticator.onMessage: unknown message + origin!?');
     }
   }
 };
 
 Authenticator.getInstance().initialize();