Inline sign in extracts gaia id from HTTP header and seeds account tracker

chrome/browser/resources/gaia_auth/main.js

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 /**
  * Authenticator class wraps the communications between Gaia and its host.
  */
 function Authenticator() {
 }
 
@@ skipping 30 matching lines @@
  */
 Authenticator.getInstance = function() {
   if (!Authenticator.instance_) {
     Authenticator.instance_ = new Authenticator();
   }
   return Authenticator.instance_;
 };
 
 Authenticator.prototype = {
   email_: null,
+  gaiaId_: null,
 
   // Depending on the key type chosen, this will contain the plain text password
   // or a credential derived from it along with the information required to
   // repeat the derivation, such as a salt. The information will be encoded so
   // that it contains printable ASCII characters only. The exact encoding is TBD
   // when support for key types other than plain text password is added.
   passwordBytes_: null,
 
   attemptToken_: null,
 
@@ skipping 97 matching lines @@
 
       if (this.desktopMode_) {
         this.supportChannel_.send({
           name: 'initDesktopFlow',
           gaiaUrl: this.gaiaUrl_,
           continueUrl: stripParams(this.continueUrl_),
           isConstrainedWindow: this.isConstrainedWindow_
         });
         this.supportChannel_.registerMessage(
             'switchToFullTab', this.switchToFullTab_.bind(this));
-        this.supportChannel_.registerMessage(
-            'completeLogin', this.completeLogin_.bind(this));
       }
+      this.supportChannel_.registerMessage(
+          'completeLogin', this.completeLogin_.bind(this));

[xiyuan, 2014/09/25 02:52:39]

Think we need to merge onConfirmLogin_ with completeLogin_. Otherwise, this
might break SAML flow.

SAML flow, we cannot send 'completeLogin' back at the end of the flow. It has
two additional steps:
1. 'retrieveAuthenticatedUserEmail " that uses /ListAccount to get the actual
user email (http://crbug.com/332132) and wait for 'setAuthenticatedUserEmail'
for actual user email;
2. Trigger Chrome to show password verify UI and wait for
'verifyConfirmedPassword' message; 

We can probably optimize out the /ListAccount call since we get actual user
email from Gaia headers now. The confirm-verify flow needs to be kept for SAML
flow.

[Roger Tawa OOO till Jul 10th, 2014/09/25 20:36:41]

Now calls maybeCompleteLogin_(), which is the renamed maybeCompleteSAMLLogin_().
 I changed it to also support non saml flows.

       this.initSAML_();
       this.maybeInitialized_();
     }.bind(this));
 
     window.setTimeout(function() {
       if (!this.supportChannel_) {
         // Re-initialize the channel if it is not connected properly, e.g.
         // connect may be called before background script started running.
         this.initSupportChannel_();
       }
@@ skipping 33 matching lines @@
    */
   completeLogin_: function(opt_extraMsg) {
     var msg = {
       'method': 'completeLogin',
       'email': (opt_extraMsg && opt_extraMsg.email) || this.email_,
       'password': (opt_extraMsg && opt_extraMsg.password) ||
                   this.passwordBytes_,
       'usingSAML': this.isSAMLFlow_,
       'chooseWhatToSync': this.chooseWhatToSync_ || false,
       'skipForNow': opt_extraMsg && opt_extraMsg.skipForNow,
-      'sessionIndex': opt_extraMsg && opt_extraMsg.sessionIndex
-    };
+      'sessionIndex': opt_extraMsg && opt_extraMsg.sessionIndex,
+      'gaiaId': (opt_extraMsg && opt_extraMsg.gaiaId) || this.gaiaId_
+  };
     window.parent.postMessage(msg, this.parentPage_);
     this.supportChannel_.send({name: 'resetAuth'});
   },
 
   /**
    * Invoked when support channel is connected.
    */
   initSAML_: function() {
     this.isSAMLFlow_ = false;
 
@@ skipping 25 matching lines @@
    */
   onAuthPageLoaded_: function(msg) {
     var isSAMLPage = msg.url.indexOf(this.gaiaUrl_) != 0;
 
     if (isSAMLPage && !this.isSAMLFlow_) {
       // GAIA redirected to a SAML login page. The credentials provided to this
       // page will determine what user gets logged in. The credentials obtained
       // from the GAIA login form are no longer relevant and can be discarded.
       this.isSAMLFlow_ = true;
       this.email_ = null;
+      this.gaiaId_ = null;
       this.passwordBytes_ = null;
     }
 
     window.parent.postMessage({
       'method': 'authPageLoaded',
       'isSAML': this.isSAMLFlow_,
       'domain': extractDomain(msg.url)
     }, this.parentPage_);
   },
 
@@ skipping 30 matching lines @@
       return;
     }
 
     if (call.method == 'add') {
       if (Authenticator.API_KEY_TYPES.indexOf(call.keyType) == -1) {
         console.error('Authenticator.onAPICall_: unsupported key type');
         return;
       }
       this.apiToken_ = call.token;
       this.email_ = call.user;
+      this.gaiaId_ = null;  // TODO(rogerta): no idea what to do here.
       this.passwordBytes_ = call.passwordBytes;
     } else if (call.method == 'confirm') {
       if (call.token != this.apiToken_)
         console.error('Authenticator.onAPICall_: token mismatch');
     } else {
       console.error('Authenticator.onAPICall_: unknown message');
     }
   },
 
   sendInitializationSuccess_: function() {
     this.supportChannel_.send({name: 'apiResponse', response: {
       result: 'initialized',
       version: this.apiVersion_,
       keyTypes: Authenticator.API_KEY_TYPES
     }});
   },
 
   sendInitializationFailure_: function() {
     this.supportChannel_.send({
       name: 'apiResponse',
       response: {result: 'initialization_failed'}
     });
   },
 
   onConfirmLogin_: function() {
-    if (!this.isSAMLFlow_) {
-      this.completeLogin_();
+    if (!this.isSAMLFlow_)
       return;
-    }
 
     var apiUsed = !!this.passwordBytes_;
 
     // Retrieve the e-mail address of the user who just authenticated from GAIA.
     window.parent.postMessage({method: 'retrieveAuthenticatedUserEmail',
                                attemptToken: this.attemptToken_,
                                apiUsed: apiUsed},
                               this.parentPage_);
 
     if (!apiUsed) {
@@ skipping 10 matching lines @@
                                          passwordCount: passwords.length},
                                         this.parentPage_);
             }
           }.bind(this));
     }
   },
 
   maybeCompleteSAMLLogin_: function() {
     // SAML login is complete when the user's e-mail address has been retrieved
     // from GAIA and the user has successfully confirmed the password.
-    if (this.email_ !== null && this.passwordBytes_ !== null)
+    if (this.email_ !== null && this.gaiaId_ !== null &&
+        this.passwordBytes_ !== null) {
       this.completeLogin_();
+    }
   },
 
   onVerifyConfirmedPassword_: function(password) {
     this.supportChannel_.sendWithCallback(
         {name: 'getScrapedPasswords'},
         function(passwords) {
           for (var i = 0; i < passwords.length; ++i) {
             if (passwords[i] == password) {
               this.passwordBytes_ = passwords[i];
               this.maybeCompleteSAMLLogin_();
               return;
             }
           }
           window.parent.postMessage(
               {method: 'confirmPassword', email: this.email_},
               this.parentPage_);
         }.bind(this));
   },
 
   onMessage: function(e) {
     var msg = e.data;
     if (msg.method == 'attemptLogin' && this.isGaiaMessage_(e)) {
+      // At this point GAIA does not yet know the gaiaId, so its not set here.
       this.email_ = msg.email;
       this.passwordBytes_ = msg.password;
       this.attemptToken_ = msg.attemptToken;
       this.chooseWhatToSync_ = msg.chooseWhatToSync;
       this.isSAMLFlow_ = false;
       if (this.supportChannel_)
         this.supportChannel_.send({name: 'startAuth'});
       else
         console.error('Support channel is not initialized.');
     } else if (msg.method == 'clearOldAttempts' && this.isGaiaMessage_(e)) {
       if (!this.gaiaLoaded_) {
         this.gaiaLoaded_ = true;
         this.maybeInitialized_();
       }
       this.email_ = null;
+      this.gaiaId_ = null;
       this.passwordBytes_ = null;
       this.attemptToken_ = null;
       this.isSAMLFlow_ = false;
       if (this.supportChannel_)
         this.supportChannel_.send({name: 'resetAuth'});
     } else if (msg.method == 'setAuthenticatedUserEmail' &&
                this.isParentMessage_(e)) {
       if (this.attemptToken_ == msg.attemptToken) {
         this.email_ = msg.email;
         this.maybeCompleteSAMLLogin_();
@@ skipping 14 matching lines @@
     } else if (msg.method == 'redirectToSignin' &&
                this.isParentMessage_(e)) {
       $('gaia-frame').src = this.constructInitialFrameUrl_();
     } else {
        console.error('Authenticator.onMessage: unknown message + origin!?');
     }
   }
 };
 
 Authenticator.getInstance().initialize();