Chromium Code Reviews Chromium Code Reviews
Issue 473153002:
Inline sign in extracts gaia id from HTTP header and seeds account tracker (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/resources/gaia_auth/main.js |
| diff --git a/chrome/browser/resources/gaia_auth/main.js b/chrome/browser/resources/gaia_auth/main.js |
| index ba48c65dc9049f2dc8cb453d754480286497b3f8..a8e11ad01653264c64ce02e7ca39bc923968f68b 100644 |
| --- a/chrome/browser/resources/gaia_auth/main.js |
| +++ b/chrome/browser/resources/gaia_auth/main.js |
| @@ -48,6 +48,7 @@ Authenticator.getInstance = function() { |
| Authenticator.prototype = { |
| email_: null, |
| + gaiaId_: null, |
| // Depending on the key type chosen, this will contain the plain text password |
| // or a credential derived from it along with the information required to |
| @@ -56,6 +57,9 @@ Authenticator.prototype = { |
| // when support for key types other than plain text password is added. |
| passwordBytes_: null, |
| + chooseWhatToSync_: false, |
| + skipForNow_: false, |
| + sessionIndex_: null, |
| attemptToken_: null, |
| // Input params from extension initialization URL. |
| @@ -165,9 +169,9 @@ Authenticator.prototype = { |
| }); |
| this.supportChannel_.registerMessage( |
| 'switchToFullTab', this.switchToFullTab_.bind(this)); |
| - this.supportChannel_.registerMessage( |
| - 'completeLogin', this.completeLogin_.bind(this)); |
| } |
| + this.supportChannel_.registerMessage( |
| + 'completeLogin', this.onCompleteLogin_.bind(this)); |
| this.initSAML_(); |
| this.maybeInitialized_(); |
| }.bind(this)); |
| @@ -220,8 +224,11 @@ Authenticator.prototype = { |
| this.passwordBytes_, |
| 'usingSAML': this.isSAMLFlow_, |
| 'chooseWhatToSync': this.chooseWhatToSync_ || false, |
| - 'skipForNow': opt_extraMsg && opt_extraMsg.skipForNow, |
| - 'sessionIndex': opt_extraMsg && opt_extraMsg.sessionIndex |
| + 'skipForNow': (opt_extraMsg && opt_extraMsg.skipForNow) || |
| + this.skipForNow_, |
| + 'sessionIndex': (opt_extraMsg && opt_extraMsg.sessionIndex) || |
| + this.sessionIndex_, |
| + 'gaiaId': (opt_extraMsg && opt_extraMsg.gaiaId) || this.gaiaId_ |
| }; |
| window.parent.postMessage(msg, this.parentPage_); |
| this.supportChannel_.send({name: 'resetAuth'}); |
| @@ -268,6 +275,7 @@ Authenticator.prototype = { |
| // from the GAIA login form are no longer relevant and can be discarded. |
| this.isSAMLFlow_ = true; |
| this.email_ = null; |
| + this.gaiaId_ = null; |
| this.passwordBytes_ = null; |
| } |
| @@ -318,6 +326,7 @@ Authenticator.prototype = { |
| } |
| this.apiToken_ = call.token; |
| this.email_ = call.user; |
| + this.gaiaId_ = null; // TODO(rogerta): no idea what to do here. |
|
guohui
2014/10/14 18:50:02
we should update the saml api to send the gaia id
bartfab (slow)
2014/10/15 08:39:07
Ah, I missed that one.
The API is called by a thi
Roger Tawa OOO till Jul 10th
2014/10/16 02:39:31
Done.
Roger Tawa OOO till Jul 10th
2014/10/16 02:39:32
Removed, since it cannot be set here and will be s
|
| this.passwordBytes_ = call.passwordBytes; |
| } else if (call.method == 'confirm') { |
| if (call.token != this.apiToken_) |
| @@ -342,12 +351,25 @@ Authenticator.prototype = { |
| }); |
| }, |
| - onConfirmLogin_: function() { |
| - if (!this.isSAMLFlow_) { |
| - this.completeLogin_(); |
| + /** |
| + * Callback invoked for 'completeLogin' message. |
| + */ |
| + onCompleteLogin_: function(opt_extraMsg) { |
| + // Skip SAML extra steps for desktop flow and non-SAML flow. |
| + if (!this.isSAMLFlow_ || this.desktopMode_) { |
| + this.completeLogin_(opt_extraMsg); |
| return; |
| } |
| + if (opt_extraMsg) { |
|
bartfab (slow)
2014/10/14 17:12:38
How can |opt_extraMsg| ever not exist? With the ch
Roger Tawa OOO till Jul 10th
2014/10/16 02:39:31
It can't anymore. Fixed.
|
| + this.email_ = opt_extraMsg.email; |
| + this.gaiaId_ = opt_extraMsg.gaiaId; |
| + // Password from |opt_extraMsg| is not used because ChromeOS SAML flow |
| + // gets password by asking user for confirm. |
|
bartfab (slow)
2014/10/14 17:12:38
Nit: s/for/to/
Roger Tawa OOO till Jul 10th
2014/10/16 02:39:32
Done.
|
| + this.skipForNow_ = opt_extraMsg.skipForNow; |
| + this.sessionIndex_ = opt_extraMsg.sessionIndex; |
| + } |
| + |
| var apiUsed = !!this.passwordBytes_; |
| // Retrieve the e-mail address of the user who just authenticated from GAIA. |
|
bartfab (slow)
2014/10/14 17:12:38
This is no longer necessary now that we get the us
Roger Tawa OOO till Jul 10th
2014/10/16 02:39:31
Done.
|
| @@ -401,6 +423,7 @@ Authenticator.prototype = { |
| onMessage: function(e) { |
| var msg = e.data; |
| if (msg.method == 'attemptLogin' && this.isGaiaMessage_(e)) { |
| + // At this point GAIA does not yet know the gaiaId, so its not set here. |
| this.email_ = msg.email; |
| this.passwordBytes_ = msg.password; |
| this.attemptToken_ = msg.attemptToken; |
| @@ -416,6 +439,7 @@ Authenticator.prototype = { |
| this.maybeInitialized_(); |
| } |
| this.email_ = null; |
| + this.gaiaId_ = null; |
|
bartfab (slow)
2014/10/14 17:12:38
Should |chooseWhatToSync_|, |skipForNow_| and |ses
Roger Tawa OOO till Jul 10th
2014/10/20 16:04:00
Done.
|
| this.passwordBytes_ = null; |
| this.attemptToken_ = null; |
| this.isSAMLFlow_ = false; |
| @@ -427,16 +451,6 @@ Authenticator.prototype = { |
| this.email_ = msg.email; |
| this.maybeCompleteSAMLLogin_(); |
| } |
| - } else if (msg.method == 'confirmLogin' && this.isInternalMessage_(e)) { |
| - // In the desktop mode, Chrome needs to wait for extra info such as |
| - // session index from the background JS. |
| - if (this.desktopMode_) |
| - return; |
| - |
| - if (this.attemptToken_ == msg.attemptToken) |
| - this.onConfirmLogin_(); |
| - else |
| - console.error('Authenticator.onMessage: unexpected attemptToken!?'); |
| } else if (msg.method == 'verifyConfirmedPassword' && |
| this.isParentMessage_(e)) { |
| this.onVerifyConfirmedPassword_(msg.password); |
