| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_ | |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/basictypes.h" | |
| 11 #include "base/memory/scoped_ptr.h" | |
| 12 #include "base/memory/weak_ptr.h" | |
| 13 #include "chrome/browser/chromeos/policy/wildcard_login_checker.h" | |
| 14 #include "chromeos/login/auth/auth_status_consumer.h" | |
| 15 #include "chromeos/login/auth/authenticator.h" | |
| 16 #include "chromeos/login/auth/extended_authenticator.h" | |
| 17 #include "chromeos/login/auth/online_attempt_host.h" | |
| 18 #include "chromeos/login/auth/user_context.h" | |
| 19 #include "content/public/browser/notification_observer.h" | |
| 20 #include "content/public/browser/notification_registrar.h" | |
| 21 #include "google_apis/gaia/google_service_auth_error.h" | |
| 22 | |
| 23 namespace policy { | |
| 24 class WildcardLoginChecker; | |
| 25 } | |
| 26 | |
| 27 namespace chromeos { | |
| 28 | |
| 29 // This class encapsulates sign in operations. | |
| 30 // Sign in is performed in a way that offline auth is executed first. | |
| 31 // Once offline auth is OK - user homedir is mounted, UI is launched. | |
| 32 // At this point LoginPerformer |delegate_| is destroyed and it releases | |
| 33 // LP instance ownership. LP waits for online login result. | |
| 34 // If auth is succeeded, cookie fetcher is executed, LP instance deletes itself. | |
| 35 // | |
| 36 // If |delegate_| is not NULL it will handle error messages, password input. | |
| 37 class LoginPerformer : public AuthStatusConsumer, | |
| 38 public OnlineAttemptHost::Delegate { | |
| 39 public: | |
| 40 typedef enum AuthorizationMode { | |
| 41 // Authorization performed internally by Chrome. | |
| 42 AUTH_MODE_INTERNAL, | |
| 43 // Authorization performed by an extension. | |
| 44 AUTH_MODE_EXTENSION | |
| 45 } AuthorizationMode; | |
| 46 | |
| 47 // Delegate class to get notifications from the LoginPerformer. | |
| 48 class Delegate : public AuthStatusConsumer { | |
| 49 public: | |
| 50 virtual ~Delegate() {} | |
| 51 virtual void WhiteListCheckFailed(const std::string& email) = 0; | |
| 52 virtual void PolicyLoadFailed() = 0; | |
| 53 virtual void OnOnlineChecked(const std::string& email, bool success) = 0; | |
| 54 }; | |
| 55 | |
| 56 explicit LoginPerformer(Delegate* delegate); | |
| 57 virtual ~LoginPerformer(); | |
| 58 | |
| 59 // AuthStatusConsumer implementation: | |
| 60 virtual void OnAuthFailure(const AuthFailure& error) override; | |
| 61 virtual void OnRetailModeAuthSuccess( | |
| 62 const UserContext& user_context) override; | |
| 63 virtual void OnAuthSuccess(const UserContext& user_context) override; | |
| 64 virtual void OnOffTheRecordAuthSuccess() override; | |
| 65 virtual void OnPasswordChangeDetected() override; | |
| 66 | |
| 67 // Performs a login for |user_context|. | |
| 68 // If auth_mode is AUTH_MODE_EXTENSION, there are no further auth checks, | |
| 69 // AUTH_MODE_INTERNAL will perform auth checks. | |
| 70 void PerformLogin(const UserContext& user_context, | |
| 71 AuthorizationMode auth_mode); | |
| 72 | |
| 73 // Performs supervised user login with a given |user_context|. | |
| 74 void LoginAsSupervisedUser(const UserContext& user_context); | |
| 75 | |
| 76 // Performs retail mode login. | |
| 77 void LoginRetailMode(); | |
| 78 | |
| 79 // Performs actions to prepare guest mode login. | |
| 80 void LoginOffTheRecord(); | |
| 81 | |
| 82 // Performs public session login with a given |user_context|. | |
| 83 void LoginAsPublicSession(const UserContext& user_context); | |
| 84 | |
| 85 // Performs a login into the kiosk mode account with |app_user_id|. | |
| 86 void LoginAsKioskAccount(const std::string& app_user_id, | |
| 87 bool use_guest_mount); | |
| 88 | |
| 89 // Migrates cryptohome using |old_password| specified. | |
| 90 void RecoverEncryptedData(const std::string& old_password); | |
| 91 | |
| 92 // Reinitializes cryptohome with the new password. | |
| 93 void ResyncEncryptedData(); | |
| 94 | |
| 95 // Returns latest auth error. | |
| 96 const GoogleServiceAuthError& error() const { | |
| 97 return last_login_failure_.error(); | |
| 98 } | |
| 99 | |
| 100 // True if password change has been detected. | |
| 101 bool password_changed() { return password_changed_; } | |
| 102 | |
| 103 // Number of times we've been called with OnPasswordChangeDetected(). | |
| 104 // If user enters incorrect old password, same LoginPerformer instance will | |
| 105 // be called so callback count makes it possible to distinguish initial | |
| 106 // "password changed detected" event from further attempts to enter old | |
| 107 // password for cryptohome migration (when > 1). | |
| 108 int password_changed_callback_count() { | |
| 109 return password_changed_callback_count_; | |
| 110 } | |
| 111 | |
| 112 void set_delegate(Delegate* delegate) { delegate_ = delegate; } | |
| 113 | |
| 114 AuthorizationMode auth_mode() const { return auth_mode_; } | |
| 115 | |
| 116 protected: | |
| 117 // Implements OnlineAttemptHost::Delegate. | |
| 118 virtual void OnChecked(const std::string& username, bool success) override; | |
| 119 | |
| 120 private: | |
| 121 // Starts login completion of externally authenticated user. | |
| 122 void StartLoginCompletion(); | |
| 123 | |
| 124 // Starts authentication. | |
| 125 void StartAuthentication(); | |
| 126 | |
| 127 // Completion callback for the online wildcard login check for enterprise | |
| 128 // devices. Continues the login process or signals whitelist check failure | |
| 129 // depending on the value of |result|. | |
| 130 void OnlineWildcardLoginCheckCompleted( | |
| 131 policy::WildcardLoginChecker::Result result); | |
| 132 | |
| 133 // Used for logging in. | |
| 134 scoped_refptr<Authenticator> authenticator_; | |
| 135 scoped_refptr<ExtendedAuthenticator> extended_authenticator_; | |
| 136 | |
| 137 // Used to make auxiliary online check. | |
| 138 OnlineAttemptHost online_attempt_host_; | |
| 139 | |
| 140 // Represents last login failure that was encountered when communicating to | |
| 141 // sign-in server. AuthFailure.LoginFailureNone() by default. | |
| 142 AuthFailure last_login_failure_; | |
| 143 | |
| 144 // User credentials for the current login attempt. | |
| 145 UserContext user_context_; | |
| 146 | |
| 147 // Notifications receiver. | |
| 148 Delegate* delegate_; | |
| 149 | |
| 150 // True if password change has been detected. | |
| 151 // Once correct password is entered homedir migration is executed. | |
| 152 bool password_changed_; | |
| 153 int password_changed_callback_count_; | |
| 154 | |
| 155 // Authorization mode type. | |
| 156 AuthorizationMode auth_mode_; | |
| 157 | |
| 158 // Used to verify logins that matched wildcard on the login whitelist. | |
| 159 scoped_ptr<policy::WildcardLoginChecker> wildcard_login_checker_; | |
| 160 | |
| 161 base::WeakPtrFactory<LoginPerformer> weak_factory_; | |
| 162 | |
| 163 DISALLOW_COPY_AND_ASSIGN(LoginPerformer); | |
| 164 }; | |
| 165 | |
| 166 } // namespace chromeos | |
| 167 | |
| 168 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 614973002:
Extract LoginPerformer to chromeos/auth (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master