Chromium Code Reviews Chromium Code Reviews
Issue 614973002:
Extract LoginPerformer to chromeos/auth (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/auth/login_performer.h" | 5 #include "chromeos/login/auth/login_performer.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/metrics/user_metrics.h" | |
| 12 #include "base/metrics/user_metrics_action.h" | |
| 11 #include "base/prefs/pref_service.h" | 13 #include "base/prefs/pref_service.h" |
| 12 #include "base/strings/utf_string_conversions.h" | 14 #include "base/strings/utf_string_conversions.h" |
| 13 #include "base/threading/thread_restrictions.h" | 15 #include "base/threading/thread_restrictions.h" |
| 14 #include "chrome/browser/browser_process.h" | |
| 15 #include "chrome/browser/chrome_notification_types.h" | |
| 16 #include "chrome/browser/chromeos/boot_times_loader.h" | |
| 17 #include "chrome/browser/chromeos/login/login_utils.h" | |
| 18 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio n.h" | |
| 19 #include "chrome/browser/chromeos/login/supervised/supervised_user_constants.h" | |
| 20 #include "chrome/browser/chromeos/login/supervised/supervised_user_login_flow.h" | |
| 21 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h" | |
| 22 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h" | |
| 23 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | |
| 24 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" | |
| 25 #include "chrome/browser/chromeos/profiles/profile_helper.h" | |
| 26 #include "chrome/browser/chromeos/settings/cros_settings.h" | |
| 27 #include "chrome/common/pref_names.h" | |
| 28 #include "chromeos/dbus/dbus_thread_manager.h" | 16 #include "chromeos/dbus/dbus_thread_manager.h" |
| 29 #include "chromeos/dbus/session_manager_client.h" | 17 #include "chromeos/dbus/session_manager_client.h" |
| 30 #include "chromeos/login/user_names.h" | 18 #include "chromeos/login/user_names.h" |
| 19 #include "chromeos/login_event_recorder.h" | |
| 31 #include "chromeos/settings/cros_settings_names.h" | 20 #include "chromeos/settings/cros_settings_names.h" |
| 32 #include "components/user_manager/user_manager.h" | |
| 33 #include "content/public/browser/browser_thread.h" | |
| 34 #include "content/public/browser/notification_service.h" | |
| 35 #include "content/public/browser/notification_types.h" | |
| 36 #include "content/public/browser/user_metrics.h" | |
| 37 #include "google_apis/gaia/gaia_auth_util.h" | 21 #include "google_apis/gaia/gaia_auth_util.h" |
| 38 #include "net/cookies/cookie_monster.h" | 22 #include "net/cookies/cookie_monster.h" |
| 39 #include "net/cookies/cookie_store.h" | 23 #include "net/cookies/cookie_store.h" |
| 40 #include "net/url_request/url_request_context.h" | 24 #include "net/url_request/url_request_context.h" |
| 41 #include "net/url_request/url_request_context_getter.h" | 25 #include "net/url_request/url_request_context_getter.h" |
| 42 | 26 |
| 43 using base::UserMetricsAction; | 27 using base::UserMetricsAction; |
| 44 using content::BrowserThread; | |
| 45 | 28 |
| 46 namespace chromeos { | 29 namespace chromeos { |
| 47 | 30 |
| 48 LoginPerformer::LoginPerformer(Delegate* delegate) | 31 LoginPerformer::LoginPerformer(scoped_refptr<base::TaskRunner> task_runner, |
| 49 : online_attempt_host_(this), | 32 Delegate* delegate) |
| 33 : delegate_(delegate), | |
| 34 task_runner_(task_runner), | |
| 35 online_attempt_host_(this), | |
| 50 last_login_failure_(AuthFailure::AuthFailureNone()), | 36 last_login_failure_(AuthFailure::AuthFailureNone()), |
| 51 delegate_(delegate), | |
| 52 password_changed_(false), | 37 password_changed_(false), |
| 53 password_changed_callback_count_(0), | 38 password_changed_callback_count_(0), |
| 54 auth_mode_(AUTH_MODE_INTERNAL), | 39 auth_mode_(AUTH_MODE_INTERNAL), |
| 55 weak_factory_(this) { | 40 weak_factory_(this) { |
| 56 } | 41 } |
| 57 | 42 |
| 58 LoginPerformer::~LoginPerformer() { | 43 LoginPerformer::~LoginPerformer() { |
| 59 DVLOG(1) << "Deleting LoginPerformer"; | 44 DVLOG(1) << "Deleting LoginPerformer"; |
| 60 if (authenticator_.get()) | 45 if (authenticator_.get()) |
| 61 authenticator_->SetConsumer(NULL); | 46 authenticator_->SetConsumer(NULL); |
| 62 if (extended_authenticator_.get()) | 47 if (extended_authenticator_.get()) |
| 63 extended_authenticator_->SetConsumer(NULL); | 48 extended_authenticator_->SetConsumer(NULL); |
| 64 } | 49 } |
| 65 | 50 |
| 66 //////////////////////////////////////////////////////////////////////////////// | 51 //////////////////////////////////////////////////////////////////////////////// |
| 67 // LoginPerformer, AuthStatusConsumer implementation: | 52 // LoginPerformer, AuthStatusConsumer implementation: |
| 68 | 53 |
| 69 void LoginPerformer::OnAuthFailure(const AuthFailure& failure) { | 54 void LoginPerformer::OnAuthFailure(const AuthFailure& failure) { |
| 70 content::RecordAction(UserMetricsAction("Login_Failure")); | 55 DCHECK(task_runner_->RunsTasksOnCurrentThread()); |
| 56 base::RecordAction(UserMetricsAction("Login_Failure")); | |
| 57 | |
| 71 UMA_HISTOGRAM_ENUMERATION("Login.FailureReason", | 58 UMA_HISTOGRAM_ENUMERATION("Login.FailureReason", |
| 72 failure.reason(), | 59 failure.reason(), |
| 73 AuthFailure::NUM_FAILURE_REASONS); | 60 AuthFailure::NUM_FAILURE_REASONS); |
| 74 | 61 |
| 75 DVLOG(1) << "failure.reason " << failure.reason(); | 62 DVLOG(1) << "failure.reason " << failure.reason(); |
| 76 DVLOG(1) << "failure.error.state " << failure.error().state(); | 63 DVLOG(1) << "failure.error.state " << failure.error().state(); |
| 77 | 64 |
| 78 last_login_failure_ = failure; | 65 last_login_failure_ = failure; |
| 79 if (delegate_) { | 66 if (delegate_) { |
| 80 delegate_->OnAuthFailure(failure); | 67 delegate_->OnAuthFailure(failure); |
| 81 return; | 68 return; |
| 82 } else { | 69 } else { |
| 83 // COULD_NOT_MOUNT_CRYPTOHOME, COULD_NOT_MOUNT_TMPFS: | 70 // COULD_NOT_MOUNT_CRYPTOHOME, COULD_NOT_MOUNT_TMPFS: |
| 84 // happens during offline auth only. | 71 // happens during offline auth only. |
| 85 NOTREACHED(); | 72 NOTREACHED(); |
| 86 } | 73 } |
| 87 } | 74 } |
| 88 | 75 |
| 89 void LoginPerformer::OnRetailModeAuthSuccess(const UserContext& user_context) { | 76 void LoginPerformer::OnRetailModeAuthSuccess(const UserContext& user_context) { |
| 90 content::RecordAction( | 77 DCHECK(task_runner_->RunsTasksOnCurrentThread()); |
| 91 UserMetricsAction("Login_DemoUserLoginSuccess")); | 78 base::RecordAction(UserMetricsAction("Login_DemoUserLoginSuccess")); |
| 92 AuthStatusConsumer::OnRetailModeAuthSuccess(user_context); | 79 AuthStatusConsumer::OnRetailModeAuthSuccess(user_context); |
| 93 } | 80 } |
| 94 | 81 |
| 95 void LoginPerformer::OnAuthSuccess(const UserContext& user_context) { | 82 void LoginPerformer::OnAuthSuccess(const UserContext& user_context) { |
| 96 content::RecordAction(UserMetricsAction("Login_Success")); | 83 DCHECK(task_runner_->RunsTasksOnCurrentThread()); |
| 84 base::RecordAction(UserMetricsAction("Login_Success")); | |
| 97 VLOG(1) << "LoginSuccess hash: " << user_context.GetUserIDHash(); | 85 VLOG(1) << "LoginSuccess hash: " << user_context.GetUserIDHash(); |
| 98 DCHECK(delegate_); | 86 DCHECK(delegate_); |
| 99 // After delegate_->OnAuthSuccess(...) is called, delegate_ releases | 87 // After delegate_->OnAuthSuccess(...) is called, delegate_ releases |
| 100 // LoginPerformer ownership. LP now manages it's lifetime on its own. | 88 // LoginPerformer ownership. LP now manages it's lifetime on its own. |
| 101 base::MessageLoop::current()->DeleteSoon(FROM_HERE, this); | 89 base::MessageLoop::current()->DeleteSoon(FROM_HERE, this); |
| 102 delegate_->OnAuthSuccess(user_context); | 90 delegate_->OnAuthSuccess(user_context); |
| 103 } | 91 } |
| 104 | 92 |
| 105 void LoginPerformer::OnOffTheRecordAuthSuccess() { | 93 void LoginPerformer::OnOffTheRecordAuthSuccess() { |
| 106 content::RecordAction( | 94 DCHECK(task_runner_->RunsTasksOnCurrentThread()); |
| 107 UserMetricsAction("Login_GuestLoginSuccess")); | 95 base::RecordAction(UserMetricsAction("Login_GuestLoginSuccess")); |
| 108 | 96 |
| 109 if (delegate_) | 97 if (delegate_) |
| 110 delegate_->OnOffTheRecordAuthSuccess(); | 98 delegate_->OnOffTheRecordAuthSuccess(); |
| 111 else | 99 else |
| 112 NOTREACHED(); | 100 NOTREACHED(); |
| 113 } | 101 } |
| 114 | 102 |
| 115 void LoginPerformer::OnPasswordChangeDetected() { | 103 void LoginPerformer::OnPasswordChangeDetected() { |
| 116 password_changed_ = true; | 104 password_changed_ = true; |
| 117 password_changed_callback_count_++; | 105 password_changed_callback_count_++; |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 129 // Case when user has changed password and enters old password | 117 // Case when user has changed password and enters old password |
| 130 // does not block user from sign in yet. | 118 // does not block user from sign in yet. |
| 131 return; | 119 return; |
| 132 } | 120 } |
| 133 delegate_->OnOnlineChecked(username, success); | 121 delegate_->OnOnlineChecked(username, success); |
| 134 } | 122 } |
| 135 | 123 |
| 136 //////////////////////////////////////////////////////////////////////////////// | 124 //////////////////////////////////////////////////////////////////////////////// |
| 137 // LoginPerformer, public: | 125 // LoginPerformer, public: |
| 138 | 126 |
| 127 void LoginPerformer::NotifyWhitelistCheckFailure() { | |
| 128 if (delegate_) | |
| 129 delegate_->WhiteListCheckFailed(user_context_.GetUserID()); | |
| 130 else | |
| 131 NOTREACHED(); | |
| 132 } | |
| 133 | |
| 139 void LoginPerformer::PerformLogin(const UserContext& user_context, | 134 void LoginPerformer::PerformLogin(const UserContext& user_context, |
| 140 AuthorizationMode auth_mode) { | 135 AuthorizationMode auth_mode) { |
| 141 auth_mode_ = auth_mode; | 136 auth_mode_ = auth_mode; |
| 142 user_context_ = user_context; | 137 user_context_ = user_context; |
| 143 | 138 |
| 144 CrosSettings* cros_settings = CrosSettings::Get(); | 139 if (RunTrustedCheck(base::Bind(&LoginPerformer::DoPerformLogin, |
| 140 weak_factory_.GetWeakPtr(), | |
| 141 user_context_, | |
| 142 auth_mode))) | |
| 143 return; | |
|
Nikita (slow)
2014/10/06 14:55:33
nit: Add {}
| |
| 144 DoPerformLogin(user_context, auth_mode); | |
| 145 } | |
| 145 | 146 |
| 146 // Whitelist check is always performed during initial login. | 147 void LoginPerformer::DoPerformLogin(const UserContext& user_context, |
| 147 CrosSettingsProvider::TrustedStatus status = | 148 AuthorizationMode auth_mode) { |
| 148 cros_settings->PrepareTrustedValues( | 149 std::string email = gaia::CanonicalizeEmail(user_context.GetUserID()); |
| 149 base::Bind(&LoginPerformer::PerformLogin, | 150 bool wildcard_match = false; |
| 150 weak_factory_.GetWeakPtr(), | 151 if (!IsUserWhitelisted(email, &wildcard_match)) { |
| 151 user_context_, auth_mode)); | 152 NotifyWhitelistCheckFailure(); |
| 152 // Must not proceed without signature verification. | |
| 153 if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) { | |
| 154 if (delegate_) | |
| 155 delegate_->PolicyLoadFailed(); | |
| 156 else | |
| 157 NOTREACHED(); | |
| 158 return; | |
| 159 } else if (status != CrosSettingsProvider::TRUSTED) { | |
| 160 // Value of AllowNewUser setting is still not verified. | |
| 161 // Another attempt will be invoked after verification completion. | |
| 162 return; | 153 return; |
| 163 } | 154 } |
| 164 | 155 switch (auth_mode_) { |
| 165 bool wildcard_match = false; | 156 case AUTH_MODE_EXTENSION: { |
| 166 std::string email = gaia::CanonicalizeEmail(user_context.GetUserID()); | 157 RunOnlineWhitelistCheck( |
| 167 bool is_whitelisted = LoginUtils::IsWhitelisted(email, &wildcard_match); | 158 email, |
| 168 if (is_whitelisted) { | 159 wildcard_match, |
| 169 switch (auth_mode_) { | 160 base::Bind(&LoginPerformer::StartLoginCompletion, |
| 170 case AUTH_MODE_EXTENSION: { | 161 weak_factory_.GetWeakPtr()), |
| 171 // On enterprise devices, reconfirm login permission with the server. | 162 base::Bind(&LoginPerformer::NotifyWhitelistCheckFailure, |
| 172 policy::BrowserPolicyConnectorChromeOS* connector = | 163 weak_factory_.GetWeakPtr())); |
| 173 g_browser_process->platform_part() | 164 break; |
| 174 ->browser_policy_connector_chromeos(); | |
| 175 if (connector->IsEnterpriseManaged() && wildcard_match && | |
| 176 !connector->IsNonEnterpriseUser(email)) { | |
| 177 wildcard_login_checker_.reset(new policy::WildcardLoginChecker()); | |
| 178 wildcard_login_checker_->Start( | |
| 179 ProfileHelper::GetSigninProfile()->GetRequestContext(), | |
| 180 base::Bind(&LoginPerformer::OnlineWildcardLoginCheckCompleted, | |
| 181 weak_factory_.GetWeakPtr())); | |
| 182 } else { | |
| 183 StartLoginCompletion(); | |
| 184 } | |
| 185 break; | |
| 186 } | |
| 187 case AUTH_MODE_INTERNAL: | |
| 188 StartAuthentication(); | |
| 189 break; | |
| 190 } | 165 } |
| 191 } else { | 166 case AUTH_MODE_INTERNAL: |
| 192 if (delegate_) | 167 StartAuthentication(); |
| 193 delegate_->WhiteListCheckFailed(user_context.GetUserID()); | 168 break; |
| 194 else | |
| 195 NOTREACHED(); | |
| 196 } | 169 } |
| 197 } | 170 } |
| 198 | 171 |
| 199 void LoginPerformer::LoginAsSupervisedUser( | 172 void LoginPerformer::LoginAsSupervisedUser(const UserContext& user_context) { |
| 200 const UserContext& user_context) { | |
| 201 DCHECK_EQ(chromeos::login::kSupervisedUserDomain, | 173 DCHECK_EQ(chromeos::login::kSupervisedUserDomain, |
| 202 gaia::ExtractDomainName(user_context.GetUserID())); | 174 gaia::ExtractDomainName(user_context.GetUserID())); |
| 203 | 175 |
| 204 CrosSettings* cros_settings = CrosSettings::Get(); | 176 if (RunTrustedCheck(base::Bind(&LoginPerformer::LoginAsSupervisedUser, |
| 205 CrosSettingsProvider::TrustedStatus status = | 177 weak_factory_.GetWeakPtr(), |
| 206 cros_settings->PrepareTrustedValues( | 178 user_context_))) |
| 207 base::Bind(&LoginPerformer::LoginAsSupervisedUser, | |
| 208 weak_factory_.GetWeakPtr(), | |
| 209 user_context_)); | |
| 210 // Must not proceed without signature verification. | |
| 211 if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) { | |
| 212 if (delegate_) | |
| 213 delegate_->PolicyLoadFailed(); | |
| 214 else | |
| 215 NOTREACHED(); | |
| 216 return; | 179 return; |
|
Nikita (slow)
2014/10/06 14:55:33
nit: Add {}
| |
| 217 } else if (status != CrosSettingsProvider::TRUSTED) { | |
| 218 // Value of kAccountsPrefSupervisedUsersEnabled setting is still not | |
| 219 // verified. Another attempt will be invoked after verification completion. | |
| 220 return; | |
| 221 } | |
| 222 | 180 |
| 223 if (!user_manager::UserManager::Get()->AreSupervisedUsersAllowed()) { | 181 if (!AreSupervisedUsersAllowed()) { |
| 224 LOG(ERROR) << "Login attempt of supervised user detected."; | 182 LOG(ERROR) << "Login attempt of supervised user detected."; |
| 225 delegate_->WhiteListCheckFailed(user_context.GetUserID()); | 183 delegate_->WhiteListCheckFailed(user_context.GetUserID()); |
| 226 return; | 184 return; |
| 227 } | 185 } |
| 228 | 186 |
| 229 SupervisedUserLoginFlow* new_flow = | 187 SetupSupervisedUserFlow(user_context.GetUserID()); |
| 230 new SupervisedUserLoginFlow(user_context.GetUserID()); | 188 UserContext user_context_copy = TransformSupervisedKey(user_context); |
| 231 new_flow->set_host( | |
| 232 ChromeUserManager::Get()->GetUserFlow(user_context.GetUserID())->host()); | |
| 233 ChromeUserManager::Get()->SetUserFlow(user_context.GetUserID(), new_flow); | |
| 234 | 189 |
| 235 SupervisedUserAuthentication* authentication = | 190 if (UseExtendedAuthenticatorForSupervisedUser(user_context)) { |
| 236 ChromeUserManager::Get()->GetSupervisedUserManager()->GetAuthentication(); | 191 EnsureExtendedAuthenticator(); |
| 237 | |
| 238 UserContext user_context_copy = authentication->TransformKey(user_context); | |
| 239 | |
| 240 if (authentication->GetPasswordSchema(user_context.GetUserID()) == | |
| 241 SupervisedUserAuthentication::SCHEMA_SALT_HASHED) { | |
| 242 if (extended_authenticator_.get()) { | |
| 243 extended_authenticator_->SetConsumer(NULL); | |
| 244 } | |
| 245 extended_authenticator_ = new ExtendedAuthenticator(this); | |
| 246 // TODO(antrim) : Replace empty callback with explicit method. | 192 // TODO(antrim) : Replace empty callback with explicit method. |
| 247 // http://crbug.com/351268 | 193 // http://crbug.com/351268 |
| 248 BrowserThread::PostTask( | 194 task_runner_->PostTask( |
| 249 BrowserThread::UI, | |
| 250 FROM_HERE, | 195 FROM_HERE, |
| 251 base::Bind(&ExtendedAuthenticator::AuthenticateToMount, | 196 base::Bind(&ExtendedAuthenticator::AuthenticateToMount, |
| 252 extended_authenticator_.get(), | 197 extended_authenticator_.get(), |
| 253 user_context_copy, | 198 user_context_copy, |
| 254 ExtendedAuthenticator::ResultCallback())); | 199 ExtendedAuthenticator::ResultCallback())); |
| 255 | 200 |
| 256 } else { | 201 } else { |
| 257 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 202 EnsureAuthenticator(); |
| 258 BrowserThread::PostTask( | 203 task_runner_->PostTask(FROM_HERE, |
| 259 BrowserThread::UI, | 204 base::Bind(&Authenticator::LoginAsSupervisedUser, |
| 260 FROM_HERE, | 205 authenticator_.get(), |
| 261 base::Bind(&Authenticator::LoginAsSupervisedUser, | 206 user_context_copy)); |
| 262 authenticator_.get(), | |
| 263 user_context_copy)); | |
| 264 } | 207 } |
| 265 } | 208 } |
| 266 | 209 |
| 267 void LoginPerformer::LoginRetailMode() { | |
| 268 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | |
| 269 BrowserThread::PostTask( | |
| 270 BrowserThread::UI, FROM_HERE, | |
| 271 base::Bind(&Authenticator::LoginRetailMode, authenticator_.get())); | |
| 272 } | |
| 273 | |
| 274 void LoginPerformer::LoginOffTheRecord() { | |
| 275 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | |
| 276 BrowserThread::PostTask( | |
| 277 BrowserThread::UI, FROM_HERE, | |
| 278 base::Bind(&Authenticator::LoginOffTheRecord, authenticator_.get())); | |
| 279 } | |
| 280 | |
| 281 void LoginPerformer::LoginAsPublicSession(const UserContext& user_context) { | 210 void LoginPerformer::LoginAsPublicSession(const UserContext& user_context) { |
| 282 // Login is not allowed if policy could not be loaded for the account. | 211 if (!CheckPolicyForUser(user_context.GetUserID())) { |
| 283 policy::BrowserPolicyConnectorChromeOS* connector = | |
| 284 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | |
| 285 policy::DeviceLocalAccountPolicyService* policy_service = | |
| 286 connector->GetDeviceLocalAccountPolicyService(); | |
| 287 if (!policy_service || | |
| 288 !policy_service->IsPolicyAvailableForUser(user_context.GetUserID())) { | |
| 289 DCHECK(delegate_); | 212 DCHECK(delegate_); |
| 290 if (delegate_) | 213 if (delegate_) |
| 291 delegate_->PolicyLoadFailed(); | 214 delegate_->PolicyLoadFailed(); |
| 292 return; | 215 return; |
| 293 } | 216 } |
| 294 | 217 |
| 295 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 218 EnsureAuthenticator(); |
| 296 BrowserThread::PostTask( | 219 task_runner_->PostTask(FROM_HERE, |
| 297 BrowserThread::UI, FROM_HERE, | 220 base::Bind(&Authenticator::LoginAsPublicSession, |
| 298 base::Bind(&Authenticator::LoginAsPublicSession, | 221 authenticator_.get(), |
| 299 authenticator_.get(), | 222 user_context)); |
| 300 user_context)); | 223 } |
| 224 | |
| 225 void LoginPerformer::LoginRetailMode() { | |
| 226 EnsureAuthenticator(); | |
| 227 task_runner_->PostTask( | |
| 228 FROM_HERE, | |
| 229 base::Bind(&Authenticator::LoginRetailMode, authenticator_.get())); | |
| 230 } | |
| 231 | |
| 232 void LoginPerformer::LoginOffTheRecord() { | |
| 233 EnsureAuthenticator(); | |
| 234 task_runner_->PostTask( | |
| 235 FROM_HERE, | |
| 236 base::Bind(&Authenticator::LoginOffTheRecord, authenticator_.get())); | |
| 301 } | 237 } |
| 302 | 238 |
| 303 void LoginPerformer::LoginAsKioskAccount(const std::string& app_user_id, | 239 void LoginPerformer::LoginAsKioskAccount(const std::string& app_user_id, |
| 304 bool use_guest_mount) { | 240 bool use_guest_mount) { |
| 305 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 241 EnsureAuthenticator(); |
| 306 BrowserThread::PostTask( | 242 task_runner_->PostTask(FROM_HERE, |
| 307 BrowserThread::UI, FROM_HERE, | 243 base::Bind(&Authenticator::LoginAsKioskAccount, |
| 308 base::Bind(&Authenticator::LoginAsKioskAccount, authenticator_.get(), | 244 authenticator_.get(), |
| 309 app_user_id, use_guest_mount)); | 245 app_user_id, |
| 246 use_guest_mount)); | |
| 310 } | 247 } |
| 311 | 248 |
| 312 void LoginPerformer::RecoverEncryptedData(const std::string& old_password) { | 249 void LoginPerformer::RecoverEncryptedData(const std::string& old_password) { |
| 313 BrowserThread::PostTask( | 250 task_runner_->PostTask(FROM_HERE, |
| 314 BrowserThread::UI, FROM_HERE, | 251 base::Bind(&Authenticator::RecoverEncryptedData, |
| 315 base::Bind(&Authenticator::RecoverEncryptedData, authenticator_.get(), | 252 authenticator_.get(), |
| 316 old_password)); | 253 old_password)); |
| 317 } | 254 } |
| 318 | 255 |
| 319 void LoginPerformer::ResyncEncryptedData() { | 256 void LoginPerformer::ResyncEncryptedData() { |
| 320 BrowserThread::PostTask( | 257 task_runner_->PostTask( |
| 321 BrowserThread::UI, FROM_HERE, | 258 FROM_HERE, |
| 322 base::Bind(&Authenticator::ResyncEncryptedData, authenticator_.get())); | 259 base::Bind(&Authenticator::ResyncEncryptedData, authenticator_.get())); |
| 323 } | 260 } |
| 324 | 261 |
| 325 //////////////////////////////////////////////////////////////////////////////// | 262 //////////////////////////////////////////////////////////////////////////////// |
| 326 // LoginPerformer, private: | 263 // LoginPerformer, private: |
| 327 | 264 |
| 265 void LoginPerformer::EnsureExtendedAuthenticator() { | |
| 266 if (extended_authenticator_.get()) { | |
|
Nikita (slow)
2014/10/06 14:55:33
nit: drop {}
| |
| 267 extended_authenticator_->SetConsumer(NULL); | |
| 268 } | |
| 269 extended_authenticator_ = new ExtendedAuthenticator(this); | |
| 270 } | |
| 271 | |
| 328 void LoginPerformer::StartLoginCompletion() { | 272 void LoginPerformer::StartLoginCompletion() { |
| 329 DVLOG(1) << "Login completion started"; | 273 DVLOG(1) << "Login completion started"; |
| 330 BootTimesLoader::Get()->AddLoginTimeMarker("AuthStarted", false); | 274 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker("AuthStarted", false); |
| 331 Profile* profile = ProfileHelper::GetSigninProfile(); | 275 Profile* profile = GetSigninProfile(); |
|
Nikita (slow)
2014/10/06 14:55:33
You should not use Profile in this base class, use
| |
| 332 | 276 EnsureAuthenticator(); |
| 333 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 277 task_runner_->PostTask(FROM_HERE, |
| 334 BrowserThread::PostTask( | 278 base::Bind(&chromeos::Authenticator::CompleteLogin, |
| 335 BrowserThread::UI, FROM_HERE, | 279 authenticator_.get(), |
| 336 base::Bind(&Authenticator::CompleteLogin, authenticator_.get(), | 280 profile, |
| 337 profile, | 281 user_context_)); |
| 338 user_context_)); | |
| 339 user_context_.ClearSecrets(); | 282 user_context_.ClearSecrets(); |
| 340 } | 283 } |
| 341 | 284 |
| 342 void LoginPerformer::StartAuthentication() { | 285 void LoginPerformer::StartAuthentication() { |
| 343 DVLOG(1) << "Auth started"; | 286 DVLOG(1) << "Auth started"; |
| 344 BootTimesLoader::Get()->AddLoginTimeMarker("AuthStarted", false); | 287 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker("AuthStarted", false); |
| 345 Profile* profile = ProfileHelper::GetSigninProfile(); | |
| 346 if (delegate_) { | 288 if (delegate_) { |
| 347 authenticator_ = LoginUtils::Get()->CreateAuthenticator(this); | 289 EnsureAuthenticator(); |
| 348 BrowserThread::PostTask( | 290 Profile* profile = GetSigninProfile(); |
| 349 BrowserThread::UI, FROM_HERE, | 291 task_runner_->PostTask(FROM_HERE, |
| 350 base::Bind(&Authenticator::AuthenticateToLogin, authenticator_.get(), | 292 base::Bind(&Authenticator::AuthenticateToLogin, |
| 351 profile, | 293 authenticator_.get(), |
| 352 user_context_)); | 294 base::Unretained(profile), |
| 295 user_context_)); | |
| 353 // Make unobtrusive online check. It helps to determine password change | 296 // Make unobtrusive online check. It helps to determine password change |
| 354 // state in the case when offline login fails. | 297 // state in the case when offline login fails. |
| 355 online_attempt_host_.Check(profile->GetRequestContext(), user_context_); | 298 online_attempt_host_.Check(GetSigninRequestContext(), user_context_); |
| 356 } else { | 299 } else { |
| 357 NOTREACHED(); | 300 NOTREACHED(); |
| 358 } | 301 } |
| 359 user_context_.ClearSecrets(); | 302 user_context_.ClearSecrets(); |
| 360 } | 303 } |
| 361 | 304 |
| 362 void LoginPerformer::OnlineWildcardLoginCheckCompleted( | 305 void LoginPerformer::EnsureAuthenticator() { |
| 363 policy::WildcardLoginChecker::Result result) { | 306 authenticator_ = CreateAuthenticator(); |
| 364 if (result == policy::WildcardLoginChecker::RESULT_ALLOWED) { | |
| 365 StartLoginCompletion(); | |
| 366 } else { | |
| 367 if (delegate_) | |
| 368 delegate_->WhiteListCheckFailed(user_context_.GetUserID()); | |
| 369 } | |
| 370 } | 307 } |
| 371 | |
| 372 } // namespace chromeos | 308 } // namespace chromeos |
| OLD | NEW |
