| Index: chrome/browser/chromeos/login/auth/chrome_login_performer.cc
|
| diff --git a/chrome/browser/chromeos/login/auth/chrome_login_performer.cc b/chrome/browser/chromeos/login/auth/chrome_login_performer.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..1922cd563e7000517b2b87c783daeabce9ae1ba5
|
| --- /dev/null
|
| +++ b/chrome/browser/chromeos/login/auth/chrome_login_performer.cc
|
| @@ -0,0 +1,171 @@
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "chrome/browser/chromeos/login/auth/chrome_login_performer.h"
|
| +
|
| +#include "base/bind.h"
|
| +#include "base/thread_task_runner_handle.h"
|
| +#include "chrome/browser/browser_process.h"
|
| +#include "chrome/browser/chromeos/login/login_utils.h"
|
| +#include "chrome/browser/chromeos/login/supervised/supervised_user_authentication.h"
|
| +#include "chrome/browser/chromeos/login/supervised/supervised_user_constants.h"
|
| +#include "chrome/browser/chromeos/login/supervised/supervised_user_login_flow.h"
|
| +#include "chrome/browser/chromeos/login/users/chrome_user_manager.h"
|
| +#include "chrome/browser/chromeos/login/users/supervised_user_manager.h"
|
| +#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
|
| +#include "chrome/browser/chromeos/policy/device_local_account_policy_service.h"
|
| +#include "chrome/browser/chromeos/profiles/profile_helper.h"
|
| +#include "chrome/browser/chromeos/settings/cros_settings.h"
|
| +
|
| +namespace chromeos {
|
| +
|
| +ChromeLoginPerformer::ChromeLoginPerformer(Delegate* delegate)
|
| + : LoginPerformer(base::ThreadTaskRunnerHandle::Get(), delegate),
|
| + weak_factory_(this) {
|
| +}
|
| +
|
| +ChromeLoginPerformer::~ChromeLoginPerformer() {
|
| +}
|
| +
|
| +////////////////////////////////////////////////////////////////////////////////
|
| +// ChromeLoginPerformer, public:
|
| +
|
| +bool ChromeLoginPerformer::RunTrustedCheck(const base::Closure& callback) {
|
| + CrosSettings* cros_settings = CrosSettings::Get();
|
| +
|
| + CrosSettingsProvider::TrustedStatus status =
|
| + cros_settings->PrepareTrustedValues(
|
| + base::Bind(&ChromeLoginPerformer::DidRunTrustedCheck,
|
| + weak_factory_.GetWeakPtr(),
|
| + callback));
|
| + // Must not proceed without signature verification.
|
| + if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) {
|
| + if (delegate_)
|
| + delegate_->PolicyLoadFailed();
|
| + else
|
| + NOTREACHED();
|
| + return true; // Some callback was called.
|
| + } else if (status == CrosSettingsProvider::TEMPORARILY_UNTRUSTED) {
|
| + // Value of AllowNewUser setting is still not verified.
|
| + // Another attempt will be invoked after verification completion.
|
| + return false;
|
| + } else {
|
| + DCHECK(status == CrosSettingsProvider::TRUSTED);
|
| + // CrosSettingsProvider::TRUSTED
|
| + callback.Run();
|
| + return true; // Some callback was called.
|
| + }
|
| +}
|
| +
|
| +void ChromeLoginPerformer::DidRunTrustedCheck(const base::Closure& callback) {
|
| + CrosSettings* cros_settings = CrosSettings::Get();
|
| +
|
| + CrosSettingsProvider::TrustedStatus status =
|
| + cros_settings->PrepareTrustedValues(
|
| + base::Bind(&ChromeLoginPerformer::DidRunTrustedCheck,
|
| + weak_factory_.GetWeakPtr(),
|
| + callback));
|
| + // Must not proceed without signature verification.
|
| + if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) {
|
| + if (delegate_)
|
| + delegate_->PolicyLoadFailed();
|
| + else
|
| + NOTREACHED();
|
| + } else if (status == CrosSettingsProvider::TEMPORARILY_UNTRUSTED) {
|
| + // Value of AllowNewUser setting is still not verified.
|
| + // Another attempt will be invoked after verification completion.
|
| + return;
|
| + } else {
|
| + DCHECK(status == CrosSettingsProvider::TRUSTED);
|
| + callback.Run();
|
| + }
|
| +}
|
| +
|
| +bool ChromeLoginPerformer::IsUserWhitelisted(const std::string& user_id,
|
| + bool* wildcard_match) {
|
| + return LoginUtils::IsWhitelisted(user_id, wildcard_match);
|
| +}
|
| +
|
| +void ChromeLoginPerformer::RunOnlineWhitelistCheck(
|
| + const std::string& user_id,
|
| + bool wildcard_match,
|
| + const base::Closure& success_callback,
|
| + const base::Closure& failure_callback) {
|
| + // On enterprise devices, reconfirm login permission with the server.
|
| + policy::BrowserPolicyConnectorChromeOS* connector =
|
| + g_browser_process->platform_part()->browser_policy_connector_chromeos();
|
| + if (connector->IsEnterpriseManaged() && wildcard_match &&
|
| + !connector->IsNonEnterpriseUser(user_id)) {
|
| + wildcard_login_checker_.reset(new policy::WildcardLoginChecker());
|
| + wildcard_login_checker_->Start(
|
| + ProfileHelper::GetSigninProfile()->GetRequestContext(),
|
| + base::Bind(&ChromeLoginPerformer::OnlineWildcardLoginCheckCompleted,
|
| + weak_factory_.GetWeakPtr(),
|
| + success_callback,
|
| + failure_callback));
|
| + } else {
|
| + success_callback.Run();
|
| + }
|
| +}
|
| +
|
| +scoped_refptr<Authenticator> ChromeLoginPerformer::CreateAuthenticator() {
|
| + return LoginUtils::Get()->CreateAuthenticator(this);
|
| +}
|
| +
|
| +bool ChromeLoginPerformer::AreSupervisedUsersAllowed() {
|
| + return user_manager::UserManager::Get()->AreSupervisedUsersAllowed();
|
| +}
|
| +
|
| +bool ChromeLoginPerformer::UseExtendedAuthenticatorForSupervisedUser(
|
| + const UserContext& user_context) {
|
| + SupervisedUserAuthentication* authentication =
|
| + ChromeUserManager::Get()->GetSupervisedUserManager()->GetAuthentication();
|
| + return authentication->GetPasswordSchema(user_context.GetUserID()) ==
|
| + SupervisedUserAuthentication::SCHEMA_SALT_HASHED;
|
| +}
|
| +
|
| +UserContext ChromeLoginPerformer::TransformSupervisedKey(
|
| + const UserContext& context) {
|
| + SupervisedUserAuthentication* authentication =
|
| + ChromeUserManager::Get()->GetSupervisedUserManager()->GetAuthentication();
|
| + return authentication->TransformKey(context);
|
| +}
|
| +
|
| +void ChromeLoginPerformer::SetupSupervisedUserFlow(const std::string& user_id) {
|
| + SupervisedUserLoginFlow* new_flow = new SupervisedUserLoginFlow(user_id);
|
| + new_flow->set_host(ChromeUserManager::Get()->GetUserFlow(user_id)->host());
|
| + ChromeUserManager::Get()->SetUserFlow(user_id, new_flow);
|
| +}
|
| +
|
| +bool ChromeLoginPerformer::CheckPolicyForUser(const std::string& user_id) {
|
| + // Login is not allowed if policy could not be loaded for the account.
|
| + policy::BrowserPolicyConnectorChromeOS* connector =
|
| + g_browser_process->platform_part()->browser_policy_connector_chromeos();
|
| + policy::DeviceLocalAccountPolicyService* policy_service =
|
| + connector->GetDeviceLocalAccountPolicyService();
|
| + return policy_service && policy_service->IsPolicyAvailableForUser(user_id);
|
| +}
|
| +////////////////////////////////////////////////////////////////////////////////
|
| +// ChromeLoginPerformer, private:
|
| +
|
| +content::BrowserContext* ChromeLoginPerformer::GetSigninContext() {
|
| + return ProfileHelper::GetSigninProfile();
|
| +}
|
| +
|
| +net::URLRequestContextGetter* ChromeLoginPerformer::GetSigninRequestContext() {
|
| + return ProfileHelper::GetSigninProfile()->GetRequestContext();
|
| +}
|
| +
|
| +void ChromeLoginPerformer::OnlineWildcardLoginCheckCompleted(
|
| + const base::Closure& success_callback,
|
| + const base::Closure& failure_callback,
|
| + policy::WildcardLoginChecker::Result result) {
|
| + if (result == policy::WildcardLoginChecker::RESULT_ALLOWED) {
|
| + success_callback.Run();
|
| + } else {
|
| + failure_callback.Run();
|
| + }
|
| +}
|
| +
|
| +} // namespace chromeos
|
|
|
Chromium Code Reviews
Issue 614973002:
Extract LoginPerformer to chromeos/auth (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master