| Index: chromeos/login/auth/login_performer.h
|
| diff --git a/chrome/browser/chromeos/login/auth/login_performer.h b/chromeos/login/auth/login_performer.h
|
| similarity index 61%
|
| rename from chrome/browser/chromeos/login/auth/login_performer.h
|
| rename to chromeos/login/auth/login_performer.h
|
| index 00d6ace8ff9ee88253efcf8d2648e6b2b17f86e8..318fc4add8c365a250669047aeb414200c26de73 100644
|
| --- a/chrome/browser/chromeos/login/auth/login_performer.h
|
| +++ b/chromeos/login/auth/login_performer.h
|
| @@ -2,28 +2,35 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_
|
| -#define CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_
|
| +#ifndef CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_
|
| +#define CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_
|
|
|
| #include <string>
|
|
|
| #include "base/basictypes.h"
|
| +#include "base/callback.h"
|
| #include "base/memory/scoped_ptr.h"
|
| #include "base/memory/weak_ptr.h"
|
| -#include "chrome/browser/chromeos/policy/wildcard_login_checker.h"
|
| +#include "chromeos/chromeos_export.h"
|
| #include "chromeos/login/auth/auth_status_consumer.h"
|
| #include "chromeos/login/auth/authenticator.h"
|
| #include "chromeos/login/auth/extended_authenticator.h"
|
| #include "chromeos/login/auth/online_attempt_host.h"
|
| #include "chromeos/login/auth/user_context.h"
|
| -#include "content/public/browser/notification_observer.h"
|
| -#include "content/public/browser/notification_registrar.h"
|
| #include "google_apis/gaia/google_service_auth_error.h"
|
|
|
| +namespace net {
|
| +class URLRequestContextGetter;
|
| +}
|
| +
|
| namespace policy {
|
| class WildcardLoginChecker;
|
| }
|
|
|
| +namespace content {
|
| +class BrowserContext;
|
| +}
|
| +
|
| namespace chromeos {
|
|
|
| // This class encapsulates sign in operations.
|
| @@ -34,8 +41,8 @@ namespace chromeos {
|
| // If auth is succeeded, cookie fetcher is executed, LP instance deletes itself.
|
| //
|
| // If |delegate_| is not NULL it will handle error messages, password input.
|
| -class LoginPerformer : public AuthStatusConsumer,
|
| - public OnlineAttemptHost::Delegate {
|
| +class CHROMEOS_EXPORT LoginPerformer : public AuthStatusConsumer,
|
| + public OnlineAttemptHost::Delegate {
|
| public:
|
| typedef enum AuthorizationMode {
|
| // Authorization performed internally by Chrome.
|
| @@ -53,17 +60,10 @@ class LoginPerformer : public AuthStatusConsumer,
|
| virtual void OnOnlineChecked(const std::string& email, bool success) = 0;
|
| };
|
|
|
| - explicit LoginPerformer(Delegate* delegate);
|
| + LoginPerformer(scoped_refptr<base::TaskRunner> task_runner,
|
| + Delegate* delegate);
|
| virtual ~LoginPerformer();
|
|
|
| - // AuthStatusConsumer implementation:
|
| - virtual void OnAuthFailure(const AuthFailure& error) override;
|
| - virtual void OnRetailModeAuthSuccess(
|
| - const UserContext& user_context) override;
|
| - virtual void OnAuthSuccess(const UserContext& user_context) override;
|
| - virtual void OnOffTheRecordAuthSuccess() override;
|
| - virtual void OnPasswordChangeDetected() override;
|
| -
|
| // Performs a login for |user_context|.
|
| // If auth_mode is AUTH_MODE_EXTENSION, there are no further auth checks,
|
| // AUTH_MODE_INTERNAL will perform auth checks.
|
| @@ -86,6 +86,14 @@ class LoginPerformer : public AuthStatusConsumer,
|
| void LoginAsKioskAccount(const std::string& app_user_id,
|
| bool use_guest_mount);
|
|
|
| + // AuthStatusConsumer implementation:
|
| + virtual void OnAuthFailure(const AuthFailure& error) override;
|
| + virtual void OnRetailModeAuthSuccess(
|
| + const UserContext& user_context) override;
|
| + virtual void OnAuthSuccess(const UserContext& user_context) override;
|
| + virtual void OnOffTheRecordAuthSuccess() override;
|
| + virtual void OnPasswordChangeDetected() override;
|
| +
|
| // Migrates cryptohome using |old_password| specified.
|
| void RecoverEncryptedData(const std::string& old_password);
|
|
|
| @@ -115,7 +123,62 @@ class LoginPerformer : public AuthStatusConsumer,
|
|
|
| protected:
|
| // Implements OnlineAttemptHost::Delegate.
|
| - virtual void OnChecked(const std::string& username, bool success) override;
|
| + virtual void OnChecked(const std::string& user_id, bool success) override;
|
| +
|
| + // Platform-dependant methods to be implemented by concrete class.
|
| +
|
| + // Run trusted check for a platform. If trusted check have to be performed
|
| + // asynchronously, |false| will be returned, and either delegate's
|
| + // PolicyLoadFailed() or |callback| will be called upon actual check.
|
| + virtual bool RunTrustedCheck(const base::Closure& callback) = 0;
|
| +
|
| + // Check if user is allowed to sign in on device. |wildcard_match| will
|
| + // contain additional information whether this user is explicitly listed or
|
| + // not (may be relevant for extension-based sign-in).
|
| + virtual bool IsUserWhitelisted(const std::string& user_id,
|
| + bool* wildcard_match) = 0;
|
| +
|
| + // This method should run addional online check if user can sign in on device.
|
| + // Either |success_callback| or |failure_callback| should be called upon this
|
| + // check.
|
| + virtual void RunOnlineWhitelistCheck(
|
| + const std::string& user_id,
|
| + bool wildcard_match,
|
| + const base::Closure& success_callback,
|
| + const base::Closure& failure_callback) = 0;
|
| +
|
| + // Supervised users-related methods.
|
| +
|
| + // Check if supervised users are allowed on this device.
|
| + virtual bool AreSupervisedUsersAllowed() = 0;
|
| +
|
| + // Check which authenticator should be used for supervised user.
|
| + virtual bool UseExtendedAuthenticatorForSupervisedUser(
|
| + const UserContext& user_context) = 0;
|
| +
|
| + // Probably transform supervised user's authentication key.
|
| + virtual UserContext TransformSupervisedKey(const UserContext& context) = 0;
|
| +
|
| + // Set up sign-in flow for supervised user.
|
| + virtual void SetupSupervisedUserFlow(const std::string& user_id) = 0;
|
| +
|
| + // Run policy check for |user_id|. If something is wrong, delegate's
|
| + // PolicyLoadFailed is called.
|
| + virtual bool CheckPolicyForUser(const std::string& user_id) = 0;
|
| +
|
| + // Look up browser context to use during signin.
|
| + virtual content::BrowserContext* GetSigninContext() = 0;
|
| +
|
| + // Get RequestContext used for sign in.
|
| + virtual net::URLRequestContextGetter* GetSigninRequestContext() = 0;
|
| +
|
| + // Create authenticator implementation.
|
| + virtual scoped_refptr<Authenticator> CreateAuthenticator() = 0;
|
| +
|
| + void set_authenticator(scoped_refptr<Authenticator> authenticator);
|
| +
|
| + // Notifications receiver.
|
| + Delegate* delegate_;
|
|
|
| private:
|
| // Starts login completion of externally authenticated user.
|
| @@ -123,15 +186,23 @@ class LoginPerformer : public AuthStatusConsumer,
|
|
|
| // Starts authentication.
|
| void StartAuthentication();
|
| + void NotifyWhitelistCheckFailure();
|
| +
|
| + // Makes sure that authenticator is created.
|
| + void EnsureAuthenticator();
|
| + void EnsureExtendedAuthenticator();
|
|
|
| - // Completion callback for the online wildcard login check for enterprise
|
| - // devices. Continues the login process or signals whitelist check failure
|
| - // depending on the value of |result|.
|
| - void OnlineWildcardLoginCheckCompleted(
|
| - policy::WildcardLoginChecker::Result result);
|
| + // Actual implementantion of PeformLogin that is run after trusted values
|
| + // check.
|
| + void DoPerformLogin(const UserContext& user_context,
|
| + AuthorizationMode auth_mode);
|
| +
|
| + scoped_refptr<base::TaskRunner> task_runner_;
|
|
|
| // Used for logging in.
|
| scoped_refptr<Authenticator> authenticator_;
|
| +
|
| + // Used for logging in.
|
| scoped_refptr<ExtendedAuthenticator> extended_authenticator_;
|
|
|
| // Used to make auxiliary online check.
|
| @@ -144,9 +215,6 @@ class LoginPerformer : public AuthStatusConsumer,
|
| // User credentials for the current login attempt.
|
| UserContext user_context_;
|
|
|
| - // Notifications receiver.
|
| - Delegate* delegate_;
|
| -
|
| // True if password change has been detected.
|
| // Once correct password is entered homedir migration is executed.
|
| bool password_changed_;
|
| @@ -155,14 +223,10 @@ class LoginPerformer : public AuthStatusConsumer,
|
| // Authorization mode type.
|
| AuthorizationMode auth_mode_;
|
|
|
| - // Used to verify logins that matched wildcard on the login whitelist.
|
| - scoped_ptr<policy::WildcardLoginChecker> wildcard_login_checker_;
|
| -
|
| base::WeakPtrFactory<LoginPerformer> weak_factory_;
|
| -
|
| DISALLOW_COPY_AND_ASSIGN(LoginPerformer);
|
| };
|
|
|
| } // namespace chromeos
|
|
|
| -#endif // CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_
|
| +#endif // CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_
|
|
|
Chromium Code Reviews
Issue 614973002:
Extract LoginPerformer to chromeos/auth (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master