chrome/browser/resources/gaia_auth/background.js - Issue 671183002: Revert of Inline sign in extracts gaia id from HTTP header and seeds account tracker - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(255)

My Issues | Starred Open | Closed | All

Side by Side Diff: chrome/browser/resources/gaia_auth/background.js

Issue 671183002: Revert of Inline sign in extracts gaia id from HTTP header and seeds account tracker (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « chrome/browser/resources/component_extension_resources.grd ('k') | chrome/browser/resources/gaia_auth/main.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 /**	5 /**

6 * @fileoverview	6 * @fileoverview

7 * A background script of the auth extension that bridges the communication	7 * A background script of the auth extension that bridges the communication

8 * between the main and injected scripts.	8 * between the main and injected scripts.

9 *	9 *

10 * Here is an overview of the communication flow when SAML is being used:	10 * Here is an overview of the communication flow when SAML is being used:

(...skipping 101 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
112 isDesktopFlow_: false,	112 isDesktopFlow_: false,

113	113

114 // Whether the extension is loaded in a constrained window.	114 // Whether the extension is loaded in a constrained window.

115 // Set from main auth script.	115 // Set from main auth script.

116 isConstrainedWindow_: null,	116 isConstrainedWindow_: null,

117	117

118 // Email of the newly authenticated user based on the gaia response header	118 // Email of the newly authenticated user based on the gaia response header

119 // 'google-accounts-signin'.	119 // 'google-accounts-signin'.

120 email_: null,	120 email_: null,

121	121

122 // Gaia Id of the newly authenticated user based on the gaia response

123 // header 'google-accounts-signin'.

124 gaiaId_: null,

125

126 // Session index of the newly authenticated user based on the gaia response	122 // Session index of the newly authenticated user based on the gaia response

127 // header 'google-accounts-signin'.	123 // header 'google-accounts-signin'.

128 sessionIndex_: null,	124 sessionIndex_: null,

129	125

130 // Gaia URL base that is set from main auth script.	126 // Gaia URL base that is set from main auth script.

131 gaiaUrl_: null,	127 gaiaUrl_: null,

132	128

133 // Whether to abort the authentication flow and show an error messagen when	129 // Whether to abort the authentication flow and show an error messagen when

134 // content served over an unencrypted connection is detected.	130 // content served over an unencrypted connection is detected.

135 blockInsecureContent_: false,	131 blockInsecureContent_: false,

(...skipping 65 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
201	197

202 /**	198 /**

203 * Handler for webRequest.onCompleted. It 1) detects loading of continue URL	199 * Handler for webRequest.onCompleted. It 1) detects loading of continue URL

204 * and notifies the main script of signin completion; 2) detects if the	200 * and notifies the main script of signin completion; 2) detects if the

205 * current page could be loaded in a constrained window and signals the main	201 * current page could be loaded in a constrained window and signals the main

206 * script of switching to full tab if necessary.	202 * script of switching to full tab if necessary.

207 */	203 */

208 onCompleted: function(details) {	204 onCompleted: function(details) {

209 // Only monitors requests in the gaia frame whose parent frame ID must be	205 // Only monitors requests in the gaia frame whose parent frame ID must be

210 // positive.	206 // positive.

211 if (details.parentFrameId <= 0)	207 if (!this.isDesktopFlow_ \|\| details.parentFrameId <= 0)

212 return;	208 return;

213	209

214 if (details.url.lastIndexOf(backgroundBridgeManager.CONTINUE_URL_BASE, 0) ==	210 if (details.url.lastIndexOf(backgroundBridgeManager.CONTINUE_URL_BASE, 0) ==

215 0) {	211 0) {

216 var skipForNow = false;	212 var skipForNow = false;

217 if (details.url.indexOf('ntp=1') >= 0)	213 if (details.url.indexOf('ntp=1') >= 0)

218 skipForNow = true;	214 skipForNow = true;

219	215

220 // TOOD(guohui): For desktop SAML flow, show password confirmation UI.	216 // TOOD(guohui): Show password confirmation UI.

221 var passwords = this.onGetScrapedPasswords_();	217 var passwords = this.onGetScrapedPasswords_();

222 var msg = {	218 var msg = {

223 'name': 'completeLogin',	219 'name': 'completeLogin',

224 'email': this.email_,	220 'email': this.email_,

225 'gaiaId': this.gaiaId_,

226 'password': passwords[0],	221 'password': passwords[0],

227 'sessionIndex': this.sessionIndex_,	222 'sessionIndex': this.sessionIndex_,

228 'skipForNow': skipForNow	223 'skipForNow': skipForNow

229 };	224 };

230 this.channelMain_.send(msg);	225 this.channelMain_.send(msg);

231 } else if (this.isConstrainedWindow_) {	226 } else if (this.isConstrainedWindow_) {

232 // The header google-accounts-embedded is only set on gaia domain.	227 // The header google-accounts-embedded is only set on gaia domain.

233 if (this.gaiaUrl_ && details.url.lastIndexOf(this.gaiaUrl_) == 0) {	228 if (this.gaiaUrl_ && details.url.lastIndexOf(this.gaiaUrl_) == 0) {

234 var headers = details.responseHeaders;	229 var headers = details.responseHeaders;

235 for (var i = 0; headers && i < headers.length; ++i) {	230 for (var i = 0; headers && i < headers.length; ++i) {

(...skipping 24 matching lines...) Expand all Loading...
260 },	255 },

261	256

262 /**	257 /**

263 * Handler or webRequest.onHeadersReceived. It reads the authenticated user	258 * Handler or webRequest.onHeadersReceived. It reads the authenticated user

264 * email from google-accounts-signin-header.	259 * email from google-accounts-signin-header.

265 * @return {!Object} Modified request headers.	260 * @return {!Object} Modified request headers.

266 */	261 */

267 onHeadersReceived: function(details) {	262 onHeadersReceived: function(details) {

268 var headers = details.responseHeaders;	263 var headers = details.responseHeaders;

269	264

270 if (this.gaiaUrl_ && details.url.lastIndexOf(this.gaiaUrl_) == 0) {	265 if (this.isDesktopFlow_ &&

	266 this.gaiaUrl_ &&

	267 details.url.lastIndexOf(this.gaiaUrl_) == 0) {

	268 // TODO(xiyuan, guohui): CrOS should reuse the logic below for reading the

	269 // email for SAML users and cut off the /ListAccount call.

271 for (var i = 0; headers && i < headers.length; ++i) {	270 for (var i = 0; headers && i < headers.length; ++i) {

272 if (headers[i].name.toLowerCase() == 'google-accounts-signin') {	271 if (headers[i].name.toLowerCase() == 'google-accounts-signin') {

273 var headerValues = headers[i].value.toLowerCase().split(',');	272 var headerValues = headers[i].value.toLowerCase().split(',');

274 var signinDetails = {};	273 var signinDetails = {};

275 headerValues.forEach(function(e) {	274 headerValues.forEach(function(e) {

276 var pair = e.split('=');	275 var pair = e.split('=');

277 signinDetails[pair[0].trim()] = pair[1].trim();	276 signinDetails[pair[0].trim()] = pair[1].trim();

278 });	277 });

279 // Remove "" around.	278 // Remove "" around.

280 this.email_ = signinDetails['email'].slice(1, -1);	279 this.email_ = signinDetails['email'].slice(1, -1);

281 this.gaiaId_ = signinDetails['obfuscatedid'].slice(1, -1);

282 this.sessionIndex_ = signinDetails['sessionindex'];	280 this.sessionIndex_ = signinDetails['sessionindex'];

283 break;	281 break;

284 }	282 }

285 }	283 }

286 }	284 }

287	285

288 if (!this.isDesktopFlow_) {	286 if (!this.isDesktopFlow_) {

289 // Check whether GAIA headers indicating the start or end of a SAML	287 // Check whether GAIA headers indicating the start or end of a SAML

290 // redirect are present. If so, synthesize cookies to mark these points.	288 // redirect are present. If so, synthesize cookies to mark these points.

291 for (var i = 0; headers && i < headers.length; ++i) {	289 for (var i = 0; headers && i < headers.length; ++i) {

(...skipping 126 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
418 },	416 },

419	417

420 onPageLoaded_: function(msg) {	418 onPageLoaded_: function(msg) {

421 if (this.channelMain_)	419 if (this.channelMain_)

422 this.channelMain_.send({name: 'onAuthPageLoaded', url: msg.url});	420 this.channelMain_.send({name: 'onAuthPageLoaded', url: msg.url});

423 }	421 }

424 };	422 };

425	423

426 var backgroundBridgeManager = new BackgroundBridgeManager();	424 var backgroundBridgeManager = new BackgroundBridgeManager();

427 backgroundBridgeManager.run();	425 backgroundBridgeManager.run();

OLD	NEW

« no previous file with comments | « chrome/browser/resources/component_extension_resources.grd ('k') | chrome/browser/resources/gaia_auth/main.js » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698