| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_ |
| 7 |
| 8 #include <string> |
| 9 |
| 10 #include "base/basictypes.h" |
| 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "base/memory/weak_ptr.h" |
| 13 #include "chrome/browser/chromeos/policy/wildcard_login_checker.h" |
| 14 #include "chromeos/login/auth/auth_status_consumer.h" |
| 15 #include "chromeos/login/auth/authenticator.h" |
| 16 #include "chromeos/login/auth/extended_authenticator.h" |
| 17 #include "chromeos/login/auth/online_attempt_host.h" |
| 18 #include "chromeos/login/auth/user_context.h" |
| 19 #include "content/public/browser/notification_observer.h" |
| 20 #include "content/public/browser/notification_registrar.h" |
| 21 #include "google_apis/gaia/google_service_auth_error.h" |
| 22 |
| 23 namespace policy { |
| 24 class WildcardLoginChecker; |
| 25 } |
| 26 |
| 27 namespace chromeos { |
| 28 |
| 29 // This class encapsulates sign in operations. |
| 30 // Sign in is performed in a way that offline auth is executed first. |
| 31 // Once offline auth is OK - user homedir is mounted, UI is launched. |
| 32 // At this point LoginPerformer |delegate_| is destroyed and it releases |
| 33 // LP instance ownership. LP waits for online login result. |
| 34 // If auth is succeeded, cookie fetcher is executed, LP instance deletes itself. |
| 35 // |
| 36 // If |delegate_| is not NULL it will handle error messages, password input. |
| 37 class LoginPerformer : public AuthStatusConsumer, |
| 38 public OnlineAttemptHost::Delegate { |
| 39 public: |
| 40 typedef enum AuthorizationMode { |
| 41 // Authorization performed internally by Chrome. |
| 42 AUTH_MODE_INTERNAL, |
| 43 // Authorization performed by an extension. |
| 44 AUTH_MODE_EXTENSION |
| 45 } AuthorizationMode; |
| 46 |
| 47 // Delegate class to get notifications from the LoginPerformer. |
| 48 class Delegate : public AuthStatusConsumer { |
| 49 public: |
| 50 virtual ~Delegate() {} |
| 51 virtual void WhiteListCheckFailed(const std::string& email) = 0; |
| 52 virtual void PolicyLoadFailed() = 0; |
| 53 virtual void OnOnlineChecked(const std::string& email, bool success) = 0; |
| 54 }; |
| 55 |
| 56 explicit LoginPerformer(Delegate* delegate); |
| 57 virtual ~LoginPerformer(); |
| 58 |
| 59 // AuthStatusConsumer implementation: |
| 60 virtual void OnAuthFailure(const AuthFailure& error) override; |
| 61 virtual void OnRetailModeAuthSuccess( |
| 62 const UserContext& user_context) override; |
| 63 virtual void OnAuthSuccess(const UserContext& user_context) override; |
| 64 virtual void OnOffTheRecordAuthSuccess() override; |
| 65 virtual void OnPasswordChangeDetected() override; |
| 66 |
| 67 // Performs a login for |user_context|. |
| 68 // If auth_mode is AUTH_MODE_EXTENSION, there are no further auth checks, |
| 69 // AUTH_MODE_INTERNAL will perform auth checks. |
| 70 void PerformLogin(const UserContext& user_context, |
| 71 AuthorizationMode auth_mode); |
| 72 |
| 73 // Performs supervised user login with a given |user_context|. |
| 74 void LoginAsSupervisedUser(const UserContext& user_context); |
| 75 |
| 76 // Performs retail mode login. |
| 77 void LoginRetailMode(); |
| 78 |
| 79 // Performs actions to prepare guest mode login. |
| 80 void LoginOffTheRecord(); |
| 81 |
| 82 // Performs public session login with a given |user_context|. |
| 83 void LoginAsPublicSession(const UserContext& user_context); |
| 84 |
| 85 // Performs a login into the kiosk mode account with |app_user_id|. |
| 86 void LoginAsKioskAccount(const std::string& app_user_id, |
| 87 bool use_guest_mount); |
| 88 |
| 89 // Migrates cryptohome using |old_password| specified. |
| 90 void RecoverEncryptedData(const std::string& old_password); |
| 91 |
| 92 // Reinitializes cryptohome with the new password. |
| 93 void ResyncEncryptedData(); |
| 94 |
| 95 // Returns latest auth error. |
| 96 const GoogleServiceAuthError& error() const { |
| 97 return last_login_failure_.error(); |
| 98 } |
| 99 |
| 100 // True if password change has been detected. |
| 101 bool password_changed() { return password_changed_; } |
| 102 |
| 103 // Number of times we've been called with OnPasswordChangeDetected(). |
| 104 // If user enters incorrect old password, same LoginPerformer instance will |
| 105 // be called so callback count makes it possible to distinguish initial |
| 106 // "password changed detected" event from further attempts to enter old |
| 107 // password for cryptohome migration (when > 1). |
| 108 int password_changed_callback_count() { |
| 109 return password_changed_callback_count_; |
| 110 } |
| 111 |
| 112 void set_delegate(Delegate* delegate) { delegate_ = delegate; } |
| 113 |
| 114 AuthorizationMode auth_mode() const { return auth_mode_; } |
| 115 |
| 116 protected: |
| 117 // Implements OnlineAttemptHost::Delegate. |
| 118 virtual void OnChecked(const std::string& username, bool success) override; |
| 119 |
| 120 private: |
| 121 // Starts login completion of externally authenticated user. |
| 122 void StartLoginCompletion(); |
| 123 |
| 124 // Starts authentication. |
| 125 void StartAuthentication(); |
| 126 |
| 127 // Completion callback for the online wildcard login check for enterprise |
| 128 // devices. Continues the login process or signals whitelist check failure |
| 129 // depending on the value of |result|. |
| 130 void OnlineWildcardLoginCheckCompleted( |
| 131 policy::WildcardLoginChecker::Result result); |
| 132 |
| 133 // Used for logging in. |
| 134 scoped_refptr<Authenticator> authenticator_; |
| 135 scoped_refptr<ExtendedAuthenticator> extended_authenticator_; |
| 136 |
| 137 // Used to make auxiliary online check. |
| 138 OnlineAttemptHost online_attempt_host_; |
| 139 |
| 140 // Represents last login failure that was encountered when communicating to |
| 141 // sign-in server. AuthFailure.LoginFailureNone() by default. |
| 142 AuthFailure last_login_failure_; |
| 143 |
| 144 // User credentials for the current login attempt. |
| 145 UserContext user_context_; |
| 146 |
| 147 // Notifications receiver. |
| 148 Delegate* delegate_; |
| 149 |
| 150 // True if password change has been detected. |
| 151 // Once correct password is entered homedir migration is executed. |
| 152 bool password_changed_; |
| 153 int password_changed_callback_count_; |
| 154 |
| 155 // Authorization mode type. |
| 156 AuthorizationMode auth_mode_; |
| 157 |
| 158 // Used to verify logins that matched wildcard on the login whitelist. |
| 159 scoped_ptr<policy::WildcardLoginChecker> wildcard_login_checker_; |
| 160 |
| 161 base::WeakPtrFactory<LoginPerformer> weak_factory_; |
| 162 |
| 163 DISALLOW_COPY_AND_ASSIGN(LoginPerformer); |
| 164 }; |
| 165 |
| 166 } // namespace chromeos |
| 167 |
| 168 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_AUTH_LOGIN_PERFORMER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 681593003:
Revert of Extract LoginPerformer to chromeos/auth (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master