| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 /** | 5 /** |
| 6 * Authenticator class wraps the communications between Gaia and its host. | 6 * Authenticator class wraps the communications between Gaia and its host. |
| 7 */ | 7 */ |
| 8 function Authenticator() { | 8 function Authenticator() { |
| 9 } | 9 } |
| 10 | 10 |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 50 email_: null, | 50 email_: null, |
| 51 gaiaId_: null, | 51 gaiaId_: null, |
| 52 | 52 |
| 53 // Depending on the key type chosen, this will contain the plain text password | 53 // Depending on the key type chosen, this will contain the plain text password |
| 54 // or a credential derived from it along with the information required to | 54 // or a credential derived from it along with the information required to |
| 55 // repeat the derivation, such as a salt. The information will be encoded so | 55 // repeat the derivation, such as a salt. The information will be encoded so |
| 56 // that it contains printable ASCII characters only. The exact encoding is TBD | 56 // that it contains printable ASCII characters only. The exact encoding is TBD |
| 57 // when support for key types other than plain text password is added. | 57 // when support for key types other than plain text password is added. |
| 58 passwordBytes_: null, | 58 passwordBytes_: null, |
| 59 | 59 |
| 60 needPassword_: false, |
| 60 chooseWhatToSync_: false, | 61 chooseWhatToSync_: false, |
| 61 skipForNow_: false, | 62 skipForNow_: false, |
| 62 sessionIndex_: null, | 63 sessionIndex_: null, |
| 63 attemptToken_: null, | 64 attemptToken_: null, |
| 64 | 65 |
| 65 // Input params from extension initialization URL. | 66 // Input params from extension initialization URL. |
| 66 inputLang_: undefined, | 67 inputLang_: undefined, |
| 67 intputEmail_: undefined, | 68 intputEmail_: undefined, |
| 68 | 69 |
| 69 isSAMLFlow_: false, | 70 isSAMLFlow_: false, |
| (...skipping 13 matching lines...) Expand all Loading... |
| 83 this.gaiaUrl_ = params.gaiaUrl || this.GAIA_URL; | 84 this.gaiaUrl_ = params.gaiaUrl || this.GAIA_URL; |
| 84 this.gaiaPath_ = params.gaiaPath || this.GAIA_PAGE_PATH; | 85 this.gaiaPath_ = params.gaiaPath || this.GAIA_PAGE_PATH; |
| 85 this.inputLang_ = params.hl; | 86 this.inputLang_ = params.hl; |
| 86 this.inputEmail_ = params.email; | 87 this.inputEmail_ = params.email; |
| 87 this.service_ = params.service || this.SERVICE_ID; | 88 this.service_ = params.service || this.SERVICE_ID; |
| 88 this.continueUrl_ = params.continueUrl || this.CONTINUE_URL; | 89 this.continueUrl_ = params.continueUrl || this.CONTINUE_URL; |
| 89 this.desktopMode_ = params.desktopMode == '1'; | 90 this.desktopMode_ = params.desktopMode == '1'; |
| 90 this.isConstrainedWindow_ = params.constrained == '1'; | 91 this.isConstrainedWindow_ = params.constrained == '1'; |
| 91 this.initialFrameUrl_ = params.frameUrl || this.constructInitialFrameUrl_(); | 92 this.initialFrameUrl_ = params.frameUrl || this.constructInitialFrameUrl_(); |
| 92 this.initialFrameUrlWithoutParams_ = stripParams(this.initialFrameUrl_); | 93 this.initialFrameUrlWithoutParams_ = stripParams(this.initialFrameUrl_); |
| 94 this.needPassword_ = params.needPassword == '1'; |
| 93 | 95 |
| 94 // For CrOS 'ServiceLogin' we assume that Gaia is loaded if we recieved | 96 // For CrOS 'ServiceLogin' we assume that Gaia is loaded if we recieved |
| 95 // 'clearOldAttempts' message. For other scenarios Gaia doesn't send this | 97 // 'clearOldAttempts' message. For other scenarios Gaia doesn't send this |
| 96 // message so we have to rely on 'load' event. | 98 // message so we have to rely on 'load' event. |
| 97 // TODO(dzhioev): Do not rely on 'load' event after b/16313327 is fixed. | 99 // TODO(dzhioev): Do not rely on 'load' event after b/16313327 is fixed. |
| 98 this.assumeLoadedOnLoadEvent_ = | 100 this.assumeLoadedOnLoadEvent_ = |
| 99 this.gaiaPath_.indexOf('ServiceLogin') !== 0 || | 101 this.gaiaPath_.indexOf('ServiceLogin') !== 0 || |
| 100 this.service_ !== 'chromeoslogin'; | 102 this.service_ !== 'chromeoslogin'; |
| 101 | 103 |
| 102 document.addEventListener('DOMContentLoaded', this.onPageLoad_.bind(this)); | 104 document.addEventListener('DOMContentLoaded', this.onPageLoad_.bind(this)); |
| (...skipping 272 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 375 } | 377 } |
| 376 | 378 |
| 377 this.email_ = msg.email; | 379 this.email_ = msg.email; |
| 378 this.gaiaId_ = msg.gaiaId; | 380 this.gaiaId_ = msg.gaiaId; |
| 379 // Password from |msg| is not used because ChromeOS SAML flow | 381 // Password from |msg| is not used because ChromeOS SAML flow |
| 380 // gets password by asking user to confirm. | 382 // gets password by asking user to confirm. |
| 381 this.skipForNow_ = msg.skipForNow; | 383 this.skipForNow_ = msg.skipForNow; |
| 382 this.sessionIndex_ = msg.sessionIndex; | 384 this.sessionIndex_ = msg.sessionIndex; |
| 383 | 385 |
| 384 if (this.passwordBytes_) { | 386 if (this.passwordBytes_) { |
| 387 // If the credentials passing API was used, login is complete. |
| 385 window.parent.postMessage({method: 'samlApiUsed'}, this.parentPage_); | 388 window.parent.postMessage({method: 'samlApiUsed'}, this.parentPage_); |
| 386 this.completeLogin_(msg); | 389 this.completeLogin_(msg); |
| 390 } else if (!this.needPassword_) { |
| 391 // If the credentials passing API was not used, the password was obtained |
| 392 // by scraping. It must be verified before use. However, the host may not |
| 393 // be interested in the password at all. In that case, verification is |
| 394 // unnecessary and login is complete. |
| 395 this.completeLogin_(msg); |
| 387 } else { | 396 } else { |
| 388 this.supportChannel_.sendWithCallback( | 397 this.supportChannel_.sendWithCallback( |
| 389 {name: 'getScrapedPasswords'}, | 398 {name: 'getScrapedPasswords'}, |
| 390 function(passwords) { | 399 function(passwords) { |
| 391 if (passwords.length == 0) { | 400 if (passwords.length == 0) { |
| 392 window.parent.postMessage( | 401 window.parent.postMessage( |
| 393 {method: 'noPassword', email: this.email_}, | 402 {method: 'noPassword', email: this.email_}, |
| 394 this.parentPage_); | 403 this.parentPage_); |
| 395 } else { | 404 } else { |
| 396 window.parent.postMessage({method: 'confirmPassword', | 405 window.parent.postMessage({method: 'confirmPassword', |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 456 } else if (msg.method == 'redirectToSignin' && | 465 } else if (msg.method == 'redirectToSignin' && |
| 457 this.isParentMessage_(e)) { | 466 this.isParentMessage_(e)) { |
| 458 $('gaia-frame').src = this.constructInitialFrameUrl_(); | 467 $('gaia-frame').src = this.constructInitialFrameUrl_(); |
| 459 } else { | 468 } else { |
| 460 console.error('Authenticator.onMessage: unknown message + origin!?'); | 469 console.error('Authenticator.onMessage: unknown message + origin!?'); |
| 461 } | 470 } |
| 462 } | 471 } |
| 463 }; | 472 }; |
| 464 | 473 |
| 465 Authenticator.getInstance().initialize(); | 474 Authenticator.getInstance().initialize(); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 781623003:
Fix Chrome OS enrollment with SAML accounts (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master