OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/login_utils.h" | 5 #include "chrome/browser/chromeos/login/login_utils.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "ash/ash_switches.h" | 10 #include "ash/ash_switches.h" |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
88 #include "ui/compositor/compositor_switches.h" | 88 #include "ui/compositor/compositor_switches.h" |
89 #include "ui/gl/gl_switches.h" | 89 #include "ui/gl/gl_switches.h" |
90 #include "webkit/plugins/plugin_switches.h" | 90 #include "webkit/plugins/plugin_switches.h" |
91 | 91 |
92 using content::BrowserThread; | 92 using content::BrowserThread; |
93 | 93 |
94 namespace chromeos { | 94 namespace chromeos { |
95 | 95 |
96 namespace { | 96 namespace { |
97 | 97 |
98 // OAuth token verification retry count. | 98 // OAuth token verification max retry count. |
99 const int kMaxOAuthTokenVerificationAttemptCount = 5; | 99 const int kMaxOAuthTokenVerificationAttemptCount = 5; |
100 // OAuth token verification retry delay. | 100 // OAuth token verification retry delay in milliseconds. |
101 const int kOAuthVerificationRestartDelay = 10000; // ms | 101 const int kOAuthVerificationRestartDelay = 10000; |
| 102 |
| 103 // OAuth token request max retry count. |
| 104 const int kMaxOAuth1TokenRequestAttemptCount = 5; |
| 105 // OAuth token request retry delay in milliseconds. |
| 106 const int kOAuth1TokenRequestRestartDelay = 3000; |
102 | 107 |
103 // Affixes for Auth token received from ClientLogin request. | 108 // Affixes for Auth token received from ClientLogin request. |
104 const char kAuthPrefix[] = "Auth="; | 109 const char kAuthPrefix[] = "Auth="; |
105 const char kAuthSuffix[] = "\n"; | 110 const char kAuthSuffix[] = "\n"; |
106 | 111 |
107 // Increase logging level for Guest mode to avoid LOG(INFO) messages in logs. | 112 // Increase logging level for Guest mode to avoid LOG(INFO) messages in logs. |
108 const char kGuestModeLoggingLevel[] = "1"; | 113 const char kGuestModeLoggingLevel[] = "1"; |
109 | 114 |
110 // Format of command line switch. | 115 // Format of command line switch. |
111 const char kSwitchFormatString[] = " --%s=\"%s\""; | 116 const char kSwitchFormatString[] = " --%s=\"%s\""; |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
179 net::HttpAuthCache* new_cache = new_context->GetURLRequestContext()-> | 184 net::HttpAuthCache* new_cache = new_context->GetURLRequestContext()-> |
180 http_transaction_factory()->GetSession()->http_auth_cache(); | 185 http_transaction_factory()->GetSession()->http_auth_cache(); |
181 new_cache->UpdateAllFrom(*auth_context->GetURLRequestContext()-> | 186 new_cache->UpdateAllFrom(*auth_context->GetURLRequestContext()-> |
182 http_transaction_factory()->GetSession()->http_auth_cache()); | 187 http_transaction_factory()->GetSession()->http_auth_cache()); |
183 } | 188 } |
184 | 189 |
185 } // namespace | 190 } // namespace |
186 | 191 |
187 // Verifies OAuth1 access token by performing OAuthLogin. Fetches user cookies | 192 // Verifies OAuth1 access token by performing OAuthLogin. Fetches user cookies |
188 // on successful OAuth authentication. | 193 // on successful OAuth authentication. |
| 194 // TODO(kochi): Split this class into another file after M20 merge. |
189 class OAuthLoginVerifier : public base::SupportsWeakPtr<OAuthLoginVerifier>, | 195 class OAuthLoginVerifier : public base::SupportsWeakPtr<OAuthLoginVerifier>, |
190 public GaiaOAuthConsumer, | 196 public GaiaOAuthConsumer, |
191 public GaiaAuthConsumer { | 197 public GaiaAuthConsumer { |
192 public: | 198 public: |
193 class Delegate { | 199 class Delegate { |
194 public: | 200 public: |
195 virtual ~Delegate() {} | 201 virtual ~Delegate() {} |
196 virtual void OnOAuthVerificationSucceeded(const std::string& user_name, | 202 virtual void OnOAuthVerificationSucceeded(const std::string& user_name, |
197 const std::string& sid, | 203 const std::string& sid, |
198 const std::string& lsid, | 204 const std::string& lsid, |
(...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
328 | 334 |
329 virtual void OnOAuthLoginFailure( | 335 virtual void OnOAuthLoginFailure( |
330 const GoogleServiceAuthError& error) OVERRIDE { | 336 const GoogleServiceAuthError& error) OVERRIDE { |
331 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 337 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
332 LOG(WARNING) << "Failed to verify OAuth1 access tokens," | 338 LOG(WARNING) << "Failed to verify OAuth1 access tokens," |
333 << " error.state=" << error.state(); | 339 << " error.state=" << error.state(); |
334 if (!RetryOnError(error)) | 340 if (!RetryOnError(error)) |
335 delegate_->OnOAuthVerificationFailed(username_); | 341 delegate_->OnOAuthVerificationFailed(username_); |
336 } | 342 } |
337 | 343 |
338 void OnCookueFetchFailed(const GoogleServiceAuthError& error) { | 344 void OnCookieFetchFailed(const GoogleServiceAuthError& error) { |
339 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 345 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
340 if (!RetryOnError(error)) | 346 if (!RetryOnError(error)) |
341 delegate_->OnUserCookiesFetchFailed(username_); | 347 delegate_->OnUserCookiesFetchFailed(username_); |
342 } | 348 } |
343 | 349 |
344 // GaiaAuthConsumer overrides. | 350 // GaiaAuthConsumer overrides. |
345 virtual void OnIssueAuthTokenSuccess(const std::string& service, | 351 virtual void OnIssueAuthTokenSuccess(const std::string& service, |
346 const std::string& auth_token) OVERRIDE { | 352 const std::string& auth_token) OVERRIDE { |
347 gaia_fetcher_.StartMergeSession(auth_token); | 353 gaia_fetcher_.StartMergeSession(auth_token); |
348 } | 354 } |
349 | 355 |
350 virtual void OnIssueAuthTokenFailure(const std::string& service, | 356 virtual void OnIssueAuthTokenFailure(const std::string& service, |
351 const GoogleServiceAuthError& error) OVERRIDE { | 357 const GoogleServiceAuthError& error) OVERRIDE { |
352 DVLOG(1) << "Failed IssueAuthToken request," | 358 DVLOG(1) << "Failed IssueAuthToken request," |
353 << " error.state=" << error.state(); | 359 << " error.state=" << error.state(); |
354 OnCookueFetchFailed(error); | 360 OnCookieFetchFailed(error); |
355 } | 361 } |
356 | 362 |
357 virtual void OnMergeSessionSuccess(const std::string& data) OVERRIDE { | 363 virtual void OnMergeSessionSuccess(const std::string& data) OVERRIDE { |
358 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 364 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
359 DVLOG(1) << "MergeSession successful."; | 365 DVLOG(1) << "MergeSession successful."; |
360 step_ = VERIFICATION_STEP_COOKIES_FETCHED; | 366 step_ = VERIFICATION_STEP_COOKIES_FETCHED; |
361 delegate_->OnUserCookiesFetchSucceeded(username_); | 367 delegate_->OnUserCookiesFetchSucceeded(username_); |
362 } | 368 } |
363 | 369 |
364 virtual void OnMergeSessionFailure( | 370 virtual void OnMergeSessionFailure( |
365 const GoogleServiceAuthError& error) OVERRIDE { | 371 const GoogleServiceAuthError& error) OVERRIDE { |
366 DVLOG(1) << "Failed MergeSession request," | 372 DVLOG(1) << "Failed MergeSession request," |
367 << " error.state=" << error.state(); | 373 << " error.state=" << error.state(); |
368 OnCookueFetchFailed(error); | 374 OnCookieFetchFailed(error); |
369 } | 375 } |
370 | 376 |
371 OAuthLoginVerifier::Delegate* delegate_; | 377 OAuthLoginVerifier::Delegate* delegate_; |
372 GaiaOAuthFetcher oauth_fetcher_; | 378 GaiaOAuthFetcher oauth_fetcher_; |
373 GaiaAuthFetcher gaia_fetcher_; | 379 GaiaAuthFetcher gaia_fetcher_; |
374 std::string oauth1_token_; | 380 std::string oauth1_token_; |
375 std::string oauth1_secret_; | 381 std::string oauth1_secret_; |
376 std::string sid_; | 382 std::string sid_; |
377 std::string lsid_; | 383 std::string lsid_; |
378 std::string username_; | 384 std::string username_; |
379 Profile* user_profile_; | 385 Profile* user_profile_; |
380 int verification_count_; | 386 int verification_count_; |
381 VerificationStep step_; | 387 VerificationStep step_; |
382 | 388 |
383 DISALLOW_COPY_AND_ASSIGN(OAuthLoginVerifier); | 389 DISALLOW_COPY_AND_ASSIGN(OAuthLoginVerifier); |
384 }; | 390 }; |
385 | 391 |
386 // Fetches the oauth token for the device management service. Since Profile | 392 // Fetches the oauth token for the device management service. Since Profile |
387 // creation might be blocking on a user policy fetch, this fetcher must always | 393 // creation might be blocking on a user policy fetch, this fetcher must always |
388 // send a (possibly empty) token to the BrowserPolicyConnector, which will then | 394 // send a (possibly empty) token to the BrowserPolicyConnector, which will then |
389 // let the policy subsystem proceed and resume Profile creation. | 395 // let the policy subsystem proceed and resume Profile creation. |
390 // Sending the token even when no Profile is pending is also OK. | 396 // Sending the token even when no Profile is pending is also OK. |
| 397 // TODO(kochi): Split this class into another file after M20 merge. |
391 class PolicyOAuthFetcher : public GaiaOAuthConsumer { | 398 class PolicyOAuthFetcher : public GaiaOAuthConsumer { |
392 public: | 399 public: |
393 // Fetches the device management service's oauth token using |oauth1_token| | 400 // Fetches the device management service's oauth token using |oauth1_token| |
394 // and |oauth1_secret| as access tokens. | 401 // and |oauth1_secret| as access tokens. |
395 PolicyOAuthFetcher(Profile* profile, | 402 PolicyOAuthFetcher(Profile* profile, |
396 const std::string& oauth1_token, | 403 const std::string& oauth1_token, |
397 const std::string& oauth1_secret) | 404 const std::string& oauth1_secret) |
398 : oauth_fetcher_(this, | 405 : oauth_fetcher_(this, |
399 profile->GetRequestContext(), | 406 profile->GetRequestContext(), |
400 profile, | 407 profile, |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
529 MessageLoop::current()->AssertIdle(); | 536 MessageLoop::current()->AssertIdle(); |
530 } | 537 } |
531 } | 538 } |
532 | 539 |
533 int pid_; | 540 int pid_; |
534 std::string command_line_; | 541 std::string command_line_; |
535 PrefService* local_state_; | 542 PrefService* local_state_; |
536 base::OneShotTimer<JobRestartRequest> timer_; | 543 base::OneShotTimer<JobRestartRequest> timer_; |
537 }; | 544 }; |
538 | 545 |
| 546 // Given the authenticated credentials from the cookie jar, try to exchange |
| 547 // fetch OAuth1 token and secret. Automatically retries until max retry count is |
| 548 // reached. |
| 549 // TODO(kochi): Split this class into another file after M20 merge. |
| 550 class OAuth1TokenFetcher |
| 551 : public base::SupportsWeakPtr<OAuth1TokenFetcher>, |
| 552 public GaiaOAuthConsumer { |
| 553 public: |
| 554 class Delegate { |
| 555 public: |
| 556 virtual ~Delegate() {} |
| 557 virtual void OnOAuth1AccessTokenAvailable(const std::string& token, |
| 558 const std::string& secret) = 0; |
| 559 virtual void OnOAuth1AccessTokenFetchFailed() = 0; |
| 560 }; |
| 561 |
| 562 OAuth1TokenFetcher(OAuth1TokenFetcher::Delegate* delegate, |
| 563 Profile* auth_profile) |
| 564 : delegate_(delegate), |
| 565 auth_profile_(auth_profile), |
| 566 oauth_fetcher_(this, |
| 567 auth_profile_->GetRequestContext(), |
| 568 auth_profile_, |
| 569 kServiceScopeChromeOS), |
| 570 retry_count_(0) { |
| 571 DCHECK(delegate); |
| 572 } |
| 573 virtual ~OAuth1TokenFetcher() {} |
| 574 |
| 575 void Start() { |
| 576 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 577 if (CrosLibrary::Get()->libcros_loaded()) { |
| 578 // Delay the verification if the network is not connected or on a captive |
| 579 // portal. |
| 580 const Network* network = |
| 581 CrosLibrary::Get()->GetNetworkLibrary()->active_network(); |
| 582 if (!network || !network->connected() || network->restricted_pool()) { |
| 583 // If network is offline, defer the token fetching until online. |
| 584 VLOG(1) << "Network is offline. Deferring OAuth1 token fetch."; |
| 585 BrowserThread::PostDelayedTask( |
| 586 BrowserThread::UI, FROM_HERE, |
| 587 base::Bind(&OAuth1TokenFetcher::Start, AsWeakPtr()), |
| 588 base::TimeDelta::FromMilliseconds(kOAuth1TokenRequestRestartDelay)); |
| 589 return; |
| 590 } |
| 591 } |
| 592 oauth_fetcher_.SetAutoFetchLimit(GaiaOAuthFetcher::OAUTH1_ALL_ACCESS_TOKEN); |
| 593 oauth_fetcher_.StartGetOAuthTokenRequest(); |
| 594 } |
| 595 |
| 596 private: |
| 597 // Decides how to proceed on GAIA response and other errors. If the error |
| 598 // looks temporary, retries token fetching until max retry count is reached. |
| 599 // If retry count runs out, or error condition is unrecoverable, returns |
| 600 // false. |
| 601 bool RetryOnError(const GoogleServiceAuthError& error) { |
| 602 if ((error.state() == GoogleServiceAuthError::CONNECTION_FAILED || |
| 603 error.state() == GoogleServiceAuthError::SERVICE_UNAVAILABLE || |
| 604 error.state() == GoogleServiceAuthError::REQUEST_CANCELED) && |
| 605 retry_count_++ < kMaxOAuth1TokenRequestAttemptCount) { |
| 606 BrowserThread::PostDelayedTask( |
| 607 BrowserThread::UI, FROM_HERE, |
| 608 base::Bind(&OAuth1TokenFetcher::Start, AsWeakPtr()), |
| 609 base::TimeDelta::FromMilliseconds(kOAuth1TokenRequestRestartDelay)); |
| 610 return true; |
| 611 } |
| 612 LOG(WARNING) << "Unrecoverable error or retry count max reached."; |
| 613 return false; |
| 614 } |
| 615 |
| 616 // GaiaOAuthConsumer implementation: |
| 617 virtual void OnGetOAuthTokenSuccess(const std::string& oauth_token) OVERRIDE { |
| 618 VLOG(1) << "Got OAuth request token!"; |
| 619 } |
| 620 |
| 621 virtual void OnGetOAuthTokenFailure( |
| 622 const GoogleServiceAuthError& error) OVERRIDE { |
| 623 LOG(WARNING) << "Failed to get OAuth1 request token, error: " |
| 624 << error.state(); |
| 625 if (!RetryOnError(error)) |
| 626 delegate_->OnOAuth1AccessTokenFetchFailed(); |
| 627 } |
| 628 |
| 629 virtual void OnOAuthGetAccessTokenSuccess( |
| 630 const std::string& token, |
| 631 const std::string& secret) OVERRIDE { |
| 632 VLOG(1) << "Got OAuth v1 token!"; |
| 633 retry_count_ = 0; |
| 634 delegate_->OnOAuth1AccessTokenAvailable(token, secret); |
| 635 } |
| 636 |
| 637 virtual void OnOAuthGetAccessTokenFailure( |
| 638 const GoogleServiceAuthError& error) OVERRIDE { |
| 639 LOG(WARNING) << "Failed fetching OAuth1 access token, error: " |
| 640 << error.state(); |
| 641 if (!RetryOnError(error)) |
| 642 delegate_->OnOAuth1AccessTokenFetchFailed(); |
| 643 } |
| 644 |
| 645 OAuth1TokenFetcher::Delegate* delegate_; |
| 646 Profile* auth_profile_; |
| 647 GaiaOAuthFetcher oauth_fetcher_; |
| 648 |
| 649 // The retry counter. Increment this only when failure happened. |
| 650 int retry_count_; |
| 651 |
| 652 DISALLOW_COPY_AND_ASSIGN(OAuth1TokenFetcher); |
| 653 }; |
| 654 |
539 class LoginUtilsImpl | 655 class LoginUtilsImpl |
540 : public LoginUtils, | 656 : public LoginUtils, |
541 public GaiaOAuthConsumer, | 657 public OAuth1TokenFetcher::Delegate, |
542 public OAuthLoginVerifier::Delegate, | 658 public OAuthLoginVerifier::Delegate, |
543 public net::NetworkChangeNotifier::ConnectionTypeObserver, | 659 public net::NetworkChangeNotifier::ConnectionTypeObserver, |
544 public base::SupportsWeakPtr<LoginUtilsImpl> { | 660 public base::SupportsWeakPtr<LoginUtilsImpl> { |
545 public: | 661 public: |
546 LoginUtilsImpl() | 662 LoginUtilsImpl() |
547 : pending_requests_(false), | 663 : pending_requests_(false), |
548 using_oauth_(false), | 664 using_oauth_(false), |
549 has_cookies_(false), | 665 has_cookies_(false), |
550 delegate_(NULL), | 666 delegate_(NULL), |
551 job_restart_request_(NULL), | 667 job_restart_request_(NULL), |
(...skipping 26 matching lines...) Expand all Loading... |
578 virtual void StartTokenServices(Profile* user_profile) OVERRIDE; | 694 virtual void StartTokenServices(Profile* user_profile) OVERRIDE; |
579 virtual void StartSignedInServices( | 695 virtual void StartSignedInServices( |
580 Profile* profile, | 696 Profile* profile, |
581 const GaiaAuthConsumer::ClientLoginResult& credentials) OVERRIDE; | 697 const GaiaAuthConsumer::ClientLoginResult& credentials) OVERRIDE; |
582 virtual void TransferDefaultCookies(Profile* default_profile, | 698 virtual void TransferDefaultCookies(Profile* default_profile, |
583 Profile* new_profile) OVERRIDE; | 699 Profile* new_profile) OVERRIDE; |
584 virtual void TransferDefaultAuthCache(Profile* default_profile, | 700 virtual void TransferDefaultAuthCache(Profile* default_profile, |
585 Profile* new_profile) OVERRIDE; | 701 Profile* new_profile) OVERRIDE; |
586 virtual void StopBackgroundFetchers() OVERRIDE; | 702 virtual void StopBackgroundFetchers() OVERRIDE; |
587 | 703 |
588 // GaiaOAuthConsumer overrides. | 704 // OAuth1TokenFetcher::Delegate overrides. |
589 virtual void OnGetOAuthTokenSuccess(const std::string& oauth_token) OVERRIDE; | 705 void OnOAuth1AccessTokenAvailable(const std::string& token, |
590 virtual void OnGetOAuthTokenFailure( | 706 const std::string& secret) OVERRIDE; |
591 const GoogleServiceAuthError& error) OVERRIDE; | 707 void OnOAuth1AccessTokenFetchFailed() OVERRIDE; |
592 virtual void OnOAuthGetAccessTokenSuccess(const std::string& token, | |
593 const std::string& secret) OVERRIDE; | |
594 virtual void OnOAuthGetAccessTokenFailure( | |
595 const GoogleServiceAuthError& error) OVERRIDE; | |
596 | 708 |
597 // OAuthLoginVerifier::Delegate overrides. | 709 // OAuthLoginVerifier::Delegate overrides. |
598 virtual void OnOAuthVerificationSucceeded(const std::string& user_name, | 710 virtual void OnOAuthVerificationSucceeded(const std::string& user_name, |
599 const std::string& sid, | 711 const std::string& sid, |
600 const std::string& lsid, | 712 const std::string& lsid, |
601 const std::string& auth) OVERRIDE; | 713 const std::string& auth) OVERRIDE; |
602 virtual void OnOAuthVerificationFailed(const std::string& user_name) OVERRIDE; | 714 virtual void OnOAuthVerificationFailed(const std::string& user_name) OVERRIDE; |
603 | 715 |
604 // net::NetworkChangeNotifier::ConnectionTypeObserver overrides. | 716 // net::NetworkChangeNotifier::ConnectionTypeObserver overrides. |
605 virtual void OnConnectionTypeChanged( | 717 virtual void OnConnectionTypeChanged( |
606 net::NetworkChangeNotifier::ConnectionType type) OVERRIDE; | 718 net::NetworkChangeNotifier::ConnectionType type) OVERRIDE; |
607 | 719 |
608 // Given the authenticated credentials from the cookie jar, try to exchange | |
609 // fetch OAuth request, v1 and v2 tokens. | |
610 void FetchOAuth1AccessToken(Profile* auth_profile); | |
611 | |
612 protected: | 720 protected: |
613 virtual std::string GetOffTheRecordCommandLine( | 721 virtual std::string GetOffTheRecordCommandLine( |
614 const GURL& start_url, | 722 const GURL& start_url, |
615 const CommandLine& base_command_line, | 723 const CommandLine& base_command_line, |
616 CommandLine *command_line); | 724 CommandLine *command_line); |
617 | 725 |
618 private: | 726 private: |
619 // Restarts OAuth session authentication check. | 727 // Restarts OAuth session authentication check. |
620 void KickStartAuthentication(Profile* profile); | 728 void KickStartAuthentication(Profile* profile); |
621 | 729 |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
656 // Callback for asynchronous profile creation. | 764 // Callback for asynchronous profile creation. |
657 void OnProfileCreated(Profile* profile, | 765 void OnProfileCreated(Profile* profile, |
658 Profile::CreateStatus status); | 766 Profile::CreateStatus status); |
659 | 767 |
660 std::string password_; | 768 std::string password_; |
661 bool pending_requests_; | 769 bool pending_requests_; |
662 bool using_oauth_; | 770 bool using_oauth_; |
663 bool has_cookies_; | 771 bool has_cookies_; |
664 // Has to be scoped_refptr, see comment for CreateAuthenticator(...). | 772 // Has to be scoped_refptr, see comment for CreateAuthenticator(...). |
665 scoped_refptr<Authenticator> authenticator_; | 773 scoped_refptr<Authenticator> authenticator_; |
666 scoped_ptr<GaiaOAuthFetcher> oauth_fetcher_; | |
667 scoped_ptr<PolicyOAuthFetcher> policy_oauth_fetcher_; | 774 scoped_ptr<PolicyOAuthFetcher> policy_oauth_fetcher_; |
| 775 scoped_ptr<OAuth1TokenFetcher> oauth1_token_fetcher_; |
668 scoped_ptr<OAuthLoginVerifier> oauth_login_verifier_; | 776 scoped_ptr<OAuthLoginVerifier> oauth_login_verifier_; |
669 | 777 |
670 // Delegate to be fired when the profile will be prepared. | 778 // Delegate to be fired when the profile will be prepared. |
671 LoginUtils::Delegate* delegate_; | 779 LoginUtils::Delegate* delegate_; |
672 | 780 |
673 // Used to restart Chrome to switch to the guest mode. | 781 // Used to restart Chrome to switch to the guest mode. |
674 JobRestartRequest* job_restart_request_; | 782 JobRestartRequest* job_restart_request_; |
675 | 783 |
676 // True if should restore authentication session when notified about | 784 // True if should restore authentication session when notified about |
677 // online state change. | 785 // online state change. |
(...skipping 201 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
879 std::string oauth1_secret; | 987 std::string oauth1_secret; |
880 if (ReadOAuth1AccessToken(user_profile, &oauth1_token, &oauth1_secret) || | 988 if (ReadOAuth1AccessToken(user_profile, &oauth1_token, &oauth1_secret) || |
881 !has_cookies_) { | 989 !has_cookies_) { |
882 // Verify OAuth access token when we find it in the profile and always if | 990 // Verify OAuth access token when we find it in the profile and always if |
883 // if we don't have cookies. | 991 // if we don't have cookies. |
884 // TODO(xiyuan): Change back to use authenticator to verify token when | 992 // TODO(xiyuan): Change back to use authenticator to verify token when |
885 // we support Gaia in lock screen. | 993 // we support Gaia in lock screen. |
886 VerifyOAuth1AccessToken(user_profile, oauth1_token, oauth1_secret); | 994 VerifyOAuth1AccessToken(user_profile, oauth1_token, oauth1_secret); |
887 } else { | 995 } else { |
888 // If we don't have it, fetch OAuth1 access token. | 996 // If we don't have it, fetch OAuth1 access token. |
| 997 // Once we get that, we will kick off individual requests for OAuth2 |
| 998 // tokens for all our services. |
889 // Use off-the-record profile that was used for this step. It should | 999 // Use off-the-record profile that was used for this step. It should |
890 // already contain all needed cookies that will let us skip GAIA's user | 1000 // already contain all needed cookies that will let us skip GAIA's user |
891 // authentication UI. | 1001 // authentication UI. |
892 // | 1002 // |
893 // TODO(rickcam) We should use an isolated App here. | 1003 // TODO(rickcam) We should use an isolated App here. |
894 FetchOAuth1AccessToken(authenticator_->authentication_profile()); | 1004 oauth1_token_fetcher_.reset( |
| 1005 new OAuth1TokenFetcher(this, |
| 1006 authenticator_->authentication_profile())); |
| 1007 oauth1_token_fetcher_->Start(); |
895 } | 1008 } |
896 } | 1009 } |
897 | 1010 |
898 // Own TPM device if, for any reason, it has not been done in EULA | 1011 // Own TPM device if, for any reason, it has not been done in EULA |
899 // wizard screen. | 1012 // wizard screen. |
900 CryptohomeLibrary* cryptohome = CrosLibrary::Get()->GetCryptohomeLibrary(); | 1013 CryptohomeLibrary* cryptohome = CrosLibrary::Get()->GetCryptohomeLibrary(); |
901 btl->AddLoginTimeMarker("TPMOwn-Start", false); | 1014 btl->AddLoginTimeMarker("TPMOwn-Start", false); |
902 if (cryptohome->TpmIsEnabled() && !cryptohome->TpmIsBeingOwned()) { | 1015 if (cryptohome->TpmIsEnabled() && !cryptohome->TpmIsBeingOwned()) { |
903 if (cryptohome->TpmIsOwned()) { | 1016 if (cryptohome->TpmIsOwned()) { |
904 cryptohome->TpmClearStoredPassword(); | 1017 cryptohome->TpmClearStoredPassword(); |
(...skipping 15 matching lines...) Expand all Loading... |
920 // TODO(altimofeev): This pointer should probably never be NULL, but it looks | 1033 // TODO(altimofeev): This pointer should probably never be NULL, but it looks |
921 // like LoginUtilsImpl::OnProfileCreated() may be getting called before | 1034 // like LoginUtilsImpl::OnProfileCreated() may be getting called before |
922 // LoginUtilsImpl::PrepareProfile() has set |delegate_| when Chrome is killed | 1035 // LoginUtilsImpl::PrepareProfile() has set |delegate_| when Chrome is killed |
923 // during shutdown in tests -- see http://crosbug.com/18269. Replace this | 1036 // during shutdown in tests -- see http://crosbug.com/18269. Replace this |
924 // 'if' statement with a CHECK(delegate_) once the underlying issue is | 1037 // 'if' statement with a CHECK(delegate_) once the underlying issue is |
925 // resolved. | 1038 // resolved. |
926 if (delegate_) | 1039 if (delegate_) |
927 delegate_->OnProfilePrepared(user_profile); | 1040 delegate_->OnProfilePrepared(user_profile); |
928 } | 1041 } |
929 | 1042 |
930 void LoginUtilsImpl::FetchOAuth1AccessToken(Profile* auth_profile) { | |
931 oauth_fetcher_.reset(new GaiaOAuthFetcher(this, | |
932 auth_profile->GetRequestContext(), | |
933 auth_profile, | |
934 kServiceScopeChromeOS)); | |
935 // Let's first get the Oauth request token and OAuth1 token+secret. | |
936 // Once we get that, we will kick off individual requests for OAuth2 tokens | |
937 // for all our services. | |
938 oauth_fetcher_->SetAutoFetchLimit(GaiaOAuthFetcher::OAUTH1_ALL_ACCESS_TOKEN); | |
939 oauth_fetcher_->StartGetOAuthTokenRequest(); | |
940 } | |
941 | |
942 void LoginUtilsImpl::StartTokenServices(Profile* user_profile) { | 1043 void LoginUtilsImpl::StartTokenServices(Profile* user_profile) { |
943 std::string oauth1_token; | 1044 std::string oauth1_token; |
944 std::string oauth1_secret; | 1045 std::string oauth1_secret; |
945 if (!ReadOAuth1AccessToken(user_profile, &oauth1_token, &oauth1_secret)) | 1046 if (!ReadOAuth1AccessToken(user_profile, &oauth1_token, &oauth1_secret)) |
946 return; | 1047 return; |
947 | 1048 |
948 FetchSecondaryTokens(user_profile->GetOffTheRecordProfile(), | 1049 FetchSecondaryTokens(user_profile->GetOffTheRecordProfile(), |
949 oauth1_token, oauth1_secret); | 1050 oauth1_token, oauth1_secret); |
950 } | 1051 } |
951 | 1052 |
(...skipping 311 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1263 void LoginUtilsImpl::TransferDefaultAuthCache(Profile* default_profile, | 1364 void LoginUtilsImpl::TransferDefaultAuthCache(Profile* default_profile, |
1264 Profile* profile) { | 1365 Profile* profile) { |
1265 BrowserThread::PostTask( | 1366 BrowserThread::PostTask( |
1266 BrowserThread::IO, FROM_HERE, | 1367 BrowserThread::IO, FROM_HERE, |
1267 base::Bind(&TransferDefaultAuthCacheOnIOThread, | 1368 base::Bind(&TransferDefaultAuthCacheOnIOThread, |
1268 make_scoped_refptr(default_profile->GetRequestContext()), | 1369 make_scoped_refptr(default_profile->GetRequestContext()), |
1269 make_scoped_refptr(profile->GetRequestContext()))); | 1370 make_scoped_refptr(profile->GetRequestContext()))); |
1270 } | 1371 } |
1271 | 1372 |
1272 void LoginUtilsImpl::StopBackgroundFetchers() { | 1373 void LoginUtilsImpl::StopBackgroundFetchers() { |
1273 oauth_fetcher_.reset(); | |
1274 policy_oauth_fetcher_.reset(); | 1374 policy_oauth_fetcher_.reset(); |
| 1375 oauth1_token_fetcher_.reset(); |
1275 oauth_login_verifier_.reset(); | 1376 oauth_login_verifier_.reset(); |
1276 } | 1377 } |
1277 | 1378 |
1278 void LoginUtilsImpl::OnGetOAuthTokenSuccess(const std::string& oauth_token) { | |
1279 VLOG(1) << "Got OAuth request token!"; | |
1280 } | |
1281 | |
1282 void LoginUtilsImpl::OnGetOAuthTokenFailure( | |
1283 const GoogleServiceAuthError& error) { | |
1284 // TODO(zelidrag): Pop up sync setup UI here? | |
1285 LOG(WARNING) << "Failed fetching OAuth request token, error: " | |
1286 << error.state(); | |
1287 } | |
1288 | |
1289 void LoginUtilsImpl::OnOAuthGetAccessTokenSuccess(const std::string& token, | |
1290 const std::string& secret) { | |
1291 VLOG(1) << "Got OAuth v1 token!"; | |
1292 Profile* user_profile = ProfileManager::GetDefaultProfile(); | |
1293 StoreOAuth1AccessToken(user_profile, token, secret); | |
1294 | |
1295 // Verify OAuth1 token by doing OAuthLogin and fetching credentials. | |
1296 VerifyOAuth1AccessToken(user_profile, token, secret); | |
1297 } | |
1298 | |
1299 void LoginUtilsImpl::OnOAuthGetAccessTokenFailure( | |
1300 const GoogleServiceAuthError& error) { | |
1301 // TODO(zelidrag): Pop up sync setup UI here? | |
1302 LOG(WARNING) << "Failed fetching OAuth request token, error: " | |
1303 << error.state(); | |
1304 } | |
1305 | |
1306 void LoginUtilsImpl::FetchSecondaryTokens(Profile* offrecord_profile, | 1379 void LoginUtilsImpl::FetchSecondaryTokens(Profile* offrecord_profile, |
1307 const std::string& token, | 1380 const std::string& token, |
1308 const std::string& secret) { | 1381 const std::string& secret) { |
1309 FetchPolicyToken(offrecord_profile, token, secret); | 1382 FetchPolicyToken(offrecord_profile, token, secret); |
1310 // TODO(rickcam, zelidrag): Wire TokenService there when it becomes | 1383 // TODO(rickcam, zelidrag): Wire TokenService there when it becomes |
1311 // capable of handling OAuth1 tokens directly. | 1384 // capable of handling OAuth1 tokens directly. |
1312 } | 1385 } |
1313 | 1386 |
1314 bool LoginUtilsImpl::ReadOAuth1AccessToken(Profile* user_profile, | 1387 bool LoginUtilsImpl::ReadOAuth1AccessToken(Profile* user_profile, |
1315 std::string* token, | 1388 std::string* token, |
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1410 // TODO(nkostylev): There's a potential race if SL would be created before | 1483 // TODO(nkostylev): There's a potential race if SL would be created before |
1411 // OAuth tokens are fetched. It would use incorrect Authenticator instance. | 1484 // OAuth tokens are fetched. It would use incorrect Authenticator instance. |
1412 authenticator_ = NULL; | 1485 authenticator_ = NULL; |
1413 } | 1486 } |
1414 | 1487 |
1415 void LoginUtilsImpl::OnOAuthVerificationFailed(const std::string& user_name) { | 1488 void LoginUtilsImpl::OnOAuthVerificationFailed(const std::string& user_name) { |
1416 UserManager::Get()->SaveUserOAuthStatus(user_name, | 1489 UserManager::Get()->SaveUserOAuthStatus(user_name, |
1417 User::OAUTH_TOKEN_STATUS_INVALID); | 1490 User::OAUTH_TOKEN_STATUS_INVALID); |
1418 } | 1491 } |
1419 | 1492 |
| 1493 void LoginUtilsImpl::OnOAuth1AccessTokenAvailable(const std::string& token, |
| 1494 const std::string& secret) { |
| 1495 Profile* user_profile = ProfileManager::GetDefaultProfile(); |
| 1496 StoreOAuth1AccessToken(user_profile, token, secret); |
| 1497 |
| 1498 // Verify OAuth1 token by doing OAuthLogin and fetching credentials. |
| 1499 VerifyOAuth1AccessToken(user_profile, token, secret); |
| 1500 } |
| 1501 |
| 1502 void LoginUtilsImpl::OnOAuth1AccessTokenFetchFailed() { |
| 1503 // TODO(kochi): Show failure notification UI here? |
| 1504 LOG(ERROR) << "Failed to fetch OAuth1 access token."; |
| 1505 } |
| 1506 |
1420 void LoginUtilsImpl::OnOAuthVerificationSucceeded( | 1507 void LoginUtilsImpl::OnOAuthVerificationSucceeded( |
1421 const std::string& user_name, const std::string& sid, | 1508 const std::string& user_name, const std::string& sid, |
1422 const std::string& lsid, const std::string& auth) { | 1509 const std::string& lsid, const std::string& auth) { |
1423 // Kick off sync engine. | 1510 // Kick off sync engine. |
1424 GaiaAuthConsumer::ClientLoginResult credentials(sid, lsid, auth, | 1511 GaiaAuthConsumer::ClientLoginResult credentials(sid, lsid, auth, |
1425 std::string()); | 1512 std::string()); |
1426 StartSignedInServices(ProfileManager::GetDefaultProfile(), credentials); | 1513 StartSignedInServices(ProfileManager::GetDefaultProfile(), credentials); |
1427 } | 1514 } |
1428 | 1515 |
1429 | 1516 |
1430 void LoginUtilsImpl::OnConnectionTypeChanged( | 1517 void LoginUtilsImpl::OnConnectionTypeChanged( |
1431 net::NetworkChangeNotifier::ConnectionType type) { | 1518 net::NetworkChangeNotifier::ConnectionType type) { |
1432 if (type != net::NetworkChangeNotifier::CONNECTION_NONE && | 1519 if (type != net::NetworkChangeNotifier::CONNECTION_NONE && |
1433 UserManager::Get()->IsUserLoggedIn()) { | 1520 UserManager::Get()->IsUserLoggedIn()) { |
1434 if (oauth_login_verifier_.get() && | 1521 if (oauth_login_verifier_.get() && |
1435 !oauth_login_verifier_->is_done()) { | 1522 !oauth_login_verifier_->is_done()) { |
1436 // If we come online for the first time after successful offline login, | 1523 // If we come online for the first time after successful offline login, |
1437 // we need to kick of OAuth token verification process again. | 1524 // we need to kick off OAuth token verification process again. |
1438 oauth_login_verifier_->ContinueVerification(); | 1525 oauth_login_verifier_->ContinueVerification(); |
1439 } else if (should_restore_auth_session_) { | 1526 } else if (should_restore_auth_session_) { |
1440 should_restore_auth_session_ = false; | 1527 should_restore_auth_session_ = false; |
1441 Profile* user_profile = ProfileManager::GetDefaultProfile(); | 1528 Profile* user_profile = ProfileManager::GetDefaultProfile(); |
1442 KickStartAuthentication(user_profile); | 1529 KickStartAuthentication(user_profile); |
1443 } | 1530 } |
1444 } | 1531 } |
1445 } | 1532 } |
1446 | 1533 |
1447 // static | 1534 // static |
(...skipping 10 matching lines...) Expand all Loading... |
1458 bool LoginUtils::IsWhitelisted(const std::string& username) { | 1545 bool LoginUtils::IsWhitelisted(const std::string& username) { |
1459 CrosSettings* cros_settings = CrosSettings::Get(); | 1546 CrosSettings* cros_settings = CrosSettings::Get(); |
1460 bool allow_new_user = false; | 1547 bool allow_new_user = false; |
1461 cros_settings->GetBoolean(kAccountsPrefAllowNewUser, &allow_new_user); | 1548 cros_settings->GetBoolean(kAccountsPrefAllowNewUser, &allow_new_user); |
1462 if (allow_new_user) | 1549 if (allow_new_user) |
1463 return true; | 1550 return true; |
1464 return cros_settings->FindEmailInList(kAccountsPrefUsers, username); | 1551 return cros_settings->FindEmailInList(kAccountsPrefUsers, username); |
1465 } | 1552 } |
1466 | 1553 |
1467 } // namespace chromeos | 1554 } // namespace chromeos |
OLD | NEW |