OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/login_utils.h" | 5 #include "chrome/browser/chromeos/login/login_utils.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "ash/ash_switches.h" | 10 #include "ash/ash_switches.h" |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
87 #include "ui/compositor/compositor_switches.h" | 87 #include "ui/compositor/compositor_switches.h" |
88 #include "ui/gl/gl_switches.h" | 88 #include "ui/gl/gl_switches.h" |
89 #include "webkit/plugins/plugin_switches.h" | 89 #include "webkit/plugins/plugin_switches.h" |
90 | 90 |
91 using content::BrowserThread; | 91 using content::BrowserThread; |
92 | 92 |
93 namespace chromeos { | 93 namespace chromeos { |
94 | 94 |
95 namespace { | 95 namespace { |
96 | 96 |
97 // OAuth token verification retry count. | 97 // OAuth token verification max retry count. |
98 const int kMaxOAuthTokenVerificationAttemptCount = 5; | 98 const int kMaxOAuthTokenVerificationAttemptCount = 5; |
99 // OAuth token verification retry delay. | 99 // OAuth token verification retry delay in milliseconds. |
100 const int kOAuthVerificationRestartDelay = 10000; // ms | 100 const int kOAuthVerificationRestartDelay = 10000; |
101 | |
102 // OAuth token request max retry count. | |
103 const int kMaxOAuthTokenRequestAttemptCount = 5; | |
104 // OAuth token request retry delay in milliseconds. | |
105 const int kOAuthTokenRequestRestartDelay = 3000; | |
101 | 106 |
102 // Affixes for Auth token received from ClientLogin request. | 107 // Affixes for Auth token received from ClientLogin request. |
103 const char kAuthPrefix[] = "Auth="; | 108 const char kAuthPrefix[] = "Auth="; |
104 const char kAuthSuffix[] = "\n"; | 109 const char kAuthSuffix[] = "\n"; |
105 | 110 |
106 // Increase logging level for Guest mode to avoid LOG(INFO) messages in logs. | 111 // Increase logging level for Guest mode to avoid LOG(INFO) messages in logs. |
107 const char kGuestModeLoggingLevel[] = "1"; | 112 const char kGuestModeLoggingLevel[] = "1"; |
108 | 113 |
109 // Format of command line switch. | 114 // Format of command line switch. |
110 const char kSwitchFormatString[] = " --%s=\"%s\""; | 115 const char kSwitchFormatString[] = " --%s=\"%s\""; |
(...skipping 216 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
327 | 332 |
328 virtual void OnOAuthLoginFailure( | 333 virtual void OnOAuthLoginFailure( |
329 const GoogleServiceAuthError& error) OVERRIDE { | 334 const GoogleServiceAuthError& error) OVERRIDE { |
330 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 335 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
331 LOG(WARNING) << "Failed to verify OAuth1 access tokens," | 336 LOG(WARNING) << "Failed to verify OAuth1 access tokens," |
332 << " error.state=" << error.state(); | 337 << " error.state=" << error.state(); |
333 if (!RetryOnError(error)) | 338 if (!RetryOnError(error)) |
334 delegate_->OnOAuthVerificationFailed(username_); | 339 delegate_->OnOAuthVerificationFailed(username_); |
335 } | 340 } |
336 | 341 |
337 void OnCookueFetchFailed(const GoogleServiceAuthError& error) { | 342 void OnCookieFetchFailed(const GoogleServiceAuthError& error) { |
338 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 343 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
339 if (!RetryOnError(error)) | 344 if (!RetryOnError(error)) |
340 delegate_->OnUserCookiesFetchFailed(username_); | 345 delegate_->OnUserCookiesFetchFailed(username_); |
341 } | 346 } |
342 | 347 |
343 // GaiaAuthConsumer overrides. | 348 // GaiaAuthConsumer overrides. |
344 virtual void OnIssueAuthTokenSuccess(const std::string& service, | 349 virtual void OnIssueAuthTokenSuccess(const std::string& service, |
345 const std::string& auth_token) OVERRIDE { | 350 const std::string& auth_token) OVERRIDE { |
346 gaia_fetcher_.StartMergeSession(auth_token); | 351 gaia_fetcher_.StartMergeSession(auth_token); |
347 } | 352 } |
348 | 353 |
349 virtual void OnIssueAuthTokenFailure(const std::string& service, | 354 virtual void OnIssueAuthTokenFailure(const std::string& service, |
350 const GoogleServiceAuthError& error) OVERRIDE { | 355 const GoogleServiceAuthError& error) OVERRIDE { |
351 DVLOG(1) << "Failed IssueAuthToken request," | 356 DVLOG(1) << "Failed IssueAuthToken request," |
352 << " error.state=" << error.state(); | 357 << " error.state=" << error.state(); |
353 OnCookueFetchFailed(error); | 358 OnCookieFetchFailed(error); |
354 } | 359 } |
355 | 360 |
356 virtual void OnMergeSessionSuccess(const std::string& data) OVERRIDE { | 361 virtual void OnMergeSessionSuccess(const std::string& data) OVERRIDE { |
357 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 362 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
358 DVLOG(1) << "MergeSession successful."; | 363 DVLOG(1) << "MergeSession successful."; |
359 step_ = VERIFICATION_STEP_COOKIES_FETCHED; | 364 step_ = VERIFICATION_STEP_COOKIES_FETCHED; |
360 delegate_->OnUserCookiesFetchSucceeded(username_); | 365 delegate_->OnUserCookiesFetchSucceeded(username_); |
361 } | 366 } |
362 | 367 |
363 virtual void OnMergeSessionFailure( | 368 virtual void OnMergeSessionFailure( |
364 const GoogleServiceAuthError& error) OVERRIDE { | 369 const GoogleServiceAuthError& error) OVERRIDE { |
365 DVLOG(1) << "Failed MergeSession request," | 370 DVLOG(1) << "Failed MergeSession request," |
366 << " error.state=" << error.state(); | 371 << " error.state=" << error.state(); |
367 OnCookueFetchFailed(error); | 372 OnCookieFetchFailed(error); |
368 } | 373 } |
369 | 374 |
370 OAuthLoginVerifier::Delegate* delegate_; | 375 OAuthLoginVerifier::Delegate* delegate_; |
371 GaiaOAuthFetcher oauth_fetcher_; | 376 GaiaOAuthFetcher oauth_fetcher_; |
372 GaiaAuthFetcher gaia_fetcher_; | 377 GaiaAuthFetcher gaia_fetcher_; |
373 std::string oauth1_token_; | 378 std::string oauth1_token_; |
374 std::string oauth1_secret_; | 379 std::string oauth1_secret_; |
375 std::string sid_; | 380 std::string sid_; |
376 std::string lsid_; | 381 std::string lsid_; |
377 std::string username_; | 382 std::string username_; |
(...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
541 public OAuthLoginVerifier::Delegate, | 546 public OAuthLoginVerifier::Delegate, |
542 public net::NetworkChangeNotifier::ConnectionTypeObserver, | 547 public net::NetworkChangeNotifier::ConnectionTypeObserver, |
543 public base::SupportsWeakPtr<LoginUtilsImpl> { | 548 public base::SupportsWeakPtr<LoginUtilsImpl> { |
544 public: | 549 public: |
545 LoginUtilsImpl() | 550 LoginUtilsImpl() |
546 : pending_requests_(false), | 551 : pending_requests_(false), |
547 using_oauth_(false), | 552 using_oauth_(false), |
548 has_cookies_(false), | 553 has_cookies_(false), |
549 delegate_(NULL), | 554 delegate_(NULL), |
550 job_restart_request_(NULL), | 555 job_restart_request_(NULL), |
551 should_restore_auth_session_(false) { | 556 should_restore_auth_session_(false), |
557 token_request_count_(0) { | |
552 net::NetworkChangeNotifier::AddConnectionTypeObserver(this); | 558 net::NetworkChangeNotifier::AddConnectionTypeObserver(this); |
553 } | 559 } |
554 | 560 |
555 virtual ~LoginUtilsImpl() { | 561 virtual ~LoginUtilsImpl() { |
556 net::NetworkChangeNotifier::RemoveConnectionTypeObserver(this); | 562 net::NetworkChangeNotifier::RemoveConnectionTypeObserver(this); |
557 } | 563 } |
558 | 564 |
559 // LoginUtils implementation: | 565 // LoginUtils implementation: |
560 virtual void DoBrowserLaunch(Profile* profile, | 566 virtual void DoBrowserLaunch(Profile* profile, |
561 LoginDisplayHost* login_host) OVERRIDE; | 567 LoginDisplayHost* login_host) OVERRIDE; |
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
669 // Delegate to be fired when the profile will be prepared. | 675 // Delegate to be fired when the profile will be prepared. |
670 LoginUtils::Delegate* delegate_; | 676 LoginUtils::Delegate* delegate_; |
671 | 677 |
672 // Used to restart Chrome to switch to the guest mode. | 678 // Used to restart Chrome to switch to the guest mode. |
673 JobRestartRequest* job_restart_request_; | 679 JobRestartRequest* job_restart_request_; |
674 | 680 |
675 // True if should restore authentication session when notified about | 681 // True if should restore authentication session when notified about |
676 // online state change. | 682 // online state change. |
677 bool should_restore_auth_session_; | 683 bool should_restore_auth_session_; |
678 | 684 |
685 // Number of retries we have requested for OAuth1 access token. | |
686 int token_request_count_; | |
687 | |
679 DISALLOW_COPY_AND_ASSIGN(LoginUtilsImpl); | 688 DISALLOW_COPY_AND_ASSIGN(LoginUtilsImpl); |
680 }; | 689 }; |
681 | 690 |
682 class LoginUtilsWrapper { | 691 class LoginUtilsWrapper { |
683 public: | 692 public: |
684 static LoginUtilsWrapper* GetInstance() { | 693 static LoginUtilsWrapper* GetInstance() { |
685 return Singleton<LoginUtilsWrapper>::get(); | 694 return Singleton<LoginUtilsWrapper>::get(); |
686 } | 695 } |
687 | 696 |
688 LoginUtils* get() { | 697 LoginUtils* get() { |
(...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
883 // TODO(xiyuan): Change back to use authenticator to verify token when | 892 // TODO(xiyuan): Change back to use authenticator to verify token when |
884 // we support Gaia in lock screen. | 893 // we support Gaia in lock screen. |
885 VerifyOAuth1AccessToken(user_profile, oauth1_token, oauth1_secret); | 894 VerifyOAuth1AccessToken(user_profile, oauth1_token, oauth1_secret); |
886 } else { | 895 } else { |
887 // If we don't have it, fetch OAuth1 access token. | 896 // If we don't have it, fetch OAuth1 access token. |
888 // Use off-the-record profile that was used for this step. It should | 897 // Use off-the-record profile that was used for this step. It should |
889 // already contain all needed cookies that will let us skip GAIA's user | 898 // already contain all needed cookies that will let us skip GAIA's user |
890 // authentication UI. | 899 // authentication UI. |
891 // | 900 // |
892 // TODO(rickcam) We should use an isolated App here. | 901 // TODO(rickcam) We should use an isolated App here. |
893 FetchOAuth1AccessToken(authenticator_->authentication_profile()); | 902 NetworkLibrary* network_library = CrosLibrary::Get()->GetNetworkLibrary(); |
903 if (network_library && network_library->Connected()) { | |
904 FetchOAuth1AccessToken(authenticator_->authentication_profile()); | |
905 } else { | |
906 VLOG(1) << "Network is unreacheable; deferring token request."; | |
907 BrowserThread::PostDelayedTask( | |
908 BrowserThread::UI, FROM_HERE, | |
909 base::Bind(&LoginUtilsImpl::FetchOAuth1AccessToken, | |
910 base::Unretained(this), | |
911 authenticator_->authentication_profile()), | |
912 base::TimeDelta::FromMilliseconds(kOAuthTokenRequestRestartDelay)); | |
913 } | |
894 } | 914 } |
895 } | 915 } |
896 | 916 |
897 // Own TPM device if, for any reason, it has not been done in EULA | 917 // Own TPM device if, for any reason, it has not been done in EULA |
898 // wizard screen. | 918 // wizard screen. |
899 CryptohomeLibrary* cryptohome = CrosLibrary::Get()->GetCryptohomeLibrary(); | 919 CryptohomeLibrary* cryptohome = CrosLibrary::Get()->GetCryptohomeLibrary(); |
900 btl->AddLoginTimeMarker("TPMOwn-Start", false); | 920 btl->AddLoginTimeMarker("TPMOwn-Start", false); |
901 if (cryptohome->TpmIsEnabled() && !cryptohome->TpmIsBeingOwned()) { | 921 if (cryptohome->TpmIsEnabled() && !cryptohome->TpmIsBeingOwned()) { |
902 if (cryptohome->TpmIsOwned()) { | 922 if (cryptohome->TpmIsOwned()) { |
903 cryptohome->TpmClearStoredPassword(); | 923 cryptohome->TpmClearStoredPassword(); |
(...skipping 362 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1266 } | 1286 } |
1267 | 1287 |
1268 void LoginUtilsImpl::StopBackgroundFetchers() { | 1288 void LoginUtilsImpl::StopBackgroundFetchers() { |
1269 oauth_fetcher_.reset(); | 1289 oauth_fetcher_.reset(); |
1270 policy_oauth_fetcher_.reset(); | 1290 policy_oauth_fetcher_.reset(); |
1271 oauth_login_verifier_.reset(); | 1291 oauth_login_verifier_.reset(); |
1272 } | 1292 } |
1273 | 1293 |
1274 void LoginUtilsImpl::OnGetOAuthTokenSuccess(const std::string& oauth_token) { | 1294 void LoginUtilsImpl::OnGetOAuthTokenSuccess(const std::string& oauth_token) { |
1275 VLOG(1) << "Got OAuth request token!"; | 1295 VLOG(1) << "Got OAuth request token!"; |
1296 token_request_count_ = 0; | |
1276 } | 1297 } |
1277 | 1298 |
1278 void LoginUtilsImpl::OnGetOAuthTokenFailure( | 1299 void LoginUtilsImpl::OnGetOAuthTokenFailure( |
1279 const GoogleServiceAuthError& error) { | 1300 const GoogleServiceAuthError& error) { |
1280 // TODO(zelidrag): Pop up sync setup UI here? | |
1281 LOG(WARNING) << "Failed fetching OAuth request token, error: " | 1301 LOG(WARNING) << "Failed fetching OAuth request token, error: " |
1282 << error.state(); | 1302 << error.state(); |
1303 // If the request failed due to network flakiness, try again. | |
zel
2012/05/25 15:19:36
Since this process is no longer super simple, let'
kochi
2012/05/28 08:46:12
Done.
| |
1304 if (error.state() == GoogleServiceAuthError::SERVICE_UNAVAILABLE && | |
Nikita (slow)
2012/05/25 18:12:08
error.state() == GoogleServiceAuthError::CONNECTIO
kochi
2012/05/28 08:46:12
Done.
| |
1305 token_request_count_++ < kMaxOAuthTokenRequestAttemptCount) { | |
1306 BrowserThread::PostDelayedTask(BrowserThread::UI, FROM_HERE, | |
1307 base::Bind(&LoginUtilsImpl::FetchOAuth1AccessToken, | |
1308 base::Unretained(this), | |
1309 authenticator_->authentication_profile()), | |
1310 base::TimeDelta::FromMilliseconds(kOAuthTokenRequestRestartDelay)); | |
1311 return; | |
1312 } | |
1313 LOG(WARNING) << "Unrecoverable error or retry count max reached, giving up."; | |
1283 } | 1314 } |
1284 | 1315 |
1285 void LoginUtilsImpl::OnOAuthGetAccessTokenSuccess(const std::string& token, | 1316 void LoginUtilsImpl::OnOAuthGetAccessTokenSuccess(const std::string& token, |
1286 const std::string& secret) { | 1317 const std::string& secret) { |
1287 VLOG(1) << "Got OAuth v1 token!"; | 1318 VLOG(1) << "Got OAuth v1 token!"; |
1288 Profile* user_profile = ProfileManager::GetDefaultProfile(); | 1319 Profile* user_profile = ProfileManager::GetDefaultProfile(); |
1289 StoreOAuth1AccessToken(user_profile, token, secret); | 1320 StoreOAuth1AccessToken(user_profile, token, secret); |
1290 | 1321 |
1291 // Verify OAuth1 token by doing OAuthLogin and fetching credentials. | 1322 // Verify OAuth1 token by doing OAuthLogin and fetching credentials. |
1292 VerifyOAuth1AccessToken(user_profile, token, secret); | 1323 VerifyOAuth1AccessToken(user_profile, token, secret); |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1416 void LoginUtilsImpl::OnOAuthVerificationSucceeded( | 1447 void LoginUtilsImpl::OnOAuthVerificationSucceeded( |
1417 const std::string& user_name, const std::string& sid, | 1448 const std::string& user_name, const std::string& sid, |
1418 const std::string& lsid, const std::string& auth) { | 1449 const std::string& lsid, const std::string& auth) { |
1419 // Kick off sync engine. | 1450 // Kick off sync engine. |
1420 GaiaAuthConsumer::ClientLoginResult credentials(sid, lsid, auth, | 1451 GaiaAuthConsumer::ClientLoginResult credentials(sid, lsid, auth, |
1421 std::string()); | 1452 std::string()); |
1422 StartSignedInServices(ProfileManager::GetDefaultProfile(), credentials); | 1453 StartSignedInServices(ProfileManager::GetDefaultProfile(), credentials); |
1423 } | 1454 } |
1424 | 1455 |
1425 | 1456 |
1426 void LoginUtilsImpl::OnConnectionTypeChanged( | 1457 void LoginUtilsImpl::OnConnectionTypeChanged( |
zel
2012/05/25 15:19:36
when we detect nw changes, you should be able to r
kochi
2012/05/28 08:46:12
This is done in the new class.
On 2012/05/25 15:1
| |
1427 net::NetworkChangeNotifier::ConnectionType type) { | 1458 net::NetworkChangeNotifier::ConnectionType type) { |
1428 if (type != net::NetworkChangeNotifier::CONNECTION_NONE && | 1459 if (type != net::NetworkChangeNotifier::CONNECTION_NONE && |
1429 UserManager::Get()->IsUserLoggedIn()) { | 1460 UserManager::Get()->IsUserLoggedIn()) { |
1430 if (oauth_login_verifier_.get() && | 1461 if (oauth_login_verifier_.get() && |
1431 !oauth_login_verifier_->is_done()) { | 1462 !oauth_login_verifier_->is_done()) { |
1432 // If we come online for the first time after successful offline login, | 1463 // If we come online for the first time after successful offline login, |
1433 // we need to kick of OAuth token verification process again. | 1464 // we need to kick of OAuth token verification process again. |
1434 oauth_login_verifier_->ContinueVerification(); | 1465 oauth_login_verifier_->ContinueVerification(); |
1435 } else if (should_restore_auth_session_) { | 1466 } else if (should_restore_auth_session_) { |
1436 should_restore_auth_session_ = false; | 1467 should_restore_auth_session_ = false; |
(...skipping 17 matching lines...) Expand all Loading... | |
1454 bool LoginUtils::IsWhitelisted(const std::string& username) { | 1485 bool LoginUtils::IsWhitelisted(const std::string& username) { |
1455 CrosSettings* cros_settings = CrosSettings::Get(); | 1486 CrosSettings* cros_settings = CrosSettings::Get(); |
1456 bool allow_new_user = false; | 1487 bool allow_new_user = false; |
1457 cros_settings->GetBoolean(kAccountsPrefAllowNewUser, &allow_new_user); | 1488 cros_settings->GetBoolean(kAccountsPrefAllowNewUser, &allow_new_user); |
1458 if (allow_new_user) | 1489 if (allow_new_user) |
1459 return true; | 1490 return true; |
1460 return cros_settings->FindEmailInList(kAccountsPrefUsers, username); | 1491 return cros_settings->FindEmailInList(kAccountsPrefUsers, username); |
1461 } | 1492 } |
1462 | 1493 |
1463 } // namespace chromeos | 1494 } // namespace chromeos |
OLD | NEW |