Add first implemenation for SU password sync

chrome/browser/chromeos/login/managed/supervised_user_authentication.h

Index: chrome/browser/chromeos/login/managed/supervised_user_authentication.h
diff --git a/chrome/browser/chromeos/login/managed/supervised_user_authentication.h b/chrome/browser/chromeos/login/managed/supervised_user_authentication.h
new file mode 100644
index 0000000000000000000000000000000000000000..2c741f7ec8e00bbf5be8838acaa94cedc14834b9
--- /dev/null
+++ b/chrome/browser/chromeos/login/managed/supervised_user_authentication.h
@@ -0,0 +1,71 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_MANAGED_SUPERVISED_USER_AUTHENTICATION_H_
+#define CHROME_BROWSER_CHROMEOS_LOGIN_MANAGED_SUPERVISED_USER_AUTHENTICATION_H_
+
+#include "base/basictypes.h"
+#include "base/compiler_specific.h"
+#include "base/memory/weak_ptr.h"
+#include "base/strings/string16.h"
+#include "base/values.h"
+#include "chrome/browser/chromeos/login/managed/supervised_user_login_flow.h"
+
+namespace chromeos {
+
+const int kPlainPasswordSchema = 1;

[Nikita (slow), 2013/12/09 16:42:16]

Do you need this in header? I see that these are only used in this class.

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Moved it to enum inside the class.
For now it's inside public: section, but I will consider if it should be moved
to private: later.

+const int kPasswordEncryptedWithSaltSchema = 2;

[Bernhard Bauer, 2013/12/11 14:46:43]

Could you use an enum?

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

+
+class SupervisedUserManager;
+
+// UserFlow implementation for signing in locally managed user.

[Nikita (slow), 2013/12/09 16:42:16]

SupervisedUserAuthentication class comment should be expanded.
It should contain some very basic information (one can always check the code for
more details) on what it does and some short explanation what is schema version
(which version there're now), password revision etc. Also mention when migration
happens. Keep it simple, so that at least some of this knowledge is documented
in the comments.

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

+class SupervisedUserAuthentication {
+ public:
+  explicit SupervisedUserAuthentication(SupervisedUserManager* owner);
+  virtual ~SupervisedUserAuthentication();
+
+  // Transforms password according to schema specified in Local State.
+  std::string TransformPassword(const std::string& supervised_user_id,
+                                const std::string& password);
+
+  // Returns |true| if current password schema for user is different from
+  // target schema.

[Nikita (slow), 2013/12/09 16:42:16]

nit: Can you change "target schema" to something more specific?

"if user password schema is different from the latest schema"?

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

+  bool PasswordNeedsMigration(const std::string& user_id);
+
+  // Schedules password migration for |user_id| with |password| as a plain text
+  // password. Migration should happen during |user_login_flow|.
+  void SchedulePasswordMigration(const std::string& user_id,
+                                 const std::string& password,
+                                 SupervisedUserLoginFlow* user_login_flow);
+
+  // Fills |password_data| with |password|-specific data for |user_id|,
+  // depending on target schema. Does not affect Local State.
+  bool FillDataForNewUser(const std::string& user_id,
+                          const std::string& password,
+                          base::DictionaryValue* password_data);
+
+  // Stores |password_data| for |user_id| in Local State. Only public parts
+  // of |password_data| will be stored.
+  void StorePasswordData(const std::string& user_id,
+                         const base::DictionaryValue& password_data);
+
+  std::string BuildPasswordForSchemaV2(const std::string& salt,

[Nikita (slow), 2013/12/09 16:42:16]

nit: Please add comment. Move to private API or to unnamed namespace?

[Nikita (slow), 2013/12/09 17:51:08]

nit: You name schema here as V2 while constant is called just 
kPasswordEncryptedWithSaltSchema.

Can it be replaced with smth like? 
kPlainPasswordSchemaV1
kPasswordEncryptedWithSaltSchemaV2

+                                       const std::string& plain_password);
+ private:
+  SupervisedUserManager* owner_;
+
+  // Controls if migration is enabled.
+  bool should_migrate_;

[Nikita (slow), 2013/12/09 16:42:16]

nit: migration_enabled_

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

+
+  // Target schema version. Affects migration process and new user creation.
+  int target_version_;

[Nikita (slow), 2013/12/09 16:42:16]

nit: current_version_ or latest_version_

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

+
+  // Utility method that gets schema version for |user_id| from Local State.
+  int GetPasswordSchemaVersion(const std::string& user_id);
+
+  DISALLOW_COPY_AND_ASSIGN(SupervisedUserAuthentication);
+};
+
+} // namespace chromeos
+
+#endif  // CHROME_BROWSER_CHROMEOS_LOGIN_MANAGED_SUPERVISED_USER_AUTHENTICATION_H_