Revert 154457 - Switch from SignedSettings to DeviceSettingsService.

chrome/browser/chromeos/login/parallel_authenticator.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/parallel_authenticator.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "chrome/browser/chromeos/boot_times_loader.h"
 #include "chrome/browser/chromeos/cros/cert_library.h"
 #include "chrome/browser/chromeos/cros/cros_library.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
 #include "chrome/browser/chromeos/login/authentication_notification_details.h"
 #include "chrome/browser/chromeos/login/login_status_consumer.h"
 #include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/browser/chromeos/settings/cros_settings.h"
+#include "chrome/browser/chromeos/settings/ownership_service.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/net/gaia/gaia_auth_util.h"
 #include "chromeos/cryptohome/async_method_caller.h"
 #include "chromeos/dbus/cryptohome_client.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_service.h"
 #include "crypto/sha2.h"
 #include "third_party/cros_system_api/dbus/service_constants.h"
@@ skipping 161 matching lines @@
       migrate_attempted_(false),
       remove_attempted_(false),
       mount_guest_attempted_(false),
       check_key_attempted_(false),
       already_reported_success_(false),
       owner_is_verified_(false),
       user_can_login_(false),
       using_oauth_(
           !CommandLine::ForCurrentProcess()->HasSwitch(
               switches::kSkipOAuthLogin)) {
+  // If not already owned, this is a no-op.  If it is, this loads the owner's
+  // public key off of disk.
+  OwnershipService::GetSharedInstance()->StartLoadOwnerKeyAttempt();
 }
 
 void ParallelAuthenticator::AuthenticateToLogin(
     Profile* profile,
     const std::string& username,
     const std::string& password,
     const std::string& login_token,
     const std::string& login_captcha) {
   std::string canonicalized = gaia::CanonicalizeEmail(username);
   authentication_profile_ = profile;
   current_state_.reset(
       new AuthAttemptState(
           canonicalized,
           password,
           HashPassword(password),
           login_token,
           login_captcha,
           !UserManager::Get()->IsKnownUser(canonicalized)));
-  // Reset the verified flag.
-  owner_is_verified_ = false;
+  {
+    // Reset the verified flag.
+    base::AutoLock for_this_block(owner_verified_lock_);
+    owner_is_verified_ = false;
+  }
 
   const bool create_if_missing = false;
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&Mount,
                  current_state_.get(),
                  static_cast<AuthAttemptStateResolver*>(this),
                  create_if_missing));
   // ClientLogin authentication check should happen immediately here.
   // We should not try OAuthLogin check until the profile loads.
@@ skipping 10 matching lines @@
                                           const std::string& username,
                                           const std::string& password) {
   std::string canonicalized = gaia::CanonicalizeEmail(username);
   authentication_profile_ = profile;
   current_state_.reset(
       new AuthAttemptState(
           canonicalized,
           password,
           HashPassword(password),
           !UserManager::Get()->IsKnownUser(canonicalized)));
-
-  // Reset the verified flag.
-  owner_is_verified_ = false;
+  {
+    // Reset the verified flag.
+    base::AutoLock for_this_block(owner_verified_lock_);
+    owner_is_verified_ = false;
+  }
 
   const bool create_if_missing = false;
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&Mount,
                  current_state_.get(),
                  static_cast<AuthAttemptStateResolver*>(this),
                  create_if_missing));
 
   if (!using_oauth_) {
@@ skipping 133 matching lines @@
   remove_attempted_ = true;
   current_state_->ResetCryptohomeStatus();
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&Remove,
                  current_state_.get(),
                  static_cast<AuthAttemptStateResolver*>(this)));
 }
 
 bool ParallelAuthenticator::VerifyOwner() {
+  base::AutoLock for_this_block(owner_verified_lock_);
   if (owner_is_verified_)
     return true;
   // Check if policy data is fine and continue in safe mode if needed.
   bool is_safe_mode = false;
   CrosSettings::Get()->GetBoolean(kPolicyMissingMitigationMode, &is_safe_mode);
   if (!is_safe_mode) {
     // Now we can continue with the login and report mount success.
     user_can_login_ = true;
     owner_is_verified_ = true;
     return true;
   }
   // First we have to make sure the current user's cert store is available.
   CrosLibrary::Get()->GetCertLibrary()->LoadKeyStore();
   // Now we can continue reading the private key.
-  DeviceSettingsService::Get()->SetUsername(current_state_->username);
-  DeviceSettingsService::Get()->GetOwnershipStatusAsync(
-      base::Bind(&ParallelAuthenticator::OnOwnershipChecked, this));
+  BrowserThread::PostTask(
+      BrowserThread::FILE, FROM_HERE,
+      base::Bind(&ParallelAuthenticator::FinishVerifyOwnerOnFileThread, this));
   return false;
 }
 
-void ParallelAuthenticator::OnOwnershipChecked(
-    DeviceSettingsService::OwnershipStatus status,
-    bool is_owner) {
+void ParallelAuthenticator::FinishVerifyOwnerOnFileThread() {
+  base::AutoLock for_this_block(owner_verified_lock_);
   // Now we can check if this user is the owner.
-  user_can_login_ = is_owner;
+  user_can_login_ =
+      OwnershipService::GetSharedInstance()->IsCurrentUserOwner();
   owner_is_verified_ = true;
-  Resolve();
+  BrowserThread::PostTask(
+      BrowserThread::UI, FROM_HERE,
+      base::Bind(&ParallelAuthenticator::Resolve, this));
 }
 
 void ParallelAuthenticator::RetryAuth(Profile* profile,
                                       const std::string& username,
                                       const std::string& password,
                                       const std::string& login_token,
                                       const std::string& login_captcha) {
   reauth_state_.reset(
       new AuthAttemptState(
           gaia::CanonicalizeEmail(username),
@@ skipping 338 matching lines @@
 }
 
 void ParallelAuthenticator::ResolveLoginCompletionStatus() {
   // Shortcut online state resolution process.
   current_state_->RecordOnlineLoginStatus(LoginFailure::None());
   Resolve();
 }
 
 void ParallelAuthenticator::SetOwnerState(bool owner_check_finished,
                                           bool check_result) {
+  base::AutoLock for_this_block(owner_verified_lock_);
   owner_is_verified_ = owner_check_finished;
   user_can_login_ = check_result;
 }
 
 }  // namespace chromeos