| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/online_attempt.h" | 5 #include "chrome/browser/chromeos/login/online_attempt.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/memory/ref_counted.h" | 11 #include "base/memory/ref_counted.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "chrome/browser/chromeos/cros/cros_library.h" | 13 #include "chrome/browser/chromeos/cros/cros_library.h" |
| 14 #include "chrome/browser/chromeos/login/auth_attempt_state.h" | 14 #include "chrome/browser/chromeos/login/auth_attempt_state.h" |
| 15 #include "chrome/browser/chromeos/login/auth_attempt_state_resolver.h" | 15 #include "chrome/browser/chromeos/login/auth_attempt_state_resolver.h" |
| 16 #include "chrome/browser/chromeos/login/user.h" | 16 #include "chrome/browser/chromeos/login/user.h" |
| 17 #include "chrome/browser/profiles/profile.h" | 17 #include "chrome/browser/profiles/profile.h" |
| 18 #include "chrome/browser/profiles/profile_manager.h" | 18 #include "chrome/browser/profiles/profile_manager.h" |
| 19 #include "chrome/browser/signin/about_signin_internals.h" |
| 20 #include "chrome/browser/signin/about_signin_internals_factory.h" |
| 19 #include "content/public/browser/browser_thread.h" | 21 #include "content/public/browser/browser_thread.h" |
| 20 #include "google_apis/gaia/gaia_auth_consumer.h" | 22 #include "google_apis/gaia/gaia_auth_consumer.h" |
| 21 #include "google_apis/gaia/gaia_auth_fetcher.h" | 23 #include "google_apis/gaia/gaia_auth_fetcher.h" |
| 22 #include "google_apis/gaia/gaia_constants.h" | 24 #include "google_apis/gaia/gaia_constants.h" |
| 23 #include "net/base/load_flags.h" | 25 #include "net/base/load_flags.h" |
| 24 #include "net/base/net_errors.h" | 26 #include "net/base/net_errors.h" |
| 25 #include "net/url_request/url_request_status.h" | 27 #include "net/url_request/url_request_status.h" |
| 26 #include "third_party/libjingle/source/talk/base/urlencode.h" | 28 #include "third_party/libjingle/source/talk/base/urlencode.h" |
| 27 | 29 |
| 28 using content::BrowserThread; | 30 using content::BrowserThread; |
| 31 using namespace signin_internals_util; |
| 29 | 32 |
| 30 namespace { | 33 namespace { |
| 31 | 34 |
| 32 // The service scope of the OAuth v2 token that ChromeOS login will be | 35 // The service scope of the OAuth v2 token that ChromeOS login will be |
| 33 // requesting. | 36 // requesting. |
| 34 const char kServiceScopeChromeOS[] = | 37 const char kServiceScopeChromeOS[] = |
| 35 "https://www.googleapis.com/auth/chromesync"; | 38 "https://www.googleapis.com/auth/chromesync"; |
| 36 | 39 |
| 40 #define FOR_DIAGNOSTICS_OBSERVERS(func) \ |
| 41 do { \ |
| 42 FOR_EACH_OBSERVER(SigninDiagnosticsObserver, \ |
| 43 signin_diagnostics_observers_, \ |
| 44 func); \ |
| 45 } while (0) \ |
| 46 |
| 37 } | 47 } |
| 38 | 48 |
| 39 namespace chromeos { | 49 namespace chromeos { |
| 40 | 50 |
| 41 // static | 51 // static |
| 42 const int OnlineAttempt::kClientLoginTimeoutMs = 10000; | 52 const int OnlineAttempt::kClientLoginTimeoutMs = 10000; |
| 43 | 53 |
| 44 OnlineAttempt::OnlineAttempt(bool using_oauth, | 54 OnlineAttempt::OnlineAttempt(bool using_oauth, |
| 45 AuthAttemptState* current_attempt, | 55 AuthAttemptState* current_attempt, |
| 46 AuthAttemptStateResolver* callback) | 56 AuthAttemptStateResolver* callback) |
| (...skipping 25 matching lines...) Expand all Loading... |
| 72 client_fetcher_.reset( | 82 client_fetcher_.reset( |
| 73 new GaiaAuthFetcher(this, GaiaConstants::kChromeOSSource, | 83 new GaiaAuthFetcher(this, GaiaConstants::kChromeOSSource, |
| 74 auth_profile->GetRequestContext())); | 84 auth_profile->GetRequestContext())); |
| 75 } | 85 } |
| 76 BrowserThread::PostTask( | 86 BrowserThread::PostTask( |
| 77 BrowserThread::UI, FROM_HERE, | 87 BrowserThread::UI, FROM_HERE, |
| 78 base::Bind(&OnlineAttempt::TryClientLogin, weak_factory_.GetWeakPtr())); | 88 base::Bind(&OnlineAttempt::TryClientLogin, weak_factory_.GetWeakPtr())); |
| 79 } | 89 } |
| 80 | 90 |
| 81 void OnlineAttempt::OnClientLoginSuccess( | 91 void OnlineAttempt::OnClientLoginSuccess( |
| 82 const GaiaAuthConsumer::ClientLoginResult& unused) { | 92 const GaiaAuthConsumer::ClientLoginResult& result) { |
| 83 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 93 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 84 VLOG(1) << "Online login successful!"; | 94 VLOG(1) << "Online login successful!"; |
| 85 | 95 |
| 86 weak_factory_.InvalidateWeakPtrs(); | 96 weak_factory_.InvalidateWeakPtrs(); |
| 87 | 97 |
| 88 if (attempt_->hosted_policy() == GaiaAuthFetcher::HostedAccountsAllowed && | 98 if (attempt_->hosted_policy() == GaiaAuthFetcher::HostedAccountsAllowed && |
| 89 attempt_->is_first_time_user()) { | 99 attempt_->is_first_time_user()) { |
| 90 // First time user, and we don't know if the account is HOSTED or not. | 100 // First time user, and we don't know if the account is HOSTED or not. |
| 91 // Since we don't allow HOSTED accounts to log in, we need to try | 101 // Since we don't allow HOSTED accounts to log in, we need to try |
| 92 // again, without allowing HOSTED accounts. | 102 // again, without allowing HOSTED accounts. |
| 93 // | 103 // |
| 94 // NOTE: we used to do this in the opposite order, so that we'd only | 104 // NOTE: we used to do this in the opposite order, so that we'd only |
| 95 // try the HOSTED pathway if GOOGLE-only failed. This breaks CAPTCHA | 105 // try the HOSTED pathway if GOOGLE-only failed. This breaks CAPTCHA |
| 96 // handling, though. | 106 // handling, though. |
| 97 attempt_->DisableHosted(); | 107 attempt_->DisableHosted(); |
| 98 TryClientLogin(); | 108 TryClientLogin(); |
| 99 return; | 109 return; |
| 100 } | 110 } |
| 111 |
| 112 // Inform all signin diagnostics observers about the login. |
| 113 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 114 USERNAME, UserManager::Get()->GetLoggedInUser()->email())); |
| 115 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 116 SIGNIN_TYPE, "Client Login")); |
| 117 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 118 LSID, result.lsid)); |
| 119 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 120 SID, result.sid)); |
| 121 |
| 101 TriggerResolve(LoginFailure::None()); | 122 TriggerResolve(LoginFailure::None()); |
| 102 } | 123 } |
| 103 | 124 |
| 104 void OnlineAttempt::OnClientLoginFailure( | 125 void OnlineAttempt::OnClientLoginFailure( |
| 105 const GoogleServiceAuthError& error) { | 126 const GoogleServiceAuthError& error) { |
| 106 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 127 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 107 | 128 |
| 108 weak_factory_.InvalidateWeakPtrs(); | 129 weak_factory_.InvalidateWeakPtrs(); |
| 109 | 130 |
| 110 if (error.state() == GoogleServiceAuthError::REQUEST_CANCELED) { | 131 if (error.state() == GoogleServiceAuthError::REQUEST_CANCELED) { |
| 111 if (try_again_) { | 132 if (try_again_) { |
| 112 try_again_ = false; | 133 try_again_ = false; |
| 113 // TODO(cmasone): add UMA tracking for this to see if we can remove it. | 134 // TODO(cmasone): add UMA tracking for this to see if we can remove it. |
| 114 LOG(ERROR) << "Login attempt canceled!?!? Trying again."; | 135 LOG(ERROR) << "Login attempt canceled!?!? Trying again."; |
| 136 |
| 137 // Inform all signin diagnostics observers about the retry |
| 138 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 139 CLIENT_LOGIN_STATUS, "Login Canceled. Retrying.")); |
| 140 |
| 115 TryClientLogin(); | 141 TryClientLogin(); |
| 116 return; | 142 return; |
| 117 } | 143 } |
| 144 // Inform all signin diagnostics observers about the cancellation. |
| 145 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 146 CLIENT_LOGIN_STATUS, "Login Canceled (after retry)")); |
| 147 |
| 118 LOG(ERROR) << "Login attempt canceled again? Already retried..."; | 148 LOG(ERROR) << "Login attempt canceled again? Already retried..."; |
| 119 } | 149 } |
| 120 | 150 |
| 121 if (error.state() == GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS && | 151 if (error.state() == GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS && |
| 122 attempt_->is_first_time_user() && | 152 attempt_->is_first_time_user() && |
| 123 attempt_->hosted_policy() != GaiaAuthFetcher::HostedAccountsAllowed) { | 153 attempt_->hosted_policy() != GaiaAuthFetcher::HostedAccountsAllowed) { |
| 124 // This was a first-time login, we already tried allowing HOSTED accounts | 154 // This was a first-time login, we already tried allowing HOSTED accounts |
| 125 // and succeeded. That we've failed with INVALID_GAIA_CREDENTIALS now | 155 // and succeeded. That we've failed with INVALID_GAIA_CREDENTIALS now |
| 126 // indicates that the account is HOSTED. | 156 // indicates that the account is HOSTED. |
| 127 LOG(WARNING) << "Rejecting valid HOSTED account."; | 157 LOG(WARNING) << "Rejecting valid HOSTED account."; |
| 158 |
| 159 // Inform all signin diagnostics observers about the login. |
| 160 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 161 CLIENT_LOGIN_STATUS, "Rejecting valid HOSTED account")); |
| 162 |
| 128 TriggerResolve(LoginFailure::FromNetworkAuthFailure( | 163 TriggerResolve(LoginFailure::FromNetworkAuthFailure( |
| 129 GoogleServiceAuthError( | 164 GoogleServiceAuthError( |
| 130 GoogleServiceAuthError::HOSTED_NOT_ALLOWED))); | 165 GoogleServiceAuthError::HOSTED_NOT_ALLOWED))); |
| 131 return; | 166 return; |
| 132 } | 167 } |
| 133 | 168 |
| 134 if (error.state() == GoogleServiceAuthError::TWO_FACTOR) { | 169 if (error.state() == GoogleServiceAuthError::TWO_FACTOR) { |
| 135 LOG(WARNING) << "Two factor authenticated. Sync will not work."; | 170 LOG(WARNING) << "Two factor authenticated. Sync will not work."; |
| 171 |
| 172 // Inform all signin diagnostics observers about the login. |
| 173 // TODO(vishwath): Is this really a successful login? |
| 174 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 175 SIGNIN_TYPE, "Client Login (with two factor authentication)")); |
| 176 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 177 CLIENT_LOGIN_STATUS, "Successful")); |
| 178 |
| 179 |
| 136 TriggerResolve(LoginFailure::None()); | 180 TriggerResolve(LoginFailure::None()); |
| 137 | |
| 138 return; | 181 return; |
| 139 } | 182 } |
| 183 |
| 184 |
| 185 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 186 SIGNIN_TYPE, "Client Login")); |
| 187 |
| 140 VLOG(2) << "ClientLogin attempt failed with " << error.state(); | 188 VLOG(2) << "ClientLogin attempt failed with " << error.state(); |
| 141 TriggerResolve(LoginFailure::FromNetworkAuthFailure(error)); | 189 TriggerResolve(LoginFailure::FromNetworkAuthFailure(error)); |
| 142 } | 190 } |
| 143 | 191 |
| 144 void OnlineAttempt::OnOAuthLoginSuccess(const std::string& sid, | 192 void OnlineAttempt::OnOAuthLoginSuccess(const std::string& sid, |
| 145 const std::string& lsid, | 193 const std::string& lsid, |
| 146 const std::string& auth) { | 194 const std::string& auth) { |
| 147 GaiaAuthConsumer::ClientLoginResult credentials(sid, | 195 GaiaAuthConsumer::ClientLoginResult credentials(sid, |
| 148 lsid, auth, std::string()); | 196 lsid, auth, std::string()); |
| 149 OnClientLoginSuccess(credentials); | 197 OnClientLoginSuccess(credentials); |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 207 | 255 |
| 208 void OnlineAttempt::TriggerResolve( | 256 void OnlineAttempt::TriggerResolve( |
| 209 const LoginFailure& outcome) { | 257 const LoginFailure& outcome) { |
| 210 attempt_->RecordOnlineLoginStatus(outcome); | 258 attempt_->RecordOnlineLoginStatus(outcome); |
| 211 client_fetcher_.reset(NULL); | 259 client_fetcher_.reset(NULL); |
| 212 oauth_fetcher_.reset(NULL); | 260 oauth_fetcher_.reset(NULL); |
| 213 resolver_->Resolve(); | 261 resolver_->Resolve(); |
| 214 } | 262 } |
| 215 | 263 |
| 216 } // namespace chromeos | 264 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11618024:
[signin] Support for CrOS and OAuth2AccessTokenConsumer services. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master