Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2295)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/signin/signin_manager.h

Issue 12374007: signin: force web signin flow initiated visits to accounts.google.com to their own process. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebase Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/signin/signin_browsertest.cc ('k') | chrome/browser/signin/signin_manager.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/signin/signin_manager.h
diff --git a/chrome/browser/signin/signin_manager.h b/chrome/browser/signin/signin_manager.h
index a5737fb81eab998da6b920c2d764ed339ad33b53..01f5e5a00457d7eba656f915a71f0fe541c91c12 100644
--- a/chrome/browser/signin/signin_manager.h
+++ b/chrome/browser/signin/signin_manager.h
@@ -85,6 +85,17 @@ class SigninManager : public GaiaAuthConsumer,
static bool IsAllowedUsername(const std::string& username,
const std::string& policy);
+ // Returns true if |url| is a web signin URL and should be hosted in an
+ // isolated, privileged signin process.
+ static bool IsWebBasedSigninFlowURL(const GURL& url);
+
+ // This is used to distinguish URLs belonging to the special web signin flow
+ // running in the special signin process from other URLs on the same domain.
+ // We do not grant WebUI privilieges / bindings to this process or to URLs of
+ // this scheme; enforcement of privileges is handled separately by
+ // OneClickSigninHelper.
+ static const char* kChromeSigninEffectiveSite;
+
SigninManager();
virtual ~SigninManager();
@@ -205,6 +216,15 @@ class SigninManager : public GaiaAuthConsumer,
// ignored).
bool IsSignoutProhibited() const;
+ // Allows the SigninManager to track the privileged signin process
+ // identified by |process_id| so that we can later ask (via IsSigninProcess)
+ // if it is safe to sign the user in from the current context (see
+ // OneClickSigninHelper). All of this tracking state is reset once the
+ // renderer process terminates.
+ void SetSigninProcess(int process_id);
+ bool IsSigninProcess(int process_id) const;
+ bool HasSigninProcess() const;
+
protected:
// Weak pointer to parent profile (protected so FakeSigninManager can access
// it).
@@ -346,6 +366,9 @@ class SigninManager : public GaiaAuthConsumer,
base::WeakPtrFactory<SigninManager> weak_pointer_factory_;
+ // See SetSigninProcess. Tracks the currently active signin process
+ // by ID, if there is one.
+ int signin_process_id_;
#if defined(ENABLE_CONFIGURATION_POLICY) && !defined(OS_CHROMEOS)
// CloudPolicyClient reference we keep while determining whether to create
« no previous file with comments | « chrome/browser/signin/signin_browsertest.cc ('k') | chrome/browser/signin/signin_manager.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698