OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_LOGIN_PERFORMER_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_LOGIN_PERFORMER_H_ |
6 #define CHROME_BROWSER_CHROMEOS_LOGIN_LOGIN_PERFORMER_H_ | 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_LOGIN_PERFORMER_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
11 #include "base/memory/weak_ptr.h" | 11 #include "base/memory/weak_ptr.h" |
12 #include "chrome/browser/chromeos/login/authenticator.h" | 12 #include "chrome/browser/chromeos/login/authenticator.h" |
13 #include "chrome/browser/chromeos/login/login_status_consumer.h" | 13 #include "chrome/browser/chromeos/login/login_status_consumer.h" |
14 #include "chrome/browser/chromeos/login/online_attempt_host.h" | 14 #include "chrome/browser/chromeos/login/online_attempt_host.h" |
15 #include "chrome/browser/chromeos/login/user.h" | 15 #include "chrome/browser/chromeos/login/user.h" |
16 #include "chrome/browser/profiles/profile_manager.h" | 16 #include "chrome/browser/profiles/profile_manager.h" |
17 #include "content/public/browser/notification_observer.h" | 17 #include "content/public/browser/notification_observer.h" |
18 #include "content/public/browser/notification_registrar.h" | 18 #include "content/public/browser/notification_registrar.h" |
19 #include "google_apis/gaia/google_service_auth_error.h" | 19 #include "google_apis/gaia/google_service_auth_error.h" |
20 | 20 |
21 namespace chromeos { | 21 namespace chromeos { |
22 | 22 |
23 // This class encapsulates sign in operations. | 23 // This class encapsulates sign in operations. |
24 // Sign in is performed in a way that offline auth is executed first. | 24 // Sign in is performed in a way that offline auth is executed first. |
25 // Once offline auth is OK - user homedir is mounted, UI is launched. | 25 // Once offline auth is OK - user homedir is mounted, UI is launched. |
26 // At this point LoginPerformer |delegate_| is destroyed and it releases | 26 // At this point LoginPerformer |delegate_| is destroyed and it releases |
27 // LP instance ownership. LP waits for online login result. | 27 // LP instance ownership. LP waits for online login result. |
28 // If auth is succeeded, cookie fetcher is executed, LP instance deletes itself. | 28 // If auth is succeeded, cookie fetcher is executed, LP instance deletes itself. |
29 // | 29 // |
30 // If online login operation fails that means: | 30 // If |delegate_| is not NULL it will handle error messages, password input. |
31 // (1) User password has changed. Ask user for the new password. | |
32 // (2) User password has changed and/or CAPTCHA input is required. | |
33 // (3) User account is deleted/disabled/not signed up. | |
34 // (4) Timeout/service unavailable/connection failed. | |
35 // | |
36 // Actions: | |
37 // (1)-(3): Request screen lock. | |
38 // (1) Ask for new user password. | |
39 // (2) Ask for new user password and/or CAPTCHA. | |
40 // (3) Display error message and allow "Sign Out" as the only action. | |
41 // (4) Delete LP instance since offline auth was OK. | |
42 // | |
43 // If |delegate_| is not NULL it will handle error messages, | |
44 // CAPTCHA dialog, password input. | |
45 // If |delegate_| is NULL that does mean that LoginPerformer instance | |
46 // is waiting for successful online login or blocked on online login failure. | |
47 // In case of failure password/captcha | |
48 // input & error messages display is dedicated to ScreenLocker instance. | |
49 // | |
50 // 2 things make LoginPerfrormer instance exist longer: | |
51 // 1. ScreenLock active (pending correct new password input) | |
52 // 2. Pending online auth request. | |
53 // TODO(nkostylev): Cleanup ClientLogin related code, update class description. | |
54 class LoginPerformer : public LoginStatusConsumer, | 31 class LoginPerformer : public LoginStatusConsumer, |
55 public content::NotificationObserver, | |
56 public OnlineAttemptHost::Delegate { | 32 public OnlineAttemptHost::Delegate { |
57 public: | 33 public: |
58 typedef enum AuthorizationMode { | 34 typedef enum AuthorizationMode { |
59 // Authorization performed internally by Chrome. | 35 // Authorization performed internally by Chrome. |
60 AUTH_MODE_INTERNAL, | 36 AUTH_MODE_INTERNAL, |
61 // Authorization performed by an extension. | 37 // Authorization performed by an extension. |
62 AUTH_MODE_EXTENSION | 38 AUTH_MODE_EXTENSION |
63 } AuthorizationMode; | 39 } AuthorizationMode; |
64 | 40 |
65 // Delegate class to get notifications from the LoginPerformer. | 41 // Delegate class to get notifications from the LoginPerformer. |
66 class Delegate : public LoginStatusConsumer { | 42 class Delegate : public LoginStatusConsumer { |
67 public: | 43 public: |
68 virtual ~Delegate() {} | 44 virtual ~Delegate() {} |
69 virtual void WhiteListCheckFailed(const std::string& email) = 0; | 45 virtual void WhiteListCheckFailed(const std::string& email) = 0; |
70 virtual void PolicyLoadFailed() = 0; | 46 virtual void PolicyLoadFailed() = 0; |
71 virtual void OnOnlineChecked(const std::string& email, bool success) = 0; | 47 virtual void OnOnlineChecked(const std::string& email, bool success) = 0; |
72 }; | 48 }; |
73 | 49 |
74 explicit LoginPerformer(Delegate* delegate); | 50 explicit LoginPerformer(Delegate* delegate); |
75 virtual ~LoginPerformer(); | 51 virtual ~LoginPerformer(); |
76 | 52 |
77 // Returns the default instance if it has been created. | |
78 // This instance is owned by delegate_ till it's destroyed. | |
79 // When LP instance lives by itself it's used by ScreenLocker instance. | |
80 static LoginPerformer* default_performer() { | |
81 return default_performer_; | |
82 } | |
83 | |
84 // LoginStatusConsumer implementation: | 53 // LoginStatusConsumer implementation: |
85 virtual void OnLoginFailure(const LoginFailure& error) OVERRIDE; | 54 virtual void OnLoginFailure(const LoginFailure& error) OVERRIDE; |
86 virtual void OnRetailModeLoginSuccess( | 55 virtual void OnRetailModeLoginSuccess( |
87 const UserContext& user_context) OVERRIDE; | 56 const UserContext& user_context) OVERRIDE; |
88 virtual void OnLoginSuccess( | 57 virtual void OnLoginSuccess( |
89 const UserContext& user_context, | 58 const UserContext& user_context, |
90 bool pending_requests, | 59 bool pending_requests, |
91 bool using_oauth) OVERRIDE; | 60 bool using_oauth) OVERRIDE; |
92 virtual void OnOffTheRecordLoginSuccess() OVERRIDE; | 61 virtual void OnOffTheRecordLoginSuccess() OVERRIDE; |
93 virtual void OnPasswordChangeDetected() OVERRIDE; | 62 virtual void OnPasswordChangeDetected() OVERRIDE; |
(...skipping 20 matching lines...) Expand all Loading... |
114 void RecoverEncryptedData(const std::string& old_password); | 83 void RecoverEncryptedData(const std::string& old_password); |
115 | 84 |
116 // Reinitializes cryptohome with the new password. | 85 // Reinitializes cryptohome with the new password. |
117 void ResyncEncryptedData(); | 86 void ResyncEncryptedData(); |
118 | 87 |
119 // Returns latest auth error. | 88 // Returns latest auth error. |
120 const GoogleServiceAuthError& error() const { | 89 const GoogleServiceAuthError& error() const { |
121 return last_login_failure_.error(); | 90 return last_login_failure_.error(); |
122 } | 91 } |
123 | 92 |
124 // True if last login operation has timed out. | |
125 bool login_timed_out() { | |
126 return last_login_failure_.reason() == LoginFailure::LOGIN_TIMED_OUT; | |
127 } | |
128 | |
129 // True if password change has been detected. | 93 // True if password change has been detected. |
130 bool password_changed() { return password_changed_; } | 94 bool password_changed() { return password_changed_; } |
131 | 95 |
132 // Number of times we've been called with OnPasswordChangeDetected(). | 96 // Number of times we've been called with OnPasswordChangeDetected(). |
133 // If user enters incorrect old password, same LoginPerformer instance will | 97 // If user enters incorrect old password, same LoginPerformer instance will |
134 // be called so callback count makes it possible to distinguish initial | 98 // be called so callback count makes it possible to distinguish initial |
135 // "password changed detected" event from further attempts to enter old | 99 // "password changed detected" event from further attempts to enter old |
136 // password for cryptohome migration (when > 1). | 100 // password for cryptohome migration (when > 1). |
137 int password_changed_callback_count() { | 101 int password_changed_callback_count() { |
138 return password_changed_callback_count_; | 102 return password_changed_callback_count_; |
139 } | 103 } |
140 | 104 |
141 void set_delegate(Delegate* delegate) { delegate_ = delegate; } | 105 void set_delegate(Delegate* delegate) { delegate_ = delegate; } |
142 | 106 |
143 AuthorizationMode auth_mode() const { return auth_mode_; } | 107 AuthorizationMode auth_mode() const { return auth_mode_; } |
144 | 108 |
145 protected: | 109 protected: |
146 // Implements OnlineAttemptHost::Delegate. | 110 // Implements OnlineAttemptHost::Delegate. |
147 virtual void OnChecked(const std::string& username, bool success) OVERRIDE; | 111 virtual void OnChecked(const std::string& username, bool success) OVERRIDE; |
148 | 112 |
149 private: | 113 private: |
150 // content::NotificationObserver implementation: | |
151 virtual void Observe(int type, | |
152 const content::NotificationSource& source, | |
153 const content::NotificationDetails& details) OVERRIDE; | |
154 | |
155 // Requests screen lock and subscribes to screen lock notifications. | |
156 void RequestScreenLock(); | |
157 | |
158 // Requests screen unlock. | |
159 void RequestScreenUnlock(); | |
160 | |
161 // Resolves initial LoginFailure::NETWORK_AUTH_FAILED error i.e. | |
162 // when screen is not locked yet. | |
163 void ResolveInitialNetworkAuthFailure(); | |
164 | |
165 // Resolves LoginFailure when screen is locked. | |
166 void ResolveLockLoginFailure(); | |
167 | |
168 // Resolves LoginFailure::NETWORK_AUTH_FAILED error when screen is locked. | |
169 // Uses ScreenLocker to show error message based on |last_login_failure_|. | |
170 void ResolveLockNetworkAuthFailure(); | |
171 | |
172 // Resolve ScreenLock changed state. | |
173 void ResolveScreenLocked(); | |
174 void ResolveScreenUnlocked(); | |
175 | |
176 // Starts login completion of externally authenticated user. | 114 // Starts login completion of externally authenticated user. |
177 void StartLoginCompletion(); | 115 void StartLoginCompletion(); |
178 | 116 |
179 // Starts authentication. | 117 // Starts authentication. |
180 void StartAuthentication(); | 118 void StartAuthentication(); |
181 | 119 |
182 // Default performer. Will be used by ScreenLocker. | |
183 static LoginPerformer* default_performer_; | |
184 | |
185 // Used for logging in. | 120 // Used for logging in. |
186 scoped_refptr<Authenticator> authenticator_; | 121 scoped_refptr<Authenticator> authenticator_; |
187 | 122 |
188 // Used to make auxiliary online check. | 123 // Used to make auxiliary online check. |
189 OnlineAttemptHost online_attempt_host_; | 124 OnlineAttemptHost online_attempt_host_; |
190 | 125 |
191 // Represents last login failure that was encountered when communicating to | 126 // Represents last login failure that was encountered when communicating to |
192 // sign-in server. LoginFailure.LoginFailureNone() by default. | 127 // sign-in server. LoginFailure.LoginFailureNone() by default. |
193 LoginFailure last_login_failure_; | 128 LoginFailure last_login_failure_; |
194 | 129 |
195 // User credentials for the current login attempt. | 130 // User credentials for the current login attempt. |
196 UserContext user_context_; | 131 UserContext user_context_; |
197 | 132 |
198 // Notifications receiver. | 133 // Notifications receiver. |
199 Delegate* delegate_; | 134 Delegate* delegate_; |
200 | 135 |
201 // True if password change has been detected. | 136 // True if password change has been detected. |
202 // Once correct password is entered homedir migration is executed. | 137 // Once correct password is entered homedir migration is executed. |
203 bool password_changed_; | 138 bool password_changed_; |
204 int password_changed_callback_count_; | 139 int password_changed_callback_count_; |
205 | 140 |
206 // Used for ScreenLock notifications. | |
207 content::NotificationRegistrar registrar_; | |
208 | |
209 // True if LoginPerformer has requested screen lock. Used to distinguish | |
210 // such requests with cases when screen is locked on its own. | |
211 bool screen_lock_requested_; | |
212 | |
213 // True if LoginPerformer instance is waiting for the initial (very first one) | |
214 // online authentication response. Used to distinguish cases when screen | |
215 // is locked during that stage. No need to resolve screen lock action then. | |
216 bool initial_online_auth_pending_; | |
217 | |
218 // Authorization mode type. | 141 // Authorization mode type. |
219 AuthorizationMode auth_mode_; | 142 AuthorizationMode auth_mode_; |
220 | 143 |
221 base::WeakPtrFactory<LoginPerformer> weak_factory_; | 144 base::WeakPtrFactory<LoginPerformer> weak_factory_; |
222 | 145 |
223 DISALLOW_COPY_AND_ASSIGN(LoginPerformer); | 146 DISALLOW_COPY_AND_ASSIGN(LoginPerformer); |
224 }; | 147 }; |
225 | 148 |
226 } // namespace chromeos | 149 } // namespace chromeos |
227 | 150 |
228 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_LOGIN_PERFORMER_H_ | 151 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_LOGIN_PERFORMER_H_ |
OLD | NEW |