| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" | 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "chrome/browser/chrome_notification_types.h" | |
| 12 #include "chrome/browser/chromeos/boot_times_loader.h" | |
| 13 #include "chrome/browser/chromeos/login/auth/authentication_notification_details
.h" | |
| 14 #include "chrome/browser/chromeos/login/users/user_manager.h" | 11 #include "chrome/browser/chromeos/login/users/user_manager.h" |
| 15 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" | 12 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" |
| 16 #include "chrome/browser/chromeos/ownership/owner_settings_service_factory.h" | 13 #include "chrome/browser/chromeos/ownership/owner_settings_service_factory.h" |
| 17 #include "chrome/browser/chromeos/settings/cros_settings.h" | 14 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 18 #include "chrome/common/chrome_switches.h" | 15 #include "chrome/common/chrome_switches.h" |
| 19 #include "chromeos/cryptohome/async_method_caller.h" | 16 #include "chromeos/cryptohome/async_method_caller.h" |
| 20 #include "chromeos/cryptohome/system_salt_getter.h" | 17 #include "chromeos/cryptohome/system_salt_getter.h" |
| 21 #include "chromeos/dbus/cryptohome_client.h" | 18 #include "chromeos/dbus/cryptohome_client.h" |
| 22 #include "chromeos/dbus/dbus_thread_manager.h" | 19 #include "chromeos/dbus/dbus_thread_manager.h" |
| 23 #include "chromeos/login/auth/auth_status_consumer.h" | 20 #include "chromeos/login/auth/auth_status_consumer.h" |
| 24 #include "chromeos/login/auth/key.h" | 21 #include "chromeos/login/auth/key.h" |
| 25 #include "chromeos/login/auth/user_context.h" | 22 #include "chromeos/login/auth/user_context.h" |
| 26 #include "chromeos/login/login_state.h" | 23 #include "chromeos/login/login_state.h" |
| 27 #include "chromeos/login/user_names.h" | 24 #include "chromeos/login/user_names.h" |
| 25 #include "chromeos/login_event_recorder.h" |
| 28 #include "components/user_manager/user_type.h" | 26 #include "components/user_manager/user_type.h" |
| 29 #include "content/public/browser/browser_thread.h" | 27 #include "content/public/browser/browser_thread.h" |
| 30 #include "content/public/browser/notification_service.h" | |
| 31 #include "third_party/cros_system_api/dbus/service_constants.h" | 28 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 32 | 29 |
| 33 using content::BrowserThread; | 30 using content::BrowserThread; |
| 34 | 31 |
| 35 namespace chromeos { | 32 namespace chromeos { |
| 36 | 33 |
| 37 namespace { | 34 namespace { |
| 38 | 35 |
| 39 // Hashes |key| with |system_salt| if it its type is KEY_TYPE_PASSWORD_PLAIN. | 36 // Hashes |key| with |system_salt| if it its type is KEY_TYPE_PASSWORD_PLAIN. |
| 40 // Returns the keys unmodified otherwise. | 37 // Returns the keys unmodified otherwise. |
| (...skipping 29 matching lines...) Expand all Loading... |
| 70 resolver->Resolve(); | 67 resolver->Resolve(); |
| 71 } | 68 } |
| 72 | 69 |
| 73 // Calls TriggerResolve while adding login time marker. | 70 // Calls TriggerResolve while adding login time marker. |
| 74 void TriggerResolveWithLoginTimeMarker( | 71 void TriggerResolveWithLoginTimeMarker( |
| 75 const std::string& marker_name, | 72 const std::string& marker_name, |
| 76 AuthAttemptState* attempt, | 73 AuthAttemptState* attempt, |
| 77 scoped_refptr<ParallelAuthenticator> resolver, | 74 scoped_refptr<ParallelAuthenticator> resolver, |
| 78 bool success, | 75 bool success, |
| 79 cryptohome::MountError return_code) { | 76 cryptohome::MountError return_code) { |
| 80 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker(marker_name, false); | 77 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker(marker_name, false); |
| 81 TriggerResolve(attempt, resolver, success, return_code); | 78 TriggerResolve(attempt, resolver, success, return_code); |
| 82 } | 79 } |
| 83 | 80 |
| 84 // Calls cryptohome's mount method. | 81 // Calls cryptohome's mount method. |
| 85 void Mount(AuthAttemptState* attempt, | 82 void Mount(AuthAttemptState* attempt, |
| 86 scoped_refptr<ParallelAuthenticator> resolver, | 83 scoped_refptr<ParallelAuthenticator> resolver, |
| 87 int flags, | 84 int flags, |
| 88 const std::string& system_salt) { | 85 const std::string& system_salt) { |
| 89 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 86 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 90 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 87 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker( |
| 91 "CryptohomeMount-Start", false); | 88 "CryptohomeMount-Start", false); |
| 92 // Set state that username_hash is requested here so that test implementation | 89 // Set state that username_hash is requested here so that test implementation |
| 93 // that returns directly would not generate 2 OnLoginSucces() calls. | 90 // that returns directly would not generate 2 OnLoginSucces() calls. |
| 94 attempt->UsernameHashRequested(); | 91 attempt->UsernameHashRequested(); |
| 95 | 92 |
| 96 scoped_ptr<Key> key = | 93 scoped_ptr<Key> key = |
| 97 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); | 94 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); |
| 98 cryptohome::AsyncMethodCaller::GetInstance()->AsyncMount( | 95 cryptohome::AsyncMethodCaller::GetInstance()->AsyncMount( |
| 99 attempt->user_context.GetUserID(), | 96 attempt->user_context.GetUserID(), |
| 100 key->GetSecret(), | 97 key->GetSecret(), |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 158 resolver)); | 155 resolver)); |
| 159 } | 156 } |
| 160 | 157 |
| 161 // Calls cryptohome's key migration method. | 158 // Calls cryptohome's key migration method. |
| 162 void Migrate(AuthAttemptState* attempt, | 159 void Migrate(AuthAttemptState* attempt, |
| 163 scoped_refptr<ParallelAuthenticator> resolver, | 160 scoped_refptr<ParallelAuthenticator> resolver, |
| 164 bool passing_old_hash, | 161 bool passing_old_hash, |
| 165 const std::string& old_password, | 162 const std::string& old_password, |
| 166 const std::string& system_salt) { | 163 const std::string& system_salt) { |
| 167 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 164 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 168 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 165 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker( |
| 169 "CryptohomeMigrate-Start", false); | 166 "CryptohomeMigrate-Start", false); |
| 170 cryptohome::AsyncMethodCaller* caller = | 167 cryptohome::AsyncMethodCaller* caller = |
| 171 cryptohome::AsyncMethodCaller::GetInstance(); | 168 cryptohome::AsyncMethodCaller::GetInstance(); |
| 172 | 169 |
| 173 // TODO(bartfab): Retrieve the hashing algorithm and salt to use for |old_key| | 170 // TODO(bartfab): Retrieve the hashing algorithm and salt to use for |old_key| |
| 174 // from cryptohomed. | 171 // from cryptohomed. |
| 175 scoped_ptr<Key> old_key = | 172 scoped_ptr<Key> old_key = |
| 176 TransformKeyIfNeeded(Key(old_password), system_salt); | 173 TransformKeyIfNeeded(Key(old_password), system_salt); |
| 177 scoped_ptr<Key> new_key = | 174 scoped_ptr<Key> new_key = |
| 178 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); | 175 TransformKeyIfNeeded(*attempt->user_context.GetKey(), system_salt); |
| (...skipping 13 matching lines...) Expand all Loading... |
| 192 "CryptohomeMount-End", | 189 "CryptohomeMount-End", |
| 193 attempt, | 190 attempt, |
| 194 resolver)); | 191 resolver)); |
| 195 } | 192 } |
| 196 } | 193 } |
| 197 | 194 |
| 198 // Calls cryptohome's remove method. | 195 // Calls cryptohome's remove method. |
| 199 void Remove(AuthAttemptState* attempt, | 196 void Remove(AuthAttemptState* attempt, |
| 200 scoped_refptr<ParallelAuthenticator> resolver) { | 197 scoped_refptr<ParallelAuthenticator> resolver) { |
| 201 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 198 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 202 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 199 chromeos::LoginEventRecorder::Get()->AddLoginTimeMarker( |
| 203 "CryptohomeRemove-Start", false); | 200 "CryptohomeRemove-Start", false); |
| 204 cryptohome::AsyncMethodCaller::GetInstance()->AsyncRemove( | 201 cryptohome::AsyncMethodCaller::GetInstance()->AsyncRemove( |
| 205 attempt->user_context.GetUserID(), | 202 attempt->user_context.GetUserID(), |
| 206 base::Bind(&TriggerResolveWithLoginTimeMarker, | 203 base::Bind(&TriggerResolveWithLoginTimeMarker, |
| 207 "CryptohomeRemove-End", | 204 "CryptohomeRemove-End", |
| 208 attempt, | 205 attempt, |
| 209 resolver)); | 206 resolver)); |
| 210 } | 207 } |
| 211 | 208 |
| 212 // Calls cryptohome's key check method. | 209 // Calls cryptohome's key check method. |
| (...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 386 } else { | 383 } else { |
| 387 ephemeral_mount_attempted_ = true; | 384 ephemeral_mount_attempted_ = true; |
| 388 MountGuestAndGetHash(current_state_.get(), | 385 MountGuestAndGetHash(current_state_.get(), |
| 389 scoped_refptr<ParallelAuthenticator>(this)); | 386 scoped_refptr<ParallelAuthenticator>(this)); |
| 390 } | 387 } |
| 391 } | 388 } |
| 392 | 389 |
| 393 void ParallelAuthenticator::OnRetailModeAuthSuccess() { | 390 void ParallelAuthenticator::OnRetailModeAuthSuccess() { |
| 394 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 391 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 395 VLOG(1) << "Retail mode login success"; | 392 VLOG(1) << "Retail mode login success"; |
| 396 // Send notification of success | 393 chromeos::LoginEventRecorder::Get()->RecordAuthenticationSuccess(); |
| 397 AuthenticationNotificationDetails details(true); | |
| 398 content::NotificationService::current()->Notify( | |
| 399 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
| 400 content::NotificationService::AllSources(), | |
| 401 content::Details<AuthenticationNotificationDetails>(&details)); | |
| 402 if (consumer_) | 394 if (consumer_) |
| 403 consumer_->OnRetailModeAuthSuccess(current_state_->user_context); | 395 consumer_->OnRetailModeAuthSuccess(current_state_->user_context); |
| 404 } | 396 } |
| 405 | 397 |
| 406 void ParallelAuthenticator::OnAuthSuccess() { | 398 void ParallelAuthenticator::OnAuthSuccess() { |
| 407 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 399 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 408 VLOG(1) << "Login success"; | 400 VLOG(1) << "Login success"; |
| 409 // Send notification of success | 401 // Send notification of success |
| 410 AuthenticationNotificationDetails details(true); | 402 chromeos::LoginEventRecorder::Get()->RecordAuthenticationSuccess(); |
| 411 content::NotificationService::current()->Notify( | |
| 412 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
| 413 content::NotificationService::AllSources(), | |
| 414 content::Details<AuthenticationNotificationDetails>(&details)); | |
| 415 { | 403 { |
| 416 base::AutoLock for_this_block(success_lock_); | 404 base::AutoLock for_this_block(success_lock_); |
| 417 already_reported_success_ = true; | 405 already_reported_success_ = true; |
| 418 } | 406 } |
| 419 if (consumer_) | 407 if (consumer_) |
| 420 consumer_->OnAuthSuccess(current_state_->user_context); | 408 consumer_->OnAuthSuccess(current_state_->user_context); |
| 421 } | 409 } |
| 422 | 410 |
| 423 void ParallelAuthenticator::OnOffTheRecordAuthSuccess() { | 411 void ParallelAuthenticator::OnOffTheRecordAuthSuccess() { |
| 424 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 412 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 425 // Send notification of success | 413 chromeos::LoginEventRecorder::Get()->RecordAuthenticationSuccess(); |
| 426 AuthenticationNotificationDetails details(true); | |
| 427 content::NotificationService::current()->Notify( | |
| 428 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
| 429 content::NotificationService::AllSources(), | |
| 430 content::Details<AuthenticationNotificationDetails>(&details)); | |
| 431 if (consumer_) | 414 if (consumer_) |
| 432 consumer_->OnOffTheRecordAuthSuccess(); | 415 consumer_->OnOffTheRecordAuthSuccess(); |
| 433 } | 416 } |
| 434 | 417 |
| 435 void ParallelAuthenticator::OnPasswordChangeDetected() { | 418 void ParallelAuthenticator::OnPasswordChangeDetected() { |
| 436 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 419 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 437 if (consumer_) | 420 if (consumer_) |
| 438 consumer_->OnPasswordChangeDetected(); | 421 consumer_->OnPasswordChangeDetected(); |
| 439 } | 422 } |
| 440 | 423 |
| 441 void ParallelAuthenticator::OnAuthFailure(const AuthFailure& error) { | 424 void ParallelAuthenticator::OnAuthFailure(const AuthFailure& error) { |
| 442 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 425 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 443 | 426 |
| 444 // OnAuthFailure will be called again with the same |error| | 427 // OnAuthFailure will be called again with the same |error| |
| 445 // after the cryptohome has been removed. | 428 // after the cryptohome has been removed. |
| 446 if (remove_user_data_on_failure_) { | 429 if (remove_user_data_on_failure_) { |
| 447 delayed_login_failure_ = &error; | 430 delayed_login_failure_ = &error; |
| 448 RemoveEncryptedData(); | 431 RemoveEncryptedData(); |
| 449 return; | 432 return; |
| 450 } | 433 } |
| 451 | 434 chromeos::LoginEventRecorder::Get()->RecordAuthenticationFailure(); |
| 452 // Send notification of failure | |
| 453 AuthenticationNotificationDetails details(false); | |
| 454 content::NotificationService::current()->Notify( | |
| 455 chrome::NOTIFICATION_LOGIN_AUTHENTICATION, | |
| 456 content::NotificationService::AllSources(), | |
| 457 content::Details<AuthenticationNotificationDetails>(&details)); | |
| 458 LOG(WARNING) << "Login failed: " << error.GetErrorString(); | 435 LOG(WARNING) << "Login failed: " << error.GetErrorString(); |
| 459 if (consumer_) | 436 if (consumer_) |
| 460 consumer_->OnAuthFailure(error); | 437 consumer_->OnAuthFailure(error); |
| 461 } | 438 } |
| 462 | 439 |
| 463 void ParallelAuthenticator::RecoverEncryptedData( | 440 void ParallelAuthenticator::RecoverEncryptedData( |
| 464 const std::string& old_password) { | 441 const std::string& old_password) { |
| 465 migrate_attempted_ = true; | 442 migrate_attempted_ = true; |
| 466 current_state_->ResetCryptohomeStatus(); | 443 current_state_->ResetCryptohomeStatus(); |
| 467 SystemSaltGetter::Get()->GetSystemSalt( | 444 SystemSaltGetter::Get()->GetSystemSalt( |
| (...skipping 363 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 831 Resolve(); | 808 Resolve(); |
| 832 } | 809 } |
| 833 | 810 |
| 834 void ParallelAuthenticator::SetOwnerState(bool owner_check_finished, | 811 void ParallelAuthenticator::SetOwnerState(bool owner_check_finished, |
| 835 bool check_result) { | 812 bool check_result) { |
| 836 owner_is_verified_ = owner_check_finished; | 813 owner_is_verified_ = owner_check_finished; |
| 837 user_can_login_ = check_result; | 814 user_can_login_ = check_result; |
| 838 } | 815 } |
| 839 | 816 |
| 840 } // namespace chromeos | 817 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 409113002:
Refactoring: get rid of notificataions in ParallelAuthenticator (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src