chrome/browser/signin/signin_manager.h - platform/external/chromium_org - Git at Google

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // The signin manager encapsulates some functionality tracking
 // which user is signed in. See SigninManagerBase for full description of
 // responsibilities. The class defined in this file provides functionality
 // required by all platforms except Chrome OS.
 //
 // When a user is signed in, a ClientLogin request is run on their behalf.
 // Auth tokens are fetched from Google and the results are stored in the
 // TokenService.
 // TODO(tim): Bug 92948, 226464. ClientLogin is all but gone from use.

 #ifndef CHROME_BROWSER_SIGNIN_SIGNIN_MANAGER_H_
 #define CHROME_BROWSER_SIGNIN_SIGNIN_MANAGER_H_

 #if defined(OS_CHROMEOS)
 // On Chrome OS, SigninManagerBase is all that exists.
 #include "chrome/browser/signin/signin_manager_base.h"

 #else

 #include <string>

 #include "base/compiler_specific.h"
 #include "base/gtest_prod_util.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/observer_list.h"
 #include "base/prefs/pref_change_registrar.h"
 #include "base/prefs/pref_member.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/signin/signin_internals_util.h"
 #include "chrome/browser/signin/signin_manager_base.h"
 #include "components/browser_context_keyed_service/browser_context_keyed_service.h"
 #include "content/public/browser/notification_observer.h"
 #include "content/public/browser/notification_registrar.h"
 #include "google_apis/gaia/gaia_auth_consumer.h"
 #include "google_apis/gaia/google_service_auth_error.h"
 #include "net/cookies/canonical_cookie.h"

 class CookieSettings;
 class GaiaAuthFetcher;
 class ProfileIOData;
 class PrefService;
 class SigninGlobalError;
 class SigninManagerDelegate;

 class SigninManager : public SigninManagerBase,
                       public GaiaAuthConsumer,
                       public content::NotificationObserver {
  public:
   // The callback invoked once the OAuth token has been fetched during signin,
   // but before the profile transitions to the "signed-in" state. This allows
   // callers to load policy and prompt the user appropriately before completing
   // signin. The callback is passed the just-fetched OAuth login refresh token.
   typedef base::Callback<void(const std::string&)> OAuthTokenFetchedCallback;

   // Returns true if |url| is a web signin URL and should be hosted in an
   // isolated, privileged signin process.
   static bool IsWebBasedSigninFlowURL(const GURL& url);

   // This is used to distinguish URLs belonging to the special web signin flow
   // running in the special signin process from other URLs on the same domain.
   // We do not grant WebUI privilieges / bindings to this process or to URLs of
   // this scheme; enforcement of privileges is handled separately by
   // OneClickSigninHelper.
   static const char* kChromeSigninEffectiveSite;

   explicit SigninManager(scoped_ptr<SigninManagerDelegate> delegate);
   virtual ~SigninManager();

   // Returns true if the username is allowed based on the policy string.
   static bool IsUsernameAllowedByPolicy(const std::string& username,
                                         const std::string& policy);

   // Attempt to sign in this user with existing credentials from the cookie jar.
   // |session_index| indicates which user account to use if the cookie jar
   // contains a multi-login session. Otherwise the end result of this call is
   // the same as StartSignIn().
   // If non-null, the passed |signin_complete| callback is invoked once signin
   // has been completed and the oauth login token has been generated - the
   // callback will not be invoked if no token is generated (either because of
   // a failed signin or because web-based signin is not enabled).
   // The callback should invoke SignOut() or CompletePendingSignin() to either
   // continue or cancel the in-process signin.
   virtual void StartSignInWithCredentials(
       const std::string& session_index,
       const std::string& username,
       const std::string& password,
       const OAuthTokenFetchedCallback& oauth_fetched_callback);

   // Attempt to sign in this user with the given oauth code. The cookie jar
   // may not be set up properly for the same user, thus will call the
   // mergeSession endpoint to populate the cookie jar.
   virtual void StartSignInWithOAuthCode(
       const std::string& username,
       const std::string& password,
       const std::string& oauth_code,
       const OAuthTokenFetchedCallback& callback);

   // Copies auth credentials from one SigninManager to this one. This is used
   // when creating a new profile during the signin process to transfer the
   // in-progress credentials to the new profile.
   virtual void CopyCredentialsFrom(const SigninManager& source);

   // Sign a user out, removing the preference, erasing all keys
   // associated with the user, and canceling all auth in progress.
   virtual void SignOut();

   // On platforms where SigninManager is responsible for dealing with
   // invalid username policy updates, we need to check this during
   // initialization and sign the user out.
   virtual void Initialize(Profile* profile, PrefService* local_state) OVERRIDE;
   virtual void Shutdown() OVERRIDE;

   // Invoked from an OAuthTokenFetchedCallback to complete user signin.
   virtual void CompletePendingSignin();

   // Invoked from SigninManagerAndroid to indicate that the sign-in process
   // has completed for |username|.
   void OnExternalSigninCompleted(const std::string& username);

   // Returns true if there's a signin in progress.
   virtual bool AuthInProgress() const OVERRIDE;

   virtual bool IsSigninAllowed() const OVERRIDE;

   // Returns true if the passed username is allowed by policy. Virtual for
   // mocking in tests.
   virtual bool IsAllowedUsername(const std::string& username) const;

   // If an authentication is in progress, return the username being
   // authenticated. Returns an empty string if no auth is in progress.
   const std::string& GetUsernameForAuthInProgress() const;

   // Handles errors if a required user info key is not returned from the
   // GetUserInfo call.
   void OnGetUserInfoKeyNotFound(const std::string& key);

   // Set the profile preference to turn off one-click sign-in so that it won't
   // ever show it again in this profile (even if the user tries a new account).
   static void DisableOneClickSignIn(Profile* profile);

   // GaiaAuthConsumer
   virtual void OnClientLoginSuccess(const ClientLoginResult& result) OVERRIDE;
   virtual void OnClientLoginFailure(
       const GoogleServiceAuthError& error) OVERRIDE;
   virtual void OnClientOAuthSuccess(const ClientOAuthResult& result) OVERRIDE;
   virtual void OnClientOAuthFailure(
       const GoogleServiceAuthError& error) OVERRIDE;
   virtual void OnOAuth2RevokeTokenCompleted() OVERRIDE;
   virtual void OnGetUserInfoSuccess(const UserInfoMap& data) OVERRIDE;
   virtual void OnGetUserInfoFailure(
       const GoogleServiceAuthError& error) OVERRIDE;
   virtual void OnUberAuthTokenSuccess(const std::string& token) OVERRIDE;
   virtual void OnUberAuthTokenFailure(
       const GoogleServiceAuthError& error) OVERRIDE;
   virtual void OnMergeSessionSuccess(const std::string& data) OVERRIDE;
   virtual void OnMergeSessionFailure(
       const GoogleServiceAuthError& error) OVERRIDE;

   // content::NotificationObserver
   virtual void Observe(int type,
                        const content::NotificationSource& source,
                        const content::NotificationDetails& details) OVERRIDE;


   // Tells the SigninManager whether to prohibit signout for this profile.
   // If |prohibit_signout| is true, then signout will be prohibited.
   void ProhibitSignout(bool prohibit_signout);

   // If true, signout is prohibited for this profile (calls to SignOut() are
   // ignored).
   bool IsSignoutProhibited() const;

   // Checks if signin is allowed for the profile that owns |io_data|. This must
   // be invoked on the IO thread, and can be used to check if signin is enabled
   // on that thread.
   static bool IsSigninAllowedOnIOThread(ProfileIOData* io_data);

   // Allows the SigninManager to track the privileged signin process
   // identified by |process_id| so that we can later ask (via IsSigninProcess)
   // if it is safe to sign the user in from the current context (see
   // OneClickSigninHelper).  All of this tracking state is reset once the
   // renderer process terminates.
   void SetSigninProcess(int process_id);
   void ClearSigninProcess();
   bool IsSigninProcess(int process_id) const;
   bool HasSigninProcess() const;

  protected:
   // If user was signed in, load tokens from DB if available.
   virtual void InitTokenService() OVERRIDE;

   // Flag saying whether signing out is allowed.
   bool prohibit_signout_;

  private:
   enum SigninType {
     SIGNIN_TYPE_NONE,
     SIGNIN_TYPE_WITH_CREDENTIALS,
     SIGNIN_TYPE_WITH_OAUTH_CODE
   };

   std::string SigninTypeToString(SigninType type);
   friend class FakeSigninManager;
   FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ClearTransientSigninData);
   FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ProvideSecondFactorSuccess);
   FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ProvideSecondFactorFailure);

   // Called to setup the transient signin data during one of the
   // StartSigninXXX methods.  |type| indicates which of the methods is being
   // used to perform the signin while |username| and |password| identify the
   // account to be signed in. Returns false and generates an auth error if the
   // passed |username| is not allowed by policy.
   bool PrepareForSignin(SigninType type,
                         const std::string& username,
                         const std::string& password);

   // Called to verify GAIA cookies asynchronously before starting auto sign-in
   // without password.
   void VerifyGaiaCookiesBeforeSignIn(const std::string& session_index);

   // Called when GAIA cookies are fetched. If LSID cookie is valid, then start
   // auto sign-in by exchanging cookies for an oauth code.
   void OnGaiaCookiesFetched(
       const std::string session_index, const net::CookieList& cookie_list);

   // Persists |username| as the currently signed-in account, and triggers
   // a sign-in success notification.
   void OnSignedIn(const std::string& username);

   // Called when a new request to re-authenticate a user is in progress.
   // Will clear in memory data but leaves the db as such so when the browser
   // restarts we can use the old token(which might throw a password error).
   void ClearTransientSigninData();

   // Called to handle an error from a GAIA auth fetch.  Sets the last error
   // to |error|, sends out a notification of login failure, and clears the
   // transient signin data if |clear_transient_data| is true.
   void HandleAuthError(const GoogleServiceAuthError& error,
                        bool clear_transient_data);

   // Called to tell GAIA that we will no longer be using the current refresh
   // token.
   void RevokeOAuthLoginToken();

   void OnSigninAllowedPrefChanged();
   void OnGoogleServicesUsernamePatternChanged();

   // ClientLogin identity.
   std::string possibly_invalid_username_;
   std::string password_;  // This is kept empty whenever possible.
   bool had_two_factor_error_;

   // Result of the last client login, kept pending the lookup of the
   // canonical email.
   ClientLoginResult last_result_;

   // Actual client login handler.
   scoped_ptr<GaiaAuthFetcher> client_login_;

   // Registrar for notifications from the TokenService.
   content::NotificationRegistrar registrar_;

   // OAuth revocation fetcher for sign outs.
   scoped_ptr<GaiaAuthFetcher> revoke_token_fetcher_;

   // The type of sign being performed.  This value is valid only between a call
   // to one of the StartSigninXXX methods and when the sign in is either
   // successful or not.
   SigninType type_;

   // Temporarily saves the oauth2 refresh and access tokens when signing in
   // with credentials.  These will be passed to TokenService so that it does
   // not need to mint new ones.
   ClientOAuthResult temp_oauth_login_tokens_;

   base::WeakPtrFactory<SigninManager> weak_pointer_factory_;

   // See SetSigninProcess.  Tracks the currently active signin process
   // by ID, if there is one.
   int signin_process_id_;

   // Callback invoked during signin after an OAuth token has been fetched
   // but before signin is complete.
   OAuthTokenFetchedCallback oauth_token_fetched_callback_;

   scoped_ptr<SigninManagerDelegate> delegate_;

   // Helper object to listen for changes to signin preferences stored in non-
   // profile-specific local prefs (like kGoogleServicesUsernamePattern).
   PrefChangeRegistrar local_state_pref_registrar_;

   // Helper object to listen for changes to the signin allowed preference.
   BooleanPrefMember signin_allowed_;

   DISALLOW_COPY_AND_ASSIGN(SigninManager);
 };

 #endif  // !defined(OS_CHROMEOS)

 #endif  // CHROME_BROWSER_SIGNIN_SIGNIN_MANAGER_H_
	// Copyright (c) 2012 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.
	//
	// The signin manager encapsulates some functionality tracking
	// which user is signed in. See SigninManagerBase for full description of
	// responsibilities. The class defined in this file provides functionality
	// required by all platforms except Chrome OS.
	//
	// When a user is signed in, a ClientLogin request is run on their behalf.
	// Auth tokens are fetched from Google and the results are stored in the
	// TokenService.
	// TODO(tim): Bug 92948, 226464. ClientLogin is all but gone from use.

	#ifndef CHROME_BROWSER_SIGNIN_SIGNIN_MANAGER_H_
	#define CHROME_BROWSER_SIGNIN_SIGNIN_MANAGER_H_

	#if defined(OS_CHROMEOS)
	// On Chrome OS, SigninManagerBase is all that exists.
	#include "chrome/browser/signin/signin_manager_base.h"

	#else

	#include <string>

	#include "base/compiler_specific.h"
	#include "base/gtest_prod_util.h"
	#include "base/logging.h"
	#include "base/memory/scoped_ptr.h"
	#include "base/observer_list.h"
	#include "base/prefs/pref_change_registrar.h"
	#include "base/prefs/pref_member.h"
	#include "chrome/browser/profiles/profile.h"
	#include "chrome/browser/signin/signin_internals_util.h"
	#include "chrome/browser/signin/signin_manager_base.h"
	#include "components/browser_context_keyed_service/browser_context_keyed_service.h"
	#include "content/public/browser/notification_observer.h"
	#include "content/public/browser/notification_registrar.h"
	#include "google_apis/gaia/gaia_auth_consumer.h"
	#include "google_apis/gaia/google_service_auth_error.h"
	#include "net/cookies/canonical_cookie.h"

	class CookieSettings;
	class GaiaAuthFetcher;
	class ProfileIOData;
	class PrefService;
	class SigninGlobalError;
	class SigninManagerDelegate;

	class SigninManager : public SigninManagerBase,
	public GaiaAuthConsumer,
	public content::NotificationObserver {
	public:
	// The callback invoked once the OAuth token has been fetched during signin,
	// but before the profile transitions to the "signed-in" state. This allows
	// callers to load policy and prompt the user appropriately before completing
	// signin. The callback is passed the just-fetched OAuth login refresh token.
	typedef base::Callback<void(const std::string&)> OAuthTokenFetchedCallback;

	// Returns true if \|url\| is a web signin URL and should be hosted in an
	// isolated, privileged signin process.
	static bool IsWebBasedSigninFlowURL(const GURL& url);

	// This is used to distinguish URLs belonging to the special web signin flow
	// running in the special signin process from other URLs on the same domain.
	// We do not grant WebUI privilieges / bindings to this process or to URLs of
	// this scheme; enforcement of privileges is handled separately by
	// OneClickSigninHelper.
	static const char* kChromeSigninEffectiveSite;

	explicit SigninManager(scoped_ptr<SigninManagerDelegate> delegate);
	virtual ~SigninManager();

	// Returns true if the username is allowed based on the policy string.
	static bool IsUsernameAllowedByPolicy(const std::string& username,
	const std::string& policy);

	// Attempt to sign in this user with existing credentials from the cookie jar.
	// \|session_index\| indicates which user account to use if the cookie jar
	// contains a multi-login session. Otherwise the end result of this call is
	// the same as StartSignIn().
	// If non-null, the passed \|signin_complete\| callback is invoked once signin
	// has been completed and the oauth login token has been generated - the
	// callback will not be invoked if no token is generated (either because of
	// a failed signin or because web-based signin is not enabled).
	// The callback should invoke SignOut() or CompletePendingSignin() to either
	// continue or cancel the in-process signin.
	virtual void StartSignInWithCredentials(
	const std::string& session_index,
	const std::string& username,
	const std::string& password,
	const OAuthTokenFetchedCallback& oauth_fetched_callback);

	// Attempt to sign in this user with the given oauth code. The cookie jar
	// may not be set up properly for the same user, thus will call the
	// mergeSession endpoint to populate the cookie jar.
	virtual void StartSignInWithOAuthCode(
	const std::string& username,
	const std::string& password,
	const std::string& oauth_code,
	const OAuthTokenFetchedCallback& callback);

	// Copies auth credentials from one SigninManager to this one. This is used
	// when creating a new profile during the signin process to transfer the
	// in-progress credentials to the new profile.
	virtual void CopyCredentialsFrom(const SigninManager& source);

	// Sign a user out, removing the preference, erasing all keys
	// associated with the user, and canceling all auth in progress.
	virtual void SignOut();

	// On platforms where SigninManager is responsible for dealing with
	// invalid username policy updates, we need to check this during
	// initialization and sign the user out.
	virtual void Initialize(Profile* profile, PrefService* local_state) OVERRIDE;
	virtual void Shutdown() OVERRIDE;

	// Invoked from an OAuthTokenFetchedCallback to complete user signin.
	virtual void CompletePendingSignin();

	// Invoked from SigninManagerAndroid to indicate that the sign-in process
	// has completed for \|username\|.
	void OnExternalSigninCompleted(const std::string& username);

	// Returns true if there's a signin in progress.
	virtual bool AuthInProgress() const OVERRIDE;

	virtual bool IsSigninAllowed() const OVERRIDE;

	// Returns true if the passed username is allowed by policy. Virtual for
	// mocking in tests.
	virtual bool IsAllowedUsername(const std::string& username) const;

	// If an authentication is in progress, return the username being
	// authenticated. Returns an empty string if no auth is in progress.
	const std::string& GetUsernameForAuthInProgress() const;

	// Handles errors if a required user info key is not returned from the
	// GetUserInfo call.
	void OnGetUserInfoKeyNotFound(const std::string& key);

	// Set the profile preference to turn off one-click sign-in so that it won't
	// ever show it again in this profile (even if the user tries a new account).
	static void DisableOneClickSignIn(Profile* profile);

	// GaiaAuthConsumer
	virtual void OnClientLoginSuccess(const ClientLoginResult& result) OVERRIDE;
	virtual void OnClientLoginFailure(
	const GoogleServiceAuthError& error) OVERRIDE;
	virtual void OnClientOAuthSuccess(const ClientOAuthResult& result) OVERRIDE;
	virtual void OnClientOAuthFailure(
	const GoogleServiceAuthError& error) OVERRIDE;
	virtual void OnOAuth2RevokeTokenCompleted() OVERRIDE;
	virtual void OnGetUserInfoSuccess(const UserInfoMap& data) OVERRIDE;
	virtual void OnGetUserInfoFailure(
	const GoogleServiceAuthError& error) OVERRIDE;
	virtual void OnUberAuthTokenSuccess(const std::string& token) OVERRIDE;
	virtual void OnUberAuthTokenFailure(
	const GoogleServiceAuthError& error) OVERRIDE;
	virtual void OnMergeSessionSuccess(const std::string& data) OVERRIDE;
	virtual void OnMergeSessionFailure(
	const GoogleServiceAuthError& error) OVERRIDE;

	// content::NotificationObserver
	virtual void Observe(int type,
	const content::NotificationSource& source,
	const content::NotificationDetails& details) OVERRIDE;


	// Tells the SigninManager whether to prohibit signout for this profile.
	// If \|prohibit_signout\| is true, then signout will be prohibited.
	void ProhibitSignout(bool prohibit_signout);

	// If true, signout is prohibited for this profile (calls to SignOut() are
	// ignored).
	bool IsSignoutProhibited() const;

	// Checks if signin is allowed for the profile that owns \|io_data\|. This must
	// be invoked on the IO thread, and can be used to check if signin is enabled
	// on that thread.
	static bool IsSigninAllowedOnIOThread(ProfileIOData* io_data);

	// Allows the SigninManager to track the privileged signin process
	// identified by \|process_id\| so that we can later ask (via IsSigninProcess)
	// if it is safe to sign the user in from the current context (see
	// OneClickSigninHelper). All of this tracking state is reset once the
	// renderer process terminates.
	void SetSigninProcess(int process_id);
	void ClearSigninProcess();
	bool IsSigninProcess(int process_id) const;
	bool HasSigninProcess() const;

	protected:
	// If user was signed in, load tokens from DB if available.
	virtual void InitTokenService() OVERRIDE;

	// Flag saying whether signing out is allowed.
	bool prohibit_signout_;

	private:
	enum SigninType {
	SIGNIN_TYPE_NONE,
	SIGNIN_TYPE_WITH_CREDENTIALS,
	SIGNIN_TYPE_WITH_OAUTH_CODE
	};

	std::string SigninTypeToString(SigninType type);
	friend class FakeSigninManager;
	FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ClearTransientSigninData);
	FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ProvideSecondFactorSuccess);
	FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ProvideSecondFactorFailure);

	// Called to setup the transient signin data during one of the
	// StartSigninXXX methods. \|type\| indicates which of the methods is being
	// used to perform the signin while \|username\| and \|password\| identify the
	// account to be signed in. Returns false and generates an auth error if the
	// passed \|username\| is not allowed by policy.
	bool PrepareForSignin(SigninType type,
	const std::string& username,
	const std::string& password);

	// Called to verify GAIA cookies asynchronously before starting auto sign-in
	// without password.
	void VerifyGaiaCookiesBeforeSignIn(const std::string& session_index);

	// Called when GAIA cookies are fetched. If LSID cookie is valid, then start
	// auto sign-in by exchanging cookies for an oauth code.
	void OnGaiaCookiesFetched(
	const std::string session_index, const net::CookieList& cookie_list);

	// Persists \|username\| as the currently signed-in account, and triggers
	// a sign-in success notification.
	void OnSignedIn(const std::string& username);

	// Called when a new request to re-authenticate a user is in progress.
	// Will clear in memory data but leaves the db as such so when the browser
	// restarts we can use the old token(which might throw a password error).
	void ClearTransientSigninData();

	// Called to handle an error from a GAIA auth fetch. Sets the last error
	// to \|error\|, sends out a notification of login failure, and clears the
	// transient signin data if \|clear_transient_data\| is true.
	void HandleAuthError(const GoogleServiceAuthError& error,
	bool clear_transient_data);

	// Called to tell GAIA that we will no longer be using the current refresh
	// token.
	void RevokeOAuthLoginToken();

	void OnSigninAllowedPrefChanged();
	void OnGoogleServicesUsernamePatternChanged();

	// ClientLogin identity.
	std::string possibly_invalid_username_;
	std::string password_; // This is kept empty whenever possible.
	bool had_two_factor_error_;

	// Result of the last client login, kept pending the lookup of the
	// canonical email.
	ClientLoginResult last_result_;

	// Actual client login handler.
	scoped_ptr<GaiaAuthFetcher> client_login_;

	// Registrar for notifications from the TokenService.
	content::NotificationRegistrar registrar_;

	// OAuth revocation fetcher for sign outs.
	scoped_ptr<GaiaAuthFetcher> revoke_token_fetcher_;

	// The type of sign being performed. This value is valid only between a call
	// to one of the StartSigninXXX methods and when the sign in is either
	// successful or not.
	SigninType type_;

	// Temporarily saves the oauth2 refresh and access tokens when signing in
	// with credentials. These will be passed to TokenService so that it does
	// not need to mint new ones.
	ClientOAuthResult temp_oauth_login_tokens_;

	base::WeakPtrFactory<SigninManager> weak_pointer_factory_;

	// See SetSigninProcess. Tracks the currently active signin process
	// by ID, if there is one.
	int signin_process_id_;

	// Callback invoked during signin after an OAuth token has been fetched
	// but before signin is complete.
	OAuthTokenFetchedCallback oauth_token_fetched_callback_;

	scoped_ptr<SigninManagerDelegate> delegate_;

	// Helper object to listen for changes to signin preferences stored in non-
	// profile-specific local prefs (like kGoogleServicesUsernamePattern).
	PrefChangeRegistrar local_state_pref_registrar_;

	// Helper object to listen for changes to the signin allowed preference.
	BooleanPrefMember signin_allowed_;

	DISALLOW_COPY_AND_ASSIGN(SigninManager);
	};

	#endif // !defined(OS_CHROMEOS)

	#endif // CHROME_BROWSER_SIGNIN_SIGNIN_MANAGER_H_