xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 1 | // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 5 | #include "ash/login/login_screen_controller.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 6 | |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 7 | #include "ash/login/lock_screen_apps_focus_observer.h" |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 8 | #include "ash/login/ui/lock_screen.h" |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 9 | #include "ash/login/ui/login_data_dispatcher.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 10 | #include "ash/public/cpp/ash_pref_names.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 11 | #include "ash/root_window_controller.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 12 | #include "ash/session/session_controller.h" |
| 13 | #include "ash/shell.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 14 | #include "ash/system/status_area_widget.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 15 | #include "base/strings/string_number_conversions.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 16 | #include "base/strings/utf_string_conversions.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 17 | #include "chromeos/cryptohome/system_salt_getter.h" |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 18 | #include "chromeos/login/auth/authpolicy_login_helper.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 19 | #include "chromeos/login/auth/user_context.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 20 | #include "components/password_manager/core/browser/hash_password_manager.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 21 | #include "components/prefs/pref_registry_simple.h" |
| 22 | #include "components/prefs/pref_service.h" |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 23 | #include "components/session_manager/session_manager_types.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 24 | |
| 25 | namespace ash { |
| 26 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 27 | namespace { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 28 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 29 | std::string CalculateHash(const std::string& password, |
| 30 | const std::string& salt, |
| 31 | chromeos::Key::KeyType key_type) { |
| 32 | chromeos::Key key(password); |
| 33 | key.Transform(key_type, salt); |
| 34 | return key.GetSecret(); |
| 35 | } |
| 36 | |
Aga Wronska | a844cdcd1 | 2018-01-29 16:06:44 | [diff] [blame] | 37 | enum class SystemTrayVisibility { |
| 38 | kNone, // Tray not visible anywhere. |
| 39 | kPrimary, // Tray visible only on primary display. |
| 40 | kAll, // Tray visible on all displays. |
| 41 | }; |
| 42 | |
| 43 | void SetSystemTrayVisibility(SystemTrayVisibility visibility) { |
| 44 | RootWindowController* primary_window_controller = |
| 45 | Shell::GetPrimaryRootWindowController(); |
| 46 | for (RootWindowController* window_controller : |
| 47 | Shell::GetAllRootWindowControllers()) { |
| 48 | StatusAreaWidget* status_area = window_controller->GetStatusAreaWidget(); |
| 49 | if (!status_area) |
| 50 | continue; |
| 51 | if (window_controller == primary_window_controller) { |
| 52 | status_area->SetSystemTrayVisibility( |
| 53 | visibility == SystemTrayVisibility::kPrimary || |
| 54 | visibility == SystemTrayVisibility::kAll); |
| 55 | } else { |
| 56 | status_area->SetSystemTrayVisibility(visibility == |
| 57 | SystemTrayVisibility::kAll); |
| 58 | } |
| 59 | } |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 60 | } |
| 61 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 62 | } // namespace |
| 63 | |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 64 | LoginScreenController::LoginScreenController() : weak_factory_(this) {} |
James Cook | 8f1e606 | 2017-11-13 23:40:59 | [diff] [blame] | 65 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 66 | LoginScreenController::~LoginScreenController() = default; |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 67 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 68 | // static |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 69 | void LoginScreenController::RegisterProfilePrefs(PrefRegistrySimple* registry, |
| 70 | bool for_test) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 71 | if (for_test) { |
| 72 | // There is no remote pref service, so pretend that ash owns the pref. |
| 73 | registry->RegisterStringPref(prefs::kQuickUnlockPinSalt, ""); |
| 74 | return; |
| 75 | } |
| 76 | |
| 77 | // Pref is owned by chrome and flagged as PUBLIC. |
| 78 | registry->RegisterForeignPref(prefs::kQuickUnlockPinSalt); |
| 79 | } |
| 80 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 81 | void LoginScreenController::BindRequest(mojom::LoginScreenRequest request) { |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 82 | bindings_.AddBinding(this, std::move(request)); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 83 | } |
| 84 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 85 | void LoginScreenController::SetClient(mojom::LoginScreenClientPtr client) { |
| 86 | login_screen_client_ = std::move(client); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 87 | } |
| 88 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 89 | void LoginScreenController::ShowLockScreen(ShowLockScreenCallback on_shown) { |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 90 | OnShow(); |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 91 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLock); |
| 92 | std::move(on_shown).Run(true); |
| 93 | } |
| 94 | |
| 95 | void LoginScreenController::ShowLoginScreen(ShowLoginScreenCallback on_shown) { |
| 96 | // Login screen can only be used during login. |
| 97 | if (Shell::Get()->session_controller()->GetSessionState() != |
| 98 | session_manager::SessionState::LOGIN_PRIMARY) { |
Jacob Dufault | 76d2b41 | 2018-03-21 20:38:12 | [diff] [blame] | 99 | LOG(ERROR) << "Not showing login screen since session state is " |
| 100 | << static_cast<int>( |
| 101 | Shell::Get()->session_controller()->GetSessionState()); |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 102 | std::move(on_shown).Run(false); |
| 103 | return; |
| 104 | } |
| 105 | |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 106 | OnShow(); |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 107 | // TODO(jdufault): rename ash::LockScreen to ash::LoginScreen. |
| 108 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLogin); |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 109 | std::move(on_shown).Run(true); |
| 110 | } |
| 111 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 112 | void LoginScreenController::ShowErrorMessage(int32_t login_attempts, |
| 113 | const std::string& error_text, |
| 114 | const std::string& help_link_text, |
| 115 | int32_t help_topic_id) { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 116 | NOTIMPLEMENTED(); |
| 117 | } |
| 118 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 119 | void LoginScreenController::ClearErrors() { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 120 | NOTIMPLEMENTED(); |
| 121 | } |
| 122 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 123 | void LoginScreenController::ShowUserPodCustomIcon( |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 124 | const AccountId& account_id, |
Jacob Dufault | c5738ca | 2017-10-16 23:18:16 | [diff] [blame] | 125 | mojom::EasyUnlockIconOptionsPtr icon) { |
Jacob Dufault | a022559 | 2017-10-17 21:53:38 | [diff] [blame] | 126 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 127 | } |
| 128 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 129 | void LoginScreenController::HideUserPodCustomIcon(const AccountId& account_id) { |
Jacob Dufault | a022559 | 2017-10-17 21:53:38 | [diff] [blame] | 130 | auto icon_options = mojom::EasyUnlockIconOptions::New(); |
| 131 | icon_options->icon = mojom::EasyUnlockIconId::NONE; |
| 132 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon_options); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 133 | } |
| 134 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 135 | void LoginScreenController::SetAuthType( |
xiaoyinh | 820778c5 | 2017-06-21 01:42:51 | [diff] [blame] | 136 | const AccountId& account_id, |
| 137 | proximity_auth::mojom::AuthType auth_type, |
| 138 | const base::string16& initial_value) { |
Jacob Dufault | a022559 | 2017-10-17 21:53:38 | [diff] [blame] | 139 | if (auth_type == proximity_auth::mojom::AuthType::USER_CLICK) { |
| 140 | DataDispatcher()->SetClickToUnlockEnabledForUser(account_id, |
| 141 | true /*enabled*/); |
| 142 | } else { |
| 143 | NOTIMPLEMENTED(); |
| 144 | } |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 145 | } |
| 146 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 147 | void LoginScreenController::LoadUsers( |
| 148 | std::vector<mojom::LoginUserInfoPtr> users, |
| 149 | bool show_guest) { |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 150 | DCHECK(DataDispatcher()); |
| 151 | |
Sarah Hu | f3a99dd0 | 2017-10-03 22:04:11 | [diff] [blame] | 152 | DataDispatcher()->NotifyUsers(users); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 153 | } |
| 154 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 155 | void LoginScreenController::SetPinEnabledForUser(const AccountId& account_id, |
| 156 | bool is_enabled) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 157 | // Chrome will update pin pod state every time user tries to authenticate. |
| 158 | // LockScreen is destroyed in the case of authentication success. |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 159 | if (DataDispatcher()) |
| 160 | DataDispatcher()->SetPinEnabledForUser(account_id, is_enabled); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 161 | } |
| 162 | |
Wenzhao Zang | a05dcefc | 2017-11-30 05:50:03 | [diff] [blame] | 163 | void LoginScreenController::SetDevChannelInfo( |
| 164 | const std::string& os_version_label_text, |
| 165 | const std::string& enterprise_info_text, |
| 166 | const std::string& bluetooth_name) { |
| 167 | if (DataDispatcher()) { |
| 168 | DataDispatcher()->SetDevChannelInfo(os_version_label_text, |
| 169 | enterprise_info_text, bluetooth_name); |
| 170 | } |
| 171 | } |
| 172 | |
Sarah Hu | 0bfd187 | 2017-12-12 18:00:05 | [diff] [blame] | 173 | void LoginScreenController::IsReadyForPassword( |
| 174 | IsReadyForPasswordCallback callback) { |
| 175 | std::move(callback).Run(LockScreen::IsShown() && !is_authenticating_); |
| 176 | } |
| 177 | |
Sarah Hu | f4cbba8 | 2018-03-07 01:34:12 | [diff] [blame] | 178 | void LoginScreenController::SetPublicSessionDisplayName( |
| 179 | const AccountId& account_id, |
| 180 | const std::string& display_name) { |
| 181 | if (DataDispatcher()) |
| 182 | DataDispatcher()->SetPublicSessionDisplayName(account_id, display_name); |
| 183 | } |
| 184 | |
| 185 | void LoginScreenController::SetPublicSessionLocales( |
| 186 | const AccountId& account_id, |
| 187 | std::unique_ptr<base::ListValue> locales, |
| 188 | const std::string& default_locale, |
| 189 | bool show_advanced_view) { |
| 190 | if (DataDispatcher()) { |
| 191 | DataDispatcher()->SetPublicSessionLocales( |
| 192 | account_id, std::move(locales), default_locale, show_advanced_view); |
| 193 | } |
| 194 | } |
| 195 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 196 | void LoginScreenController::AuthenticateUser(const AccountId& account_id, |
| 197 | const std::string& password, |
| 198 | bool authenticated_by_pin, |
| 199 | OnAuthenticateCallback callback) { |
| 200 | // Ignore concurrent auth attempts. This can happen if the user quickly enters |
| 201 | // two separate passwords and hits enter. |
| 202 | if (!login_screen_client_ || is_authenticating_) { |
| 203 | LOG_IF(ERROR, is_authenticating_) << "Ignoring concurrent auth attempt"; |
| 204 | std::move(callback).Run(base::nullopt); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 205 | return; |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 206 | } |
| 207 | is_authenticating_ = true; |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 208 | |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 209 | // If auth is disabled by the debug overlay bypass the mojo call entirely, as |
| 210 | // it will dismiss the lock screen if the password is correct. |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 211 | switch (force_fail_auth_for_debug_overlay_) { |
| 212 | case ForceFailAuth::kOff: |
| 213 | break; |
| 214 | case ForceFailAuth::kImmediate: |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 215 | OnAuthenticateComplete(std::move(callback), false /*success*/); |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 216 | return; |
| 217 | case ForceFailAuth::kDelayed: |
| 218 | base::ThreadTaskRunnerHandle::Get()->PostDelayedTask( |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 219 | FROM_HERE, |
| 220 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 221 | weak_factory_.GetWeakPtr(), base::Passed(&callback), |
| 222 | false), |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 223 | base::TimeDelta::FromSeconds(1)); |
| 224 | return; |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 225 | } |
| 226 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 227 | // |DoAuthenticateUser| requires the system salt, so we fetch it first, and |
| 228 | // then run |DoAuthenticateUser| as a continuation. |
| 229 | auto do_authenticate = base::BindOnce( |
| 230 | &LoginScreenController::DoAuthenticateUser, weak_factory_.GetWeakPtr(), |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 231 | account_id, password, authenticated_by_pin, std::move(callback)); |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 232 | chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::BindRepeating( |
| 233 | &LoginScreenController::OnGetSystemSalt, weak_factory_.GetWeakPtr(), |
| 234 | base::Passed(&do_authenticate))); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 235 | } |
| 236 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 237 | void LoginScreenController::HandleFocusLeavingLockScreenApps(bool reverse) { |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 238 | for (auto& observer : lock_screen_apps_focus_observers_) |
| 239 | observer.OnFocusLeavingLockScreenApps(reverse); |
| 240 | } |
| 241 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 242 | void LoginScreenController::AttemptUnlock(const AccountId& account_id) { |
| 243 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 244 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 245 | login_screen_client_->AttemptUnlock(account_id); |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 246 | |
| 247 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 248 | LoginMetricsRecorder::AuthMethod::kSmartlock); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 249 | } |
| 250 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 251 | void LoginScreenController::HardlockPod(const AccountId& account_id) { |
| 252 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 253 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 254 | login_screen_client_->HardlockPod(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 255 | } |
| 256 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 257 | void LoginScreenController::RecordClickOnLockIcon(const AccountId& account_id) { |
| 258 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 259 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 260 | login_screen_client_->RecordClickOnLockIcon(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 261 | } |
| 262 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 263 | void LoginScreenController::OnFocusPod(const AccountId& account_id) { |
| 264 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 265 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 266 | login_screen_client_->OnFocusPod(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 267 | } |
| 268 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 269 | void LoginScreenController::OnNoPodFocused() { |
| 270 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 271 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 272 | login_screen_client_->OnNoPodFocused(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 273 | } |
| 274 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 275 | void LoginScreenController::LoadWallpaper(const AccountId& account_id) { |
| 276 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 277 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 278 | login_screen_client_->LoadWallpaper(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 279 | } |
| 280 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 281 | void LoginScreenController::SignOutUser() { |
| 282 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 283 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 284 | login_screen_client_->SignOutUser(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 285 | } |
| 286 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 287 | void LoginScreenController::CancelAddUser() { |
| 288 | if (!login_screen_client_) |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 289 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 290 | login_screen_client_->CancelAddUser(); |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 291 | } |
| 292 | |
Aga Wronska | 6a32f987 | 2018-01-06 00:16:10 | [diff] [blame] | 293 | void LoginScreenController::LoginAsGuest() { |
| 294 | if (!login_screen_client_) |
| 295 | return; |
| 296 | login_screen_client_->LoginAsGuest(); |
| 297 | } |
| 298 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 299 | void LoginScreenController::OnMaxIncorrectPasswordAttempted( |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 300 | const AccountId& account_id) { |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 301 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 302 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 303 | login_screen_client_->OnMaxIncorrectPasswordAttempted(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 304 | } |
| 305 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 306 | void LoginScreenController::FocusLockScreenApps(bool reverse) { |
| 307 | if (!login_screen_client_) |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 308 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 309 | login_screen_client_->FocusLockScreenApps(reverse); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 310 | } |
| 311 | |
Sarah Hu | 9fba0e75 | 2018-02-07 01:41:09 | [diff] [blame] | 312 | void LoginScreenController::ShowGaiaSignin() { |
| 313 | if (!login_screen_client_) |
| 314 | return; |
| 315 | login_screen_client_->ShowGaiaSignin(); |
| 316 | } |
| 317 | |
Jacob Dufault | fc31c74 | 2018-03-20 17:32:19 | [diff] [blame] | 318 | void LoginScreenController::OnRemoveUserWarningShown() { |
| 319 | if (!login_screen_client_) |
| 320 | return; |
| 321 | login_screen_client_->OnRemoveUserWarningShown(); |
| 322 | } |
| 323 | |
| 324 | void LoginScreenController::RemoveUser(const AccountId& account_id) { |
| 325 | if (!login_screen_client_) |
| 326 | return; |
| 327 | login_screen_client_->RemoveUser(account_id); |
| 328 | } |
| 329 | |
Sarah Hu | 3fcf9f8 | 2018-03-22 20:32:54 | [diff] [blame^] | 330 | void LoginScreenController::LaunchPublicSession( |
| 331 | const AccountId& account_id, |
| 332 | const std::string& locale, |
| 333 | const std::string& input_method) { |
| 334 | if (!login_screen_client_) |
| 335 | return; |
| 336 | login_screen_client_->LaunchPublicSession(account_id, locale, input_method); |
| 337 | } |
| 338 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 339 | void LoginScreenController::AddLockScreenAppsFocusObserver( |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 340 | LockScreenAppsFocusObserver* observer) { |
| 341 | lock_screen_apps_focus_observers_.AddObserver(observer); |
| 342 | } |
| 343 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 344 | void LoginScreenController::RemoveLockScreenAppsFocusObserver( |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 345 | LockScreenAppsFocusObserver* observer) { |
| 346 | lock_screen_apps_focus_observers_.RemoveObserver(observer); |
| 347 | } |
| 348 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 349 | void LoginScreenController::FlushForTesting() { |
| 350 | login_screen_client_.FlushForTesting(); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 351 | } |
| 352 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 353 | void LoginScreenController::DoAuthenticateUser(const AccountId& account_id, |
| 354 | const std::string& password, |
| 355 | bool authenticated_by_pin, |
| 356 | OnAuthenticateCallback callback, |
| 357 | const std::string& system_salt) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 358 | int dummy_value; |
| 359 | bool is_pin = |
| 360 | authenticated_by_pin && base::StringToInt(password, &dummy_value); |
| 361 | std::string hashed_password = CalculateHash( |
| 362 | password, system_salt, chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF); |
| 363 | |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 364 | // Used for GAIA password reuse detection. |
| 365 | password_manager::SyncPasswordData sync_password_data( |
| 366 | base::UTF8ToUTF16(password), /*force_update=*/false); |
| 367 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 368 | PrefService* prefs = |
| 369 | Shell::Get()->session_controller()->GetLastActiveUserPrefService(); |
| 370 | if (is_pin && prefs) { |
| 371 | hashed_password = |
| 372 | CalculateHash(password, prefs->GetString(prefs::kQuickUnlockPinSalt), |
| 373 | chromeos::Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234); |
| 374 | } |
| 375 | |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 376 | if (account_id.GetAccountType() == AccountType::ACTIVE_DIRECTORY && !is_pin) { |
| 377 | // Try to get kerberos TGT while we have user's password typed on the lock |
| 378 | // screen. Using invalid/bad password is fine. Failure to get TGT here is OK |
| 379 | // - that could mean e.g. Active Directory server is not reachable. |
| 380 | // AuthPolicyCredentialsManager regularly checks TGT status inside the user |
| 381 | // session. |
| 382 | chromeos::AuthPolicyLoginHelper::TryAuthenticateUser( |
| 383 | account_id.GetUserEmail(), account_id.GetObjGuid(), password); |
| 384 | } |
| 385 | |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 386 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 387 | is_pin ? LoginMetricsRecorder::AuthMethod::kPin |
| 388 | : LoginMetricsRecorder::AuthMethod::kPassword); |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 389 | login_screen_client_->AuthenticateUser( |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 390 | account_id, hashed_password, sync_password_data, is_pin, |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 391 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 392 | weak_factory_.GetWeakPtr(), base::Passed(&callback))); |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 393 | } |
| 394 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 395 | void LoginScreenController::OnAuthenticateComplete( |
| 396 | OnAuthenticateCallback callback, |
| 397 | bool success) { |
| 398 | is_authenticating_ = false; |
| 399 | std::move(callback).Run(success); |
| 400 | } |
| 401 | |
| 402 | void LoginScreenController::OnGetSystemSalt(PendingDoAuthenticateUser then, |
| 403 | const std::string& system_salt) { |
| 404 | std::move(then).Run(system_salt); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 405 | } |
| 406 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 407 | LoginDataDispatcher* LoginScreenController::DataDispatcher() const { |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 408 | if (!ash::LockScreen::IsShown()) |
| 409 | return nullptr; |
| 410 | return ash::LockScreen::Get()->data_dispatcher(); |
| 411 | } |
| 412 | |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 413 | void LoginScreenController::OnShow() { |
| 414 | SetSystemTrayVisibility(SystemTrayVisibility::kPrimary); |
| 415 | is_authenticating_ = false; |
| 416 | } |
| 417 | |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 418 | } // namespace ash |