[go: nahoru, domu]
Google Git
Sign in
chromium / chromium / src / 3fcf9f852134febae6c871c664e232bc0c3e1625 / . / ash / login / login_screen_controller.cc
blob: 203bcc6d4d6432e84b5fa90d0a12db703a59372e [file] [log] [blame]
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]1// Copyright 2017 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]5#include "ash/login/login_screen_controller.h"
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]6
Toni Barzicf61c4452017-10-05 03:57:48[diff] [blame]7#include "ash/login/lock_screen_apps_focus_observer.h"
jdufaulteb4c9f1e2017-06-08 23:08:30[diff] [blame]8#include "ash/login/ui/lock_screen.h"
Jacob Dufault40623d52017-09-15 17:22:53[diff] [blame]9#include "ash/login/ui/login_data_dispatcher.h"
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]10#include "ash/public/cpp/ash_pref_names.h"
Aga Wronska16abb432018-01-11 23:49:59[diff] [blame]11#include "ash/root_window_controller.h"
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]12#include "ash/session/session_controller.h"
13#include "ash/shell.h"
Aga Wronska16abb432018-01-11 23:49:59[diff] [blame]14#include "ash/system/status_area_widget.h"
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]15#include "base/strings/string_number_conversions.h"
Jialiu Linf99b788b2018-01-17 23:01:21[diff] [blame]16#include "base/strings/utf_string_conversions.h"
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]17#include "chromeos/cryptohome/system_salt_getter.h"
Roman Sorokinc5590012017-09-28 00:48:29[diff] [blame]18#include "chromeos/login/auth/authpolicy_login_helper.h"
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]19#include "chromeos/login/auth/user_context.h"
Jialiu Linf99b788b2018-01-17 23:01:21[diff] [blame]20#include "components/password_manager/core/browser/hash_password_manager.h"
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]21#include "components/prefs/pref_registry_simple.h"
22#include "components/prefs/pref_service.h"
Jacob Dufault957e0922017-12-06 19:16:09[diff] [blame]23#include "components/session_manager/session_manager_types.h"
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]24
25namespace ash {
26
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]27namespace {
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]28
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]29std::string CalculateHash(const std::string& password,
30 const std::string& salt,
31 chromeos::Key::KeyType key_type) {
32 chromeos::Key key(password);
33 key.Transform(key_type, salt);
34 return key.GetSecret();
35}
36
Aga Wronskaa844cdcd12018-01-29 16:06:44[diff] [blame]37enum class SystemTrayVisibility {
38 kNone, // Tray not visible anywhere.
39 kPrimary, // Tray visible only on primary display.
40 kAll, // Tray visible on all displays.
41};
42
43void SetSystemTrayVisibility(SystemTrayVisibility visibility) {
44 RootWindowController* primary_window_controller =
45 Shell::GetPrimaryRootWindowController();
46 for (RootWindowController* window_controller :
47 Shell::GetAllRootWindowControllers()) {
48 StatusAreaWidget* status_area = window_controller->GetStatusAreaWidget();
49 if (!status_area)
50 continue;
51 if (window_controller == primary_window_controller) {
52 status_area->SetSystemTrayVisibility(
53 visibility == SystemTrayVisibility::kPrimary ||
54 visibility == SystemTrayVisibility::kAll);
55 } else {
56 status_area->SetSystemTrayVisibility(visibility ==
57 SystemTrayVisibility::kAll);
58 }
59 }
Aga Wronska16abb432018-01-11 23:49:59[diff] [blame]60}
61
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]62} // namespace
63
James Cookede316a2017-12-14 22:38:43[diff] [blame]64LoginScreenController::LoginScreenController() : weak_factory_(this) {}
James Cook8f1e6062017-11-13 23:40:59[diff] [blame]65
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]66LoginScreenController::~LoginScreenController() = default;
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]67
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]68// static
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]69void LoginScreenController::RegisterProfilePrefs(PrefRegistrySimple* registry,
70 bool for_test) {
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]71 if (for_test) {
72 // There is no remote pref service, so pretend that ash owns the pref.
73 registry->RegisterStringPref(prefs::kQuickUnlockPinSalt, "");
74 return;
75 }
76
77 // Pref is owned by chrome and flagged as PUBLIC.
78 registry->RegisterForeignPref(prefs::kQuickUnlockPinSalt);
79}
80
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]81void LoginScreenController::BindRequest(mojom::LoginScreenRequest request) {
James Cookede316a2017-12-14 22:38:43[diff] [blame]82 bindings_.AddBinding(this, std::move(request));
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]83}
84
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]85void LoginScreenController::SetClient(mojom::LoginScreenClientPtr client) {
86 login_screen_client_ = std::move(client);
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]87}
88
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]89void LoginScreenController::ShowLockScreen(ShowLockScreenCallback on_shown) {
Jacob Dufaultcbc1ee02018-02-28 18:38:54[diff] [blame]90 OnShow();
Jacob Dufault957e0922017-12-06 19:16:09[diff] [blame]91 ash::LockScreen::Show(ash::LockScreen::ScreenType::kLock);
92 std::move(on_shown).Run(true);
93}
94
95void LoginScreenController::ShowLoginScreen(ShowLoginScreenCallback on_shown) {
96 // Login screen can only be used during login.
97 if (Shell::Get()->session_controller()->GetSessionState() !=
98 session_manager::SessionState::LOGIN_PRIMARY) {
Jacob Dufault76d2b412018-03-21 20:38:12[diff] [blame]99 LOG(ERROR) << "Not showing login screen since session state is "
100 << static_cast<int>(
101 Shell::Get()->session_controller()->GetSessionState());
Jacob Dufault957e0922017-12-06 19:16:09[diff] [blame]102 std::move(on_shown).Run(false);
103 return;
104 }
105
Jacob Dufaultcbc1ee02018-02-28 18:38:54[diff] [blame]106 OnShow();
Jacob Dufault957e0922017-12-06 19:16:09[diff] [blame]107 // TODO(jdufault): rename ash::LockScreen to ash::LoginScreen.
108 ash::LockScreen::Show(ash::LockScreen::ScreenType::kLogin);
jdufaulteb4c9f1e2017-06-08 23:08:30[diff] [blame]109 std::move(on_shown).Run(true);
110}
111
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]112void LoginScreenController::ShowErrorMessage(int32_t login_attempts,
113 const std::string& error_text,
114 const std::string& help_link_text,
115 int32_t help_topic_id) {
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]116 NOTIMPLEMENTED();
117}
118
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]119void LoginScreenController::ClearErrors() {
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]120 NOTIMPLEMENTED();
121}
122
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]123void LoginScreenController::ShowUserPodCustomIcon(
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]124 const AccountId& account_id,
Jacob Dufaultc5738ca2017-10-16 23:18:16[diff] [blame]125 mojom::EasyUnlockIconOptionsPtr icon) {
Jacob Dufaulta0225592017-10-17 21:53:38[diff] [blame]126 DataDispatcher()->ShowEasyUnlockIcon(account_id, icon);
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]127}
128
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]129void LoginScreenController::HideUserPodCustomIcon(const AccountId& account_id) {
Jacob Dufaulta0225592017-10-17 21:53:38[diff] [blame]130 auto icon_options = mojom::EasyUnlockIconOptions::New();
131 icon_options->icon = mojom::EasyUnlockIconId::NONE;
132 DataDispatcher()->ShowEasyUnlockIcon(account_id, icon_options);
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]133}
134
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]135void LoginScreenController::SetAuthType(
xiaoyinh820778c52017-06-21 01:42:51[diff] [blame]136 const AccountId& account_id,
137 proximity_auth::mojom::AuthType auth_type,
138 const base::string16& initial_value) {
Jacob Dufaulta0225592017-10-17 21:53:38[diff] [blame]139 if (auth_type == proximity_auth::mojom::AuthType::USER_CLICK) {
140 DataDispatcher()->SetClickToUnlockEnabledForUser(account_id,
141 true /*enabled*/);
142 } else {
143 NOTIMPLEMENTED();
144 }
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]145}
146
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]147void LoginScreenController::LoadUsers(
148 std::vector<mojom::LoginUserInfoPtr> users,
149 bool show_guest) {
Jacob Dufault40623d52017-09-15 17:22:53[diff] [blame]150 DCHECK(DataDispatcher());
151
Sarah Huf3a99dd02017-10-03 22:04:11[diff] [blame]152 DataDispatcher()->NotifyUsers(users);
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]153}
154
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]155void LoginScreenController::SetPinEnabledForUser(const AccountId& account_id,
156 bool is_enabled) {
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]157 // Chrome will update pin pod state every time user tries to authenticate.
158 // LockScreen is destroyed in the case of authentication success.
Jacob Dufault40623d52017-09-15 17:22:53[diff] [blame]159 if (DataDispatcher())
160 DataDispatcher()->SetPinEnabledForUser(account_id, is_enabled);
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]161}
162
Wenzhao Zanga05dcefc2017-11-30 05:50:03[diff] [blame]163void LoginScreenController::SetDevChannelInfo(
164 const std::string& os_version_label_text,
165 const std::string& enterprise_info_text,
166 const std::string& bluetooth_name) {
167 if (DataDispatcher()) {
168 DataDispatcher()->SetDevChannelInfo(os_version_label_text,
169 enterprise_info_text, bluetooth_name);
170 }
171}
172
Sarah Hu0bfd1872017-12-12 18:00:05[diff] [blame]173void LoginScreenController::IsReadyForPassword(
174 IsReadyForPasswordCallback callback) {
175 std::move(callback).Run(LockScreen::IsShown() && !is_authenticating_);
176}
177
Sarah Huf4cbba82018-03-07 01:34:12[diff] [blame]178void LoginScreenController::SetPublicSessionDisplayName(
179 const AccountId& account_id,
180 const std::string& display_name) {
181 if (DataDispatcher())
182 DataDispatcher()->SetPublicSessionDisplayName(account_id, display_name);
183}
184
185void LoginScreenController::SetPublicSessionLocales(
186 const AccountId& account_id,
187 std::unique_ptr<base::ListValue> locales,
188 const std::string& default_locale,
189 bool show_advanced_view) {
190 if (DataDispatcher()) {
191 DataDispatcher()->SetPublicSessionLocales(
192 account_id, std::move(locales), default_locale, show_advanced_view);
193 }
194}
195
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]196void LoginScreenController::AuthenticateUser(const AccountId& account_id,
197 const std::string& password,
198 bool authenticated_by_pin,
199 OnAuthenticateCallback callback) {
200 // Ignore concurrent auth attempts. This can happen if the user quickly enters
201 // two separate passwords and hits enter.
202 if (!login_screen_client_ || is_authenticating_) {
203 LOG_IF(ERROR, is_authenticating_) << "Ignoring concurrent auth attempt";
204 std::move(callback).Run(base::nullopt);
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]205 return;
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]206 }
207 is_authenticating_ = true;
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]208
Jacob Dufaulteafc6fe2017-10-11 21:16:52[diff] [blame]209 // If auth is disabled by the debug overlay bypass the mojo call entirely, as
210 // it will dismiss the lock screen if the password is correct.
Jacob Dufault0fbed9c02017-11-14 19:22:24[diff] [blame]211 switch (force_fail_auth_for_debug_overlay_) {
212 case ForceFailAuth::kOff:
213 break;
214 case ForceFailAuth::kImmediate:
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]215 OnAuthenticateComplete(std::move(callback), false /*success*/);
Jacob Dufault0fbed9c02017-11-14 19:22:24[diff] [blame]216 return;
217 case ForceFailAuth::kDelayed:
218 base::ThreadTaskRunnerHandle::Get()->PostDelayedTask(
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]219 FROM_HERE,
220 base::BindOnce(&LoginScreenController::OnAuthenticateComplete,
221 weak_factory_.GetWeakPtr(), base::Passed(&callback),
222 false),
Jacob Dufault0fbed9c02017-11-14 19:22:24[diff] [blame]223 base::TimeDelta::FromSeconds(1));
224 return;
Jacob Dufaulteafc6fe2017-10-11 21:16:52[diff] [blame]225 }
226
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]227 // |DoAuthenticateUser| requires the system salt, so we fetch it first, and
228 // then run |DoAuthenticateUser| as a continuation.
229 auto do_authenticate = base::BindOnce(
230 &LoginScreenController::DoAuthenticateUser, weak_factory_.GetWeakPtr(),
jdufaulteb4c9f1e2017-06-08 23:08:30[diff] [blame]231 account_id, password, authenticated_by_pin, std::move(callback));
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]232 chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::BindRepeating(
233 &LoginScreenController::OnGetSystemSalt, weak_factory_.GetWeakPtr(),
234 base::Passed(&do_authenticate)));
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]235}
236
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]237void LoginScreenController::HandleFocusLeavingLockScreenApps(bool reverse) {
Toni Barzicf61c4452017-10-05 03:57:48[diff] [blame]238 for (auto& observer : lock_screen_apps_focus_observers_)
239 observer.OnFocusLeavingLockScreenApps(reverse);
240}
241
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]242void LoginScreenController::AttemptUnlock(const AccountId& account_id) {
243 if (!login_screen_client_)
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]244 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]245 login_screen_client_->AttemptUnlock(account_id);
Sarah Hue0e01a52017-10-25 20:29:30[diff] [blame]246
247 Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod(
248 LoginMetricsRecorder::AuthMethod::kSmartlock);
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]249}
250
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]251void LoginScreenController::HardlockPod(const AccountId& account_id) {
252 if (!login_screen_client_)
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]253 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]254 login_screen_client_->HardlockPod(account_id);
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]255}
256
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]257void LoginScreenController::RecordClickOnLockIcon(const AccountId& account_id) {
258 if (!login_screen_client_)
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]259 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]260 login_screen_client_->RecordClickOnLockIcon(account_id);
xiaoyinh9f6fa0e2017-06-07 19:22:32[diff] [blame]261}
262
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]263void LoginScreenController::OnFocusPod(const AccountId& account_id) {
264 if (!login_screen_client_)
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]265 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]266 login_screen_client_->OnFocusPod(account_id);
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]267}
268
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]269void LoginScreenController::OnNoPodFocused() {
270 if (!login_screen_client_)
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]271 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]272 login_screen_client_->OnNoPodFocused();
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]273}
274
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]275void LoginScreenController::LoadWallpaper(const AccountId& account_id) {
276 if (!login_screen_client_)
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]277 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]278 login_screen_client_->LoadWallpaper(account_id);
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]279}
280
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]281void LoginScreenController::SignOutUser() {
282 if (!login_screen_client_)
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]283 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]284 login_screen_client_->SignOutUser();
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]285}
286
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]287void LoginScreenController::CancelAddUser() {
288 if (!login_screen_client_)
Wenzhao Zang16e7ea722017-09-16 01:27:30[diff] [blame]289 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]290 login_screen_client_->CancelAddUser();
Wenzhao Zang16e7ea722017-09-16 01:27:30[diff] [blame]291}
292
Aga Wronska6a32f9872018-01-06 00:16:10[diff] [blame]293void LoginScreenController::LoginAsGuest() {
294 if (!login_screen_client_)
295 return;
296 login_screen_client_->LoginAsGuest();
297}
298
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]299void LoginScreenController::OnMaxIncorrectPasswordAttempted(
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]300 const AccountId& account_id) {
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]301 if (!login_screen_client_)
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]302 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]303 login_screen_client_->OnMaxIncorrectPasswordAttempted(account_id);
xiaoyinhf534c4f2017-06-13 20:50:27[diff] [blame]304}
305
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]306void LoginScreenController::FocusLockScreenApps(bool reverse) {
307 if (!login_screen_client_)
Toni Barzicf61c4452017-10-05 03:57:48[diff] [blame]308 return;
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]309 login_screen_client_->FocusLockScreenApps(reverse);
Toni Barzicf61c4452017-10-05 03:57:48[diff] [blame]310}
311
Sarah Hu9fba0e752018-02-07 01:41:09[diff] [blame]312void LoginScreenController::ShowGaiaSignin() {
313 if (!login_screen_client_)
314 return;
315 login_screen_client_->ShowGaiaSignin();
316}
317
Jacob Dufaultfc31c742018-03-20 17:32:19[diff] [blame]318void LoginScreenController::OnRemoveUserWarningShown() {
319 if (!login_screen_client_)
320 return;
321 login_screen_client_->OnRemoveUserWarningShown();
322}
323
324void LoginScreenController::RemoveUser(const AccountId& account_id) {
325 if (!login_screen_client_)
326 return;
327 login_screen_client_->RemoveUser(account_id);
328}
329
Sarah Hu3fcf9f82018-03-22 20:32:54[diff] [blame^]330void LoginScreenController::LaunchPublicSession(
331 const AccountId& account_id,
332 const std::string& locale,
333 const std::string& input_method) {
334 if (!login_screen_client_)
335 return;
336 login_screen_client_->LaunchPublicSession(account_id, locale, input_method);
337}
338
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]339void LoginScreenController::AddLockScreenAppsFocusObserver(
Toni Barzicf61c4452017-10-05 03:57:48[diff] [blame]340 LockScreenAppsFocusObserver* observer) {
341 lock_screen_apps_focus_observers_.AddObserver(observer);
342}
343
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]344void LoginScreenController::RemoveLockScreenAppsFocusObserver(
Toni Barzicf61c4452017-10-05 03:57:48[diff] [blame]345 LockScreenAppsFocusObserver* observer) {
346 lock_screen_apps_focus_observers_.RemoveObserver(observer);
347}
348
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]349void LoginScreenController::FlushForTesting() {
350 login_screen_client_.FlushForTesting();
Toni Barzicf61c4452017-10-05 03:57:48[diff] [blame]351}
352
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]353void LoginScreenController::DoAuthenticateUser(const AccountId& account_id,
354 const std::string& password,
355 bool authenticated_by_pin,
356 OnAuthenticateCallback callback,
357 const std::string& system_salt) {
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]358 int dummy_value;
359 bool is_pin =
360 authenticated_by_pin && base::StringToInt(password, &dummy_value);
361 std::string hashed_password = CalculateHash(
362 password, system_salt, chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF);
363
Jialiu Linf99b788b2018-01-17 23:01:21[diff] [blame]364 // Used for GAIA password reuse detection.
365 password_manager::SyncPasswordData sync_password_data(
366 base::UTF8ToUTF16(password), /*force_update=*/false);
367
Sarah Hu069eea12017-09-08 01:28:40[diff] [blame]368 PrefService* prefs =
369 Shell::Get()->session_controller()->GetLastActiveUserPrefService();
370 if (is_pin && prefs) {
371 hashed_password =
372 CalculateHash(password, prefs->GetString(prefs::kQuickUnlockPinSalt),
373 chromeos::Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234);
374 }
375
Roman Sorokinc5590012017-09-28 00:48:29[diff] [blame]376 if (account_id.GetAccountType() == AccountType::ACTIVE_DIRECTORY && !is_pin) {
377 // Try to get kerberos TGT while we have user's password typed on the lock
378 // screen. Using invalid/bad password is fine. Failure to get TGT here is OK
379 // - that could mean e.g. Active Directory server is not reachable.
380 // AuthPolicyCredentialsManager regularly checks TGT status inside the user
381 // session.
382 chromeos::AuthPolicyLoginHelper::TryAuthenticateUser(
383 account_id.GetUserEmail(), account_id.GetObjGuid(), password);
384 }
385
Sarah Hue0e01a52017-10-25 20:29:30[diff] [blame]386 Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod(
387 is_pin ? LoginMetricsRecorder::AuthMethod::kPin
388 : LoginMetricsRecorder::AuthMethod::kPassword);
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]389 login_screen_client_->AuthenticateUser(
Jialiu Linf99b788b2018-01-17 23:01:21[diff] [blame]390 account_id, hashed_password, sync_password_data, is_pin,
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]391 base::BindOnce(&LoginScreenController::OnAuthenticateComplete,
392 weak_factory_.GetWeakPtr(), base::Passed(&callback)));
jdufaulteb4c9f1e2017-06-08 23:08:30[diff] [blame]393}
394
Jacob Dufaultb7a2d842017-12-01 23:21:15[diff] [blame]395void LoginScreenController::OnAuthenticateComplete(
396 OnAuthenticateCallback callback,
397 bool success) {
398 is_authenticating_ = false;
399 std::move(callback).Run(success);
400}
401
402void LoginScreenController::OnGetSystemSalt(PendingDoAuthenticateUser then,
403 const std::string& system_salt) {
404 std::move(then).Run(system_salt);
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]405}
406
Jacob Dufaultffd9b0d2017-11-15 23:07:16[diff] [blame]407LoginDataDispatcher* LoginScreenController::DataDispatcher() const {
Jacob Dufault40623d52017-09-15 17:22:53[diff] [blame]408 if (!ash::LockScreen::IsShown())
409 return nullptr;
410 return ash::LockScreen::Get()->data_dispatcher();
411}
412
Jacob Dufaultcbc1ee02018-02-28 18:38:54[diff] [blame]413void LoginScreenController::OnShow() {
414 SetSystemTrayVisibility(SystemTrayVisibility::kPrimary);
415 is_authenticating_ = false;
416}
417
xiaoyinh2bbdd102017-05-18 23:29:42[diff] [blame]418} // namespace ash