xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 1 | // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 5 | #include "ash/login/login_screen_controller.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 6 | |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 7 | #include "ash/login/ui/lock_screen.h" |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 8 | #include "ash/login/ui/login_data_dispatcher.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 9 | #include "ash/public/cpp/ash_pref_names.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 10 | #include "ash/root_window_controller.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 11 | #include "ash/session/session_controller.h" |
| 12 | #include "ash/shell.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 13 | #include "ash/system/status_area_widget.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 14 | #include "base/strings/string_number_conversions.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 15 | #include "base/strings/utf_string_conversions.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 16 | #include "chromeos/cryptohome/system_salt_getter.h" |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 17 | #include "chromeos/login/auth/authpolicy_login_helper.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 18 | #include "chromeos/login/auth/user_context.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 19 | #include "components/password_manager/core/browser/hash_password_manager.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 20 | #include "components/prefs/pref_registry_simple.h" |
| 21 | #include "components/prefs/pref_service.h" |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 22 | #include "components/session_manager/session_manager_types.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 23 | |
| 24 | namespace ash { |
| 25 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 26 | namespace { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 27 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 28 | std::string CalculateHash(const std::string& password, |
| 29 | const std::string& salt, |
| 30 | chromeos::Key::KeyType key_type) { |
| 31 | chromeos::Key key(password); |
| 32 | key.Transform(key_type, salt); |
| 33 | return key.GetSecret(); |
| 34 | } |
| 35 | |
Aga Wronska | a844cdcd1 | 2018-01-29 16:06:44 | [diff] [blame] | 36 | enum class SystemTrayVisibility { |
| 37 | kNone, // Tray not visible anywhere. |
| 38 | kPrimary, // Tray visible only on primary display. |
| 39 | kAll, // Tray visible on all displays. |
| 40 | }; |
| 41 | |
| 42 | void SetSystemTrayVisibility(SystemTrayVisibility visibility) { |
| 43 | RootWindowController* primary_window_controller = |
| 44 | Shell::GetPrimaryRootWindowController(); |
| 45 | for (RootWindowController* window_controller : |
| 46 | Shell::GetAllRootWindowControllers()) { |
| 47 | StatusAreaWidget* status_area = window_controller->GetStatusAreaWidget(); |
| 48 | if (!status_area) |
| 49 | continue; |
| 50 | if (window_controller == primary_window_controller) { |
| 51 | status_area->SetSystemTrayVisibility( |
| 52 | visibility == SystemTrayVisibility::kPrimary || |
| 53 | visibility == SystemTrayVisibility::kAll); |
| 54 | } else { |
| 55 | status_area->SetSystemTrayVisibility(visibility == |
| 56 | SystemTrayVisibility::kAll); |
| 57 | } |
| 58 | } |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 59 | } |
| 60 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 61 | } // namespace |
| 62 | |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 63 | LoginScreenController::LoginScreenController() : weak_factory_(this) {} |
James Cook | 8f1e606 | 2017-11-13 23:40:59 | [diff] [blame] | 64 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 65 | LoginScreenController::~LoginScreenController() = default; |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 66 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 67 | // static |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 68 | void LoginScreenController::RegisterProfilePrefs(PrefRegistrySimple* registry, |
| 69 | bool for_test) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 70 | if (for_test) { |
| 71 | // There is no remote pref service, so pretend that ash owns the pref. |
| 72 | registry->RegisterStringPref(prefs::kQuickUnlockPinSalt, ""); |
| 73 | return; |
| 74 | } |
| 75 | |
| 76 | // Pref is owned by chrome and flagged as PUBLIC. |
| 77 | registry->RegisterForeignPref(prefs::kQuickUnlockPinSalt); |
| 78 | } |
| 79 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 80 | void LoginScreenController::BindRequest(mojom::LoginScreenRequest request) { |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 81 | bindings_.AddBinding(this, std::move(request)); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 82 | } |
| 83 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 84 | void LoginScreenController::AuthenticateUser(const AccountId& account_id, |
| 85 | const std::string& password, |
| 86 | bool authenticated_by_pin, |
| 87 | OnAuthenticateCallback callback) { |
| 88 | // Ignore concurrent auth attempts. This can happen if the user quickly enters |
| 89 | // two separate passwords and hits enter. |
| 90 | if (!login_screen_client_ || is_authenticating_) { |
| 91 | LOG_IF(ERROR, is_authenticating_) << "Ignoring concurrent auth attempt"; |
| 92 | std::move(callback).Run(base::nullopt); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 93 | return; |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 94 | } |
| 95 | is_authenticating_ = true; |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 96 | |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 97 | // If auth is disabled by the debug overlay bypass the mojo call entirely, as |
| 98 | // it will dismiss the lock screen if the password is correct. |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 99 | switch (force_fail_auth_for_debug_overlay_) { |
| 100 | case ForceFailAuth::kOff: |
| 101 | break; |
| 102 | case ForceFailAuth::kImmediate: |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 103 | OnAuthenticateComplete(std::move(callback), false /*success*/); |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 104 | return; |
| 105 | case ForceFailAuth::kDelayed: |
| 106 | base::ThreadTaskRunnerHandle::Get()->PostDelayedTask( |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 107 | FROM_HERE, |
| 108 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 109 | weak_factory_.GetWeakPtr(), base::Passed(&callback), |
| 110 | false), |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 111 | base::TimeDelta::FromSeconds(1)); |
| 112 | return; |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 113 | } |
| 114 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 115 | // |DoAuthenticateUser| requires the system salt, so we fetch it first, and |
| 116 | // then run |DoAuthenticateUser| as a continuation. |
| 117 | auto do_authenticate = base::BindOnce( |
| 118 | &LoginScreenController::DoAuthenticateUser, weak_factory_.GetWeakPtr(), |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 119 | account_id, password, authenticated_by_pin, std::move(callback)); |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 120 | chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::BindRepeating( |
| 121 | &LoginScreenController::OnGetSystemSalt, weak_factory_.GetWeakPtr(), |
| 122 | base::Passed(&do_authenticate))); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 123 | } |
| 124 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 125 | void LoginScreenController::AttemptUnlock(const AccountId& account_id) { |
| 126 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 127 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 128 | login_screen_client_->AttemptUnlock(account_id); |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 129 | |
| 130 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 131 | LoginMetricsRecorder::AuthMethod::kSmartlock); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 132 | } |
| 133 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 134 | void LoginScreenController::HardlockPod(const AccountId& account_id) { |
| 135 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 136 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 137 | login_screen_client_->HardlockPod(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 138 | } |
| 139 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 140 | void LoginScreenController::RecordClickOnLockIcon(const AccountId& account_id) { |
| 141 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 142 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 143 | login_screen_client_->RecordClickOnLockIcon(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 144 | } |
| 145 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 146 | void LoginScreenController::OnFocusPod(const AccountId& account_id) { |
| 147 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 148 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 149 | login_screen_client_->OnFocusPod(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 150 | } |
| 151 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 152 | void LoginScreenController::OnNoPodFocused() { |
| 153 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 154 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 155 | login_screen_client_->OnNoPodFocused(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 156 | } |
| 157 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 158 | void LoginScreenController::LoadWallpaper(const AccountId& account_id) { |
| 159 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 160 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 161 | login_screen_client_->LoadWallpaper(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 162 | } |
| 163 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 164 | void LoginScreenController::SignOutUser() { |
| 165 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 166 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 167 | login_screen_client_->SignOutUser(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 168 | } |
| 169 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 170 | void LoginScreenController::CancelAddUser() { |
| 171 | if (!login_screen_client_) |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 172 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 173 | login_screen_client_->CancelAddUser(); |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 174 | } |
| 175 | |
Aga Wronska | 6a32f987 | 2018-01-06 00:16:10 | [diff] [blame] | 176 | void LoginScreenController::LoginAsGuest() { |
| 177 | if (!login_screen_client_) |
| 178 | return; |
| 179 | login_screen_client_->LoginAsGuest(); |
| 180 | } |
| 181 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 182 | void LoginScreenController::OnMaxIncorrectPasswordAttempted( |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 183 | const AccountId& account_id) { |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 184 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 185 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 186 | login_screen_client_->OnMaxIncorrectPasswordAttempted(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 187 | } |
| 188 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 189 | void LoginScreenController::FocusLockScreenApps(bool reverse) { |
| 190 | if (!login_screen_client_) |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 191 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 192 | login_screen_client_->FocusLockScreenApps(reverse); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 193 | } |
| 194 | |
Sarah Hu | 9fba0e75 | 2018-02-07 01:41:09 | [diff] [blame] | 195 | void LoginScreenController::ShowGaiaSignin() { |
| 196 | if (!login_screen_client_) |
| 197 | return; |
| 198 | login_screen_client_->ShowGaiaSignin(); |
| 199 | } |
| 200 | |
Jacob Dufault | fc31c74 | 2018-03-20 17:32:19 | [diff] [blame] | 201 | void LoginScreenController::OnRemoveUserWarningShown() { |
| 202 | if (!login_screen_client_) |
| 203 | return; |
| 204 | login_screen_client_->OnRemoveUserWarningShown(); |
| 205 | } |
| 206 | |
| 207 | void LoginScreenController::RemoveUser(const AccountId& account_id) { |
| 208 | if (!login_screen_client_) |
| 209 | return; |
| 210 | login_screen_client_->RemoveUser(account_id); |
| 211 | } |
| 212 | |
Sarah Hu | 3fcf9f8 | 2018-03-22 20:32:54 | [diff] [blame] | 213 | void LoginScreenController::LaunchPublicSession( |
| 214 | const AccountId& account_id, |
| 215 | const std::string& locale, |
| 216 | const std::string& input_method) { |
| 217 | if (!login_screen_client_) |
| 218 | return; |
| 219 | login_screen_client_->LaunchPublicSession(account_id, locale, input_method); |
| 220 | } |
| 221 | |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame^] | 222 | void LoginScreenController::AddObserver( |
| 223 | LoginScreenControllerObserver* observer) { |
| 224 | observers_.AddObserver(observer); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 225 | } |
| 226 | |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame^] | 227 | void LoginScreenController::RemoveObserver( |
| 228 | LoginScreenControllerObserver* observer) { |
| 229 | observers_.RemoveObserver(observer); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 230 | } |
| 231 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 232 | void LoginScreenController::FlushForTesting() { |
| 233 | login_screen_client_.FlushForTesting(); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 234 | } |
| 235 | |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame^] | 236 | void LoginScreenController::SetClient(mojom::LoginScreenClientPtr client) { |
| 237 | login_screen_client_ = std::move(client); |
| 238 | } |
| 239 | |
| 240 | void LoginScreenController::ShowLockScreen(ShowLockScreenCallback on_shown) { |
| 241 | OnShow(); |
| 242 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLock); |
| 243 | std::move(on_shown).Run(true); |
| 244 | } |
| 245 | |
| 246 | void LoginScreenController::ShowLoginScreen(ShowLoginScreenCallback on_shown) { |
| 247 | // Login screen can only be used during login. |
| 248 | if (Shell::Get()->session_controller()->GetSessionState() != |
| 249 | session_manager::SessionState::LOGIN_PRIMARY) { |
| 250 | LOG(ERROR) << "Not showing login screen since session state is " |
| 251 | << static_cast<int>( |
| 252 | Shell::Get()->session_controller()->GetSessionState()); |
| 253 | std::move(on_shown).Run(false); |
| 254 | return; |
| 255 | } |
| 256 | |
| 257 | OnShow(); |
| 258 | // TODO(jdufault): rename ash::LockScreen to ash::LoginScreen. |
| 259 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLogin); |
| 260 | std::move(on_shown).Run(true); |
| 261 | } |
| 262 | |
| 263 | void LoginScreenController::ShowErrorMessage(int32_t login_attempts, |
| 264 | const std::string& error_text, |
| 265 | const std::string& help_link_text, |
| 266 | int32_t help_topic_id) { |
| 267 | NOTIMPLEMENTED(); |
| 268 | } |
| 269 | |
| 270 | void LoginScreenController::ClearErrors() { |
| 271 | NOTIMPLEMENTED(); |
| 272 | } |
| 273 | |
| 274 | void LoginScreenController::ShowUserPodCustomIcon( |
| 275 | const AccountId& account_id, |
| 276 | mojom::EasyUnlockIconOptionsPtr icon) { |
| 277 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon); |
| 278 | } |
| 279 | |
| 280 | void LoginScreenController::HideUserPodCustomIcon(const AccountId& account_id) { |
| 281 | auto icon_options = mojom::EasyUnlockIconOptions::New(); |
| 282 | icon_options->icon = mojom::EasyUnlockIconId::NONE; |
| 283 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon_options); |
| 284 | } |
| 285 | |
| 286 | void LoginScreenController::SetAuthType( |
| 287 | const AccountId& account_id, |
| 288 | proximity_auth::mojom::AuthType auth_type, |
| 289 | const base::string16& initial_value) { |
| 290 | if (auth_type == proximity_auth::mojom::AuthType::USER_CLICK) { |
| 291 | DataDispatcher()->SetClickToUnlockEnabledForUser(account_id, |
| 292 | true /*enabled*/); |
| 293 | } else { |
| 294 | NOTIMPLEMENTED(); |
| 295 | } |
| 296 | } |
| 297 | |
| 298 | void LoginScreenController::LoadUsers( |
| 299 | std::vector<mojom::LoginUserInfoPtr> users, |
| 300 | bool show_guest) { |
| 301 | DCHECK(DataDispatcher()); |
| 302 | |
| 303 | DataDispatcher()->NotifyUsers(users); |
| 304 | } |
| 305 | |
| 306 | void LoginScreenController::SetPinEnabledForUser(const AccountId& account_id, |
| 307 | bool is_enabled) { |
| 308 | // Chrome will update pin pod state every time user tries to authenticate. |
| 309 | // LockScreen is destroyed in the case of authentication success. |
| 310 | if (DataDispatcher()) |
| 311 | DataDispatcher()->SetPinEnabledForUser(account_id, is_enabled); |
| 312 | } |
| 313 | |
| 314 | void LoginScreenController::HandleFocusLeavingLockScreenApps(bool reverse) { |
| 315 | for (auto& observer : observers_) |
| 316 | observer.OnFocusLeavingLockScreenApps(reverse); |
| 317 | } |
| 318 | |
| 319 | void LoginScreenController::SetDevChannelInfo( |
| 320 | const std::string& os_version_label_text, |
| 321 | const std::string& enterprise_info_text, |
| 322 | const std::string& bluetooth_name) { |
| 323 | if (DataDispatcher()) { |
| 324 | DataDispatcher()->SetDevChannelInfo(os_version_label_text, |
| 325 | enterprise_info_text, bluetooth_name); |
| 326 | } |
| 327 | } |
| 328 | |
| 329 | void LoginScreenController::IsReadyForPassword( |
| 330 | IsReadyForPasswordCallback callback) { |
| 331 | std::move(callback).Run(LockScreen::IsShown() && !is_authenticating_); |
| 332 | } |
| 333 | |
| 334 | void LoginScreenController::SetPublicSessionDisplayName( |
| 335 | const AccountId& account_id, |
| 336 | const std::string& display_name) { |
| 337 | if (DataDispatcher()) |
| 338 | DataDispatcher()->SetPublicSessionDisplayName(account_id, display_name); |
| 339 | } |
| 340 | |
| 341 | void LoginScreenController::SetPublicSessionLocales( |
| 342 | const AccountId& account_id, |
| 343 | std::unique_ptr<base::ListValue> locales, |
| 344 | const std::string& default_locale, |
| 345 | bool show_advanced_view) { |
| 346 | if (DataDispatcher()) { |
| 347 | DataDispatcher()->SetPublicSessionLocales( |
| 348 | account_id, std::move(locales), default_locale, show_advanced_view); |
| 349 | } |
| 350 | } |
| 351 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 352 | void LoginScreenController::DoAuthenticateUser(const AccountId& account_id, |
| 353 | const std::string& password, |
| 354 | bool authenticated_by_pin, |
| 355 | OnAuthenticateCallback callback, |
| 356 | const std::string& system_salt) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 357 | int dummy_value; |
| 358 | bool is_pin = |
| 359 | authenticated_by_pin && base::StringToInt(password, &dummy_value); |
| 360 | std::string hashed_password = CalculateHash( |
| 361 | password, system_salt, chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF); |
| 362 | |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 363 | // Used for GAIA password reuse detection. |
| 364 | password_manager::SyncPasswordData sync_password_data( |
| 365 | base::UTF8ToUTF16(password), /*force_update=*/false); |
| 366 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 367 | PrefService* prefs = |
| 368 | Shell::Get()->session_controller()->GetLastActiveUserPrefService(); |
| 369 | if (is_pin && prefs) { |
| 370 | hashed_password = |
| 371 | CalculateHash(password, prefs->GetString(prefs::kQuickUnlockPinSalt), |
| 372 | chromeos::Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234); |
| 373 | } |
| 374 | |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 375 | if (account_id.GetAccountType() == AccountType::ACTIVE_DIRECTORY && !is_pin) { |
| 376 | // Try to get kerberos TGT while we have user's password typed on the lock |
| 377 | // screen. Using invalid/bad password is fine. Failure to get TGT here is OK |
| 378 | // - that could mean e.g. Active Directory server is not reachable. |
| 379 | // AuthPolicyCredentialsManager regularly checks TGT status inside the user |
| 380 | // session. |
| 381 | chromeos::AuthPolicyLoginHelper::TryAuthenticateUser( |
| 382 | account_id.GetUserEmail(), account_id.GetObjGuid(), password); |
| 383 | } |
| 384 | |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 385 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 386 | is_pin ? LoginMetricsRecorder::AuthMethod::kPin |
| 387 | : LoginMetricsRecorder::AuthMethod::kPassword); |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 388 | login_screen_client_->AuthenticateUser( |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 389 | account_id, hashed_password, sync_password_data, is_pin, |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 390 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 391 | weak_factory_.GetWeakPtr(), base::Passed(&callback))); |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 392 | } |
| 393 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 394 | void LoginScreenController::OnAuthenticateComplete( |
| 395 | OnAuthenticateCallback callback, |
| 396 | bool success) { |
| 397 | is_authenticating_ = false; |
| 398 | std::move(callback).Run(success); |
| 399 | } |
| 400 | |
| 401 | void LoginScreenController::OnGetSystemSalt(PendingDoAuthenticateUser then, |
| 402 | const std::string& system_salt) { |
| 403 | std::move(then).Run(system_salt); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 404 | } |
| 405 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 406 | LoginDataDispatcher* LoginScreenController::DataDispatcher() const { |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 407 | if (!ash::LockScreen::IsShown()) |
| 408 | return nullptr; |
| 409 | return ash::LockScreen::Get()->data_dispatcher(); |
| 410 | } |
| 411 | |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 412 | void LoginScreenController::OnShow() { |
| 413 | SetSystemTrayVisibility(SystemTrayVisibility::kPrimary); |
| 414 | is_authenticating_ = false; |
| 415 | } |
| 416 | |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 417 | } // namespace ash |