xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 1 | // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 5 | #include "ash/login/login_screen_controller.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 6 | |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 7 | #include "ash/login/ui/lock_screen.h" |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 8 | #include "ash/login/ui/login_data_dispatcher.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 9 | #include "ash/public/cpp/ash_pref_names.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 10 | #include "ash/root_window_controller.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 11 | #include "ash/session/session_controller.h" |
| 12 | #include "ash/shell.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 13 | #include "ash/system/status_area_widget.h" |
Jacob Dufault | c06d6ca | 2018-04-24 23:49:17 | [diff] [blame] | 14 | #include "base/debug/alias.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 15 | #include "base/strings/string_number_conversions.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 16 | #include "base/strings/utf_string_conversions.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 17 | #include "chromeos/cryptohome/system_salt_getter.h" |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 18 | #include "chromeos/login/auth/authpolicy_login_helper.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 19 | #include "chromeos/login/auth/user_context.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 20 | #include "components/password_manager/core/browser/hash_password_manager.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 21 | #include "components/prefs/pref_registry_simple.h" |
| 22 | #include "components/prefs/pref_service.h" |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 23 | #include "components/session_manager/session_manager_types.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 24 | |
| 25 | namespace ash { |
| 26 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 27 | namespace { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 28 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 29 | std::string CalculateHash(const std::string& password, |
| 30 | const std::string& salt, |
| 31 | chromeos::Key::KeyType key_type) { |
| 32 | chromeos::Key key(password); |
| 33 | key.Transform(key_type, salt); |
| 34 | return key.GetSecret(); |
| 35 | } |
| 36 | |
Aga Wronska | a844cdcd1 | 2018-01-29 16:06:44 | [diff] [blame] | 37 | enum class SystemTrayVisibility { |
| 38 | kNone, // Tray not visible anywhere. |
| 39 | kPrimary, // Tray visible only on primary display. |
| 40 | kAll, // Tray visible on all displays. |
| 41 | }; |
| 42 | |
| 43 | void SetSystemTrayVisibility(SystemTrayVisibility visibility) { |
| 44 | RootWindowController* primary_window_controller = |
| 45 | Shell::GetPrimaryRootWindowController(); |
| 46 | for (RootWindowController* window_controller : |
| 47 | Shell::GetAllRootWindowControllers()) { |
| 48 | StatusAreaWidget* status_area = window_controller->GetStatusAreaWidget(); |
| 49 | if (!status_area) |
| 50 | continue; |
| 51 | if (window_controller == primary_window_controller) { |
| 52 | status_area->SetSystemTrayVisibility( |
| 53 | visibility == SystemTrayVisibility::kPrimary || |
| 54 | visibility == SystemTrayVisibility::kAll); |
| 55 | } else { |
| 56 | status_area->SetSystemTrayVisibility(visibility == |
| 57 | SystemTrayVisibility::kAll); |
| 58 | } |
| 59 | } |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 60 | } |
| 61 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 62 | } // namespace |
| 63 | |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 64 | LoginScreenController::LoginScreenController() : weak_factory_(this) {} |
James Cook | 8f1e606 | 2017-11-13 23:40:59 | [diff] [blame] | 65 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 66 | LoginScreenController::~LoginScreenController() = default; |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 67 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 68 | // static |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 69 | void LoginScreenController::RegisterProfilePrefs(PrefRegistrySimple* registry, |
| 70 | bool for_test) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 71 | if (for_test) { |
| 72 | // There is no remote pref service, so pretend that ash owns the pref. |
| 73 | registry->RegisterStringPref(prefs::kQuickUnlockPinSalt, ""); |
| 74 | return; |
| 75 | } |
| 76 | |
| 77 | // Pref is owned by chrome and flagged as PUBLIC. |
| 78 | registry->RegisterForeignPref(prefs::kQuickUnlockPinSalt); |
| 79 | } |
| 80 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 81 | void LoginScreenController::BindRequest(mojom::LoginScreenRequest request) { |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 82 | bindings_.AddBinding(this, std::move(request)); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 83 | } |
| 84 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 85 | void LoginScreenController::AuthenticateUser(const AccountId& account_id, |
| 86 | const std::string& password, |
| 87 | bool authenticated_by_pin, |
| 88 | OnAuthenticateCallback callback) { |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 89 | // It is an error to call this function while an authentication is in |
| 90 | // progress. |
Jacob Dufault | c06d6ca | 2018-04-24 23:49:17 | [diff] [blame] | 91 | LOG_IF(ERROR, authentication_stage_ != AuthenticationStage::kIdle) |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 92 | << "Authentication stage is " << static_cast<int>(authentication_stage_); |
| 93 | CHECK_EQ(authentication_stage_, AuthenticationStage::kIdle); |
| 94 | |
| 95 | if (!login_screen_client_) { |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 96 | std::move(callback).Run(base::nullopt); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 97 | return; |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 98 | } |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 99 | |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 100 | // If auth is disabled by the debug overlay bypass the mojo call entirely, as |
| 101 | // it will dismiss the lock screen if the password is correct. |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 102 | switch (force_fail_auth_for_debug_overlay_) { |
| 103 | case ForceFailAuth::kOff: |
| 104 | break; |
| 105 | case ForceFailAuth::kImmediate: |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 106 | OnAuthenticateComplete(std::move(callback), false /*success*/); |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 107 | return; |
| 108 | case ForceFailAuth::kDelayed: |
| 109 | base::ThreadTaskRunnerHandle::Get()->PostDelayedTask( |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 110 | FROM_HERE, |
| 111 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 112 | weak_factory_.GetWeakPtr(), base::Passed(&callback), |
| 113 | false), |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 114 | base::TimeDelta::FromSeconds(1)); |
| 115 | return; |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 116 | } |
| 117 | |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 118 | // |DoAuthenticateUser| requires the system salt. |
| 119 | authentication_stage_ = AuthenticationStage::kGetSystemSalt; |
| 120 | chromeos::SystemSaltGetter::Get()->GetSystemSalt( |
| 121 | base::AdaptCallbackForRepeating( |
| 122 | base::BindOnce(&LoginScreenController::DoAuthenticateUser, |
| 123 | weak_factory_.GetWeakPtr(), account_id, password, |
| 124 | authenticated_by_pin, std::move(callback)))); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 125 | } |
| 126 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 127 | void LoginScreenController::AttemptUnlock(const AccountId& account_id) { |
| 128 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 129 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 130 | login_screen_client_->AttemptUnlock(account_id); |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 131 | |
| 132 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 133 | LoginMetricsRecorder::AuthMethod::kSmartlock); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 134 | } |
| 135 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 136 | void LoginScreenController::HardlockPod(const AccountId& account_id) { |
| 137 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 138 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 139 | login_screen_client_->HardlockPod(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 140 | } |
| 141 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 142 | void LoginScreenController::RecordClickOnLockIcon(const AccountId& account_id) { |
| 143 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 144 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 145 | login_screen_client_->RecordClickOnLockIcon(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 146 | } |
| 147 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 148 | void LoginScreenController::OnFocusPod(const AccountId& account_id) { |
| 149 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 150 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 151 | login_screen_client_->OnFocusPod(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 152 | } |
| 153 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 154 | void LoginScreenController::OnNoPodFocused() { |
| 155 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 156 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 157 | login_screen_client_->OnNoPodFocused(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 158 | } |
| 159 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 160 | void LoginScreenController::LoadWallpaper(const AccountId& account_id) { |
| 161 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 162 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 163 | login_screen_client_->LoadWallpaper(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 164 | } |
| 165 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 166 | void LoginScreenController::SignOutUser() { |
| 167 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 168 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 169 | login_screen_client_->SignOutUser(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 170 | } |
| 171 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 172 | void LoginScreenController::CancelAddUser() { |
| 173 | if (!login_screen_client_) |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 174 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 175 | login_screen_client_->CancelAddUser(); |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 176 | } |
| 177 | |
Aga Wronska | 6a32f987 | 2018-01-06 00:16:10 | [diff] [blame] | 178 | void LoginScreenController::LoginAsGuest() { |
| 179 | if (!login_screen_client_) |
| 180 | return; |
| 181 | login_screen_client_->LoginAsGuest(); |
| 182 | } |
| 183 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 184 | void LoginScreenController::OnMaxIncorrectPasswordAttempted( |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 185 | const AccountId& account_id) { |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 186 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 187 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 188 | login_screen_client_->OnMaxIncorrectPasswordAttempted(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 189 | } |
| 190 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 191 | void LoginScreenController::FocusLockScreenApps(bool reverse) { |
| 192 | if (!login_screen_client_) |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 193 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 194 | login_screen_client_->FocusLockScreenApps(reverse); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 195 | } |
| 196 | |
Sarah Hu | 9fba0e75 | 2018-02-07 01:41:09 | [diff] [blame] | 197 | void LoginScreenController::ShowGaiaSignin() { |
| 198 | if (!login_screen_client_) |
| 199 | return; |
| 200 | login_screen_client_->ShowGaiaSignin(); |
| 201 | } |
| 202 | |
Jacob Dufault | fc31c74 | 2018-03-20 17:32:19 | [diff] [blame] | 203 | void LoginScreenController::OnRemoveUserWarningShown() { |
| 204 | if (!login_screen_client_) |
| 205 | return; |
| 206 | login_screen_client_->OnRemoveUserWarningShown(); |
| 207 | } |
| 208 | |
| 209 | void LoginScreenController::RemoveUser(const AccountId& account_id) { |
| 210 | if (!login_screen_client_) |
| 211 | return; |
| 212 | login_screen_client_->RemoveUser(account_id); |
| 213 | } |
| 214 | |
Sarah Hu | 3fcf9f8 | 2018-03-22 20:32:54 | [diff] [blame] | 215 | void LoginScreenController::LaunchPublicSession( |
| 216 | const AccountId& account_id, |
| 217 | const std::string& locale, |
| 218 | const std::string& input_method) { |
| 219 | if (!login_screen_client_) |
| 220 | return; |
| 221 | login_screen_client_->LaunchPublicSession(account_id, locale, input_method); |
| 222 | } |
| 223 | |
Sarah Hu | f9affb12 | 2018-04-27 21:36:36 | [diff] [blame^] | 224 | void LoginScreenController::RequestPublicSessionKeyboardLayouts( |
| 225 | const AccountId& account_id, |
| 226 | const std::string& locale) { |
| 227 | if (!login_screen_client_) |
| 228 | return; |
| 229 | login_screen_client_->RequestPublicSessionKeyboardLayouts(account_id, locale); |
| 230 | } |
| 231 | |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame] | 232 | void LoginScreenController::AddObserver( |
| 233 | LoginScreenControllerObserver* observer) { |
| 234 | observers_.AddObserver(observer); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 235 | } |
| 236 | |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame] | 237 | void LoginScreenController::RemoveObserver( |
| 238 | LoginScreenControllerObserver* observer) { |
| 239 | observers_.RemoveObserver(observer); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 240 | } |
| 241 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 242 | void LoginScreenController::FlushForTesting() { |
| 243 | login_screen_client_.FlushForTesting(); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 244 | } |
| 245 | |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame] | 246 | void LoginScreenController::SetClient(mojom::LoginScreenClientPtr client) { |
| 247 | login_screen_client_ = std::move(client); |
| 248 | } |
| 249 | |
| 250 | void LoginScreenController::ShowLockScreen(ShowLockScreenCallback on_shown) { |
| 251 | OnShow(); |
| 252 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLock); |
| 253 | std::move(on_shown).Run(true); |
| 254 | } |
| 255 | |
| 256 | void LoginScreenController::ShowLoginScreen(ShowLoginScreenCallback on_shown) { |
| 257 | // Login screen can only be used during login. |
| 258 | if (Shell::Get()->session_controller()->GetSessionState() != |
| 259 | session_manager::SessionState::LOGIN_PRIMARY) { |
| 260 | LOG(ERROR) << "Not showing login screen since session state is " |
| 261 | << static_cast<int>( |
| 262 | Shell::Get()->session_controller()->GetSessionState()); |
| 263 | std::move(on_shown).Run(false); |
| 264 | return; |
| 265 | } |
| 266 | |
| 267 | OnShow(); |
| 268 | // TODO(jdufault): rename ash::LockScreen to ash::LoginScreen. |
| 269 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLogin); |
| 270 | std::move(on_shown).Run(true); |
| 271 | } |
| 272 | |
| 273 | void LoginScreenController::ShowErrorMessage(int32_t login_attempts, |
| 274 | const std::string& error_text, |
| 275 | const std::string& help_link_text, |
| 276 | int32_t help_topic_id) { |
| 277 | NOTIMPLEMENTED(); |
| 278 | } |
| 279 | |
| 280 | void LoginScreenController::ClearErrors() { |
| 281 | NOTIMPLEMENTED(); |
| 282 | } |
| 283 | |
| 284 | void LoginScreenController::ShowUserPodCustomIcon( |
| 285 | const AccountId& account_id, |
| 286 | mojom::EasyUnlockIconOptionsPtr icon) { |
| 287 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon); |
| 288 | } |
| 289 | |
| 290 | void LoginScreenController::HideUserPodCustomIcon(const AccountId& account_id) { |
| 291 | auto icon_options = mojom::EasyUnlockIconOptions::New(); |
| 292 | icon_options->icon = mojom::EasyUnlockIconId::NONE; |
| 293 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon_options); |
| 294 | } |
| 295 | |
| 296 | void LoginScreenController::SetAuthType( |
| 297 | const AccountId& account_id, |
| 298 | proximity_auth::mojom::AuthType auth_type, |
| 299 | const base::string16& initial_value) { |
| 300 | if (auth_type == proximity_auth::mojom::AuthType::USER_CLICK) { |
| 301 | DataDispatcher()->SetClickToUnlockEnabledForUser(account_id, |
| 302 | true /*enabled*/); |
| 303 | } else { |
| 304 | NOTIMPLEMENTED(); |
| 305 | } |
| 306 | } |
| 307 | |
| 308 | void LoginScreenController::LoadUsers( |
| 309 | std::vector<mojom::LoginUserInfoPtr> users, |
| 310 | bool show_guest) { |
| 311 | DCHECK(DataDispatcher()); |
| 312 | |
| 313 | DataDispatcher()->NotifyUsers(users); |
| 314 | } |
| 315 | |
| 316 | void LoginScreenController::SetPinEnabledForUser(const AccountId& account_id, |
| 317 | bool is_enabled) { |
| 318 | // Chrome will update pin pod state every time user tries to authenticate. |
| 319 | // LockScreen is destroyed in the case of authentication success. |
| 320 | if (DataDispatcher()) |
| 321 | DataDispatcher()->SetPinEnabledForUser(account_id, is_enabled); |
| 322 | } |
| 323 | |
Jacob Dufault | 77d75ce9 | 2018-04-13 18:20:09 | [diff] [blame] | 324 | void LoginScreenController::SetAvatarForUser(const AccountId& account_id, |
| 325 | mojom::UserAvatarPtr avatar) { |
| 326 | for (auto& observer : observers_) |
| 327 | observer.SetAvatarForUser(account_id, avatar); |
| 328 | } |
| 329 | |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame] | 330 | void LoginScreenController::HandleFocusLeavingLockScreenApps(bool reverse) { |
| 331 | for (auto& observer : observers_) |
| 332 | observer.OnFocusLeavingLockScreenApps(reverse); |
| 333 | } |
| 334 | |
| 335 | void LoginScreenController::SetDevChannelInfo( |
| 336 | const std::string& os_version_label_text, |
| 337 | const std::string& enterprise_info_text, |
| 338 | const std::string& bluetooth_name) { |
| 339 | if (DataDispatcher()) { |
| 340 | DataDispatcher()->SetDevChannelInfo(os_version_label_text, |
| 341 | enterprise_info_text, bluetooth_name); |
| 342 | } |
| 343 | } |
| 344 | |
| 345 | void LoginScreenController::IsReadyForPassword( |
| 346 | IsReadyForPasswordCallback callback) { |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 347 | std::move(callback).Run(LockScreen::IsShown() && |
| 348 | authentication_stage_ == AuthenticationStage::kIdle); |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame] | 349 | } |
| 350 | |
| 351 | void LoginScreenController::SetPublicSessionDisplayName( |
| 352 | const AccountId& account_id, |
| 353 | const std::string& display_name) { |
| 354 | if (DataDispatcher()) |
| 355 | DataDispatcher()->SetPublicSessionDisplayName(account_id, display_name); |
| 356 | } |
| 357 | |
| 358 | void LoginScreenController::SetPublicSessionLocales( |
| 359 | const AccountId& account_id, |
Oksana Zhuravlova | c950e1d1 | 2018-04-17 15:46:29 | [diff] [blame] | 360 | base::Value locales, |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame] | 361 | const std::string& default_locale, |
| 362 | bool show_advanced_view) { |
| 363 | if (DataDispatcher()) { |
| 364 | DataDispatcher()->SetPublicSessionLocales( |
Oksana Zhuravlova | c950e1d1 | 2018-04-17 15:46:29 | [diff] [blame] | 365 | account_id, |
| 366 | base::ListValue::From( |
| 367 | base::Value::ToUniquePtrValue(std::move(locales))), |
| 368 | default_locale, show_advanced_view); |
Jacob Dufault | 589d994 | 2018-03-27 20:28:47 | [diff] [blame] | 369 | } |
| 370 | } |
| 371 | |
Sarah Hu | f9affb12 | 2018-04-27 21:36:36 | [diff] [blame^] | 372 | void LoginScreenController::SetPublicSessionKeyboardLayouts( |
| 373 | const AccountId& account_id, |
| 374 | const std::string& locale, |
| 375 | std::vector<mojom::InputMethodItemPtr> keyboard_layouts) { |
| 376 | if (DataDispatcher()) { |
| 377 | DataDispatcher()->SetPublicSessionKeyboardLayouts(account_id, locale, |
| 378 | keyboard_layouts); |
| 379 | } |
| 380 | } |
| 381 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 382 | void LoginScreenController::DoAuthenticateUser(const AccountId& account_id, |
| 383 | const std::string& password, |
| 384 | bool authenticated_by_pin, |
| 385 | OnAuthenticateCallback callback, |
| 386 | const std::string& system_salt) { |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 387 | authentication_stage_ = AuthenticationStage::kDoAuthenticate; |
| 388 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 389 | int dummy_value; |
| 390 | bool is_pin = |
| 391 | authenticated_by_pin && base::StringToInt(password, &dummy_value); |
| 392 | std::string hashed_password = CalculateHash( |
| 393 | password, system_salt, chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF); |
| 394 | |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 395 | // Used for GAIA password reuse detection. |
| 396 | password_manager::SyncPasswordData sync_password_data( |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 397 | base::UTF8ToUTF16(password), false /*force_update*/); |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 398 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 399 | PrefService* prefs = |
| 400 | Shell::Get()->session_controller()->GetLastActiveUserPrefService(); |
| 401 | if (is_pin && prefs) { |
| 402 | hashed_password = |
| 403 | CalculateHash(password, prefs->GetString(prefs::kQuickUnlockPinSalt), |
| 404 | chromeos::Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234); |
| 405 | } |
| 406 | |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 407 | if (account_id.GetAccountType() == AccountType::ACTIVE_DIRECTORY && !is_pin) { |
| 408 | // Try to get kerberos TGT while we have user's password typed on the lock |
| 409 | // screen. Using invalid/bad password is fine. Failure to get TGT here is OK |
| 410 | // - that could mean e.g. Active Directory server is not reachable. |
| 411 | // AuthPolicyCredentialsManager regularly checks TGT status inside the user |
| 412 | // session. |
| 413 | chromeos::AuthPolicyLoginHelper::TryAuthenticateUser( |
| 414 | account_id.GetUserEmail(), account_id.GetObjGuid(), password); |
| 415 | } |
| 416 | |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 417 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 418 | is_pin ? LoginMetricsRecorder::AuthMethod::kPin |
| 419 | : LoginMetricsRecorder::AuthMethod::kPassword); |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 420 | login_screen_client_->AuthenticateUser( |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 421 | account_id, hashed_password, sync_password_data, is_pin, |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 422 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 423 | weak_factory_.GetWeakPtr(), base::Passed(&callback))); |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 424 | } |
| 425 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 426 | void LoginScreenController::OnAuthenticateComplete( |
| 427 | OnAuthenticateCallback callback, |
| 428 | bool success) { |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 429 | authentication_stage_ = AuthenticationStage::kUserCallback; |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 430 | std::move(callback).Run(success); |
Jacob Dufault | 8876ba8 | 2018-03-27 22:55:43 | [diff] [blame] | 431 | authentication_stage_ = AuthenticationStage::kIdle; |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 432 | } |
| 433 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 434 | LoginDataDispatcher* LoginScreenController::DataDispatcher() const { |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 435 | if (!ash::LockScreen::IsShown()) |
| 436 | return nullptr; |
| 437 | return ash::LockScreen::Get()->data_dispatcher(); |
| 438 | } |
| 439 | |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 440 | void LoginScreenController::OnShow() { |
| 441 | SetSystemTrayVisibility(SystemTrayVisibility::kPrimary); |
Jacob Dufault | c06d6ca | 2018-04-24 23:49:17 | [diff] [blame] | 442 | if (authentication_stage_ != AuthenticationStage::kIdle) { |
| 443 | AuthenticationStage authentication_stage = authentication_stage_; |
| 444 | base::debug::Alias(&authentication_stage); |
| 445 | LOG(FATAL) << "Unexpected authentication stage " |
| 446 | << static_cast<int>(authentication_stage_); |
| 447 | } |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 448 | } |
| 449 | |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 450 | } // namespace ash |