xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 1 | // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 5 | #include "ash/login/login_screen_controller.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 6 | |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 7 | #include "ash/login/lock_screen_apps_focus_observer.h" |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 8 | #include "ash/login/ui/lock_screen.h" |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 9 | #include "ash/login/ui/login_data_dispatcher.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 10 | #include "ash/public/cpp/ash_pref_names.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 11 | #include "ash/root_window_controller.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 12 | #include "ash/session/session_controller.h" |
| 13 | #include "ash/shell.h" |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 14 | #include "ash/system/status_area_widget.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 15 | #include "base/strings/string_number_conversions.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 16 | #include "base/strings/utf_string_conversions.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 17 | #include "chromeos/cryptohome/system_salt_getter.h" |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 18 | #include "chromeos/login/auth/authpolicy_login_helper.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 19 | #include "chromeos/login/auth/user_context.h" |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 20 | #include "components/password_manager/core/browser/hash_password_manager.h" |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 21 | #include "components/prefs/pref_registry_simple.h" |
| 22 | #include "components/prefs/pref_service.h" |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 23 | #include "components/session_manager/session_manager_types.h" |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 24 | |
| 25 | namespace ash { |
| 26 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 27 | namespace { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 28 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 29 | std::string CalculateHash(const std::string& password, |
| 30 | const std::string& salt, |
| 31 | chromeos::Key::KeyType key_type) { |
| 32 | chromeos::Key key(password); |
| 33 | key.Transform(key_type, salt); |
| 34 | return key.GetSecret(); |
| 35 | } |
| 36 | |
Aga Wronska | a844cdcd1 | 2018-01-29 16:06:44 | [diff] [blame] | 37 | enum class SystemTrayVisibility { |
| 38 | kNone, // Tray not visible anywhere. |
| 39 | kPrimary, // Tray visible only on primary display. |
| 40 | kAll, // Tray visible on all displays. |
| 41 | }; |
| 42 | |
| 43 | void SetSystemTrayVisibility(SystemTrayVisibility visibility) { |
| 44 | RootWindowController* primary_window_controller = |
| 45 | Shell::GetPrimaryRootWindowController(); |
| 46 | for (RootWindowController* window_controller : |
| 47 | Shell::GetAllRootWindowControllers()) { |
| 48 | StatusAreaWidget* status_area = window_controller->GetStatusAreaWidget(); |
| 49 | if (!status_area) |
| 50 | continue; |
| 51 | if (window_controller == primary_window_controller) { |
| 52 | status_area->SetSystemTrayVisibility( |
| 53 | visibility == SystemTrayVisibility::kPrimary || |
| 54 | visibility == SystemTrayVisibility::kAll); |
| 55 | } else { |
| 56 | status_area->SetSystemTrayVisibility(visibility == |
| 57 | SystemTrayVisibility::kAll); |
| 58 | } |
| 59 | } |
Aga Wronska | 16abb43 | 2018-01-11 23:49:59 | [diff] [blame] | 60 | } |
| 61 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 62 | } // namespace |
| 63 | |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 64 | LoginScreenController::LoginScreenController() : weak_factory_(this) {} |
James Cook | 8f1e606 | 2017-11-13 23:40:59 | [diff] [blame] | 65 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 66 | LoginScreenController::~LoginScreenController() = default; |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 67 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 68 | // static |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 69 | void LoginScreenController::RegisterProfilePrefs(PrefRegistrySimple* registry, |
| 70 | bool for_test) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 71 | if (for_test) { |
| 72 | // There is no remote pref service, so pretend that ash owns the pref. |
| 73 | registry->RegisterStringPref(prefs::kQuickUnlockPinSalt, ""); |
| 74 | return; |
| 75 | } |
| 76 | |
| 77 | // Pref is owned by chrome and flagged as PUBLIC. |
| 78 | registry->RegisterForeignPref(prefs::kQuickUnlockPinSalt); |
| 79 | } |
| 80 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 81 | void LoginScreenController::BindRequest(mojom::LoginScreenRequest request) { |
James Cook | ede316a | 2017-12-14 22:38:43 | [diff] [blame] | 82 | bindings_.AddBinding(this, std::move(request)); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 83 | } |
| 84 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 85 | void LoginScreenController::SetClient(mojom::LoginScreenClientPtr client) { |
| 86 | login_screen_client_ = std::move(client); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 87 | } |
| 88 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 89 | void LoginScreenController::ShowLockScreen(ShowLockScreenCallback on_shown) { |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 90 | OnShow(); |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 91 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLock); |
| 92 | std::move(on_shown).Run(true); |
| 93 | } |
| 94 | |
| 95 | void LoginScreenController::ShowLoginScreen(ShowLoginScreenCallback on_shown) { |
| 96 | // Login screen can only be used during login. |
| 97 | if (Shell::Get()->session_controller()->GetSessionState() != |
| 98 | session_manager::SessionState::LOGIN_PRIMARY) { |
| 99 | std::move(on_shown).Run(false); |
| 100 | return; |
| 101 | } |
| 102 | |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 103 | OnShow(); |
Jacob Dufault | 957e092 | 2017-12-06 19:16:09 | [diff] [blame] | 104 | // TODO(jdufault): rename ash::LockScreen to ash::LoginScreen. |
| 105 | ash::LockScreen::Show(ash::LockScreen::ScreenType::kLogin); |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 106 | std::move(on_shown).Run(true); |
| 107 | } |
| 108 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 109 | void LoginScreenController::ShowErrorMessage(int32_t login_attempts, |
| 110 | const std::string& error_text, |
| 111 | const std::string& help_link_text, |
| 112 | int32_t help_topic_id) { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 113 | NOTIMPLEMENTED(); |
| 114 | } |
| 115 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 116 | void LoginScreenController::ClearErrors() { |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 117 | NOTIMPLEMENTED(); |
| 118 | } |
| 119 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 120 | void LoginScreenController::ShowUserPodCustomIcon( |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 121 | const AccountId& account_id, |
Jacob Dufault | c5738ca | 2017-10-16 23:18:16 | [diff] [blame] | 122 | mojom::EasyUnlockIconOptionsPtr icon) { |
Jacob Dufault | a022559 | 2017-10-17 21:53:38 | [diff] [blame] | 123 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 124 | } |
| 125 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 126 | void LoginScreenController::HideUserPodCustomIcon(const AccountId& account_id) { |
Jacob Dufault | a022559 | 2017-10-17 21:53:38 | [diff] [blame] | 127 | auto icon_options = mojom::EasyUnlockIconOptions::New(); |
| 128 | icon_options->icon = mojom::EasyUnlockIconId::NONE; |
| 129 | DataDispatcher()->ShowEasyUnlockIcon(account_id, icon_options); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 130 | } |
| 131 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 132 | void LoginScreenController::SetAuthType( |
xiaoyinh | 820778c5 | 2017-06-21 01:42:51 | [diff] [blame] | 133 | const AccountId& account_id, |
| 134 | proximity_auth::mojom::AuthType auth_type, |
| 135 | const base::string16& initial_value) { |
Jacob Dufault | a022559 | 2017-10-17 21:53:38 | [diff] [blame] | 136 | if (auth_type == proximity_auth::mojom::AuthType::USER_CLICK) { |
| 137 | DataDispatcher()->SetClickToUnlockEnabledForUser(account_id, |
| 138 | true /*enabled*/); |
| 139 | } else { |
| 140 | NOTIMPLEMENTED(); |
| 141 | } |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 142 | } |
| 143 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 144 | void LoginScreenController::LoadUsers( |
| 145 | std::vector<mojom::LoginUserInfoPtr> users, |
| 146 | bool show_guest) { |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 147 | DCHECK(DataDispatcher()); |
| 148 | |
Sarah Hu | f3a99dd0 | 2017-10-03 22:04:11 | [diff] [blame] | 149 | DataDispatcher()->NotifyUsers(users); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 150 | } |
| 151 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 152 | void LoginScreenController::SetPinEnabledForUser(const AccountId& account_id, |
| 153 | bool is_enabled) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 154 | // Chrome will update pin pod state every time user tries to authenticate. |
| 155 | // LockScreen is destroyed in the case of authentication success. |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 156 | if (DataDispatcher()) |
| 157 | DataDispatcher()->SetPinEnabledForUser(account_id, is_enabled); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 158 | } |
| 159 | |
Wenzhao Zang | a05dcefc | 2017-11-30 05:50:03 | [diff] [blame] | 160 | void LoginScreenController::SetDevChannelInfo( |
| 161 | const std::string& os_version_label_text, |
| 162 | const std::string& enterprise_info_text, |
| 163 | const std::string& bluetooth_name) { |
| 164 | if (DataDispatcher()) { |
| 165 | DataDispatcher()->SetDevChannelInfo(os_version_label_text, |
| 166 | enterprise_info_text, bluetooth_name); |
| 167 | } |
| 168 | } |
| 169 | |
Sarah Hu | 0bfd187 | 2017-12-12 18:00:05 | [diff] [blame] | 170 | void LoginScreenController::IsReadyForPassword( |
| 171 | IsReadyForPasswordCallback callback) { |
| 172 | std::move(callback).Run(LockScreen::IsShown() && !is_authenticating_); |
| 173 | } |
| 174 | |
Sarah Hu | f4cbba8 | 2018-03-07 01:34:12 | [diff] [blame] | 175 | void LoginScreenController::SetPublicSessionDisplayName( |
| 176 | const AccountId& account_id, |
| 177 | const std::string& display_name) { |
| 178 | if (DataDispatcher()) |
| 179 | DataDispatcher()->SetPublicSessionDisplayName(account_id, display_name); |
| 180 | } |
| 181 | |
| 182 | void LoginScreenController::SetPublicSessionLocales( |
| 183 | const AccountId& account_id, |
| 184 | std::unique_ptr<base::ListValue> locales, |
| 185 | const std::string& default_locale, |
| 186 | bool show_advanced_view) { |
| 187 | if (DataDispatcher()) { |
| 188 | DataDispatcher()->SetPublicSessionLocales( |
| 189 | account_id, std::move(locales), default_locale, show_advanced_view); |
| 190 | } |
| 191 | } |
| 192 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 193 | void LoginScreenController::AuthenticateUser(const AccountId& account_id, |
| 194 | const std::string& password, |
| 195 | bool authenticated_by_pin, |
| 196 | OnAuthenticateCallback callback) { |
| 197 | // Ignore concurrent auth attempts. This can happen if the user quickly enters |
| 198 | // two separate passwords and hits enter. |
| 199 | if (!login_screen_client_ || is_authenticating_) { |
| 200 | LOG_IF(ERROR, is_authenticating_) << "Ignoring concurrent auth attempt"; |
| 201 | std::move(callback).Run(base::nullopt); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 202 | return; |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 203 | } |
| 204 | is_authenticating_ = true; |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 205 | |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 206 | // If auth is disabled by the debug overlay bypass the mojo call entirely, as |
| 207 | // it will dismiss the lock screen if the password is correct. |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 208 | switch (force_fail_auth_for_debug_overlay_) { |
| 209 | case ForceFailAuth::kOff: |
| 210 | break; |
| 211 | case ForceFailAuth::kImmediate: |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 212 | OnAuthenticateComplete(std::move(callback), false /*success*/); |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 213 | return; |
| 214 | case ForceFailAuth::kDelayed: |
| 215 | base::ThreadTaskRunnerHandle::Get()->PostDelayedTask( |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 216 | FROM_HERE, |
| 217 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 218 | weak_factory_.GetWeakPtr(), base::Passed(&callback), |
| 219 | false), |
Jacob Dufault | 0fbed9c0 | 2017-11-14 19:22:24 | [diff] [blame] | 220 | base::TimeDelta::FromSeconds(1)); |
| 221 | return; |
Jacob Dufault | eafc6fe | 2017-10-11 21:16:52 | [diff] [blame] | 222 | } |
| 223 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 224 | // |DoAuthenticateUser| requires the system salt, so we fetch it first, and |
| 225 | // then run |DoAuthenticateUser| as a continuation. |
| 226 | auto do_authenticate = base::BindOnce( |
| 227 | &LoginScreenController::DoAuthenticateUser, weak_factory_.GetWeakPtr(), |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 228 | account_id, password, authenticated_by_pin, std::move(callback)); |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 229 | chromeos::SystemSaltGetter::Get()->GetSystemSalt(base::BindRepeating( |
| 230 | &LoginScreenController::OnGetSystemSalt, weak_factory_.GetWeakPtr(), |
| 231 | base::Passed(&do_authenticate))); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 232 | } |
| 233 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 234 | void LoginScreenController::HandleFocusLeavingLockScreenApps(bool reverse) { |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 235 | for (auto& observer : lock_screen_apps_focus_observers_) |
| 236 | observer.OnFocusLeavingLockScreenApps(reverse); |
| 237 | } |
| 238 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 239 | void LoginScreenController::AttemptUnlock(const AccountId& account_id) { |
| 240 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 241 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 242 | login_screen_client_->AttemptUnlock(account_id); |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 243 | |
| 244 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 245 | LoginMetricsRecorder::AuthMethod::kSmartlock); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 246 | } |
| 247 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 248 | void LoginScreenController::HardlockPod(const AccountId& account_id) { |
| 249 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 250 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 251 | login_screen_client_->HardlockPod(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 252 | } |
| 253 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 254 | void LoginScreenController::RecordClickOnLockIcon(const AccountId& account_id) { |
| 255 | if (!login_screen_client_) |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 256 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 257 | login_screen_client_->RecordClickOnLockIcon(account_id); |
xiaoyinh | 9f6fa0e | 2017-06-07 19:22:32 | [diff] [blame] | 258 | } |
| 259 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 260 | void LoginScreenController::OnFocusPod(const AccountId& account_id) { |
| 261 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 262 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 263 | login_screen_client_->OnFocusPod(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 264 | } |
| 265 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 266 | void LoginScreenController::OnNoPodFocused() { |
| 267 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 268 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 269 | login_screen_client_->OnNoPodFocused(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 270 | } |
| 271 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 272 | void LoginScreenController::LoadWallpaper(const AccountId& account_id) { |
| 273 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 274 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 275 | login_screen_client_->LoadWallpaper(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 276 | } |
| 277 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 278 | void LoginScreenController::SignOutUser() { |
| 279 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 280 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 281 | login_screen_client_->SignOutUser(); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 282 | } |
| 283 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 284 | void LoginScreenController::CancelAddUser() { |
| 285 | if (!login_screen_client_) |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 286 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 287 | login_screen_client_->CancelAddUser(); |
Wenzhao Zang | 16e7ea72 | 2017-09-16 01:27:30 | [diff] [blame] | 288 | } |
| 289 | |
Aga Wronska | 6a32f987 | 2018-01-06 00:16:10 | [diff] [blame] | 290 | void LoginScreenController::LoginAsGuest() { |
| 291 | if (!login_screen_client_) |
| 292 | return; |
| 293 | login_screen_client_->LoginAsGuest(); |
| 294 | } |
| 295 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 296 | void LoginScreenController::OnMaxIncorrectPasswordAttempted( |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 297 | const AccountId& account_id) { |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 298 | if (!login_screen_client_) |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 299 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 300 | login_screen_client_->OnMaxIncorrectPasswordAttempted(account_id); |
xiaoyinh | f534c4f | 2017-06-13 20:50:27 | [diff] [blame] | 301 | } |
| 302 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 303 | void LoginScreenController::FocusLockScreenApps(bool reverse) { |
| 304 | if (!login_screen_client_) |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 305 | return; |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 306 | login_screen_client_->FocusLockScreenApps(reverse); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 307 | } |
| 308 | |
Sarah Hu | 9fba0e75 | 2018-02-07 01:41:09 | [diff] [blame] | 309 | void LoginScreenController::ShowGaiaSignin() { |
| 310 | if (!login_screen_client_) |
| 311 | return; |
| 312 | login_screen_client_->ShowGaiaSignin(); |
| 313 | } |
| 314 | |
Jacob Dufault | fc31c74 | 2018-03-20 17:32:19 | [diff] [blame^] | 315 | void LoginScreenController::OnRemoveUserWarningShown() { |
| 316 | if (!login_screen_client_) |
| 317 | return; |
| 318 | login_screen_client_->OnRemoveUserWarningShown(); |
| 319 | } |
| 320 | |
| 321 | void LoginScreenController::RemoveUser(const AccountId& account_id) { |
| 322 | if (!login_screen_client_) |
| 323 | return; |
| 324 | login_screen_client_->RemoveUser(account_id); |
| 325 | } |
| 326 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 327 | void LoginScreenController::AddLockScreenAppsFocusObserver( |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 328 | LockScreenAppsFocusObserver* observer) { |
| 329 | lock_screen_apps_focus_observers_.AddObserver(observer); |
| 330 | } |
| 331 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 332 | void LoginScreenController::RemoveLockScreenAppsFocusObserver( |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 333 | LockScreenAppsFocusObserver* observer) { |
| 334 | lock_screen_apps_focus_observers_.RemoveObserver(observer); |
| 335 | } |
| 336 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 337 | void LoginScreenController::FlushForTesting() { |
| 338 | login_screen_client_.FlushForTesting(); |
Toni Barzic | f61c445 | 2017-10-05 03:57:48 | [diff] [blame] | 339 | } |
| 340 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 341 | void LoginScreenController::DoAuthenticateUser(const AccountId& account_id, |
| 342 | const std::string& password, |
| 343 | bool authenticated_by_pin, |
| 344 | OnAuthenticateCallback callback, |
| 345 | const std::string& system_salt) { |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 346 | int dummy_value; |
| 347 | bool is_pin = |
| 348 | authenticated_by_pin && base::StringToInt(password, &dummy_value); |
| 349 | std::string hashed_password = CalculateHash( |
| 350 | password, system_salt, chromeos::Key::KEY_TYPE_SALTED_SHA256_TOP_HALF); |
| 351 | |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 352 | // Used for GAIA password reuse detection. |
| 353 | password_manager::SyncPasswordData sync_password_data( |
| 354 | base::UTF8ToUTF16(password), /*force_update=*/false); |
| 355 | |
Sarah Hu | 069eea1 | 2017-09-08 01:28:40 | [diff] [blame] | 356 | PrefService* prefs = |
| 357 | Shell::Get()->session_controller()->GetLastActiveUserPrefService(); |
| 358 | if (is_pin && prefs) { |
| 359 | hashed_password = |
| 360 | CalculateHash(password, prefs->GetString(prefs::kQuickUnlockPinSalt), |
| 361 | chromeos::Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234); |
| 362 | } |
| 363 | |
Roman Sorokin | c559001 | 2017-09-28 00:48:29 | [diff] [blame] | 364 | if (account_id.GetAccountType() == AccountType::ACTIVE_DIRECTORY && !is_pin) { |
| 365 | // Try to get kerberos TGT while we have user's password typed on the lock |
| 366 | // screen. Using invalid/bad password is fine. Failure to get TGT here is OK |
| 367 | // - that could mean e.g. Active Directory server is not reachable. |
| 368 | // AuthPolicyCredentialsManager regularly checks TGT status inside the user |
| 369 | // session. |
| 370 | chromeos::AuthPolicyLoginHelper::TryAuthenticateUser( |
| 371 | account_id.GetUserEmail(), account_id.GetObjGuid(), password); |
| 372 | } |
| 373 | |
Sarah Hu | e0e01a5 | 2017-10-25 20:29:30 | [diff] [blame] | 374 | Shell::Get()->metrics()->login_metrics_recorder()->SetAuthMethod( |
| 375 | is_pin ? LoginMetricsRecorder::AuthMethod::kPin |
| 376 | : LoginMetricsRecorder::AuthMethod::kPassword); |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 377 | login_screen_client_->AuthenticateUser( |
Jialiu Lin | f99b788b | 2018-01-17 23:01:21 | [diff] [blame] | 378 | account_id, hashed_password, sync_password_data, is_pin, |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 379 | base::BindOnce(&LoginScreenController::OnAuthenticateComplete, |
| 380 | weak_factory_.GetWeakPtr(), base::Passed(&callback))); |
jdufault | eb4c9f1e | 2017-06-08 23:08:30 | [diff] [blame] | 381 | } |
| 382 | |
Jacob Dufault | b7a2d84 | 2017-12-01 23:21:15 | [diff] [blame] | 383 | void LoginScreenController::OnAuthenticateComplete( |
| 384 | OnAuthenticateCallback callback, |
| 385 | bool success) { |
| 386 | is_authenticating_ = false; |
| 387 | std::move(callback).Run(success); |
| 388 | } |
| 389 | |
| 390 | void LoginScreenController::OnGetSystemSalt(PendingDoAuthenticateUser then, |
| 391 | const std::string& system_salt) { |
| 392 | std::move(then).Run(system_salt); |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 393 | } |
| 394 | |
Jacob Dufault | ffd9b0d | 2017-11-15 23:07:16 | [diff] [blame] | 395 | LoginDataDispatcher* LoginScreenController::DataDispatcher() const { |
Jacob Dufault | 40623d5 | 2017-09-15 17:22:53 | [diff] [blame] | 396 | if (!ash::LockScreen::IsShown()) |
| 397 | return nullptr; |
| 398 | return ash::LockScreen::Get()->data_dispatcher(); |
| 399 | } |
| 400 | |
Jacob Dufault | cbc1ee0 | 2018-02-28 18:38:54 | [diff] [blame] | 401 | void LoginScreenController::OnShow() { |
| 402 | SetSystemTrayVisibility(SystemTrayVisibility::kPrimary); |
| 403 | is_authenticating_ = false; |
| 404 | } |
| 405 | |
xiaoyinh | 2bbdd10 | 2017-05-18 23:29:42 | [diff] [blame] | 406 | } // namespace ash |