[Chrome OS] Fix a couple of problems around CAPTCHA handling upon password changes

This CL fixes two problems with CAPTCHA handling in the case where we
are attempting to re-auth with a new password.  First, in cases where
repeated auth attempts triggered a CAPTCHA, we were not reporting this
to the UI correctly.  Second, in cases where the user was re-prompted
for her password AND was in the CAPTCHA state, we weren't keeping
track of the captcha token properly, and so we were not actually able
to clear the CAPTCHA at all.

BUG=chromium-os:10155
TEST=unit tests, install on device and try it

Review URL: http://codereview.chromium.org/6190004

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71204 0039d316-1c4b-4281-b951-d872f2087c98

6 files changed, 130 insertions, 3 deletions

diff --git a/chrome/browser/chromeos/login/login_performer.cc b/chrome/browser/chromeos/login/login_performer.cc
index d6ea7d9..8105f7a 100644
--- a/chrome/browser/chromeos/login/login_performer.cc
+++ b/chrome/browser/chromeos/login/login_performer.cc
@@ -338,6 +338,7 @@ void LoginPerformer::ResolveInitialNetworkAuthFailure() {
       // Request screen lock & show error message there.
     case GoogleServiceAuthError::CAPTCHA_REQUIRED:
       // User is requested to enter CAPTCHA challenge.
+      captcha_token_ = last_login_failure_.error().captcha().token;
       RequestScreenLock();
       return;
     default:
@@ -405,6 +406,7 @@ void LoginPerformer::ResolveLockNetworkAuthFailure() {
       break;
     case GoogleServiceAuthError::CAPTCHA_REQUIRED:
       // User is requested to enter CAPTCHA challenge.
+      captcha_token_ = last_login_failure_.error().captcha().token;
       msg = l10n_util::GetStringUTF16(IDS_LOGIN_ERROR_PASSWORD_CHANGED);
       ScreenLocker::default_screen_locker()->ShowCaptchaAndErrorMessage(
           last_login_failure_.error().captcha().image_url,
diff --git a/chrome/browser/chromeos/login/mock_url_fetchers.cc b/chrome/browser/chromeos/login/mock_url_fetchers.cc
index cc2b67a..dec800b 100644
--- a/chrome/browser/chromeos/login/mock_url_fetchers.cc
+++ b/chrome/browser/chromeos/login/mock_url_fetchers.cc
@@ -7,6 +7,7 @@
 #include <errno.h>
 
 #include "base/message_loop.h"
+#include "base/stringprintf.h"
 #include "chrome/browser/browser_thread.h"
 #include "chrome/common/net/http_return.h"
 #include "chrome/common/net/url_fetcher.h"
@@ -107,7 +108,17 @@ void FailFetcher::Start() {
                                  std::string());
 }
 
-HostedFetcher::HostedFetcher(bool success,
+// static
+const char CaptchaFetcher::kCaptchaToken[] = "token";
+// static
+const char CaptchaFetcher::kCaptchaUrlBase[] = "http://www.google.com/accounts/";
+// static
+const char CaptchaFetcher::kCaptchaUrlFragment[] = "fragment";
+// static
+const char CaptchaFetcher::kUnlockUrl[] = "http://what.ever";
+
+
+CaptchaFetcher::CaptchaFetcher(bool success,
                                const GURL& url,
                                const std::string& results,
                                URLFetcher::RequestType request_type,
@@ -116,6 +127,50 @@ HostedFetcher::HostedFetcher(bool success,
       url_(url) {
 }
 
+CaptchaFetcher::~CaptchaFetcher() {}
+
+// static
+std::string CaptchaFetcher::GetCaptchaToken() {
+  return kCaptchaToken;
+}
+
+// static
+std::string CaptchaFetcher::GetCaptchaUrl() {
+  return std::string(kCaptchaUrlBase).append(kCaptchaUrlFragment);
+}
+
+// static
+std::string CaptchaFetcher::GetUnlockUrl() {
+  return kUnlockUrl;
+}
+
+void CaptchaFetcher::Start() {
+  URLRequestStatus success(URLRequestStatus::SUCCESS, 0);
+  std::string body = base::StringPrintf("Error=%s\n"
+                                        "Url=%s\n"
+                                        "CaptchaUrl=%s\n"
+                                        "CaptchaToken=%s\n",
+                                        "CaptchaRequired",
+                                        kUnlockUrl,
+                                        kCaptchaUrlFragment,
+                                        kCaptchaToken);
+  delegate()->OnURLFetchComplete(this,
+                                 url_,
+                                 success,
+                                 RC_FORBIDDEN,
+                                 ResponseCookies(),
+                                 body);
+}
+
+HostedFetcher::HostedFetcher(bool success,
+                             const GURL& url,
+                             const std::string& results,
+                             URLFetcher::RequestType request_type,
+                             URLFetcher::Delegate* d)
+    : URLFetcher(url, request_type, d),
+      url_(url) {
+}
+
 HostedFetcher::~HostedFetcher() {}
 
 void HostedFetcher::Start() {
diff --git a/chrome/browser/chromeos/login/mock_url_fetchers.h b/chrome/browser/chromeos/login/mock_url_fetchers.h
index c3fd37b..522fc7e 100644
--- a/chrome/browser/chromeos/login/mock_url_fetchers.h
+++ b/chrome/browser/chromeos/login/mock_url_fetchers.h
@@ -87,6 +87,31 @@ class FailFetcher : public URLFetcher {
   DISALLOW_COPY_AND_ASSIGN(FailFetcher);
 };
 
+class CaptchaFetcher : public URLFetcher {
+ public:
+  CaptchaFetcher(bool success,
+                 const GURL& url,
+                 const std::string& results,
+                 URLFetcher::RequestType request_type,
+                 URLFetcher::Delegate* d);
+  virtual ~CaptchaFetcher();
+
+  static std::string GetCaptchaToken();
+  static std::string GetCaptchaUrl();
+  static std::string GetUnlockUrl();
+
+  void Start();
+
+ private:
+  static const char kCaptchaToken[];
+  static const char kCaptchaUrlBase[];
+  static const char kCaptchaUrlFragment[];
+  static const char kUnlockUrl[];
+  GURL url_;
+
+  DISALLOW_COPY_AND_ASSIGN(CaptchaFetcher);
+};
+
 class HostedFetcher : public URLFetcher {
  public:
   HostedFetcher(bool success,
diff --git a/chrome/browser/chromeos/login/online_attempt.cc b/chrome/browser/chromeos/login/online_attempt.cc
index 2b891bd..2773874 100644
--- a/chrome/browser/chromeos/login/online_attempt.cc
+++ b/chrome/browser/chromeos/login/online_attempt.cc
@@ -115,7 +115,7 @@ void OnlineAttempt::OnClientLoginFailure(
 
     return;
   }
-
+  VLOG(2) << "ClientLogin attempt failed with " << error.state();
   TriggerResolve(GaiaAuthConsumer::ClientLoginResult(),
                  LoginFailure::FromNetworkAuthFailure(error));
 }
diff --git a/chrome/browser/chromeos/login/parallel_authenticator.cc b/chrome/browser/chromeos/login/parallel_authenticator.cc
index e8bd65a..70d2fdc 100644
--- a/chrome/browser/chromeos/login/parallel_authenticator.cc
+++ b/chrome/browser/chromeos/login/parallel_authenticator.cc
@@ -352,7 +352,9 @@ void ParallelAuthenticator::Resolve() {
       BrowserThread::PostTask(
           BrowserThread::UI, FROM_HERE,
           NewRunnableMethod(this, &ParallelAuthenticator::OnLoginFailure,
-                            current_state_->online_outcome()));
+                            (reauth_state_.get() ?
+                             reauth_state_->online_outcome() :
+                             current_state_->online_outcome())));
       break;
     case HAVE_NEW_PW:
       key_migrator_ =
diff --git a/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc b/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc
index f6200d7..34eaea4 100644
--- a/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc
+++ b/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc
@@ -576,6 +576,49 @@ TEST_F(ParallelAuthenticatorTest, DriveOfflineLoginGetNewPassword) {
   message_loop_.Run();
 }
 
+TEST_F(ParallelAuthenticatorTest, DriveOfflineLoginGetCaptchad) {
+  ExpectLoginSuccess(username_, password_, result_, true);
+  FailOnLoginFailure();
+  EXPECT_CALL(*mock_library_, GetSystemSalt())
+      .WillOnce(Return(CryptohomeBlob(2, 0)))
+      .RetiresOnSaturation();
+
+  // Set up state as though a cryptohome mount attempt has occurred and
+  // succeeded; also, an online request that never made it.
+  state_->PresetCryptohomeStatus(true, 0);
+  // state_ is released further down.
+  SetAttemptState(auth_, state_.get());
+  RunResolve(auth_.get(), &message_loop_);
+
+  // Offline login has completed, so now we "complete" the online request.
+  GoogleServiceAuthError error(
+      GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS);
+  LoginFailure failure = LoginFailure::FromNetworkAuthFailure(error);
+  state_.release()->PresetOnlineLoginStatus(result_, failure);
+  ExpectLoginFailure(failure);
+
+  RunResolve(auth_.get(), &message_loop_);
+
+  // After the request below completes, OnLoginSuccess gets called again.
+  failure = LoginFailure::FromNetworkAuthFailure(
+      GoogleServiceAuthError::FromCaptchaChallenge(
+          CaptchaFetcher::GetCaptchaToken(),
+          GURL(CaptchaFetcher::GetCaptchaUrl()),
+          GURL(CaptchaFetcher::GetUnlockUrl())));
+  ExpectLoginFailure(failure);
+
+  MockFactory<CaptchaFetcher> factory;
+  URLFetcher::set_factory(&factory);
+  TestingProfile profile;
+
+  auth_->RetryAuth(&profile,
+                   username_,
+                   std::string(),
+                   std::string(),
+                   std::string());
+  message_loop_.Run();
+}
+
 TEST_F(ParallelAuthenticatorTest, DriveOnlineLogin) {
   GaiaAuthConsumer::ClientLoginResult success("sid", "lsid", "", "");
   ExpectLoginSuccess(username_, password_, success, false);