summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoratwilson@chromium.org <atwilson@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-09-10 02:04:07 +0000
committeratwilson@chromium.org <atwilson@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-09-10 02:04:07 +0000
commit202b5644a77bd7eb5ba5e912124f9e90236fd61f (patch)
tree6675092604e167b54c3207722d2f24c1950e351b
parent06c75029783496f78406bf6ce0d73de02b3124d4 (diff)
downloadchromium_src-202b5644a77bd7eb5ba5e912124f9e90236fd61f.zip
chromium_src-202b5644a77bd7eb5ba5e912124f9e90236fd61f.tar.gz
chromium_src-202b5644a77bd7eb5ba5e912124f9e90236fd61f.tar.bz2
Now properly handles gaia passphrases changing.
Properly prompts the user to enter their previous GAIA passphrase as appropriate if the user has changed their GAIA passphrase and there's still sync data on the server encrypted with the old one. BUG=95632,72381 TEST=sync auth test cases, including changing gaia passphrase Review URL: http://codereview.chromium.org/7857021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@100559 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat
-rw-r--r--chrome/app/generated_resources.grd3
-rw-r--r--chrome/browser/resources/sync_setup_overlay.html3
-rw-r--r--chrome/browser/resources/sync_setup_overlay.js17
-rw-r--r--chrome/browser/sync/sync_setup_flow.cc47
-rw-r--r--chrome/browser/sync/sync_setup_flow.h19
-rw-r--r--chrome/browser/ui/webui/sync_setup_handler.cc24
6 files changed, 82 insertions, 31 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd
index 38fe31d..ed02805 100644
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -9955,6 +9955,9 @@ Keep your key file in a safe place. You will need it to create new versions of y
<message name="IDS_SYNC_ENTER_OTHER_PASSPHRASE_BODY" desc="Instructions for the dialog where the user needs to enter a different passphrase.">
The passphrase you entered can't be used because you already have data encrypted with a passphrase. Please enter your existing sync passphrase below.
</message>
+ <message name="IDS_SYNC_ENTER_GOOGLE_PASSPHRASE_BODY" desc="Instructions for the dialog where the user needs to enter their previous google passphrase.">
+ You already have data that is encrypted using a different version of your Google Account password. Please enter your previous Google Account password below.
+ </message>
<message name="IDS_SYNC_PASSPHRASE_LABEL" desc="Label for the passphrase field.">
Passphrase
</message>
diff --git a/chrome/browser/resources/sync_setup_overlay.html b/chrome/browser/resources/sync_setup_overlay.html
index 8245189..6dbea8d 100644
--- a/chrome/browser/resources/sync_setup_overlay.html
+++ b/chrome/browser/resources/sync_setup_overlay.html
@@ -407,6 +407,9 @@
<div id="passphrase-rejected-body"
i18n-content="enterOtherPassphraseBody" hidden>
</div>
+ <div id="google-passphrase-needed-body"
+ i18n-content="enterGooglePassphraseBody" hidden>
+ </div>
</div>
<div id="passphrase-input">
<input id="passphrase" name="passphrase" type="password"
diff --git a/chrome/browser/resources/sync_setup_overlay.js b/chrome/browser/resources/sync_setup_overlay.js
index 0a9c3b5..39f5b8d 100644
--- a/chrome/browser/resources/sync_setup_overlay.js
+++ b/chrome/browser/resources/sync_setup_overlay.js
@@ -218,10 +218,14 @@ cr.define('options', function() {
var usePassphrase;
var customPassphrase;
+ var googlePassphrase = false;
if (!$('sync-existing-passphrase-container').hidden) {
// If we were prompted for an existing passphrase, use it.
customPassphrase = f.passphrase.value;
usePassphrase = true;
+ // If we were displaying the "enter your old google password" prompt,
+ // then that means this is the user's google password.
+ googlePassphrase = !$('google-passphrase-needed-body').hidden;
// We allow an empty passphrase, in case the user has disabled
// all their encrypted datatypes. In that case, the PSS will accept
// the passphrase and finish configuration. If the user has enabled
@@ -260,6 +264,7 @@ cr.define('options', function() {
"syncSessions": syncAll || $('sessions-checkbox').checked,
"encryptAllData": encryptAllData,
"usePassphrase": usePassphrase,
+ "isGooglePassphrase": googlePassphrase,
"passphrase": customPassphrase
});
chrome.send('SyncSetupConfigure', [result]);
@@ -474,13 +479,19 @@ cr.define('options', function() {
$('sync-custom-passphrase-container').hidden = true;
$('sync-existing-passphrase-container').hidden = false;
- if (args["passphrase_creation_rejected"])
+ $('passphrase-rejected-body').hidden = true;
+ $('normal-body').hidden = true;
+ $('google-passphrase-needed-body').hidden = true;
+ // Display the correct prompt to the user depending on what type of
+ // passphrase is needed.
+ if (args["need_google_passphrase"])
+ $('google-passphrase-needed-body').hidden = false;
+ else if (args["passphrase_creation_rejected"])
$('passphrase-rejected-body').hidden = false;
else
$('normal-body').hidden = false;
- if (args["passphrase_setting_rejected"])
- $('incorrect-passphrase').hidden = false;
+ $('incorrect-passphrase').hidden = !args["passphrase_setting_rejected"];
$('sync-passphrase-warning').hidden = false;
diff --git a/chrome/browser/sync/sync_setup_flow.cc b/chrome/browser/sync/sync_setup_flow.cc
index 5cf83b2..c1366a2 100644
--- a/chrome/browser/sync/sync_setup_flow.cc
+++ b/chrome/browser/sync/sync_setup_flow.cc
@@ -62,7 +62,8 @@ SyncSetupWizard::State GetStepForNonFatalError(ProfileSyncService* service) {
SyncConfiguration::SyncConfiguration()
: encrypt_all(false),
sync_everything(false),
- use_secondary_passphrase(false) {
+ set_secondary_passphrase(false),
+ set_gaia_passphrase(false) {
}
SyncConfiguration::~SyncConfiguration() {}
@@ -177,11 +178,14 @@ void SyncSetupFlow::GetArgsForConfigure(ProfileSyncService* service,
// We need a passphrase, and either it's an explicit passphrase, or we
// don't have a cached gaia passphrase, so we have to prompt the user.
args->SetBoolean("show_passphrase", true);
+ // Tell the UI layer what kind of passphrase we need.
+ args->SetBoolean("need_google_passphrase",
+ !service->IsUsingSecondaryPassphrase());
+ args->SetBoolean("passphrase_creation_rejected",
+ tried_creating_explicit_passphrase_);
+ args->SetBoolean("passphrase_setting_rejected",
+ tried_setting_passphrase_);
}
- args->SetBoolean("passphrase_creation_rejected",
- tried_creating_explicit_passphrase_);
- args->SetBoolean("passphrase_setting_rejected",
- tried_setting_explicit_passphrase_);
}
bool SyncSetupFlow::AttachSyncSetupHandler(SyncSetupFlowHandler* handler) {
@@ -277,36 +281,37 @@ void SyncSetupFlow::OnUserConfigured(const SyncConfiguration& configuration) {
// Note: encryption will not occur until OnUserChoseDatatypes is called.
service_->SetEncryptEverything(configuration.encrypt_all);
- if (!configuration.gaia_passphrase.empty()) {
+ if (configuration.set_gaia_passphrase) {
// Caller passed a gaia passphrase. This is illegal if we are currently
// using a secondary passphrase.
DCHECK(!service_->IsUsingSecondaryPassphrase());
service_->SetPassphrase(configuration.gaia_passphrase, false);
+ // Since the user entered the passphrase manually, set this flag so we can
+ // report an error if the passphrase setting failed.
+ tried_setting_passphrase_ = true;
} else if (!service_->IsUsingSecondaryPassphrase() &&
!cached_passphrase_.empty()) {
// Service needs a GAIA passphrase and we have one cached, so try it.
service_->SetPassphrase(cached_passphrase_, false);
cached_passphrase_.clear();
} else {
+ // We can get here if the user changes their GAIA passphrase but still has
+ // data encrypted with the old passphrase. The UI prompts the user for their
+ // passphrase, but they might just leave it blank/disable the encrypted
+ // types.
// No gaia passphrase cached or set, so make sure the ProfileSyncService
// wasn't expecting one.
- DCHECK(!service_->IsPassphraseRequiredForDecryption() ||
- service_->IsUsingSecondaryPassphrase());
+ DLOG_IF(WARNING, !service_->IsUsingSecondaryPassphrase() &&
+ service_->IsPassphraseRequiredForDecryption()) <<
+ "Google passphrase required but not provided by UI";
}
- // It's possible the user has to provide a secondary passphrase even when
- // they have not set one previously. This occurs when the user has changed
- // their gaia password and then sign in to a new machine for the first time.
- // The new machine will download data encrypted with their old gaia password,
- // which their current gaia password will not be able to decrypt, triggering
- // a prompt for a passphrase. At this point, the user must enter their old
- // password, which we store as a new secondary passphrase.
- // TODO(zea): eventually use the above gaia_passphrase instead of the
- // secondary passphrase in this case.
- if (configuration.use_secondary_passphrase) {
+ // Set the secondary passphrase, either as a decryption passphrase, or
+ // as an attempt to encrypt the user's data using this new passphrase.
+ if (configuration.set_secondary_passphrase) {
service_->SetPassphrase(configuration.secondary_passphrase, true);
if (service_->IsUsingSecondaryPassphrase())
- tried_setting_explicit_passphrase_ = true;
+ tried_setting_passphrase_ = true;
else
tried_creating_explicit_passphrase_ = true;
}
@@ -318,7 +323,7 @@ void SyncSetupFlow::OnUserConfigured(const SyncConfiguration& configuration) {
void SyncSetupFlow::OnPassphraseEntry(const std::string& passphrase) {
Advance(SyncSetupWizard::SETTING_UP);
service_->SetPassphrase(passphrase, true);
- tried_setting_explicit_passphrase_ = true;
+ tried_setting_passphrase_ = true;
}
void SyncSetupFlow::OnPassphraseCancel() {
@@ -342,7 +347,7 @@ SyncSetupFlow::SyncSetupFlow(SyncSetupWizard::State start_state,
flow_handler_(NULL),
service_(service),
tried_creating_explicit_passphrase_(false),
- tried_setting_explicit_passphrase_(false) {
+ tried_setting_passphrase_(false) {
}
// Returns true if the flow should advance to |state| based on |current_state_|.
diff --git a/chrome/browser/sync/sync_setup_flow.h b/chrome/browser/sync/sync_setup_flow.h
index 80225e0..188ac21 100644
--- a/chrome/browser/sync/sync_setup_flow.h
+++ b/chrome/browser/sync/sync_setup_flow.h
@@ -31,8 +31,18 @@ struct SyncConfiguration {
bool encrypt_all;
bool sync_everything;
syncable::ModelTypeSet data_types;
- bool use_secondary_passphrase;
+ // We pass a separate |set_xxxxx_passphrase| flag because sometimes the UI
+ // wants to set an empty gaia/secondary passphrase (for example, when the user
+ // doesn't enter a passphrase, but we still want the ProfileSyncService to
+ // generate a new passphrase error if there are still encrypted types
+ // enabled).
+ // TODO(atwilson): Need to change SyncSetupFlow::OnUserConfigured() to
+ // check for the presence of encrypted types itself, rather than relying on
+ // the hack of passing an empty passphrase/waiting for ProfileSyncService to
+ // receive a new PassphraseRequired (http://crbug.com/95939).
+ bool set_secondary_passphrase;
std::string secondary_passphrase;
+ bool set_gaia_passphrase;
std::string gaia_passphrase;
};
@@ -132,10 +142,13 @@ class SyncSetupFlow {
// We need this to propagate back all user settings changes. Weak reference.
ProfileSyncService* service_;
- // Set to true if we've tried creating/setting an explicit passphrase, so we
+ // Set to true if we've tried creating an explicit passphrase, so we
// can appropriately reflect this in the UI.
bool tried_creating_explicit_passphrase_;
- bool tried_setting_explicit_passphrase_;
+
+ // Set to true if the user entered a passphrase, so we can appropriately
+ // reflect this in the UI.
+ bool tried_setting_passphrase_;
// We track the passphrase the user entered so we can set it when configuring
// the ProfileSyncService.
diff --git a/chrome/browser/ui/webui/sync_setup_handler.cc b/chrome/browser/ui/webui/sync_setup_handler.cc
index 8468e50..73e213f 100644
--- a/chrome/browser/ui/webui/sync_setup_handler.cc
+++ b/chrome/browser/ui/webui/sync_setup_handler.cc
@@ -136,12 +136,27 @@ bool GetConfiguration(const std::string& json, SyncConfiguration* config) {
return false;
// Passphrase settings.
- if (!result->GetBoolean("usePassphrase", &config->use_secondary_passphrase))
- return false;
- if (config->use_secondary_passphrase &&
- !result->GetString("passphrase", &config->secondary_passphrase))
+ bool have_passphrase;
+ if (!result->GetBoolean("usePassphrase", &have_passphrase))
return false;
+ if (have_passphrase) {
+ bool is_gaia;
+ if (!result->GetBoolean("isGooglePassphrase", &is_gaia))
+ return false;
+ std::string passphrase;
+ if (!result->GetString("passphrase", &passphrase))
+ return false;
+ // The user provided a passphrase - pass it off to SyncSetupFlow as either
+ // the secondary or GAIA passphrase as appropriate.
+ if (is_gaia) {
+ config->set_gaia_passphrase = true;
+ config->gaia_passphrase = passphrase;
+ } else {
+ config->set_secondary_passphrase = true;
+ config->secondary_passphrase = passphrase;
+ }
+ }
return true;
}
@@ -261,6 +276,7 @@ void SyncSetupHandler::GetStaticLocalizedValues(
{ "enterPassphraseTitle", IDS_SYNC_ENTER_PASSPHRASE_TITLE },
{ "enterPassphraseBody", IDS_SYNC_ENTER_PASSPHRASE_BODY },
{ "enterOtherPassphraseBody", IDS_SYNC_ENTER_OTHER_PASSPHRASE_BODY },
+ { "enterGooglePassphraseBody", IDS_SYNC_ENTER_GOOGLE_PASSPHRASE_BODY },
{ "passphraseLabel", IDS_SYNC_PASSPHRASE_LABEL },
{ "incorrectPassphrase", IDS_SYNC_INCORRECT_PASSPHRASE },
{ "passphraseWarning", IDS_SYNC_PASSPHRASE_WARNING },
generated by cgit v1.1 at 2025-03-04 02:14:28 +0000