diff options
| author | rogerta@chromium.org <rogerta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-06-21 16:39:21 +0000 |
|---|---|---|
| committer | rogerta@chromium.org <rogerta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-06-21 16:39:21 +0000 |
| commit | 7d155e97457eae44d00863d3e47b926b4744f6e4 (patch) | |
| tree | d54c53b594cc3da2ef1bebc7b6315b633d39b047 /chrome | |
| parent | 985702c9fa95e190d46b2093d542f42e70296ddd (diff) | |
| download | chromium_src-7d155e97457eae44d00863d3e47b926b4744f6e4.zip chromium_src-7d155e97457eae44d00863d3e47b926b4744f6e4.tar.gz chromium_src-7d155e97457eae44d00863d3e47b926b4744f6e4.tar.bz2 | |
When a user logs into sync, the appropriate cookies are retrieved so that
she is already logged into Google web services, and does not need to enter
her username and password again.
This feature is on by default, but can be turned off by specifying
--disable-auto-login on the command line or the about:flags page.
BUG=None
TEST=Make sure the browser has no google or youtube cookies. Either clear
all the cookies or start with a brand new profile. Go to menu item
"Wrench / Options", go to the tab "Personal stuff", and click the "Enable
these features..." button to enable sync. Follow the wizard to login to your
google account and finish the sync process. Once terminated, browse to
gmail.com and you should be already logged in.
Review URL: http://codereview.chromium.org/7121014
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@89842 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
| -rw-r--r-- | chrome/app/generated_resources.grd | 7 | ||||
| -rw-r--r-- | chrome/browser/about_flags.cc | 7 | ||||
| -rw-r--r-- | chrome/browser/chromeos/login/cookie_fetcher_unittest.cc | 7 | ||||
| -rw-r--r-- | chrome/browser/chromeos/login/issue_response_handler.cc | 15 | ||||
| -rw-r--r-- | chrome/browser/chromeos/login/issue_response_handler.h | 3 | ||||
| -rw-r--r-- | chrome/browser/sync/signin_manager.cc | 42 | ||||
| -rw-r--r-- | chrome/browser/sync/signin_manager.h | 14 | ||||
| -rw-r--r-- | chrome/common/chrome_switches.cc | 4 | ||||
| -rw-r--r-- | chrome/common/chrome_switches.h | 1 | ||||
| -rw-r--r-- | chrome/common/net/gaia/gaia_auth_consumer.h | 5 | ||||
| -rw-r--r-- | chrome/common/net/gaia/gaia_auth_fetcher.cc | 49 | ||||
| -rw-r--r-- | chrome/common/net/gaia/gaia_auth_fetcher.h | 17 | ||||
| -rw-r--r-- | chrome/common/net/gaia/gaia_auth_fetcher_unittest.cc | 84 | ||||
| -rw-r--r-- | chrome/common/net/gaia/gaia_urls.cc | 6 |
14 files changed, 245 insertions, 16 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd index a796def..10423c3 100644 --- a/chrome/app/generated_resources.grd +++ b/chrome/app/generated_resources.grd @@ -4323,6 +4323,13 @@ Keep your key file in a safe place. You will need it to create new versions of y <message name="IDS_FLAGS_PRELOAD_INSTANT_SEARCH_DESCRIPTION" desc="Description for the flag to preload Instant search"> Preload the default search engine for Instant. </message> + <message name="IDS_FLAGS_AUTO_LOGIN_NAME" desc="title for the flag to pre- and auto-login the user"> + Disable pre- and auto-login + </message> + <message name="IDS_FLAGS_AUTO_LOGIN_DESCRIPTION" desc="Description for the flag to pre- and auto-login the user"> + Disable pre-login to services when sync is enabled. Also disable infobar on login pages which help automate the login process. + Pre- and auto-login are always disabled if sync is disabled. + </message> <message name="IDS_FLAGS_SHOW_AUTOFILL_TYPE_PREDICTIONS_NAME" desc="Title for the flag to show Autofill field type predictions for all forms"> Show Autofill predictions </message> diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc index 69f994b..f847762 100644 --- a/chrome/browser/about_flags.cc +++ b/chrome/browser/about_flags.cc @@ -332,6 +332,13 @@ const Experiment kExperiments[] = { SINGLE_VALUE_TYPE(switches::kPreloadInstantSearch) }, { + "disable-auto-login", + IDS_FLAGS_AUTO_LOGIN_NAME, + IDS_FLAGS_AUTO_LOGIN_DESCRIPTION, + kOsMac | kOsWin | kOsLinux, + SINGLE_VALUE_TYPE(switches::kDisableAutoLogin) + }, + { "static-ip-config", IDS_FLAGS_STATIC_IP_CONFIG_NAME, IDS_FLAGS_STATIC_IP_CONFIG_DESCRIPTION, diff --git a/chrome/browser/chromeos/login/cookie_fetcher_unittest.cc b/chrome/browser/chromeos/login/cookie_fetcher_unittest.cc index cfefb19..ad2ebb9 100644 --- a/chrome/browser/chromeos/login/cookie_fetcher_unittest.cc +++ b/chrome/browser/chromeos/login/cookie_fetcher_unittest.cc @@ -182,11 +182,10 @@ TEST_F(CookieFetcherTest, ClientLoginResponseHandlerTest) { TEST_F(CookieFetcherTest, IssueResponseHandlerTest) { IssueResponseHandler handler(NULL); - std::string input("a\n"); - std::string expected(GaiaUrls::GetInstance()->token_auth_url()); - expected.append(input); + std::string expected(IssueResponseHandler::BuildTokenAuthUrlWithToken( + std::string("a\n"))); - scoped_ptr<URLFetcher> fetcher(handler.Handle(input, NULL)); + scoped_ptr<URLFetcher> fetcher(handler.Handle(std::string("a\n"), NULL)); EXPECT_EQ(expected, handler.token_url()); } diff --git a/chrome/browser/chromeos/login/issue_response_handler.cc b/chrome/browser/chromeos/login/issue_response_handler.cc index e1a23b7..d62aabb 100644 --- a/chrome/browser/chromeos/login/issue_response_handler.cc +++ b/chrome/browser/chromeos/login/issue_response_handler.cc @@ -25,8 +25,7 @@ URLFetcher* IssueResponseHandler::Handle( const std::string& to_process, URLFetcher::Delegate* catcher) { VLOG(1) << "Handling IssueAuthToken response"; - token_url_.assign(base::StringPrintf("%s%s", - GaiaUrls::GetInstance()->token_auth_url().c_str(), to_process.c_str())); + token_url_.assign(BuildTokenAuthUrlWithToken(to_process)); URLFetcher* fetcher = new URLFetcher(GURL(token_url_), URLFetcher::GET, catcher); fetcher->set_load_flags(net::LOAD_DO_NOT_SEND_COOKIES); @@ -38,4 +37,16 @@ URLFetcher* IssueResponseHandler::Handle( return fetcher; } +// static +std::string IssueResponseHandler::BuildTokenAuthUrlWithToken( + const std::string& token) { + const char kUrlFormat[] = "%s?" + "continue=http://www.google.com/webhp&" + "source=chromeos&" + "auth=%s"; + return base::StringPrintf(kUrlFormat, + GaiaUrls::GetInstance()->token_auth_url().c_str(), + token.c_str()); +} + } // namespace chromeos diff --git a/chrome/browser/chromeos/login/issue_response_handler.h b/chrome/browser/chromeos/login/issue_response_handler.h index c560921..a79f9af 100644 --- a/chrome/browser/chromeos/login/issue_response_handler.h +++ b/chrome/browser/chromeos/login/issue_response_handler.h @@ -42,6 +42,9 @@ class IssueResponseHandler : public AuthResponseHandler { // exposed for testing std::string token_url() { return token_url_; } + // Builds a TokenAuth URL using the specified authorization token. + static std::string BuildTokenAuthUrlWithToken(const std::string& token); + private: std::string token_url_; net::URLRequestContextGetter* getter_; diff --git a/chrome/browser/sync/signin_manager.cc b/chrome/browser/sync/signin_manager.cc index 1ec73e2..11f4bc1 100644 --- a/chrome/browser/sync/signin_manager.cc +++ b/chrome/browser/sync/signin_manager.cc @@ -4,12 +4,15 @@ #include "chrome/browser/sync/signin_manager.h" +#include "base/command_line.h" #include "base/string_util.h" #include "chrome/browser/net/gaia/token_service.h" #include "chrome/browser/prefs/pref_service.h" #include "chrome/browser/profiles/profile.h" +#include "chrome/browser/sync/profile_sync_service.h" #include "chrome/common/net/gaia/gaia_constants.h" #include "chrome/common/pref_names.h" +#include "chrome/common/chrome_switches.h" #include "content/common/notification_service.h" const char kGetInfoEmailKey[] = "email"; @@ -69,6 +72,18 @@ void SigninManager::StartSignIn(const std::string& username, login_token, login_captcha, GaiaAuthFetcher::HostedAccountsNotAllowed); + + // Register for token availability. The signin manager will pre-login the + // user when the GAIA service token is ready for use. Only do this if we + // are not running in ChomiumOS, since it handles pre-login itself. +#if !defined(OS_CHROMEOS) + if (!CommandLine::ForCurrentProcess()->HasSwitch( + switches::kDisableAutoLogin)) { + registrar_.Add(this, + NotificationType::TOKEN_AVAILABLE, + NotificationService::AllSources()); + } +#endif } void SigninManager::ProvideSecondFactorAccessCode( @@ -161,3 +176,30 @@ void SigninManager::OnClientLoginFailure(const GoogleServiceAuthError& error) { SignOut(); } + +void SigninManager::Observe(NotificationType type, + const NotificationSource& source, + const NotificationDetails& details) { +#if !defined(OS_CHROMEOS) + DCHECK(type == NotificationType::TOKEN_AVAILABLE); + TokenService::TokenAvailableDetails* tok_details = + Details<TokenService::TokenAvailableDetails>(details).ptr(); + + // If a GAIA service token has become available, use it to pre-login the + // user to other services that depend on GAIA credentials. + if (tok_details->service() == GaiaConstants::kGaiaService) { + if (client_login_.get() == NULL) { + client_login_.reset(new GaiaAuthFetcher(this, + GaiaConstants::kChromeSource, + profile_->GetRequestContext())); + } + + client_login_->StartTokenAuth(tok_details->token()); + + // We only want to do this once per sign-in. + registrar_.Remove(this, + NotificationType::TOKEN_AVAILABLE, + NotificationService::AllSources()); + } +#endif +} diff --git a/chrome/browser/sync/signin_manager.h b/chrome/browser/sync/signin_manager.h index 603c323..869b652 100644 --- a/chrome/browser/sync/signin_manager.h +++ b/chrome/browser/sync/signin_manager.h @@ -16,6 +16,8 @@ #include "base/memory/scoped_ptr.h" #include "chrome/common/net/gaia/gaia_auth_consumer.h" #include "chrome/common/net/gaia/google_service_auth_error.h" +#include "content/common/notification_observer.h" +#include "content/common/notification_registrar.h" class GaiaAuthFetcher; class Profile; @@ -33,7 +35,7 @@ struct GoogleServiceSigninSuccessDetails { std::string password; }; -class SigninManager : public GaiaAuthConsumer { +class SigninManager : public GaiaAuthConsumer , public NotificationObserver { public: SigninManager(); virtual ~SigninManager(); @@ -75,6 +77,11 @@ class SigninManager : public GaiaAuthConsumer { virtual void OnGetUserInfoKeyNotFound(const std::string& key); virtual void OnGetUserInfoFailure(const GoogleServiceAuthError& error); + // NotificationObserver + virtual void Observe(NotificationType type, + const NotificationSource& source, + const NotificationDetails& details) OVERRIDE; + private: Profile* profile_; std::string username_; @@ -87,6 +94,11 @@ class SigninManager : public GaiaAuthConsumer { // Actual client login handler. scoped_ptr<GaiaAuthFetcher> client_login_; + + // Register for notifications from the TokenService. + NotificationRegistrar registrar_; + + DISALLOW_COPY_AND_ASSIGN(SigninManager); }; #endif // CHROME_BROWSER_SYNC_SIGNIN_MANAGER_H_ diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc index fb3f1e4..d8f7bff 100644 --- a/chrome/common/chrome_switches.cc +++ b/chrome/common/chrome_switches.cc @@ -373,6 +373,10 @@ const char kEnableAeroPeekTabs[] = "enable-aero-peek-tabs"; // for more background. const char kEnableAuthNegotiatePort[] = "enable-auth-negotiate-port"; +// Disable both pre- and auto-login for services attached to a GAIA account +// even when the GAIA credentials are available through sync. +const char kDisableAutoLogin[] = "disable-auto-login"; + // This flag enables UI for clearing server data. Temporarily in place // until there's a server endpoint deployed. const char kEnableClearServerData[] = "enable-clear-server-data"; diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h index 7871120..20a06da 100644 --- a/chrome/common/chrome_switches.h +++ b/chrome/common/chrome_switches.h @@ -111,6 +111,7 @@ extern const char kDomAutomationController[]; extern const char kDumpHistogramsOnExit[]; extern const char kEnableAeroPeekTabs[]; extern const char kEnableAuthNegotiatePort[]; +extern const char kDisableAutoLogin[]; extern const char kEnableClearServerData[]; extern const char kEnableClickToPlay[]; extern const char kEnableCloudPrintProxy[]; diff --git a/chrome/common/net/gaia/gaia_auth_consumer.h b/chrome/common/net/gaia/gaia_auth_consumer.h index 4d6c37d..9878637 100644 --- a/chrome/common/net/gaia/gaia_auth_consumer.h +++ b/chrome/common/net/gaia/gaia_auth_consumer.h @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -46,6 +46,9 @@ class GaiaAuthConsumer { const std::string& value) {} virtual void OnGetUserInfoKeyNotFound(const std::string& key) {} virtual void OnGetUserInfoFailure(const GoogleServiceAuthError& error) {} + + virtual void OnTokenAuthSuccess(const std::string& data) {} + virtual void OnTokenAuthFailure(const GoogleServiceAuthError& error) {} }; #endif // CHROME_COMMON_NET_GAIA_GAIA_AUTH_CONSUMER_H_ diff --git a/chrome/common/net/gaia/gaia_auth_fetcher.cc b/chrome/common/net/gaia/gaia_auth_fetcher.cc index 0e7b6f2..dd125b2 100644 --- a/chrome/common/net/gaia/gaia_auth_fetcher.cc +++ b/chrome/common/net/gaia/gaia_auth_fetcher.cc @@ -49,6 +49,11 @@ const char GaiaAuthFetcher::kIssueAuthTokenFormat[] = // static const char GaiaAuthFetcher::kGetUserInfoFormat[] = "LSID=%s"; +// static +const char GaiaAuthFetcher::kTokenAuthFormat[] = + "auth=%s&" + "continue=%s&" + "source=%s"; // static const char GaiaAuthFetcher::kAccountDeletedError[] = "AccountDeleted"; @@ -92,6 +97,7 @@ GaiaAuthFetcher::GaiaAuthFetcher(GaiaAuthConsumer* consumer, client_login_gurl_(GaiaUrls::GetInstance()->client_login_url()), issue_auth_token_gurl_(GaiaUrls::GetInstance()->issue_auth_token_url()), get_user_info_gurl_(GaiaUrls::GetInstance()->get_user_info_url()), + token_auth_gurl_(GaiaUrls::GetInstance()->token_auth_url()), fetch_pending_(false) {} GaiaAuthFetcher::~GaiaAuthFetcher() {} @@ -188,6 +194,19 @@ std::string GaiaAuthFetcher::MakeGetUserInfoBody(const std::string& lsid) { return base::StringPrintf(kGetUserInfoFormat, encoded_lsid.c_str()); } +// static +std::string GaiaAuthFetcher::MakeTokenAuthBody(const std::string& auth_token, + const std::string& continue_url, + const std::string& source) { + std::string encoded_auth_token = EscapeUrlEncodedData(auth_token, true); + std::string encoded_continue_url = EscapeUrlEncodedData(continue_url, true); + std::string encoded_source = EscapeUrlEncodedData(source, true); + return base::StringPrintf(kTokenAuthFormat, + encoded_auth_token.c_str(), + encoded_continue_url.c_str(), + encoded_source.c_str()); +} + // Helper method that extracts tokens from a successful reply. // static void GaiaAuthFetcher::ParseClientLoginResponse(const std::string& data, @@ -299,6 +318,24 @@ void GaiaAuthFetcher::StartGetUserInfo(const std::string& lsid, fetcher_->Start(); } +void GaiaAuthFetcher::StartTokenAuth(const std::string& auth_token) { + DCHECK(!fetch_pending_) << "Tried to fetch two things at once!"; + + VLOG(1) << "Starting TokenAuth with auth_token=" << auth_token; + + // The continue URL is a required parameter of the TokenAuth API, but in this + // case we don't actually need or want to navigate to it. Setting it to + // an arbitrary Google URL. + std::string continue_url("http://www.google.com"); + request_body_ = MakeTokenAuthBody(auth_token, continue_url, source_); + fetcher_.reset(CreateGaiaFetcher(getter_, + request_body_, + token_auth_gurl_, + this)); + fetch_pending_ = true; + fetcher_->Start(); +} + // static GoogleServiceAuthError GaiaAuthFetcher::GenerateAuthError( const std::string& data, @@ -406,6 +443,16 @@ void GaiaAuthFetcher::OnGetUserInfoFetched( } } +void GaiaAuthFetcher::OnTokenAuthFetched(const std::string& data, + const net::URLRequestStatus& status, + int response_code) { + if (status.is_success() && response_code == RC_REQUEST_OK) { + consumer_->OnTokenAuthSuccess(data); + } else { + consumer_->OnTokenAuthFailure(GenerateAuthError(data, status)); + } +} + void GaiaAuthFetcher::OnURLFetchComplete(const URLFetcher* source, const GURL& url, const net::URLRequestStatus& status, @@ -419,6 +466,8 @@ void GaiaAuthFetcher::OnURLFetchComplete(const URLFetcher* source, OnIssueAuthTokenFetched(data, status, response_code); } else if (url == get_user_info_gurl_) { OnGetUserInfoFetched(data, status, response_code); + } else if (url == token_auth_gurl_) { + OnTokenAuthFetched(data, status, response_code); } else { NOTREACHED(); } diff --git a/chrome/common/net/gaia/gaia_auth_fetcher.h b/chrome/common/net/gaia/gaia_auth_fetcher.h index ca72def..21b6829 100644 --- a/chrome/common/net/gaia/gaia_auth_fetcher.h +++ b/chrome/common/net/gaia/gaia_auth_fetcher.h @@ -68,6 +68,9 @@ class GaiaAuthFetcher : public URLFetcher::Delegate { void StartGetUserInfo(const std::string& lsid, const std::string& info_key); + // Start a TokenAuth request to pre-login the user with the given credentials. + void StartTokenAuth(const std::string& auth_token); + // Implementation of URLFetcher::Delegate virtual void OnURLFetchComplete(const URLFetcher* source, const GURL& url, @@ -94,8 +97,10 @@ class GaiaAuthFetcher : public URLFetcher::Delegate { static const char kClientLoginCaptchaFormat[]; // The format of the POST body for IssueAuthToken. static const char kIssueAuthTokenFormat[]; - // The format of the POSt body for GetUserInfo. + // The format of the POST body for GetUserInfo. static const char kGetUserInfoFormat[]; + // The format of the POST body for TokenAuth. + static const char kTokenAuthFormat[]; // Constants for parsing ClientLogin errors. static const char kAccountDeletedError[]; @@ -121,6 +126,10 @@ class GaiaAuthFetcher : public URLFetcher::Delegate { const net::URLRequestStatus& status, int response_code); + void OnTokenAuthFetched(const std::string& data, + const net::URLRequestStatus& status, + int response_code); + // Tokenize the results of a ClientLogin fetch. static void ParseClientLoginResponse(const std::string& data, std::string* sid, @@ -161,6 +170,11 @@ class GaiaAuthFetcher : public URLFetcher::Delegate { // user information. static std::string MakeGetUserInfoBody(const std::string& lsid); + // Supply the authentication token returned from StartIssueAuthToken. + static std::string MakeTokenAuthBody(const std::string& auth_token, + const std::string& continue_url, + const std::string& source); + // Create a fetcher useable for making any Gaia request. static URLFetcher* CreateGaiaFetcher(net::URLRequestContextGetter* getter, const std::string& body, @@ -175,6 +189,7 @@ class GaiaAuthFetcher : public URLFetcher::Delegate { const GURL client_login_gurl_; const GURL issue_auth_token_gurl_; const GURL get_user_info_gurl_; + const GURL token_auth_gurl_; // While a fetch is going on: scoped_ptr<URLFetcher> fetcher_; diff --git a/chrome/common/net/gaia/gaia_auth_fetcher_unittest.cc b/chrome/common/net/gaia/gaia_auth_fetcher_unittest.cc index 2479aac..26160e9 100644 --- a/chrome/common/net/gaia/gaia_auth_fetcher_unittest.cc +++ b/chrome/common/net/gaia/gaia_auth_fetcher_unittest.cc @@ -5,13 +5,14 @@ // A complete set of unit tests for GaiaAuthFetcher. // Originally ported from GoogleAuthenticator tests. +#include "chrome/common/net/gaia/gaia_auth_fetcher_unittest.h" + #include <string> #include "base/message_loop.h" #include "base/stringprintf.h" #include "chrome/common/net/gaia/gaia_auth_consumer.h" #include "chrome/common/net/gaia/gaia_auth_fetcher.h" -#include "chrome/common/net/gaia/gaia_auth_fetcher_unittest.h" #include "chrome/common/net/gaia/gaia_urls.h" #include "chrome/common/net/gaia/google_service_auth_error.h" #include "chrome/common/net/http_return.h" @@ -64,7 +65,8 @@ class GaiaAuthFetcherTest : public testing::Test { GaiaAuthFetcherTest() : client_login_source_(GaiaUrls::GetInstance()->client_login_url()), issue_auth_token_source_( - GaiaUrls::GetInstance()->issue_auth_token_url()) {} + GaiaUrls::GetInstance()->issue_auth_token_url()), + token_auth_source_(GaiaUrls::GetInstance()->token_auth_url()) {} void RunParsingTest(const std::string& data, const std::string& sid, @@ -107,6 +109,7 @@ class GaiaAuthFetcherTest : public testing::Test { net::ResponseCookies cookies_; GURL client_login_source_; GURL issue_auth_token_source_; + GURL token_auth_source_; TestingProfile profile_; protected: MessageLoop message_loop_; @@ -120,10 +123,12 @@ class MockGaiaConsumer : public GaiaAuthConsumer { MOCK_METHOD1(OnClientLoginSuccess, void(const ClientLoginResult& result)); MOCK_METHOD2(OnIssueAuthTokenSuccess, void(const std::string& service, const std::string& token)); + MOCK_METHOD1(OnTokenAuthSuccess, void(const std::string& data)); MOCK_METHOD1(OnClientLoginFailure, void(const GoogleServiceAuthError& error)); MOCK_METHOD2(OnIssueAuthTokenFailure, void(const std::string& service, const GoogleServiceAuthError& error)); + MOCK_METHOD1(OnTokenAuthFailure, void(const GoogleServiceAuthError& error)); }; TEST_F(GaiaAuthFetcherTest, ErrorComparator) { @@ -497,3 +502,78 @@ TEST_F(GaiaAuthFetcherTest, FullTokenFailure) { ""); EXPECT_FALSE(auth.HasPendingFetch()); } + +TEST_F(GaiaAuthFetcherTest, TokenAuthSuccess) { + MockGaiaConsumer consumer; + EXPECT_CALL(consumer, OnTokenAuthSuccess("<html></html>")) + .Times(1); + + TestingProfile profile; + TestURLFetcherFactory factory; + URLFetcher::set_factory(&factory); + + GaiaAuthFetcher auth(&consumer, std::string(), + profile_.GetRequestContext()); + auth.StartTokenAuth("myubertoken"); + + URLFetcher::set_factory(NULL); + EXPECT_TRUE(auth.HasPendingFetch()); + auth.OnURLFetchComplete( + NULL, + token_auth_source_, + net::URLRequestStatus(net::URLRequestStatus::SUCCESS, 0), + RC_REQUEST_OK, + cookies_, + "<html></html>"); + EXPECT_FALSE(auth.HasPendingFetch()); +} + +TEST_F(GaiaAuthFetcherTest, TokenAuthUnauthorizedFailure) { + MockGaiaConsumer consumer; + EXPECT_CALL(consumer, OnTokenAuthFailure(_)) + .Times(1); + + TestingProfile profile; + TestURLFetcherFactory factory; + URLFetcher::set_factory(&factory); + + GaiaAuthFetcher auth(&consumer, std::string(), + profile_.GetRequestContext()); + auth.StartTokenAuth("badubertoken"); + + URLFetcher::set_factory(NULL); + EXPECT_TRUE(auth.HasPendingFetch()); + auth.OnURLFetchComplete( + NULL, + token_auth_source_, + net::URLRequestStatus(net::URLRequestStatus::SUCCESS, 0), + RC_UNAUTHORIZED, + cookies_, + ""); + EXPECT_FALSE(auth.HasPendingFetch()); +} + +TEST_F(GaiaAuthFetcherTest, TokenAuthNetFailure) { + MockGaiaConsumer consumer; + EXPECT_CALL(consumer, OnTokenAuthFailure(_)) + .Times(1); + + TestingProfile profile; + TestURLFetcherFactory factory; + URLFetcher::set_factory(&factory); + + GaiaAuthFetcher auth(&consumer, std::string(), + profile_.GetRequestContext()); + auth.StartTokenAuth("badubertoken"); + + URLFetcher::set_factory(NULL); + EXPECT_TRUE(auth.HasPendingFetch()); + auth.OnURLFetchComplete( + NULL, + token_auth_source_, + net::URLRequestStatus(net::URLRequestStatus::FAILED, 0), + RC_REQUEST_OK, + cookies_, + ""); + EXPECT_FALSE(auth.HasPendingFetch()); +} diff --git a/chrome/common/net/gaia/gaia_urls.cc b/chrome/common/net/gaia/gaia_urls.cc index d46dfd5..cf64fb5 100644 --- a/chrome/common/net/gaia/gaia_urls.cc +++ b/chrome/common/net/gaia/gaia_urls.cc @@ -14,11 +14,7 @@ const char kCaptchaUrlPrefixSuffix[] = "/accounts/"; const char kClientLoginUrlSuffix[] = "/accounts/ClientLogin"; const char kIssueAuthTokenUrlSuffix[] = "/accounts/IssueAuthToken"; const char kGetUserInfoUrlSuffix[] = "/accounts/GetUserInfo"; -// TODO(cmasone): make sure that using an http:// URL in the "continue" -// parameter here doesn't open the system up to attack long-term. -const char kTokenAuthUrlSuffix[] = - "/accounts/TokenAuth?" - "continue=http://www.google.com/webhp&source=chromeos&auth="; +const char kTokenAuthUrlSuffix[] = "/accounts/TokenAuth"; } // namespacce |