diff options
| author | bartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-17 19:35:29 +0000 |
|---|---|---|
| committer | bartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-17 19:35:29 +0000 |
| commit | 2f18ff3db768d73b0f652de1cb763050d1eee233 (patch) | |
| tree | a6c9af0bdc1047da4ab46265f917721dda2b4684 /google_apis/gaia/fake_gaia.h | |
| parent | 7c456e1fec5d136a7af6eb53412bf974f6283035 (diff) | |
| download | chromium_src-2f18ff3db768d73b0f652de1cb763050d1eee233.zip chromium_src-2f18ff3db768d73b0f652de1cb763050d1eee233.tar.gz chromium_src-2f18ff3db768d73b0f652de1cb763050d1eee233.tar.bz2 | |
Switch GAIA e-mail address retrieval from /GetUserInfo to /ListAccounts
Previously, the Chrome OS SAML login flow was passing the LSID obtained
via /ServiceLogin to /GetUserInfo in order to retrieve the authenticated
user's e-mail address. It turns out that this is wrong because
/ServiceLogin yields a browser LSID and /GetUserInfo expects a
programmatic LSID. In many cases, the two LSID flavors are identical and
the existing code worked. But under some conditions, the browser LSID
could be different, causing /GetUserInfo to fail.
This CL switches to /ListAccounts instead, which handles browser LSIDs.
An additional advantage of /ListAccounts is that it will read the LSID
from cookies, removing the need to extract the LSID from the cookie jar
explicitly.
I could have further simplified the code by doing an XHR to /ListAccounts
from the JS code of the auth extension, avoiding the JS -> C++ -> JS round
trip. However, this would have been a CORS request, requiring the GAIA
URL to be hard-coded in the auth extension's manifest. The implementation
in this CL, which makes the /ListAccounts call from C++, is more flexible
as it preserves the ability to change the GAIA URL via a command-line
flag.
BUG=332132
TEST=Updated browser test and manual
Review URL: https://codereview.chromium.org/134483008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@245585 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'google_apis/gaia/fake_gaia.h')
| -rw-r--r-- | google_apis/gaia/fake_gaia.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/google_apis/gaia/fake_gaia.h b/google_apis/gaia/fake_gaia.h index 1f5fbe1..ef49cd6 100644 --- a/google_apis/gaia/fake_gaia.h +++ b/google_apis/gaia/fake_gaia.h @@ -72,7 +72,7 @@ class FakeGaia { std::string session_sid_cookie; std::string session_lsid_cookie; - // The e-mail address returned by /GetUserInfo. + // The e-mail address returned by /ListAccounts. std::string email; }; @@ -148,8 +148,8 @@ class FakeGaia { net::test_server::BasicHttpResponse* http_response); void HandleIssueToken(const net::test_server::HttpRequest& request, net::test_server::BasicHttpResponse* http_response); - void HandleGetUserInfo(const net::test_server::HttpRequest& request, - net::test_server::BasicHttpResponse* http_response); + void HandleListAccounts(const net::test_server::HttpRequest& request, + net::test_server::BasicHttpResponse* http_response); // Returns the access token associated with |auth_token| that matches the // given |client_id| and |scope_string|. If |scope_string| is empty, the first |