diff options
| -rw-r--r-- | chrome/app/generated_resources.grd | 3 | ||||
| -rw-r--r-- | chrome/browser/resources/sync_setup_overlay.html | 3 | ||||
| -rw-r--r-- | chrome/browser/resources/sync_setup_overlay.js | 17 | ||||
| -rw-r--r-- | chrome/browser/sync/sync_setup_flow.cc | 47 | ||||
| -rw-r--r-- | chrome/browser/sync/sync_setup_flow.h | 19 | ||||
| -rw-r--r-- | chrome/browser/ui/webui/sync_setup_handler.cc | 24 |
6 files changed, 82 insertions, 31 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd index 38fe31d..ed02805 100644 --- a/chrome/app/generated_resources.grd +++ b/chrome/app/generated_resources.grd @@ -9955,6 +9955,9 @@ Keep your key file in a safe place. You will need it to create new versions of y <message name="IDS_SYNC_ENTER_OTHER_PASSPHRASE_BODY" desc="Instructions for the dialog where the user needs to enter a different passphrase."> The passphrase you entered can't be used because you already have data encrypted with a passphrase. Please enter your existing sync passphrase below. </message> + <message name="IDS_SYNC_ENTER_GOOGLE_PASSPHRASE_BODY" desc="Instructions for the dialog where the user needs to enter their previous google passphrase."> + You already have data that is encrypted using a different version of your Google Account password. Please enter your previous Google Account password below. + </message> <message name="IDS_SYNC_PASSPHRASE_LABEL" desc="Label for the passphrase field."> Passphrase </message> diff --git a/chrome/browser/resources/sync_setup_overlay.html b/chrome/browser/resources/sync_setup_overlay.html index 8245189..6dbea8d 100644 --- a/chrome/browser/resources/sync_setup_overlay.html +++ b/chrome/browser/resources/sync_setup_overlay.html @@ -407,6 +407,9 @@ <div id="passphrase-rejected-body" i18n-content="enterOtherPassphraseBody" hidden> </div> + <div id="google-passphrase-needed-body" + i18n-content="enterGooglePassphraseBody" hidden> + </div> </div> <div id="passphrase-input"> <input id="passphrase" name="passphrase" type="password" diff --git a/chrome/browser/resources/sync_setup_overlay.js b/chrome/browser/resources/sync_setup_overlay.js index 0a9c3b5..39f5b8d 100644 --- a/chrome/browser/resources/sync_setup_overlay.js +++ b/chrome/browser/resources/sync_setup_overlay.js @@ -218,10 +218,14 @@ cr.define('options', function() { var usePassphrase; var customPassphrase; + var googlePassphrase = false; if (!$('sync-existing-passphrase-container').hidden) { // If we were prompted for an existing passphrase, use it. customPassphrase = f.passphrase.value; usePassphrase = true; + // If we were displaying the "enter your old google password" prompt, + // then that means this is the user's google password. + googlePassphrase = !$('google-passphrase-needed-body').hidden; // We allow an empty passphrase, in case the user has disabled // all their encrypted datatypes. In that case, the PSS will accept // the passphrase and finish configuration. If the user has enabled @@ -260,6 +264,7 @@ cr.define('options', function() { "syncSessions": syncAll || $('sessions-checkbox').checked, "encryptAllData": encryptAllData, "usePassphrase": usePassphrase, + "isGooglePassphrase": googlePassphrase, "passphrase": customPassphrase }); chrome.send('SyncSetupConfigure', [result]); @@ -474,13 +479,19 @@ cr.define('options', function() { $('sync-custom-passphrase-container').hidden = true; $('sync-existing-passphrase-container').hidden = false; - if (args["passphrase_creation_rejected"]) + $('passphrase-rejected-body').hidden = true; + $('normal-body').hidden = true; + $('google-passphrase-needed-body').hidden = true; + // Display the correct prompt to the user depending on what type of + // passphrase is needed. + if (args["need_google_passphrase"]) + $('google-passphrase-needed-body').hidden = false; + else if (args["passphrase_creation_rejected"]) $('passphrase-rejected-body').hidden = false; else $('normal-body').hidden = false; - if (args["passphrase_setting_rejected"]) - $('incorrect-passphrase').hidden = false; + $('incorrect-passphrase').hidden = !args["passphrase_setting_rejected"]; $('sync-passphrase-warning').hidden = false; diff --git a/chrome/browser/sync/sync_setup_flow.cc b/chrome/browser/sync/sync_setup_flow.cc index 5cf83b2..c1366a2 100644 --- a/chrome/browser/sync/sync_setup_flow.cc +++ b/chrome/browser/sync/sync_setup_flow.cc @@ -62,7 +62,8 @@ SyncSetupWizard::State GetStepForNonFatalError(ProfileSyncService* service) { SyncConfiguration::SyncConfiguration() : encrypt_all(false), sync_everything(false), - use_secondary_passphrase(false) { + set_secondary_passphrase(false), + set_gaia_passphrase(false) { } SyncConfiguration::~SyncConfiguration() {} @@ -177,11 +178,14 @@ void SyncSetupFlow::GetArgsForConfigure(ProfileSyncService* service, // We need a passphrase, and either it's an explicit passphrase, or we // don't have a cached gaia passphrase, so we have to prompt the user. args->SetBoolean("show_passphrase", true); + // Tell the UI layer what kind of passphrase we need. + args->SetBoolean("need_google_passphrase", + !service->IsUsingSecondaryPassphrase()); + args->SetBoolean("passphrase_creation_rejected", + tried_creating_explicit_passphrase_); + args->SetBoolean("passphrase_setting_rejected", + tried_setting_passphrase_); } - args->SetBoolean("passphrase_creation_rejected", - tried_creating_explicit_passphrase_); - args->SetBoolean("passphrase_setting_rejected", - tried_setting_explicit_passphrase_); } bool SyncSetupFlow::AttachSyncSetupHandler(SyncSetupFlowHandler* handler) { @@ -277,36 +281,37 @@ void SyncSetupFlow::OnUserConfigured(const SyncConfiguration& configuration) { // Note: encryption will not occur until OnUserChoseDatatypes is called. service_->SetEncryptEverything(configuration.encrypt_all); - if (!configuration.gaia_passphrase.empty()) { + if (configuration.set_gaia_passphrase) { // Caller passed a gaia passphrase. This is illegal if we are currently // using a secondary passphrase. DCHECK(!service_->IsUsingSecondaryPassphrase()); service_->SetPassphrase(configuration.gaia_passphrase, false); + // Since the user entered the passphrase manually, set this flag so we can + // report an error if the passphrase setting failed. + tried_setting_passphrase_ = true; } else if (!service_->IsUsingSecondaryPassphrase() && !cached_passphrase_.empty()) { // Service needs a GAIA passphrase and we have one cached, so try it. service_->SetPassphrase(cached_passphrase_, false); cached_passphrase_.clear(); } else { + // We can get here if the user changes their GAIA passphrase but still has + // data encrypted with the old passphrase. The UI prompts the user for their + // passphrase, but they might just leave it blank/disable the encrypted + // types. // No gaia passphrase cached or set, so make sure the ProfileSyncService // wasn't expecting one. - DCHECK(!service_->IsPassphraseRequiredForDecryption() || - service_->IsUsingSecondaryPassphrase()); + DLOG_IF(WARNING, !service_->IsUsingSecondaryPassphrase() && + service_->IsPassphraseRequiredForDecryption()) << + "Google passphrase required but not provided by UI"; } - // It's possible the user has to provide a secondary passphrase even when - // they have not set one previously. This occurs when the user has changed - // their gaia password and then sign in to a new machine for the first time. - // The new machine will download data encrypted with their old gaia password, - // which their current gaia password will not be able to decrypt, triggering - // a prompt for a passphrase. At this point, the user must enter their old - // password, which we store as a new secondary passphrase. - // TODO(zea): eventually use the above gaia_passphrase instead of the - // secondary passphrase in this case. - if (configuration.use_secondary_passphrase) { + // Set the secondary passphrase, either as a decryption passphrase, or + // as an attempt to encrypt the user's data using this new passphrase. + if (configuration.set_secondary_passphrase) { service_->SetPassphrase(configuration.secondary_passphrase, true); if (service_->IsUsingSecondaryPassphrase()) - tried_setting_explicit_passphrase_ = true; + tried_setting_passphrase_ = true; else tried_creating_explicit_passphrase_ = true; } @@ -318,7 +323,7 @@ void SyncSetupFlow::OnUserConfigured(const SyncConfiguration& configuration) { void SyncSetupFlow::OnPassphraseEntry(const std::string& passphrase) { Advance(SyncSetupWizard::SETTING_UP); service_->SetPassphrase(passphrase, true); - tried_setting_explicit_passphrase_ = true; + tried_setting_passphrase_ = true; } void SyncSetupFlow::OnPassphraseCancel() { @@ -342,7 +347,7 @@ SyncSetupFlow::SyncSetupFlow(SyncSetupWizard::State start_state, flow_handler_(NULL), service_(service), tried_creating_explicit_passphrase_(false), - tried_setting_explicit_passphrase_(false) { + tried_setting_passphrase_(false) { } // Returns true if the flow should advance to |state| based on |current_state_|. diff --git a/chrome/browser/sync/sync_setup_flow.h b/chrome/browser/sync/sync_setup_flow.h index 80225e0..188ac21 100644 --- a/chrome/browser/sync/sync_setup_flow.h +++ b/chrome/browser/sync/sync_setup_flow.h @@ -31,8 +31,18 @@ struct SyncConfiguration { bool encrypt_all; bool sync_everything; syncable::ModelTypeSet data_types; - bool use_secondary_passphrase; + // We pass a separate |set_xxxxx_passphrase| flag because sometimes the UI + // wants to set an empty gaia/secondary passphrase (for example, when the user + // doesn't enter a passphrase, but we still want the ProfileSyncService to + // generate a new passphrase error if there are still encrypted types + // enabled). + // TODO(atwilson): Need to change SyncSetupFlow::OnUserConfigured() to + // check for the presence of encrypted types itself, rather than relying on + // the hack of passing an empty passphrase/waiting for ProfileSyncService to + // receive a new PassphraseRequired (http://crbug.com/95939). + bool set_secondary_passphrase; std::string secondary_passphrase; + bool set_gaia_passphrase; std::string gaia_passphrase; }; @@ -132,10 +142,13 @@ class SyncSetupFlow { // We need this to propagate back all user settings changes. Weak reference. ProfileSyncService* service_; - // Set to true if we've tried creating/setting an explicit passphrase, so we + // Set to true if we've tried creating an explicit passphrase, so we // can appropriately reflect this in the UI. bool tried_creating_explicit_passphrase_; - bool tried_setting_explicit_passphrase_; + + // Set to true if the user entered a passphrase, so we can appropriately + // reflect this in the UI. + bool tried_setting_passphrase_; // We track the passphrase the user entered so we can set it when configuring // the ProfileSyncService. diff --git a/chrome/browser/ui/webui/sync_setup_handler.cc b/chrome/browser/ui/webui/sync_setup_handler.cc index 8468e50..73e213f 100644 --- a/chrome/browser/ui/webui/sync_setup_handler.cc +++ b/chrome/browser/ui/webui/sync_setup_handler.cc @@ -136,12 +136,27 @@ bool GetConfiguration(const std::string& json, SyncConfiguration* config) { return false; // Passphrase settings. - if (!result->GetBoolean("usePassphrase", &config->use_secondary_passphrase)) - return false; - if (config->use_secondary_passphrase && - !result->GetString("passphrase", &config->secondary_passphrase)) + bool have_passphrase; + if (!result->GetBoolean("usePassphrase", &have_passphrase)) return false; + if (have_passphrase) { + bool is_gaia; + if (!result->GetBoolean("isGooglePassphrase", &is_gaia)) + return false; + std::string passphrase; + if (!result->GetString("passphrase", &passphrase)) + return false; + // The user provided a passphrase - pass it off to SyncSetupFlow as either + // the secondary or GAIA passphrase as appropriate. + if (is_gaia) { + config->set_gaia_passphrase = true; + config->gaia_passphrase = passphrase; + } else { + config->set_secondary_passphrase = true; + config->secondary_passphrase = passphrase; + } + } return true; } @@ -261,6 +276,7 @@ void SyncSetupHandler::GetStaticLocalizedValues( { "enterPassphraseTitle", IDS_SYNC_ENTER_PASSPHRASE_TITLE }, { "enterPassphraseBody", IDS_SYNC_ENTER_PASSPHRASE_BODY }, { "enterOtherPassphraseBody", IDS_SYNC_ENTER_OTHER_PASSPHRASE_BODY }, + { "enterGooglePassphraseBody", IDS_SYNC_ENTER_GOOGLE_PASSPHRASE_BODY }, { "passphraseLabel", IDS_SYNC_PASSPHRASE_LABEL }, { "incorrectPassphrase", IDS_SYNC_INCORRECT_PASSPHRASE }, { "passphraseWarning", IDS_SYNC_PASSPHRASE_WARNING }, |