diff options
3 files changed, 13 insertions, 233 deletions
diff --git a/chrome/browser/chromeos/login/parallel_authenticator.cc b/chrome/browser/chromeos/login/parallel_authenticator.cc index ba0c00d..df250a3 100644 --- a/chrome/browser/chromeos/login/parallel_authenticator.cc +++ b/chrome/browser/chromeos/login/parallel_authenticator.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -47,17 +47,11 @@ using file_util::ReadFileToString; namespace chromeos { // static -const char ParallelAuthenticator::kLocalaccountFile[] = "localaccount"; - -// static const int ParallelAuthenticator::kClientLoginTimeoutMs = 10000; -// static -const int ParallelAuthenticator::kLocalaccountRetryIntervalMs = 20; ParallelAuthenticator::ParallelAuthenticator(LoginStatusConsumer* consumer) : Authenticator(consumer), already_reported_success_(false), - checked_for_localaccount_(false), using_oauth_( CommandLine::ForCurrentProcess()->HasSwitch( switches::kWebUILogin) && @@ -103,11 +97,6 @@ void ParallelAuthenticator::AuthenticateToLogin( this); current_online_->Initiate(profile); } - - BrowserThread::PostTask( - BrowserThread::FILE, FROM_HERE, - base::Bind(&ParallelAuthenticator::LoadLocalaccount, this, - std::string(kLocalaccountFile))); } void ParallelAuthenticator::CompleteLogin(Profile* profile, @@ -146,11 +135,6 @@ void ParallelAuthenticator::CompleteLogin(Profile* profile, BrowserThread::IO, FROM_HERE, base::Bind(&ParallelAuthenticator::ResolveLoginCompletionStatus, this)); } - - BrowserThread::PostTask( - BrowserThread::FILE, FROM_HERE, - base::Bind(&ParallelAuthenticator::LoadLocalaccount, this, - std::string(kLocalaccountFile))); } void ParallelAuthenticator::AuthenticateToUnlock(const std::string& username, @@ -159,10 +143,6 @@ void ParallelAuthenticator::AuthenticateToUnlock(const std::string& username, new AuthAttemptState( Authenticator::Canonicalize(username), CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password))); - BrowserThread::PostTask( - BrowserThread::FILE, FROM_HERE, - base::Bind(&ParallelAuthenticator::LoadLocalaccount, this, - std::string(kLocalaccountFile))); key_checker_ = CryptohomeOp::CreateCheckKeyAttempt(current_state_.get(), this); // Sadly, this MUST be on the UI thread due to sending DBus traffic :-/ @@ -218,41 +198,6 @@ void ParallelAuthenticator::OnPasswordChangeDetected( consumer_->OnPasswordChangeDetected(credentials); } -void ParallelAuthenticator::CheckLocalaccount(const LoginFailure& error) { - { - base::AutoLock for_this_block(localaccount_lock_); - VLOG(2) << "Checking localaccount"; - if (!checked_for_localaccount_) { - BrowserThread::PostDelayedTask( - BrowserThread::FILE, FROM_HERE, - base::Bind(&ParallelAuthenticator::CheckLocalaccount, this, error), - kLocalaccountRetryIntervalMs); - return; - } - } - - if (!localaccount_.empty() && localaccount_ == current_state_->username) { - // Success. Go mount a tmpfs for the profile, if necessary. - if (!current_state_->unlock) { - guest_mounter_ = - CryptohomeOp::CreateMountGuestAttempt(current_state_.get(), this); - BrowserThread::PostTask( - BrowserThread::UI, FROM_HERE, - base::Bind(&CryptohomeOp::Initiate, guest_mounter_.get())); - } else { - BrowserThread::PostTask( - BrowserThread::UI, FROM_HERE, - base::Bind(&ParallelAuthenticator::OnLoginSuccess, this, - GaiaAuthConsumer::ClientLoginResult(), false)); - } - } else { - // Not the localaccount. Fail, passing along cached error info. - BrowserThread::PostTask( - BrowserThread::UI, FROM_HERE, - base::Bind(&ParallelAuthenticator::OnLoginFailure, this, error)); - } -} - void ParallelAuthenticator::OnLoginFailure(const LoginFailure& error) { DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); // Send notification of failure @@ -362,8 +307,7 @@ void ParallelAuthenticator::Resolve() { LoginFailure(LoginFailure::DATA_REMOVAL_FAILED))); break; case FAILED_TMPFS: - // In this case, we tried to mount a tmpfs for BWSI or the localaccount - // user and failed. + // In this case, we tried to mount a tmpfs for BWSI and failed. BrowserThread::PostTask( BrowserThread::UI, FROM_HERE, base::Bind(&ParallelAuthenticator::OnLoginFailure, this, @@ -458,17 +402,19 @@ void ParallelAuthenticator::Resolve() { base::Bind(&ParallelAuthenticator::OnLoginSuccess, this, current_state_->credentials(), request_pending)); break; - case LOCAL_LOGIN: + case GUEST_LOGIN: BrowserThread::PostTask( BrowserThread::UI, FROM_HERE, base::Bind(&ParallelAuthenticator::OnOffTheRecordLoginSuccess, this)); break; case LOGIN_FAILED: current_state_->ResetCryptohomeStatus(); - BrowserThread::PostTask( - BrowserThread::FILE, FROM_HERE, - base::Bind(&ParallelAuthenticator::CheckLocalaccount, this, - current_state_->online_outcome())); + BrowserThread::PostTask(BrowserThread::UI, + FROM_HERE, + base::Bind( + &ParallelAuthenticator::OnLoginFailure, + this, + current_state_->online_outcome())); break; default: NOTREACHED(); @@ -580,7 +526,7 @@ ParallelAuthenticator::ResolveCryptohomeSuccessState() { if (data_remover_.get()) return CREATE_NEW; if (guest_mounter_.get()) - return LOCAL_LOGIN; + return GUEST_LOGIN; if (key_migrator_.get()) return RECOVER_MOUNT; if (key_checker_.get()) @@ -634,36 +580,6 @@ ParallelAuthenticator::ResolveOnlineSuccessState( } } -void ParallelAuthenticator::LoadLocalaccount(const std::string& filename) { - DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); - { - base::AutoLock for_this_block(localaccount_lock_); - if (checked_for_localaccount_) - return; - } - FilePath localaccount_file; - std::string localaccount; - if (PathService::Get(base::DIR_EXE, &localaccount_file)) { - localaccount_file = localaccount_file.Append(filename); - VLOG(2) << "Looking for localaccount in " << localaccount_file.value(); - - ReadFileToString(localaccount_file, &localaccount); - TrimWhitespaceASCII(localaccount, TRIM_TRAILING, &localaccount); - VLOG(1) << "Loading localaccount: " << localaccount; - } else { - VLOG(1) << "Assuming no localaccount"; - } - SetLocalaccount(localaccount); -} - -void ParallelAuthenticator::SetLocalaccount(const std::string& new_name) { - localaccount_ = new_name; - { // extra braces for clarity about AutoLock scope. - base::AutoLock for_this_block(localaccount_lock_); - checked_for_localaccount_ = true; - } -} - void ParallelAuthenticator::ResolveLoginCompletionStatus() { // Shortcut online state resolution process. current_state_->RecordOnlineLoginStatus(GaiaAuthConsumer::ClientLoginResult(), diff --git a/chrome/browser/chromeos/login/parallel_authenticator.h b/chrome/browser/chromeos/login/parallel_authenticator.h index 8391508..fc50c38 100644 --- a/chrome/browser/chromeos/login/parallel_authenticator.h +++ b/chrome/browser/chromeos/login/parallel_authenticator.h @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -44,8 +44,7 @@ class ResolveChecker; // Authenticates a Chromium OS user against the Google Accounts ClientLogin API. // -// Simultaneously attempts authentication both offline and online, failing over -// to the "localaccount" in the event that authentication fails. +// Simultaneously attempts authentication both offline and online. // // At a high, level, here's what happens: // AuthenticateToLogin() creates an OnlineAttempt and a CryptohomeOp that @@ -75,8 +74,8 @@ class ParallelAuthenticator : public Authenticator, OFFLINE_LOGIN, // Login succeeded offline. ONLINE_LOGIN, // Offline and online login succeeded. UNLOCK, // Screen unlock succeeded. - LOCAL_LOGIN, // Login with localaccount succeded. ONLINE_FAILED, // Online login disallowed, but offline succeeded. + GUEST_LOGIN, // Logged in guest mode. LOGIN_FAILED // Login denied. }; @@ -156,9 +155,6 @@ class ParallelAuthenticator : public Authenticator, // Must be called on the IO thread. virtual void Resolve() OVERRIDE; - // Call this on the FILE thread. - void CheckLocalaccount(const LoginFailure& error); - void OnOffTheRecordLoginSuccess(); void OnPasswordChangeDetected( const GaiaAuthConsumer::ClientLoginResult& credentials); @@ -221,16 +217,6 @@ class ParallelAuthenticator : public Authenticator, // Returns false if the key can not be loaded/created. bool LoadSupplementalUserKey(); - // If we haven't already, looks in a file called |filename| next to - // the browser executable for a "localaccount" name, and retrieves it - // if one is present. If someone attempts to authenticate with this - // username, we will mount a tmpfs for them and let them use the - // browser. - // Should only be called on the FILE thread. - void LoadLocalaccount(const std::string& filename); - - void SetLocalaccount(const std::string& new_name); - // Records OAuth1 access token verification failure for |user_account|. void RecordOAuthCheckFailure(const std::string& user_account); @@ -238,15 +224,9 @@ class ParallelAuthenticator : public Authenticator, // an external authentication provider (i.e. GAIA extension). void ResolveLoginCompletionStatus(); - // Name of a file, next to chrome, that contains a local account username. - static const char kLocalaccountFile[]; - // Milliseconds until we timeout our attempt to hit ClientLogin. static const int kClientLoginTimeoutMs; - // Milliseconds until we re-check whether we've gotten the localaccount name. - static const int kLocalaccountRetryIntervalMs; - // Handles all net communications with Gaia. scoped_ptr<GaiaAuthFetcher> gaia_authenticator_; @@ -269,20 +249,11 @@ class ParallelAuthenticator : public Authenticator, bool already_reported_success_; base::Lock success_lock_; // A lock around already_reported_success_. - // Status relating to the local "backdoor" account. - std::string localaccount_; - bool checked_for_localaccount_; // Needed because empty localaccount_ is ok. - base::Lock localaccount_lock_; // A lock around checked_for_localaccount_. - // True if we use OAuth-based authentication flow. bool using_oauth_; friend class ResolveChecker; friend class ParallelAuthenticatorTest; - FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadLocalaccount); - FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, - ReadLocalaccountTrailingWS); - FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadNoLocalaccount); DISALLOW_COPY_AND_ASSIGN(ParallelAuthenticator); }; diff --git a/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc b/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc index 611007a..8794278 100644 --- a/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc +++ b/chrome/browser/chromeos/login/parallel_authenticator_unittest.cc @@ -84,7 +84,6 @@ class ParallelAuthenticatorTest : public testing::Test { ParallelAuthenticatorTest() : message_loop_(MessageLoop::TYPE_UI), ui_thread_(BrowserThread::UI, &message_loop_), - file_thread_(BrowserThread::FILE), io_thread_(BrowserThread::IO), username_("me@nowhere.org"), password_("fakepass") { @@ -108,7 +107,6 @@ class ParallelAuthenticatorTest : public testing::Test { mock_library_ = new MockCryptohomeLibrary(); test_api->SetCryptohomeLibrary(mock_library_, true); - file_thread_.Start(); io_thread_.Start(); auth_ = new ParallelAuthenticator(&consumer_); @@ -138,29 +136,6 @@ class ParallelAuthenticatorTest : public testing::Test { return out; } - FilePath FakeLocalaccountFile(const std::string& ascii) { - FilePath exe_dir; - FilePath local_account_file; - PathService::Get(base::DIR_EXE, &exe_dir); - FILE* tmp_file = CreateAndOpenTemporaryFileInDir(exe_dir, - &local_account_file); - int ascii_len = ascii.length(); - EXPECT_NE(tmp_file, static_cast<FILE*>(NULL)); - EXPECT_EQ(WriteFile(local_account_file, ascii.c_str(), ascii_len), - ascii_len); - EXPECT_TRUE(CloseFile(tmp_file)); - return local_account_file; - } - - void ReadLocalaccountFile(ParallelAuthenticator* auth, - const std::string& filename) { - BrowserThread::PostTask( - BrowserThread::FILE, FROM_HERE, - base::Bind(&ParallelAuthenticator::LoadLocalaccount, auth, filename)); - file_thread_.Stop(); - file_thread_.Start(); - } - // Allow test to fail and exit gracefully, even if OnLoginFailure() // wasn't supposed to happen. void FailOnLoginFailure() { @@ -227,7 +202,6 @@ class ParallelAuthenticatorTest : public testing::Test { MessageLoop message_loop_; content::TestBrowserThread ui_thread_; - content::TestBrowserThread file_thread_; content::TestBrowserThread io_thread_; std::string username_; @@ -247,31 +221,6 @@ class ParallelAuthenticatorTest : public testing::Test { scoped_ptr<TestAttemptState> state_; }; -TEST_F(ParallelAuthenticatorTest, ReadLocalaccount) { - FilePath tmp_file_path = FakeLocalaccountFile(username_); - - ReadLocalaccountFile(auth_.get(), tmp_file_path.BaseName().value()); - EXPECT_EQ(auth_->localaccount_, username_); - Delete(tmp_file_path, false); -} - -TEST_F(ParallelAuthenticatorTest, ReadLocalaccountTrailingWS) { - FilePath tmp_file_path = - FakeLocalaccountFile(base::StringPrintf("%s\n", username_.c_str())); - - ReadLocalaccountFile(auth_.get(), tmp_file_path.BaseName().value()); - EXPECT_EQ(auth_->localaccount_, username_); - Delete(tmp_file_path, false); -} - -TEST_F(ParallelAuthenticatorTest, ReadNoLocalaccount) { - FilePath tmp_file_path = FakeLocalaccountFile(username_); - EXPECT_TRUE(Delete(tmp_file_path, false)); // Ensure non-existent file. - - ReadLocalaccountFile(auth_.get(), tmp_file_path.BaseName().value()); - EXPECT_EQ(auth_->localaccount_, std::string()); -} - TEST_F(ParallelAuthenticatorTest, OnLoginSuccess) { EXPECT_CALL(consumer_, OnLoginSuccess(username_, password_, result_, false, false)) @@ -709,38 +658,6 @@ TEST_F(ParallelAuthenticatorTest, DISABLED_DriveNeedNewPassword) { RunResolve(auth_.get(), &message_loop_); } -TEST_F(ParallelAuthenticatorTest, DriveLocalLogin) { - ExpectGuestLoginSuccess(); - FailOnLoginFailure(); - - // Set up mock cryptohome library to respond as though a tmpfs mount - // attempt has occurred and succeeded. - mock_library_->SetUp(true, 0); - EXPECT_CALL(*mock_library_, AsyncMountForBwsi(_)) - .Times(1) - .RetiresOnSaturation(); - - // Pre-set test state as though an online login attempt failed to complete, - // and that a cryptohome mount attempt failed because the user doesn't exist. - GoogleServiceAuthError error = - GoogleServiceAuthError::FromConnectionError(net::ERR_CONNECTION_RESET); - LoginFailure failure = - LoginFailure::FromNetworkAuthFailure(error); - state_->PresetOnlineLoginStatus(result_, failure); - state_->PresetCryptohomeStatus( - false, - chromeos::kCryptohomeMountErrorUserDoesNotExist); - SetAttemptState(auth_, state_.release()); - - // Deal with getting the localaccount file - FilePath tmp_file_path = FakeLocalaccountFile(username_); - ReadLocalaccountFile(auth_.get(), tmp_file_path.BaseName().value()); - - RunResolve(auth_.get(), &message_loop_); - - Delete(tmp_file_path, false); -} - TEST_F(ParallelAuthenticatorTest, DriveUnlock) { ExpectLoginSuccess(username_, std::string(), result_, false); FailOnLoginFailure(); @@ -759,28 +676,4 @@ TEST_F(ParallelAuthenticatorTest, DriveUnlock) { message_loop_.Run(); } -TEST_F(ParallelAuthenticatorTest, DriveLocalUnlock) { - ExpectLoginSuccess(username_, std::string(), result_, false); - FailOnLoginFailure(); - - // Set up mock cryptohome library to fail a cryptohome key-check - // attempt. - mock_library_->SetUp(false, 0); - EXPECT_CALL(*mock_library_, AsyncCheckKey(username_, _, _)) - .Times(1) - .RetiresOnSaturation(); - EXPECT_CALL(*mock_library_, HashPassword(_)) - .WillOnce(Return(std::string())) - .RetiresOnSaturation(); - - // Deal with getting the localaccount file - FilePath tmp_file_path = FakeLocalaccountFile(username_); - ReadLocalaccountFile(auth_.get(), tmp_file_path.BaseName().value()); - - auth_->AuthenticateToUnlock(username_, ""); - message_loop_.Run(); - - Delete(tmp_file_path, false); -} - } // namespace chromeos |