diff options
Diffstat (limited to 'chrome/browser/chromeos')
51 files changed, 404 insertions, 369 deletions
diff --git a/chrome/browser/chromeos/app_mode/app_session.cc b/chrome/browser/chromeos/app_mode/app_session.cc index 850615e..6f2e374 100644 --- a/chrome/browser/chromeos/app_mode/app_session.cc +++ b/chrome/browser/chromeos/app_mode/app_session.cc @@ -120,8 +120,9 @@ class AppSession::AppWindowHandler : public AppWindowRegistry::Observer { void OnAppWindowRemoved(AppWindow* app_window) override { if (window_registry_->GetAppWindowsForApp(app_id_).empty()) { - if (DemoAppLauncher::IsDemoAppSession( - user_manager::UserManager::Get()->GetActiveUser()->email())) { + if (DemoAppLauncher::IsDemoAppSession(user_manager::UserManager::Get() + ->GetActiveUser() + ->GetAccountId())) { // If we were in demo mode, we disabled all our network technologies, // re-enable them. NetworkStateHandler* handler = @@ -188,7 +189,7 @@ void AppSession::Init(Profile* profile, const std::string& app_id) { // For a demo app, we don't need to either setup the update service or // the idle app name notification. if (DemoAppLauncher::IsDemoAppSession( - user_manager::UserManager::Get()->GetActiveUser()->email())) + user_manager::UserManager::Get()->GetActiveUser()->GetAccountId())) return; // Set the app_id for the current instance of KioskAppUpdateService. diff --git a/chrome/browser/chromeos/app_mode/kiosk_app_data.cc b/chrome/browser/chromeos/app_mode/kiosk_app_data.cc index ed46386..0cb0c98 100644 --- a/chrome/browser/chromeos/app_mode/kiosk_app_data.cc +++ b/chrome/browser/chromeos/app_mode/kiosk_app_data.cc @@ -395,14 +395,13 @@ class KioskAppData::WebstoreDataParser KioskAppData::KioskAppData(KioskAppDataDelegate* delegate, const std::string& app_id, - const std::string& user_id, + const AccountId& account_id, const GURL& update_url) : delegate_(delegate), status_(STATUS_INIT), app_id_(app_id), - user_id_(user_id), - update_url_(update_url) { -} + account_id_(account_id), + update_url_(update_url) {} KioskAppData::~KioskAppData() {} diff --git a/chrome/browser/chromeos/app_mode/kiosk_app_data.h b/chrome/browser/chromeos/app_mode/kiosk_app_data.h index c50fec8..edcf76f 100644 --- a/chrome/browser/chromeos/app_mode/kiosk_app_data.h +++ b/chrome/browser/chromeos/app_mode/kiosk_app_data.h @@ -12,6 +12,7 @@ #include "base/memory/ref_counted.h" #include "base/memory/weak_ptr.h" #include "chrome/browser/extensions/webstore_data_fetcher_delegate.h" +#include "components/signin/core/account_id/account_id.h" #include "ui/gfx/image/image_skia.h" #include "url/gurl.h" @@ -48,7 +49,7 @@ class KioskAppData : public base::SupportsWeakPtr<KioskAppData>, KioskAppData(KioskAppDataDelegate* delegate, const std::string& app_id, - const std::string& user_id, + const AccountId& account_id, const GURL& update_url); ~KioskAppData() override; @@ -73,7 +74,7 @@ class KioskAppData : public base::SupportsWeakPtr<KioskAppData>, bool IsFromWebStore() const; const std::string& app_id() const { return app_id_; } - const std::string& user_id() const { return user_id_; } + const AccountId& account_id() const { return account_id_; } const std::string& name() const { return name_; } const GURL& update_url() const { return update_url_; } const gfx::ImageSkia& icon() const { return icon_; } @@ -145,7 +146,7 @@ class KioskAppData : public base::SupportsWeakPtr<KioskAppData>, Status status_; std::string app_id_; - std::string user_id_; + AccountId account_id_; std::string name_; GURL update_url_; gfx::ImageSkia icon_; diff --git a/chrome/browser/chromeos/app_mode/kiosk_app_manager.cc b/chrome/browser/chromeos/app_mode/kiosk_app_manager.cc index b48cb02..4a39547 100644 --- a/chrome/browser/chromeos/app_mode/kiosk_app_manager.cc +++ b/chrome/browser/chromeos/app_mode/kiosk_app_manager.cc @@ -35,13 +35,16 @@ #include "chrome/common/extensions/extension_constants.h" #include "chromeos/chromeos_paths.h" #include "chromeos/cryptohome/async_method_caller.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/dbus_thread_manager.h" +#include "chromeos/login/user_names.h" #include "chromeos/settings/cros_settings_names.h" #include "components/ownership/owner_key_util.h" #include "components/prefs/pref_registry_simple.h" #include "components/prefs/pref_service.h" #include "components/prefs/scoped_user_pref_update.h" #include "components/signin/core/account_id/account_id.h" +#include "components/user_manager/known_user.h" #include "components/user_manager/user_manager.h" #include "content/public/browser/browser_thread.h" #include "extensions/common/extension_urls.h" @@ -61,30 +64,34 @@ std::string GenerateKioskAppAccountId(const std::string& app_id) { return app_id + '@' + kKioskAppAccountDomain; } -void ScheduleDelayedCryptohomeRemoval(const std::string& user_id, +void ScheduleDelayedCryptohomeRemoval(const cryptohome::Identification& id, const std::string& app_id) { PrefService* local_state = g_browser_process->local_state(); DictionaryPrefUpdate dict_update(local_state, kKioskUsersToRemove); - dict_update->SetStringWithoutPathExpansion(user_id, app_id); + + // We are using cryptohome::Identification here because it cannot change + // before actual removal will take place. (Possible cryptohome migration + // happens only on session start, but deletion should happen before it.) + dict_update->SetStringWithoutPathExpansion(id.id(), app_id); local_state->CommitPendingWrite(); } -void CancelDelayedCryptohomeRemoval(const std::string& user_id) { +void CancelDelayedCryptohomeRemoval(const cryptohome::Identification& id) { PrefService* local_state = g_browser_process->local_state(); DictionaryPrefUpdate dict_update(local_state, kKioskUsersToRemove); - dict_update->RemoveWithoutPathExpansion(user_id, nullptr); + dict_update->RemoveWithoutPathExpansion(id.id(), nullptr); local_state->CommitPendingWrite(); } -void OnRemoveAppCryptohomeComplete(const std::string& user_id, +void OnRemoveAppCryptohomeComplete(const cryptohome::Identification& id, const std::string& app, const base::Closure& callback, bool success, cryptohome::MountError return_code) { if (success) { - CancelDelayedCryptohomeRemoval(user_id); + CancelDelayedCryptohomeRemoval(id); } else { - ScheduleDelayedCryptohomeRemoval(user_id, app); + ScheduleDelayedCryptohomeRemoval(id, app); LOG(ERROR) << "Remove cryptohome for " << app << " failed, return code: " << return_code; } @@ -102,16 +109,14 @@ void PerformDelayedCryptohomeRemovals(bool service_is_available) { const base::DictionaryValue* dict = local_state->GetDictionary(kKioskUsersToRemove); for (base::DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { - std::string user_id = it.key(); + const cryptohome::Identification cryptohome_id( + cryptohome::Identification::FromString(it.key())); std::string app_id; it.value().GetAsString(&app_id); VLOG(1) << "Removing obsolete crypthome for " << app_id; cryptohome::AsyncMethodCaller::GetInstance()->AsyncRemove( - user_id, - base::Bind(&OnRemoveAppCryptohomeComplete, - user_id, - app_id, - base::Closure())); + cryptohome_id, base::Bind(&OnRemoveAppCryptohomeComplete, cryptohome_id, + app_id, base::Closure())); } } @@ -171,15 +176,17 @@ KioskAppManager::App::App(const KioskAppData& data, bool is_extension_pending, bool auto_launched_with_zero_delay) : app_id(data.app_id()), - user_id(data.user_id()), + account_id(data.account_id()), name(data.name()), icon(data.icon()), required_platform_version(data.required_platform_version()), is_loading(data.IsLoading() || is_extension_pending), was_auto_launched_with_zero_delay(auto_launched_with_zero_delay) {} -KioskAppManager::App::App() : is_loading(false), - was_auto_launched_with_zero_delay(false) {} +KioskAppManager::App::App() + : account_id(EmptyAccountId()), + is_loading(false), + was_auto_launched_with_zero_delay(false) {} KioskAppManager::App::~App() {} @@ -642,6 +649,9 @@ void KioskAppManager::UpdateAppData() { if (it->account_id == auto_login_account_id) auto_launch_app_id_ = it->kiosk_app_id; + // Note that app ids are not canonical, i.e. they can contain upper + // case letters. + const AccountId account_id(AccountId::FromUserEmail(it->user_id)); std::map<std::string, KioskAppData*>::iterator old_it = old_apps.find(it->kiosk_app_id); if (old_it != old_apps.end()) { @@ -649,11 +659,11 @@ void KioskAppManager::UpdateAppData() { old_apps.erase(old_it); } else { KioskAppData* new_app = new KioskAppData( - this, it->kiosk_app_id, it->user_id, GURL(it->kiosk_app_update_url)); + this, it->kiosk_app_id, account_id, GURL(it->kiosk_app_update_url)); apps_.push_back(new_app); // Takes ownership of |new_app|. new_app->Load(); } - CancelDelayedCryptohomeRemoval(it->user_id); + CancelDelayedCryptohomeRemoval(cryptohome::Identification(account_id)); } base::Closure cryptohomes_barrier_closure; @@ -663,7 +673,7 @@ void KioskAppManager::UpdateAppData() { if (active_user) { const AccountId active_account_id = active_user->GetAccountId(); for (const auto& it : old_apps) { - if (it.second->user_id() == active_account_id.GetUserEmail()) { + if (it.second->account_id() == active_account_id) { VLOG(1) << "Currently running kiosk app removed from policy, exiting"; cryptohomes_barrier_closure = BarrierClosure( old_apps.size(), base::Bind(&chrome::AttemptUserExit)); @@ -677,12 +687,10 @@ void KioskAppManager::UpdateAppData() { for (std::map<std::string, KioskAppData*>::iterator it = old_apps.begin(); it != old_apps.end(); ++it) { it->second->ClearCache(); + const cryptohome::Identification cryptohome_id(it->second->account_id()); cryptohome::AsyncMethodCaller::GetInstance()->AsyncRemove( - it->second->user_id(), - base::Bind(&OnRemoveAppCryptohomeComplete, - it->second->user_id(), - it->first, - cryptohomes_barrier_closure)); + cryptohome_id, base::Bind(&OnRemoveAppCryptohomeComplete, cryptohome_id, + it->first, cryptohomes_barrier_closure)); apps_to_remove.push_back(it->second->app_id()); } STLDeleteValues(&old_apps); diff --git a/chrome/browser/chromeos/app_mode/kiosk_app_manager.h b/chrome/browser/chromeos/app_mode/kiosk_app_manager.h index c3877b6..1bc27f1 100644 --- a/chrome/browser/chromeos/app_mode/kiosk_app_manager.h +++ b/chrome/browser/chromeos/app_mode/kiosk_app_manager.h @@ -20,6 +20,7 @@ #include "chrome/browser/chromeos/extensions/external_cache.h" #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" #include "chrome/browser/chromeos/settings/cros_settings.h" +#include "components/signin/core/account_id/account_id.h" #include "ui/gfx/image/image_skia.h" class PrefRegistrySimple; @@ -70,7 +71,7 @@ class KioskAppManager : public KioskAppDataDelegate, ~App(); std::string app_id; - std::string user_id; + AccountId account_id; std::string name; gfx::ImageSkia icon; std::string required_platform_version; diff --git a/chrome/browser/chromeos/app_mode/kiosk_profile_loader.cc b/chrome/browser/chromeos/app_mode/kiosk_profile_loader.cc index d856520..4c2fe61 100644 --- a/chrome/browser/chromeos/app_mode/kiosk_profile_loader.cc +++ b/chrome/browser/chromeos/app_mode/kiosk_profile_loader.cc @@ -119,10 +119,10 @@ class KioskProfileLoader::CryptohomedChecker //////////////////////////////////////////////////////////////////////////////// // KioskProfileLoader -KioskProfileLoader::KioskProfileLoader(const std::string& app_user_id, +KioskProfileLoader::KioskProfileLoader(const AccountId& app_account_id, bool use_guest_mount, Delegate* delegate) - : user_id_(app_user_id), + : account_id_(app_account_id), use_guest_mount_(use_guest_mount), delegate_(delegate) {} @@ -137,7 +137,7 @@ void KioskProfileLoader::Start() { void KioskProfileLoader::LoginAsKioskAccount() { login_performer_.reset(new ChromeLoginPerformer(this)); - login_performer_->LoginAsKioskAccount(user_id_, use_guest_mount_); + login_performer_->LoginAsKioskAccount(account_id_, use_guest_mount_); } void KioskProfileLoader::ReportLaunchResult(KioskAppLaunchError::Error error) { @@ -160,7 +160,7 @@ void KioskProfileLoader::OnAuthSuccess(const UserContext& user_context) { // user as a demo user. UserContext context = user_context; if (context.GetAccountId() == login::GuestAccountId()) - context.SetUserID(login::DemoAccountId().GetUserEmail()); + context.SetAccountId(login::DemoAccountId()); UserSessionManager::GetInstance()->StartSession( context, UserSessionManager::PRIMARY_USER_SESSION, false, // has_auth_cookies diff --git a/chrome/browser/chromeos/app_mode/kiosk_profile_loader.h b/chrome/browser/chromeos/app_mode/kiosk_profile_loader.h index 01d9407..0b15265 100644 --- a/chrome/browser/chromeos/app_mode/kiosk_profile_loader.h +++ b/chrome/browser/chromeos/app_mode/kiosk_profile_loader.h @@ -13,6 +13,7 @@ #include "chrome/browser/chromeos/app_mode/kiosk_app_launch_error.h" #include "chrome/browser/chromeos/login/session/user_session_manager.h" #include "chromeos/login/auth/login_performer.h" +#include "components/signin/core/account_id/account_id.h" class Profile; @@ -33,7 +34,7 @@ class KioskProfileLoader : public LoginPerformer::Delegate, virtual ~Delegate() {} }; - KioskProfileLoader(const std::string& app_user_id, + KioskProfileLoader(const AccountId& app_account_id, bool use_guest_mount, Delegate* delegate); @@ -58,7 +59,7 @@ class KioskProfileLoader : public LoginPerformer::Delegate, // UserSessionManagerDelegate implementation: void OnProfilePrepared(Profile* profile, bool browser_launched) override; - std::string user_id_; + const AccountId account_id_; bool use_guest_mount_; Delegate* delegate_; scoped_ptr<CryptohomedChecker> cryptohomed_checker_; diff --git a/chrome/browser/chromeos/attestation/attestation_policy_observer.cc b/chrome/browser/chromeos/attestation/attestation_policy_observer.cc index e400fa8..71930dd 100644 --- a/chrome/browser/chromeos/attestation/attestation_policy_observer.cc +++ b/chrome/browser/chromeos/attestation/attestation_policy_observer.cc @@ -17,11 +17,14 @@ #include "chrome/browser/chromeos/settings/cros_settings.h" #include "chromeos/attestation/attestation_flow.h" #include "chromeos/cryptohome/async_method_caller.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/cryptohome_client.h" #include "chromeos/dbus/dbus_method_call_status.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "components/policy/core/common/cloud/cloud_policy_client.h" #include "components/policy/core/common/cloud/cloud_policy_manager.h" +#include "components/signin/core/account_id/account_id.h" +#include "components/user_manager/known_user.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/notification_details.h" #include "net/cert/pem_tokenizer.h" @@ -171,11 +174,9 @@ void AttestationPolicyObserver::Start() { weak_factory_.GetWeakPtr()); cryptohome_client_->TpmAttestationDoesKeyExist( KEY_DEVICE, - std::string(), // Not used. + cryptohome::Identification(), // Not used. kEnterpriseMachineKey, - base::Bind(DBusBoolRedirectCallback, - on_does_exist, - on_does_not_exist, + base::Bind(DBusBoolRedirectCallback, on_does_exist, on_does_not_exist, base::Bind(&AttestationPolicyObserver::Reschedule, weak_factory_.GetWeakPtr()), FROM_HERE)); @@ -185,22 +186,21 @@ void AttestationPolicyObserver::GetNewCertificate() { // We can reuse the dbus callback handler logic. attestation_flow_->GetCertificate( PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, - std::string(), // Not used. - std::string(), // Not used. - true, // Force a new key to be generated. + EmptyAccountId(), // Not used. + std::string(), // Not used. + true, // Force a new key to be generated. base::Bind(DBusStringCallback, base::Bind(&AttestationPolicyObserver::UploadCertificate, weak_factory_.GetWeakPtr()), base::Bind(&AttestationPolicyObserver::Reschedule, weak_factory_.GetWeakPtr()), - FROM_HERE, - DBUS_METHOD_CALL_SUCCESS)); + FROM_HERE, DBUS_METHOD_CALL_SUCCESS)); } void AttestationPolicyObserver::GetExistingCertificate() { cryptohome_client_->TpmAttestationGetCertificate( KEY_DEVICE, - std::string(), // Not used. + cryptohome::Identification(), // Not used. kEnterpriseMachineKey, base::Bind(DBusStringCallback, base::Bind(&AttestationPolicyObserver::CheckCertificateExpiry, @@ -272,10 +272,9 @@ void AttestationPolicyObserver::GetKeyPayload( base::Callback<void(const std::string&)> callback) { cryptohome_client_->TpmAttestationGetKeyPayload( KEY_DEVICE, - std::string(), // Not used. + cryptohome::Identification(), // Not used. kEnterpriseMachineKey, - base::Bind(DBusStringCallback, - callback, + base::Bind(DBusStringCallback, callback, base::Bind(&AttestationPolicyObserver::Reschedule, weak_factory_.GetWeakPtr()), FROM_HERE)); @@ -301,14 +300,10 @@ void AttestationPolicyObserver::MarkAsUploaded(const std::string& key_payload) { } cryptohome_client_->TpmAttestationSetKeyPayload( KEY_DEVICE, - std::string(), // Not used. - kEnterpriseMachineKey, - new_payload, - base::Bind(DBusBoolRedirectCallback, - base::Closure(), - base::Closure(), - base::Closure(), - FROM_HERE)); + cryptohome::Identification(), // Not used. + kEnterpriseMachineKey, new_payload, + base::Bind(DBusBoolRedirectCallback, base::Closure(), base::Closure(), + base::Closure(), FROM_HERE)); } void AttestationPolicyObserver::Reschedule() { diff --git a/chrome/browser/chromeos/attestation/platform_verification_flow.cc b/chrome/browser/chromeos/attestation/platform_verification_flow.cc index a756de0..794ed3a 100644 --- a/chrome/browser/chromeos/attestation/platform_verification_flow.cc +++ b/chrome/browser/chromeos/attestation/platform_verification_flow.cc @@ -23,6 +23,7 @@ #include "chromeos/attestation/attestation_flow.h" #include "chromeos/chromeos_switches.h" #include "chromeos/cryptohome/async_method_caller.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/cryptohome_client.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "components/content_settings/core/browser/host_content_settings_map.h" @@ -249,11 +250,12 @@ void PlatformVerificationFlow::OnAttestationPrepared( return; } - GetCertificate(context, user->email(), false /* Don't force a new key */); + GetCertificate(context, user->GetAccountId(), + false /* Don't force a new key */); } void PlatformVerificationFlow::GetCertificate(const ChallengeContext& context, - const std::string& user_id, + const AccountId& account_id, bool force_new_key) { scoped_ptr<base::Timer> timer(new base::Timer(false, // Don't retain. false)); // Don't repeat. @@ -263,23 +265,17 @@ void PlatformVerificationFlow::GetCertificate(const ChallengeContext& context, context); timer->Start(FROM_HERE, timeout_delay_, timeout_callback); - AttestationFlow::CertificateCallback certificate_callback = base::Bind( - &PlatformVerificationFlow::OnCertificateReady, - this, - context, - user_id, - base::Passed(&timer)); - attestation_flow_->GetCertificate( - PROFILE_CONTENT_PROTECTION_CERTIFICATE, - user_id, - context.service_id, - force_new_key, - certificate_callback); + AttestationFlow::CertificateCallback certificate_callback = + base::Bind(&PlatformVerificationFlow::OnCertificateReady, this, context, + account_id, base::Passed(&timer)); + attestation_flow_->GetCertificate(PROFILE_CONTENT_PROTECTION_CERTIFICATE, + account_id, context.service_id, + force_new_key, certificate_callback); } void PlatformVerificationFlow::OnCertificateReady( const ChallengeContext& context, - const std::string& user_id, + const AccountId& account_id, scoped_ptr<base::Timer> timer, bool operation_success, const std::string& certificate_chain) { @@ -301,20 +297,18 @@ void PlatformVerificationFlow::OnCertificateReady( ExpiryStatus expiry_status = CheckExpiry(certificate_chain); ReportExpiryStatus(expiry_status); if (expiry_status == EXPIRY_STATUS_EXPIRED) { - GetCertificate(context, user_id, true /* Force a new key */); + GetCertificate(context, account_id, true /* Force a new key */); return; } bool is_expiring_soon = (expiry_status == EXPIRY_STATUS_EXPIRING_SOON); cryptohome::AsyncMethodCaller::DataCallback cryptohome_callback = base::Bind(&PlatformVerificationFlow::OnChallengeReady, this, context, - user_id, certificate_chain, is_expiring_soon); + account_id, certificate_chain, is_expiring_soon); std::string key_name = kContentProtectionKeyPrefix; key_name += context.service_id; - async_caller_->TpmAttestationSignSimpleChallenge(KEY_USER, - user_id, - key_name, - context.challenge, - cryptohome_callback); + async_caller_->TpmAttestationSignSimpleChallenge( + KEY_USER, cryptohome::Identification(account_id), key_name, + context.challenge, cryptohome_callback); } void PlatformVerificationFlow::OnCertificateTimeout( @@ -325,7 +319,7 @@ void PlatformVerificationFlow::OnCertificateTimeout( void PlatformVerificationFlow::OnChallengeReady( const ChallengeContext& context, - const std::string& user_id, + const AccountId& account_id, const std::string& certificate_chain, bool is_expiring_soon, bool operation_success, @@ -352,7 +346,7 @@ void PlatformVerificationFlow::OnChallengeReady( base::Bind(&PlatformVerificationFlow::RenewCertificateCallback, this, certificate_chain); attestation_flow_->GetCertificate(PROFILE_CONTENT_PROTECTION_CERTIFICATE, - user_id, context.service_id, + account_id, context.service_id, true, // force_new_key renew_callback); } diff --git a/chrome/browser/chromeos/attestation/platform_verification_flow.h b/chrome/browser/chromeos/attestation/platform_verification_flow.h index 55f6d13..fd7576b 100644 --- a/chrome/browser/chromeos/attestation/platform_verification_flow.h +++ b/chrome/browser/chromeos/attestation/platform_verification_flow.h @@ -16,6 +16,8 @@ #include "base/timer/timer.h" #include "url/gurl.h" +class AccountId; + namespace content { class WebContents; } @@ -176,17 +178,17 @@ class PlatformVerificationFlow bool attestation_prepared); // Initiates the flow to get a platform key certificate. The arguments to - // ChallengePlatformKey are in |context|. |user_id| identifies the user for - // which to get a certificate. If |force_new_key| is true then any existing - // key for the same user and service will be ignored and a new key will be - // generated and certified. + // ChallengePlatformKey are in |context|. |account_id| identifies the user + // for which to get a certificate. If |force_new_key| is true then any + // existing key for the same user and service will be ignored and a new key + // will be generated and certified. void GetCertificate(const ChallengeContext& context, - const std::string& user_id, + const AccountId& account_id, bool force_new_key); // A callback called when an attestation certificate request operation // completes. The arguments to ChallengePlatformKey are in |context|. - // |user_id| identifies the user for which the certificate was requested. + // |account_id| identifies the user for which the certificate was requested. // |operation_success| is true iff the certificate request operation // succeeded. |certificate_chain| holds the certificate for the platform key // on success. If the certificate request was successful, this method invokes @@ -194,7 +196,7 @@ class PlatformVerificationFlow // method being called, this method does nothing - notably, the callback is // not invoked. void OnCertificateReady(const ChallengeContext& context, - const std::string& user_id, + const AccountId& account_id, scoped_ptr<base::Timer> timer, bool operation_success, const std::string& certificate_chain); @@ -207,14 +209,14 @@ class PlatformVerificationFlow // A callback called when a challenge signing request has completed. The // |certificate_chain| is the platform certificate chain for the key which // signed the |challenge|. The arguments to ChallengePlatformKey are in - // |context|. |user_id| identifies the user for which the certificate was + // |context|. |account_id| identifies the user for which the certificate was // requested. |is_expiring_soon| will be set iff a certificate in the // |certificate_chain| is expiring soon. |operation_success| is true iff the // challenge signing operation was successful. If it was successful, // |response_data| holds the challenge response and the method will invoke // |context.callback|. void OnChallengeReady(const ChallengeContext& context, - const std::string& user_id, + const AccountId& account_id, const std::string& certificate_chain, bool is_expiring_soon, bool operation_success, diff --git a/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc b/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc index 14dbb66..58897b3 100644 --- a/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc +++ b/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc @@ -164,22 +164,23 @@ class PlatformVerificationFlowTest : public ::testing::Test { // that there are no calls to the attestation service. Thus, a test must // explicitly expect these calls or the mocks will fail the test. + const AccountId account_id = AccountId::FromUserEmail(kTestEmail); // Configure the mock AttestationFlow to call FakeGetCertificate. EXPECT_CALL(mock_attestation_flow_, GetCertificate(PROFILE_CONTENT_PROTECTION_CERTIFICATE, - kTestEmail, kTestID, _, _)) - .WillRepeatedly(WithArgs<4>(Invoke( - this, &PlatformVerificationFlowTest::FakeGetCertificate))); + account_id, kTestID, _, _)) + .WillRepeatedly(WithArgs<4>( + Invoke(this, &PlatformVerificationFlowTest::FakeGetCertificate))); // Configure the mock AsyncMethodCaller to call FakeSignChallenge. std::string expected_key_name = std::string(kContentProtectionKeyPrefix) + std::string(kTestID); EXPECT_CALL(mock_async_caller_, - TpmAttestationSignSimpleChallenge(KEY_USER, kTestEmail, - expected_key_name, - kTestChallenge, _)) - .WillRepeatedly(WithArgs<4>(Invoke( - this, &PlatformVerificationFlowTest::FakeSignChallenge))); + TpmAttestationSignSimpleChallenge( + KEY_USER, cryptohome::Identification(account_id), + expected_key_name, kTestChallenge, _)) + .WillRepeatedly(WithArgs<4>( + Invoke(this, &PlatformVerificationFlowTest::FakeSignChallenge))); } void FakeGetCertificate( diff --git a/chrome/browser/chromeos/chrome_browser_main_chromeos.cc b/chrome/browser/chromeos/chrome_browser_main_chromeos.cc index 7ec7f7c..cd13f69 100644 --- a/chrome/browser/chromeos/chrome_browser_main_chromeos.cc +++ b/chrome/browser/chromeos/chrome_browser_main_chromeos.cc @@ -93,6 +93,7 @@ #include "chromeos/chromeos_paths.h" #include "chromeos/chromeos_switches.h" #include "chromeos/cryptohome/async_method_caller.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/cryptohome/homedir_methods.h" #include "chromeos/cryptohome/system_salt_getter.h" #include "chromeos/dbus/dbus_thread_manager.h" @@ -328,7 +329,8 @@ void ChromeBrowserMainPartsChromeos::PreEarlyInitialization() { !parsed_command_line().HasSwitch(switches::kLoginUser) && !parsed_command_line().HasSwitch(switches::kGuestSession)) { singleton_command_line->AppendSwitchASCII( - switches::kLoginUser, login::StubAccountId().GetUserEmail()); + switches::kLoginUser, + cryptohome::Identification(login::StubAccountId()).id()); if (!parsed_command_line().HasSwitch(switches::kLoginProfile)) { singleton_command_line->AppendSwitchASCII(switches::kLoginProfile, chrome::kTestUserProfileDir); @@ -515,11 +517,13 @@ void ChromeBrowserMainPartsChromeos::PreProfileInit() { ChromeBrowserMainPartsLinux::PreProfileInit(); if (immediate_login) { - const std::string user_email = login::CanonicalizeUserID( - parsed_command_line().GetSwitchValueASCII(switches::kLoginUser)); + const std::string cryptohome_id = + parsed_command_line().GetSwitchValueASCII(switches::kLoginUser); + const AccountId account_id( + cryptohome::Identification::FromString(cryptohome_id).GetAccountId()); + user_manager::UserManager* user_manager = user_manager::UserManager::Get(); - const AccountId account_id(AccountId::FromUserEmail(user_email)); if (policy::IsDeviceLocalAccountUser(account_id.GetUserEmail(), NULL) && !user_manager->IsKnownUser(account_id)) { // When a device-local account is removed, its policy is deleted from disk @@ -536,7 +540,7 @@ void ChromeBrowserMainPartsChromeos::PreProfileInit() { std::string user_id_hash = parsed_command_line().GetSwitchValueASCII(switches::kLoginProfile); user_manager->UserLoggedIn(account_id, user_id_hash, true); - VLOG(1) << "Relaunching browser for user: " << user_email + VLOG(1) << "Relaunching browser for user: " << account_id.Serialize() << " with hash: " << user_id_hash; } } diff --git a/chrome/browser/chromeos/login/app_launch_controller.cc b/chrome/browser/chromeos/login/app_launch_controller.cc index 057671f..c8c6579 100644 --- a/chrome/browser/chromeos/login/app_launch_controller.cc +++ b/chrome/browser/chromeos/login/app_launch_controller.cc @@ -29,6 +29,7 @@ #include "chrome/browser/ui/webui/chromeos/login/app_launch_splash_screen_handler.h" #include "chrome/browser/ui/webui/chromeos/login/oobe_ui.h" #include "chromeos/settings/cros_settings_names.h" +#include "components/user_manager/known_user.h" #include "components/user_manager/user_manager.h" #include "content/public/browser/notification_service.h" #include "extensions/browser/app_window/app_window.h" @@ -159,9 +160,8 @@ void AppLaunchController::StartAppLaunch(bool is_auto_launch) { if (delay == 0) KioskAppManager::Get()->SetAppWasAutoLaunchedWithZeroDelay(app_id_); } - kiosk_profile_loader_.reset( - new KioskProfileLoader(app.user_id, false, this)); + new KioskProfileLoader(app.account_id, false, this)); kiosk_profile_loader_->Start(); } diff --git a/chrome/browser/chromeos/login/auth/cryptohome_authenticator_unittest.cc b/chrome/browser/chromeos/login/auth/cryptohome_authenticator_unittest.cc index 606ca65..de73217 100644 --- a/chrome/browser/chromeos/login/auth/cryptohome_authenticator_unittest.cc +++ b/chrome/browser/chromeos/login/auth/cryptohome_authenticator_unittest.cc @@ -266,10 +266,10 @@ class CryptohomeAuthenticatorTest : public testing::Test { cryptohome::KeyDefinition::ProviderData("salt")); key_definition.provider_data.back().bytes = std::move(salt); } - EXPECT_CALL(*mock_homedir_methods_, - GetKeyDataEx(cryptohome::Identification( - user_context_.GetAccountId().GetUserEmail()), - kCryptohomeGAIAKeyLabel, _)) + EXPECT_CALL( + *mock_homedir_methods_, + GetKeyDataEx(cryptohome::Identification(user_context_.GetAccountId()), + kCryptohomeGAIAKeyLabel, _)) .WillOnce(WithArg<2>(Invoke( this, &CryptohomeAuthenticatorTest::InvokeGetDataExCallback))); } @@ -285,10 +285,10 @@ class CryptohomeAuthenticatorTest : public testing::Test { kCryptohomeGAIAKeyLabel, cryptohome::PRIV_DEFAULT)); } - EXPECT_CALL(*mock_homedir_methods_, - MountEx(cryptohome::Identification( - user_context_.GetAccountId().GetUserEmail()), - cryptohome::Authorization(auth_key), mount, _)) + EXPECT_CALL( + *mock_homedir_methods_, + MountEx(cryptohome::Identification(user_context_.GetAccountId()), + cryptohome::Authorization(auth_key), mount, _)) .Times(1) .RetiresOnSaturation(); } @@ -562,8 +562,9 @@ TEST_F(CryptohomeAuthenticatorTest, DriveDataResync) { // Set up mock async method caller to respond successfully to a cryptohome // remove attempt. mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(*mock_caller_, - AsyncRemove(user_context_.GetAccountId().GetUserEmail(), _)) + EXPECT_CALL( + *mock_caller_, + AsyncRemove(cryptohome::Identification(user_context_.GetAccountId()), _)) .Times(1) .RetiresOnSaturation(); @@ -585,8 +586,9 @@ TEST_F(CryptohomeAuthenticatorTest, DriveResyncFail) { // Set up mock async method caller to fail a cryptohome remove attempt. mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(*mock_caller_, - AsyncRemove(user_context_.GetAccountId().GetUserEmail(), _)) + EXPECT_CALL( + *mock_caller_, + AsyncRemove(cryptohome::Identification(user_context_.GetAccountId()), _)) .Times(1) .RetiresOnSaturation(); @@ -616,9 +618,10 @@ TEST_F(CryptohomeAuthenticatorTest, DriveDataRecover) { // Set up mock async method caller to respond successfully to a key migration. mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(*mock_caller_, - AsyncMigrateKey(user_context_.GetAccountId().GetUserEmail(), _, - transformed_key_.GetSecret(), _)) + EXPECT_CALL( + *mock_caller_, + AsyncMigrateKey(cryptohome::Identification(user_context_.GetAccountId()), + _, transformed_key_.GetSecret(), _)) .Times(1) .RetiresOnSaturation(); @@ -641,9 +644,10 @@ TEST_F(CryptohomeAuthenticatorTest, DriveDataRecoverButFail) { // Set up mock async method caller to fail a key migration attempt, // asserting that the wrong password was used. mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_KEY_FAILURE); - EXPECT_CALL(*mock_caller_, - AsyncMigrateKey(user_context_.GetAccountId().GetUserEmail(), _, - transformed_key_.GetSecret(), _)) + EXPECT_CALL( + *mock_caller_, + AsyncMigrateKey(cryptohome::Identification(user_context_.GetAccountId()), + _, transformed_key_.GetSecret(), _)) .Times(1) .RetiresOnSaturation(); @@ -732,8 +736,10 @@ TEST_F(CryptohomeAuthenticatorTest, DriveUnlock) { // Set up mock async method caller to respond successfully to a cryptohome // key-check attempt. mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(*mock_caller_, - AsyncCheckKey(user_context_.GetAccountId().GetUserEmail(), _, _)) + EXPECT_CALL( + *mock_caller_, + AsyncCheckKey(cryptohome::Identification(user_context_.GetAccountId()), _, + _)) .Times(1) .RetiresOnSaturation(); diff --git a/chrome/browser/chromeos/login/chrome_restart_request.cc b/chrome/browser/chromeos/login/chrome_restart_request.cc index 037af8c..cdd081b 100644 --- a/chrome/browser/chromeos/login/chrome_restart_request.cc +++ b/chrome/browser/chromeos/login/chrome_restart_request.cc @@ -28,6 +28,7 @@ #include "chrome/common/chrome_switches.h" #include "chrome/common/url_constants.h" #include "chromeos/chromeos_switches.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "chromeos/dbus/session_manager_client.h" #include "chromeos/login/user_names.h" @@ -322,8 +323,9 @@ void GetOffTheRecordCommandLine(const GURL& start_url, otr_switches.SetString(switches::kGuestSession, std::string()); otr_switches.SetString(::switches::kIncognito, std::string()); otr_switches.SetString(::switches::kLoggingLevel, kGuestModeLoggingLevel); - otr_switches.SetString(switches::kLoginUser, - login::GuestAccountId().GetUserEmail()); + otr_switches.SetString( + switches::kLoginUser, + cryptohome::Identification(login::GuestAccountId()).id()); // Override the home page. otr_switches.SetString(::switches::kHomePage, diff --git a/chrome/browser/chromeos/login/crash_restore_browsertest.cc b/chrome/browser/chromeos/login/crash_restore_browsertest.cc index 4d27624..41ded0b6 100644 --- a/chrome/browser/chromeos/login/crash_restore_browsertest.cc +++ b/chrome/browser/chromeos/login/crash_restore_browsertest.cc @@ -13,6 +13,7 @@ #include "chrome/browser/chromeos/login/session/user_session_manager_test_api.h" #include "chrome/test/base/in_process_browser_test.h" #include "chromeos/chromeos_switches.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/cryptohome_client.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "chromeos/dbus/fake_session_manager_client.h" @@ -40,10 +41,10 @@ class CrashRestoreSimpleTest : public InProcessBrowserTest { ~CrashRestoreSimpleTest() override {} void SetUpCommandLine(base::CommandLine* command_line) override { - command_line->AppendSwitchASCII(switches::kLoginUser, kUserId1); + command_line->AppendSwitchASCII(switches::kLoginUser, cryptohome_id1_.id()); command_line->AppendSwitchASCII( switches::kLoginProfile, - CryptohomeClient::GetStubSanitizedUsername(kUserId1)); + CryptohomeClient::GetStubSanitizedUsername(cryptohome_id1_)); } void SetUpInProcessBrowserTestFixture() override { @@ -51,18 +52,27 @@ class CrashRestoreSimpleTest : public InProcessBrowserTest { session_manager_client_ = new FakeSessionManagerClient; chromeos::DBusThreadManager::GetSetterForTesting()->SetSessionManagerClient( scoped_ptr<SessionManagerClient>(session_manager_client_)); - session_manager_client_->StartSession(kUserId1); + session_manager_client_->StartSession(cryptohome_id1_); } FakeSessionManagerClient* session_manager_client_; + const AccountId account_id1_ = AccountId::FromUserEmail(kUserId1); + const AccountId account_id2_ = AccountId::FromUserEmail(kUserId2); + const AccountId account_id3_ = AccountId::FromUserEmail(kUserId3); + const cryptohome::Identification cryptohome_id1_ = + cryptohome::Identification(account_id1_); + const cryptohome::Identification cryptohome_id2_ = + cryptohome::Identification(account_id2_); + const cryptohome::Identification cryptohome_id3_ = + cryptohome::Identification(account_id3_); }; IN_PROC_BROWSER_TEST_F(CrashRestoreSimpleTest, RestoreSessionForOneUser) { user_manager::UserManager* user_manager = user_manager::UserManager::Get(); user_manager::User* user = user_manager->GetActiveUser(); ASSERT_TRUE(user); - EXPECT_EQ(kUserId1, user->email()); - EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(kUserId1), + EXPECT_EQ(account_id1_, user->GetAccountId()); + EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(cryptohome_id1_), user->username_hash()); EXPECT_EQ(1UL, user_manager->GetLoggedInUsers().size()); } @@ -116,8 +126,8 @@ class CrashRestoreComplexTest : public CrashRestoreSimpleTest { void SetUpInProcessBrowserTestFixture() override { CrashRestoreSimpleTest::SetUpInProcessBrowserTestFixture(); - session_manager_client_->StartSession(kUserId2); - session_manager_client_->StartSession(kUserId3); + session_manager_client_->StartSession(cryptohome_id2_); + session_manager_client_->StartSession(cryptohome_id3_); } }; @@ -138,21 +148,21 @@ IN_PROC_BROWSER_TEST_F(CrashRestoreComplexTest, RestoreSessionForThreeUsers) { user_manager::UserManager* user_manager = user_manager::UserManager::Get(); user_manager::User* user = user_manager->GetActiveUser(); ASSERT_TRUE(user); - EXPECT_EQ(kUserId3, user->email()); - EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(kUserId3), + EXPECT_EQ(account_id3_, user->GetAccountId()); + EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(cryptohome_id3_), user->username_hash()); const user_manager::UserList& users = user_manager->GetLoggedInUsers(); ASSERT_EQ(3UL, users.size()); // User that becomes active moves to the beginning of the list. - EXPECT_EQ(kUserId3, users[0]->email()); - EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(kUserId3), + EXPECT_EQ(account_id3_, users[0]->GetAccountId()); + EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(cryptohome_id3_), users[0]->username_hash()); - EXPECT_EQ(kUserId2, users[1]->email()); - EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(kUserId2), + EXPECT_EQ(account_id2_, users[1]->GetAccountId()); + EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(cryptohome_id2_), users[1]->username_hash()); - EXPECT_EQ(kUserId1, users[2]->email()); - EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(kUserId1), + EXPECT_EQ(account_id1_, users[2]->GetAccountId()); + EXPECT_EQ(CryptohomeClient::GetStubSanitizedUsername(cryptohome_id1_), users[2]->username_hash()); } diff --git a/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.cc b/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.cc index e5f452c..5c9c45d 100644 --- a/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.cc +++ b/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.cc @@ -49,14 +49,14 @@ DemoAppLauncher::~DemoAppLauncher() { void DemoAppLauncher::StartDemoAppLaunch() { DVLOG(1) << "Launching demo app..."; // user_id = DemoAppUserId, force_emphemeral = true, delegate = this. - kiosk_profile_loader_.reset(new KioskProfileLoader( - login::DemoAccountId().GetUserEmail(), true, this)); + kiosk_profile_loader_.reset( + new KioskProfileLoader(login::DemoAccountId(), true, this)); kiosk_profile_loader_->Start(); } // static -bool DemoAppLauncher::IsDemoAppSession(const std::string& user_id) { - return user_id == login::DemoAccountId().GetUserEmail(); +bool DemoAppLauncher::IsDemoAppSession(const AccountId& account_id) { + return account_id == login::DemoAccountId(); } // static diff --git a/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.h b/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.h index dfc3a8f..74322bd 100644 --- a/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.h +++ b/chrome/browser/chromeos/login/demo_mode/demo_app_launcher.h @@ -12,6 +12,8 @@ #include "base/memory/scoped_ptr.h" #include "chrome/browser/chromeos/app_mode/kiosk_profile_loader.h" +class AccountId; + namespace base { class FilePath; } @@ -26,7 +28,7 @@ class DemoAppLauncher : public KioskProfileLoader::Delegate { void StartDemoAppLaunch(); - static bool IsDemoAppSession(const std::string& user_id); + static bool IsDemoAppSession(const AccountId& account_id); static void SetDemoAppPathForTesting(const base::FilePath& path); static const char kDemoAppId[]; diff --git a/chrome/browser/chromeos/login/easy_unlock/bootstrap_user_context_initializer.cc b/chrome/browser/chromeos/login/easy_unlock/bootstrap_user_context_initializer.cc index 6b3a82b..536e7c2 100644 --- a/chrome/browser/chromeos/login/easy_unlock/bootstrap_user_context_initializer.cc +++ b/chrome/browser/chromeos/login/easy_unlock/bootstrap_user_context_initializer.cc @@ -12,6 +12,8 @@ #include "chrome/browser/chromeos/login/session/user_session_manager.h" #include "chrome/browser/chromeos/profiles/profile_helper.h" #include "chrome/browser/signin/easy_unlock_service_signin_chromeos.h" +#include "chromeos/login/user_names.h" +#include "components/user_manager/known_user.h" #include "components/user_manager/user_manager.h" #include "crypto/random.h" #include "google_apis/gaia/gaia_constants.h" @@ -175,8 +177,8 @@ void BootstrapUserContextInitializer::OnGetUserInfoResponse( return; } - user_context_.SetUserID(email); - user_context_.SetGaiaID(gaia_id); + user_context_.SetAccountId(user_manager::known_user::GetAccountId( + login::CanonicalizeUserID(email), gaia_id)); StartCheckExistingKeys(); } diff --git a/chrome/browser/chromeos/login/easy_unlock/easy_unlock_create_keys_operation.cc b/chrome/browser/chromeos/login/easy_unlock/easy_unlock_create_keys_operation.cc index ea8a122..360e825 100644 --- a/chrome/browser/chromeos/login/easy_unlock/easy_unlock_create_keys_operation.cc +++ b/chrome/browser/chromeos/login/easy_unlock/easy_unlock_create_keys_operation.cc @@ -355,9 +355,7 @@ void EasyUnlockCreateKeysOperation::OnGetSystemSalt( kEasyUnlockKeyMetaNameWrappedSecret, device->wrapped_secret)); // Add cryptohome key. - const std::string canonicalized = - gaia::CanonicalizeEmail(user_context_.GetAccountId().GetUserEmail()); - cryptohome::Identification id(canonicalized); + const cryptohome::Identification id(user_context_.GetAccountId()); scoped_ptr<Key> auth_key(new Key(*user_context_.GetKey())); if (auth_key->GetKeyType() == Key::KEY_TYPE_PASSWORD_PLAIN) diff --git a/chrome/browser/chromeos/login/easy_unlock/easy_unlock_get_keys_operation.cc b/chrome/browser/chromeos/login/easy_unlock/easy_unlock_get_keys_operation.cc index fdfe3bf..46e75eb 100644 --- a/chrome/browser/chromeos/login/easy_unlock/easy_unlock_get_keys_operation.cc +++ b/chrome/browser/chromeos/login/easy_unlock/easy_unlock_get_keys_operation.cc @@ -36,9 +36,7 @@ void EasyUnlockGetKeysOperation::Start() { } void EasyUnlockGetKeysOperation::GetKeyData() { - const std::string canonicalized = - gaia::CanonicalizeEmail(user_context_.GetAccountId().GetUserEmail()); - cryptohome::Identification id(canonicalized); + const cryptohome::Identification id(user_context_.GetAccountId()); cryptohome::HomedirMethods::GetInstance()->GetKeyDataEx( id, EasyUnlockKeyManager::GetKeyLabel(key_index_), diff --git a/chrome/browser/chromeos/login/easy_unlock/easy_unlock_remove_keys_operation.cc b/chrome/browser/chromeos/login/easy_unlock/easy_unlock_remove_keys_operation.cc index 9ead3ef..2a61962 100644 --- a/chrome/browser/chromeos/login/easy_unlock/easy_unlock_remove_keys_operation.cc +++ b/chrome/browser/chromeos/login/easy_unlock/easy_unlock_remove_keys_operation.cc @@ -47,9 +47,7 @@ void EasyUnlockRemoveKeysOperation::OnGetSystemSalt( } void EasyUnlockRemoveKeysOperation::RemoveKey() { - const std::string canonicalized = - gaia::CanonicalizeEmail(user_context_.GetAccountId().GetUserEmail()); - cryptohome::Identification id(canonicalized); + cryptohome::Identification id(user_context_.GetAccountId()); const Key* const auth_key = user_context_.GetKey(); cryptohome::Authorization auth(auth_key->GetSecret(), auth_key->GetLabel()); diff --git a/chrome/browser/chromeos/login/existing_user_controller.cc b/chrome/browser/chromeos/login/existing_user_controller.cc index d265d84..6903f74 100644 --- a/chrome/browser/chromeos/login/existing_user_controller.cc +++ b/chrome/browser/chromeos/login/existing_user_controller.cc @@ -762,8 +762,8 @@ bool ExistingUserController::password_changed() const { } void ExistingUserController::LoginAsGuest() { - PerformPreLoginActions(UserContext(user_manager::USER_TYPE_GUEST, - login::GuestAccountId().GetUserEmail())); + PerformPreLoginActions( + UserContext(user_manager::USER_TYPE_GUEST, login::GuestAccountId())); bool allow_guest; cros_settings_->GetBoolean(kAccountsPrefAllowGuest, &allow_guest); @@ -866,20 +866,21 @@ void ExistingUserController::ConfigurePublicSessionAutoLogin() { const std::vector<policy::DeviceLocalAccount> device_local_accounts = policy::GetDeviceLocalAccounts(cros_settings_); - public_session_auto_login_username_.clear(); + public_session_auto_login_account_id_ = EmptyAccountId(); for (std::vector<policy::DeviceLocalAccount>::const_iterator it = device_local_accounts.begin(); it != device_local_accounts.end(); ++it) { if (it->account_id == auto_login_account_id) { - public_session_auto_login_username_ = it->user_id; + public_session_auto_login_account_id_ = + AccountId::FromUserEmail(it->user_id); break; } } const user_manager::User* user = user_manager::UserManager::Get()->FindUser( - AccountId::FromUserEmail(public_session_auto_login_username_)); + public_session_auto_login_account_id_); if (!user || user->GetType() != user_manager::USER_TYPE_PUBLIC_ACCOUNT) - public_session_auto_login_username_.clear(); + public_session_auto_login_account_id_ = EmptyAccountId(); if (!cros_settings_->GetInteger( kAccountsPrefDeviceLocalAccountAutoLoginDelay, @@ -887,7 +888,7 @@ void ExistingUserController::ConfigurePublicSessionAutoLogin() { public_session_auto_login_delay_ = 0; } - if (!public_session_auto_login_username_.empty()) + if (public_session_auto_login_account_id_.is_valid()) StartPublicSessionAutoLoginTimer(); else StopPublicSessionAutoLoginTimer(); @@ -902,9 +903,10 @@ void ExistingUserController::ResetPublicSessionAutoLoginTimer() { } void ExistingUserController::OnPublicSessionAutoLoginTimerFire() { - CHECK(signin_screen_ready_ && !public_session_auto_login_username_.empty()); + CHECK(signin_screen_ready_ && + public_session_auto_login_account_id_.is_valid()); Login(UserContext(user_manager::USER_TYPE_PUBLIC_ACCOUNT, - public_session_auto_login_username_), + public_session_auto_login_account_id_), SigninSpecifics()); } @@ -914,9 +916,8 @@ void ExistingUserController::StopPublicSessionAutoLoginTimer() { } void ExistingUserController::StartPublicSessionAutoLoginTimer() { - if (!signin_screen_ready_ || - is_login_in_progress_ || - public_session_auto_login_username_.empty()) { + if (!signin_screen_ready_ || is_login_in_progress_ || + !public_session_auto_login_account_id_.is_valid()) { return; } diff --git a/chrome/browser/chromeos/login/existing_user_controller.h b/chrome/browser/chromeos/login/existing_user_controller.h index 2d18cfe..c9dd991 100644 --- a/chrome/browser/chromeos/login/existing_user_controller.h +++ b/chrome/browser/chromeos/login/existing_user_controller.h @@ -26,6 +26,7 @@ #include "chrome/browser/chromeos/settings/device_settings_service.h" #include "chromeos/login/auth/login_performer.h" #include "chromeos/login/auth/user_context.h" +#include "components/signin/core/account_id/account_id.h" #include "components/user_manager/user.h" #include "content/public/browser/notification_observer.h" #include "content/public/browser/notification_registrar.h" @@ -256,8 +257,8 @@ class ExistingUserController : public LoginDisplay::Delegate, // Public session auto-login timeout, in milliseconds. int public_session_auto_login_delay_; - // Username for public session auto-login. - std::string public_session_auto_login_username_; + // AccountId for public session auto-login. + AccountId public_session_auto_login_account_id_ = EmptyAccountId(); // Used to execute login operations. scoped_ptr<LoginPerformer> login_performer_; diff --git a/chrome/browser/chromeos/login/existing_user_controller_auto_login_unittest.cc b/chrome/browser/chromeos/login/existing_user_controller_auto_login_unittest.cc index 3d6ff7f..ce4be33 100644 --- a/chrome/browser/chromeos/login/existing_user_controller_auto_login_unittest.cc +++ b/chrome/browser/chromeos/login/existing_user_controller_auto_login_unittest.cc @@ -101,11 +101,12 @@ class ExistingUserControllerAutoLoginTest : public ::testing::Test { return existing_user_controller()->auto_login_timer_.get(); } - const std::string& auto_login_username() const { - return existing_user_controller()->public_session_auto_login_username_; + const AccountId& auto_login_account_id() const { + return existing_user_controller()->public_session_auto_login_account_id_; } - void set_auto_login_username(const std::string& username) { - existing_user_controller()->public_session_auto_login_username_ = username; + void set_auto_login_account_id(const AccountId& account_id) { + existing_user_controller()->public_session_auto_login_account_id_ = + account_id; } int auto_login_delay() const { @@ -157,19 +158,19 @@ class ExistingUserControllerAutoLoginTest : public ::testing::Test { TEST_F(ExistingUserControllerAutoLoginTest, StartAutoLoginTimer) { // Timer shouldn't start until signin screen is ready. - set_auto_login_username(auto_login_account_id_.GetUserEmail()); + set_auto_login_account_id(auto_login_account_id_); set_auto_login_delay(kAutoLoginDelay2); existing_user_controller()->StartPublicSessionAutoLoginTimer(); EXPECT_FALSE(auto_login_timer()); // Timer shouldn't start if the policy isn't set. - set_auto_login_username(""); + set_auto_login_account_id(EmptyAccountId()); existing_user_controller()->OnSigninScreenReady(); existing_user_controller()->StartPublicSessionAutoLoginTimer(); EXPECT_FALSE(auto_login_timer()); // Timer shouldn't fire in the middle of a login attempt. - set_auto_login_username(auto_login_account_id_.GetUserEmail()); + set_auto_login_account_id(auto_login_account_id_); set_is_login_in_progress(true); existing_user_controller()->StartPublicSessionAutoLoginTimer(); EXPECT_FALSE(auto_login_timer()); @@ -185,7 +186,7 @@ TEST_F(ExistingUserControllerAutoLoginTest, StartAutoLoginTimer) { TEST_F(ExistingUserControllerAutoLoginTest, StopAutoLoginTimer) { existing_user_controller()->OnSigninScreenReady(); - set_auto_login_username(auto_login_account_id_.GetUserEmail()); + set_auto_login_account_id(auto_login_account_id_); set_auto_login_delay(kAutoLoginDelay2); existing_user_controller()->StartPublicSessionAutoLoginTimer(); @@ -199,7 +200,7 @@ TEST_F(ExistingUserControllerAutoLoginTest, StopAutoLoginTimer) { TEST_F(ExistingUserControllerAutoLoginTest, ResetAutoLoginTimer) { existing_user_controller()->OnSigninScreenReady(); - set_auto_login_username(auto_login_account_id_.GetUserEmail()); + set_auto_login_account_id(auto_login_account_id_); // Timer starts off not running. EXPECT_FALSE(auto_login_timer()); @@ -233,14 +234,14 @@ TEST_F(ExistingUserControllerAutoLoginTest, ConfigureAutoLogin) { ConfigureAutoLogin(); EXPECT_FALSE(auto_login_timer()); EXPECT_EQ(auto_login_delay(), 0); - EXPECT_EQ(auto_login_username(), ""); + EXPECT_EQ(auto_login_account_id(), EmptyAccountId()); // Timer shouldn't start when the delay alone is set. SetAutoLoginSettings("", kAutoLoginDelay1); ConfigureAutoLogin(); EXPECT_FALSE(auto_login_timer()); EXPECT_EQ(auto_login_delay(), kAutoLoginDelay1); - EXPECT_EQ(auto_login_username(), ""); + EXPECT_EQ(auto_login_account_id(), EmptyAccountId()); // Timer should start when the account ID is set. SetAutoLoginSettings(auto_login_user_id_, kAutoLoginDelay1); @@ -250,7 +251,7 @@ TEST_F(ExistingUserControllerAutoLoginTest, ConfigureAutoLogin) { EXPECT_EQ(auto_login_timer()->GetCurrentDelay().InMilliseconds(), kAutoLoginDelay1); EXPECT_EQ(auto_login_delay(), kAutoLoginDelay1); - EXPECT_EQ(auto_login_username(), auto_login_account_id_.GetUserEmail()); + EXPECT_EQ(auto_login_account_id(), auto_login_account_id_); // Timer should restart when the delay is changed. SetAutoLoginSettings(auto_login_user_id_, kAutoLoginDelay2); @@ -260,7 +261,7 @@ TEST_F(ExistingUserControllerAutoLoginTest, ConfigureAutoLogin) { EXPECT_EQ(auto_login_timer()->GetCurrentDelay().InMilliseconds(), kAutoLoginDelay2); EXPECT_EQ(auto_login_delay(), kAutoLoginDelay2); - EXPECT_EQ(auto_login_username(), auto_login_account_id_.GetUserEmail()); + EXPECT_EQ(auto_login_account_id(), auto_login_account_id_); // Timer should stop when the account ID is unset. SetAutoLoginSettings("", kAutoLoginDelay2); @@ -269,7 +270,7 @@ TEST_F(ExistingUserControllerAutoLoginTest, ConfigureAutoLogin) { EXPECT_FALSE(auto_login_timer()->IsRunning()); EXPECT_EQ(auto_login_timer()->GetCurrentDelay().InMilliseconds(), kAutoLoginDelay2); - EXPECT_EQ(auto_login_username(), ""); + EXPECT_EQ(auto_login_account_id(), EmptyAccountId()); EXPECT_EQ(auto_login_delay(), kAutoLoginDelay2); } diff --git a/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc b/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc index fd45ed8..1fb92a8 100644 --- a/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc +++ b/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc @@ -198,8 +198,7 @@ class ExistingUserControllerTest : public policy::DevicePolicyCrosBrowserTest { } AccountId auto_login_account_id() const { - return AccountId::FromUserEmail( - existing_user_controller()->public_session_auto_login_username_); + return existing_user_controller()->public_session_auto_login_account_id_; } int auto_login_delay() const { @@ -220,7 +219,8 @@ class ExistingUserControllerTest : public policy::DevicePolicyCrosBrowserTest { // Mock URLFetcher. MockURLFetcherFactory<SuccessFetcher> factory_; - const AccountId account_id_ = AccountId::FromUserEmail(kUsername); + const AccountId account_id_ = + AccountId::FromUserEmailGaiaId(kUsername, kGaiaID); private: DISALLOW_COPY_AND_ASSIGN(ExistingUserControllerTest); @@ -234,7 +234,6 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerTest, ExistingUserLogin) { EXPECT_CALL(*mock_login_display_, SetUIEnabled(false)) .Times(2); UserContext user_context(account_id_); - user_context.SetGaiaID(kGaiaID); user_context.SetKey(Key(kPassword)); user_context.SetUserIDHash(account_id_.GetUserEmail()); test::UserSessionManagerTestApi session_manager_test_api( @@ -285,7 +284,6 @@ void ExistingUserControllerUntrustedTest::SetUpSessionManager() { IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, ExistingUserLoginForbidden) { UserContext user_context(account_id_); - user_context.SetGaiaID(kGaiaID); user_context.SetKey(Key(kPassword)); user_context.SetUserIDHash(account_id_.GetUserEmail()); existing_user_controller()->Login(user_context, SigninSpecifics()); @@ -294,7 +292,6 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, NewUserLoginForbidden) { UserContext user_context(account_id_); - user_context.SetGaiaID(kGaiaID); user_context.SetKey(Key(kPassword)); user_context.SetUserIDHash(account_id_.GetUserEmail()); existing_user_controller()->CompleteLogin(user_context); @@ -303,7 +300,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, GuestLoginForbidden) { existing_user_controller()->Login( - UserContext(user_manager::USER_TYPE_GUEST, std::string()), + UserContext(user_manager::USER_TYPE_GUEST, EmptyAccountId()), SigninSpecifics()); } @@ -526,7 +523,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, AutoLoginNoDelay) { // Set up mocks to check login success. UserContext user_context(user_manager::USER_TYPE_PUBLIC_ACCOUNT, - public_session_account_id_.GetUserEmail()); + public_session_account_id_); user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); ExpectSuccessfulLogin(user_context); existing_user_controller()->OnSigninScreenReady(); @@ -540,7 +537,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, AutoLoginShortDelay) { // Set up mocks to check login success. UserContext user_context(user_manager::USER_TYPE_PUBLIC_ACCOUNT, - public_session_account_id_.GetUserEmail()); + public_session_account_id_); user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); ExpectSuccessfulLogin(user_context); existing_user_controller()->OnSigninScreenReady(); @@ -573,7 +570,6 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, LoginStopsAutoLogin) { // Set up mocks to check login success. UserContext user_context(account_id_); - user_context.SetGaiaID(kGaiaID); user_context.SetKey(Key(kPassword)); user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); ExpectSuccessfulLogin(user_context); @@ -607,7 +603,6 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, EXPECT_CALL(*mock_login_display_, SetUIEnabled(false)) .Times(2); UserContext user_context(account_id_); - user_context.SetGaiaID(kGaiaID); user_context.SetKey(Key(kPassword)); test::UserSessionManagerTestApi session_manager_test_api( UserSessionManager::GetInstance()); @@ -618,9 +613,9 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, EXPECT_TRUE(auto_login_timer()); // Login and check that it stopped the timer. - existing_user_controller()->Login(UserContext(user_manager::USER_TYPE_GUEST, - std::string()), - SigninSpecifics()); + existing_user_controller()->Login( + UserContext(user_manager::USER_TYPE_GUEST, EmptyAccountId()), + SigninSpecifics()); EXPECT_TRUE(is_login_in_progress()); ASSERT_TRUE(auto_login_timer()); EXPECT_FALSE(auto_login_timer()->IsRunning()); @@ -637,7 +632,6 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, CompleteLoginStopsAutoLogin) { // Set up mocks to check login success. UserContext user_context(account_id_); - user_context.SetGaiaID(kGaiaID); user_context.SetKey(Key(kPassword)); user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); ExpectSuccessfulLogin(user_context); @@ -671,7 +665,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, PublicSessionLoginStopsAutoLogin) { // Set up mocks to check login success. UserContext user_context(user_manager::USER_TYPE_PUBLIC_ACCOUNT, - public_session_account_id_.GetUserEmail()); + public_session_account_id_); user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); ExpectSuccessfulLogin(user_context); existing_user_controller()->OnSigninScreenReady(); @@ -685,7 +679,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, // Login and check that it stopped the timer. existing_user_controller()->Login( UserContext(user_manager::USER_TYPE_PUBLIC_ACCOUNT, - public_session_account_id_.GetUserEmail()), + public_session_account_id_), SigninSpecifics()); EXPECT_TRUE(is_login_in_progress()); @@ -710,7 +704,6 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, // Check that the attempt to start a public session fails with an error. ExpectLoginFailure(); UserContext user_context(account_id_); - user_context.SetGaiaID(kGaiaID); user_context.SetKey(Key(kPassword)); user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); existing_user_controller()->Login(user_context, SigninSpecifics()); diff --git a/chrome/browser/chromeos/login/login_browsertest.cc b/chrome/browser/chromeos/login/login_browsertest.cc index d1d248e..bd7b287 100644 --- a/chrome/browser/chromeos/login/login_browsertest.cc +++ b/chrome/browser/chromeos/login/login_browsertest.cc @@ -161,8 +161,8 @@ class LoginTest : public LoginManagerTest { StartGaiaAuthOffline(); - UserContext user_context(AccountId::FromUserEmail(kTestUser)); - user_context.SetGaiaID(kGaiaId); + UserContext user_context( + AccountId::FromUserEmailGaiaId(kTestUser, kGaiaId)); user_context.SetKey(Key(kPassword)); SetExpectedCredentials(user_context); } diff --git a/chrome/browser/chromeos/login/login_manager_test.cc b/chrome/browser/chromeos/login/login_manager_test.cc index 7e1a945..c7d15b8 100644 --- a/chrome/browser/chromeos/login/login_manager_test.cc +++ b/chrome/browser/chromeos/login/login_manager_test.cc @@ -50,7 +50,6 @@ const char kTestRefreshToken2[] = "fake-refresh-token-2"; UserContext CreateUserContext(const std::string& user_id) { UserContext user_context(AccountId::FromUserEmailGaiaId( user_id, LoginManagerTest::GetGaiaIDForUserID(user_id))); - user_context.SetGaiaID(LoginManagerTest::GetGaiaIDForUserID(user_id)); user_context.SetKey(Key("password")); if (user_id == LoginManagerTest::kEnterpriseUser1) { user_context.SetRefreshToken(kTestRefreshToken1); diff --git a/chrome/browser/chromeos/login/saml/saml_browsertest.cc b/chrome/browser/chromeos/login/saml/saml_browsertest.cc index c98c806..9e8b69a 100644 --- a/chrome/browser/chromeos/login/saml/saml_browsertest.cc +++ b/chrome/browser/chromeos/login/saml/saml_browsertest.cc @@ -280,7 +280,7 @@ class SecretInterceptingFakeCryptohomeClient : public FakeCryptohomeClient { public: SecretInterceptingFakeCryptohomeClient(); - void MountEx(const cryptohome::AccountIdentifier& id, + void MountEx(const cryptohome::Identification& id, const cryptohome::AuthorizationRequest& auth, const cryptohome::MountRequest& request, const ProtobufMethodCallback& callback) override; @@ -298,7 +298,7 @@ SecretInterceptingFakeCryptohomeClient:: } void SecretInterceptingFakeCryptohomeClient::MountEx( - const cryptohome::AccountIdentifier& id, + const cryptohome::Identification& id, const cryptohome::AuthorizationRequest& auth, const cryptohome::MountRequest& request, const ProtobufMethodCallback& callback) { diff --git a/chrome/browser/chromeos/login/session/chrome_session_manager.cc b/chrome/browser/chromeos/login/session/chrome_session_manager.cc index 1802d82..1039a40 100644 --- a/chrome/browser/chromeos/login/session/chrome_session_manager.cc +++ b/chrome/browser/chromeos/login/session/chrome_session_manager.cc @@ -16,6 +16,7 @@ #include "chrome/browser/chromeos/login/session/stub_login_session_manager_delegate.h" #include "chrome/browser/profiles/profile.h" #include "chromeos/chromeos_switches.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/login/user_names.h" #include "components/signin/core/account_id/account_id.h" @@ -45,8 +46,10 @@ ChromeSessionManager::CreateSessionManager( bool force_login_screen_in_test = parsed_command_line.HasSwitch(switches::kForceLoginManagerInTests); - const AccountId login_account_id(AccountId::FromUserEmail( - parsed_command_line.GetSwitchValueASCII(switches::kLoginUser))); + const std::string cryptohome_id = + parsed_command_line.GetSwitchValueASCII(switches::kLoginUser); + const AccountId login_account_id( + cryptohome::Identification::FromString(cryptohome_id).GetAccountId()); KioskAppManager::RemoveObsoleteCryptohomes(); diff --git a/chrome/browser/chromeos/login/session/user_session_manager.cc b/chrome/browser/chromeos/login/session/user_session_manager.cc index 572d0a5..75857a2 100644 --- a/chrome/browser/chromeos/login/session/user_session_manager.cc +++ b/chrome/browser/chromeos/login/session/user_session_manager.cc @@ -81,6 +81,7 @@ #include "chrome/common/pref_names.h" #include "chromeos/cert_loader.h" #include "chromeos/chromeos_switches.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/cryptohome/cryptohome_util.h" #include "chromeos/dbus/cryptohome_client.h" #include "chromeos/dbus/dbus_thread_manager.h" @@ -434,7 +435,7 @@ void UserSessionManager::CompleteGuestSessionLogin(const GURL& start_url) { if (!about_flags::AreSwitchesIdenticalToCurrentCommandLine( user_flags, *base::CommandLine::ForCurrentProcess(), NULL)) { DBusThreadManager::Get()->GetSessionManagerClient()->SetFlagsForUser( - login::GuestAccountId().GetUserEmail(), + cryptohome::Identification(login::GuestAccountId()), base::CommandLine::StringVector()); } @@ -718,7 +719,9 @@ bool UserSessionManager::RestartToApplyPerSessionFlagsIfNeed( flags.assign(user_flags.argv().begin() + 1, user_flags.argv().end()); LOG(WARNING) << "Restarting to apply per-session flags..."; DBusThreadManager::Get()->GetSessionManagerClient()->SetFlagsForUser( - user_manager::UserManager::Get()->GetActiveUser()->email(), flags); + cryptohome::Identification( + user_manager::UserManager::Get()->GetActiveUser()->GetAccountId()), + flags); AttemptRestart(profile); return true; } @@ -894,7 +897,7 @@ void UserSessionManager::StartCrosSession() { BootTimesRecorder* btl = BootTimesRecorder::Get(); btl->AddLoginTimeMarker("StartSession-Start", false); DBusThreadManager::Get()->GetSessionManagerClient()->StartSession( - user_context_.GetAccountId().GetUserEmail()); + cryptohome::Identification(user_context_.GetAccountId())); btl->AddLoginTimeMarker("StartSession-End", false); } @@ -908,8 +911,8 @@ void UserSessionManager::NotifyUserLoggedIn() { } void UserSessionManager::PrepareProfile() { - const bool is_demo_session = DemoAppLauncher::IsDemoAppSession( - user_context_.GetAccountId().GetUserEmail()); + const bool is_demo_session = + DemoAppLauncher::IsDemoAppSession(user_context_.GetAccountId()); // TODO(nkostylev): Figure out whether demo session is using the right profile // path or not. See https://codereview.chromium.org/171423009 @@ -1426,13 +1429,14 @@ void UserSessionManager::OnRestoreActiveSessions( user_manager::UserManager* user_manager = user_manager::UserManager::Get(); DCHECK_EQ(1u, user_manager->GetLoggedInUsers().size()); DCHECK(user_manager->GetActiveUser()); - std::string active_user_id = user_manager->GetActiveUser()->email(); + const cryptohome::Identification active_cryptohome_id = + cryptohome::Identification(user_manager->GetActiveUser()->GetAccountId()); SessionManagerClient::ActiveSessionsMap::const_iterator it; for (it = sessions.begin(); it != sessions.end(); ++it) { - if (active_user_id == it->first) + if (active_cryptohome_id == it->first) continue; - pending_user_sessions_[it->first] = it->second; + pending_user_sessions_[(it->first).GetAccountId()] = it->second; } RestorePendingUserSessions(); } @@ -1445,13 +1449,12 @@ void UserSessionManager::RestorePendingUserSessions() { } // Get next user to restore sessions and delete it from list. - SessionManagerClient::ActiveSessionsMap::const_iterator it = - pending_user_sessions_.begin(); - std::string user_id = it->first; + PendingUserSessions::const_iterator it = pending_user_sessions_.begin(); + const AccountId account_id = it->first; std::string user_id_hash = it->second; - DCHECK(!user_id.empty()); + DCHECK(account_id.is_valid()); DCHECK(!user_id_hash.empty()); - pending_user_sessions_.erase(user_id); + pending_user_sessions_.erase(account_id); // Check that this user is not logged in yet. user_manager::UserList logged_in_users = @@ -1461,7 +1464,7 @@ void UserSessionManager::RestorePendingUserSessions() { it != logged_in_users.end(); ++it) { const user_manager::User* user = (*it); - if (user->email() == user_id) { + if (user->GetAccountId() == account_id) { user_already_logged_in = true; break; } @@ -1469,7 +1472,7 @@ void UserSessionManager::RestorePendingUserSessions() { DCHECK(!user_already_logged_in); if (!user_already_logged_in) { - UserContext user_context(AccountId::FromUserEmail(user_id)); + UserContext user_context(account_id); user_context.SetUserIDHash(user_id_hash); user_context.SetIsUsingOAuth(false); diff --git a/chrome/browser/chromeos/login/session/user_session_manager.h b/chrome/browser/chromeos/login/session/user_session_manager.h index e875f2c..31b7367 100644 --- a/chrome/browser/chromeos/login/session/user_session_manager.h +++ b/chrome/browser/chromeos/login/session/user_session_manager.h @@ -433,7 +433,9 @@ class UserSessionManager // User sessions that have to be restored after browser crash. // [user_id] > [user_id_hash] - SessionManagerClient::ActiveSessionsMap pending_user_sessions_; + using PendingUserSessions = std::map<AccountId, std::string>; + + PendingUserSessions pending_user_sessions_; base::ObserverList<chromeos::UserSessionStateObserver> session_state_observer_list_; diff --git a/chrome/browser/chromeos/login/signin/oauth2_browsertest.cc b/chrome/browser/chromeos/login/signin/oauth2_browsertest.cc index f816a7b..e4071ef 100644 --- a/chrome/browser/chromeos/login/signin/oauth2_browsertest.cc +++ b/chrome/browser/chromeos/login/signin/oauth2_browsertest.cc @@ -264,7 +264,6 @@ class OAuth2Test : public OobeBaseTest { } UserContext user_context(account_id); - user_context.SetGaiaID(account_id.GetGaiaId()); user_context.SetKey(Key(password)); controller->Login(user_context, SigninSpecifics()); content::WindowedNotificationObserver( diff --git a/chrome/browser/chromeos/login/supervised/supervised_user_authenticator.cc b/chrome/browser/chromeos/login/supervised/supervised_user_authenticator.cc index a0f9eab..7cbad7c 100644 --- a/chrome/browser/chromeos/login/supervised/supervised_user_authenticator.cc +++ b/chrome/browser/chromeos/login/supervised/supervised_user_authenticator.cc @@ -14,6 +14,8 @@ #include "chromeos/dbus/cryptohome_client.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "chromeos/login/auth/key.h" +#include "components/signin/core/account_id/account_id.h" +#include "components/user_manager/known_user.h" #include "content/public/browser/browser_thread.h" #include "crypto/sha2.h" #include "google_apis/gaia/gaia_auth_util.h" @@ -67,18 +69,16 @@ void Mount(SupervisedUserAuthenticator::AuthAttempt* attempt, Key key(attempt->password); key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); + const AccountId account_id = user_manager::known_user::GetAccountId( + attempt->username, std::string() /* gaia_id */); + const cryptohome::Identification cryptohome_id(account_id); cryptohome::AsyncMethodCaller::GetInstance()->AsyncMount( - attempt->username, - key.GetSecret(), - flags, - base::Bind(&TriggerResolveWithLoginTimeMarker, - "CryptohomeMount-LMU-End", - attempt, - resolver)); + cryptohome_id, key.GetSecret(), flags, + base::Bind(&TriggerResolveWithLoginTimeMarker, "CryptohomeMount-LMU-End", + attempt, resolver)); cryptohome::AsyncMethodCaller::GetInstance()->AsyncGetSanitizedUsername( - attempt->username, - base::Bind(&TriggerResolveResult, attempt, resolver)); + cryptohome_id, base::Bind(&TriggerResolveResult, attempt, resolver)); } // Calls cryptohome's addKey method. @@ -94,14 +94,13 @@ void AddKey(SupervisedUserAuthenticator::AuthAttempt* attempt, user_key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); Key master_key(plain_text_master_key); master_key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); + const AccountId account_id = user_manager::known_user::GetAccountId( + attempt->username, std::string() /* gaia_id */); cryptohome::AsyncMethodCaller::GetInstance()->AsyncAddKey( - attempt->username, - user_key.GetSecret(), + cryptohome::Identification(account_id), user_key.GetSecret(), master_key.GetSecret(), - base::Bind(&TriggerResolveWithLoginTimeMarker, - "CryptohomeAddKey-LMU-End", - attempt, - resolver)); + base::Bind(&TriggerResolveWithLoginTimeMarker, "CryptohomeAddKey-LMU-End", + attempt, resolver)); } } // namespace diff --git a/chrome/browser/chromeos/login/supervised/supervised_user_creation_controller_new.cc b/chrome/browser/chromeos/login/supervised/supervised_user_creation_controller_new.cc index 8699e30..19a1548 100644 --- a/chrome/browser/chromeos/login/supervised/supervised_user_creation_controller_new.cc +++ b/chrome/browser/chromeos/login/supervised/supervised_user_creation_controller_new.cc @@ -229,8 +229,7 @@ void SupervisedUserCreationControllerNew::OnKeyTransformedIfNeeded( keys.push_back(master_key); authenticator_->CreateMount( - creation_context_->local_user_id, - keys, + AccountId::FromUserEmail(creation_context_->local_user_id), keys, base::Bind(&SupervisedUserCreationControllerNew::OnMountSuccess, weak_factory_.GetWeakPtr())); } diff --git a/chrome/browser/chromeos/login/supervised/supervised_user_test_base.cc b/chrome/browser/chromeos/login/supervised/supervised_user_test_base.cc index e329a96..be5e27c 100644 --- a/chrome/browser/chromeos/login/supervised/supervised_user_test_base.cc +++ b/chrome/browser/chromeos/login/supervised/supervised_user_test_base.cc @@ -296,7 +296,6 @@ void SupervisedUserTestBase::StartFlowLoginAsManager() { JSExpect("!$('supervised-user-creation-next-button').disabled"); UserContext user_context(AccountId::FromUserEmailGaiaId( kTestManager, GetGaiaIDForUserID(kTestManager))); - user_context.SetGaiaID(GetGaiaIDForUserID(kTestManager)); user_context.SetKey(Key(kTestManagerPassword)); SetExpectedCredentials(user_context); content::WindowedNotificationObserver login_observer( diff --git a/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc b/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc index 44a3bd79..c1991c6 100644 --- a/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc +++ b/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc @@ -107,9 +107,7 @@ policy::CloudPolicyStore* GetStoreForUser(const user_manager::User* user) { class UserImageManagerTest : public LoginManagerTest, public user_manager::UserManager::Observer { protected: - UserImageManagerTest() - : LoginManagerTest(true), - enterprise_account_id_(AccountId::FromUserEmail(kEnterpriseUser1)) {} + UserImageManagerTest() : LoginManagerTest(true) {} // LoginManagerTest overrides: void SetUpInProcessBrowserTestFixture() override { @@ -327,7 +325,10 @@ class UserImageManagerTest : public LoginManagerTest, const AccountId test_account_id1_ = AccountId::FromUserEmail(kTestUser1); const AccountId test_account_id2_ = AccountId::FromUserEmail(kTestUser2); - const AccountId enterprise_account_id_; + const AccountId enterprise_account_id_ = + AccountId::FromUserEmail(kEnterpriseUser1); + const cryptohome::Identification cryptohome_id_ = + cryptohome::Identification(enterprise_account_id_); private: DISALLOW_COPY_AND_ASSIGN(UserImageManagerTest); @@ -666,8 +667,7 @@ class UserImageManagerPolicyTest : public UserImageManagerTest, ASSERT_TRUE(PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &user_keys_dir)); const std::string sanitized_username = - chromeos::CryptohomeClient::GetStubSanitizedUsername( - enterprise_account_id_.GetUserEmail()); + chromeos::CryptohomeClient::GetStubSanitizedUsername(cryptohome_id_); const base::FilePath user_key_file = user_keys_dir.AppendASCII(sanitized_username) .AppendASCII("policy.pub"); @@ -748,8 +748,8 @@ IN_PROC_BROWSER_TEST_F(UserImageManagerPolicyTest, DISABLED_SetAndClear) { user_policy_.payload().mutable_useravatarimage()->set_value( ConstructPolicy(test::kUserAvatarImage2RelativePath)); user_policy_.Build(); - fake_session_manager_client_->set_user_policy( - enterprise_account_id_.GetUserEmail(), user_policy_.GetBlob()); + fake_session_manager_client_->set_user_policy(cryptohome_id_, + user_policy_.GetBlob()); run_loop_.reset(new base::RunLoop); store->Load(); run_loop_->Run(); @@ -773,8 +773,8 @@ IN_PROC_BROWSER_TEST_F(UserImageManagerPolicyTest, DISABLED_SetAndClear) { // image. user_policy_.payload().Clear(); user_policy_.Build(); - fake_session_manager_client_->set_user_policy( - enterprise_account_id_.GetUserEmail(), user_policy_.GetBlob()); + fake_session_manager_client_->set_user_policy(cryptohome_id_, + user_policy_.GetBlob()); run_loop_.reset(new base::RunLoop); store->AddObserver(this); store->Load(); @@ -855,8 +855,8 @@ IN_PROC_BROWSER_TEST_F(UserImageManagerPolicyTest, PolicyOverridesUser) { user_policy_.payload().mutable_useravatarimage()->set_value( ConstructPolicy(test::kUserAvatarImage2RelativePath)); user_policy_.Build(); - fake_session_manager_client_->set_user_policy( - enterprise_account_id_.GetUserEmail(), user_policy_.GetBlob()); + fake_session_manager_client_->set_user_policy(cryptohome_id_, + user_policy_.GetBlob()); run_loop_.reset(new base::RunLoop); store->Load(); run_loop_->Run(); @@ -902,8 +902,8 @@ IN_PROC_BROWSER_TEST_F(UserImageManagerPolicyTest, UserDoesNotOverridePolicy) { user_policy_.payload().mutable_useravatarimage()->set_value( ConstructPolicy(test::kUserAvatarImage2RelativePath)); user_policy_.Build(); - fake_session_manager_client_->set_user_policy( - enterprise_account_id_.GetUserEmail(), user_policy_.GetBlob()); + fake_session_manager_client_->set_user_policy(cryptohome_id_, + user_policy_.GetBlob()); run_loop_.reset(new base::RunLoop); store->Load(); run_loop_->Run(); diff --git a/chrome/browser/chromeos/login/users/chrome_user_manager_impl.cc b/chrome/browser/chromeos/login/users/chrome_user_manager_impl.cc index 4bac334..0ca91fd 100644 --- a/chrome/browser/chromeos/login/users/chrome_user_manager_impl.cc +++ b/chrome/browser/chromeos/login/users/chrome_user_manager_impl.cc @@ -606,7 +606,7 @@ void ChromeUserManagerImpl::PerformPostUserLoggedInActions( } bool ChromeUserManagerImpl::IsDemoApp(const AccountId& account_id) const { - return DemoAppLauncher::IsDemoAppSession(account_id.GetUserEmail()); + return DemoAppLauncher::IsDemoAppSession(account_id); } bool ChromeUserManagerImpl::IsKioskApp(const AccountId& account_id) const { @@ -1251,7 +1251,8 @@ bool ChromeUserManagerImpl::IsFirstExecAfterBoot() const { void ChromeUserManagerImpl::AsyncRemoveCryptohome( const AccountId& account_id) const { cryptohome::AsyncMethodCaller::GetInstance()->AsyncRemove( - account_id.GetUserEmail(), base::Bind(&OnRemoveUserComplete, account_id)); + cryptohome::Identification(account_id), + base::Bind(&OnRemoveUserComplete, account_id)); } bool ChromeUserManagerImpl::IsGuestAccountId( diff --git a/chrome/browser/chromeos/login/users/fake_chrome_user_manager.cc b/chrome/browser/chromeos/login/users/fake_chrome_user_manager.cc index 8d4f8d7..7e79232 100644 --- a/chrome/browser/chromeos/login/users/fake_chrome_user_manager.cc +++ b/chrome/browser/chromeos/login/users/fake_chrome_user_manager.cc @@ -28,9 +28,12 @@ class FakeSupervisedUserManager; FakeChromeUserManager::FakeChromeUserManager() : supervised_user_manager_(new FakeSupervisedUserManager), bootstrap_manager_(NULL), - multi_profile_user_controller_(NULL) {} + multi_profile_user_controller_(NULL) { + ProfileHelper::SetProfileToUserForTestingEnabled(true); +} FakeChromeUserManager::~FakeChromeUserManager() { + ProfileHelper::SetProfileToUserForTestingEnabled(false); } const user_manager::User* FakeChromeUserManager::AddUser( @@ -50,6 +53,7 @@ const user_manager::User* FakeChromeUserManager::AddUserWithAffiliation( IDR_PROFILE_PICTURE_LOADING)), user_manager::User::USER_IMAGE_PROFILE, false); users_.push_back(user); + chromeos::ProfileHelper::Get()->SetProfileToUserMappingForTesting(user); return user; } diff --git a/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager.cc b/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager.cc index 15f321d..edfcc68 100644 --- a/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager.cc +++ b/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager.cc @@ -40,6 +40,7 @@ #include "chrome/common/pref_names.h" #include "chromeos/chromeos_switches.h" #include "chromeos/cryptohome/async_method_caller.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "chromeos/login/user_names.h" #include "components/prefs/pref_registry_simple.h" @@ -805,7 +806,7 @@ void WallpaperManager::SetPolicyControlledWallpaper( if (user->username_hash().empty()) { cryptohome::AsyncMethodCaller::GetInstance()->AsyncGetSanitizedUsername( - account_id.GetUserEmail(), + cryptohome::Identification(account_id), base::Bind(&WallpaperManager::SetCustomWallpaperOnSanitizedUsername, weak_factory_.GetWeakPtr(), account_id, user_image.image(), true /* update wallpaper */)); diff --git a/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc b/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc index 9e6c82e..16ec162 100644 --- a/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc +++ b/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc @@ -150,7 +150,8 @@ class WallpaperManagerPolicyTest base::FilePath user_keys_dir; EXPECT_TRUE(PathService::Get(DIR_USER_POLICY_KEYS, &user_keys_dir)); const std::string sanitized_user_id = - CryptohomeClient::GetStubSanitizedUsername(account_id.GetUserEmail()); + CryptohomeClient::GetStubSanitizedUsername( + cryptohome::Identification(account_id)); const base::FilePath user_key_file = user_keys_dir.AppendASCII(sanitized_user_id) .AppendASCII("policy.pub"); @@ -252,8 +253,8 @@ class WallpaperManagerPolicyTest builder->payload().Clear(); } builder->Build(); - fake_session_manager_client_->set_user_policy(account_id.GetUserEmail(), - builder->GetBlob()); + fake_session_manager_client_->set_user_policy( + cryptohome::Identification(account_id), builder->GetBlob()); const user_manager::User* user = user_manager::UserManager::Get()->FindUser(account_id); ASSERT_TRUE(user); diff --git a/chrome/browser/chromeos/policy/affiliation_test_helper.cc b/chrome/browser/chromeos/policy/affiliation_test_helper.cc index acdba14..8cdfc1f 100644 --- a/chrome/browser/chromeos/policy/affiliation_test_helper.cc +++ b/chrome/browser/chromeos/policy/affiliation_test_helper.cc @@ -44,11 +44,13 @@ const char kFakeRefreshToken[] = "fake-refresh-token"; const char kEnterpriseUser[] = "testuser@example.com"; void SetUserKeys(policy::UserPolicyBuilder* user_policy) { - std::string username = user_policy->policy_data().username(); + const AccountId account_id = + AccountId::FromUserEmail(user_policy->policy_data().username()); base::FilePath user_keys_dir; ASSERT_TRUE(PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &user_keys_dir)); const std::string sanitized_username = - chromeos::CryptohomeClient::GetStubSanitizedUsername(username); + chromeos::CryptohomeClient::GetStubSanitizedUsername( + cryptohome::Identification(account_id)); const base::FilePath user_key_file = user_keys_dir.AppendASCII(sanitized_username).AppendASCII("policy.pub"); std::vector<uint8_t> user_key_bits; @@ -84,14 +86,15 @@ void SetUserAffiliationIDs( chromeos::FakeSessionManagerClient* fake_session_manager_client, const std::string& user_email, const std::set<std::string>& user_affiliation_ids) { + const AccountId account_id = AccountId::FromUserEmail(user_email); user_policy->policy_data().set_username(user_email); SetUserKeys(user_policy); for (const auto& user_affiliation_id : user_affiliation_ids) { user_policy->policy_data().add_user_affiliation_ids(user_affiliation_id); } user_policy->Build(); - fake_session_manager_client->set_user_policy(user_email, - user_policy->GetBlob()); + fake_session_manager_client->set_user_policy( + cryptohome::Identification(account_id), user_policy->GetBlob()); } void PreLoginUser(const std::string& user_id) { @@ -105,8 +108,8 @@ void LoginUser(const std::string& user_id) { chromeos::UserSessionManager::GetInstance()); session_manager_test_api.SetShouldObtainTokenHandleInTests(false); - chromeos::UserContext user_context(AccountId::FromUserEmail(user_id)); - user_context.SetGaiaID("gaia-id-" + user_id); + chromeos::UserContext user_context( + AccountId::FromUserEmailGaiaId(user_id, "gaia-id-" + user_id)); user_context.SetKey(chromeos::Key("password")); if (user_id == kEnterpriseUser) { user_context.SetRefreshToken(kFakeRefreshToken); diff --git a/chrome/browser/chromeos/policy/consumer_enrollment_handler_factory_unittest.cc b/chrome/browser/chromeos/policy/consumer_enrollment_handler_factory_unittest.cc index c0f2c93..5532529 100644 --- a/chrome/browser/chromeos/policy/consumer_enrollment_handler_factory_unittest.cc +++ b/chrome/browser/chromeos/policy/consumer_enrollment_handler_factory_unittest.cc @@ -44,15 +44,20 @@ class ConsumerEnrollmentHandlerFactoryTest : public testing::Test { make_scoped_ptr(fake_service_)); // Set up FakeChromeUserManager. - fake_user_manager_->AddUser(AccountId::FromUserEmail(kTestOwner)); - fake_user_manager_->AddUser(AccountId::FromUserEmail(kTestUser)); - fake_user_manager_->set_owner_id(AccountId::FromUserEmail(kTestOwner)); + fake_user_manager_->AddUser(owner_account_id); + fake_user_manager_->AddUser(test_account_id); + fake_user_manager_->set_owner_id(owner_account_id); } void SetUp() override { + testing::Test::SetUp(); + ASSERT_TRUE(testing_profile_manager_->SetUp()); } + const AccountId owner_account_id = AccountId::FromUserEmail(kTestOwner); + const AccountId test_account_id = AccountId::FromUserEmail(kTestUser); + content::TestBrowserThreadBundle thread_bundle_; FakeConsumerManagementService* fake_service_; chromeos::FakeChromeUserManager* fake_user_manager_; @@ -61,7 +66,8 @@ class ConsumerEnrollmentHandlerFactoryTest : public testing::Test { }; TEST_F(ConsumerEnrollmentHandlerFactoryTest, ServiceIsCreated) { - Profile* profile = testing_profile_manager_->CreateTestingProfile(kTestOwner); + Profile* profile = testing_profile_manager_->CreateTestingProfile( + owner_account_id.GetUserEmail()); EXPECT_TRUE(ConsumerEnrollmentHandlerFactory::GetForBrowserContext(profile)); } diff --git a/chrome/browser/chromeos/policy/device_local_account_browsertest.cc b/chrome/browser/chromeos/policy/device_local_account_browsertest.cc index fd7dcbe..1f54448 100644 --- a/chrome/browser/chromeos/policy/device_local_account_browsertest.cc +++ b/chrome/browser/chromeos/policy/device_local_account_browsertest.cc @@ -731,7 +731,7 @@ class DeviceLocalAccountTest : public DevicePolicyCrosBrowserTest, ASSERT_TRUE(controller); chromeos::UserContext user_context(user_manager::USER_TYPE_PUBLIC_ACCOUNT, - account_id_1_.GetUserEmail()); + account_id_1_); user_context.SetPublicSessionLocale(locale); user_context.SetPublicSessionInputMethod(input_method); controller->Login(user_context, chromeos::SigninSpecifics()); diff --git a/chrome/browser/chromeos/policy/power_policy_browsertest.cc b/chrome/browser/chromeos/policy/power_policy_browsertest.cc index 4f95ae9..6d09024 100644 --- a/chrome/browser/chromeos/policy/power_policy_browsertest.cc +++ b/chrome/browser/chromeos/policy/power_policy_browsertest.cc @@ -206,7 +206,7 @@ void PowerPolicyBrowserTestBase::InstallUserKey() { ASSERT_TRUE(PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &user_keys_dir)); std::string sanitized_username = chromeos::CryptohomeClient::GetStubSanitizedUsername( - chromeos::login::StubAccountId().GetUserEmail()); + cryptohome::Identification(chromeos::login::StubAccountId())); base::FilePath user_key_file = user_keys_dir.AppendASCII(sanitized_username) .AppendASCII("policy.pub"); @@ -224,7 +224,8 @@ void PowerPolicyBrowserTestBase::StoreAndReloadUserPolicy() { // Install the new user policy blob in session manager client. user_policy_.Build(); session_manager_client()->set_user_policy( - user_policy_.policy_data().username(), + cryptohome::Identification( + AccountId::FromUserEmail(user_policy_.policy_data().username())), user_policy_.GetBlob()); // Reload user policy from session manager client and wait for the update to diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc b/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc index 7695acf..a9c8546 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc +++ b/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc @@ -138,10 +138,9 @@ scoped_ptr<UserCloudPolicyManagerChromeOS> // - For device-local accounts, policy is provided by // |DeviceLocalAccountPolicyService|. // All other user types do not have user policy. - const std::string& username = user->email(); - if (!user->HasGaiaAccount() || - user->IsSupervised() || - BrowserPolicyConnector::IsNonEnterpriseUser(username)) { + const AccountId account_id = user->GetAccountId(); + if (!user->HasGaiaAccount() || user->IsSupervised() || + BrowserPolicyConnector::IsNonEnterpriseUser(account_id.GetUserEmail())) { return scoped_ptr<UserCloudPolicyManagerChromeOS>(); } @@ -195,8 +194,8 @@ scoped_ptr<UserCloudPolicyManagerChromeOS> new UserCloudPolicyStoreChromeOS( chromeos::DBusThreadManager::Get()->GetCryptohomeClient(), chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), - background_task_runner, - username, policy_key_dir, token_cache_file, policy_cache_file)); + background_task_runner, account_id, policy_key_dir, token_cache_file, + policy_cache_file)); scoped_refptr<base::SequencedTaskRunner> backend_task_runner = content::BrowserThread::GetBlockingPool()->GetSequencedTaskRunner( @@ -226,9 +225,11 @@ scoped_ptr<UserCloudPolicyManagerChromeOS> bool wildcard_match = false; if (connector->IsEnterpriseManaged() && - chromeos::CrosSettings::IsWhitelisted(username, &wildcard_match) && - wildcard_match && !connector->IsNonEnterpriseUser(username)) { - manager->EnableWildcardLoginCheck(username); + chromeos::CrosSettings::IsWhitelisted(account_id.GetUserEmail(), + &wildcard_match) && + wildcard_match && + !connector->IsNonEnterpriseUser(account_id.GetUserEmail())) { + manager->EnableWildcardLoginCheck(account_id.GetUserEmail()); } manager->Init( diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc index 369a494..4e47014 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc +++ b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc @@ -20,6 +20,7 @@ #include "base/strings/stringprintf.h" #include "chrome/browser/chromeos/policy/user_policy_disk_cache.h" #include "chrome/browser/chromeos/policy/user_policy_token_loader.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/cryptohome_client.h" #include "chromeos/dbus/session_manager_client.h" #include "components/policy/core/common/cloud/cloud_policy_constants.h" @@ -178,14 +179,14 @@ UserCloudPolicyStoreChromeOS::UserCloudPolicyStoreChromeOS( chromeos::CryptohomeClient* cryptohome_client, chromeos::SessionManagerClient* session_manager_client, scoped_refptr<base::SequencedTaskRunner> background_task_runner, - const std::string& username, + const AccountId& account_id, const base::FilePath& user_policy_key_dir, const base::FilePath& legacy_token_cache_file, const base::FilePath& legacy_policy_cache_file) : UserCloudPolicyStoreBase(background_task_runner), cryptohome_client_(cryptohome_client), session_manager_client_(session_manager_client), - username_(username), + account_id_(account_id), user_policy_key_dir_(user_policy_key_dir), legacy_cache_dir_(legacy_token_cache_file.DirName()), legacy_loader_(new LegacyPolicyCacheLoader(legacy_token_cache_file, @@ -213,7 +214,7 @@ void UserCloudPolicyStoreChromeOS::Load() { // Cancel all pending requests. weak_factory_.InvalidateWeakPtrs(); session_manager_client_->RetrievePolicyForUser( - username_, + cryptohome::Identification(account_id_), base::Bind(&UserCloudPolicyStoreChromeOS::OnPolicyRetrieved, weak_factory_.GetWeakPtr())); } @@ -228,7 +229,8 @@ void UserCloudPolicyStoreChromeOS::LoadImmediately() { // Profile initialization never sees unmanaged prefs, which would lead to // data loss. http://crbug.com/263061 std::string policy_blob = - session_manager_client_->BlockingRetrievePolicyForUser(username_); + session_manager_client_->BlockingRetrievePolicyForUser( + cryptohome::Identification(account_id_)); if (policy_blob.empty()) { // The session manager doesn't have policy, or the call failed. // Just notify that the load is done, and don't bother with the legacy @@ -245,7 +247,8 @@ void UserCloudPolicyStoreChromeOS::LoadImmediately() { } std::string sanitized_username = - cryptohome_client_->BlockingGetSanitizedUsername(username_); + cryptohome_client_->BlockingGetSanitizedUsername( + cryptohome::Identification(account_id_)); if (sanitized_username.empty()) { status_ = STATUS_LOAD_ERROR; NotifyStoreError(); @@ -268,15 +271,14 @@ void UserCloudPolicyStoreChromeOS::ValidatePolicyForStore( // Create and configure a validator. scoped_ptr<UserCloudPolicyValidator> validator = CreateValidator( std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_REQUIRED); - validator->ValidateUsername(username_, true); + validator->ValidateUsername(account_id_.GetUserEmail(), true); if (policy_key_.empty()) { validator->ValidateInitialKey(GetPolicyVerificationKey(), - ExtractDomain(username_)); + ExtractDomain(account_id_.GetUserEmail())); } else { const bool allow_rotation = true; - validator->ValidateSignature(policy_key_, - GetPolicyVerificationKey(), - ExtractDomain(username_), + validator->ValidateSignature(policy_key_, GetPolicyVerificationKey(), + ExtractDomain(account_id_.GetUserEmail()), allow_rotation); } @@ -310,8 +312,7 @@ void UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated( } session_manager_client_->StorePolicyForUser( - username_, - policy_blob, + cryptohome::Identification(account_id_), policy_blob, base::Bind(&UserCloudPolicyStoreChromeOS::OnPolicyStored, weak_factory_.GetWeakPtr())); } @@ -418,7 +419,7 @@ void UserCloudPolicyStoreChromeOS::OnLegacyLoadFinished( // the signature on this policy is not verified. scoped_ptr<UserCloudPolicyValidator> validator = CreateValidator( std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_REQUIRED); - validator->ValidateUsername(username_, true); + validator->ValidateUsername(account_id_.GetUserEmail(), true); validator.release()->StartValidation( base::Bind(&UserCloudPolicyStoreChromeOS::OnLegacyPolicyValidated, weak_factory_.GetWeakPtr(), @@ -532,10 +533,10 @@ void UserCloudPolicyStoreChromeOS::EnsurePolicyKeyLoaded( } else { // Get the hashed username that's part of the key's path, to determine // |policy_key_path_|. - cryptohome_client_->GetSanitizedUsername(username_, + cryptohome_client_->GetSanitizedUsername( + cryptohome::Identification(account_id_), base::Bind(&UserCloudPolicyStoreChromeOS::OnGetSanitizedUsername, - weak_factory_.GetWeakPtr(), - callback)); + weak_factory_.GetWeakPtr(), callback)); } } @@ -559,15 +560,16 @@ UserCloudPolicyStoreChromeOS::CreateValidatorForLoad( scoped_ptr<em::PolicyFetchResponse> policy) { scoped_ptr<UserCloudPolicyValidator> validator = CreateValidator( std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_NOT_BEFORE); - validator->ValidateUsername(username_, true); + validator->ValidateUsername(account_id_.GetUserEmail(), true); const bool allow_rotation = false; const std::string empty_key = std::string(); // The policy loaded from session manager need not be validated using the // verification key since it is secure, and since there may be legacy policy // data that was stored without a verification key. Hence passing an empty // value for the verification key. - validator->ValidateSignature( - policy_key_, empty_key, ExtractDomain(username_), allow_rotation); + validator->ValidateSignature(policy_key_, empty_key, + ExtractDomain(account_id_.GetUserEmail()), + allow_rotation); return validator; } } // namespace policy diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h index edf34d8..3f5fef7 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h +++ b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h @@ -17,6 +17,7 @@ #include "chromeos/dbus/dbus_method_call_status.h" #include "components/policy/core/common/cloud/cloud_policy_validator.h" #include "components/policy/core/common/cloud/user_cloud_policy_store_base.h" +#include "components/signin/core/account_id/account_id.h" namespace base { class SequencedTaskRunner; @@ -44,7 +45,7 @@ class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase { chromeos::CryptohomeClient* cryptohome_client, chromeos::SessionManagerClient* session_manager_client, scoped_refptr<base::SequencedTaskRunner> background_task_runner, - const std::string& username, + const AccountId& account_id, const base::FilePath& user_policy_key_dir, const base::FilePath& legacy_token_cache_file, const base::FilePath& legacy_policy_cache_file); @@ -124,7 +125,7 @@ class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase { chromeos::CryptohomeClient* cryptohome_client_; chromeos::SessionManagerClient* session_manager_client_; - const std::string username_; + const AccountId account_id_; base::FilePath user_policy_key_dir_; // TODO(mnissler): Remove all the legacy policy support members below after diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos_unittest.cc b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos_unittest.cc index 0d32195..482ca60 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos_unittest.cc +++ b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos_unittest.cc @@ -58,18 +58,15 @@ class UserCloudPolicyStoreChromeOSTest : public testing::Test { UserCloudPolicyStoreChromeOSTest() {} void SetUp() override { - EXPECT_CALL(cryptohome_client_, - GetSanitizedUsername(PolicyBuilder::kFakeUsername, _)) + EXPECT_CALL(cryptohome_client_, GetSanitizedUsername(cryptohome_id_, _)) .Times(AnyNumber()) - .WillRepeatedly( - SendSanitizedUsername(chromeos::DBUS_METHOD_CALL_SUCCESS, - kSanitizedUsername)); + .WillRepeatedly(SendSanitizedUsername( + chromeos::DBUS_METHOD_CALL_SUCCESS, kSanitizedUsername)); ASSERT_TRUE(tmp_dir_.CreateUniqueTempDir()); store_.reset(new UserCloudPolicyStoreChromeOS( &cryptohome_client_, &session_manager_client_, loop_.task_runner(), - PolicyBuilder::kFakeUsername, user_policy_dir(), token_file(), - policy_file())); + account_id_, user_policy_dir(), token_file(), policy_file())); store_->AddObserver(&observer_); // Install the initial public key, so that by default the validation of @@ -102,7 +99,7 @@ class UserCloudPolicyStoreChromeOSTest : public testing::Test { // Issue a load command. chromeos::SessionManagerClient::RetrievePolicyCallback retrieve_callback; EXPECT_CALL(session_manager_client_, - RetrievePolicyForUser(PolicyBuilder::kFakeUsername, _)) + RetrievePolicyForUser(cryptohome_id_, _)) .WillOnce(SaveArg<1>(&retrieve_callback)); store_->Load(); RunUntilIdle(); @@ -144,8 +141,7 @@ class UserCloudPolicyStoreChromeOSTest : public testing::Test { const char* new_value) { chromeos::SessionManagerClient::StorePolicyCallback store_callback; EXPECT_CALL(session_manager_client_, - StorePolicyForUser(PolicyBuilder::kFakeUsername, - policy_.GetBlob(), _)) + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) .WillOnce(SaveArg<2>(&store_callback)); store_->Store(policy_.policy()); RunUntilIdle(); @@ -173,7 +169,7 @@ class UserCloudPolicyStoreChromeOSTest : public testing::Test { // Let the store operation complete. chromeos::SessionManagerClient::RetrievePolicyCallback retrieve_callback; EXPECT_CALL(session_manager_client_, - RetrievePolicyForUser(PolicyBuilder::kFakeUsername, _)) + RetrievePolicyForUser(cryptohome_id_, _)) .WillOnce(SaveArg<1>(&retrieve_callback)); store_callback.Run(true); RunUntilIdle(); @@ -227,6 +223,10 @@ class UserCloudPolicyStoreChromeOSTest : public testing::Test { UserPolicyBuilder policy_; MockCloudPolicyStoreObserver observer_; scoped_ptr<UserCloudPolicyStoreChromeOS> store_; + const AccountId account_id_ = + AccountId::FromUserEmail(PolicyBuilder::kFakeUsername); + const cryptohome::Identification cryptohome_id_ = + cryptohome::Identification(account_id_); private: base::ScopedTempDir tmp_dir_; @@ -255,8 +255,8 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, InitialStoreValidationFail) { *policy_.policy().mutable_new_public_key_verification_signature() = "garbage"; EXPECT_CALL(session_manager_client_, - StorePolicyForUser( - PolicyBuilder::kFakeUsername, policy_.GetBlob(), _)).Times(0); + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) + .Times(0); store_->Store(policy_.policy()); RunUntilIdle(); Mock::VerifyAndClearExpectations(&session_manager_client_); @@ -271,8 +271,8 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, InitialStoreMissingSignatureFailure) { policy_.policy().clear_new_public_key_verification_signature(); EXPECT_CALL(session_manager_client_, - StorePolicyForUser( - PolicyBuilder::kFakeUsername, policy_.GetBlob(), _)).Times(0); + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) + .Times(0); store_->Store(policy_.policy()); RunUntilIdle(); Mock::VerifyAndClearExpectations(&session_manager_client_); @@ -301,8 +301,8 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, policy_.policy().clear_new_public_key_verification_signature(); EXPECT_CALL(session_manager_client_, - StorePolicyForUser( - PolicyBuilder::kFakeUsername, policy_.GetBlob(), _)).Times(0); + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) + .Times(0); store_->Store(policy_.policy()); RunUntilIdle(); Mock::VerifyAndClearExpectations(&session_manager_client_); @@ -315,8 +315,8 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithRotationValidationError) { *policy_.policy().mutable_new_public_key_verification_signature() = "garbage"; EXPECT_CALL(session_manager_client_, - StorePolicyForUser( - PolicyBuilder::kFakeUsername, policy_.GetBlob(), _)).Times(0); + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) + .Times(0); store_->Store(policy_.policy()); RunUntilIdle(); Mock::VerifyAndClearExpectations(&session_manager_client_); @@ -326,8 +326,7 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, StoreFail) { // Store policy. chromeos::SessionManagerClient::StorePolicyCallback store_callback; EXPECT_CALL(session_manager_client_, - StorePolicyForUser(PolicyBuilder::kFakeUsername, - policy_.GetBlob(), _)) + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) .WillOnce(SaveArg<2>(&store_callback)); store_->Store(policy_.policy()); RunUntilIdle(); @@ -351,8 +350,7 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, StoreValidationError) { chromeos::SessionManagerClient::StorePolicyCallback store_callback; ExpectError(CloudPolicyStore::STATUS_VALIDATION_ERROR); EXPECT_CALL(session_manager_client_, - StorePolicyForUser(PolicyBuilder::kFakeUsername, - policy_.GetBlob(), _)) + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) .Times(0); store_->Store(policy_.policy()); RunUntilIdle(); @@ -362,8 +360,7 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, StoreValidationError) { TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithoutPolicyKey) { // Make the dbus call to cryptohome fail. Mock::VerifyAndClearExpectations(&cryptohome_client_); - EXPECT_CALL(cryptohome_client_, - GetSanitizedUsername(PolicyBuilder::kFakeUsername, _)) + EXPECT_CALL(cryptohome_client_, GetSanitizedUsername(cryptohome_id_, _)) .Times(AnyNumber()) .WillRepeatedly(SendSanitizedUsername(chromeos::DBUS_METHOD_CALL_FAILURE, std::string())); @@ -372,8 +369,7 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithoutPolicyKey) { chromeos::SessionManagerClient::StorePolicyCallback store_callback; ExpectError(CloudPolicyStore::STATUS_VALIDATION_ERROR); EXPECT_CALL(session_manager_client_, - StorePolicyForUser(PolicyBuilder::kFakeUsername, - policy_.GetBlob(), _)) + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) .Times(0); store_->Store(policy_.policy()); RunUntilIdle(); @@ -388,8 +384,7 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithInvalidSignature) { chromeos::SessionManagerClient::StorePolicyCallback store_callback; ExpectError(CloudPolicyStore::STATUS_VALIDATION_ERROR); EXPECT_CALL(session_manager_client_, - StorePolicyForUser(PolicyBuilder::kFakeUsername, - policy_.GetBlob(), _)) + StorePolicyForUser(cryptohome_id_, policy_.GetBlob(), _)) .Times(0); store_->Store(policy_.policy()); RunUntilIdle(); @@ -580,10 +575,9 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, MigrationAndStoreNew) { TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); EXPECT_CALL(session_manager_client_, - BlockingRetrievePolicyForUser(PolicyBuilder::kFakeUsername)) + BlockingRetrievePolicyForUser(cryptohome_id_)) .WillOnce(Return(policy_.GetBlob())); - EXPECT_CALL(cryptohome_client_, - BlockingGetSanitizedUsername(PolicyBuilder::kFakeUsername)) + EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) .WillOnce(Return(kSanitizedUsername)); EXPECT_FALSE(store_->policy()); @@ -606,7 +600,7 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoPolicy) { EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); EXPECT_CALL(session_manager_client_, - BlockingRetrievePolicyForUser(PolicyBuilder::kFakeUsername)) + BlockingRetrievePolicyForUser(cryptohome_id_)) .WillOnce(Return("")); EXPECT_FALSE(store_->policy()); @@ -622,7 +616,7 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoPolicy) { TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyInvalidBlob) { EXPECT_CALL(observer_, OnStoreError(store_.get())); EXPECT_CALL(session_manager_client_, - BlockingRetrievePolicyForUser(PolicyBuilder::kFakeUsername)) + BlockingRetrievePolicyForUser(cryptohome_id_)) .WillOnce(Return("le blob")); EXPECT_FALSE(store_->policy()); @@ -638,10 +632,9 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyInvalidBlob) { TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyDBusFailure) { EXPECT_CALL(observer_, OnStoreError(store_.get())); EXPECT_CALL(session_manager_client_, - BlockingRetrievePolicyForUser(PolicyBuilder::kFakeUsername)) + BlockingRetrievePolicyForUser(cryptohome_id_)) .WillOnce(Return(policy_.GetBlob())); - EXPECT_CALL(cryptohome_client_, - BlockingGetSanitizedUsername(PolicyBuilder::kFakeUsername)) + EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) .WillOnce(Return("")); EXPECT_FALSE(store_->policy()); @@ -658,10 +651,9 @@ TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyDBusFailure) { TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoUserPolicyKey) { EXPECT_CALL(observer_, OnStoreError(store_.get())); EXPECT_CALL(session_manager_client_, - BlockingRetrievePolicyForUser(PolicyBuilder::kFakeUsername)) + BlockingRetrievePolicyForUser(cryptohome_id_)) .WillOnce(Return(policy_.GetBlob())); - EXPECT_CALL(cryptohome_client_, - BlockingGetSanitizedUsername(PolicyBuilder::kFakeUsername)) + EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) .WillOnce(Return("wrong@example.com")); EXPECT_FALSE(store_->policy()); diff --git a/chrome/browser/chromeos/settings/device_settings_test_helper.cc b/chrome/browser/chromeos/settings/device_settings_test_helper.cc index 48b6aee..63701db 100644 --- a/chrome/browser/chromeos/settings/device_settings_test_helper.cc +++ b/chrome/browser/chromeos/settings/device_settings_test_helper.cc @@ -14,6 +14,7 @@ #include "chrome/browser/chromeos/settings/device_settings_service.h" #include "chrome/test/base/testing_browser_process.h" #include "chrome/test/base/testing_profile.h" +#include "chromeos/cryptohome/cryptohome_parameters.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "components/ownership/mock_owner_key_util.h" #include "content/public/browser/browser_thread.h" @@ -111,7 +112,8 @@ void DeviceSettingsTestHelper::EmitLoginPromptVisible() {} void DeviceSettingsTestHelper::RestartJob( const std::vector<std::string>& argv) {} -void DeviceSettingsTestHelper::StartSession(const std::string& user_email) {} +void DeviceSettingsTestHelper::StartSession( + const cryptohome::Identification& cryptohome_id) {} void DeviceSettingsTestHelper::StopSession() {} @@ -136,12 +138,11 @@ void DeviceSettingsTestHelper::RetrieveDevicePolicy( } void DeviceSettingsTestHelper::RetrievePolicyForUser( - const std::string& username, - const RetrievePolicyCallback& callback) { -} + const cryptohome::Identification& cryptohome_id, + const RetrievePolicyCallback& callback) {} std::string DeviceSettingsTestHelper::BlockingRetrievePolicyForUser( - const std::string& username) { + const cryptohome::Identification& cryptohome_id) { return ""; } @@ -160,10 +161,9 @@ void DeviceSettingsTestHelper::StoreDevicePolicy( } void DeviceSettingsTestHelper::StorePolicyForUser( - const std::string& username, + const cryptohome::Identification& cryptohome_id, const std::string& policy_blob, - const StorePolicyCallback& callback) { -} + const StorePolicyCallback& callback) {} void DeviceSettingsTestHelper::StoreDeviceLocalAccountPolicy( const std::string& account_id, @@ -174,7 +174,7 @@ void DeviceSettingsTestHelper::StoreDeviceLocalAccountPolicy( } void DeviceSettingsTestHelper::SetFlagsForUser( - const std::string& account_id, + const cryptohome::Identification& cryptohome_id, const std::vector<std::string>& flags) {} void DeviceSettingsTestHelper::GetServerBackedStateKeys( diff --git a/chrome/browser/chromeos/settings/device_settings_test_helper.h b/chrome/browser/chromeos/settings/device_settings_test_helper.h index cb36b6a..5bf73f3 100644 --- a/chrome/browser/chromeos/settings/device_settings_test_helper.h +++ b/chrome/browser/chromeos/settings/device_settings_test_helper.h @@ -89,7 +89,7 @@ class DeviceSettingsTestHelper : public SessionManagerClient { bool IsScreenLocked() const override; void EmitLoginPromptVisible() override; void RestartJob(const std::vector<std::string>& argv) override; - void StartSession(const std::string& user_email) override; + void StartSession(const cryptohome::Identification& cryptohome_id) override; void StopSession() override; void NotifySupervisedUserCreationStarted() override; void NotifySupervisedUserCreationFinished() override; @@ -99,23 +99,23 @@ class DeviceSettingsTestHelper : public SessionManagerClient { void NotifyLockScreenDismissed() override; void RetrieveActiveSessions(const ActiveSessionsCallback& callback) override; void RetrieveDevicePolicy(const RetrievePolicyCallback& callback) override; - void RetrievePolicyForUser(const std::string& username, + void RetrievePolicyForUser(const cryptohome::Identification& cryptohome_id, const RetrievePolicyCallback& callback) override; std::string BlockingRetrievePolicyForUser( - const std::string& username) override; + const cryptohome::Identification& cryptohome_id) override; void RetrieveDeviceLocalAccountPolicy( const std::string& account_id, const RetrievePolicyCallback& callback) override; void StoreDevicePolicy(const std::string& policy_blob, const StorePolicyCallback& callback) override; - void StorePolicyForUser(const std::string& username, + void StorePolicyForUser(const cryptohome::Identification& cryptohome_id, const std::string& policy_blob, const StorePolicyCallback& callback) override; void StoreDeviceLocalAccountPolicy( const std::string& account_id, const std::string& policy_blob, const StorePolicyCallback& callback) override; - void SetFlagsForUser(const std::string& account_id, + void SetFlagsForUser(const cryptohome::Identification& cryptohome_id, const std::vector<std::string>& flags) override; void GetServerBackedStateKeys(const StateKeysCallback& callback) override; |