| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/bind.h" |
| 7 #include "chrome/browser/profiles/profile.h" | 8 #include "chrome/browser/profiles/profile.h" |
| 8 #include "chrome/browser/signin/force_signin_verifier.h" | 9 #include "chrome/browser/signin/force_signin_verifier.h" |
| 9 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" | 10 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
| 10 #include "chrome/browser/signin/signin_manager_factory.h" | 11 #include "chrome/browser/signin/signin_manager_factory.h" |
| 12 #include "chrome/browser/ui/forced_reauthentication_dialog.h" |
| 11 #include "components/signin/core/browser/signin_manager.h" | 13 #include "components/signin/core/browser/signin_manager.h" |
| 12 #include "google_apis/gaia/gaia_constants.h" | 14 #include "google_apis/gaia/gaia_constants.h" |
| 13 | 15 |
| 14 namespace { | 16 namespace { |
| 15 const net::BackoffEntry::Policy kBackoffPolicy = { | 17 const net::BackoffEntry::Policy kBackoffPolicy = { |
| 16 0, // Number of initial errors to ignore before applying | 18 0, // Number of initial errors to ignore before applying |
| 17 // exponential back-off rules. | 19 // exponential back-off rules. |
| 18 2000, // Initial delay in ms. | 20 2000, // Initial delay in ms. |
| 19 2, // Factor by which the waiting time will be multiplied. | 21 2, // Factor by which the waiting time will be multiplied. |
| 20 0.2, // Fuzzing percentage. | 22 0.2, // Fuzzing percentage. |
| 21 4 * 60 * 1000, // Maximum amount of time to delay th request in ms. | 23 4 * 60 * 1000, // Maximum amount of time to delay th request in ms. |
| 22 -1, // Never discard the entry. | 24 -1, // Never discard the entry. |
| 23 false // Do not always use initial delay. | 25 false // Do not always use initial delay. |
| 24 }; | 26 }; |
| 25 | 27 |
| 28 // The duration of window closing countdown when verification failed. Use the |
| 29 // short countdown if the verfication is finished in |
| 30 // |kShortCountdownVerificationTimeLimitInSeconds|, otherwise use the normal |
| 31 // countdown. |
| 32 const int kShortCountdownVerificationTimeLimitInSeconds = 3; |
| 33 const int kWindowClosingNormalCountdownDurationInSecond = 300; |
| 34 const int kWindowClosingShortCountdownDurationInSecond = 30; |
| 35 |
| 26 } // namespace | 36 } // namespace |
| 27 | 37 |
| 28 ForceSigninVerifier::ForceSigninVerifier(Profile* profile) | 38 ForceSigninVerifier::ForceSigninVerifier(Profile* profile) |
| 29 : OAuth2TokenService::Consumer("force_signin_verifier"), | 39 : OAuth2TokenService::Consumer("force_signin_verifier"), |
| 40 #if !defined(OS_MACOSX) |
| 41 profile_(profile), |
| 42 dialog_(ForcedReauthenticationDialog::Create()), |
| 43 #endif |
| 30 has_token_verified_(false), | 44 has_token_verified_(false), |
| 31 backoff_entry_(&kBackoffPolicy), | 45 backoff_entry_(&kBackoffPolicy), |
| 32 oauth2_token_service_( | 46 oauth2_token_service_( |
| 33 ProfileOAuth2TokenServiceFactory::GetForProfile(profile)), | 47 ProfileOAuth2TokenServiceFactory::GetForProfile(profile)), |
| 34 signin_manager_(SigninManagerFactory::GetForProfile(profile)), | 48 signin_manager_(SigninManagerFactory::GetForProfile(profile)), |
| 35 token_request_time_(base::Time::Now()) { | 49 token_request_time_(base::Time::Now()) { |
| 36 net::NetworkChangeNotifier::AddNetworkChangeObserver(this); | 50 net::NetworkChangeNotifier::AddNetworkChangeObserver(this); |
| 37 SendRequest(); | 51 SendRequest(); |
| 38 } | 52 } |
| 39 | 53 |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 83 backoff_entry_.Reset(); | 97 backoff_entry_.Reset(); |
| 84 backoff_request_timer_.Stop(); | 98 backoff_request_timer_.Stop(); |
| 85 access_token_request_.reset(); | 99 access_token_request_.reset(); |
| 86 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); | 100 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); |
| 87 } | 101 } |
| 88 | 102 |
| 89 bool ForceSigninVerifier::HasTokenBeenVerified() { | 103 bool ForceSigninVerifier::HasTokenBeenVerified() { |
| 90 return has_token_verified_; | 104 return has_token_verified_; |
| 91 } | 105 } |
| 92 | 106 |
| 107 void ForceSigninVerifier::AbortSignoutCountdownIfExisted() { |
| 108 window_close_timer_.Stop(); |
| 109 } |
| 110 |
| 93 void ForceSigninVerifier::SendRequest() { | 111 void ForceSigninVerifier::SendRequest() { |
| 94 if (!ShouldSendRequest()) | 112 if (!ShouldSendRequest()) |
| 95 return; | 113 return; |
| 96 | 114 |
| 97 std::string account_id = signin_manager_->GetAuthenticatedAccountId(); | 115 std::string account_id = signin_manager_->GetAuthenticatedAccountId(); |
| 98 OAuth2TokenService::ScopeSet oauth2_scopes; | 116 OAuth2TokenService::ScopeSet oauth2_scopes; |
| 99 oauth2_scopes.insert(GaiaConstants::kChromeSyncOAuth2Scope); | 117 oauth2_scopes.insert(GaiaConstants::kChromeSyncOAuth2Scope); |
| 100 access_token_request_ = | 118 access_token_request_ = |
| 101 oauth2_token_service_->StartRequest(account_id, oauth2_scopes, this); | 119 oauth2_token_service_->StartRequest(account_id, oauth2_scopes, this); |
| 102 } | 120 } |
| 103 | 121 |
| 104 bool ForceSigninVerifier::ShouldSendRequest() { | 122 bool ForceSigninVerifier::ShouldSendRequest() { |
| 105 return !has_token_verified_ && access_token_request_.get() == nullptr && | 123 return !has_token_verified_ && access_token_request_.get() == nullptr && |
| 106 !net::NetworkChangeNotifier::IsOffline() && | 124 !net::NetworkChangeNotifier::IsOffline() && |
| 107 signin_manager_->IsAuthenticated(); | 125 signin_manager_->IsAuthenticated(); |
| 108 } | 126 } |
| 109 | 127 |
| 128 base::TimeDelta ForceSigninVerifier::StartCountdown() { |
| 129 base::TimeDelta countdown_duration; |
| 130 if (base::Time::Now() - token_request_time_ > |
| 131 base::TimeDelta::FromSeconds( |
| 132 kShortCountdownVerificationTimeLimitInSeconds)) { |
| 133 countdown_duration = base::TimeDelta::FromSeconds( |
| 134 kWindowClosingNormalCountdownDurationInSecond); |
| 135 } else { |
| 136 countdown_duration = base::TimeDelta::FromSeconds( |
| 137 kWindowClosingShortCountdownDurationInSecond); |
| 138 } |
| 139 |
| 140 window_close_timer_.Start(FROM_HERE, countdown_duration, this, |
| 141 &ForceSigninVerifier::CloseAllBrowserWindows); |
| 142 return countdown_duration; |
| 143 } |
| 144 |
| 110 void ForceSigninVerifier::ShowDialog() { | 145 void ForceSigninVerifier::ShowDialog() { |
| 111 // TODO(zmin): Show app modal dialog. | 146 #if !defined(OS_MACOSX) |
| 147 base::TimeDelta countdown_duration = StartCountdown(); |
| 148 dialog_->ShowDialog(profile_, signin_manager_, countdown_duration); |
| 149 #endif |
| 150 } |
| 151 |
| 152 void ForceSigninVerifier::CloseAllBrowserWindows() { |
| 153 // Do not close window if there is ongoing reauth. If it fails later, the |
| 154 // signin process should take care of the signout. |
| 155 if (signin_manager_->AuthInProgress()) |
| 156 return; |
| 157 signin_manager_->SignOut( |
| 158 signin_metrics::AUTHENTICATION_FAILED_WITH_FORCE_SIGNIN, |
| 159 signin_metrics::SignoutDelete::IGNORE_METRIC); |
| 112 } | 160 } |
| 113 | 161 |
| 114 OAuth2TokenService::Request* ForceSigninVerifier::GetRequestForTesting() { | 162 OAuth2TokenService::Request* ForceSigninVerifier::GetRequestForTesting() { |
| 115 return access_token_request_.get(); | 163 return access_token_request_.get(); |
| 116 } | 164 } |
| 117 | 165 |
| 118 net::BackoffEntry* ForceSigninVerifier::GetBackoffEntryForTesting() { | 166 net::BackoffEntry* ForceSigninVerifier::GetBackoffEntryForTesting() { |
| 119 return &backoff_entry_; | 167 return &backoff_entry_; |
| 120 } | 168 } |
| 121 | 169 |
| 122 base::OneShotTimer* ForceSigninVerifier::GetOneShotTimerForTesting() { | 170 base::OneShotTimer* ForceSigninVerifier::GetOneShotTimerForTesting() { |
| 123 return &backoff_request_timer_; | 171 return &backoff_request_timer_; |
| 124 } | 172 } |
| 173 |
| 174 base::OneShotTimer* ForceSigninVerifier::GetWindowCloseTimerForTesting() { |
| 175 return &window_close_timer_; |
| 176 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2944713003:
After signin token check failed, show force reauth dialog and start window closing countdown. (Closed)
