1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/password_manager/password_store_factory.h"
7 #include "base/command_line.h"
8 #include "base/environment.h"
9 #include "base/prefs/pref_service.h"
10 #include "chrome/browser/profiles/incognito_helpers.h"
11 #include "chrome/browser/sync/glue/sync_start_util.h"
12 #include "chrome/browser/webdata/web_data_service.h"
13 #include "chrome/browser/webdata/web_data_service_factory.h"
14 #include "chrome/common/chrome_constants.h"
15 #include "chrome/common/chrome_switches.h"
16 #include "components/keyed_service/content/browser_context_dependency_manager.h"
17 #include "components/os_crypt/os_crypt_switches.h"
18 #include "components/password_manager/core/browser/login_database.h"
19 #include "components/password_manager/core/browser/password_store.h"
20 #include "components/password_manager/core/browser/password_store_default.h"
21 #include "components/password_manager/core/common/password_manager_pref_names.h"
22 #include "components/pref_registry/pref_registry_syncable.h"
23 #include "content/public/browser/browser_thread.h"
26 #include "chrome/browser/password_manager/password_store_win.h"
27 #elif defined(OS_MACOSX)
28 #include "chrome/browser/password_manager/password_store_mac.h"
29 #include "crypto/apple_keychain.h"
30 #include "crypto/mock_apple_keychain.h"
31 #elif defined(OS_CHROMEOS) || defined(OS_ANDROID)
32 // Don't do anything. We're going to use the default store.
33 #elif defined(USE_X11)
34 #include "base/nix/xdg_util.h"
35 #if defined(USE_GNOME_KEYRING)
36 #include "chrome/browser/password_manager/native_backend_gnome_x.h"
38 #include "chrome/browser/password_manager/native_backend_kwallet_x.h"
39 #include "chrome/browser/password_manager/password_store_x.h"
42 using password_manager::PasswordStore;
44 #if !defined(OS_CHROMEOS) && defined(USE_X11)
47 const LocalProfileId kInvalidLocalProfileId =
48 static_cast<LocalProfileId>(0);
53 PasswordStoreService::PasswordStoreService(
54 scoped_refptr<PasswordStore> password_store)
55 : password_store_(password_store) {}
57 PasswordStoreService::~PasswordStoreService() {}
59 scoped_refptr<PasswordStore> PasswordStoreService::GetPasswordStore() {
60 return password_store_;
63 void PasswordStoreService::Shutdown() {
65 password_store_->Shutdown();
69 scoped_refptr<PasswordStore> PasswordStoreFactory::GetForProfile(
71 Profile::ServiceAccessType sat) {
72 if (sat == Profile::IMPLICIT_ACCESS && profile->IsOffTheRecord()) {
73 NOTREACHED() << "This profile is OffTheRecord";
77 PasswordStoreFactory* factory = GetInstance();
78 PasswordStoreService* service = static_cast<PasswordStoreService*>(
79 factory->GetServiceForBrowserContext(profile, true));
82 return service->GetPasswordStore();
86 PasswordStoreFactory* PasswordStoreFactory::GetInstance() {
87 return Singleton<PasswordStoreFactory>::get();
90 PasswordStoreFactory::PasswordStoreFactory()
91 : BrowserContextKeyedServiceFactory(
93 BrowserContextDependencyManager::GetInstance()) {
94 DependsOn(WebDataServiceFactory::GetInstance());
97 PasswordStoreFactory::~PasswordStoreFactory() {}
99 #if !defined(OS_CHROMEOS) && defined(USE_X11)
100 LocalProfileId PasswordStoreFactory::GetLocalProfileId(
101 PrefService* prefs) const {
103 prefs->GetInteger(password_manager::prefs::kLocalProfileId);
104 if (id == kInvalidLocalProfileId) {
105 // Note that there are many more users than this. Thus, by design, this is
106 // not a unique id. However, it is large enough that it is very unlikely
107 // that it would be repeated twice on a single machine. It is still possible
108 // for that to occur though, so the potential results of it actually
109 // happening should be considered when using this value.
110 static const LocalProfileId kLocalProfileIdMask =
111 static_cast<LocalProfileId>((1 << 24) - 1);
113 id = rand() & kLocalProfileIdMask;
114 // TODO(mdm): scan other profiles to make sure they are not using this id?
115 } while (id == kInvalidLocalProfileId);
116 prefs->SetInteger(password_manager::prefs::kLocalProfileId, id);
122 KeyedService* PasswordStoreFactory::BuildServiceInstanceFor(
123 content::BrowserContext* context) const {
124 Profile* profile = static_cast<Profile*>(context);
126 base::FilePath login_db_file_path = profile->GetPath();
127 login_db_file_path = login_db_file_path.Append(chrome::kLoginDataFileName);
128 scoped_ptr<password_manager::LoginDatabase> login_db(
129 new password_manager::LoginDatabase());
131 // TODO(paivanof@gmail.com): execution of login_db->Init() should go
132 // to DB thread. http://crbug.com/138903
133 base::ThreadRestrictions::ScopedAllowIO allow_io;
134 if (!login_db->Init(login_db_file_path)) {
135 LOG(ERROR) << "Could not initialize login database.";
140 scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner(
141 base::MessageLoopProxy::current());
142 scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner(
143 content::BrowserThread::GetMessageLoopProxyForThread(
144 content::BrowserThread::DB));
146 scoped_refptr<PasswordStore> ps;
148 ps = new PasswordStoreWin(main_thread_runner,
151 WebDataService::FromBrowserContext(profile));
152 #elif defined(OS_MACOSX)
153 crypto::AppleKeychain* keychain =
154 CommandLine::ForCurrentProcess()->HasSwitch(
155 os_crypt::switches::kUseMockKeychain) ?
156 new crypto::MockAppleKeychain() : new crypto::AppleKeychain();
157 ps = new PasswordStoreMac(
158 main_thread_runner, db_thread_runner, keychain, login_db.release());
159 #elif defined(OS_CHROMEOS) || defined(OS_ANDROID)
160 // For now, we use PasswordStoreDefault. We might want to make a native
161 // backend for PasswordStoreX (see below) in the future though.
162 ps = new password_manager::PasswordStoreDefault(
163 main_thread_runner, db_thread_runner, login_db.release());
164 #elif defined(USE_X11)
165 // On POSIX systems, we try to use the "native" password management system of
166 // the desktop environment currently running, allowing GNOME Keyring in XFCE.
167 // (In all cases we fall back on the basic store in case of failure.)
168 base::nix::DesktopEnvironment desktop_env;
169 std::string store_type =
170 CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
171 switches::kPasswordStore);
172 if (store_type == "kwallet") {
173 desktop_env = base::nix::DESKTOP_ENVIRONMENT_KDE4;
174 } else if (store_type == "gnome") {
175 desktop_env = base::nix::DESKTOP_ENVIRONMENT_GNOME;
176 } else if (store_type == "basic") {
177 desktop_env = base::nix::DESKTOP_ENVIRONMENT_OTHER;
179 // Detect the store to use automatically.
180 scoped_ptr<base::Environment> env(base::Environment::Create());
181 desktop_env = base::nix::GetDesktopEnvironment(env.get());
182 const char* name = base::nix::GetDesktopEnvironmentName(desktop_env);
183 VLOG(1) << "Password storage detected desktop environment: "
184 << (name ? name : "(unknown)");
187 PrefService* prefs = profile->GetPrefs();
188 LocalProfileId id = GetLocalProfileId(prefs);
190 scoped_ptr<PasswordStoreX::NativeBackend> backend;
191 if (desktop_env == base::nix::DESKTOP_ENVIRONMENT_KDE4) {
192 // KDE3 didn't use DBus, which our KWallet store uses.
193 VLOG(1) << "Trying KWallet for password storage.";
194 backend.reset(new NativeBackendKWallet(id));
196 VLOG(1) << "Using KWallet for password storage.";
199 } else if (desktop_env == base::nix::DESKTOP_ENVIRONMENT_GNOME ||
200 desktop_env == base::nix::DESKTOP_ENVIRONMENT_UNITY ||
201 desktop_env == base::nix::DESKTOP_ENVIRONMENT_XFCE) {
202 #if defined(USE_GNOME_KEYRING)
203 VLOG(1) << "Trying GNOME keyring for password storage.";
204 backend.reset(new NativeBackendGnome(id));
206 VLOG(1) << "Using GNOME keyring for password storage.";
209 #endif // defined(USE_GNOME_KEYRING)
212 if (!backend.get()) {
213 LOG(WARNING) << "Using basic (unencrypted) store for password storage. "
214 "See http://code.google.com/p/chromium/wiki/LinuxPasswordStorage for "
215 "more information about password storage options.";
218 ps = new PasswordStoreX(main_thread_runner,
222 #elif defined(USE_OZONE)
223 ps = new password_manager::PasswordStoreDefault(
224 main_thread_runner, db_thread_runner, login_db.release());
228 if (!ps || !ps->Init(
229 sync_start_util::GetFlareForSyncableService(profile->GetPath()))) {
230 NOTREACHED() << "Could not initialize password manager.";
234 return new PasswordStoreService(ps);
237 void PasswordStoreFactory::RegisterProfilePrefs(
238 user_prefs::PrefRegistrySyncable* registry) {
239 #if !defined(OS_CHROMEOS) && defined(USE_X11)
240 // Notice that the preprocessor conditions above are exactly those that will
241 // result in using PasswordStoreX in BuildServiceInstanceFor().
242 registry->RegisterIntegerPref(
243 password_manager::prefs::kLocalProfileId,
244 kInvalidLocalProfileId,
245 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
249 content::BrowserContext* PasswordStoreFactory::GetBrowserContextToUse(
250 content::BrowserContext* context) const {
251 return chrome::GetBrowserContextRedirectedInIncognito(context);
254 bool PasswordStoreFactory::ServiceIsNULLWhileTesting() const {