1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/signin/chrome_signin_client.h"
7 #include "base/command_line.h"
9 #include "base/prefs/pref_service.h"
10 #include "chrome/browser/browser_process.h"
11 #include "chrome/browser/content_settings/cookie_settings.h"
12 #include "chrome/browser/net/chrome_cookie_notification_details.h"
13 #include "chrome/browser/profiles/profile_info_cache.h"
14 #include "chrome/browser/profiles/profile_manager.h"
15 #include "chrome/browser/signin/local_auth.h"
16 #include "chrome/browser/signin/signin_cookie_changed_subscription.h"
17 #include "chrome/browser/webdata/web_data_service_factory.h"
18 #include "chrome/common/chrome_version_info.h"
19 #include "components/metrics/metrics_service.h"
20 #include "components/signin/core/common/profile_management_switches.h"
21 #include "components/signin/core/common/signin_pref_names.h"
22 #include "components/signin/core/common/signin_switches.h"
23 #include "content/public/browser/render_process_host.h"
24 #include "content/public/common/child_process_host.h"
25 #include "net/url_request/url_request_context_getter.h"
28 #if defined(ENABLE_MANAGED_USERS)
29 #include "chrome/browser/supervised_user/supervised_user_constants.h"
32 #if defined(OS_CHROMEOS)
33 #include "components/user_manager/user_manager.h"
36 #if !defined(OS_ANDROID)
37 #include "chrome/browser/first_run/first_run.h"
40 using content::ChildProcessHost;
41 using content::RenderProcessHost;
45 const char kGoogleAccountsUrl[] = "https://accounts.google.com";
49 ChromeSigninClient::ChromeSigninClient(Profile* profile)
50 : profile_(profile), signin_host_id_(ChildProcessHost::kInvalidUniqueID) {
53 ChromeSigninClient::~ChromeSigninClient() {
54 std::set<RenderProcessHost*>::iterator i;
55 for (i = signin_hosts_observed_.begin(); i != signin_hosts_observed_.end();
57 (*i)->RemoveObserver(this);
62 bool ChromeSigninClient::ProfileAllowsSigninCookies(Profile* profile) {
63 CookieSettings* cookie_settings =
64 CookieSettings::Factory::GetForProfile(profile).get();
65 return SettingsAllowSigninCookies(cookie_settings);
69 bool ChromeSigninClient::SettingsAllowSigninCookies(
70 CookieSettings* cookie_settings) {
71 return cookie_settings &&
72 cookie_settings->IsSettingCookieAllowed(GURL(kGoogleAccountsUrl),
73 GURL(kGoogleAccountsUrl));
76 void ChromeSigninClient::SetSigninProcess(int process_id) {
77 if (process_id == signin_host_id_)
79 DLOG_IF(WARNING, signin_host_id_ != ChildProcessHost::kInvalidUniqueID)
80 << "Replacing in-use signin process.";
81 signin_host_id_ = process_id;
82 RenderProcessHost* host = RenderProcessHost::FromID(process_id);
84 host->AddObserver(this);
85 signin_hosts_observed_.insert(host);
88 void ChromeSigninClient::ClearSigninProcess() {
89 signin_host_id_ = ChildProcessHost::kInvalidUniqueID;
92 bool ChromeSigninClient::IsSigninProcess(int process_id) const {
93 return process_id != ChildProcessHost::kInvalidUniqueID &&
94 process_id == signin_host_id_;
97 bool ChromeSigninClient::HasSigninProcess() const {
98 return signin_host_id_ != ChildProcessHost::kInvalidUniqueID;
101 void ChromeSigninClient::RenderProcessHostDestroyed(RenderProcessHost* host) {
102 // It's possible we're listening to a "stale" renderer because it was replaced
103 // with a new process by process-per-site. In either case, stop observing it,
104 // but only reset signin_host_id_ tracking if this was from the current signin
106 signin_hosts_observed_.erase(host);
107 if (signin_host_id_ == host->GetID())
108 signin_host_id_ = ChildProcessHost::kInvalidUniqueID;
111 PrefService* ChromeSigninClient::GetPrefs() { return profile_->GetPrefs(); }
113 scoped_refptr<TokenWebData> ChromeSigninClient::GetDatabase() {
114 return WebDataServiceFactory::GetTokenWebDataForProfile(
115 profile_, Profile::EXPLICIT_ACCESS);
118 bool ChromeSigninClient::CanRevokeCredentials() {
119 #if defined(OS_CHROMEOS)
120 // UserManager may not exist in unit_tests.
121 if (user_manager::UserManager::IsInitialized() &&
122 user_manager::UserManager::Get()->IsLoggedInAsSupervisedUser()) {
123 // Don't allow revoking credentials for Chrome OS supervised users.
124 // See http://crbug.com/332032
125 LOG(ERROR) << "Attempt to revoke supervised user refresh "
126 << "token detected, ignoring.";
130 // Don't allow revoking credentials for supervised users.
131 // See http://crbug.com/332032
132 if (profile_->IsSupervised()) {
133 LOG(ERROR) << "Attempt to revoke supervised user refresh "
134 << "token detected, ignoring.";
141 std::string ChromeSigninClient::GetSigninScopedDeviceId() {
142 if (CommandLine::ForCurrentProcess()->HasSwitch(
143 switches::kDisableSigninScopedDeviceId)) {
144 return std::string();
147 std::string signin_scoped_device_id =
148 GetPrefs()->GetString(prefs::kGoogleServicesSigninScopedDeviceId);
149 if (signin_scoped_device_id.empty()) {
150 // If device_id doesn't exist then generate new and save in prefs.
151 signin_scoped_device_id = base::GenerateGUID();
152 DCHECK(!signin_scoped_device_id.empty());
153 GetPrefs()->SetString(prefs::kGoogleServicesSigninScopedDeviceId,
154 signin_scoped_device_id);
156 return signin_scoped_device_id;
159 void ChromeSigninClient::OnSignedOut() {
160 GetPrefs()->ClearPref(prefs::kGoogleServicesSigninScopedDeviceId);
161 ProfileInfoCache& cache =
162 g_browser_process->profile_manager()->GetProfileInfoCache();
163 size_t index = cache.GetIndexOfProfileWithPath(profile_->GetPath());
164 cache.SetLocalAuthCredentialsOfProfileAtIndex(index, std::string());
165 cache.SetProfileSigninRequiredAtIndex(index, false);
168 net::URLRequestContextGetter* ChromeSigninClient::GetURLRequestContext() {
169 return profile_->GetRequestContext();
172 bool ChromeSigninClient::ShouldMergeSigninCredentialsIntoCookieJar() {
173 // If inline sign in is enabled, but account consistency is not, the user's
174 // credentials should be merge into the cookie jar.
175 return !switches::IsEnableWebBasedSignin() &&
176 !switches::IsEnableAccountConsistency();
179 std::string ChromeSigninClient::GetProductVersion() {
180 chrome::VersionInfo chrome_version;
181 return chrome_version.CreateVersionString();
184 bool ChromeSigninClient::IsFirstRun() const {
185 #if defined(OS_ANDROID)
188 return first_run::IsChromeFirstRun();
192 base::Time ChromeSigninClient::GetInstallDate() {
193 return base::Time::FromTimeT(
194 g_browser_process->metrics_service()->GetInstallDate());
197 scoped_ptr<SigninClient::CookieChangedSubscription>
198 ChromeSigninClient::AddCookieChangedCallback(
200 const std::string& name,
201 const net::CookieStore::CookieChangedCallback& callback) {
202 scoped_refptr<net::URLRequestContextGetter> context_getter =
203 profile_->GetRequestContext();
204 DCHECK(context_getter.get());
205 scoped_ptr<SigninCookieChangedSubscription> subscription(
206 new SigninCookieChangedSubscription(context_getter, url, name, callback));
207 return subscription.Pass();
210 void ChromeSigninClient::GoogleSigninSucceeded(const std::string& account_id,
211 const std::string& username,
212 const std::string& password) {
213 #if !defined(OS_ANDROID) && !defined(OS_IOS) && !defined(OS_CHROMEOS)
214 // Don't store password hash except for users of new profile management.
215 if (switches::IsNewProfileManagement())
216 chrome::SetLocalAuthCredentials(profile_, password);