src/chrome/browser/signin/chrome_signin_client.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/signin/chrome_signin_client.h"
   6
   7 #include "base/command_line.h"
   8 #include "base/guid.h"
   9 #include "base/prefs/pref_service.h"
  10 #include "chrome/browser/browser_process.h"
  11 #include "chrome/browser/content_settings/cookie_settings.h"
  12 #include "chrome/browser/net/chrome_cookie_notification_details.h"
  13 #include "chrome/browser/profiles/profile_info_cache.h"
  14 #include "chrome/browser/profiles/profile_manager.h"
  15 #include "chrome/browser/signin/local_auth.h"
  16 #include "chrome/browser/signin/signin_cookie_changed_subscription.h"
  17 #include "chrome/browser/webdata/web_data_service_factory.h"
  18 #include "chrome/common/chrome_version_info.h"
  19 #include "components/metrics/metrics_service.h"
  20 #include "components/signin/core/common/profile_management_switches.h"
  21 #include "components/signin/core/common/signin_pref_names.h"
  22 #include "components/signin/core/common/signin_switches.h"
  23 #include "content/public/browser/render_process_host.h"
  24 #include "content/public/common/child_process_host.h"
  25 #include "net/url_request/url_request_context_getter.h"
  26 #include "url/gurl.h"
  27
  28 #if defined(ENABLE_MANAGED_USERS)
  29 #include "chrome/browser/supervised_user/supervised_user_constants.h"
  30 #endif
  31
  32 #if defined(OS_CHROMEOS)
  33 #include "components/user_manager/user_manager.h"
  34 #endif
  35
  36 #if !defined(OS_ANDROID)
  37 #include "chrome/browser/first_run/first_run.h"
  38 #endif
  39
  40 using content::ChildProcessHost;
  41 using content::RenderProcessHost;
  42
  43 namespace {
  44
  45 const char kGoogleAccountsUrl[] = "https://accounts.google.com";
  46
  47 }  // namespace
  48
  49 ChromeSigninClient::ChromeSigninClient(Profile* profile)
  50     : profile_(profile), signin_host_id_(ChildProcessHost::kInvalidUniqueID) {
  51 }
  52
  53 ChromeSigninClient::~ChromeSigninClient() {
  54   std::set<RenderProcessHost*>::iterator i;
  55   for (i = signin_hosts_observed_.begin(); i != signin_hosts_observed_.end();
  56        ++i) {
  57     (*i)->RemoveObserver(this);
  58   }
  59 }
  60
  61 // static
  62 bool ChromeSigninClient::ProfileAllowsSigninCookies(Profile* profile) {
  63   CookieSettings* cookie_settings =
  64       CookieSettings::Factory::GetForProfile(profile).get();
  65   return SettingsAllowSigninCookies(cookie_settings);
  66 }
  67
  68 // static
  69 bool ChromeSigninClient::SettingsAllowSigninCookies(
  70     CookieSettings* cookie_settings) {
  71   return cookie_settings &&
  72          cookie_settings->IsSettingCookieAllowed(GURL(kGoogleAccountsUrl),
  73                                                  GURL(kGoogleAccountsUrl));
  74 }
  75
  76 void ChromeSigninClient::SetSigninProcess(int process_id) {
  77   if (process_id == signin_host_id_)
  78     return;
  79   DLOG_IF(WARNING, signin_host_id_ != ChildProcessHost::kInvalidUniqueID)
  80       << "Replacing in-use signin process.";
  81   signin_host_id_ = process_id;
  82   RenderProcessHost* host = RenderProcessHost::FromID(process_id);
  83   DCHECK(host);
  84   host->AddObserver(this);
  85   signin_hosts_observed_.insert(host);
  86 }
  87
  88 void ChromeSigninClient::ClearSigninProcess() {
  89   signin_host_id_ = ChildProcessHost::kInvalidUniqueID;
  90 }
  91
  92 bool ChromeSigninClient::IsSigninProcess(int process_id) const {
  93   return process_id != ChildProcessHost::kInvalidUniqueID &&
  94          process_id == signin_host_id_;
  95 }
  96
  97 bool ChromeSigninClient::HasSigninProcess() const {
  98   return signin_host_id_ != ChildProcessHost::kInvalidUniqueID;
  99 }
 100
 101 void ChromeSigninClient::RenderProcessHostDestroyed(RenderProcessHost* host) {
 102   // It's possible we're listening to a "stale" renderer because it was replaced
 103   // with a new process by process-per-site. In either case, stop observing it,
 104   // but only reset signin_host_id_ tracking if this was from the current signin
 105   // process.
 106   signin_hosts_observed_.erase(host);
 107   if (signin_host_id_ == host->GetID())
 108     signin_host_id_ = ChildProcessHost::kInvalidUniqueID;
 109 }
 110
 111 PrefService* ChromeSigninClient::GetPrefs() { return profile_->GetPrefs(); }
 112
 113 scoped_refptr<TokenWebData> ChromeSigninClient::GetDatabase() {
 114   return WebDataServiceFactory::GetTokenWebDataForProfile(
 115       profile_, Profile::EXPLICIT_ACCESS);
 116 }
 117
 118 bool ChromeSigninClient::CanRevokeCredentials() {
 119 #if defined(OS_CHROMEOS)
 120   // UserManager may not exist in unit_tests.
 121   if (user_manager::UserManager::IsInitialized() &&
 122       user_manager::UserManager::Get()->IsLoggedInAsSupervisedUser()) {
 123     // Don't allow revoking credentials for Chrome OS supervised users.
 124     // See http://crbug.com/332032
 125     LOG(ERROR) << "Attempt to revoke supervised user refresh "
 126                << "token detected, ignoring.";
 127     return false;
 128   }
 129 #else
 130   // Don't allow revoking credentials for supervised users.
 131   // See http://crbug.com/332032
 132   if (profile_->IsSupervised()) {
 133     LOG(ERROR) << "Attempt to revoke supervised user refresh "
 134                << "token detected, ignoring.";
 135     return false;
 136   }
 137 #endif
 138   return true;
 139 }
 140
 141 std::string ChromeSigninClient::GetSigninScopedDeviceId() {
 142   if (CommandLine::ForCurrentProcess()->HasSwitch(
 143           switches::kDisableSigninScopedDeviceId)) {
 144     return std::string();
 145   }
 146
 147   std::string signin_scoped_device_id =
 148       GetPrefs()->GetString(prefs::kGoogleServicesSigninScopedDeviceId);
 149   if (signin_scoped_device_id.empty()) {
 150     // If device_id doesn't exist then generate new and save in prefs.
 151     signin_scoped_device_id = base::GenerateGUID();
 152     DCHECK(!signin_scoped_device_id.empty());
 153     GetPrefs()->SetString(prefs::kGoogleServicesSigninScopedDeviceId,
 154                           signin_scoped_device_id);
 155   }
 156   return signin_scoped_device_id;
 157 }
 158
 159 void ChromeSigninClient::OnSignedOut() {
 160   GetPrefs()->ClearPref(prefs::kGoogleServicesSigninScopedDeviceId);
 161   ProfileInfoCache& cache =
 162       g_browser_process->profile_manager()->GetProfileInfoCache();
 163   size_t index = cache.GetIndexOfProfileWithPath(profile_->GetPath());
 164   cache.SetLocalAuthCredentialsOfProfileAtIndex(index, std::string());
 165   cache.SetProfileSigninRequiredAtIndex(index, false);
 166 }
 167
 168 net::URLRequestContextGetter* ChromeSigninClient::GetURLRequestContext() {
 169   return profile_->GetRequestContext();
 170 }
 171
 172 bool ChromeSigninClient::ShouldMergeSigninCredentialsIntoCookieJar() {
 173   // If inline sign in is enabled, but account consistency is not, the user's
 174   // credentials should be merge into the cookie jar.
 175   return !switches::IsEnableWebBasedSignin() &&
 176          !switches::IsEnableAccountConsistency();
 177 }
 178
 179 std::string ChromeSigninClient::GetProductVersion() {
 180   chrome::VersionInfo chrome_version;
 181   return chrome_version.CreateVersionString();
 182 }
 183
 184 bool ChromeSigninClient::IsFirstRun() const {
 185 #if defined(OS_ANDROID)
 186   return false;
 187 #else
 188   return first_run::IsChromeFirstRun();
 189 #endif
 190 }
 191
 192 base::Time ChromeSigninClient::GetInstallDate() {
 193   return base::Time::FromTimeT(
 194       g_browser_process->metrics_service()->GetInstallDate());
 195 }
 196
 197 scoped_ptr<SigninClient::CookieChangedSubscription>
 198 ChromeSigninClient::AddCookieChangedCallback(
 199     const GURL& url,
 200     const std::string& name,
 201     const net::CookieStore::CookieChangedCallback& callback) {
 202   scoped_refptr<net::URLRequestContextGetter> context_getter =
 203       profile_->GetRequestContext();
 204   DCHECK(context_getter.get());
 205   scoped_ptr<SigninCookieChangedSubscription> subscription(
 206       new SigninCookieChangedSubscription(context_getter, url, name, callback));
 207   return subscription.Pass();
 208 }
 209
 210 void ChromeSigninClient::GoogleSigninSucceeded(const std::string& account_id,
 211                                                const std::string& username,
 212                                                const std::string& password) {
 213 #if !defined(OS_ANDROID) && !defined(OS_IOS) && !defined(OS_CHROMEOS)
 214   // Don't store password hash except for users of new profile management.
 215   if (switches::IsNewProfileManagement())
 216     chrome::SetLocalAuthCredentials(profile_, password);
 217 #endif
 218 }