saml_offline_signin_limiter.h revision 5d1f7b1de12d16ceb2c938c56701a3e8bfa558f7 
1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_
6#define CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_
7
8#include "base/basictypes.h"
9#include "base/memory/scoped_ptr.h"
10#include "base/prefs/pref_change_registrar.h"
11#include "base/time/default_clock.h"
12#include "base/time/time.h"
13#include "base/timer/timer.h"
14#include "chrome/browser/chromeos/login/user.h"
15#include "components/browser_context_keyed_service/browser_context_keyed_service.h"
16
17class Profile;
18
19namespace base {
20class Clock;
21}
22
23namespace user_prefs {
24class PrefRegistrySyncable;
25}
26
27namespace chromeos {
28
29// Enforces a limit on the length of time for which a user authenticated via
30// SAML can use offline authentication against a cached password before being
31// forced to go through online authentication against GAIA again.
32class SAMLOfflineSigninLimiter : public BrowserContextKeyedService {
33 public:
34  // Registers preferences.
35  static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry);
36
37  // Called when the user successfully authenticates. |auth_flow| indicates
38  // the type of authentication flow that the user went through.
39  void SignedIn(UserContext::AuthFlow auth_flow);
40
41  // BrowserContextKeyedService:
42  virtual void Shutdown() OVERRIDE;
43
44 private:
45  friend class SAMLOfflineSigninLimiterFactory;
46  friend class SAMLOfflineSigninLimiterTest;
47
48  // |profile| and |clock| must remain valid until Shutdown() is called. If
49  // |clock| is NULL, the |default_clock_| will be used.
50  SAMLOfflineSigninLimiter(Profile* profile, base::Clock* clock);
51  virtual ~SAMLOfflineSigninLimiter();
52
53  // Recalculates the amount of time remaining until online login should be
54  // forced and sets the |offline_signin_limit_timer_| accordingly. If the limit
55  // has expired already, sets the flag enforcing online login immediately.
56  void UpdateLimit();
57
58  // Sets the flag enforcing online login. This will cause the user's next login
59  // to use online authentication against GAIA.
60  void ForceOnlineLogin();
61
62  base::DefaultClock default_clock_;
63
64  Profile* profile_;
65  base::Clock* clock_;
66
67  PrefChangeRegistrar pref_change_registrar_;
68
69  scoped_ptr<base::OneShotTimer<SAMLOfflineSigninLimiter> >
70      offline_signin_limit_timer_;
71
72  DISALLOW_COPY_AND_ASSIGN(SAMLOfflineSigninLimiter);
73};
74
75}  // namespace chromeos
76
77#endif  // CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_
78