saml_offline_signin_limiter.h revision 5d1f7b1de12d16ceb2c938c56701a3e8bfa558f7
1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ 6#define CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ 7 8#include "base/basictypes.h" 9#include "base/memory/scoped_ptr.h" 10#include "base/prefs/pref_change_registrar.h" 11#include "base/time/default_clock.h" 12#include "base/time/time.h" 13#include "base/timer/timer.h" 14#include "chrome/browser/chromeos/login/user.h" 15#include "components/browser_context_keyed_service/browser_context_keyed_service.h" 16 17class Profile; 18 19namespace base { 20class Clock; 21} 22 23namespace user_prefs { 24class PrefRegistrySyncable; 25} 26 27namespace chromeos { 28 29// Enforces a limit on the length of time for which a user authenticated via 30// SAML can use offline authentication against a cached password before being 31// forced to go through online authentication against GAIA again. 32class SAMLOfflineSigninLimiter : public BrowserContextKeyedService { 33 public: 34 // Registers preferences. 35 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); 36 37 // Called when the user successfully authenticates. |auth_flow| indicates 38 // the type of authentication flow that the user went through. 39 void SignedIn(UserContext::AuthFlow auth_flow); 40 41 // BrowserContextKeyedService: 42 virtual void Shutdown() OVERRIDE; 43 44 private: 45 friend class SAMLOfflineSigninLimiterFactory; 46 friend class SAMLOfflineSigninLimiterTest; 47 48 // |profile| and |clock| must remain valid until Shutdown() is called. If 49 // |clock| is NULL, the |default_clock_| will be used. 50 SAMLOfflineSigninLimiter(Profile* profile, base::Clock* clock); 51 virtual ~SAMLOfflineSigninLimiter(); 52 53 // Recalculates the amount of time remaining until online login should be 54 // forced and sets the |offline_signin_limit_timer_| accordingly. If the limit 55 // has expired already, sets the flag enforcing online login immediately. 56 void UpdateLimit(); 57 58 // Sets the flag enforcing online login. This will cause the user's next login 59 // to use online authentication against GAIA. 60 void ForceOnlineLogin(); 61 62 base::DefaultClock default_clock_; 63 64 Profile* profile_; 65 base::Clock* clock_; 66 67 PrefChangeRegistrar pref_change_registrar_; 68 69 scoped_ptr<base::OneShotTimer<SAMLOfflineSigninLimiter> > 70 offline_signin_limit_timer_; 71 72 DISALLOW_COPY_AND_ASSIGN(SAMLOfflineSigninLimiter); 73}; 74 75} // namespace chromeos 76 77#endif // CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ 78