15d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 2868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)// found in the LICENSE file. 4868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 55d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SESSION_USER_SESSION_MANAGER_H_ 65d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#define CHROME_BROWSER_CHROMEOS_LOGIN_SESSION_USER_SESSION_MANAGER_H_ 7868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 8868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include <string> 9868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 10868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/basictypes.h" 11eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "base/callback.h" 127dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch#include "base/memory/scoped_ptr.h" 13868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/memory/singleton.h" 145f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "base/memory/weak_ptr.h" 155f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "base/observer_list.h" 16868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "chrome/browser/chromeos/base/locale_util.h" 17868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "chrome/browser/chromeos/login/signin/oauth2_login_manager.h" 18868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "chromeos/dbus/session_manager_client.h" 19868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "chromeos/ime/input_method_manager.h" 20868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "chromeos/login/auth/authenticator.h" 21868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "chromeos/login/auth/user_context.h" 22868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "components/user_manager/user.h" 23868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "components/user_manager/user_manager.h" 24868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "net/base/network_change_notifier.h" 25868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 26868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)class PrefRegistrySimple; 27868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)class PrefService; 28868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)class Profile; 29868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 30868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)namespace user_manager { 31868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 32868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)class User; 33868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 34868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)} // namespace user_manager 35868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 36868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)namespace chromeos { 37868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 38868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)class EasyUnlockKeyManager; 39868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 40868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)class UserSessionManagerDelegate { 41868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) public: 42a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // Called after profile is loaded and prepared for the session. 43868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) virtual void OnProfilePrepared(Profile* profile) = 0; 44868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 455f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#if defined(ENABLE_RLZ) 465f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Called after post-profile RLZ initialization. 475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual void OnRlzInitialized(); 48#endif 49 protected: 50 virtual ~UserSessionManagerDelegate(); 51}; 52 53class UserSessionStateObserver { 54 public: 55 // Called when UserManager finishes restoring user sessions after crash. 56 virtual void PendingUserSessionsRestoreFinished(); 57 58 protected: 59 virtual ~UserSessionStateObserver(); 60}; 61 62// UserSessionManager is responsible for starting user session which includes: 63// load and initialize Profile (including custom Profile preferences), 64// mark user as logged in and notify observers, 65// initialize OAuth2 authentication session, 66// initialize and launch user session based on the user type. 67// Also supports restoring active user sessions after browser crash: 68// load profile, restore OAuth authentication session etc. 69class UserSessionManager 70 : public OAuth2LoginManager::Observer, 71 public net::NetworkChangeNotifier::ConnectionTypeObserver, 72 public base::SupportsWeakPtr<UserSessionManager>, 73 public UserSessionManagerDelegate, 74 public user_manager::UserManager::UserSessionStateObserver { 75 public: 76 // Returns UserSessionManager instance. 77 static UserSessionManager* GetInstance(); 78 79 // Called when user is logged in to override base::DIR_HOME path. 80 static void OverrideHomedir(); 81 82 // Registers session related preferences. 83 static void RegisterPrefs(PrefRegistrySimple* registry); 84 85 // Start user session given |user_context| and |authenticator| which holds 86 // authentication context (profile). 87 void StartSession(const UserContext& user_context, 88 scoped_refptr<Authenticator> authenticator, 89 bool has_auth_cookies, 90 bool has_active_session, 91 UserSessionManagerDelegate* delegate); 92 93 // Perform additional actions once system wide notification 94 // "UserLoggedIn" has been sent. 95 void PerformPostUserLoggedInActions(); 96 97 // Restores authentication session after crash. 98 void RestoreAuthenticationSession(Profile* profile); 99 100 // Usually is called when Chrome is restarted after a crash and there's an 101 // active session. First user (one that is passed with --login-user) Chrome 102 // session has been already restored at this point. This method asks session 103 // manager for all active user sessions, marks them as logged in 104 // and notifies observers. 105 void RestoreActiveSessions(); 106 107 // Returns true iff browser has been restarted after crash and 108 // UserSessionManager finished restoring user sessions. 109 bool UserSessionsRestored() const; 110 111 // Returns true iff browser has been restarted after crash and 112 // user sessions restoration is in progress. 113 bool UserSessionsRestoreInProgress() const; 114 115 // Initialize RLZ. 116 void InitRlz(Profile* profile); 117 118 // Get the NSS cert database for the user represented with |profile| 119 // and start certificate loader with it. 120 void InitializeCerts(Profile* profile); 121 122 // TODO(nkostylev): Drop these methods once LoginUtilsImpl::AttemptRestart() 123 // is migrated. 124 OAuth2LoginManager::SessionRestoreStrategy GetSigninSessionRestoreStrategy(); 125 bool exit_after_session_restore() { return exit_after_session_restore_; } 126 void set_exit_after_session_restore(bool value) { 127 exit_after_session_restore_ = value; 128 } 129 130 // Invoked when the user is logging in for the first time, or is logging in to 131 // an ephemeral session type, such as guest or a public session. 132 void SetFirstLoginPrefs(Profile* profile, 133 const std::string& public_session_locale, 134 const std::string& public_session_input_method); 135 136 // Gets/sets Chrome OAuth client id and secret for kiosk app mode. The default 137 // values can be overridden with kiosk auth file. 138 bool GetAppModeChromeClientOAuthInfo( 139 std::string* chrome_client_id, 140 std::string* chrome_client_secret); 141 void SetAppModeChromeClientOAuthInfo( 142 const std::string& chrome_client_id, 143 const std::string& chrome_client_secret); 144 145 // Changes browser locale (selects best suitable locale from different 146 // user settings). Returns true if callback will be called. 147 bool RespectLocalePreference( 148 Profile* profile, 149 const user_manager::User* user, 150 scoped_ptr<locale_util::SwitchLanguageCallback> callback) const; 151 152 // Returns true if Easy unlock keys needs to be updated. 153 bool NeedsToUpdateEasyUnlockKeys() const; 154 155 // Returns true if there are pending Easy unlock key operations and 156 // |callback| will be invoked when it is done. 157 bool CheckEasyUnlockKeyOps(const base::Closure& callback); 158 159 void AddSessionStateObserver(chromeos::UserSessionStateObserver* observer); 160 void RemoveSessionStateObserver(chromeos::UserSessionStateObserver* observer); 161 162 virtual void ActiveUserChanged( 163 const user_manager::User* active_user) OVERRIDE; 164 165 // Returns default IME state for user session. 166 scoped_refptr<input_method::InputMethodManager::State> GetDefaultIMEState( 167 Profile* profile); 168 169 // Note this could return NULL if not enabled. 170 EasyUnlockKeyManager* GetEasyUnlockKeyManager(); 171 172 // Update Easy unlock cryptohome keys for given user context. 173 void UpdateEasyUnlockKeys(const UserContext& user_context); 174 175 private: 176 friend struct DefaultSingletonTraits<UserSessionManager>; 177 178 typedef std::set<std::string> SigninSessionRestoreStateSet; 179 180 UserSessionManager(); 181 virtual ~UserSessionManager(); 182 183 // OAuth2LoginManager::Observer overrides: 184 virtual void OnSessionRestoreStateChanged( 185 Profile* user_profile, 186 OAuth2LoginManager::SessionRestoreState state) OVERRIDE; 187 virtual void OnNewRefreshTokenAvaiable(Profile* user_profile) OVERRIDE; 188 189 // net::NetworkChangeNotifier::ConnectionTypeObserver overrides: 190 virtual void OnConnectionTypeChanged( 191 net::NetworkChangeNotifier::ConnectionType type) OVERRIDE; 192 193 // UserSessionManagerDelegate overrides: 194 // Used when restoring user sessions after crash. 195 virtual void OnProfilePrepared(Profile* profile) OVERRIDE; 196 197 void CreateUserSession(const UserContext& user_context, 198 bool has_auth_cookies); 199 void PreStartSession(); 200 void StartCrosSession(); 201 void NotifyUserLoggedIn(); 202 void PrepareProfile(); 203 204 // Callback for asynchronous profile creation. 205 void OnProfileCreated(const UserContext& user_context, 206 bool is_incognito_profile, 207 Profile* profile, 208 Profile::CreateStatus status); 209 210 // Callback for Profile::CREATE_STATUS_CREATED profile state. 211 // Initializes basic preferences for newly created profile. Any other 212 // early profile initialization that needs to happen before 213 // ProfileManager::DoFinalInit() gets called is done here. 214 void InitProfilePreferences(Profile* profile, 215 const UserContext& user_context); 216 217 // Callback for Profile::CREATE_STATUS_INITIALIZED profile state. 218 // Profile is created, extensions and promo resources are initialized. 219 void UserProfileInitialized(Profile* profile, 220 bool is_incognito_profile, 221 const std::string& user_id); 222 223 // Callback to resume profile creation after transferring auth data from 224 // the authentication profile. 225 void CompleteProfileCreateAfterAuthTransfer(Profile* profile); 226 227 // Finalized profile preparation. 228 void FinalizePrepareProfile(Profile* profile); 229 230 // Initializes member variables needed for session restore process via 231 // OAuthLoginManager. 232 void InitSessionRestoreStrategy(); 233 234 // Restores GAIA auth cookies for the created user profile from OAuth2 token. 235 void RestoreAuthSessionImpl(Profile* profile, 236 bool restore_from_auth_cookies); 237 238 // Initializes RLZ. If |disabled| is true, RLZ pings are disabled. 239 void InitRlzImpl(Profile* profile, bool disabled); 240 241 // Starts loading CRL set. 242 void InitializeCRLSetFetcher(const user_manager::User* user); 243 244 // Callback to process RetrieveActiveSessions() request results. 245 void OnRestoreActiveSessions( 246 const SessionManagerClient::ActiveSessionsMap& sessions, 247 bool success); 248 249 // Called by OnRestoreActiveSessions() when there're user sessions in 250 // |pending_user_sessions_| that has to be restored one by one. 251 // Also called after first user session from that list is restored and so on. 252 // Process continues till |pending_user_sessions_| map is not empty. 253 void RestorePendingUserSessions(); 254 255 // Notifies observers that user pending sessions restore has finished. 256 void NotifyPendingUserSessionsRestoreFinished(); 257 258 // Callback invoked when Easy unlock key operations are finished. 259 void OnEasyUnlockKeyOpsFinished(const std::string& user_id, 260 bool success); 261 262 UserSessionManagerDelegate* delegate_; 263 264 // Authentication/user context. 265 UserContext user_context_; 266 scoped_refptr<Authenticator> authenticator_; 267 268 // True if the authentication context's cookie jar contains authentication 269 // cookies from the authentication extension login flow. 270 bool has_auth_cookies_; 271 272 // Active user session restoration related members. 273 274 // True if user sessions has been restored after crash. 275 // On a normal boot then login into user sessions this will be false. 276 bool user_sessions_restored_; 277 278 // True if user sessions restoration after crash is in progress. 279 bool user_sessions_restore_in_progress_; 280 281 // User sessions that have to be restored after browser crash. 282 // [user_id] > [user_id_hash] 283 SessionManagerClient::ActiveSessionsMap pending_user_sessions_; 284 285 ObserverList<chromeos::UserSessionStateObserver> session_state_observer_list_; 286 287 // OAuth2 session related members. 288 289 // True if we should restart chrome right after session restore. 290 bool exit_after_session_restore_; 291 292 // Sesion restore strategy. 293 OAuth2LoginManager::SessionRestoreStrategy session_restore_strategy_; 294 295 // OAuth2 refresh token for session restore. 296 std::string oauth2_refresh_token_; 297 298 // Set of user_id for those users that we should restore authentication 299 // session when notified about online state change. 300 SigninSessionRestoreStateSet pending_signin_restore_sessions_; 301 302 // Kiosk mode related members. 303 // Chrome oauth client id and secret - override values for kiosk mode. 304 std::string chrome_client_id_; 305 std::string chrome_client_secret_; 306 307 // Per-user-session Input Methods states. 308 std::map<Profile*, scoped_refptr<input_method::InputMethodManager::State> > 309 default_ime_states_; 310 311 // Manages Easy unlock cryptohome keys. 312 scoped_ptr<EasyUnlockKeyManager> easy_unlock_key_manager_; 313 bool running_easy_unlock_key_ops_; 314 base::Closure easy_unlock_key_ops_finished_callback_; 315 316 DISALLOW_COPY_AND_ASSIGN(UserSessionManager); 317}; 318 319} // namespace chromeos 320 321#endif // CHROME_BROWSER_CHROMEOS_LOGIN_SESSION_USER_SESSION_MANAGER_H_ 322