1cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#ifndef CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_ 65f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#define CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <string> 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/basictypes.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/ref_counted.h" 125f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "chromeos/chromeos_export.h" 13116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chromeos/login/auth/auth_status_consumer.h" 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "google_apis/gaia/gaia_auth_consumer.h" 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class Profile; 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace chromeos { 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 20cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)class UserContext; 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// An interface for objects that will authenticate a Chromium OS user. 238bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)// Callbacks will be called on the UI thread: 24116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// 1. On successful authentication, will call consumer_->OnAuthSuccess(). 25116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// 2. On failure, will call consumer_->OnAuthFailure(). 268bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)// 3. On password change, will call consumer_->OnPasswordChangeDetected(). 275f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class CHROMEOS_EXPORT Authenticator 285f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) : public base::RefCountedThreadSafe<Authenticator> { 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 30116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch explicit Authenticator(AuthStatusConsumer* consumer); 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 32c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Given externally authenticated username and password (part of 33c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // |user_context|), this method attempts to complete authentication process. 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void CompleteLogin(Profile* profile, 35c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const UserContext& user_context) = 0; 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 37c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Given a user credentials in |user_context|, 38c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // this method attempts to authenticate to login. 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Must be called on the UI thread. 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void AuthenticateToLogin(Profile* profile, 417dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch const UserContext& user_context) = 0; 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 43c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Given a user credentials in |user_context|, this method attempts to 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // authenticate to unlock the computer. 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Must be called on the UI thread. 468bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual void AuthenticateToUnlock(const UserContext& user_context) = 0; 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 485f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Initiates supervised user login. 495f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual void LoginAsSupervisedUser(const UserContext& user_context) = 0; 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Initiates retail mode login. 522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void LoginRetailMode() = 0; 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Initiates incognito ("browse without signing in") login. 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void LoginOffTheRecord() = 0; 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 575f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Initiates login into the public account identified by |user_context|. 585f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual void LoginAsPublicSession(const UserContext& user_context) = 0; 592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 60424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Initiates login into kiosk mode account identified by |app_user_id|. 61424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // The |app_user_id| is a generated username for the account. 62effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch // |use_guest_mount| specifies whether to force the session to use a 63effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch // guest mount. If this is false, we use mount a public cryptohome. 64effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch virtual void LoginAsKioskAccount(const std::string& app_user_id, 65effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch bool use_guest_mount) = 0; 66424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Completes retail mode login. 68116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch virtual void OnRetailModeAuthSuccess() = 0; 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 708bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Notifies caller that login was successful. Must be called on the UI thread. 71116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch virtual void OnAuthSuccess() = 0; 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Must be called on the UI thread. 74116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch virtual void OnAuthFailure(const AuthFailure& error) = 0; 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Call these methods on the UI thread. 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If a password logs the user in online, but cannot be used to 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // mount his cryptohome, we expect that a password change has 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // occurred. 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Call this method to migrate the user's encrypted data 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // forward to use his new password. |old_password| is the password 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // his data was last encrypted with. 835f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual void RecoverEncryptedData(const std::string& old_password) = 0; 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Call this method to erase the user's encrypted data 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // and create a new cryptohome. 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void ResyncEncryptedData() = 0; 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Profile (usually off the record ) that was used to perform the last 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // authentication process. 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Profile* authentication_profile() { return authentication_profile_; } 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Sets consumer explicitly. 94116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch void SetConsumer(AuthStatusConsumer* consumer); 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected: 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual ~Authenticator(); 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 99116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch AuthStatusConsumer* consumer_; 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Profile* authentication_profile_; 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) friend class base::RefCountedThreadSafe<Authenticator>; 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(Authenticator); 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace chromeos 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1105f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#endif // CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_ 111