login_utils.cc revision 513209b27ff55e2841eac0e4120199c23acce758
1// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/chromeos/login/login_utils.h" 6 7#include <vector> 8 9#include "base/command_line.h" 10#include "base/file_path.h" 11#include "base/file_util.h" 12#include "base/lock.h" 13#include "base/path_service.h" 14#include "base/scoped_ptr.h" 15#include "base/singleton.h" 16#include "base/string_util.h" 17#include "base/time.h" 18#include "base/utf_string_conversions.h" 19#include "chrome/browser/browser_init.h" 20#include "chrome/browser/browser_process.h" 21#include "chrome/browser/browser_thread.h" 22#include "chrome/browser/chromeos/boot_times_loader.h" 23#include "chrome/browser/chromeos/cros/login_library.h" 24#include "chrome/browser/chromeos/cros/network_library.h" 25#include "chrome/browser/chromeos/external_cookie_handler.h" 26#include "chrome/browser/chromeos/input_method/input_method_util.h" 27#include "chrome/browser/chromeos/login/cookie_fetcher.h" 28#include "chrome/browser/chromeos/login/google_authenticator.h" 29#include "chrome/browser/chromeos/login/ownership_service.h" 30#include "chrome/browser/chromeos/login/parallel_authenticator.h" 31#include "chrome/browser/chromeos/login/user_image_downloader.h" 32#include "chrome/browser/chromeos/login/user_manager.h" 33#include "chrome/browser/extensions/extensions_service.h" 34#include "chrome/browser/net/gaia/token_service.h" 35#include "chrome/browser/net/preconnect.h" 36#include "chrome/browser/prefs/pref_member.h" 37#include "chrome/browser/profile.h" 38#include "chrome/browser/profile_manager.h" 39#include "chrome/browser/sync/profile_sync_service.h" 40#include "chrome/common/chrome_paths.h" 41#include "chrome/common/chrome_switches.h" 42#include "chrome/common/logging_chrome.h" 43#include "chrome/common/net/gaia/gaia_authenticator2.h" 44#include "chrome/common/net/gaia/gaia_constants.h" 45#include "chrome/common/net/url_request_context_getter.h" 46#include "chrome/common/pref_names.h" 47#include "googleurl/src/gurl.h" 48#include "net/base/cookie_store.h" 49#include "net/url_request/url_request_context.h" 50#include "views/widget/widget_gtk.h" 51 52namespace chromeos { 53 54namespace { 55 56// Prefix for Auth token received from ClientLogin request. 57const char kAuthPrefix[] = "Auth="; 58// Suffix for Auth token received from ClientLogin request. 59const char kAuthSuffix[] = "\n"; 60 61} // namespace 62 63class LoginUtilsImpl : public LoginUtils { 64 public: 65 LoginUtilsImpl() 66 : browser_launch_enabled_(true) { 67 } 68 69 // Invoked after the user has successfully logged in. This launches a browser 70 // and does other bookkeeping after logging in. 71 virtual void CompleteLogin( 72 const std::string& username, 73 const std::string& password, 74 const GaiaAuthConsumer::ClientLoginResult& credentials); 75 76 // Invoked after the tmpfs is successfully mounted. 77 // Launches a browser in the off the record (incognito) mode. 78 virtual void CompleteOffTheRecordLogin(const GURL& start_url); 79 80 // Creates and returns the authenticator to use. The caller owns the returned 81 // Authenticator and must delete it when done. 82 virtual Authenticator* CreateAuthenticator(LoginStatusConsumer* consumer); 83 84 // Used to postpone browser launch via DoBrowserLaunch() if some post 85 // login screen is to be shown. 86 virtual void EnableBrowserLaunch(bool enable); 87 88 // Returns if browser launch enabled now or not. 89 virtual bool IsBrowserLaunchEnabled() const; 90 91 // Warms the url used by authentication. 92 virtual void PrewarmAuthentication(); 93 94 private: 95 // Indicates if DoBrowserLaunch will actually launch the browser or not. 96 bool browser_launch_enabled_; 97 98 DISALLOW_COPY_AND_ASSIGN(LoginUtilsImpl); 99}; 100 101class LoginUtilsWrapper { 102 public: 103 LoginUtilsWrapper() {} 104 105 LoginUtils* get() { 106 AutoLock create(create_lock_); 107 if (!ptr_.get()) 108 reset(new LoginUtilsImpl); 109 return ptr_.get(); 110 } 111 112 void reset(LoginUtils* ptr) { 113 ptr_.reset(ptr); 114 } 115 116 private: 117 Lock create_lock_; 118 scoped_ptr<LoginUtils> ptr_; 119 120 DISALLOW_COPY_AND_ASSIGN(LoginUtilsWrapper); 121}; 122 123void LoginUtilsImpl::CompleteLogin( 124 const std::string& username, 125 const std::string& password, 126 const GaiaAuthConsumer::ClientLoginResult& credentials) { 127 BootTimesLoader* btl = BootTimesLoader::Get(); 128 129 VLOG(1) << "Completing login for " << username; 130 btl->AddLoginTimeMarker("CompletingLogin", false); 131 132 if (CrosLibrary::Get()->EnsureLoaded()) { 133 CrosLibrary::Get()->GetLoginLibrary()->StartSession(username, ""); 134 btl->AddLoginTimeMarker("StartedSession", false); 135 } 136 137 bool first_login = !UserManager::Get()->IsKnownUser(username); 138 UserManager::Get()->UserLoggedIn(username); 139 btl->AddLoginTimeMarker("UserLoggedIn", false); 140 141 // Now get the new profile. 142 FilePath user_data_dir; 143 PathService::Get(chrome::DIR_USER_DATA, &user_data_dir); 144 ProfileManager* profile_manager = g_browser_process->profile_manager(); 145 146 // Switch log file as soon as possible. 147 logging::RedirectChromeLogging(*(CommandLine::ForCurrentProcess())); 148 btl->AddLoginTimeMarker("LoggingRedirected", false); 149 150 // The default profile will have been changed because the ProfileManager 151 // will process the notification that the UserManager sends out. 152 Profile* profile = profile_manager->GetDefaultProfile(user_data_dir); 153 btl->AddLoginTimeMarker("UserProfileGotten", false); 154 155 // Take the credentials passed in and try to exchange them for 156 // full-fledged Google authentication cookies. This is 157 // best-effort; it's possible that we'll fail due to network 158 // troubles or some such. Either way, |cf| will call 159 // DoBrowserLaunch on the UI thread when it's done, and then 160 // delete itself. 161 CookieFetcher* cf = new CookieFetcher(profile); 162 cf->AttemptFetch(credentials.data); 163 btl->AddLoginTimeMarker("CookieFetchStarted", false); 164 165 // Init extension event routers; this normally happens in browser_main 166 // but on Chrome OS it has to be deferred until the user finishes 167 // logging in and the profile is not OTR. 168 if (profile->GetExtensionsService() && 169 profile->GetExtensionsService()->extensions_enabled()) { 170 profile->GetExtensionsService()->InitEventRouters(); 171 } 172 btl->AddLoginTimeMarker("ExtensionsServiceStarted", false); 173 174 // Supply credentials for sync and others to use. Load tokens from disk. 175 TokenService* token_service = profile->GetTokenService(); 176 token_service->Initialize(GaiaConstants::kChromeOSSource, 177 profile); 178 token_service->LoadTokensFromDB(); 179 token_service->UpdateCredentials(credentials); 180 if (token_service->AreCredentialsValid()) { 181 token_service->StartFetchingTokens(); 182 } 183 btl->AddLoginTimeMarker("TokensGotten", false); 184 185 // Set the CrOS user by getting this constructor run with the 186 // user's email on first retrieval. 187 profile->GetProfileSyncService(username)->SetPassphrase(password); 188 btl->AddLoginTimeMarker("SyncStarted", false); 189 190 // Attempt to take ownership; this will fail if device is already owned. 191 OwnershipService::GetSharedInstance()->StartTakeOwnershipAttempt( 192 UserManager::Get()->logged_in_user().email()); 193 // Own TPM device if, for any reason, it has not been done in EULA 194 // wizard screen. 195 if (CrosLibrary::Get()->EnsureLoaded()) { 196 CryptohomeLibrary* cryptohome = CrosLibrary::Get()->GetCryptohomeLibrary(); 197 if (cryptohome->TpmIsEnabled() && !cryptohome->TpmIsBeingOwned()) { 198 if (cryptohome->TpmIsOwned()) { 199 cryptohome->TpmClearStoredPassword(); 200 } else { 201 cryptohome->TpmCanAttemptOwnership(); 202 } 203 } 204 } 205 btl->AddLoginTimeMarker("TPMOwned", false); 206 207 static const char kFallbackInputMethodLocale[] = "en-US"; 208 if (first_login) { 209 std::string locale(g_browser_process->GetApplicationLocale()); 210 // Add input methods based on the application locale when the user first 211 // logs in. For instance, if the user chooses Japanese as the UI 212 // language at the first login, we'll add input methods associated with 213 // Japanese, such as mozc. 214 if (locale != kFallbackInputMethodLocale) { 215 StringPrefMember language_preload_engines; 216 language_preload_engines.Init(prefs::kLanguagePreloadEngines, 217 profile->GetPrefs(), NULL); 218 StringPrefMember language_preferred_languages; 219 language_preferred_languages.Init(prefs::kLanguagePreferredLanguages, 220 profile->GetPrefs(), NULL); 221 222 std::string preload_engines(language_preload_engines.GetValue()); 223 std::vector<std::string> input_method_ids; 224 input_method::GetInputMethodIdsFromLanguageCode( 225 locale, input_method::kAllInputMethods, &input_method_ids); 226 if (!input_method_ids.empty()) { 227 if (!preload_engines.empty()) 228 preload_engines += ','; 229 preload_engines += input_method_ids[0]; 230 } 231 language_preload_engines.SetValue(preload_engines); 232 233 // Add the UI language to the preferred languages the user first logs in. 234 std::string preferred_languages(locale); 235 preferred_languages += ","; 236 preferred_languages += kFallbackInputMethodLocale; 237 language_preferred_languages.SetValue(preferred_languages); 238 btl->AddLoginTimeMarker("IMESTarted", false); 239 } 240 } 241 242 // We suck. This is a hack since we do not have the enterprise feature 243 // done yet to pull down policies from the domain admin. We'll take this 244 // out when we get that done properly. 245 // TODO(xiyuan): Remove this once enterprise feature is ready. 246 if (EndsWith(username, "@google.com", true)) { 247 PrefService* pref_service = profile->GetPrefs(); 248 pref_service->SetBoolean(prefs::kEnableScreenLock, true); 249 } 250 251 DoBrowserLaunch(profile); 252} 253 254void LoginUtilsImpl::CompleteOffTheRecordLogin(const GURL& start_url) { 255 VLOG(1) << "Completing off the record login"; 256 257 UserManager::Get()->OffTheRecordUserLoggedIn(); 258 259 if (CrosLibrary::Get()->EnsureLoaded()) { 260 // For guest session we ask session manager to restart Chrome with --bwsi 261 // flag. We keep only some of the arguments of this process. 262 static const char* kForwardSwitches[] = { 263 switches::kLoggingLevel, 264 switches::kEnableLogging, 265 switches::kUserDataDir, 266 switches::kScrollPixels, 267 switches::kEnableGView, 268 switches::kNoFirstRun, 269 switches::kLoginProfile 270 }; 271 const CommandLine& browser_command_line = 272 *CommandLine::ForCurrentProcess(); 273 CommandLine command_line(browser_command_line.GetProgram()); 274 command_line.CopySwitchesFrom(browser_command_line, 275 kForwardSwitches, 276 arraysize(kForwardSwitches)); 277 command_line.AppendSwitch(switches::kGuestSession); 278 command_line.AppendSwitch(switches::kIncognito); 279 command_line.AppendSwitch(switches::kEnableTabbedOptions); 280 command_line.AppendSwitchASCII( 281 switches::kLoginUser, 282 UserManager::Get()->logged_in_user().email()); 283 if (start_url.is_valid()) 284 command_line.AppendArg(start_url.spec()); 285 CrosLibrary::Get()->GetLoginLibrary()->RestartJob( 286 getpid(), 287 command_line.command_line_string()); 288 } 289} 290 291Authenticator* LoginUtilsImpl::CreateAuthenticator( 292 LoginStatusConsumer* consumer) { 293 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kParallelAuth)) 294 return new ParallelAuthenticator(consumer); 295 else 296 return new GoogleAuthenticator(consumer); 297} 298 299void LoginUtilsImpl::EnableBrowserLaunch(bool enable) { 300 browser_launch_enabled_ = enable; 301} 302 303bool LoginUtilsImpl::IsBrowserLaunchEnabled() const { 304 return browser_launch_enabled_; 305} 306 307// We use a special class for this so that it can be safely leaked if we 308// never connect. At shutdown the order is not well defined, and it's possible 309// for the infrastructure needed to unregister might be unstable and crash. 310class WarmingObserver : public NetworkLibrary::NetworkManagerObserver { 311 public: 312 WarmingObserver() { 313 NetworkLibrary *netlib = CrosLibrary::Get()->GetNetworkLibrary(); 314 netlib->AddNetworkManagerObserver(this); 315 } 316 317 // If we're now connected, prewarm the auth url. 318 void OnNetworkManagerChanged(NetworkLibrary* netlib) { 319 if (netlib->Connected()) { 320 chrome_browser_net::Preconnect::PreconnectOnUIThread( 321 GURL(GaiaAuthenticator2::kClientLoginUrl), 322 chrome_browser_net::UrlInfo::EARLY_LOAD_MOTIVATED); 323 netlib->RemoveNetworkManagerObserver(this); 324 delete this; 325 } 326 } 327}; 328 329void LoginUtilsImpl::PrewarmAuthentication() { 330 if (CrosLibrary::Get()->EnsureLoaded()) { 331 NetworkLibrary *network = CrosLibrary::Get()->GetNetworkLibrary(); 332 if (network->Connected()) { 333 chrome_browser_net::Preconnect::PreconnectOnUIThread( 334 GURL(GaiaAuthenticator2::kClientLoginUrl), 335 chrome_browser_net::UrlInfo::EARLY_LOAD_MOTIVATED); 336 } else { 337 new WarmingObserver(); 338 } 339 } 340} 341 342LoginUtils* LoginUtils::Get() { 343 return Singleton<LoginUtilsWrapper>::get()->get(); 344} 345 346void LoginUtils::Set(LoginUtils* mock) { 347 Singleton<LoginUtilsWrapper>::get()->reset(mock); 348} 349 350void LoginUtils::DoBrowserLaunch(Profile* profile) { 351 BootTimesLoader::Get()->AddLoginTimeMarker("BrowserLaunched", false); 352 // Browser launch was disabled due to some post login screen. 353 if (!LoginUtils::Get()->IsBrowserLaunchEnabled()) 354 return; 355 356 // Update command line in case loose values were added. 357 CommandLine::ForCurrentProcess()->InitFromArgv( 358 CommandLine::ForCurrentProcess()->argv()); 359 360 VLOG(1) << "Launching browser..."; 361 BrowserInit browser_init; 362 int return_code; 363 browser_init.LaunchBrowser(*CommandLine::ForCurrentProcess(), 364 profile, 365 FilePath(), 366 true, 367 &return_code); 368} 369 370} // namespace chromeos 371