Home | History | Annotate | Download | only in login 
      1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_AUTHENTICATOR_H_
      6 #define CHROME_BROWSER_CHROMEOS_LOGIN_AUTHENTICATOR_H_
      7 #pragma once
      8 
      9 #include "base/basictypes.h"
     10 #include "base/memory/ref_counted.h"
     11 #include "chrome/browser/chromeos/login/login_status_consumer.h"
     12 #include "chrome/common/net/gaia/gaia_auth_consumer.h"
     13 
     14 class Profile;
     15 
     16 namespace chromeos {
     17 
     18 // An interface for objects that will authenticate a Chromium OS user.
     19 // When authentication successfully completes, will call
     20 // consumer_->OnLoginSuccess() on the UI thread.
     21 // On failure, will call consumer_->OnLoginFailure() on the UI thread.
     22 // On password change detected, will call
     23 // consumer_->OnPasswordChangeDetected() on the UI thread.
     24 class Authenticator : public base::RefCountedThreadSafe<Authenticator> {
     25  public:
     26   // A domain which requires special-case parsing in canonicalization.
     27   static const char kSpecialCaseDomain[];
     28 
     29   explicit Authenticator(LoginStatusConsumer* consumer);
     30   virtual ~Authenticator();
     31 
     32   // Given a |username| and |password|, this method attempts to authenticate
     33   // to login.
     34   // Optionally |login_token| and |login_captcha| could be provided.
     35   // Returns true if we kick off the attempt successfully and false if we can't.
     36   // Must be called on the UI thread.
     37   virtual bool AuthenticateToLogin(Profile* profile,
     38                                    const std::string& username,
     39                                    const std::string& password,
     40                                    const std::string& login_token,
     41                                    const std::string& login_captcha) = 0;
     42 
     43   // Given a |username| and |password|, this method attempts to
     44   // authenticate to unlock the computer.
     45   // Returns true if we kick off the attempt successfully and false if
     46   // we can't. Must be called on the UI thread.
     47   virtual bool AuthenticateToUnlock(const std::string& username,
     48                                     const std::string& password) = 0;
     49 
     50   // Initiates incognito ("browse without signing in") login.
     51   virtual void LoginOffTheRecord() = 0;
     52 
     53   // |credentials| are the tokens that we get back from the ClientLogin API.
     54   // |request_pending| is true if we still plan to call consumer_ with the
     55   // results of more requests.
     56   // Must be called on the UI thread.
     57   virtual void OnLoginSuccess(
     58       const GaiaAuthConsumer::ClientLoginResult& credentials,
     59       bool request_pending) = 0;
     60 
     61   // Must be called on the UI thread.
     62   virtual void OnLoginFailure(const LoginFailure& error) = 0;
     63 
     64   // Call these methods on the UI thread.
     65   // If a password logs the user in online, but cannot be used to
     66   // mount his cryptohome, we expect that a password change has
     67   // occurred.
     68   // Call this method to migrate the user's encrypted data
     69   // forward to use his new password.  |old_password| is the password
     70   // his data was last encrypted with, |result| is the blob of auth
     71   // data passed back through OnPasswordChangeDetected().
     72   virtual void RecoverEncryptedData(
     73       const std::string& old_password,
     74       const GaiaAuthConsumer::ClientLoginResult& credentials) = 0;
     75 
     76   // Call this method to erase the user's encrypted data
     77   // and create a new cryptohome.  |result| is the blob of auth
     78   // data passed back through OnPasswordChangeDetected().
     79   virtual void ResyncEncryptedData(
     80       const GaiaAuthConsumer::ClientLoginResult& credentials) = 0;
     81 
     82   // Attempt to authenticate online again.
     83   virtual void RetryAuth(Profile* profile,
     84                          const std::string& username,
     85                          const std::string& password,
     86                          const std::string& login_token,
     87                          const std::string& login_captcha) = 0;
     88 
     89   // Perform basic canonicalization of |email_address|, taking into account
     90   // that gmail does not consider '.' or caps inside a username to matter.
     91   // It also ignores everything after a '+'.
     92   // For example, c.masone+abc (at) gmail.com == cMaSone (at) gmail.com, per
     93   // http://mail.google.com/support/bin/answer.py?hl=en&ctx=mail&answer=10313#
     94   static std::string Canonicalize(const std::string& email_address);
     95 
     96  protected:
     97   LoginStatusConsumer* consumer_;
     98 
     99  private:
    100   DISALLOW_COPY_AND_ASSIGN(Authenticator);
    101 };
    102 
    103 }  // namespace chromeos
    104 
    105 #endif  // CHROME_BROWSER_CHROMEOS_LOGIN_AUTHENTICATOR_H_
    106