Home | History | Annotate | Download | only in password_manager 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "chrome/browser/password_manager/password_store_factory.h"
      6 
      7 #include "base/command_line.h"
      8 #include "base/environment.h"
      9 #include "base/prefs/pref_service.h"
     10 #include "chrome/browser/profiles/incognito_helpers.h"
     11 #include "chrome/browser/sync/glue/sync_start_util.h"
     12 #include "chrome/browser/webdata/web_data_service.h"
     13 #include "chrome/browser/webdata/web_data_service_factory.h"
     14 #include "chrome/common/chrome_constants.h"
     15 #include "chrome/common/chrome_switches.h"
     16 #include "components/keyed_service/content/browser_context_dependency_manager.h"
     17 #include "components/os_crypt/os_crypt_switches.h"
     18 #include "components/password_manager/core/browser/login_database.h"
     19 #include "components/password_manager/core/browser/password_store.h"
     20 #include "components/password_manager/core/browser/password_store_default.h"
     21 #include "components/password_manager/core/common/password_manager_pref_names.h"
     22 #include "components/pref_registry/pref_registry_syncable.h"
     23 #include "content/public/browser/browser_thread.h"
     24 
     25 #if defined(OS_WIN)
     26 #include "chrome/browser/password_manager/password_store_win.h"
     27 #elif defined(OS_MACOSX)
     28 #include "chrome/browser/password_manager/password_store_mac.h"
     29 #include "crypto/apple_keychain.h"
     30 #include "crypto/mock_apple_keychain.h"
     31 #elif defined(OS_CHROMEOS) || defined(OS_ANDROID)
     32 // Don't do anything. We're going to use the default store.
     33 #elif defined(USE_X11)
     34 #include "base/nix/xdg_util.h"
     35 #if defined(USE_GNOME_KEYRING)
     36 #include "chrome/browser/password_manager/native_backend_gnome_x.h"
     37 #endif
     38 #include "chrome/browser/password_manager/native_backend_kwallet_x.h"
     39 #include "chrome/browser/password_manager/password_store_x.h"
     40 #endif
     41 
     42 using password_manager::PasswordStore;
     43 
     44 #if !defined(OS_CHROMEOS) && defined(USE_X11)
     45 namespace {
     46 
     47 const LocalProfileId kInvalidLocalProfileId =
     48     static_cast<LocalProfileId>(0);
     49 
     50 }  // namespace
     51 #endif
     52 
     53 PasswordStoreService::PasswordStoreService(
     54     scoped_refptr<PasswordStore> password_store)
     55     : password_store_(password_store) {}
     56 
     57 PasswordStoreService::~PasswordStoreService() {}
     58 
     59 scoped_refptr<PasswordStore> PasswordStoreService::GetPasswordStore() {
     60   return password_store_;
     61 }
     62 
     63 void PasswordStoreService::Shutdown() {
     64   if (password_store_)
     65     password_store_->Shutdown();
     66 }
     67 
     68 // static
     69 scoped_refptr<PasswordStore> PasswordStoreFactory::GetForProfile(
     70     Profile* profile,
     71     Profile::ServiceAccessType sat) {
     72   if (sat == Profile::IMPLICIT_ACCESS && profile->IsOffTheRecord()) {
     73     NOTREACHED() << "This profile is OffTheRecord";
     74     return NULL;
     75   }
     76 
     77   PasswordStoreFactory* factory = GetInstance();
     78   PasswordStoreService* service = static_cast<PasswordStoreService*>(
     79       factory->GetServiceForBrowserContext(profile, true));
     80   if (!service)
     81     return NULL;
     82   return service->GetPasswordStore();
     83 }
     84 
     85 // static
     86 PasswordStoreFactory* PasswordStoreFactory::GetInstance() {
     87   return Singleton<PasswordStoreFactory>::get();
     88 }
     89 
     90 PasswordStoreFactory::PasswordStoreFactory()
     91     : BrowserContextKeyedServiceFactory(
     92         "PasswordStore",
     93         BrowserContextDependencyManager::GetInstance()) {
     94   DependsOn(WebDataServiceFactory::GetInstance());
     95 }
     96 
     97 PasswordStoreFactory::~PasswordStoreFactory() {}
     98 
     99 #if !defined(OS_CHROMEOS) && defined(USE_X11)
    100 LocalProfileId PasswordStoreFactory::GetLocalProfileId(
    101     PrefService* prefs) const {
    102   LocalProfileId id =
    103       prefs->GetInteger(password_manager::prefs::kLocalProfileId);
    104   if (id == kInvalidLocalProfileId) {
    105     // Note that there are many more users than this. Thus, by design, this is
    106     // not a unique id. However, it is large enough that it is very unlikely
    107     // that it would be repeated twice on a single machine. It is still possible
    108     // for that to occur though, so the potential results of it actually
    109     // happening should be considered when using this value.
    110     static const LocalProfileId kLocalProfileIdMask =
    111         static_cast<LocalProfileId>((1 << 24) - 1);
    112     do {
    113       id = rand() & kLocalProfileIdMask;
    114       // TODO(mdm): scan other profiles to make sure they are not using this id?
    115     } while (id == kInvalidLocalProfileId);
    116     prefs->SetInteger(password_manager::prefs::kLocalProfileId, id);
    117   }
    118   return id;
    119 }
    120 #endif
    121 
    122 KeyedService* PasswordStoreFactory::BuildServiceInstanceFor(
    123     content::BrowserContext* context) const {
    124   Profile* profile = static_cast<Profile*>(context);
    125 
    126   base::FilePath login_db_file_path = profile->GetPath();
    127   login_db_file_path = login_db_file_path.Append(chrome::kLoginDataFileName);
    128   scoped_ptr<password_manager::LoginDatabase> login_db(
    129       new password_manager::LoginDatabase());
    130   {
    131     // TODO(paivanof (at) gmail.com): execution of login_db->Init() should go
    132     // to DB thread. http://crbug.com/138903
    133     base::ThreadRestrictions::ScopedAllowIO allow_io;
    134     if (!login_db->Init(login_db_file_path)) {
    135       LOG(ERROR) << "Could not initialize login database.";
    136       return NULL;
    137     }
    138   }
    139 
    140   scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner(
    141       base::MessageLoopProxy::current());
    142   scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner(
    143       content::BrowserThread::GetMessageLoopProxyForThread(
    144           content::BrowserThread::DB));
    145 
    146   scoped_refptr<PasswordStore> ps;
    147 #if defined(OS_WIN)
    148   ps = new PasswordStoreWin(main_thread_runner,
    149                             db_thread_runner,
    150                             login_db.release(),
    151                             WebDataService::FromBrowserContext(profile));
    152 #elif defined(OS_MACOSX)
    153   crypto::AppleKeychain* keychain =
    154       CommandLine::ForCurrentProcess()->HasSwitch(
    155           os_crypt::switches::kUseMockKeychain) ?
    156           new crypto::MockAppleKeychain() : new crypto::AppleKeychain();
    157   ps = new PasswordStoreMac(
    158       main_thread_runner, db_thread_runner, keychain, login_db.release());
    159 #elif defined(OS_CHROMEOS) || defined(OS_ANDROID)
    160   // For now, we use PasswordStoreDefault. We might want to make a native
    161   // backend for PasswordStoreX (see below) in the future though.
    162   ps = new password_manager::PasswordStoreDefault(
    163       main_thread_runner, db_thread_runner, login_db.release());
    164 #elif defined(USE_X11)
    165   // On POSIX systems, we try to use the "native" password management system of
    166   // the desktop environment currently running, allowing GNOME Keyring in XFCE.
    167   // (In all cases we fall back on the basic store in case of failure.)
    168   base::nix::DesktopEnvironment desktop_env;
    169   std::string store_type =
    170       CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
    171           switches::kPasswordStore);
    172   if (store_type == "kwallet") {
    173     desktop_env = base::nix::DESKTOP_ENVIRONMENT_KDE4;
    174   } else if (store_type == "gnome") {
    175     desktop_env = base::nix::DESKTOP_ENVIRONMENT_GNOME;
    176   } else if (store_type == "basic") {
    177     desktop_env = base::nix::DESKTOP_ENVIRONMENT_OTHER;
    178   } else {
    179     // Detect the store to use automatically.
    180     scoped_ptr<base::Environment> env(base::Environment::Create());
    181     desktop_env = base::nix::GetDesktopEnvironment(env.get());
    182     const char* name = base::nix::GetDesktopEnvironmentName(desktop_env);
    183     VLOG(1) << "Password storage detected desktop environment: "
    184             << (name ? name : "(unknown)");
    185   }
    186 
    187   PrefService* prefs = profile->GetPrefs();
    188   LocalProfileId id = GetLocalProfileId(prefs);
    189 
    190   scoped_ptr<PasswordStoreX::NativeBackend> backend;
    191   if (desktop_env == base::nix::DESKTOP_ENVIRONMENT_KDE4) {
    192     // KDE3 didn't use DBus, which our KWallet store uses.
    193     VLOG(1) << "Trying KWallet for password storage.";
    194     backend.reset(new NativeBackendKWallet(id));
    195     if (backend->Init())
    196       VLOG(1) << "Using KWallet for password storage.";
    197     else
    198       backend.reset();
    199   } else if (desktop_env == base::nix::DESKTOP_ENVIRONMENT_GNOME ||
    200              desktop_env == base::nix::DESKTOP_ENVIRONMENT_UNITY ||
    201              desktop_env == base::nix::DESKTOP_ENVIRONMENT_XFCE) {
    202 #if defined(USE_GNOME_KEYRING)
    203     VLOG(1) << "Trying GNOME keyring for password storage.";
    204     backend.reset(new NativeBackendGnome(id));
    205     if (backend->Init())
    206       VLOG(1) << "Using GNOME keyring for password storage.";
    207     else
    208       backend.reset();
    209 #endif  // defined(USE_GNOME_KEYRING)
    210   }
    211 
    212   if (!backend.get()) {
    213     LOG(WARNING) << "Using basic (unencrypted) store for password storage. "
    214         "See http://code.google.com/p/chromium/wiki/LinuxPasswordStorage for "
    215         "more information about password storage options.";
    216   }
    217 
    218   ps = new PasswordStoreX(main_thread_runner,
    219                           db_thread_runner,
    220                           login_db.release(),
    221                           backend.release());
    222 #elif defined(USE_OZONE)
    223   ps = new password_manager::PasswordStoreDefault(
    224       main_thread_runner, db_thread_runner, login_db.release());
    225 #else
    226   NOTIMPLEMENTED();
    227 #endif
    228   if (!ps || !ps->Init(
    229           sync_start_util::GetFlareForSyncableService(profile->GetPath()))) {
    230     NOTREACHED() << "Could not initialize password manager.";
    231     return NULL;
    232   }
    233 
    234   return new PasswordStoreService(ps);
    235 }
    236 
    237 void PasswordStoreFactory::RegisterProfilePrefs(
    238     user_prefs::PrefRegistrySyncable* registry) {
    239 #if !defined(OS_CHROMEOS) && defined(USE_X11)
    240   // Notice that the preprocessor conditions above are exactly those that will
    241   // result in using PasswordStoreX in BuildServiceInstanceFor().
    242   registry->RegisterIntegerPref(
    243       password_manager::prefs::kLocalProfileId,
    244       kInvalidLocalProfileId,
    245       user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
    246 #endif
    247 }
    248 
    249 content::BrowserContext* PasswordStoreFactory::GetBrowserContextToUse(
    250     content::BrowserContext* context) const {
    251   return chrome::GetBrowserContextRedirectedInIncognito(context);
    252 }
    253 
    254 bool PasswordStoreFactory::ServiceIsNULLWhileTesting() const {
    255   return true;
    256 }
    257