Home | History | Annotate | Download | only in auth 
      1 // Copyright 2014 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROMEOS_LOGIN_AUTH_AUTH_STATUS_CONSUMER_H_
      6 #define CHROMEOS_LOGIN_AUTH_AUTH_STATUS_CONSUMER_H_
      7 
      8 #include <string>
      9 
     10 #include "base/logging.h"
     11 #include "chromeos/chromeos_export.h"
     12 #include "google_apis/gaia/gaia_auth_consumer.h"
     13 #include "google_apis/gaia/google_service_auth_error.h"
     14 #include "net/base/net_errors.h"
     15 
     16 namespace chromeos {
     17 
     18 class UserContext;
     19 
     20 class CHROMEOS_EXPORT AuthFailure {
     21  public:
     22   enum FailureReason {
     23     NONE,
     24     COULD_NOT_MOUNT_CRYPTOHOME,
     25     COULD_NOT_MOUNT_TMPFS,
     26     COULD_NOT_UNMOUNT_CRYPTOHOME,
     27     DATA_REMOVAL_FAILED,  // Could not destroy your old data
     28     LOGIN_TIMED_OUT,
     29     UNLOCK_FAILED,
     30     NETWORK_AUTH_FAILED,     // Could not authenticate against Google
     31     OWNER_REQUIRED,          // Only the device owner can log-in.
     32     WHITELIST_CHECK_FAILED,  // Login attempt blocked by whitelist. This value
     33                              // is
     34                              // synthesized by the ExistingUserController and
     35                              // passed to the login_status_consumer_ in tests
     36     // only. It is never generated or seen by any of the
     37     // other authenticator classes.
     38     TPM_ERROR,             // Critical TPM error encountered.
     39     USERNAME_HASH_FAILED,  // Could not get username hash.
     40     NUM_FAILURE_REASONS,   // This has to be the last item.
     41   };
     42 
     43   explicit AuthFailure(FailureReason reason)
     44       : reason_(reason), error_(GoogleServiceAuthError::NONE) {
     45     DCHECK(reason != NETWORK_AUTH_FAILED);
     46   }
     47 
     48   inline bool operator==(const AuthFailure& b) const {
     49     if (reason_ != b.reason_) {
     50       return false;
     51     }
     52     if (reason_ == NETWORK_AUTH_FAILED) {
     53       return error_ == b.error_;
     54     }
     55     return true;
     56   }
     57 
     58   static AuthFailure FromNetworkAuthFailure(
     59       const GoogleServiceAuthError& error) {
     60     return AuthFailure(NETWORK_AUTH_FAILED, error);
     61   }
     62 
     63   static AuthFailure AuthFailureNone() { return AuthFailure(NONE); }
     64 
     65   const std::string GetErrorString() const {
     66     switch (reason_) {
     67       case DATA_REMOVAL_FAILED:
     68         return "Could not destroy your old data.";
     69       case COULD_NOT_MOUNT_CRYPTOHOME:
     70         return "Could not mount cryptohome.";
     71       case COULD_NOT_UNMOUNT_CRYPTOHOME:
     72         return "Could not unmount cryptohome.";
     73       case COULD_NOT_MOUNT_TMPFS:
     74         return "Could not mount tmpfs.";
     75       case LOGIN_TIMED_OUT:
     76         return "Login timed out. Please try again.";
     77       case UNLOCK_FAILED:
     78         return "Unlock failed.";
     79       case NETWORK_AUTH_FAILED:
     80         if (error_.state() == GoogleServiceAuthError::CONNECTION_FAILED) {
     81           return net::ErrorToString(error_.network_error());
     82         }
     83         return "Google authentication failed.";
     84       case OWNER_REQUIRED:
     85         return "Login is restricted to the owner's account only.";
     86       case WHITELIST_CHECK_FAILED:
     87         return "Login attempt blocked by whitelist.";
     88       default:
     89         NOTREACHED();
     90         return std::string();
     91     }
     92   }
     93 
     94   const GoogleServiceAuthError& error() const { return error_; }
     95   const FailureReason& reason() const { return reason_; }
     96 
     97  private:
     98   AuthFailure(FailureReason reason, GoogleServiceAuthError error)
     99       : reason_(reason), error_(error) {}
    100 
    101   FailureReason reason_;
    102   GoogleServiceAuthError error_;
    103 };
    104 
    105 // An interface that defines the callbacks for objects that the
    106 // Authenticator class will call to report the success/failure of
    107 // authentication for Chromium OS.
    108 class CHROMEOS_EXPORT AuthStatusConsumer {
    109  public:
    110   virtual ~AuthStatusConsumer() {}
    111   // The current login attempt has ended in failure, with error |error|.
    112   virtual void OnAuthFailure(const AuthFailure& error) = 0;
    113 
    114   // The current retail mode login attempt has succeeded.
    115   // Unless overridden for special processing, this should always call
    116   // OnLoginSuccess with the magic |kRetailModeUserEMail| constant.
    117   virtual void OnRetailModeAuthSuccess(const UserContext& user_context);
    118   // The current login attempt has succeeded for |user_context|.
    119   virtual void OnAuthSuccess(const UserContext& user_context) = 0;
    120   // The current guest login attempt has succeeded.
    121   virtual void OnOffTheRecordAuthSuccess() {}
    122   // The same password didn't work both online and offline.
    123   virtual void OnPasswordChangeDetected();
    124 };
    125 
    126 }  // namespace chromeos
    127 
    128 #endif  // CHROMEOS_LOGIN_AUTH_AUTH_STATUS_CONSUMER_H_
    129