1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SUPERVISED_SUPERVISED_USER_AUTHENTICATOR_H_
6 #define CHROME_BROWSER_CHROMEOS_LOGIN_SUPERVISED_SUPERVISED_USER_AUTHENTICATOR_H_
10 #include "base/basictypes.h"
11 #include "base/compiler_specific.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "third_party/cros_system_api/dbus/service_constants.h"
18 // Authenticates supervised users against the cryptohome.
21 // AuthenticateToMount() calls a Cryptohome to perform offline login,
22 // AuthenticateToCreate() calls a Cryptohome to create new cryptohome.
23 class SupervisedUserAuthenticator
24 : public base::RefCountedThreadSafe
<SupervisedUserAuthenticator
> {
27 CONTINUE
, // State indeterminate; try again when more info available.
28 NO_MOUNT
, // No cryptohome exist for user.
29 FAILED_MOUNT
, // Failed to mount existing cryptohome - login failed.
30 FAILED_TPM
, // Failed to mount/create cryptohome because of TPM error.
31 SUCCESS
, // Login succeeded .
36 AuthAttempt(const std::string
& username
,
37 const std::string
& password
,
38 bool add_key_attempt
);
41 // Copy |cryptohome_code| and |cryptohome_outcome| into this object,
42 // so we can have a copy we're sure to own, and can make available
43 // on the IO thread. Must be called from the IO thread.
44 void RecordCryptohomeStatus(bool cryptohome_outcome
,
45 cryptohome::MountError cryptohome_code
);
47 // Copy |hash| into this object so we can have a copy we're sure to own
48 // and can make available on the IO thread.
49 // Must be called from the IO thread.
50 void RecordHash(const std::string
& hash
);
52 bool cryptohome_complete();
53 bool cryptohome_outcome();
56 cryptohome::MountError
cryptohome_code();
58 const std::string username
;
59 const std::string password
;
63 bool cryptohome_complete_
;
64 bool cryptohome_outcome_
;
68 cryptohome::MountError cryptohome_code_
;
69 DISALLOW_COPY_AND_ASSIGN(AuthAttempt
);
72 class AuthStatusConsumer
{
74 virtual ~AuthStatusConsumer() {}
75 // The current login attempt has ended in failure, with error.
76 virtual void OnAuthenticationFailure(AuthState state
) = 0;
77 // The current login attempt has ended succesfully.
78 virtual void OnMountSuccess(const std::string
& mount_hash
) = 0;
79 // The current add key attempt has ended succesfully.
80 virtual void OnAddKeySuccess() = 0;
83 explicit SupervisedUserAuthenticator(AuthStatusConsumer
* consumer
);
85 void AuthenticateToMount(const std::string
& username
,
86 const std::string
& password
);
88 void AuthenticateToCreate(const std::string
& username
,
89 const std::string
& password
);
91 void AddMasterKey(const std::string
& username
,
92 const std::string
& password
,
93 const std::string
& master_key
);
97 friend class base::RefCountedThreadSafe
<SupervisedUserAuthenticator
>;
99 ~SupervisedUserAuthenticator();
101 AuthState
ResolveState();
102 AuthState
ResolveCryptohomeFailureState();
103 AuthState
ResolveCryptohomeSuccessState();
104 void OnAuthenticationSuccess(const std::string
& mount_hash
, bool add_key
);
105 void OnAuthenticationFailure(AuthState state
);
107 scoped_ptr
<AuthAttempt
> current_state_
;
108 AuthStatusConsumer
* consumer_
;
110 DISALLOW_COPY_AND_ASSIGN(SupervisedUserAuthenticator
);
113 } // namespace chromeos
115 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_SUPERVISED_SUPERVISED_USER_AUTHENTICATOR_H_
