chrome/browser/signin/signin_header_helper.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/signin/signin_header_helper.h"
   6
   7 #include "chrome/browser/extensions/extension_renderer_state.h"
   8 #include "chrome/browser/profiles/profile_io_data.h"
   9 #include "chrome/browser/tab_contents/tab_util.h"
  10 #include "chrome/browser/ui/browser_finder.h"
  11 #include "chrome/browser/ui/browser_window.h"
  12 #include "chrome/common/profile_management_switches.h"
  13 #include "content/public/browser/browser_thread.h"
  14 #include "content/public/browser/web_contents.h"
  15 #include "google_apis/gaia/gaia_auth_util.h"
  16 #include "net/http/http_response_headers.h"
  17 #include "net/url_request/url_request.h"
  18
  19 #if defined(OS_ANDROID)
  20 #include "chrome/browser/android/signin/account_management_screen_helper.h"
  21 #endif  // defined(OS_ANDROID)
  22
  23 namespace {
  24
  25 const char kChromeConnectedHeader[] = "X-Chrome-Connected";
  26 const char kChromeManageAccountsHeader[] = "X-Chrome-Manage-Accounts";
  27 const char kGaiaAuthExtensionID[] = "mfffpogegjflfpflabcdkioaeobkgjik";
  28
  29 // Show profile avatar bubble on UI thread. Must be called on the UI thread.
  30 void ShowAvatarBubbleUIThread(int child_id, int route_id) {
  31   DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
  32
  33   content::WebContents* web_contents =
  34       tab_util::GetWebContentsByID(child_id, route_id);
  35   if (!web_contents)
  36     return;
  37
  38 #if !defined(OS_ANDROID)
  39   Browser* browser = chrome::FindBrowserWithWebContents(web_contents);
  40   if (browser)
  41     browser->window()->ShowAvatarBubbleFromAvatarButton();
  42   // TODO(guohui): need to handle the case when avatar button is not available.
  43 #else  // defined(OS_ANDROID)
  44   AccountManagementScreenHelper::OpenAccountManagementScreen(
  45       Profile::FromBrowserContext(web_contents->GetBrowserContext()));
  46 #endif // OS_ANDROID
  47 }
  48
  49 bool IsDriveOrigin(const GURL& url) {
  50   if (!url.SchemeIsSecure())
  51     return false;
  52
  53   const GURL kGoogleDriveURL("https://drive.google.com");
  54   const GURL kGoogleDocsURL("https://docs.google.com");
  55   return url == kGoogleDriveURL || url == kGoogleDocsURL;
  56 }
  57
  58 } // empty namespace
  59
  60 namespace signin {
  61
  62 void AppendMirrorRequestHeaderIfPossible(
  63     net::URLRequest* request,
  64     const GURL& redirect_url,
  65     ProfileIOData* io_data,
  66     int child_id,
  67     int route_id) {
  68   DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
  69
  70    if (io_data->is_incognito() ||
  71        io_data->google_services_username()->GetValue().empty()) {
  72      return;
  73    }
  74
  75   // Only set the header for Gaia (in the mirror world) and Drive. Gaia needs
  76   // the header to redirect certain user actions to Chrome native UI. Drive
  77   // needs the header to tell if the current user is connected. The drive path
  78   // is a temporary workaround until the more generic chrome.principals API is
  79   // available.
  80   const GURL& url = redirect_url.is_empty() ? request->url() : redirect_url;
  81   GURL origin(url.GetOrigin());
  82   bool is_gaia_origin = !switches::IsEnableWebBasedSignin() &&
  83       switches::IsNewProfileManagement() &&
  84       gaia::IsGaiaSignonRealm(origin);
  85   if (!is_gaia_origin && !IsDriveOrigin(origin))
  86     return;
  87
  88   ExtensionRendererState* renderer_state =
  89       ExtensionRendererState::GetInstance();
  90   ExtensionRendererState::WebViewInfo webview_info;
  91   bool is_guest = renderer_state->GetWebViewInfo(
  92       child_id, route_id, &webview_info);
  93   if (is_guest && webview_info.extension_id == kGaiaAuthExtensionID){
  94     return;
  95   }
  96
  97   std::string account_id(io_data->google_services_account_id()->GetValue());
  98   if (account_id.empty())
  99     account_id = "1"; // Dummy value if focus ID not available yet.
 100
 101   request->SetExtraRequestHeaderByName(
 102       kChromeConnectedHeader, account_id, false);
 103 }
 104
 105 void ProcessMirrorResponseHeaderIfExists(
 106     net::URLRequest* request,
 107     ProfileIOData* io_data,
 108     int child_id,
 109     int route_id) {
 110   DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
 111
 112   if (gaia::IsGaiaSignonRealm(request->url().GetOrigin()) &&
 113       request->response_headers()->HasHeader(kChromeManageAccountsHeader)) {
 114     DCHECK(switches::IsNewProfileManagement() &&
 115            !io_data->is_incognito());
 116     content::BrowserThread::PostTask(
 117         content::BrowserThread::UI, FROM_HERE,
 118         base::Bind(ShowAvatarBubbleUIThread, child_id, route_id));
 119   }
 120 }
 121
 122 } // namespace signin