search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ozone: evdev: Sync caps lock LED state to evdev
[chromium-blink-merge.git] / chrome / browser / chromeos / login / lock / screen_locker.cc
blob5fceb28f288a4f42ff99fc9ebadaa00590882b33
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chromeos/login/lock/screen_locker.h"
6
7 #include <string>
8 #include <vector>
9
10 #include "ash/ash_switches.h"
11 #include "ash/audio/sounds.h"
12 #include "ash/desktop_background/desktop_background_controller.h"
13 #include "ash/shell.h"
14 #include "ash/wm/lock_state_controller.h"
15 #include "ash/wm/window_state.h"
16 #include "ash/wm/window_util.h"
17 #include "ash/wm/wm_event.h"
18 #include "base/bind.h"
19 #include "base/command_line.h"
20 #include "base/lazy_instance.h"
21 #include "base/memory/weak_ptr.h"
22 #include "base/message_loop/message_loop.h"
23 #include "base/metrics/histogram.h"
24 #include "base/strings/string_number_conversions.h"
25 #include "base/strings/string_util.h"
26 #include "chrome/browser/chrome_notification_types.h"
27 #include "chrome/browser/chromeos/login/lock/webui_screen_locker.h"
28 #include "chrome/browser/chromeos/login/session/user_session_manager.h"
29 #include "chrome/browser/chromeos/login/supervised/supervised_user_authentication.h"
30 #include "chrome/browser/chromeos/login/ui/user_adding_screen.h"
31 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h"
32 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h"
33 #include "chrome/browser/lifetime/application_lifetime.h"
34 #include "chrome/browser/signin/easy_unlock_service.h"
35 #include "chrome/browser/signin/signin_manager_factory.h"
36 #include "chrome/browser/ui/webui/chromeos/login/screenlock_icon_provider.h"
37 #include "chrome/browser/ui/webui/chromeos/login/screenlock_icon_source.h"
38 #include "chrome/common/chrome_switches.h"
39 #include "chrome/grit/browser_resources.h"
40 #include "chrome/grit/generated_resources.h"
41 #include "chromeos/audio/chromeos_sounds.h"
42 #include "chromeos/dbus/dbus_thread_manager.h"
43 #include "chromeos/dbus/session_manager_client.h"
44 #include "chromeos/login/auth/authenticator.h"
45 #include "chromeos/login/auth/extended_authenticator.h"
46 #include "components/signin/core/browser/signin_manager.h"
47 #include "components/user_manager/user_manager.h"
48 #include "components/user_manager/user_type.h"
49 #include "content/public/browser/browser_thread.h"
50 #include "content/public/browser/notification_service.h"
51 #include "content/public/browser/url_data_source.h"
52 #include "content/public/browser/user_metrics.h"
53 #include "content/public/browser/web_contents.h"
54 #include "content/public/browser/web_ui.h"
55 #include "media/audio/sounds/sounds_manager.h"
56 #include "ui/base/resource/resource_bundle.h"
57 #include "ui/gfx/image/image.h"
58 #include "url/gurl.h"
59
60 using base::UserMetricsAction;
61 using content::BrowserThread;
62
63 namespace chromeos {
64
65 namespace {
66
67 // Timeout for unlock animation guard - some animations may be required to run
68 // on successful authentication before unlocking, but we want to be sure that
69 // unlock happens even if animations are broken.
70 const int kUnlockGuardTimeoutMs = 400;
71
72 // Observer to start ScreenLocker when locking the screen is requested.
73 class ScreenLockObserver : public SessionManagerClient::StubDelegate,
74 public content::NotificationObserver,
75 public UserAddingScreen::Observer {
76 public:
77 ScreenLockObserver() : session_started_(false) {
78 registrar_.Add(this,
79 chrome::NOTIFICATION_SESSION_STARTED,
80 content::NotificationService::AllSources());
81 DBusThreadManager::Get()->GetSessionManagerClient()->SetStubDelegate(this);
82 }
83
84 ~ScreenLockObserver() override {
85 if (DBusThreadManager::IsInitialized()) {
86 DBusThreadManager::Get()->GetSessionManagerClient()->SetStubDelegate(
87 NULL);
88 }
89 }
90
91 bool session_started() const { return session_started_; }
92
93 // SessionManagerClient::StubDelegate overrides:
94 void LockScreenForStub() override { ScreenLocker::HandleLockScreenRequest(); }
95
96 // NotificationObserver overrides:
97 void Observe(int type,
98 const content::NotificationSource& source,
99 const content::NotificationDetails& details) override {
100 if (type == chrome::NOTIFICATION_SESSION_STARTED)
101 session_started_ = true;
102 else
103 NOTREACHED() << "Unexpected notification " << type;
104 }
105
106 // UserAddingScreen::Observer overrides:
107 void OnUserAddingFinished() override {
108 UserAddingScreen::Get()->RemoveObserver(this);
109 ScreenLocker::HandleLockScreenRequest();
110 }
111
112 private:
113 bool session_started_;
114 content::NotificationRegistrar registrar_;
115
116 DISALLOW_COPY_AND_ASSIGN(ScreenLockObserver);
117 };
118
119 ScreenLockObserver* g_screen_lock_observer = NULL;
120
121 } // namespace
122
123 // static
124 ScreenLocker* ScreenLocker::screen_locker_ = NULL;
125
126 //////////////////////////////////////////////////////////////////////////////
127 // ScreenLocker, public:
128
129 ScreenLocker::ScreenLocker(const user_manager::UserList& users)
130 : users_(users),
131 locked_(false),
132 start_time_(base::Time::Now()),
133 auth_status_consumer_(NULL),
134 incorrect_passwords_count_(0),
135 weak_factory_(this) {
136 DCHECK(!screen_locker_);
137 screen_locker_ = this;
138
139 ui::ResourceBundle& bundle = ui::ResourceBundle::GetSharedInstance();
140 media::SoundsManager* manager = media::SoundsManager::Get();
141 manager->Initialize(SOUND_LOCK,
142 bundle.GetRawDataResource(IDR_SOUND_LOCK_WAV));
143 manager->Initialize(SOUND_UNLOCK,
144 bundle.GetRawDataResource(IDR_SOUND_UNLOCK_WAV));
145
146 ash::Shell::GetInstance()->
147 lock_state_controller()->SetLockScreenDisplayedCallback(
148 base::Bind(base::IgnoreResult(&ash::PlaySystemSoundIfSpokenFeedback),
149 static_cast<media::SoundsManager::SoundKey>(
150 chromeos::SOUND_LOCK)));
151 }
152
153 void ScreenLocker::Init() {
154 input_method::InputMethodManager* imm =
155 input_method::InputMethodManager::Get();
156 saved_ime_state_ = imm->GetActiveIMEState();
157 imm->SetState(saved_ime_state_->Clone());
158
159 authenticator_ = UserSessionManager::GetInstance()->CreateAuthenticator(this);
160 extended_authenticator_ = ExtendedAuthenticator::Create(this);
161 delegate_.reset(new WebUIScreenLocker(this));
162 delegate_->LockScreen();
163
164 // Ownership of |icon_image_source| is passed.
165 screenlock_icon_provider_.reset(new ScreenlockIconProvider);
166 ScreenlockIconSource* screenlock_icon_source =
167 new ScreenlockIconSource(screenlock_icon_provider_->AsWeakPtr());
168 content::URLDataSource::Add(
169 GetAssociatedWebUI()->GetWebContents()->GetBrowserContext(),
170 screenlock_icon_source);
171 }
172
173 void ScreenLocker::OnAuthFailure(const AuthFailure& error) {
174 content::RecordAction(UserMetricsAction("ScreenLocker_OnLoginFailure"));
175 if (authentication_start_time_.is_null()) {
176 LOG(ERROR) << "Start time is not set at authentication failure";
177 } else {
178 base::TimeDelta delta = base::Time::Now() - authentication_start_time_;
179 VLOG(1) << "Authentication failure: " << delta.InSecondsF() << " second(s)";
180 UMA_HISTOGRAM_TIMES("ScreenLocker.AuthenticationFailureTime", delta);
181 }
182
183 EnableInput();
184 // Don't enable signout button here as we're showing
185 // MessageBubble.
186
187 delegate_->ShowErrorMessage(incorrect_passwords_count_++ ?
188 IDS_LOGIN_ERROR_AUTHENTICATING_2ND_TIME :
189 IDS_LOGIN_ERROR_AUTHENTICATING,
190 HelpAppLauncher::HELP_CANT_ACCESS_ACCOUNT);
191
192 if (auth_status_consumer_)
193 auth_status_consumer_->OnAuthFailure(error);
194 }
195
196 void ScreenLocker::OnAuthSuccess(const UserContext& user_context) {
197 incorrect_passwords_count_ = 0;
198 if (authentication_start_time_.is_null()) {
199 if (!user_context.GetUserID().empty())
200 LOG(ERROR) << "Start time is not set at authentication success";
201 } else {
202 base::TimeDelta delta = base::Time::Now() - authentication_start_time_;
203 VLOG(1) << "Authentication success: " << delta.InSecondsF() << " second(s)";
204 UMA_HISTOGRAM_TIMES("ScreenLocker.AuthenticationSuccessTime", delta);
205 }
206
207 const user_manager::User* user =
208 user_manager::UserManager::Get()->FindUser(user_context.GetUserID());
209 if (user) {
210 if (!user->is_active()) {
211 saved_ime_state_ = NULL;
212 user_manager::UserManager::Get()->SwitchActiveUser(
213 user_context.GetUserID());
214 }
215 UserSessionManager::GetInstance()->UpdateEasyUnlockKeys(user_context);
216 } else {
217 NOTREACHED() << "Logged in user not found.";
218 }
219
220 authentication_capture_.reset(new AuthenticationParametersCapture());
221 authentication_capture_->user_context = user_context;
222
223 // Add guard for case when something get broken in call chain to unlock
224 // for sure.
225 base::MessageLoop::current()->PostDelayedTask(
226 FROM_HERE,
227 base::Bind(&ScreenLocker::UnlockOnLoginSuccess,
228 weak_factory_.GetWeakPtr()),
229 base::TimeDelta::FromMilliseconds(kUnlockGuardTimeoutMs));
230 delegate_->AnimateAuthenticationSuccess();
231 }
232
233 void ScreenLocker::UnlockOnLoginSuccess() {
234 DCHECK(base::MessageLoopForUI::IsCurrent());
235 if (!authentication_capture_.get()) {
236 LOG(WARNING) << "Call to UnlockOnLoginSuccess without previous " <<
237 "authentication success.";
238 return;
239 }
240
241 if (auth_status_consumer_) {
242 auth_status_consumer_->OnAuthSuccess(authentication_capture_->user_context);
243 }
244 authentication_capture_.reset();
245 weak_factory_.InvalidateWeakPtrs();
246
247 VLOG(1) << "Hiding the lock screen.";
248 chromeos::ScreenLocker::Hide();
249 }
250
251 void ScreenLocker::Authenticate(const UserContext& user_context) {
252 LOG_ASSERT(IsUserLoggedIn(user_context.GetUserID()))
253 << "Invalid user trying to unlock.";
254
255 authentication_start_time_ = base::Time::Now();
256 delegate_->SetInputEnabled(false);
257 delegate_->OnAuthenticate();
258
259 // Special case: supervised users. Use special authenticator.
260 if (const user_manager::User* user =
261 FindUnlockUser(user_context.GetUserID())) {
262 if (user->GetType() == user_manager::USER_TYPE_SUPERVISED) {
263 UserContext updated_context = ChromeUserManager::Get()
264 ->GetSupervisedUserManager()
265 ->GetAuthentication()
266 ->TransformKey(user_context);
267 // TODO(antrim) : replace empty closure with explicit method.
268 // http://crbug.com/351268
269 BrowserThread::PostTask(
270 BrowserThread::UI,
271 FROM_HERE,
272 base::Bind(&ExtendedAuthenticator::AuthenticateToCheck,
273 extended_authenticator_.get(),
274 updated_context,
275 base::Closure()));
276 return;
277 }
278 }
279
280 BrowserThread::PostTask(
281 BrowserThread::UI, FROM_HERE,
282 base::Bind(&ExtendedAuthenticator::AuthenticateToCheck,
283 extended_authenticator_.get(),
284 user_context,
285 base::Closure()));
286 }
287
288 const user_manager::User* ScreenLocker::FindUnlockUser(
289 const std::string& user_id) {
290 const user_manager::User* unlock_user = NULL;
291 for (user_manager::UserList::const_iterator it = users_.begin();
292 it != users_.end();
293 ++it) {
294 if ((*it)->email() == user_id) {
295 unlock_user = *it;
296 break;
297 }
298 }
299 return unlock_user;
300 }
301
302 void ScreenLocker::ClearErrors() {
303 delegate_->ClearErrors();
304 }
305
306 void ScreenLocker::Signout() {
307 delegate_->ClearErrors();
308 content::RecordAction(UserMetricsAction("ScreenLocker_Signout"));
309 // We expect that this call will not wait for any user input.
310 // If it changes at some point, we will need to force exit.
311 chrome::AttemptUserExit();
312
313 // Don't hide yet the locker because the chrome screen may become visible
314 // briefly.
315 }
316
317 void ScreenLocker::EnableInput() {
318 delegate_->SetInputEnabled(true);
319 }
320
321 void ScreenLocker::ShowErrorMessage(int error_msg_id,
322 HelpAppLauncher::HelpTopic help_topic_id,
323 bool sign_out_only) {
324 delegate_->SetInputEnabled(!sign_out_only);
325 delegate_->ShowErrorMessage(error_msg_id, help_topic_id);
326 }
327
328 void ScreenLocker::SetLoginStatusConsumer(
329 chromeos::AuthStatusConsumer* consumer) {
330 auth_status_consumer_ = consumer;
331 }
332
333 // static
334 void ScreenLocker::InitClass() {
335 DCHECK(!g_screen_lock_observer);
336 g_screen_lock_observer = new ScreenLockObserver;
337 }
338
339 // static
340 void ScreenLocker::ShutDownClass() {
341 DCHECK(g_screen_lock_observer);
342 delete g_screen_lock_observer;
343 g_screen_lock_observer = NULL;
344 }
345
346 // static
347 void ScreenLocker::HandleLockScreenRequest() {
348 VLOG(1) << "Received LockScreen request from session manager";
349 DCHECK(g_screen_lock_observer);
350 if (UserAddingScreen::Get()->IsRunning()) {
351 VLOG(1) << "Waiting for user adding screen to stop";
352 UserAddingScreen::Get()->AddObserver(g_screen_lock_observer);
353 UserAddingScreen::Get()->Cancel();
354 return;
355 }
356 if (g_screen_lock_observer->session_started() &&
357 user_manager::UserManager::Get()->CanCurrentUserLock()) {
358 ScreenLocker::Show();
359 ash::Shell::GetInstance()->lock_state_controller()->OnStartingLock();
360 } else {
361 // If the current user's session cannot be locked or the user has not
362 // completed all sign-in steps yet, log out instead. The latter is done to
363 // avoid complications with displaying the lock screen over the login
364 // screen while remaining secure in the case the user walks away during
365 // the sign-in steps. See crbug.com/112225 and crbug.com/110933.
366 VLOG(1) << "Calling session manager's StopSession D-Bus method";
367 DBusThreadManager::Get()->GetSessionManagerClient()->StopSession();
368 }
369 }
370
371 // static
372 void ScreenLocker::Show() {
373 content::RecordAction(UserMetricsAction("ScreenLocker_Show"));
374 DCHECK(base::MessageLoopForUI::IsCurrent());
375
376 // Check whether the currently logged in user is a guest account and if so,
377 // refuse to lock the screen (crosbug.com/23764).
378 if (user_manager::UserManager::Get()->IsLoggedInAsGuest()) {
379 VLOG(1) << "Refusing to lock screen for guest account";
380 return;
381 }
382
383 // If the active window is fullscreen, exit fullscreen to avoid the web page
384 // or app mimicking the lock screen. Do not exit fullscreen if the shelf is
385 // visible while in fullscreen because the shelf makes it harder for a web
386 // page or app to mimick the lock screen.
387 ash::wm::WindowState* active_window_state = ash::wm::GetActiveWindowState();
388 if (active_window_state &&
389 active_window_state->IsFullscreen() &&
390 active_window_state->hide_shelf_when_fullscreen()) {
391 const ash::wm::WMEvent event(ash::wm::WM_EVENT_TOGGLE_FULLSCREEN);
392 active_window_state->OnWMEvent(&event);
393 }
394
395 if (!screen_locker_) {
396 ScreenLocker* locker =
397 new ScreenLocker(user_manager::UserManager::Get()->GetUnlockUsers());
398 VLOG(1) << "Created ScreenLocker " << locker;
399 locker->Init();
400 } else {
401 VLOG(1) << "ScreenLocker " << screen_locker_ << " already exists; "
402 << " calling session manager's HandleLockScreenShown D-Bus method";
403 DBusThreadManager::Get()->GetSessionManagerClient()->
404 NotifyLockScreenShown();
405 }
406 }
407
408 // static
409 void ScreenLocker::Hide() {
410 DCHECK(base::MessageLoopForUI::IsCurrent());
411 // For a guest user, screen_locker_ would have never been initialized.
412 if (user_manager::UserManager::Get()->IsLoggedInAsGuest()) {
413 VLOG(1) << "Refusing to hide lock screen for guest account";
414 return;
415 }
416
417 DCHECK(screen_locker_);
418 base::Callback<void(void)> callback =
419 base::Bind(&ScreenLocker::ScheduleDeletion);
420 ash::Shell::GetInstance()->lock_state_controller()->
421 OnLockScreenHide(callback);
422 }
423
424 void ScreenLocker::ScheduleDeletion() {
425 // Avoid possible multiple calls.
426 if (screen_locker_ == NULL)
427 return;
428 VLOG(1) << "Deleting ScreenLocker " << screen_locker_;
429
430 ash::PlaySystemSoundIfSpokenFeedback(SOUND_UNLOCK);
431
432 delete screen_locker_;
433 screen_locker_ = NULL;
434 }
435
436 ////////////////////////////////////////////////////////////////////////////////
437 // ScreenLocker, private:
438
439 ScreenLocker::~ScreenLocker() {
440 VLOG(1) << "Destroying ScreenLocker " << this;
441 DCHECK(base::MessageLoopForUI::IsCurrent());
442
443 if (authenticator_.get())
444 authenticator_->SetConsumer(NULL);
445 ClearErrors();
446
447 VLOG(1) << "Moving desktop background to unlocked container";
448 ash::Shell::GetInstance()->
449 desktop_background_controller()->MoveDesktopToUnlockedContainer();
450
451 screen_locker_ = NULL;
452 bool state = false;
453 VLOG(1) << "Emitting SCREEN_LOCK_STATE_CHANGED with state=" << state;
454 content::NotificationService::current()->Notify(
455 chrome::NOTIFICATION_SCREEN_LOCK_STATE_CHANGED,
456 content::Source<ScreenLocker>(this),
457 content::Details<bool>(&state));
458
459 VLOG(1) << "Calling session manager's HandleLockScreenDismissed D-Bus method";
460 DBusThreadManager::Get()->GetSessionManagerClient()->
461 NotifyLockScreenDismissed();
462
463 if (saved_ime_state_.get()) {
464 input_method::InputMethodManager::Get()->SetState(saved_ime_state_);
465 }
466 }
467
468 void ScreenLocker::SetAuthenticator(Authenticator* authenticator) {
469 authenticator_ = authenticator;
470 }
471
472 void ScreenLocker::ScreenLockReady() {
473 locked_ = true;
474 base::TimeDelta delta = base::Time::Now() - start_time_;
475 VLOG(1) << "ScreenLocker " << this << " is ready after "
476 << delta.InSecondsF() << " second(s)";
477 UMA_HISTOGRAM_TIMES("ScreenLocker.ScreenLockTime", delta);
478
479 VLOG(1) << "Moving desktop background to locked container";
480 ash::Shell::GetInstance()->
481 desktop_background_controller()->MoveDesktopToLockedContainer();
482
483 bool state = true;
484 VLOG(1) << "Emitting SCREEN_LOCK_STATE_CHANGED with state=" << state;
485 content::NotificationService::current()->Notify(
486 chrome::NOTIFICATION_SCREEN_LOCK_STATE_CHANGED,
487 content::Source<ScreenLocker>(this),
488 content::Details<bool>(&state));
489 VLOG(1) << "Calling session manager's HandleLockScreenShown D-Bus method";
490 DBusThreadManager::Get()->GetSessionManagerClient()->NotifyLockScreenShown();
491
492 input_method::InputMethodManager::Get()
493 ->GetActiveIMEState()
494 ->EnableLockScreenLayouts();
495 }
496
497 content::WebUI* ScreenLocker::GetAssociatedWebUI() {
498 return delegate_->GetAssociatedWebUI();
499 }
500
501 bool ScreenLocker::IsUserLoggedIn(const std::string& username) {
502 for (user_manager::UserList::const_iterator it = users_.begin();
503 it != users_.end();
504 ++it) {
505 if ((*it)->email() == username)
506 return true;
507 }
508 return false;
509 }
510
511 } // namespace chromeos