1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/ui/webui/signin/inline_login_handler.h"
6
7 #include <limits.h>
8 #include <string>
9 #include <utility>
10 #include <vector>
11
12 #include "base/bind.h"
13 #include "base/metrics/user_metrics.h"
14 #include "base/strings/string_number_conversions.h"
15 #include "base/strings/utf_string_conversions.h"
16 #include "base/values.h"
17 #include "build/build_config.h"
18 #include "chrome/browser/browser_process.h"
19 #include "chrome/browser/profiles/profile.h"
20 #include "chrome/browser/signin/signin_promo.h"
21 #include "chrome/browser/ui/browser_finder.h"
22 #include "chrome/browser/ui/browser_navigator.h"
23 #include "chrome/browser/ui/browser_navigator_params.h"
24 #include "chrome/browser/ui/user_manager.h"
25 #include "chrome/browser/ui/webui/signin/signin_utils.h"
26 #include "chrome/common/pref_names.h"
27 #include "components/metrics/metrics_pref_names.h"
28 #include "components/prefs/pref_service.h"
29 #include "components/signin/public/base/signin_pref_names.h"
30 #include "content/public/browser/storage_partition.h"
31 #include "content/public/browser/web_contents.h"
32 #include "content/public/browser/web_ui.h"
33 #include "google_apis/gaia/gaia_urls.h"
34 #include "net/base/url_util.h"
35 #include "services/network/public/mojom/cookie_manager.mojom.h"
36
37 const char kSignInPromoQueryKeyShowAccountManagement[] =
38 "showAccountManagement";
39
InlineLoginHandler()40 InlineLoginHandler::InlineLoginHandler() {}
41
~InlineLoginHandler()42 InlineLoginHandler::~InlineLoginHandler() {}
43
RegisterMessages()44 void InlineLoginHandler::RegisterMessages() {
45 web_ui()->RegisterMessageCallback(
46 "initialize",
47 base::BindRepeating(&InlineLoginHandler::HandleInitializeMessage,
48 base::Unretained(this)));
49 web_ui()->RegisterMessageCallback(
50 "authExtensionReady",
51 base::BindRepeating(&InlineLoginHandler::HandleAuthExtensionReadyMessage,
52 base::Unretained(this)));
53 web_ui()->RegisterMessageCallback(
54 "completeLogin",
55 base::BindRepeating(&InlineLoginHandler::HandleCompleteLoginMessage,
56 base::Unretained(this)));
57 web_ui()->RegisterMessageCallback(
58 "switchToFullTab",
59 base::BindRepeating(&InlineLoginHandler::HandleSwitchToFullTabMessage,
60 base::Unretained(this)));
61 web_ui()->RegisterMessageCallback(
62 "dialogClose", base::BindRepeating(&InlineLoginHandler::HandleDialogClose,
63 base::Unretained(this)));
64 }
65
HandleInitializeMessage(const base::ListValue * args)66 void InlineLoginHandler::HandleInitializeMessage(const base::ListValue* args) {
67 AllowJavascript();
68 content::WebContents* contents = web_ui()->GetWebContents();
69 content::StoragePartition* partition =
70 signin::GetSigninPartition(contents->GetBrowserContext());
71 if (partition) {
72 const GURL& current_url = web_ui()->GetWebContents()->GetURL();
73
74 // If the kSignInPromoQueryKeyForceKeepData param is missing, or if it is
75 // present and its value is zero, this means we don't want to keep the
76 // the data.
77 std::string value;
78 if (!net::GetValueForKeyInQuery(current_url,
79 signin::kSignInPromoQueryKeyForceKeepData,
80 &value) ||
81 value == "0") {
82 partition->ClearData(
83 content::StoragePartition::REMOVE_DATA_MASK_ALL,
84 content::StoragePartition::QUOTA_MANAGED_STORAGE_MASK_ALL, GURL(),
85 base::Time(), base::Time::Max(),
86 base::BindOnce(&InlineLoginHandler::ContinueHandleInitializeMessage,
87 weak_ptr_factory_.GetWeakPtr()));
88 } else {
89 ContinueHandleInitializeMessage();
90 }
91 }
92 }
93
ContinueHandleInitializeMessage()94 void InlineLoginHandler::ContinueHandleInitializeMessage() {
95 base::DictionaryValue params;
96
97 const std::string& app_locale = g_browser_process->GetApplicationLocale();
98 params.SetString("hl", app_locale);
99 GaiaUrls* gaiaUrls = GaiaUrls::GetInstance();
100 params.SetString("gaiaUrl", gaiaUrls->gaia_url().spec());
101 params.SetInteger("authMode", InlineLoginHandler::kDesktopAuthMode);
102
103 const GURL& current_url = web_ui()->GetWebContents()->GetURL();
104 signin_metrics::AccessPoint access_point =
105 signin::GetAccessPointForEmbeddedPromoURL(current_url);
106 signin_metrics::Reason reason =
107 signin::GetSigninReasonForEmbeddedPromoURL(current_url);
108
109 if (reason != signin_metrics::Reason::REASON_REAUTHENTICATION &&
110 reason != signin_metrics::Reason::REASON_UNLOCK &&
111 reason != signin_metrics::Reason::REASON_ADD_SECONDARY_ACCOUNT) {
112 signin_metrics::LogSigninAccessPointStarted(
113 access_point,
114 signin_metrics::PromoAction::PROMO_ACTION_NO_SIGNIN_PROMO);
115 signin_metrics::RecordSigninUserActionForAccessPoint(
116 access_point,
117 signin_metrics::PromoAction::PROMO_ACTION_NO_SIGNIN_PROMO);
118 base::RecordAction(base::UserMetricsAction("Signin_SigninPage_Loading"));
119 params.SetBoolean("isLoginPrimaryAccount", true);
120 }
121
122 Profile* profile = Profile::FromWebUI(web_ui());
123 std::string default_email;
124 if (reason == signin_metrics::Reason::REASON_SIGNIN_PRIMARY_ACCOUNT ||
125 reason == signin_metrics::Reason::REASON_FORCED_SIGNIN_PRIMARY_ACCOUNT) {
126 default_email =
127 profile->GetPrefs()->GetString(prefs::kGoogleServicesLastUsername);
128 } else {
129 if (!net::GetValueForKeyInQuery(current_url, "email", &default_email))
130 default_email.clear();
131 }
132 if (!default_email.empty())
133 params.SetString("email", default_email);
134
135 // The legacy full-tab Chrome sign-in page is no longer used as it was relying
136 // on exchanging cookies for refresh tokens and that endpoint is no longer
137 // supported.
138 params.SetString("constrained", "1");
139
140 // TODO(rogerta): this needs to be passed on to gaia somehow.
141 std::string read_only_email;
142 net::GetValueForKeyInQuery(current_url, "readOnlyEmail", &read_only_email);
143 params.SetBoolean("readOnlyEmail", !read_only_email.empty());
144
145 SetExtraInitParams(params);
146 FireWebUIListener("load-auth-extension", params);
147 }
148
HandleCompleteLoginMessage(const base::ListValue * args)149 void InlineLoginHandler::HandleCompleteLoginMessage(
150 const base::ListValue* args) {
151 // When the network service is enabled, the webRequest API doesn't expose
152 // cookie headers. So manually fetch the cookies for the GAIA URL from the
153 // CookieManager.
154 content::WebContents* contents = web_ui()->GetWebContents();
155 content::StoragePartition* partition =
156 signin::GetSigninPartition(contents->GetBrowserContext());
157
158 partition->GetCookieManagerForBrowserProcess()->GetCookieList(
159 GaiaUrls::GetInstance()->gaia_url(),
160 net::CookieOptions::MakeAllInclusive(),
161 base::BindOnce(&InlineLoginHandler::HandleCompleteLoginMessageWithCookies,
162 weak_ptr_factory_.GetWeakPtr(),
163 base::ListValue(args->GetList())));
164 }
165
HandleCompleteLoginMessageWithCookies(const base::ListValue & args,const net::CookieAccessResultList & cookies,const net::CookieAccessResultList & excluded_cookies)166 void InlineLoginHandler::HandleCompleteLoginMessageWithCookies(
167 const base::ListValue& args,
168 const net::CookieAccessResultList& cookies,
169 const net::CookieAccessResultList& excluded_cookies) {
170 const base::Value& dict = args.GetList()[0];
171
172 const std::string& email = dict.FindKey("email")->GetString();
173 const std::string& password = dict.FindKey("password")->GetString();
174 const std::string& gaia_id = dict.FindKey("gaiaId")->GetString();
175
176 std::string auth_code;
177 for (const auto& cookie_with_access_result : cookies) {
178 if (cookie_with_access_result.cookie.Name() == "oauth_code")
179 auth_code = cookie_with_access_result.cookie.Value();
180 }
181
182 bool skip_for_now = dict.FindBoolKey("skipForNow").value_or(false);
183 base::Optional<bool> trusted = dict.FindBoolKey("trusted");
184 bool trusted_value = trusted.value_or(false);
185 bool trusted_found = trusted.has_value();
186
187 bool choose_what_to_sync =
188 dict.FindBoolKey("chooseWhatToSync").value_or(false);
189
190 base::Value edu_login_params;
191 if (args.GetList().size() > 1) {
192 edu_login_params = args.GetList()[1].Clone();
193 }
194
195 CompleteLogin(email, password, gaia_id, auth_code, skip_for_now,
196 trusted_value, trusted_found, choose_what_to_sync,
197 std::move(edu_login_params));
198 }
199
HandleSwitchToFullTabMessage(const base::ListValue * args)200 void InlineLoginHandler::HandleSwitchToFullTabMessage(
201 const base::ListValue* args) {
202 Browser* browser =
203 chrome::FindBrowserWithWebContents(web_ui()->GetWebContents());
204 if (browser) {
205 // |web_ui| is already presented in a full tab. Ignore this call.
206 return;
207 }
208
209 std::string url_str;
210 CHECK(args->GetString(0, &url_str));
211
212 Profile* profile = Profile::FromWebUI(web_ui());
213 GURL main_frame_url(web_ui()->GetWebContents()->GetURL());
214
215 // Adds extra parameters to the signin URL so that Chrome will close the tab
216 // and show the account management view of the avatar menu upon completion.
217 main_frame_url = net::AppendOrReplaceQueryParameter(
218 main_frame_url, signin::kSignInPromoQueryKeyAutoClose, "1");
219 main_frame_url = net::AppendOrReplaceQueryParameter(
220 main_frame_url, kSignInPromoQueryKeyShowAccountManagement, "1");
221 main_frame_url = net::AppendOrReplaceQueryParameter(
222 main_frame_url, signin::kSignInPromoQueryKeyForceKeepData, "1");
223
224 NavigateParams params(profile, main_frame_url,
225 ui::PAGE_TRANSITION_AUTO_TOPLEVEL);
226 Navigate(¶ms);
227
228 CloseDialogFromJavascript();
229 }
230
HandleDialogClose(const base::ListValue * args)231 void InlineLoginHandler::HandleDialogClose(const base::ListValue* args) {
232 #if !defined(OS_CHROMEOS)
233 // Does nothing if user manager is not showing.
234 UserManagerProfileDialog::HideDialog();
235 #endif // !defined(OS_CHROMEOS)
236 }
237
CloseDialogFromJavascript()238 void InlineLoginHandler::CloseDialogFromJavascript() {
239 if (IsJavascriptAllowed())
240 FireWebUIListener("close-dialog");
241 }
242