chrome/credential_provider/gaiacp/os_user_manager.h - chromium/src - Git at Google

 // Copyright 2018 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHROME_CREDENTIAL_PROVIDER_GAIACP_OS_USER_MANAGER_H_
 #define CHROME_CREDENTIAL_PROVIDER_GAIACP_OS_USER_MANAGER_H_

 #include "base/strings/string16.h"
 #include "base/win/scoped_handle.h"
 #include "base/win/windows_types.h"

 typedef wchar_t* BSTR;

 namespace credential_provider {

 // Manages OS users on the system.
 class [[clang::lto_visibility_public]] OSUserManager {
  public:
   // Minimum length for password buffer when calling GenerateRandomPassword().
   static const int kMinPasswordLength = 24;

   static OSUserManager* Get();

   virtual ~OSUserManager();

   // Generates a cryptographically secure random password.
   virtual HRESULT GenerateRandomPassword(wchar_t* password, int length);

   // Creates a new OS user on the system with the given credentials.  If
   // |add_to_users_group| is true, the Os user is added to the machine's
   // "Users" group which allows interactive logon.  The OS user's SID is
   // returned in |sid|.
   virtual HRESULT AddUser(const wchar_t* username,
                           const wchar_t* password,
                           const wchar_t* fullname,
                           const wchar_t* comment,
                           bool add_to_users_group,
                           BSTR* sid,
                           DWORD* error);

   // Changes the password of the given OS user.
   virtual HRESULT ChangeUserPassword(
       const wchar_t* domain, const wchar_t* username,
       const wchar_t* old_password, const wchar_t* new_password);

   // Checks if the given user's password matches |password|. Returns S_OK if it
   // matches, S_FALSE if not. Otherwise will return the windows error code.
   virtual HRESULT IsWindowsPasswordValid(
       const wchar_t* domain, const wchar_t* username, const wchar_t* password);

   // Creates a logon token for the given user.  If |interactive| is true the
   // token is of type interactive otherwise it is of type batch.
   virtual HRESULT CreateLogonToken(
       const wchar_t* domain, const wchar_t* username, const wchar_t* password,
       bool interactive, base::win::ScopedHandle* token);

   // Gets the SID of the given OS user.  The caller owns the pointer |sid| and
   // should free it with a call to LocalFree().
   virtual HRESULT GetUserSID(const wchar_t* domain, const wchar_t* username,
                              PSID* sid);

   // Finds a user created from a gaia account by its SID.  Returns S_OK if a
   // user with the given SID exists, HRESULT_FROM_WIN32(ERROR_NONE_MAPPED)
   // if not, or an arbitrary error otherwise.  If |username| is non-null and
   // |username_size| is greater than zero, the username associated with the
   // SID is returned. If |domain| is non-null and |domain_size| is greater
   // than zero, the domain associated with the SID is returned.
   virtual HRESULT FindUserBySID(const wchar_t* sid, wchar_t* username,
                                 DWORD username_size, wchar_t* domain,
                                 DWORD domain_size);

   // Removes the user from the machine.
   virtual HRESULT RemoveUser(const wchar_t* username, const wchar_t* password);

   // Gets the full name of the user from their user info.
   virtual HRESULT GetUserFullname(
       const wchar_t* domain, const wchar_t* username, base::string16* fullname);

   static base::string16 GetLocalDomain();

   // This method is called from dllmain.cc when setting fakes from one modul
   // to another.
   static void SetInstanceForTesting(OSUserManager* instance);

  protected:
   OSUserManager() {}

   // Returns the storage used for the instance pointer.
   static OSUserManager** GetInstanceStorage();
 };

 }  // namespace credential_provider

 #endif  // CHROME_CREDENTIAL_PROVIDER_GAIACP_OS_USER_MANAGER_H_
	// Copyright 2018 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHROME_CREDENTIAL_PROVIDER_GAIACP_OS_USER_MANAGER_H_
	#define CHROME_CREDENTIAL_PROVIDER_GAIACP_OS_USER_MANAGER_H_

	#include "base/strings/string16.h"
	#include "base/win/scoped_handle.h"
	#include "base/win/windows_types.h"

	typedef wchar_t* BSTR;

	namespace credential_provider {

	// Manages OS users on the system.
	class [[clang::lto_visibility_public]] OSUserManager {
	public:
	// Minimum length for password buffer when calling GenerateRandomPassword().
	static const int kMinPasswordLength = 24;

	static OSUserManager* Get();

	virtual ~OSUserManager();

	// Generates a cryptographically secure random password.
	virtual HRESULT GenerateRandomPassword(wchar_t* password, int length);

	// Creates a new OS user on the system with the given credentials. If
	// \|add_to_users_group\| is true, the Os user is added to the machine's
	// "Users" group which allows interactive logon. The OS user's SID is
	// returned in \|sid\|.
	virtual HRESULT AddUser(const wchar_t* username,
	const wchar_t* password,
	const wchar_t* fullname,
	const wchar_t* comment,
	bool add_to_users_group,
	BSTR* sid,
	DWORD* error);

	// Changes the password of the given OS user.
	virtual HRESULT ChangeUserPassword(
	const wchar_t* domain, const wchar_t* username,
	const wchar_t* old_password, const wchar_t* new_password);

	// Checks if the given user's password matches \|password\|. Returns S_OK if it
	// matches, S_FALSE if not. Otherwise will return the windows error code.
	virtual HRESULT IsWindowsPasswordValid(
	const wchar_t* domain, const wchar_t* username, const wchar_t* password);

	// Creates a logon token for the given user. If \|interactive\| is true the
	// token is of type interactive otherwise it is of type batch.
	virtual HRESULT CreateLogonToken(
	const wchar_t* domain, const wchar_t* username, const wchar_t* password,
	bool interactive, base::win::ScopedHandle* token);

	// Gets the SID of the given OS user. The caller owns the pointer \|sid\| and
	// should free it with a call to LocalFree().
	virtual HRESULT GetUserSID(const wchar_t* domain, const wchar_t* username,
	PSID* sid);

	// Finds a user created from a gaia account by its SID. Returns S_OK if a
	// user with the given SID exists, HRESULT_FROM_WIN32(ERROR_NONE_MAPPED)
	// if not, or an arbitrary error otherwise. If \|username\| is non-null and
	// \|username_size\| is greater than zero, the username associated with the
	// SID is returned. If \|domain\| is non-null and \|domain_size\| is greater
	// than zero, the domain associated with the SID is returned.
	virtual HRESULT FindUserBySID(const wchar_t* sid, wchar_t* username,
	DWORD username_size, wchar_t* domain,
	DWORD domain_size);

	// Removes the user from the machine.
	virtual HRESULT RemoveUser(const wchar_t* username, const wchar_t* password);

	// Gets the full name of the user from their user info.
	virtual HRESULT GetUserFullname(
	const wchar_t* domain, const wchar_t* username, base::string16* fullname);

	static base::string16 GetLocalDomain();

	// This method is called from dllmain.cc when setting fakes from one modul
	// to another.
	static void SetInstanceForTesting(OSUserManager* instance);

	protected:
	OSUserManager() {}

	// Returns the storage used for the instance pointer.
	static OSUserManager** GetInstanceStorage();
	};

	} // namespace credential_provider

	#endif // CHROME_CREDENTIAL_PROVIDER_GAIACP_OS_USER_MANAGER_H_