chromeos/login/auth/authenticator.h - chromium/src - Git at Google

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_
 #define CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_

 #include <string>

 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "chromeos/chromeos_export.h"
 #include "chromeos/login/auth/auth_status_consumer.h"
 #include "google_apis/gaia/gaia_auth_consumer.h"

 class AccountId;

 namespace content {
 class BrowserContext;
 }

 namespace chromeos {

 class UserContext;

 // An interface for objects that will authenticate a Chromium OS user.
 // Callbacks will be called on the UI thread:
 // 1. On successful authentication, will call consumer_->OnAuthSuccess().
 // 2. On failure, will call consumer_->OnAuthFailure().
 // 3. On password change, will call consumer_->OnPasswordChangeDetected().
 class CHROMEOS_EXPORT Authenticator
     : public base::RefCountedThreadSafe<Authenticator> {
  public:
   explicit Authenticator(AuthStatusConsumer* consumer);

   // Given externally authenticated username and password (part of
   // |user_context|), this method attempts to complete authentication process.
   virtual void CompleteLogin(content::BrowserContext* browser_context,
                              const UserContext& user_context) = 0;

   // Given a user credentials in |user_context|,
   // this method attempts to authenticate to login.
   // Must be called on the UI thread.
   virtual void AuthenticateToLogin(content::BrowserContext* browser_context,
                                    const UserContext& user_context) = 0;

   // Given a user credentials in |user_context|, this method attempts to
   // authenticate to unlock the computer.
   // Must be called on the UI thread.
   virtual void AuthenticateToUnlock(const UserContext& user_context) = 0;

   // Initiates supervised user login.
   virtual void LoginAsSupervisedUser(const UserContext& user_context) = 0;

   // Initiates incognito ("browse without signing in") login.
   virtual void LoginOffTheRecord() = 0;

   // Initiates login into the public account identified by |user_context|.
   virtual void LoginAsPublicSession(const UserContext& user_context) = 0;

   // Initiates login into kiosk mode account identified by |app_account_id|.
   // The |app_account_id| is a generated account id for the account.
   // |use_guest_mount| specifies whether to force the session to use a
   // guest mount. If this is false, we use mount a public cryptohome.
   virtual void LoginAsKioskAccount(const AccountId& app_account_id,
                                    bool use_guest_mount) = 0;

   // Initiates login into ARC kiosk mode account identified by |app_account_id|.
   // The |app_account_id| is a generated account id for the account.
   // ARC kiosk mode mounts a public cryptohome.
   virtual void LoginAsArcKioskAccount(const AccountId& app_account_id) = 0;

   // Notifies caller that login was successful. Must be called on the UI thread.
   virtual void OnAuthSuccess() = 0;

   // Must be called on the UI thread.
   virtual void OnAuthFailure(const AuthFailure& error) = 0;

   // Call these methods on the UI thread.
   // If a password logs the user in online, but cannot be used to
   // mount their cryptohome, we expect that a password change has
   // occurred.
   // Call this method to migrate the user's encrypted data
   // forward to use their new password. |old_password| is the password
   // their data was last encrypted with.
   virtual void RecoverEncryptedData(const std::string& old_password) = 0;

   // Call this method to erase the user's encrypted data
   // and create a new cryptohome.
   virtual void ResyncEncryptedData() = 0;

   // BrowserContext (usually off the record) that was used to perform the last
   // authentication process.
   content::BrowserContext* authentication_context() {
     return authentication_context_;
   }

   // Sets consumer explicitly.
   void SetConsumer(AuthStatusConsumer* consumer);

  protected:
   virtual ~Authenticator();

   AuthStatusConsumer* consumer_;
   content::BrowserContext* authentication_context_;

  private:
   friend class base::RefCountedThreadSafe<Authenticator>;

   DISALLOW_COPY_AND_ASSIGN(Authenticator);
 };

 }  // namespace chromeos

 #endif  // CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_
	// Copyright 2014 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_
	#define CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_

	#include <string>

	#include "base/macros.h"
	#include "base/memory/ref_counted.h"
	#include "chromeos/chromeos_export.h"
	#include "chromeos/login/auth/auth_status_consumer.h"
	#include "google_apis/gaia/gaia_auth_consumer.h"

	class AccountId;

	namespace content {
	class BrowserContext;
	}

	namespace chromeos {

	class UserContext;

	// An interface for objects that will authenticate a Chromium OS user.
	// Callbacks will be called on the UI thread:
	// 1. On successful authentication, will call consumer_->OnAuthSuccess().
	// 2. On failure, will call consumer_->OnAuthFailure().
	// 3. On password change, will call consumer_->OnPasswordChangeDetected().
	class CHROMEOS_EXPORT Authenticator
	: public base::RefCountedThreadSafe<Authenticator> {
	public:
	explicit Authenticator(AuthStatusConsumer* consumer);

	// Given externally authenticated username and password (part of
	// \|user_context\|), this method attempts to complete authentication process.
	virtual void CompleteLogin(content::BrowserContext* browser_context,
	const UserContext& user_context) = 0;

	// Given a user credentials in \|user_context\|,
	// this method attempts to authenticate to login.
	// Must be called on the UI thread.
	virtual void AuthenticateToLogin(content::BrowserContext* browser_context,
	const UserContext& user_context) = 0;

	// Given a user credentials in \|user_context\|, this method attempts to
	// authenticate to unlock the computer.
	// Must be called on the UI thread.
	virtual void AuthenticateToUnlock(const UserContext& user_context) = 0;

	// Initiates supervised user login.
	virtual void LoginAsSupervisedUser(const UserContext& user_context) = 0;

	// Initiates incognito ("browse without signing in") login.
	virtual void LoginOffTheRecord() = 0;

	// Initiates login into the public account identified by \|user_context\|.
	virtual void LoginAsPublicSession(const UserContext& user_context) = 0;

	// Initiates login into kiosk mode account identified by \|app_account_id\|.
	// The \|app_account_id\| is a generated account id for the account.
	// \|use_guest_mount\| specifies whether to force the session to use a
	// guest mount. If this is false, we use mount a public cryptohome.
	virtual void LoginAsKioskAccount(const AccountId& app_account_id,
	bool use_guest_mount) = 0;

	// Initiates login into ARC kiosk mode account identified by \|app_account_id\|.
	// The \|app_account_id\| is a generated account id for the account.
	// ARC kiosk mode mounts a public cryptohome.
	virtual void LoginAsArcKioskAccount(const AccountId& app_account_id) = 0;

	// Notifies caller that login was successful. Must be called on the UI thread.
	virtual void OnAuthSuccess() = 0;

	// Must be called on the UI thread.
	virtual void OnAuthFailure(const AuthFailure& error) = 0;

	// Call these methods on the UI thread.
	// If a password logs the user in online, but cannot be used to
	// mount their cryptohome, we expect that a password change has
	// occurred.
	// Call this method to migrate the user's encrypted data
	// forward to use their new password. \|old_password\| is the password
	// their data was last encrypted with.
	virtual void RecoverEncryptedData(const std::string& old_password) = 0;

	// Call this method to erase the user's encrypted data
	// and create a new cryptohome.
	virtual void ResyncEncryptedData() = 0;

	// BrowserContext (usually off the record) that was used to perform the last
	// authentication process.
	content::BrowserContext* authentication_context() {
	return authentication_context_;
	}

	// Sets consumer explicitly.
	void SetConsumer(AuthStatusConsumer* consumer);

	protected:
	virtual ~Authenticator();

	AuthStatusConsumer* consumer_;
	content::BrowserContext* authentication_context_;

	private:
	friend class base::RefCountedThreadSafe<Authenticator>;

	DISALLOW_COPY_AND_ASSIGN(Authenticator);
	};

	} // namespace chromeos

	#endif // CHROMEOS_LOGIN_AUTH_AUTHENTICATOR_H_