diff options
Diffstat (limited to 'chromium/chrome/browser/resources/chromeos/login/oobe_screen_oauth_enrollment.js')
-rw-r--r-- | chromium/chrome/browser/resources/chromeos/login/oobe_screen_oauth_enrollment.js | 271 |
1 files changed, 140 insertions, 131 deletions
diff --git a/chromium/chrome/browser/resources/chromeos/login/oobe_screen_oauth_enrollment.js b/chromium/chrome/browser/resources/chromeos/login/oobe_screen_oauth_enrollment.js index 205b83526e5..297e4e6f6a5 100644 --- a/chromium/chrome/browser/resources/chromeos/login/oobe_screen_oauth_enrollment.js +++ b/chromium/chrome/browser/resources/chromeos/login/oobe_screen_oauth_enrollment.js @@ -9,12 +9,14 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { /** @const */ var STEP_EXPLAIN = 'explain'; /** @const */ var STEP_SUCCESS = 'success'; + /** @const */ var HELP_TOPIC_ENROLLMENT = 4631259; + return { EXTERNAL_API: [ - 'setIsAutoEnrollment', 'showStep', 'showError', 'showWorking', + 'setAuthenticatedUserEmail', ], /** @@ -23,21 +25,6 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { signInUrl_: null, /** - * Whether this is a manual or auto enrollment. - */ - isAutoEnrollment_: false, - - /** - * True if enrollment cancellation should be prevented. - */ - preventCancellation_: false, - - /** - * Enrollment steps with names and buttons to show. - */ - steps_: null, - - /** * Dialog to confirm that auto-enrollment should really be cancelled. * This is only created the first time it's used. */ @@ -48,17 +35,42 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { */ currentStep_: null, + /** + * Opaque token used to correlate request and response while retrieving the + * authenticated user's e-mail address from GAIA. + */ + attemptToken_: null, + /** @override */ decorate: function() { window.addEventListener('message', this.onMessage_.bind(this), false); $('oauth-enroll-error-retry').addEventListener('click', this.doRetry_.bind(this)); + $('oauth-enroll-learn-more-link').addEventListener( + 'click', + function() { + chrome.send('launchHelpApp', [HELP_TOPIC_ENROLLMENT]); + }); var links = document.querySelectorAll('.oauth-enroll-explain-link'); for (var i = 0; i < links.length; i++) { links[i].addEventListener('click', this.showStep.bind(this, STEP_EXPLAIN)); } + + this.updateLocalizedContent(); + }, + + /** + * Updates localized strings. + */ + updateLocalizedContent: function() { + $('oauth-enroll-re-enrollment-text').innerHTML = + loadTimeData.getStringF( + 'oauthEnrollReEnrollmentText', + '<b id="oauth-enroll-management-domain"></b>'); + $('oauth-enroll-management-domain').textContent = this.managementDomain_; + $('oauth-enroll-re-enrollment-text').hidden = !this.managementDomain_; }, /** @@ -75,89 +87,58 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { */ get buttons() { var buttons = []; + var ownerDocument = this.ownerDocument; + + function makeButton(id, classes, label, handler) { + var button = ownerDocument.createElement('button'); + button.id = id; + button.classList.add('oauth-enroll-button'); + button.classList.add.apply(button.classList, classes); + button.textContent = label; + button.addEventListener('click', handler); + buttons.push(button); + } - var cancelButton = this.ownerDocument.createElement('button'); - cancelButton.id = 'oauth-enroll-cancel-button'; - cancelButton.textContent = loadTimeData.getString('oauthEnrollCancel'); - - cancelButton.addEventListener('click', function(e) { - chrome.send('oauthEnrollClose', ['cancel']); - }.bind(this)); - buttons.push(cancelButton); - - var tryAgainButton = this.ownerDocument.createElement('button'); - tryAgainButton.id = 'oauth-enroll-try-again-button'; - tryAgainButton.hidden = true; - tryAgainButton.textContent = - loadTimeData.getString('oauthEnrollRetry'); - tryAgainButton.addEventListener('click', this.doRetry_.bind(this)); - buttons.push(tryAgainButton); - - var explainButton = this.ownerDocument.createElement('button'); - explainButton.id = 'oauth-enroll-explain-button'; - explainButton.hidden = true; - explainButton.textContent = - loadTimeData.getString('oauthEnrollExplainButton'); - explainButton.addEventListener('click', this.doRetry_.bind(this)); - buttons.push(explainButton); - - var doneButton = this.ownerDocument.createElement('button'); - doneButton.id = 'oauth-enroll-done-button'; - doneButton.hidden = true; - doneButton.textContent = - loadTimeData.getString('oauthEnrollDone'); - doneButton.addEventListener('click', function(e) { - chrome.send('oauthEnrollClose', ['done']); - }); - buttons.push(doneButton); + makeButton( + 'oauth-enroll-cancel-button', + ['oauth-enroll-focus-on-error'], + loadTimeData.getString('oauthEnrollCancel'), + function() { + chrome.send('oauthEnrollClose', ['cancel']); + }); + + makeButton( + 'oauth-enroll-back-button', + ['oauth-enroll-focus-on-error'], + loadTimeData.getString('oauthEnrollCancelAutoEnrollmentGoBack'), + function() { + chrome.send('oauthEnrollClose', ['cancel']); + }); + + makeButton( + 'oauth-enroll-retry-button', + ['oauth-enroll-focus-on-error'], + loadTimeData.getString('oauthEnrollRetry'), + this.doRetry_.bind(this)); + + makeButton( + 'oauth-enroll-explain-retry-button', + ['oauth-enroll-focus-on-explain'], + loadTimeData.getString('oauthEnrollExplainButton'), + this.doRetry_.bind(this)); + + makeButton( + 'oauth-enroll-done-button', + ['oauth-enroll-focus-on-success'], + loadTimeData.getString('oauthEnrollDone'), + function() { + chrome.send('oauthEnrollClose', ['done']); + }); return buttons; }, /** - * Sets the |isAutoEnrollment| flag of the OAuthEnrollmentScreen class and - * updates the UI. - * @param {boolean} is_auto_enrollment the new value of the flag. - */ - setIsAutoEnrollment: function(is_auto_enrollment) { - this.isAutoEnrollment_ = is_auto_enrollment; - // The cancel button is not available during auto-enrollment. - var cancel = this.isAutoEnrollment_ ? null : 'cancel'; - // During auto-enrollment the user must try again from the error screen. - var errorCancel = this.isAutoEnrollment_ ? 'try-again' : 'cancel'; - this.steps_ = [ - { - name: STEP_SIGNIN, - button: cancel - }, - { - name: STEP_WORKING, - button: cancel - }, - { - name: STEP_ERROR, - button: errorCancel, - focusButton: this.isAutoEnrollment_ - }, - { - name: STEP_EXPLAIN, - button: 'explain', - focusButton: true - }, - { - name: STEP_SUCCESS, - button: 'done', - focusButton: true - }, - ]; - - var links = document.querySelectorAll('.oauth-enroll-explain-link'); - for (var i = 0; i < links.length; i++) { - links[i].hidden = !this.isAutoEnrollment_; - } - }, - - /** * Event handler that is invoked just before the frame is shown. * @param {Object} data Screen init payload, contains the signin frame * URL. @@ -166,15 +147,15 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { var url = data.signin_url; url += '?gaiaUrl=' + encodeURIComponent(data.gaiaUrl); this.signInUrl_ = url; - this.setIsAutoEnrollment(data.is_auto_enrollment); - this.preventCancellation_ = data.prevent_cancellation; + var modes = ['manual', 'forced', 'auto']; + for (var i = 0; i < modes.length; ++i) { + this.classList.toggle('mode-' + modes[i], + data.enrollment_mode == modes[i]); + } + this.managementDomain_ = data.management_domain; $('oauth-enroll-signin-frame').contentWindow.location.href = this.signInUrl_; - if (this.preventCancellation_) { - $('oauth-enroll-cancel-button').textContent = - loadTimeData.getString('oauthEnrollCancelAutoEnrollmentGoBack'); - } - + this.updateLocalizedContent(); this.showStep(STEP_SIGNIN); }, @@ -182,9 +163,6 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { * Cancels enrollment and drops the user back to the login screen. */ cancel: function() { - if (this.isAutoEnrollment_) - return; - chrome.send('oauthEnrollClose', ['cancel']); }, @@ -194,22 +172,17 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { * "error", "success". */ showStep: function(step) { - this.currentStep_ = step; - $('oauth-enroll-cancel-button').hidden = true; - $('oauth-enroll-try-again-button').hidden = true; - $('oauth-enroll-explain-button').hidden = true; - $('oauth-enroll-done-button').hidden = true; - for (var i = 0; i < this.steps_.length; i++) { - var theStep = this.steps_[i]; - var active = (theStep.name == step); - $('oauth-enroll-step-' + theStep.name).hidden = !active; - if (active && theStep.button) { - var button = $('oauth-enroll-' + theStep.button + '-button'); - button.hidden = false; - if (theStep.focusButton) - button.focus(); + this.classList.toggle('oauth-enroll-state-' + this.currentStep_, false); + this.classList.toggle('oauth-enroll-state-' + step, true); + var focusElements = + this.querySelectorAll('.oauth-enroll-focus-on-' + step); + for (var i = 0; i < focusElements.length; ++i) { + if (getComputedStyle(focusElements[i])['display'] != 'none') { + focusElements[i].focus(); + break; } } + this.currentStep_ = step; }, /** @@ -219,12 +192,12 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { */ showError: function(message, retry) { $('oauth-enroll-error-message').textContent = message; - $('oauth-enroll-error-retry').hidden = !retry || this.isAutoEnrollment_; + $('oauth-enroll-error-retry').hidden = !retry; this.showStep(STEP_ERROR); }, /** - * Sets a progressing message and switches to the working screen. + * Sets a progress message and switches to the working screen. * @param {string} message the progress message. */ showWorking: function(message) { @@ -233,18 +206,31 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { }, /** + * Invoked when the authenticated user's e-mail address has been retrieved. + * This completes SAML authentication. + * @param {number} attemptToken An opaque token used to correlate this + * method invocation with the corresponding request to retrieve the + * user's e-mail address. + * @param {string} email The authenticated user's e-mail address. + */ + setAuthenticatedUserEmail: function(attemptToken, email) { + if (this.attemptToken_ != attemptToken) + return; + + if (!email) + this.showError(loadTimeData.getString('fatalEnrollmentError'), false); + else + chrome.send('oauthEnrollCompleteLogin', [email]); + }, + + /** * Handler for cancellations of an enforced auto-enrollment. */ cancelAutoEnrollment: function() { - // Check if this is forced enrollment flow for a kiosk app. - if (this.preventCancellation_) + // Only to be activated for the explain step in auto-enrollment. + if (this.currentStep_ !== STEP_EXPLAIN) return; - // The dialog to confirm cancellation of auto-enrollment is only shown - // if this is an auto-enrollment, and if the user is currently in the - // 'explain' step. - if (!this.isAutoEnrollment_ || this.currentStep_ !== STEP_EXPLAIN) - return; if (!this.confirmDialog_) { this.confirmDialog_ = new cr.ui.dialogs.ConfirmDialog(document.body); this.confirmDialog_.setOkLabel( @@ -296,12 +282,35 @@ login.createScreen('OAuthEnrollmentScreen', 'oauth-enrollment', function() { var msg = m.data; - // 'completeLogin' for full gaia signin flow. For SAML case, - // 'confirmPassword' is sent after authentication. Since enrollment - // does not need the actual password, this is treated the same as - // 'completeLogin'. - if (msg.method == 'completeLogin' || msg.method == 'confirmPassword') + if (msg.method == 'completeLogin') { + // A user has successfully authenticated via regular GAIA. chrome.send('oauthEnrollCompleteLogin', [msg.email]); + } + + if (msg.method == 'retrieveAuthenticatedUserEmail') { + // A user has successfully authenticated via SAML. However, the user's + // identity is not known. Instead of reporting success immediately, + // retrieve the user's e-mail address first. + this.attemptToken_ = msg.attemptToken; + this.showWorking(null); + chrome.send('oauthEnrollRetrieveAuthenticatedUserEmail', + [msg.attemptToken]); + } + + if (msg.method == 'authPageLoaded' && this.currentStep_ == STEP_SIGNIN) { + if (msg.isSAML) { + $('oauth-saml-notice-message').textContent = loadTimeData.getStringF( + 'samlNotice', + msg.domain); + } + this.classList.toggle('saml', msg.isSAML); + } + + if (msg.method == 'insecureContentBlocked') { + this.showError( + loadTimeData.getStringF('insecureURLEnrollmentError', msg.url), + false); + } } }; }); |