Google Git
Sign in
chromium / chromium / src.git / 202b5644a77bd7eb5ba5e912124f9e90236fd61f^! / . / chrome / browser / sync / sync_setup_flow.cc
commit202b5644a77bd7eb5ba5e912124f9e90236fd61f[log] [tgz]
author[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Sat Sep 10 02:04:07 2011
committer[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Sat Sep 10 02:04:07 2011
tree6675092604e167b54c3207722d2f24c1950e351b
parent06c75029783496f78406bf6ce0d73de02b3124d4 [diff] [blame]
Now properly handles gaia passphrases changing.

Properly prompts the user to enter their previous GAIA passphrase as appropriate
if the user has changed their GAIA passphrase and there's still sync data on
the server encrypted with the old one.

BUG=95632,72381
TEST=sync auth test cases, including changing gaia passphrase


Review URL: http://codereview.chromium.org/7857021

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@100559 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/chrome/browser/sync/sync_setup_flow.cc b/chrome/browser/sync/sync_setup_flow.cc
index 5cf83b2d9..c1366a2 100644
--- a/chrome/browser/sync/sync_setup_flow.cc
+++ b/chrome/browser/sync/sync_setup_flow.cc

@@ -62,7 +62,8 @@
 SyncConfiguration::SyncConfiguration()
     : encrypt_all(false),
       sync_everything(false),
-      use_secondary_passphrase(false) {
+      set_secondary_passphrase(false),
+      set_gaia_passphrase(false) {
 }
 
 SyncConfiguration::~SyncConfiguration() {}
@@ -177,11 +178,14 @@
     // We need a passphrase, and either it's an explicit passphrase, or we
     // don't have a cached gaia passphrase, so we have to prompt the user.
     args->SetBoolean("show_passphrase", true);
+    // Tell the UI layer what kind of passphrase we need.
+    args->SetBoolean("need_google_passphrase",
+                     !service->IsUsingSecondaryPassphrase());
+    args->SetBoolean("passphrase_creation_rejected",
+                     tried_creating_explicit_passphrase_);
+    args->SetBoolean("passphrase_setting_rejected",
+                     tried_setting_passphrase_);
   }
-  args->SetBoolean("passphrase_creation_rejected",
-                   tried_creating_explicit_passphrase_);
-  args->SetBoolean("passphrase_setting_rejected",
-                   tried_setting_explicit_passphrase_);
 }
 
 bool SyncSetupFlow::AttachSyncSetupHandler(SyncSetupFlowHandler* handler) {
@@ -277,36 +281,37 @@
   // Note: encryption will not occur until OnUserChoseDatatypes is called.
   service_->SetEncryptEverything(configuration.encrypt_all);
 
-  if (!configuration.gaia_passphrase.empty()) {
+  if (configuration.set_gaia_passphrase) {
     // Caller passed a gaia passphrase. This is illegal if we are currently
     // using a secondary passphrase.
     DCHECK(!service_->IsUsingSecondaryPassphrase());
     service_->SetPassphrase(configuration.gaia_passphrase, false);
+    // Since the user entered the passphrase manually, set this flag so we can
+    // report an error if the passphrase setting failed.
+    tried_setting_passphrase_ = true;
   } else if (!service_->IsUsingSecondaryPassphrase() &&
              !cached_passphrase_.empty()) {
     // Service needs a GAIA passphrase and we have one cached, so try it.
     service_->SetPassphrase(cached_passphrase_, false);
     cached_passphrase_.clear();
   } else {
+    // We can get here if the user changes their GAIA passphrase but still has
+    // data encrypted with the old passphrase. The UI prompts the user for their
+    // passphrase, but they might just leave it blank/disable the encrypted
+    // types.
     // No gaia passphrase cached or set, so make sure the ProfileSyncService
     // wasn't expecting one.
-    DCHECK(!service_->IsPassphraseRequiredForDecryption() ||
-           service_->IsUsingSecondaryPassphrase());
+    DLOG_IF(WARNING, !service_->IsUsingSecondaryPassphrase() &&
+            service_->IsPassphraseRequiredForDecryption()) <<
+        "Google passphrase required but not provided by UI";
   }
 
-  // It's possible the user has to provide a secondary passphrase even when
-  // they have not set one previously. This occurs when the user has changed
-  // their gaia password and then sign in to a new machine for the first time.
-  // The new machine will download data encrypted with their old gaia password,
-  // which their current gaia password will not be able to decrypt, triggering
-  // a prompt for a passphrase. At this point, the user must enter their old
-  // password, which we store as a new secondary passphrase.
-  // TODO(zea): eventually use the above gaia_passphrase instead of the
-  // secondary passphrase in this case.
-  if (configuration.use_secondary_passphrase) {
+  // Set the secondary passphrase, either as a decryption passphrase, or
+  // as an attempt to encrypt the user's data using this new passphrase.
+  if (configuration.set_secondary_passphrase) {
     service_->SetPassphrase(configuration.secondary_passphrase, true);
     if (service_->IsUsingSecondaryPassphrase())
-      tried_setting_explicit_passphrase_ = true;
+      tried_setting_passphrase_ = true;
     else
       tried_creating_explicit_passphrase_ = true;
   }
@@ -318,7 +323,7 @@
 void SyncSetupFlow::OnPassphraseEntry(const std::string& passphrase) {
   Advance(SyncSetupWizard::SETTING_UP);
   service_->SetPassphrase(passphrase, true);
-  tried_setting_explicit_passphrase_ = true;
+  tried_setting_passphrase_ = true;
 }
 
 void SyncSetupFlow::OnPassphraseCancel() {
@@ -342,7 +347,7 @@
       flow_handler_(NULL),
       service_(service),
       tried_creating_explicit_passphrase_(false),
-      tried_setting_explicit_passphrase_(false) {
+      tried_setting_passphrase_(false) {
 }
 
 // Returns true if the flow should advance to |state| based on |current_state_|.