1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ 7 8 #include "base/basictypes.h" 9 #include "base/memory/scoped_ptr.h" 10 #include "base/prefs/pref_change_registrar.h" 11 #include "base/time/default_clock.h" 12 #include "base/time/time.h" 13 #include "base/timer/timer.h" 14 #include "chrome/browser/chromeos/login/auth/user_context.h" 15 #include "components/keyed_service/core/keyed_service.h" 16 17 class Profile; 18 19 namespace base { 20 class Clock; 21 } 22 23 namespace user_prefs { 24 class PrefRegistrySyncable; 25 } 26 27 namespace chromeos { 28 29 // Enforces a limit on the length of time for which a user authenticated via 30 // SAML can use offline authentication against a cached password before being 31 // forced to go through online authentication against GAIA again. 32 class SAMLOfflineSigninLimiter : public KeyedService { 33 public: 34 // Registers preferences. 35 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); 36 37 // Called when the user successfully authenticates. |auth_flow| indicates 38 // the type of authentication flow that the user went through. 39 void SignedIn(UserContext::AuthFlow auth_flow); 40 41 // KeyedService: 42 virtual void Shutdown() OVERRIDE; 43 44 private: 45 friend class SAMLOfflineSigninLimiterFactory; 46 friend class SAMLOfflineSigninLimiterTest; 47 48 // |profile| and |clock| must remain valid until Shutdown() is called. If 49 // |clock| is NULL, the |default_clock_| will be used. 50 SAMLOfflineSigninLimiter(Profile* profile, base::Clock* clock); 51 virtual ~SAMLOfflineSigninLimiter(); 52 53 // Recalculates the amount of time remaining until online login should be 54 // forced and sets the |offline_signin_limit_timer_| accordingly. If the limit 55 // has expired already, sets the flag enforcing online login immediately. 56 void UpdateLimit(); 57 58 // Sets the flag enforcing online login. This will cause the user's next login 59 // to use online authentication against GAIA. 60 void ForceOnlineLogin(); 61 62 base::DefaultClock default_clock_; 63 64 Profile* profile_; 65 base::Clock* clock_; 66 67 PrefChangeRegistrar pref_change_registrar_; 68 69 scoped_ptr<base::OneShotTimer<SAMLOfflineSigninLimiter> > 70 offline_signin_limit_timer_; 71 72 DISALLOW_COPY_AND_ASSIGN(SAMLOfflineSigninLimiter); 73 }; 74 75 } // namespace chromeos 76 77 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_SAML_SAML_OFFLINE_SIGNIN_LIMITER_H_ 78