[gnome-shell/wip/smartcard: 10/16] util: abstract out default auth service in code

From: Ray Strode <halfline src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-shell/wip/smartcard: 10/16] util: abstract out default auth service in code
Date: Tue, 30 Jul 2013 00:24:41 +0000 (UTC)
commit df0aace025dc1a2e46f05dd5ff797ec370639f2e
Author: Ray Strode <rstrode redhat com>
Date:   Sun Jul 28 19:42:26 2013 -0400

    util: abstract out default auth service in code
    
    Right now, the primary way a user logs in is with
    a password. They can also swipe their finger, if their
    fingerprint is enrolled, but it's expected the fingerprint
    auth service won't ask questions the user has to respond to
    by typing. As such, we ignore questions that comes from
    anything but the main auth service: gdm-password.
    
    In the future, if a user inserts a smartcard, we'll want
    to treat the gdm-smartcard service as the main auth service,
    and let any questions from it get to the user.
    
    This commit tries to prepare for that eventuality by storing
    the name of the default auth service away in a _defaultService variable
    before verification has begun, and then later checking incoming
    queries against that service instead of checking against
    string 'gdm-password' directly.
    
    Of course, right now, _defaultService is always gdm-password.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=683437

 js/gdm/util.js |   33 ++++++++++++++++++++++-----------
 1 files changed, 22 insertions(+), 11 deletions(-)
---
diff --git a/js/gdm/util.js b/js/gdm/util.js
index 9557c66..6b1523d 100644
--- a/js/gdm/util.js
+++ b/js/gdm/util.js
@@ -116,6 +116,7 @@ const ShellUserVerifier = new Lang.Class({
         this._client = client;
 
         this._settings = new Gio.Settings({ schema: LOGIN_SCREEN_SCHEMA });
+        this._updateDefaultService();
 
         this._fprintManager = new Fprint.FprintManager();
         this._messageQueue = [];
@@ -302,11 +303,23 @@ const ShellUserVerifier = new Lang.Class({
         this._userVerifier.connect('verification-complete', Lang.bind(this, this._onVerificationComplete));
     },
 
+    _getForegroundService: function() {
+        return this._defaultService;
+    },
+
+    serviceIsForeground: function(serviceName) {
+        return serviceName == this._getForegroundService();
+    },
+
+    _updateDefaultService: function() {
+        this._defaultService = PASSWORD_SERVICE_NAME;
+    },
+
     _beginVerification: function() {
         this._hold.acquire();
 
         if (this._userName) {
-            this._userVerifier.call_begin_verification_for_user(PASSWORD_SERVICE_NAME,
+            this._userVerifier.call_begin_verification_for_user(this._getForegroundService(),
                                                                 this._userName,
                                                                 this._cancellable,
                                                                 Lang.bind(this, function(obj, result) {
@@ -342,7 +355,7 @@ const ShellUserVerifier = new Lang.Class({
                 }));
             }
         } else {
-            this._userVerifier.call_begin_verification(PASSWORD_SERVICE_NAME,
+            this._userVerifier.call_begin_verification(this._getForegroundService(),
                                                        this._cancellable,
                                                        Lang.bind(this, function(obj, result) {
                 try {
@@ -369,30 +382,27 @@ const ShellUserVerifier = new Lang.Class({
             // Translators: this message is shown below the password entry field
             // to indicate the user can swipe their finger instead
             this.emit('show-login-hint', _("(or swipe finger)"));
-        } else if (serviceName == PASSWORD_SERVICE_NAME) {
+        } else if (this.serviceIsForeground(serviceName)) {
             this._queueMessage(info, 'login-dialog-message-info');
         }
     },
 
     _onProblem: function(client, serviceName, problem) {
-        // we don't want to show auth failed messages to
-        // users who haven't enrolled their fingerprint.
-        if (serviceName != PASSWORD_SERVICE_NAME)
+        if (!this.serviceIsForeground(serviceName))
             return;
+
         this._queueMessage(problem, 'login-dialog-message-warning');
     },
 
     _onInfoQuery: function(client, serviceName, question) {
-        // We only expect questions to come from the main auth service
-        if (serviceName != PASSWORD_SERVICE_NAME)
+        if (!this.serviceIsForeground(serviceName))
             return;
 
         this.emit('ask-question', serviceName, question, '');
     },
 
     _onSecretInfoQuery: function(client, serviceName, secretQuestion) {
-        // We only expect secret requests to come from the main auth service
-        if (serviceName != PASSWORD_SERVICE_NAME)
+        if (!this.serviceIsForeground(serviceName))
             return;
 
         this.emit('ask-question', serviceName, secretQuestion, '\u25cf');
@@ -401,6 +411,7 @@ const ShellUserVerifier = new Lang.Class({
     _onReset: function() {
         // Clear previous attempts to authenticate
         this._failCounter = 0;
+        this._updateDefaultService();
 
         this.emit('reset');
     },
@@ -457,7 +468,7 @@ const ShellUserVerifier = new Lang.Class({
         // if the password service fails, then cancel everything.
         // But if, e.g., fingerprint fails, still give
         // password authentication a chance to succeed
-        if (serviceName == PASSWORD_SERVICE_NAME) {
+        if (this.serviceIsForeground(serviceName)) {
             this._verificationFailed(true);
         }
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]