Pass ChromAD user credentials to SmbProvider Mount

The username and workgroup of ChromAD users will now be passed to
the SmbProvider Mount function in the smbprovider Dameon.

The ParseUserPrincipalName function and corresponding tests are adapted
from AuthPolicy's SambaHelper.

BUG=chromium:757625
TEST=unittests

Change-Id: Ia25396224d9c873161adb2da3741c54cdd1209cf
Reviewed-on: https://chromium-review.googlesource.com/1052914Reviewed-by: Zentaro Kavanagh <zentaro@chromium.org>
Commit-Queue: Bailey Berro <baileyberro@chromium.org>
Cr-Commit-Position: refs/heads/master@{#558339}

chrome/browser/chromeos/BUILD.gn

@@ -1583,6 +1583,8 @@ source_set("chromeos") {
     "smb_client/smb_service.h",
     "smb_client/smb_service_factory.cc",
     "smb_client/smb_service_factory.h",
+    "smb_client/smb_service_helper.cc",
+    "smb_client/smb_service_helper.h",
     "smb_client/smb_task_queue.cc",
     "smb_client/smb_task_queue.h",
     "smb_client/smb_url.cc",
@@ -2085,6 +2087,7 @@ source_set("unit_tests") {
     "smb_client/discovery/mdns_host_locator_unittest.cc",
     "smb_client/discovery/network_scanner_unittest.cc",
     "smb_client/smb_file_system_id_test.cc",
+    "smb_client/smb_service_helper_unittest.cc",
     "smb_client/smb_service_unittest.cc",
     "smb_client/smb_task_queue_unittest.cc",
     "smb_client/smb_url_unittest.cc",

chrome/browser/chromeos/smb_client/smb_service.cc

@@ -13,6 +13,7 @@
 #include "chrome/browser/chromeos/smb_client/smb_file_system_id.h"
 #include "chrome/browser/chromeos/smb_client/smb_provider.h"
 #include "chrome/browser/chromeos/smb_client/smb_service_factory.h"
+#include "chrome/browser/chromeos/smb_client/smb_service_helper.h"
 #include "chrome/common/chrome_features.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "chromeos/dbus/smb_provider_client.h"
@@ -69,10 +70,19 @@ void SmbService::InitTempFileManagerAndMount(
 void SmbService::CallMount(const file_system_provider::MountOptions& options,
                            const base::FilePath& share_path,
                            MountResponse callback) {
+  std::string workgroup;
+  std::string username;
+
+  user_manager::User* user =
+      chromeos::ProfileHelper::Get()->GetUserByProfile(profile_);
+  if (user && user->IsActiveDirectoryUser()) {
+    ParseUserPrincipalName(user->GetDisplayEmail(), &username, &workgroup);
+  }
+
   // TODO(allenvic): Implement passing of credentials. This currently passes
-  // empty credentials to SmbProvider.
+  // empty credentials to SmbProvider for non-ChromAD users.
   GetSmbProviderClient()->Mount(
-      share_path, "" /* workgroup */, "" /* username */,
+      share_path, workgroup, username,
       temp_file_manager_->WritePasswordToFile("" /* password */),
       base::BindOnce(&SmbService::OnMountResponse, AsWeakPtr(),
                      base::Passed(&callback), options, share_path));

chrome/browser/chromeos/smb_client/smb_service_helper.cc

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/smb_client/smb_service_helper.h"
+
+#include "base/strings/string_split.h"
+#include "base/strings/string_util.h"
+
+namespace chromeos {
+namespace smb_client {
+
+bool ParseUserPrincipalName(const std::string& user_principal_name,
+                            std::string* user_name,
+                            std::string* workgroup) {
+  DCHECK(user_name);
+  DCHECK(workgroup);
+  std::vector<std::string> parts = base::SplitString(
+      user_principal_name, "@", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
+  if (parts.size() != 2 || parts.at(0).empty() || parts.at(1).empty()) {
+    // Don't log user_principal_name, it might contain sensitive data.
+    LOG(ERROR) << "Failed to parse user principal name. Expected form "
+                  "'user@some.realm'.";
+    return false;
+  }
+  *user_name = std::move(parts.at(0));
+  *workgroup = base::ToUpperASCII(std::move(parts.at(1)));
+  return true;
+}
+
+}  // namespace smb_client
+}  // namespace chromeos

chrome/browser/chromeos/smb_client/smb_service_helper.h

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_CHROMEOS_SMB_CLIENT_SMB_SERVICE_HELPER_H_
+#define CHROME_BROWSER_CHROMEOS_SMB_CLIENT_SMB_SERVICE_HELPER_H_
+
+#include <string>
+#include <vector>
+
+#include <base/logging.h>
+
+namespace chromeos {
+namespace smb_client {
+
+bool ParseUserPrincipalName(const std::string& user_principal_name,
+                            std::string* user_name,
+                            std::string* workgroup);
+
+}  // namespace smb_client
+}  // namespace chromeos
+
+#endif  // CHROME_BROWSER_CHROMEOS_SMB_CLIENT_SMB_SERVICE_HELPER_H_

chrome/browser/chromeos/smb_client/smb_service_helper_unittest.cc

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/smb_client/smb_service_helper.h"
+
+#include <string>
+
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace chromeos {
+namespace smb_client {
+
+class SmbServiceHelperTest : public ::testing::Test {
+ public:
+  SmbServiceHelperTest() = default;
+  ~SmbServiceHelperTest() override = default;
+
+ protected:
+  // Helpers for ParseUserPrincipleName.
+  std::string user_name_;
+  std::string realm_;
+
+  bool ParseUserPrincipalName(const char* user_principal_name_) {
+    return ::chromeos::smb_client::ParseUserPrincipalName(user_principal_name_,
+                                                          &user_name_, &realm_);
+  }
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(SmbServiceHelperTest);
+};
+
+// a@b.c succeeds.
+TEST_F(SmbServiceHelperTest, ParseUPNSuccess) {
+  EXPECT_TRUE(ParseUserPrincipalName("user@domain.com"));
+  EXPECT_EQ(user_name_, "user");
+  EXPECT_EQ(realm_, "DOMAIN.COM");
+}
+
+// a@b.c.d.e succeeds.
+TEST_F(SmbServiceHelperTest, ParseUPNSuccess_Long) {
+  EXPECT_TRUE(ParseUserPrincipalName("user@a.domain.company.com"));
+  EXPECT_EQ(user_name_, "user");
+  EXPECT_EQ(realm_, "A.DOMAIN.COMPANY.COM");
+}
+
+// Capitalization works as expected.
+TEST_F(SmbServiceHelperTest, ParseUPNSuccess_MixedCaps) {
+  EXPECT_TRUE(ParseUserPrincipalName("UsEr@CoMPaNy.DOMain.com"));
+  EXPECT_EQ(user_name_, "UsEr");
+  EXPECT_EQ(realm_, "COMPANY.DOMAIN.COM");
+}
+
+// a.b@c.d succeeds, even though it is invalid (rejected by kinit).
+TEST_F(SmbServiceHelperTest, ParseUPNSuccess_DotAtDot) {
+  EXPECT_TRUE(ParseUserPrincipalName("user.team@domain.com"));
+  EXPECT_EQ(user_name_, "user.team");
+  EXPECT_EQ(realm_, "DOMAIN.COM");
+}
+
+// a@ fails (no workgroup.domain).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_NoRealm) {
+  EXPECT_FALSE(ParseUserPrincipalName("user@"));
+}
+
+// a fails (no @workgroup.domain).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_NoAtRealm) {
+  EXPECT_FALSE(ParseUserPrincipalName("user"));
+}
+
+// a. fails (no @workgroup.domain and trailing . is invalid, anyway).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_NoAtRealmButDot) {
+  EXPECT_FALSE(ParseUserPrincipalName("user."));
+}
+
+// a@b@c fails (double at).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_AtAt) {
+  EXPECT_FALSE(ParseUserPrincipalName("user@company@domain"));
+}
+
+// a@b@c fails (double at).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_AtAtDot) {
+  EXPECT_FALSE(ParseUserPrincipalName("user@company@domain.com"));
+}
+
+// @b.c fails (empty user name).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_NoUpn) {
+  EXPECT_FALSE(ParseUserPrincipalName("@company.domain"));
+}
+
+// b.c fails (no user name@).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_NoUpnAt) {
+  EXPECT_FALSE(ParseUserPrincipalName("company.domain"));
+}
+
+// .b.c fails (no user name@ and initial . is invalid, anyway).
+TEST_F(SmbServiceHelperTest, ParseUPNFail_NoUpnAtButDot) {
+  EXPECT_FALSE(ParseUserPrincipalName(".company.domain"));
+}
+
+}  // namespace smb_client
+}  // namespace chromeos