Implement Chrome OS device enrollment on the new cloud policy stack.

chrome/browser/policy/enrollment_handler_chromeos.cc

Index: chrome/browser/policy/enrollment_handler_chromeos.cc
diff --git a/chrome/browser/policy/enrollment_handler_chromeos.cc b/chrome/browser/policy/enrollment_handler_chromeos.cc
new file mode 100644
index 0000000000000000000000000000000000000000..a77e6fb941498ae06c8ebdf53efdab8c95d9502e
--- /dev/null
+++ b/chrome/browser/policy/enrollment_handler_chromeos.cc
@@ -0,0 +1,251 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/policy/enrollment_handler_chromeos.h"
+
+#include "base/bind.h"
+#include "base/logging.h"
+#include "base/message_loop.h"
+#include "chrome/browser/policy/cloud_policy_constants.h"
+#include "chrome/browser/policy/cloud_policy_validator.h"

[Joao da Silva, 2012/09/07 14:01:42]

nit: already in .h

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Done.

+#include "chrome/browser/policy/device_cloud_policy_store_chromeos.h"
+#include "chrome/browser/policy/enterprise_install_attributes.h"
+#include "chrome/browser/policy/proto/device_management_backend.pb.h"
+
+namespace em = enterprise_management;
+
+namespace policy {
+
+namespace {
+
+// Retry for InstallAttrs initialization every 500ms.
+const int kLockRetryIntervalMs = 500;
+// Maximum time to retry InstallAttrs initialization before we give up.
+const int kLockRetryTimeoutMs = 10 * 60 * 1000;  // 10 minutes.
+
+}  // namespace
+
+EnrollmentHandlerChromeOS::EnrollmentHandlerChromeOS(
+    DeviceCloudPolicyStoreChromeOS* store,
+    EnterpriseInstallAttributes* install_attributes,
+    scoped_ptr<CloudPolicyClient> client,
+    const std::string& auth_token,
+    const CompletionCallback& completion_callback)
+    : store_(store),
+      install_attributes_(install_attributes),
+      client_(client.Pass()),
+      auth_token_(auth_token),
+      completion_callback_(completion_callback),
+      device_mode_(DEVICE_MODE_NOT_SET),
+      enrollment_step_(STEP_IDLE),
+      lockbox_init_duration_(0),
+      ALLOW_THIS_IN_INITIALIZER_LIST(weak_factory_(this)) {
+  CHECK(!client_->is_registered());
+  CHECK_EQ(DM_STATUS_SUCCESS, client_->status());
+  store_->AddObserver(this);
+  client_->AddObserver(this);
+}
+
+EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() {
+  Reset();
+  store_->RemoveObserver(this);
+}
+
+void EnrollmentHandlerChromeOS::StartEnrollment() {
+  CHECK_EQ(STEP_IDLE, enrollment_step_);
+  AttemptRegistration();
+}
+
+scoped_ptr<CloudPolicyClient> EnrollmentHandlerChromeOS::ReleaseClient() {
+  Reset();
+  return client_.Pass();
+}
+
+void EnrollmentHandlerChromeOS::OnPolicyFetched(CloudPolicyClient* client) {
+  DCHECK_EQ(client_.get(), client);
+  CHECK_EQ(STEP_POLICY_FETCH, enrollment_step_);
+
+  enrollment_step_ = STEP_VALIDATION;
+
+  // Validate the policy.
+  scoped_ptr<DeviceCloudPolicyValidator> validator(
+      DeviceCloudPolicyValidator::Create(
+          scoped_ptr<em::PolicyFetchResponse>(
+              new em::PolicyFetchResponse(*client_->policy())),
+          base::Bind(&EnrollmentHandlerChromeOS::PolicyValidated,
+                     weak_factory_.GetWeakPtr())));
+
+  if (install_attributes_->IsEnterpriseDevice())
+    validator->ValidateDomain(install_attributes_->GetDomain());
+  validator->ValidatePolicyType(dm_protocol::kChromeDevicePolicyType);
+  validator->ValidatePayload();
+  validator->ValidateInitialKey();
+  validator.release()->StartValidation();

[pastarmovj, 2012/09/07 12:16:27]

Apparently the validator is self destructing why not use plain ptr and document
write that it is managing its own lifetime?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

This is the pattern used for user policy (and elsewhere), so I thought I stick
with it. Also, it seems rather self-documenting to me: Once validation starts,
we pass on ownership.

+}
+
+void EnrollmentHandlerChromeOS::OnRegistrationStateChanged(
+    CloudPolicyClient* client) {
+  DCHECK_EQ(client_.get(), client);
+
+  if (enrollment_step_ != STEP_REGISTRATION)
+    return;
+
+  if (client_->is_registered()) {
+    enrollment_step_ = STEP_POLICY_FETCH,
+    device_mode_ = client_->device_mode();
+    if (device_mode_ != DEVICE_MODE_ENTERPRISE &&
+        device_mode_ != DEVICE_MODE_KIOSK) {
+      LOG(ERROR) << "Bad device mode " << device_mode_;
+      ReportResult(ENROLLMENT_STATUS_REGISTRATION_FAILED,
+                   DM_STATUS_RESPONSE_DECODING_ERROR,
+                   CloudPolicyValidatorBase::VALIDATION_OK,
+                   CloudPolicyStore::STATUS_OK);
+    }

[Joao da Silva, 2012/09/07 14:01:42]

else { ?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Ah, yes :)

+    client_->FetchPolicy();
+  } else {
+    NOTREACHED() << "Registration state changed to " << client_->is_registered()
+                 << " in step " << enrollment_step_;

[Joao da Silva, 2012/09/07 14:01:42]

Shouldn't this report an error result, to avoid a stuck enrollment? Manual
enrollment can be cancelled but auto-enrollment can't.

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Since the handler owns |client_|, this is not possible. I've upgraded this to a
LOG(FATAL) so we'll learn when somebody breaks this invariant :)

+  }
+}
+
+void EnrollmentHandlerChromeOS::OnClientError(CloudPolicyClient* client) {
+  DCHECK_EQ(client_.get(), client);
+
+  if (enrollment_step_ == STEP_REGISTRATION) {
+    ReportResult(ENROLLMENT_STATUS_REGISTRATION_FAILED, client_->status(),
+                 CloudPolicyValidatorBase::VALIDATION_OK,
+                 CloudPolicyStore::STATUS_OK);
+  } else if (enrollment_step_ == STEP_POLICY_FETCH) {
+    ReportResult(ENROLLMENT_STATUS_POLICY_FETCH_FAILED, client_->status(),
+                 CloudPolicyValidatorBase::VALIDATION_OK,
+                 CloudPolicyStore::STATUS_OK);
+  } else {
+    NOTREACHED() << "Client error " << client_->status()
+                 << " in step " << enrollment_step_;

[Joao da Silva, 2012/09/07 14:01:42]

Report an error result?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Not sure. If something else is screwing the client, we cannot do much, and in
the two cases where we do care we report the result already. So this is mostly
for debugging if somebody adds bad code.

+    return;
+  }
+}
+
+void EnrollmentHandlerChromeOS::OnStoreLoaded(CloudPolicyStore* store) {
+  DCHECK_EQ(store_, store);
+
+  if (enrollment_step_ == STEP_IDLE) {
+    AttemptRegistration();
+    return;
+  }
+
+  if (enrollment_step_ != STEP_STORE_POLICY)
+    return;
+
+  ReportResult(ENROLLMENT_STATUS_SUCCESS, DM_STATUS_SUCCESS,
+               CloudPolicyValidatorBase::VALIDATION_OK,
+               CloudPolicyStore::STATUS_OK);
+}
+
+void EnrollmentHandlerChromeOS::OnStoreError(CloudPolicyStore* store) {
+  DCHECK_EQ(store_, store);
+
+  if (enrollment_step_ == STEP_IDLE) {
+    // A fresh device is in STATUS_BAD_STATE.
+    if (store_->status() == CloudPolicyStore::STATUS_BAD_STATE)
+      return;
+  } else if (enrollment_step_ != STEP_STORE_POLICY) {
+    return;
+  }
+
+  ReportResult(ENROLLMENT_STATUS_STORE_ERROR, DM_STATUS_SUCCESS,
+               store_->validation_status(), store_->status());
+}
+
+void EnrollmentHandlerChromeOS::AttemptRegistration() {
+  if (store_->is_initialized()) {
+    enrollment_step_ = STEP_REGISTRATION;
+    client_->Register(auth_token_);
+  }
+}
+
+void EnrollmentHandlerChromeOS::PolicyValidated(
+    DeviceCloudPolicyValidator* validator) {

[Joao da Silva, 2012/09/07 14:01:42]

CHECK_EQ(STEP_VALIDATION, enrollment_step_)?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Done.

+  if (validator->success()) {
+    policy_ = validator->policy().Pass();

[Joao da Silva, 2012/09/07 14:01:42]

enrollment_step_ = STEP_LOCK_DEVICE?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Yes!

+    WriteInstallAttributes(validator->policy_data()->username(), device_mode_,
+                           validator->policy_data()->device_id());
+  } else {
+    ReportResult(ENROLLMENT_STATUS_VALIDATION_FAILED, DM_STATUS_SUCCESS,
+                 validator->status(), CloudPolicyStore::STATUS_OK);
+  }
+}
+
+void EnrollmentHandlerChromeOS::WriteInstallAttributes(
+    const std::string& user,
+    DeviceMode device_mode,
+    const std::string& device_id) {
+  // Since this method is also called directly.

[Joao da Silva, 2012/09/07 14:01:42]

CHECK_EQ(STEP_LOCK_DEVICE, enrollment_step_)?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Done.

+  weak_factory_.InvalidateWeakPtrs();
+
+  switch (install_attributes_->LockDevice(user, device_mode, device_id)) {
+    case EnterpriseInstallAttributes::LOCK_SUCCESS:
+      enrollment_step_ = STEP_STORE_POLICY;
+      store_->InstallInitialPolicy(*policy_);
+      return;
+    case EnterpriseInstallAttributes::LOCK_NOT_READY:
+      // We wait up to |kLockRetryTimeoutMs| milliseconds and if it hasn't
+      // succeeded by then show an error to the user and stop the enrollment.
+      if (lockbox_init_duration_ < kLockRetryTimeoutMs) {
+        // InstallAttributes not ready yet, retry later.
+        LOG(WARNING) << "Install Attributes not ready yet will retry in "
+                     << kLockRetryIntervalMs << "ms.";
+        MessageLoop::current()->PostDelayedTask(
+            FROM_HERE,
+            base::Bind(&EnrollmentHandlerChromeOS::WriteInstallAttributes,
+                       weak_factory_.GetWeakPtr(),
+                       user, device_mode, device_id),
+            base::TimeDelta::FromMilliseconds(kLockRetryIntervalMs));
+        lockbox_init_duration_ += kLockRetryIntervalMs;
+        return;
+      }
+      // Fall through.

[Joao da Silva, 2012/09/07 14:01:42]

Also log that it timed out?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Line 197 will have flooded the log already, which should be a rather good
indication.

+    case EnterpriseInstallAttributes::LOCK_BACKEND_ERROR:
+      ReportResult(ENROLLMENT_STATUS_LOCK_ERROR, DM_STATUS_SUCCESS,
+                   CloudPolicyValidatorBase::VALIDATION_OK,
+                   CloudPolicyStore::STATUS_OK);
+      return;
+    case EnterpriseInstallAttributes::LOCK_WRONG_USER:
+      LOG(ERROR) << "Enrollment cannot proceed because the InstallAttrs "
+                 << "has been locked already!";
+      ReportResult(ENROLLMENT_STATUS_LOCK_WRONG_USER, DM_STATUS_SUCCESS,
+                   CloudPolicyValidatorBase::VALIDATION_OK,
+                   CloudPolicyStore::STATUS_OK);
+      return;
+  }
+
+  NOTREACHED();
+}
+
+void EnrollmentHandlerChromeOS::Reset() {
+  if (client_.get())
+    client_->RemoveObserver(this);
+  enrollment_step_ = STEP_DONE;

[pastarmovj, 2012/09/07 12:16:27]

Why not STEP_IDLE?

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Because this is only to happen once we're done. I've updated the name to be more
obvious.

+  weak_factory_.InvalidateWeakPtrs();
+  completion_callback_.Reset();
+}
+
+void EnrollmentHandlerChromeOS::ReportResult(
+    EnrollmentStatus status,
+    DeviceManagementStatus dm_status,
+    CloudPolicyValidatorBase::Status validator_status,
+    CloudPolicyStore::Status store_status) {
+  CompletionCallback callback = completion_callback_;
+  Reset();
+
+  if (status != ENROLLMENT_STATUS_SUCCESS) {
+    LOG(WARNING) << "Enrollment failed: " << status << " " << dm_status << " "
+                 << validator_status << " " << store_status;
+  }
+
+  if (!callback.is_null())
+    callback.Run(status, dm_status, validator_status, store_status);
+}
+
+}  // namespace

[Joao da Silva, 2012/09/07 14:01:42]

namespace policy

[Mattias Nissler (ping if slow), 2012/10/23 15:30:41]

Done.