| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/device_policy_identity_strategy.h" | 5 #include "chrome/browser/policy/device_policy_identity_strategy.h" |
| 6 | 6 |
| 7 #include "chrome/browser/browser_process.h" | 7 #include "chrome/browser/browser_process.h" |
| 8 #include "chrome/browser/chromeos/login/ownership_service.h" | 8 #include "chrome/browser/chromeos/login/ownership_service.h" |
| 9 #include "chrome/browser/chromeos/login/user_manager.h" | 9 #include "chrome/browser/chromeos/login/user_manager.h" |
| 10 #include "chrome/browser/net/gaia/token_service.h" | 10 #include "chrome/browser/net/gaia/token_service.h" |
| 11 #include "chrome/browser/policy/proto/device_management_constants.h" |
| 11 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 12 #include "chrome/browser/profiles/profile_manager.h" | 13 #include "chrome/browser/profiles/profile_manager.h" |
| 14 #include "chrome/common/guid.h" |
| 13 #include "chrome/common/net/gaia/gaia_constants.h" | 15 #include "chrome/common/net/gaia/gaia_constants.h" |
| 14 #include "chrome/common/notification_service.h" | 16 #include "chrome/common/notification_service.h" |
| 15 #include "chrome/common/notification_type.h" | 17 #include "chrome/common/notification_type.h" |
| 16 | 18 |
| 17 namespace policy { | 19 namespace policy { |
| 18 | 20 |
| 21 // Responsible for querying device ownership on the FILE thread. |
| 22 class DevicePolicyIdentityStrategy::OwnershipChecker |
| 23 : public base::RefCountedThreadSafe< |
| 24 DevicePolicyIdentityStrategy::OwnershipChecker> { |
| 25 public: |
| 26 explicit OwnershipChecker(DevicePolicyIdentityStrategy* callback) |
| 27 : callback_(callback) { |
| 28 } |
| 29 |
| 30 // Initiates a query on the file thread to check if the currently logged in |
| 31 // user is the owner. |
| 32 void CheckCurrentUserIsOwner(); |
| 33 |
| 34 // Cancels the query. |
| 35 void Cancel(); |
| 36 |
| 37 private: |
| 38 void CheckOnFileThread(); |
| 39 void CallbackOnUIThread(bool current_user_is_owner); |
| 40 |
| 41 private: |
| 42 friend class base::RefCountedThreadSafe<OwnershipChecker>; |
| 43 |
| 44 ~OwnershipChecker() {} |
| 45 |
| 46 // The object to be called back with the result. |
| 47 DevicePolicyIdentityStrategy* callback_; |
| 48 |
| 49 DISALLOW_COPY_AND_ASSIGN(OwnershipChecker); |
| 50 }; |
| 51 |
| 52 void DevicePolicyIdentityStrategy::OwnershipChecker::CheckCurrentUserIsOwner() { |
| 53 if (callback_ == NULL) |
| 54 return; |
| 55 BrowserThread::PostTask( |
| 56 BrowserThread::FILE, |
| 57 FROM_HERE, |
| 58 NewRunnableMethod( |
| 59 this, |
| 60 &DevicePolicyIdentityStrategy::OwnershipChecker::CheckOnFileThread)); |
| 61 } |
| 62 |
| 63 void DevicePolicyIdentityStrategy::OwnershipChecker::CheckOnFileThread() { |
| 64 bool current_user_is_owner = |
| 65 chromeos::OwnershipService::GetSharedInstance()->CurrentUserIsOwner(); |
| 66 BrowserThread::PostTask( |
| 67 BrowserThread::UI, |
| 68 FROM_HERE, |
| 69 NewRunnableMethod( |
| 70 this, |
| 71 &DevicePolicyIdentityStrategy::OwnershipChecker::CallbackOnUIThread, |
| 72 current_user_is_owner)); |
| 73 } |
| 74 |
| 75 void DevicePolicyIdentityStrategy::OwnershipChecker::CallbackOnUIThread( |
| 76 bool current_user_is_owner) { |
| 77 if (callback_ != NULL) { |
| 78 callback_->OnOwnershipInformationAvailable(current_user_is_owner); |
| 79 callback_ = NULL; |
| 80 } |
| 81 } |
| 82 |
| 83 void DevicePolicyIdentityStrategy::OwnershipChecker::Cancel() { |
| 84 callback_ = NULL; |
| 85 } |
| 86 |
| 19 DevicePolicyIdentityStrategy::DevicePolicyIdentityStrategy() | 87 DevicePolicyIdentityStrategy::DevicePolicyIdentityStrategy() |
| 20 : should_register_(false) { | 88 : should_register_(false), |
| 89 current_user_is_owner_(false), |
| 90 ownership_checker_(NULL) { |
| 21 registrar_.Add(this, | 91 registrar_.Add(this, |
| 22 NotificationType::TOKEN_AVAILABLE, | 92 NotificationType::TOKEN_AVAILABLE, |
| 23 NotificationService::AllSources()); | 93 NotificationService::AllSources()); |
| 24 registrar_.Add(this, | 94 registrar_.Add(this, |
| 25 NotificationType::LOGIN_USER_CHANGED, | 95 NotificationType::LOGIN_USER_CHANGED, |
| 26 NotificationService::AllSources()); | 96 NotificationService::AllSources()); |
| 27 registrar_.Add(this, | 97 registrar_.Add(this, |
| 28 NotificationType::OWNERSHIP_TAKEN, | 98 NotificationType::OWNERSHIP_TAKEN, |
| 29 NotificationService::AllSources()); | 99 NotificationService::AllSources()); |
| 30 registrar_.Add(this, | 100 registrar_.Add(this, |
| 31 NotificationType::OWNER_KEY_FETCH_ATTEMPT_SUCCEEDED, | 101 NotificationType::OWNER_KEY_FETCH_ATTEMPT_SUCCEEDED, |
| 32 NotificationService::AllSources()); | 102 NotificationService::AllSources()); |
| 33 | 103 |
| 34 // TODO(mnissler): Figure out how to read the machine id. | 104 // TODO(mnissler): Figure out how to read the machine id. |
| 35 machine_id_ = "dummy-cros-machine-ID"; | 105 machine_id_ = "dummy-cros-machine-ID"; |
| 36 } | 106 } |
| 37 | 107 |
| 108 DevicePolicyIdentityStrategy::~DevicePolicyIdentityStrategy() { |
| 109 if (ownership_checker_) |
| 110 ownership_checker_->Cancel(); |
| 111 } |
| 112 |
| 113 void DevicePolicyIdentityStrategy::OnOwnershipInformationAvailable( |
| 114 bool current_user_is_owner) { |
| 115 current_user_is_owner_ = current_user_is_owner; |
| 116 CheckAndTriggerFetch(); |
| 117 } |
| 118 |
| 119 void DevicePolicyIdentityStrategy::CheckOwnershipAndTriggerFetch() { |
| 120 // Cancel any pending queries. |
| 121 if (ownership_checker_) |
| 122 ownership_checker_->Cancel(); |
| 123 // Set to false until we know that the current user is the owner. |
| 124 current_user_is_owner_ = false; |
| 125 // Issue a new query. |
| 126 ownership_checker_ = new OwnershipChecker(this); |
| 127 ownership_checker_->CheckCurrentUserIsOwner(); |
| 128 } |
| 129 |
| 38 std::string DevicePolicyIdentityStrategy::GetDeviceToken() { | 130 std::string DevicePolicyIdentityStrategy::GetDeviceToken() { |
| 39 return device_token_; | 131 return device_token_; |
| 40 } | 132 } |
| 41 | 133 |
| 42 std::string DevicePolicyIdentityStrategy::GetDeviceID() { | 134 std::string DevicePolicyIdentityStrategy::GetDeviceID() { |
| 135 return device_id_; |
| 136 } |
| 137 |
| 138 std::string DevicePolicyIdentityStrategy::GetMachineID() { |
| 43 return machine_id_; | 139 return machine_id_; |
| 44 } | 140 } |
| 45 | 141 |
| 142 em::DeviceRegisterRequest_Type |
| 143 DevicePolicyIdentityStrategy::GetPolicyRegisterType() { |
| 144 return em::DeviceRegisterRequest::DEVICE; |
| 145 } |
| 146 |
| 147 std::string DevicePolicyIdentityStrategy::GetPolicyType() { |
| 148 return kChromeDevicePolicyType; |
| 149 } |
| 150 |
| 46 bool DevicePolicyIdentityStrategy::GetCredentials(std::string* username, | 151 bool DevicePolicyIdentityStrategy::GetCredentials(std::string* username, |
| 47 std::string* auth_token) { | 152 std::string* auth_token) { |
| 48 // Only register if requested. | 153 // Only register if requested. |
| 49 if (!should_register_) | 154 if (!should_register_) |
| 50 return false; | 155 return false; |
| 51 | 156 |
| 52 // Need to know the machine id. | 157 // Need to know the machine id. |
| 53 if (machine_id_.empty()) | 158 if (machine_id_.empty()) |
| 54 return false; | 159 return false; |
| 55 | 160 |
| 56 // Only fetch credentials (and, subsequently, token/policy) when the owner | 161 // Only fetch credentials (and, subsequently, token/policy) when the owner |
| 57 // is logged in. | 162 // is logged in. |
| 58 if (!chromeos::OwnershipService::GetSharedInstance()->CurrentUserIsOwner()) | 163 if (!current_user_is_owner_) |
| 59 return false; | 164 return false; |
| 60 | 165 |
| 61 // We need to know about the profile of the logged in user. | 166 // We need to know about the profile of the logged in user. |
| 62 Profile* profile = g_browser_process->profile_manager()->GetDefaultProfile(); | 167 Profile* profile = g_browser_process->profile_manager()->GetDefaultProfile(); |
| 63 if (!profile) { | 168 if (!profile) { |
| 64 NOTREACHED() << "Current user profile inaccessible"; | 169 NOTREACHED() << "Current user profile inaccessible"; |
| 65 return false; | 170 return false; |
| 66 } | 171 } |
| 67 | 172 |
| 68 *username = chromeos::UserManager::Get()->logged_in_user().email(); | 173 *username = chromeos::UserManager::Get()->logged_in_user().email(); |
| (...skipping 10 matching lines...) Expand all Loading... |
| 79 // Reset registration flag, so we only attempt registration once. | 184 // Reset registration flag, so we only attempt registration once. |
| 80 should_register_ = false; | 185 should_register_ = false; |
| 81 | 186 |
| 82 device_token_ = token; | 187 device_token_ = token; |
| 83 NotifyDeviceTokenChanged(); | 188 NotifyDeviceTokenChanged(); |
| 84 } | 189 } |
| 85 | 190 |
| 86 void DevicePolicyIdentityStrategy::CheckAndTriggerFetch() { | 191 void DevicePolicyIdentityStrategy::CheckAndTriggerFetch() { |
| 87 std::string username; | 192 std::string username; |
| 88 std::string auth_token; | 193 std::string auth_token; |
| 89 if (GetCredentials(&username, &auth_token)) | 194 if (GetCredentials(&username, &auth_token)) { |
| 195 device_id_ = guid::GenerateGUID(); |
| 90 NotifyAuthChanged(); | 196 NotifyAuthChanged(); |
| 197 } |
| 91 } | 198 } |
| 92 | 199 |
| 93 void DevicePolicyIdentityStrategy::Observe(NotificationType type, | 200 void DevicePolicyIdentityStrategy::Observe(NotificationType type, |
| 94 const NotificationSource& source, | 201 const NotificationSource& source, |
| 95 const NotificationDetails& details) { | 202 const NotificationDetails& details) { |
| 96 if (type == NotificationType::TOKEN_AVAILABLE) { | 203 if (type == NotificationType::TOKEN_AVAILABLE) { |
| 97 const TokenService::TokenAvailableDetails* token_details = | 204 const TokenService::TokenAvailableDetails* token_details = |
| 98 Details<const TokenService::TokenAvailableDetails>(details).ptr(); | 205 Details<const TokenService::TokenAvailableDetails>(details).ptr(); |
| 99 if (token_details->service() == GaiaConstants::kDeviceManagementService) | 206 if (token_details->service() == GaiaConstants::kDeviceManagementService) |
| 100 CheckAndTriggerFetch(); | 207 CheckAndTriggerFetch(); |
| 101 } else if (type == NotificationType::LOGIN_USER_CHANGED) { | 208 } else if (type == NotificationType::LOGIN_USER_CHANGED) { |
| 102 should_register_ = false; | 209 should_register_ = false; |
| 103 CheckAndTriggerFetch(); | 210 CheckOwnershipAndTriggerFetch(); |
| 104 } else if (type == NotificationType::OWNERSHIP_TAKEN) { | 211 } else if (type == NotificationType::OWNERSHIP_TAKEN) { |
| 105 should_register_ = true; | 212 should_register_ = true; |
| 106 CheckAndTriggerFetch(); | 213 CheckOwnershipAndTriggerFetch(); |
| 107 } else if (type == NotificationType::OWNER_KEY_FETCH_ATTEMPT_SUCCEEDED) { | 214 } else if (type == NotificationType::OWNER_KEY_FETCH_ATTEMPT_SUCCEEDED) { |
| 108 CheckAndTriggerFetch(); | 215 CheckAndTriggerFetch(); |
| 109 } else { | 216 } else { |
| 110 NOTREACHED(); | 217 NOTREACHED(); |
| 111 } | 218 } |
| 112 } | 219 } |
| 113 | 220 |
| 114 } // namespace policy | 221 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6537020:
Update policy backend and testserver for the newest policy protocol (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src