Chromium Code Reviews Chromium Code Reviews
Issue 7147015:
Move user cloud policy to BrowserProcess (was 6979011) (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/user_policy_identity_strategy.h" | 5 #include "chrome/browser/policy/user_policy_identity_strategy.h" |
| 6 | 6 |
| 7 #include "chrome/browser/browser_signin.h" | |
| 8 #include "chrome/browser/net/gaia/token_service.h" | |
| 9 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | 7 #include "chrome/browser/policy/proto/device_management_backend.pb.h" |
| 10 #include "chrome/browser/policy/proto/device_management_constants.h" | 8 #include "chrome/browser/policy/proto/device_management_constants.h" |
| 11 #include "chrome/browser/profiles/profile.h" | |
| 12 #include "chrome/common/guid.h" | 9 #include "chrome/common/guid.h" |
| 13 #include "chrome/common/net/gaia/gaia_constants.h" | 10 #include "chrome/common/net/gaia/gaia_constants.h" |
| 14 #include "content/browser/browser_thread.h" | 11 #include "content/browser/browser_thread.h" |
| 15 #include "content/common/notification_details.h" | |
| 16 #include "content/common/notification_service.h" | |
| 17 #include "content/common/notification_source.h" | |
| 18 | |
| 19 #if defined(OS_CHROMEOS) | |
| 20 #include "chrome/browser/chromeos/login/user_manager.h" | |
| 21 #endif | |
| 22 | 12 |
| 23 namespace policy { | 13 namespace policy { |
| 24 | 14 |
| 25 namespace em = enterprise_management; | 15 namespace em = enterprise_management; |
| 26 | 16 |
| 27 UserPolicyIdentityStrategy::UserPolicyIdentityStrategy( | 17 UserPolicyIdentityStrategy::UserPolicyIdentityStrategy( |
| 28 Profile* profile, | 18 const std::string& user_name, |
| 29 const FilePath& cache_file) | 19 const FilePath& cache_file) |
| 30 : profile_(profile), | 20 : cache_loaded_(false), |
| 21 user_name_(user_name), | |
| 31 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)) { | 22 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)) { |
| 32 cache_ = new UserPolicyTokenCache(weak_ptr_factory_.GetWeakPtr(), cache_file); | 23 cache_ = new UserPolicyTokenCache(weak_ptr_factory_.GetWeakPtr(), cache_file); |
| 33 registrar_.Add(this, | |
| 34 NotificationType::TOKEN_AVAILABLE, | |
| 35 Source<TokenService>(profile->GetTokenService())); | |
| 36 | |
| 37 // Register for the event of user login. The device management token won't | |
| 38 // be fetched until we know the domain of the currently logged in user. | |
| 39 #if defined(OS_CHROMEOS) | |
| 40 registrar_.Add(this, | |
| 41 NotificationType::LOGIN_USER_CHANGED, | |
| 42 NotificationService::AllSources()); | |
| 43 #else | |
| 44 registrar_.Add(this, | |
| 45 NotificationType::GOOGLE_SIGNIN_SUCCESSFUL, | |
| 46 Source<Profile>(profile_)); | |
| 47 #endif | |
| 48 } | 24 } |
| 49 | 25 |
| 50 UserPolicyIdentityStrategy::~UserPolicyIdentityStrategy() {} | 26 UserPolicyIdentityStrategy::~UserPolicyIdentityStrategy() {} |
| 51 | 27 |
| 52 void UserPolicyIdentityStrategy::LoadTokenCache() { | 28 void UserPolicyIdentityStrategy::LoadTokenCache() { |
| 53 cache_->Load(); | 29 cache_->Load(); |
| 54 } | 30 } |
| 55 | 31 |
| 56 std::string UserPolicyIdentityStrategy::GetDeviceToken() { | 32 std::string UserPolicyIdentityStrategy::GetDeviceToken() { |
| 57 return device_token_; | 33 return device_token_; |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 73 UserPolicyIdentityStrategy::GetPolicyRegisterType() { | 49 UserPolicyIdentityStrategy::GetPolicyRegisterType() { |
| 74 return em::DeviceRegisterRequest::USER; | 50 return em::DeviceRegisterRequest::USER; |
| 75 } | 51 } |
| 76 | 52 |
| 77 std::string UserPolicyIdentityStrategy::GetPolicyType() { | 53 std::string UserPolicyIdentityStrategy::GetPolicyType() { |
| 78 return kChromeUserPolicyType; | 54 return kChromeUserPolicyType; |
| 79 } | 55 } |
| 80 | 56 |
| 81 bool UserPolicyIdentityStrategy::GetCredentials(std::string* username, | 57 bool UserPolicyIdentityStrategy::GetCredentials(std::string* username, |
| 82 std::string* auth_token) { | 58 std::string* auth_token) { |
| 83 *username = GetCurrentUser(); | 59 *username = user_name_; |
| 84 *auth_token = profile_->GetTokenService()->GetTokenForService( | 60 *auth_token = auth_token_; |
| 85 GaiaConstants::kDeviceManagementService); | |
| 86 | 61 |
| 87 return !username->empty() && !auth_token->empty() && !device_id_.empty(); | 62 return !username->empty() && !auth_token->empty() && !device_id_.empty(); |
| 88 } | 63 } |
| 89 | 64 |
| 90 void UserPolicyIdentityStrategy::OnDeviceTokenAvailable( | 65 void UserPolicyIdentityStrategy::OnDeviceTokenAvailable( |
| 91 const std::string& token) { | 66 const std::string& token) { |
| 92 DCHECK(!device_id_.empty()); | 67 DCHECK(!device_id_.empty()); |
| 93 device_token_ = token; | 68 device_token_ = token; |
| 94 cache_->Store(device_token_, device_id_); | 69 cache_->Store(device_token_, device_id_); |
| 95 NotifyDeviceTokenChanged(); | 70 NotifyDeviceTokenChanged(); |
| 96 } | 71 } |
| 97 | 72 |
| 98 std::string UserPolicyIdentityStrategy::GetCurrentUser() { | |
| 99 #if defined(OS_CHROMEOS) | |
| 100 // TODO(mnissler) On CrOS it seems impossible to figure out what user belongs | |
| 101 // to a profile. Revisit after multi-profile support landed. | |
| 102 return chromeos::UserManager::Get()->logged_in_user().email(); | |
| 103 #else | |
| 104 return profile_->GetBrowserSignin()->GetSignedInUsername(); | |
| 105 #endif | |
| 106 } | |
| 107 | |
| 108 void UserPolicyIdentityStrategy::CheckAndTriggerFetch() { | 73 void UserPolicyIdentityStrategy::CheckAndTriggerFetch() { |
| 109 if (!GetCurrentUser().empty() && | 74 if (!user_name_.empty() && !auth_token_.empty() && cache_loaded_) { |
| 110 profile_->GetTokenService()->HasTokenForService( | |
| 111 GaiaConstants::kDeviceManagementService)) { | |
| 112 // For user tokens, there is no actual identifier. We generate a random | 75 // For user tokens, there is no actual identifier. We generate a random |
| 113 // identifier instead each time we ask for the token. | 76 // identifier instead each time we ask for the token. |
| 77 // This shouldn't be done before the cache is loaded, because there may | |
| 78 // already be a device id and matching device token stored there. | |
| 114 device_id_ = guid::GenerateGUID(); | 79 device_id_ = guid::GenerateGUID(); |
| 115 NotifyAuthChanged(); | 80 NotifyAuthChanged(); |
| 116 } | 81 } |
| 117 } | 82 } |
| 118 | 83 |
| 84 void UserPolicyIdentityStrategy::SetAuthToken(const std::string& auth_token) { | |
| 85 auth_token_ = auth_token; | |
| 86 | |
| 87 // Request a new device management server token, but only in case we | |
| 88 // don't already have it. | |
| 89 if (device_token_.empty()) | |
| 90 CheckAndTriggerFetch(); | |
| 91 } | |
| 92 | |
| 119 void UserPolicyIdentityStrategy::OnTokenCacheLoaded( | 93 void UserPolicyIdentityStrategy::OnTokenCacheLoaded( |
| 120 const std::string& token, | 94 const std::string& token, |
| 121 const std::string& device_id) { | 95 const std::string& device_id) { |
| 96 cache_loaded_ = true; | |
|
Mattias Nissler (ping if slow)
2011/06/24 09:16:46
You should also put a check bails out if cache_loa
gfeher
2011/06/24 15:32:44
I don't understand this. Would you like a line lik
Mattias Nissler (ping if slow)
2011/06/24 17:27:17
Yep.
gfeher
2011/06/27 16:50:24
Done.
| |
| 122 if (!token.empty() && !device_id.empty()) { | 97 if (!token.empty() && !device_id.empty()) { |
| 123 device_token_ = token; | 98 device_token_ = token; |
| 124 device_id_ = device_id; | 99 device_id_ = device_id; |
| 125 NotifyDeviceTokenChanged(); | 100 NotifyDeviceTokenChanged(); |
| 126 } else { | 101 } else { |
| 127 CheckAndTriggerFetch(); | 102 CheckAndTriggerFetch(); |
| 128 } | 103 } |
| 129 } | 104 } |
| 130 | 105 |
| 131 void UserPolicyIdentityStrategy::Observe(NotificationType type, | |
| 132 const NotificationSource& source, | |
| 133 const NotificationDetails& details) { | |
| 134 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 135 if (type == NotificationType::TOKEN_AVAILABLE) { | |
| 136 if (Source<TokenService>(source).ptr() == profile_->GetTokenService()) { | |
| 137 const TokenService::TokenAvailableDetails* token_details = | |
| 138 Details<const TokenService::TokenAvailableDetails>(details).ptr(); | |
| 139 if (token_details->service() == GaiaConstants::kDeviceManagementService) | |
| 140 if (device_token_.empty()) { | |
| 141 // Request a new device management server token, but only in case we | |
| 142 // don't already have it. | |
| 143 CheckAndTriggerFetch(); | |
| 144 } | |
| 145 } | |
| 146 #if defined(OS_CHROMEOS) | |
| 147 } else if (type == NotificationType::LOGIN_USER_CHANGED) { | |
| 148 CheckAndTriggerFetch(); | |
| 149 #else | |
| 150 } else if (type == NotificationType::GOOGLE_SIGNIN_SUCCESSFUL) { | |
| 151 if (profile_ == Source<Profile>(source).ptr()) | |
| 152 CheckAndTriggerFetch(); | |
| 153 #endif | |
| 154 } else { | |
| 155 NOTREACHED(); | |
| 156 } | |
| 157 } | |
| 158 | 106 |
| 159 } // namespace policy | 107 } // namespace policy |
| OLD | NEW |
