| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/device_token_fetcher.h" | 5 #include "chrome/browser/policy/device_token_fetcher.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/time.h" | 11 #include "base/time.h" |
| 12 #include "chrome/browser/policy/cloud_policy_cache_base.h" | 12 #include "chrome/browser/policy/cloud_policy_cache_base.h" |
| 13 #include "chrome/browser/policy/cloud_policy_constants.h" |
| 13 #include "chrome/browser/policy/cloud_policy_data_store.h" | 14 #include "chrome/browser/policy/cloud_policy_data_store.h" |
| 14 #include "chrome/browser/policy/delayed_work_scheduler.h" | 15 #include "chrome/browser/policy/delayed_work_scheduler.h" |
| 15 #include "chrome/browser/policy/device_management_service.h" | 16 #include "chrome/browser/policy/device_management_service.h" |
| 16 #include "chrome/browser/policy/enterprise_metrics.h" | 17 #include "chrome/browser/policy/enterprise_metrics.h" |
| 17 #include "chrome/browser/policy/policy_notifier.h" | 18 #include "chrome/browser/policy/policy_notifier.h" |
| 18 #include "chrome/browser/policy/proto/device_management_constants.h" | |
| 19 #include "chrome/browser/policy/proto/device_management_local.pb.h" | 19 #include "chrome/browser/policy/proto/device_management_local.pb.h" |
| 20 | 20 |
| 21 namespace { | 21 namespace { |
| 22 | 22 |
| 23 // Retry after 5 minutes (with exponential backoff) after token fetch errors. | 23 // Retry after 5 minutes (with exponential backoff) after token fetch errors. |
| 24 const int64 kTokenFetchErrorDelayMilliseconds = 5 * 60 * 1000; | 24 const int64 kTokenFetchErrorDelayMilliseconds = 5 * 60 * 1000; |
| 25 // Retry after max 3 hours after token fetch errors. | 25 // Retry after max 3 hours after token fetch errors. |
| 26 const int64 kTokenFetchErrorMaxDelayMilliseconds = 3 * 60 * 60 * 1000; | 26 const int64 kTokenFetchErrorMaxDelayMilliseconds = 3 * 60 * 60 * 1000; |
| 27 // For unmanaged devices, check once per day whether they're still unmanaged. | 27 // For unmanaged devices, check once per day whether they're still unmanaged. |
| 28 const int64 kUnmanagedDeviceRefreshRateMilliseconds = 24 * 60 * 60 * 1000; | 28 const int64 kUnmanagedDeviceRefreshRateMilliseconds = 24 * 60 * 60 * 1000; |
| (...skipping 27 matching lines...) Expand all Loading... |
| 56 | 56 |
| 57 DeviceTokenFetcher::~DeviceTokenFetcher() { | 57 DeviceTokenFetcher::~DeviceTokenFetcher() { |
| 58 scheduler_->CancelDelayedWork(); | 58 scheduler_->CancelDelayedWork(); |
| 59 } | 59 } |
| 60 | 60 |
| 61 void DeviceTokenFetcher::FetchToken() { | 61 void DeviceTokenFetcher::FetchToken() { |
| 62 SetState(STATE_INACTIVE); | 62 SetState(STATE_INACTIVE); |
| 63 FetchTokenInternal(); | 63 FetchTokenInternal(); |
| 64 } | 64 } |
| 65 | 65 |
| 66 void DeviceTokenFetcher::FetchTokenInternal() { | |
| 67 DCHECK(state_ != STATE_TOKEN_AVAILABLE); | |
| 68 if (!data_store_->has_auth_token() || data_store_->device_id().empty()) { | |
| 69 // Maybe this device is unmanaged, just exit. The CloudPolicyController | |
| 70 // will call FetchToken() again if something changes. | |
| 71 return; | |
| 72 } | |
| 73 // Construct a new backend, which will discard any previous requests. | |
| 74 backend_.reset(service_->CreateBackend()); | |
| 75 em::DeviceRegisterRequest request; | |
| 76 request.set_type(data_store_->policy_register_type()); | |
| 77 if (!data_store_->machine_id().empty()) | |
| 78 request.set_machine_id(data_store_->machine_id()); | |
| 79 if (!data_store_->machine_model().empty()) | |
| 80 request.set_machine_model(data_store_->machine_model()); | |
| 81 backend_->ProcessRegisterRequest(data_store_->gaia_token(), | |
| 82 data_store_->oauth_token(), | |
| 83 data_store_->device_id(), | |
| 84 request, this); | |
| 85 } | |
| 86 | |
| 87 void DeviceTokenFetcher::SetUnmanagedState() { | 66 void DeviceTokenFetcher::SetUnmanagedState() { |
| 88 // The call to |cache_->SetUnmanaged()| has to happen first because it sets | 67 // The call to |cache_->SetUnmanaged()| has to happen first because it sets |
| 89 // the timestamp that |SetState()| needs to determine the correct refresh | 68 // the timestamp that |SetState()| needs to determine the correct refresh |
| 90 // time. | 69 // time. |
| 91 cache_->SetUnmanaged(); | 70 cache_->SetUnmanaged(); |
| 92 SetState(STATE_UNMANAGED); | 71 SetState(STATE_UNMANAGED); |
| 93 } | 72 } |
| 94 | 73 |
| 95 void DeviceTokenFetcher::SetSerialNumberInvalidState() { | 74 void DeviceTokenFetcher::SetSerialNumberInvalidState() { |
| 96 SetState(STATE_BAD_SERIAL); | 75 SetState(STATE_BAD_SERIAL); |
| 97 } | 76 } |
| 98 | 77 |
| 99 void DeviceTokenFetcher::Reset() { | 78 void DeviceTokenFetcher::Reset() { |
| 100 SetState(STATE_INACTIVE); | 79 SetState(STATE_INACTIVE); |
| 101 } | 80 } |
| 102 | 81 |
| 103 void DeviceTokenFetcher::HandleRegisterResponse( | 82 void DeviceTokenFetcher::Initialize(DeviceManagementService* service, |
| 104 const em::DeviceRegisterResponse& response) { | 83 CloudPolicyCacheBase* cache, |
| 105 if (response.has_device_management_token()) { | 84 CloudPolicyDataStore* data_store, |
| 106 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchOK, | 85 PolicyNotifier* notifier, |
| 107 kMetricTokenSize); | 86 DelayedWorkScheduler* scheduler) { |
| 108 data_store_->SetDeviceToken(response.device_management_token(), false); | 87 service_ = service; |
| 109 SetState(STATE_TOKEN_AVAILABLE); | 88 cache_ = cache; |
| 110 } else { | 89 notifier_ = notifier; |
| 111 NOTREACHED(); | 90 data_store_ = data_store; |
| 112 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchBadResponse, | 91 effective_token_fetch_error_delay_ms_ = kTokenFetchErrorDelayMilliseconds; |
| 113 kMetricTokenSize); | 92 state_ = STATE_INACTIVE; |
| 114 SetState(STATE_ERROR); | 93 scheduler_.reset(scheduler); |
| 115 } | 94 |
| 95 if (cache_->is_unmanaged()) |
| 96 SetState(STATE_UNMANAGED); |
| 116 } | 97 } |
| 117 | 98 |
| 118 void DeviceTokenFetcher::OnError(DeviceManagementBackend::ErrorCode code) { | 99 void DeviceTokenFetcher::FetchTokenInternal() { |
| 119 switch (code) { | 100 DCHECK(state_ != STATE_TOKEN_AVAILABLE); |
| 120 case DeviceManagementBackend::kErrorServiceManagementNotSupported: | 101 if (!data_store_->has_auth_token() || data_store_->device_id().empty()) { |
| 102 // Maybe this device is unmanaged, just exit. The CloudPolicyController |
| 103 // will call FetchToken() again if something changes. |
| 104 return; |
| 105 } |
| 106 // Reinitialize |request_job_|, discarding any previous requests. |
| 107 request_job_.reset( |
| 108 service_->CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)); |
| 109 request_job_->SetGaiaToken(data_store_->gaia_token()); |
| 110 request_job_->SetOAuthToken(data_store_->oauth_token()); |
| 111 request_job_->SetClientID(data_store_->device_id()); |
| 112 em::DeviceRegisterRequest* request = |
| 113 request_job_->GetRequest()->mutable_register_request(); |
| 114 request->set_type(data_store_->policy_register_type()); |
| 115 if (!data_store_->machine_id().empty()) |
| 116 request->set_machine_id(data_store_->machine_id()); |
| 117 if (!data_store_->machine_model().empty()) |
| 118 request->set_machine_model(data_store_->machine_model()); |
| 119 request_job_->Start(base::Bind(&DeviceTokenFetcher::OnTokenFetchCompleted, |
| 120 base::Unretained(this))); |
| 121 } |
| 122 |
| 123 void DeviceTokenFetcher::OnTokenFetchCompleted( |
| 124 DeviceManagementStatus status, |
| 125 const em::DeviceManagementResponse& response) { |
| 126 if (status == DM_STATUS_SUCCESS && !response.has_register_response()) { |
| 127 // Handled below. |
| 128 status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| 129 } |
| 130 |
| 131 switch (status) { |
| 132 case DM_STATUS_SUCCESS: { |
| 133 const em::DeviceRegisterResponse& register_response = |
| 134 response.register_response(); |
| 135 if (register_response.has_device_management_token()) { |
| 136 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchOK, |
| 137 kMetricTokenSize); |
| 138 data_store_->SetDeviceToken(register_response.device_management_token(), |
| 139 false); |
| 140 SetState(STATE_TOKEN_AVAILABLE); |
| 141 } else { |
| 142 NOTREACHED(); |
| 143 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchBadResponse, |
| 144 kMetricTokenSize); |
| 145 SetState(STATE_ERROR); |
| 146 } |
| 147 return; |
| 148 } |
| 149 case DM_STATUS_SERVICE_MANAGEMENT_NOT_SUPPORTED: |
| 121 SetUnmanagedState(); | 150 SetUnmanagedState(); |
| 122 return; | 151 return; |
| 123 case DeviceManagementBackend::kErrorRequestFailed: | 152 case DM_STATUS_REQUEST_FAILED: |
| 124 case DeviceManagementBackend::kErrorTemporaryUnavailable: | 153 case DM_STATUS_TEMPORARY_UNAVAILABLE: |
| 125 case DeviceManagementBackend::kErrorServiceDeviceNotFound: | 154 case DM_STATUS_SERVICE_DEVICE_NOT_FOUND: |
| 126 case DeviceManagementBackend::kErrorServiceDeviceIdConflict: | 155 case DM_STATUS_SERVICE_DEVICE_ID_CONFLICT: |
| 127 SetState(STATE_TEMPORARY_ERROR); | 156 SetState(STATE_TEMPORARY_ERROR); |
| 128 return; | 157 return; |
| 129 case DeviceManagementBackend::kErrorServiceManagementTokenInvalid: | 158 case DM_STATUS_SERVICE_MANAGEMENT_TOKEN_INVALID: |
| 130 // Most probably the GAIA auth cookie has expired. We can not do anything | 159 // Most probably the GAIA auth cookie has expired. We can not do anything |
| 131 // until the user logs-in again. | 160 // until the user logs-in again. |
| 132 SetState(STATE_BAD_AUTH); | 161 SetState(STATE_BAD_AUTH); |
| 133 return; | 162 return; |
| 134 case DeviceManagementBackend::kErrorServiceInvalidSerialNumber: | 163 case DM_STATUS_SERVICE_INVALID_SERIAL_NUMBER: |
| 135 SetSerialNumberInvalidState(); | 164 SetSerialNumberInvalidState(); |
| 136 return; | 165 return; |
| 137 case DeviceManagementBackend::kErrorRequestInvalid: | 166 case DM_STATUS_REQUEST_INVALID: |
| 138 case DeviceManagementBackend::kErrorHttpStatus: | 167 case DM_STATUS_HTTP_STATUS_ERROR: |
| 139 case DeviceManagementBackend::kErrorResponseDecoding: | 168 case DM_STATUS_RESPONSE_DECODING_ERROR: |
| 140 case DeviceManagementBackend::kErrorServiceActivationPending: | 169 case DM_STATUS_SERVICE_ACTIVATION_PENDING: |
| 141 case DeviceManagementBackend::kErrorServicePolicyNotFound: | 170 case DM_STATUS_SERVICE_POLICY_NOT_FOUND: |
| 142 SetState(STATE_ERROR); | 171 SetState(STATE_ERROR); |
| 143 return; | 172 return; |
| 144 } | 173 } |
| 145 NOTREACHED(); | 174 NOTREACHED(); |
| 146 SetState(STATE_ERROR); | 175 SetState(STATE_ERROR); |
| 147 } | 176 } |
| 148 | 177 |
| 149 void DeviceTokenFetcher::Initialize(DeviceManagementService* service, | |
| 150 CloudPolicyCacheBase* cache, | |
| 151 CloudPolicyDataStore* data_store, | |
| 152 PolicyNotifier* notifier, | |
| 153 DelayedWorkScheduler* scheduler) { | |
| 154 service_ = service; | |
| 155 cache_ = cache; | |
| 156 notifier_ = notifier; | |
| 157 data_store_ = data_store; | |
| 158 effective_token_fetch_error_delay_ms_ = kTokenFetchErrorDelayMilliseconds; | |
| 159 state_ = STATE_INACTIVE; | |
| 160 scheduler_.reset(scheduler); | |
| 161 | |
| 162 if (cache_->is_unmanaged()) | |
| 163 SetState(STATE_UNMANAGED); | |
| 164 } | |
| 165 | |
| 166 void DeviceTokenFetcher::SetState(FetcherState state) { | 178 void DeviceTokenFetcher::SetState(FetcherState state) { |
| 167 state_ = state; | 179 state_ = state; |
| 168 if (state_ != STATE_TEMPORARY_ERROR) | 180 if (state_ != STATE_TEMPORARY_ERROR) |
| 169 effective_token_fetch_error_delay_ms_ = kTokenFetchErrorDelayMilliseconds; | 181 effective_token_fetch_error_delay_ms_ = kTokenFetchErrorDelayMilliseconds; |
| 170 | 182 |
| 171 backend_.reset(); // Stop any pending requests. | 183 request_job_.reset(); // Stop any pending requests. |
| 172 | 184 |
| 173 base::Time delayed_work_at; | 185 base::Time delayed_work_at; |
| 174 switch (state_) { | 186 switch (state_) { |
| 175 case STATE_INACTIVE: | 187 case STATE_INACTIVE: |
| 176 notifier_->Inform(CloudPolicySubsystem::UNENROLLED, | 188 notifier_->Inform(CloudPolicySubsystem::UNENROLLED, |
| 177 CloudPolicySubsystem::NO_DETAILS, | 189 CloudPolicySubsystem::NO_DETAILS, |
| 178 PolicyNotifier::TOKEN_FETCHER); | 190 PolicyNotifier::TOKEN_FETCHER); |
| 179 break; | 191 break; |
| 180 case STATE_TOKEN_AVAILABLE: | 192 case STATE_TOKEN_AVAILABLE: |
| 181 notifier_->Inform(CloudPolicySubsystem::SUCCESS, | 193 notifier_->Inform(CloudPolicySubsystem::SUCCESS, |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 246 case STATE_UNMANAGED: | 258 case STATE_UNMANAGED: |
| 247 case STATE_ERROR: | 259 case STATE_ERROR: |
| 248 case STATE_TEMPORARY_ERROR: | 260 case STATE_TEMPORARY_ERROR: |
| 249 case STATE_BAD_AUTH: | 261 case STATE_BAD_AUTH: |
| 250 FetchTokenInternal(); | 262 FetchTokenInternal(); |
| 251 break; | 263 break; |
| 252 } | 264 } |
| 253 } | 265 } |
| 254 | 266 |
| 255 } // namespace policy | 267 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9064006:
Convert DeviceTokenFetcher and CloudPolicyController response callbacks. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src