Chromium Code Reviews Chromium Code Reviews
Issue 9403010:
Add support for kiosk mode on the client. Make sure the settings are written in the lockbox. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/device_token_fetcher.h" | 5 #include "chrome/browser/policy/device_token_fetcher.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/time.h" | 11 #include "base/time.h" |
| 12 #include "chrome/browser/policy/cloud_policy_cache_base.h" | 12 #include "chrome/browser/policy/cloud_policy_cache_base.h" |
| 13 #include "chrome/browser/policy/cloud_policy_constants.h" | 13 #include "chrome/browser/policy/cloud_policy_constants.h" |
| 14 #include "chrome/browser/policy/cloud_policy_data_store.h" | 14 #include "chrome/browser/policy/cloud_policy_data_store.h" |
| 15 #include "chrome/browser/policy/delayed_work_scheduler.h" | 15 #include "chrome/browser/policy/delayed_work_scheduler.h" |
| 16 #include "chrome/browser/policy/device_management_service.h" | 16 #include "chrome/browser/policy/device_management_service.h" |
| 17 #include "chrome/browser/policy/enterprise_install_attributes.h" | |
| 17 #include "chrome/browser/policy/enterprise_metrics.h" | 18 #include "chrome/browser/policy/enterprise_metrics.h" |
| 18 #include "chrome/browser/policy/policy_notifier.h" | 19 #include "chrome/browser/policy/policy_notifier.h" |
| 19 #include "chrome/browser/policy/proto/device_management_local.pb.h" | 20 #include "chrome/browser/policy/proto/device_management_local.pb.h" |
| 20 | 21 |
| 22 namespace em = enterprise_management; | |
| 23 | |
| 21 namespace policy { | 24 namespace policy { |
| 22 | 25 |
| 23 namespace { | 26 namespace { |
| 24 | 27 |
| 25 // Retry after 5 minutes (with exponential backoff) after token fetch errors. | 28 // Retry after 5 minutes (with exponential backoff) after token fetch errors. |
| 26 const int64 kTokenFetchErrorDelayMilliseconds = 5 * 60 * 1000; | 29 const int64 kTokenFetchErrorDelayMilliseconds = 5 * 60 * 1000; |
| 27 // Retry after max 3 hours after token fetch errors. | 30 // Retry after max 3 hours after token fetch errors. |
| 28 const int64 kTokenFetchErrorMaxDelayMilliseconds = 3 * 60 * 60 * 1000; | 31 const int64 kTokenFetchErrorMaxDelayMilliseconds = 3 * 60 * 60 * 1000; |
| 29 // For unmanaged devices, check once per day whether they're still unmanaged. | 32 // For unmanaged devices, check once per day whether they're still unmanaged. |
| 30 const int64 kUnmanagedDeviceRefreshRateMilliseconds = 24 * 60 * 60 * 1000; | 33 const int64 kUnmanagedDeviceRefreshRateMilliseconds = 24 * 60 * 60 * 1000; |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 64 case DM_STATUS_HTTP_STATUS_ERROR: | 67 case DM_STATUS_HTTP_STATUS_ERROR: |
| 65 sample = kMetricTokenFetchServerFailed; | 68 sample = kMetricTokenFetchServerFailed; |
| 66 break; | 69 break; |
| 67 } | 70 } |
| 68 if (sample != -1) | 71 if (sample != -1) |
| 69 UMA_HISTOGRAM_ENUMERATION(kMetricToken, sample, kMetricTokenSize); | 72 UMA_HISTOGRAM_ENUMERATION(kMetricToken, sample, kMetricTokenSize); |
| 70 else | 73 else |
| 71 NOTREACHED(); | 74 NOTREACHED(); |
| 72 } | 75 } |
| 73 | 76 |
| 77 // Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used | |
| 78 // internally throughout ChromeOS to represent different device modes. | |
| 79 CloudPolicyDataStore::DeviceMode TranslateProtobufDeviceMode( | |
| 80 em::DeviceRegisterResponse::DeviceMode mode) { | |
| 81 switch (mode) { | |
| 82 case em::DeviceRegisterResponse::ENTERPRISE: | |
| 83 return CloudPolicyDataStore::DEVICE_MODE_ENTERPRISE; | |
| 84 case em::DeviceRegisterResponse::KIOSK: | |
| 85 return CloudPolicyDataStore::DEVICE_MODE_KIOSK; | |
| 86 } | |
| 87 LOG(ERROR) << "Unknown enrollment mode in registration response: " << mode; | |
| 88 return CloudPolicyDataStore::DEVICE_MODE_UNKNOWN; | |
| 89 } | |
| 90 | |
| 74 } // namespace | 91 } // namespace |
| 75 | 92 |
| 76 namespace em = enterprise_management; | |
| 77 | |
| 78 DeviceTokenFetcher::DeviceTokenFetcher( | 93 DeviceTokenFetcher::DeviceTokenFetcher( |
| 79 DeviceManagementService* service, | 94 DeviceManagementService* service, |
| 80 CloudPolicyCacheBase* cache, | 95 CloudPolicyCacheBase* cache, |
| 81 CloudPolicyDataStore* data_store, | 96 CloudPolicyDataStore* data_store, |
| 82 PolicyNotifier* notifier) | 97 PolicyNotifier* notifier) |
| 83 : effective_token_fetch_error_delay_ms_( | 98 : effective_token_fetch_error_delay_ms_( |
| 84 kTokenFetchErrorDelayMilliseconds) { | 99 kTokenFetchErrorDelayMilliseconds) { |
| 85 Initialize(service, | 100 Initialize(service, |
| 86 cache, | 101 cache, |
| 87 data_store, | 102 data_store, |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 180 | 195 |
| 181 SampleErrorStatus(status); | 196 SampleErrorStatus(status); |
| 182 | 197 |
| 183 switch (status) { | 198 switch (status) { |
| 184 case DM_STATUS_SUCCESS: { | 199 case DM_STATUS_SUCCESS: { |
| 185 const em::DeviceRegisterResponse& register_response = | 200 const em::DeviceRegisterResponse& register_response = |
| 186 response.register_response(); | 201 response.register_response(); |
| 187 if (register_response.has_device_management_token()) { | 202 if (register_response.has_device_management_token()) { |
| 188 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchOK, | 203 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchOK, |
| 189 kMetricTokenSize); | 204 kMetricTokenSize); |
| 205 | |
| 206 if (data_store_->policy_register_type() == | |
| 207 em::DeviceRegisterRequest::DEVICE) { | |
|
Mattias Nissler (ping if slow)
2012/02/20 12:22:54
indent by 4
pastarmovj
2012/02/20 14:26:30
Done.
| |
| 208 // TODO(pastarmovj): Default to DEVICE_MODE_UNKNOWN once the DM server | |
|
Mattias Nissler (ping if slow)
2012/02/20 12:22:54
s/the//
pastarmovj
2012/02/20 14:26:30
Done.
| |
| 209 // has been updated. http://crosbug.com/26624 | |
| 210 CloudPolicyDataStore::DeviceMode mode = | |
| 211 CloudPolicyDataStore::DEVICE_MODE_ENTERPRISE; | |
| 212 if (register_response.has_enrollment_type()) { | |
| 213 mode = TranslateProtobufDeviceMode( | |
| 214 register_response.enrollment_type()); | |
| 215 } | |
| 216 if (mode == CloudPolicyDataStore::DEVICE_MODE_UNKNOWN) { | |
| 217 LOG(ERROR) << "Enrollment mode missing or unknown!"; | |
| 218 SetState(STATE_BAD_ENROLLMENT_MODE); | |
| 219 return; | |
| 220 } | |
| 221 data_store_->set_device_mode(mode); | |
| 222 } | |
| 190 data_store_->SetDeviceToken(register_response.device_management_token(), | 223 data_store_->SetDeviceToken(register_response.device_management_token(), |
| 191 false); | 224 false); |
| 192 SetState(STATE_TOKEN_AVAILABLE); | 225 SetState(STATE_TOKEN_AVAILABLE); |
| 193 } else { | 226 } else { |
| 194 NOTREACHED(); | 227 NOTREACHED(); |
| 195 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchBadResponse, | 228 UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchBadResponse, |
| 196 kMetricTokenSize); | 229 kMetricTokenSize); |
| 197 SetState(STATE_ERROR); | 230 SetState(STATE_ERROR); |
| 198 } | 231 } |
| 199 return; | 232 return; |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 244 case STATE_TOKEN_AVAILABLE: | 277 case STATE_TOKEN_AVAILABLE: |
| 245 notifier_->Inform(CloudPolicySubsystem::SUCCESS, | 278 notifier_->Inform(CloudPolicySubsystem::SUCCESS, |
| 246 CloudPolicySubsystem::NO_DETAILS, | 279 CloudPolicySubsystem::NO_DETAILS, |
| 247 PolicyNotifier::TOKEN_FETCHER); | 280 PolicyNotifier::TOKEN_FETCHER); |
| 248 break; | 281 break; |
| 249 case STATE_BAD_SERIAL: | 282 case STATE_BAD_SERIAL: |
| 250 notifier_->Inform(CloudPolicySubsystem::UNENROLLED, | 283 notifier_->Inform(CloudPolicySubsystem::UNENROLLED, |
| 251 CloudPolicySubsystem::BAD_SERIAL_NUMBER, | 284 CloudPolicySubsystem::BAD_SERIAL_NUMBER, |
| 252 PolicyNotifier::TOKEN_FETCHER); | 285 PolicyNotifier::TOKEN_FETCHER); |
| 253 break; | 286 break; |
| 287 case STATE_BAD_ENROLLMENT_MODE: | |
| 288 notifier_->Inform(CloudPolicySubsystem::UNENROLLED, | |
| 289 CloudPolicySubsystem::BAD_ENROLLMENT_MODE, | |
| 290 PolicyNotifier::TOKEN_FETCHER); | |
| 291 break; | |
| 254 case STATE_UNMANAGED: | 292 case STATE_UNMANAGED: |
| 255 delayed_work_at = cache_->last_policy_refresh_time() + | 293 delayed_work_at = cache_->last_policy_refresh_time() + |
| 256 base::TimeDelta::FromMilliseconds( | 294 base::TimeDelta::FromMilliseconds( |
| 257 kUnmanagedDeviceRefreshRateMilliseconds); | 295 kUnmanagedDeviceRefreshRateMilliseconds); |
| 258 notifier_->Inform(CloudPolicySubsystem::UNMANAGED, | 296 notifier_->Inform(CloudPolicySubsystem::UNMANAGED, |
| 259 CloudPolicySubsystem::NO_DETAILS, | 297 CloudPolicySubsystem::NO_DETAILS, |
| 260 PolicyNotifier::TOKEN_FETCHER); | 298 PolicyNotifier::TOKEN_FETCHER); |
| 261 break; | 299 break; |
| 262 case STATE_TEMPORARY_ERROR: | 300 case STATE_TEMPORARY_ERROR: |
| 263 delayed_work_at = base::Time::Now() + | 301 delayed_work_at = base::Time::Now() + |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 299 // Inform the cache if a token fetch attempt has failed. | 337 // Inform the cache if a token fetch attempt has failed. |
| 300 if (state_ != STATE_INACTIVE && state_ != STATE_TOKEN_AVAILABLE) | 338 if (state_ != STATE_INACTIVE && state_ != STATE_TOKEN_AVAILABLE) |
| 301 cache_->SetFetchingDone(); | 339 cache_->SetFetchingDone(); |
| 302 } | 340 } |
| 303 | 341 |
| 304 void DeviceTokenFetcher::DoWork() { | 342 void DeviceTokenFetcher::DoWork() { |
| 305 switch (state_) { | 343 switch (state_) { |
| 306 case STATE_INACTIVE: | 344 case STATE_INACTIVE: |
| 307 case STATE_TOKEN_AVAILABLE: | 345 case STATE_TOKEN_AVAILABLE: |
| 308 case STATE_BAD_SERIAL: | 346 case STATE_BAD_SERIAL: |
| 347 case STATE_BAD_ENROLLMENT_MODE: | |
| 309 break; | 348 break; |
| 310 case STATE_UNMANAGED: | 349 case STATE_UNMANAGED: |
| 311 case STATE_ERROR: | 350 case STATE_ERROR: |
| 312 case STATE_TEMPORARY_ERROR: | 351 case STATE_TEMPORARY_ERROR: |
| 313 case STATE_BAD_AUTH: | 352 case STATE_BAD_AUTH: |
| 314 FetchTokenInternal(); | 353 FetchTokenInternal(); |
| 315 break; | 354 break; |
| 316 } | 355 } |
| 317 } | 356 } |
| 318 | 357 |
| 319 } // namespace policy | 358 } // namespace policy |
| OLD | NEW |
