| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/metrics/sparse_histogram.h" | 11 #include "base/metrics/sparse_histogram.h" |
| 12 #include "base/sequenced_task_runner.h" | 12 #include "base/sequenced_task_runner.h" |
| 13 #include "base/values.h" | 13 #include "base/values.h" |
| 14 #include "chrome/browser/browser_process.h" | 14 #include "chrome/browser/browser_process.h" |
| 15 #include "chrome/browser/chromeos/login/helper.h" | 15 #include "chrome/browser/chromeos/login/helper.h" |
| 16 #include "chrome/browser/chromeos/login/session/user_session_manager.h" |
| 16 #include "chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.h" | 17 #include "chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.h" |
| 17 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chrom
eos.h" | 18 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chrom
eos.h" |
| 18 #include "chrome/browser/chromeos/policy/wildcard_login_checker.h" | 19 #include "chrome/browser/chromeos/policy/wildcard_login_checker.h" |
| 19 #include "chrome/browser/lifetime/application_lifetime.h" | 20 #include "chrome/browser/lifetime/application_lifetime.h" |
| 20 #include "chrome/common/chrome_content_client.h" | 21 #include "chrome/common/chrome_content_client.h" |
| 21 #include "components/policy/core/common/cloud/cloud_external_data_manager.h" | 22 #include "components/policy/core/common/cloud/cloud_external_data_manager.h" |
| 22 #include "components/policy/core/common/cloud/cloud_policy_refresh_scheduler.h" | 23 #include "components/policy/core/common/cloud/cloud_policy_refresh_scheduler.h" |
| 23 #include "components/policy/core/common/cloud/device_management_service.h" | 24 #include "components/policy/core/common/cloud/device_management_service.h" |
| 24 #include "components/policy/core/common/cloud/system_policy_request_context.h" | 25 #include "components/policy/core/common/cloud/system_policy_request_context.h" |
| 25 #include "components/policy/core/common/policy_map.h" | 26 #include "components/policy/core/common/policy_map.h" |
| (...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 205 // In that case, the signin Profile is used to authenticate a Gaia request to | 206 // In that case, the signin Profile is used to authenticate a Gaia request to |
| 206 // fetch a refresh token, and then the policy token is fetched. | 207 // fetch a refresh token, and then the policy token is fetched. |
| 207 // | 208 // |
| 208 // If |wait_for_policy_fetch_| is false then the UserCloudPolicyTokenForwarder | 209 // If |wait_for_policy_fetch_| is false then the UserCloudPolicyTokenForwarder |
| 209 // service will eventually call OnAccessTokenAvailable() once an access token | 210 // service will eventually call OnAccessTokenAvailable() once an access token |
| 210 // is available. That call may have already happened while waiting for | 211 // is available. That call may have already happened while waiting for |
| 211 // initialization of the CloudPolicyService, so in that case check if an | 212 // initialization of the CloudPolicyService, so in that case check if an |
| 212 // access token is already available. | 213 // access token is already available. |
| 213 if (!client()->is_registered()) { | 214 if (!client()->is_registered()) { |
| 214 if (wait_for_policy_fetch_) { | 215 if (wait_for_policy_fetch_) { |
| 215 FetchPolicyOAuthTokenUsingSigninContext(); | 216 FetchPolicyOAuthToken(); |
| 216 } else if (!access_token_.empty()) { | 217 } else if (!access_token_.empty()) { |
| 217 OnAccessTokenAvailable(access_token_); | 218 OnAccessTokenAvailable(access_token_); |
| 218 } | 219 } |
| 219 } | 220 } |
| 220 | 221 |
| 221 if (!wait_for_policy_fetch_) { | 222 if (!wait_for_policy_fetch_) { |
| 222 // If this isn't blocking on a policy fetch then | 223 // If this isn't blocking on a policy fetch then |
| 223 // CloudPolicyManager::OnStoreLoaded() already published the cached policy. | 224 // CloudPolicyManager::OnStoreLoaded() already published the cached policy. |
| 224 // Start the refresh scheduler now, which will eventually refresh the | 225 // Start the refresh scheduler now, which will eventually refresh the |
| 225 // cached policy or make the first fetch once the OAuth2 token is | 226 // cached policy or make the first fetch once the OAuth2 token is |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 279 CloudPolicyManager::GetChromePolicy(policy_map); | 280 CloudPolicyManager::GetChromePolicy(policy_map); |
| 280 | 281 |
| 281 // If the store has a verified policy blob received from the server then apply | 282 // If the store has a verified policy blob received from the server then apply |
| 282 // the defaults for policies that haven't been configured by the administrator | 283 // the defaults for policies that haven't been configured by the administrator |
| 283 // given that this is an enterprise user. | 284 // given that this is an enterprise user. |
| 284 if (!store()->has_policy()) | 285 if (!store()->has_policy()) |
| 285 return; | 286 return; |
| 286 SetEnterpriseUsersDefaults(policy_map); | 287 SetEnterpriseUsersDefaults(policy_map); |
| 287 } | 288 } |
| 288 | 289 |
| 289 void UserCloudPolicyManagerChromeOS::FetchPolicyOAuthTokenUsingSigninContext() { | 290 void UserCloudPolicyManagerChromeOS::FetchPolicyOAuthToken() { |
| 291 const std::string& refresh_token = chromeos::UserSessionManager::GetInstance() |
| 292 ->user_context() |
| 293 .GetRefreshToken(); |
| 294 if (!refresh_token.empty()) { |
| 295 token_fetcher_.reset(new PolicyOAuth2TokenFetcher( |
| 296 std::string(), g_browser_process->system_request_context(), |
| 297 base::Bind(&UserCloudPolicyManagerChromeOS::OnOAuth2PolicyTokenFetched, |
| 298 base::Unretained(this)))); |
| 299 token_fetcher_->StartWithRefreshToken(refresh_token); |
| 300 return; |
| 301 } |
| 302 |
| 290 scoped_refptr<net::URLRequestContextGetter> signin_context = | 303 scoped_refptr<net::URLRequestContextGetter> signin_context = |
| 291 chromeos::login::GetSigninContext(); | 304 chromeos::login::GetSigninContext(); |
| 292 if (!signin_context.get()) { | 305 if (!signin_context.get()) { |
| 293 LOG(ERROR) << "No signin context for policy oauth token fetch!"; | 306 LOG(ERROR) << "No signin context for policy oauth token fetch!"; |
| 294 OnOAuth2PolicyTokenFetched( | 307 OnOAuth2PolicyTokenFetched( |
| 295 std::string(), GoogleServiceAuthError(GoogleServiceAuthError::NONE)); | 308 std::string(), GoogleServiceAuthError(GoogleServiceAuthError::NONE)); |
| 296 return; | 309 return; |
| 297 } | 310 } |
| 298 | 311 |
| 299 token_fetcher_.reset(new PolicyOAuth2TokenFetcher( | 312 token_fetcher_.reset(new PolicyOAuth2TokenFetcher( |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 386 // OnComponentCloudPolicyUpdated() once it's ready. | 399 // OnComponentCloudPolicyUpdated() once it's ready. |
| 387 return; | 400 return; |
| 388 } | 401 } |
| 389 | 402 |
| 390 core()->StartRefreshScheduler(); | 403 core()->StartRefreshScheduler(); |
| 391 core()->TrackRefreshDelayPref(local_state_, | 404 core()->TrackRefreshDelayPref(local_state_, |
| 392 policy_prefs::kUserPolicyRefreshRate); | 405 policy_prefs::kUserPolicyRefreshRate); |
| 393 } | 406 } |
| 394 | 407 |
| 395 } // namespace policy | 408 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1108983002:
Fetch policy with refresh token. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master