| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" | 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/callback.h" | 8 #include "base/callback.h" |
| 9 #include "chrome/browser/browser_process.h" | 9 #include "chrome/browser/browser_process.h" |
| 10 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 10 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
| (...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 143 device_settings_service_->GetPublicKey(); | 143 device_settings_service_->GetPublicKey(); |
| 144 if (!key.get() || !key->is_loaded() || !device_policy_data) { | 144 if (!key.get() || !key->is_loaded() || !device_policy_data) { |
| 145 status_ = CloudPolicyStore::STATUS_BAD_STATE; | 145 status_ = CloudPolicyStore::STATUS_BAD_STATE; |
| 146 NotifyStoreLoaded(); | 146 NotifyStoreLoaded(); |
| 147 return; | 147 return; |
| 148 } | 148 } |
| 149 | 149 |
| 150 scoped_ptr<UserCloudPolicyValidator> validator( | 150 scoped_ptr<UserCloudPolicyValidator> validator( |
| 151 UserCloudPolicyValidator::Create(policy_response.Pass(), | 151 UserCloudPolicyValidator::Create(policy_response.Pass(), |
| 152 background_task_runner())); | 152 background_task_runner())); |
| 153 validator->ValidateUsername(account_id_, false); | 153 validator->ValidateUsername(user_manager::UserID::FromUserEmail(account_id_),
false); |
| 154 validator->ValidatePolicyType(dm_protocol::kChromePublicAccountPolicyType); | 154 validator->ValidatePolicyType(dm_protocol::kChromePublicAccountPolicyType); |
| 155 // The timestamp is verified when storing a new policy downloaded from the | 155 // The timestamp is verified when storing a new policy downloaded from the |
| 156 // server but not when loading a cached policy from disk. | 156 // server but not when loading a cached policy from disk. |
| 157 // See SessionManagerOperation::ValidateDeviceSettings for the rationale. | 157 // See SessionManagerOperation::ValidateDeviceSettings for the rationale. |
| 158 validator->ValidateAgainstCurrentPolicy( | 158 validator->ValidateAgainstCurrentPolicy( |
| 159 policy(), | 159 policy(), |
| 160 valid_timestamp_required | 160 valid_timestamp_required |
| 161 ? CloudPolicyValidatorBase::TIMESTAMP_REQUIRED | 161 ? CloudPolicyValidatorBase::TIMESTAMP_REQUIRED |
| 162 : CloudPolicyValidatorBase::TIMESTAMP_NOT_REQUIRED, | 162 : CloudPolicyValidatorBase::TIMESTAMP_NOT_REQUIRED, |
| 163 CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED); | 163 CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED); |
| 164 | 164 |
| 165 // Validate the DMToken to match what device policy has. | 165 // Validate the DMToken to match what device policy has. |
| 166 validator->ValidateDMToken(device_policy_data->request_token(), | 166 validator->ValidateDMToken(device_policy_data->request_token(), |
| 167 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); | 167 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); |
| 168 | 168 |
| 169 validator->ValidatePayload(); | 169 validator->ValidatePayload(); |
| 170 policy::BrowserPolicyConnectorChromeOS* connector = | 170 policy::BrowserPolicyConnectorChromeOS* connector = |
| 171 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | 171 g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
| 172 validator->ValidateSignature(key->as_string(), | 172 validator->ValidateSignature(key->as_string(), |
| 173 GetPolicyVerificationKey(), | 173 GetPolicyVerificationKey(), |
| 174 connector->GetEnterpriseDomain(), | 174 connector->GetEnterpriseDomain(), |
| 175 false); | 175 false); |
| 176 validator.release()->StartValidation(callback); | 176 validator.release()->StartValidation(callback); |
| 177 } | 177 } |
| 178 | 178 |
| 179 } // namespace policy | 179 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1165323004:
We should use UserID object to identify users instead of username.
Base URL: https://chromium.googlesource.com/chromium/src.git@master