| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/cloud/cloud_policy_client.h" | 5 #include "chrome/browser/policy/cloud/cloud_policy_client.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/guid.h" | 8 #include "base/guid.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| 11 #include "chrome/browser/policy/cloud/device_management_service.h" | 11 #include "chrome/browser/policy/cloud/device_management_service.h" |
| 12 #include "google_apis/gaia/gaia_constants.h" |
| 12 | 13 |
| 13 namespace em = enterprise_management; | 14 namespace em = enterprise_management; |
| 14 | 15 |
| 15 namespace policy { | 16 namespace policy { |
| 16 | 17 |
| 17 namespace { | 18 namespace { |
| 18 | 19 |
| 19 // Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used | 20 // Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used |
| 20 // internally to represent different device modes. | 21 // internally to represent different device modes. |
| 21 DeviceMode TranslateProtobufDeviceMode( | 22 DeviceMode TranslateProtobufDeviceMode( |
| (...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 170 request->mutable_session_status_report_request())) { | 171 request->mutable_session_status_report_request())) { |
| 171 request->clear_session_status_report_request(); | 172 request->clear_session_status_report_request(); |
| 172 } | 173 } |
| 173 } | 174 } |
| 174 | 175 |
| 175 // Fire the job. | 176 // Fire the job. |
| 176 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, | 177 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, |
| 177 base::Unretained(this))); | 178 base::Unretained(this))); |
| 178 } | 179 } |
| 179 | 180 |
| 181 void CloudPolicyClient::FetchRobotAuthTokens(const std::string& auth_token) { |
| 182 CHECK(is_registered()); |
| 183 DCHECK(!auth_token.empty()); |
| 184 |
| 185 request_job_.reset(service_->CreateJob( |
| 186 DeviceManagementRequestJob::TYPE_API_AUTH_CODE_FETCH)); |
| 187 // The credentials of a domain user are needed in order to mint a new OAuth2 |
| 188 // authorization token for the robot account. |
| 189 request_job_->SetOAuthToken(auth_token); |
| 190 request_job_->SetClientID(client_id_); |
| 191 |
| 192 em::DeviceServiceApiAccessRequest* request = |
| 193 request_job_->GetRequest()->mutable_service_api_access_request(); |
| 194 request->add_auth_scope(GaiaConstants::kAnyApiOAuth2Scope); |
| 195 |
| 196 request_job_->Start( |
| 197 base::Bind(&CloudPolicyClient::OnFetchRobotAuthTokensCompleted, |
| 198 base::Unretained(this))); |
| 199 } |
| 200 |
| 180 void CloudPolicyClient::Unregister() { | 201 void CloudPolicyClient::Unregister() { |
| 181 DCHECK(service_); | 202 DCHECK(service_); |
| 182 request_job_.reset( | 203 request_job_.reset( |
| 183 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); | 204 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); |
| 184 request_job_->SetDMToken(dm_token_); | 205 request_job_->SetDMToken(dm_token_); |
| 185 request_job_->SetClientID(client_id_); | 206 request_job_->SetClientID(client_id_); |
| 186 request_job_->GetRequest()->mutable_unregister_request(); | 207 request_job_->GetRequest()->mutable_unregister_request(); |
| 187 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, | 208 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, |
| 188 base::Unretained(this))); | 209 base::Unretained(this))); |
| 189 } | 210 } |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 242 device_mode_ = TranslateProtobufDeviceMode( | 263 device_mode_ = TranslateProtobufDeviceMode( |
| 243 response.register_response().enrollment_type()); | 264 response.register_response().enrollment_type()); |
| 244 } | 265 } |
| 245 | 266 |
| 246 NotifyRegistrationStateChanged(); | 267 NotifyRegistrationStateChanged(); |
| 247 } else { | 268 } else { |
| 248 NotifyClientError(); | 269 NotifyClientError(); |
| 249 } | 270 } |
| 250 } | 271 } |
| 251 | 272 |
| 273 void CloudPolicyClient::OnFetchRobotAuthTokensCompleted( |
| 274 DeviceManagementStatus status, |
| 275 const em::DeviceManagementResponse& response) { |
| 276 if (status == DM_STATUS_SUCCESS && |
| 277 (!response.has_service_api_access_response() || |
| 278 response.service_api_access_response().auth_code().empty())) { |
| 279 LOG(WARNING) << "Invalid service api access response."; |
| 280 status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| 281 } |
| 282 |
| 283 status_ = status; |
| 284 if (status == DM_STATUS_SUCCESS) { |
| 285 robot_api_auth_code_ = response.service_api_access_response().auth_code(); |
| 286 DVLOG(1) << "Device robot account auth code fetch complete - code = " |
| 287 << robot_api_auth_code_; |
| 288 |
| 289 NotifyRobotAuthCodesFetched(); |
| 290 } else { |
| 291 NotifyClientError(); |
| 292 } |
| 293 } |
| 294 |
| 252 void CloudPolicyClient::OnPolicyFetchCompleted( | 295 void CloudPolicyClient::OnPolicyFetchCompleted( |
| 253 DeviceManagementStatus status, | 296 DeviceManagementStatus status, |
| 254 const em::DeviceManagementResponse& response) { | 297 const em::DeviceManagementResponse& response) { |
| 255 if (status == DM_STATUS_SUCCESS) { | 298 if (status == DM_STATUS_SUCCESS) { |
| 256 if (!response.has_policy_response() || | 299 if (!response.has_policy_response() || |
| 257 response.policy_response().response_size() == 0) { | 300 response.policy_response().response_size() == 0) { |
| 258 LOG(WARNING) << "Empty policy response."; | 301 LOG(WARNING) << "Empty policy response."; |
| 259 status = DM_STATUS_RESPONSE_DECODING_ERROR; | 302 status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| 260 } | 303 } |
| 261 } | 304 } |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 312 } | 355 } |
| 313 | 356 |
| 314 void CloudPolicyClient::NotifyPolicyFetched() { | 357 void CloudPolicyClient::NotifyPolicyFetched() { |
| 315 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this)); | 358 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this)); |
| 316 } | 359 } |
| 317 | 360 |
| 318 void CloudPolicyClient::NotifyRegistrationStateChanged() { | 361 void CloudPolicyClient::NotifyRegistrationStateChanged() { |
| 319 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this)); | 362 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this)); |
| 320 } | 363 } |
| 321 | 364 |
| 365 void CloudPolicyClient::NotifyRobotAuthCodesFetched() { |
| 366 FOR_EACH_OBSERVER(Observer, observers_, OnRobotAuthCodesFetched(this)); |
| 367 } |
| 368 |
| 322 void CloudPolicyClient::NotifyClientError() { | 369 void CloudPolicyClient::NotifyClientError() { |
| 323 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this)); | 370 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this)); |
| 324 } | 371 } |
| 325 | 372 |
| 326 } // namespace policy | 373 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12538009:
Public Sessions: fetch device robot api token during enterprise enrollment. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master