Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(72)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/policy/device_cloud_policy_initializer.cc

Issue 2186623002: Minimal attestation-based enrollment flow. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Made ZTE independent of enterprise enrollment. Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/chromeos/login/wizard_controller.cc ('K') | « chrome/browser/chromeos/login/wizard_controller.cc ('k') | chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/bind_helpers.h" 10 #include "base/bind_helpers.h"
11 #include "base/callback.h" 11 #include "base/callback.h"
12 #include "base/logging.h" 12 #include "base/logging.h"
13 #include "base/memory/ptr_util.h" 13 #include "base/memory/ptr_util.h"
14 #include "base/sequenced_task_runner.h" 14 #include "base/sequenced_task_runner.h"
15 #include "base/values.h" 15 #include "base/values.h"
16 #include "chrome/browser/browser_process.h" 16 #include "chrome/browser/browser_process.h"
17 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h" 17 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"
18 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" 18 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h"
19 #include "chrome/browser/chromeos/policy/device_status_collector.h" 19 #include "chrome/browser/chromeos/policy/device_status_collector.h"
20 #include "chrome/browser/chromeos/policy/enrollment_config.h" 20 #include "chrome/browser/chromeos/policy/enrollment_config.h"
21 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" 21 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h"
22 #include "chrome/browser/chromeos/policy/enrollment_status_chromeos.h" 22 #include "chrome/browser/chromeos/policy/enrollment_status_chromeos.h"
23 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" 23 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
24 #include "chrome/browser/chromeos/policy/server_backed_device_state.h" 24 #include "chrome/browser/chromeos/policy/server_backed_device_state.h"
25 #include "chrome/common/chrome_content_client.h" 25 #include "chrome/common/chrome_content_client.h"
26 #include "chrome/common/pref_names.h" 26 #include "chrome/common/pref_names.h"
27 #include "chromeos/chromeos_switches.h" 27 #include "chromeos/chromeos_switches.h"
28 #include "chromeos/dbus/cryptohome_client.h"
29 #include "chromeos/system/statistics_provider.h" 28 #include "chromeos/system/statistics_provider.h"
30 #include "components/policy/core/common/cloud/cloud_policy_core.h" 29 #include "components/policy/core/common/cloud/cloud_policy_core.h"
31 #include "components/policy/core/common/cloud/device_management_service.h" 30 #include "components/policy/core/common/cloud/device_management_service.h"
32 #include "components/prefs/pref_service.h" 31 #include "components/prefs/pref_service.h"
33 #include "net/url_request/url_request_context_getter.h" 32 #include "net/url_request/url_request_context_getter.h"
34 33
35 namespace policy { 34 namespace policy {
36 35
37 namespace { 36 namespace {
38 37
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after
117 enrollment_handler_->StartEnrollment(); 116 enrollment_handler_->StartEnrollment();
118 } 117 }
119 118
120 EnrollmentConfig DeviceCloudPolicyInitializer::GetPrescribedEnrollmentConfig() 119 EnrollmentConfig DeviceCloudPolicyInitializer::GetPrescribedEnrollmentConfig()
121 const { 120 const {
122 EnrollmentConfig config; 121 EnrollmentConfig config;
123 122
124 // Authentication through the attestation mechanism is controlled by a 123 // Authentication through the attestation mechanism is controlled by a
125 // command line switch that either enables it or forces it (meaning that 124 // command line switch that either enables it or forces it (meaning that
126 // interactive authentication is disabled). 125 // interactive authentication is disabled).
127 switch (DeviceCloudPolicyManagerChromeOS::GetZeroTouchEnrollmentMode()) { 126 ZeroTouchEnrollmentMode zte_mode =
127 DeviceCloudPolicyManagerChromeOS::GetZeroTouchEnrollmentMode();
128 switch (zte_mode) {
pastarmovj 2016/08/19 10:29:18 Seems like this change can be undone you don't use
The one and only Dr. Crash 2016/08/19 17:49:30 Yes.
128 case ZeroTouchEnrollmentMode::DISABLED: 129 case ZeroTouchEnrollmentMode::DISABLED:
129 // Only use interactive authentication. 130 // Only use interactive authentication.
130 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_INTERACTIVE; 131 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_INTERACTIVE;
131 break; 132 break;
132 133
133 case ZeroTouchEnrollmentMode::ENABLED: 134 case ZeroTouchEnrollmentMode::ENABLED:
134 // Use the best mechanism, which may include attestation if available. 135 // Use the best mechanism, which may include attestation if available.
135 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_BEST_AVAILABLE; 136 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_BEST_AVAILABLE;
136 break; 137 break;
137 138
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after
266 StartConnection(CreateClient(enterprise_service_)); 267 StartConnection(CreateClient(enterprise_service_));
267 } 268 }
268 269
269 void DeviceCloudPolicyInitializer::StartConnection( 270 void DeviceCloudPolicyInitializer::StartConnection(
270 std::unique_ptr<CloudPolicyClient> client) { 271 std::unique_ptr<CloudPolicyClient> client) {
271 if (!manager_->core()->service()) 272 if (!manager_->core()->service())
272 manager_->StartConnection(std::move(client), install_attributes_); 273 manager_->StartConnection(std::move(client), install_attributes_);
273 } 274 }
274 275
275 } // namespace policy 276 } // namespace policy
OLDNEW
« chrome/browser/chromeos/login/wizard_controller.cc ('K') | « chrome/browser/chromeos/login/wizard_controller.cc ('k') | chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698