| Index: chrome/browser/chromeos/login/enrollment/enrollment_screen.cc
|
| diff --git a/chrome/browser/chromeos/login/enrollment/enrollment_screen.cc b/chrome/browser/chromeos/login/enrollment/enrollment_screen.cc
|
| index 09b46e20989ac864de6936189a069a106e0f1bbf..9f91dbb153663b3d2bde3bce4fa154f7ed67b236 100644
|
| --- a/chrome/browser/chromeos/login/enrollment/enrollment_screen.cc
|
| +++ b/chrome/browser/chromeos/login/enrollment/enrollment_screen.cc
|
| @@ -27,6 +27,7 @@
|
| #include "google_apis/gaia/gaia_auth_util.h"
|
|
|
| using namespace pairing_chromeos;
|
| +using policy::EnrollmentConfig;
|
|
|
| // Do not change the UMA histogram parameters without renaming the histograms!
|
| #define UMA_ENROLLMENT_TIME(histogram_name, elapsed_timer) \
|
| @@ -61,11 +62,8 @@ EnrollmentScreen* EnrollmentScreen::Get(ScreenManager* manager) {
|
| EnrollmentScreen::EnrollmentScreen(BaseScreenDelegate* base_screen_delegate,
|
| EnrollmentScreenActor* actor)
|
| : BaseScreen(base_screen_delegate),
|
| - shark_controller_(NULL),
|
| actor_(actor),
|
| - enrollment_failed_once_(false),
|
| - weak_ptr_factory_(this) {
|
| -}
|
| + weak_ptr_factory_(this) {}
|
|
|
| EnrollmentScreen::~EnrollmentScreen() {
|
| DCHECK(!enrollment_helper_ || g_browser_process->IsShuttingDown());
|
| @@ -75,14 +73,54 @@ void EnrollmentScreen::SetParameters(
|
| const policy::EnrollmentConfig& enrollment_config,
|
| pairing_chromeos::ControllerPairingController* shark_controller) {
|
| enrollment_config_ = enrollment_config;
|
| + switch (enrollment_config_.auth_mechanism) {
|
| + case EnrollmentConfig::AUTH_MECHANISM_INTERACTIVE:
|
| + current_auth_ = AUTH_OAUTH;
|
| + last_auth_ = AUTH_OAUTH;
|
| + break;
|
| + case EnrollmentConfig::AUTH_MECHANISM_ATTESTATION:
|
| + current_auth_ = AUTH_ATTESTATION;
|
| + last_auth_ = AUTH_ATTESTATION;
|
| + break;
|
| + case EnrollmentConfig::AUTH_MECHANISM_BEST_AVAILABLE:
|
| + current_auth_ = AUTH_ATTESTATION;
|
| + last_auth_ = enrollment_config_.should_enroll_interactively()
|
| + ? AUTH_OAUTH
|
| + : AUTH_ATTESTATION;
|
| + break;
|
| + default:
|
| + NOTREACHED();
|
| + break;
|
| + }
|
| shark_controller_ = shark_controller;
|
| - actor_->SetParameters(this, enrollment_config_);
|
| + SetConfig();
|
| +}
|
| +
|
| +void EnrollmentScreen::SetConfig() {
|
| + config_ = enrollment_config_;
|
| + if (current_auth_ == AUTH_ATTESTATION) {
|
| + config_.mode = enrollment_config_.is_attestation_forced()
|
| + ? policy::EnrollmentConfig::MODE_ATTESTATION_FORCED
|
| + : policy::EnrollmentConfig::MODE_ATTESTATION;
|
| + }
|
| + actor_->SetParameters(this, config_);
|
| + enrollment_helper_ = nullptr;
|
| +}
|
| +
|
| +bool EnrollmentScreen::AdvanceToNextAuth() {
|
| + if (current_auth_ != last_auth_ && current_auth_ == AUTH_ATTESTATION) {
|
| + current_auth_ = AUTH_OAUTH;
|
| + SetConfig();
|
| + return true;
|
| + }
|
| + return false;
|
| }
|
|
|
| void EnrollmentScreen::CreateEnrollmentHelper() {
|
| - DCHECK(!enrollment_helper_);
|
| - enrollment_helper_ = EnterpriseEnrollmentHelper::Create(
|
| - this, enrollment_config_, enrolling_user_domain_);
|
| + if (!enrollment_helper_) {
|
| + enrollment_helper_ = EnterpriseEnrollmentHelper::Create(
|
| + this, config_, enrolling_user_domain_);
|
| + }
|
| }
|
|
|
| void EnrollmentScreen::ClearAuth(const base::Closure& callback) {
|
| @@ -96,7 +134,7 @@ void EnrollmentScreen::ClearAuth(const base::Closure& callback) {
|
| }
|
|
|
| void EnrollmentScreen::OnAuthCleared(const base::Closure& callback) {
|
| - enrollment_helper_.reset();
|
| + enrollment_helper_ = nullptr;
|
| callback.Run();
|
| }
|
|
|
| @@ -106,6 +144,20 @@ void EnrollmentScreen::PrepareToShow() {
|
|
|
| void EnrollmentScreen::Show() {
|
| UMA(policy::kMetricEnrollmentTriggered);
|
| + switch (current_auth_) {
|
| + case AUTH_OAUTH:
|
| + ShowInteractiveScreen();
|
| + break;
|
| + case AUTH_ATTESTATION:
|
| + AuthenticateUsingAttestation();
|
| + break;
|
| + default:
|
| + NOTREACHED();
|
| + break;
|
| + }
|
| +}
|
| +
|
| +void EnrollmentScreen::ShowInteractiveScreen() {
|
| ClearAuth(base::Bind(&EnrollmentScreen::ShowSigninScreen,
|
| weak_ptr_factory_.GetWeakPtr()));
|
| }
|
| @@ -119,6 +171,15 @@ std::string EnrollmentScreen::GetName() const {
|
| return WizardController::kEnrollmentScreenName;
|
| }
|
|
|
| +void EnrollmentScreen::AuthenticateUsingAttestation() {
|
| + VLOG(1) << "Authenticating using attestation.";
|
| + elapsed_timer_.reset(new base::ElapsedTimer());
|
| + actor_->Show();
|
| + actor_->ShowEnrollmentSpinnerScreen();
|
| + CreateEnrollmentHelper();
|
| + enrollment_helper_->EnrollUsingAttestation();
|
| +}
|
| +
|
| void EnrollmentScreen::OnLoginDone(const std::string& user,
|
| const std::string& auth_code) {
|
| LOG_IF(ERROR, auth_code.empty()) << "Auth code is empty.";
|
| @@ -131,23 +192,26 @@ void EnrollmentScreen::OnLoginDone(const std::string& user,
|
| actor_->ShowEnrollmentSpinnerScreen();
|
| CreateEnrollmentHelper();
|
| enrollment_helper_->EnrollUsingAuthCode(
|
| - auth_code, shark_controller_ != NULL /* fetch_additional_token */);
|
| + auth_code, shark_controller_ != nullptr /* fetch_additional_token */);
|
| }
|
|
|
| void EnrollmentScreen::OnRetry() {
|
| - ClearAuth(base::Bind(&EnrollmentScreen::ShowSigninScreen,
|
| - weak_ptr_factory_.GetWeakPtr()));
|
| + Show();
|
| }
|
|
|
| void EnrollmentScreen::OnCancel() {
|
| + if (AdvanceToNextAuth()) {
|
| + Show();
|
| + return;
|
| + }
|
| +
|
| UMA(policy::kMetricEnrollmentCancelled);
|
| if (elapsed_timer_)
|
| UMA_ENROLLMENT_TIME(kMetricEnrollmentTimeCancel, elapsed_timer_);
|
|
|
| const BaseScreenDelegate::ExitCodes exit_code =
|
| - enrollment_config_.is_forced()
|
| - ? BaseScreenDelegate::ENTERPRISE_ENROLLMENT_BACK
|
| - : BaseScreenDelegate::ENTERPRISE_ENROLLMENT_COMPLETED;
|
| + config_.is_forced() ? BaseScreenDelegate::ENTERPRISE_ENROLLMENT_BACK
|
| + : BaseScreenDelegate::ENTERPRISE_ENROLLMENT_COMPLETED;
|
| ClearAuth(
|
| base::Bind(&EnrollmentScreen::Finish, base::Unretained(this), exit_code));
|
| }
|
| @@ -252,7 +316,7 @@ void EnrollmentScreen::ShowEnrollmentStatusOnSuccess() {
|
| }
|
|
|
| void EnrollmentScreen::UMA(policy::MetricEnrollment sample) {
|
| - EnrollmentUMA(sample, enrollment_config_.mode);
|
| + EnrollmentUMA(sample, config_.mode);
|
| }
|
|
|
| void EnrollmentScreen::ShowSigninScreen() {
|
| @@ -262,6 +326,7 @@ void EnrollmentScreen::ShowSigninScreen() {
|
|
|
| void EnrollmentScreen::OnAnyEnrollmentError() {
|
| enrollment_failed_once_ = true;
|
| + // TODO(drcrash): Maybe create multiple metrics (http://crbug.com/640313)?
|
| if (elapsed_timer_)
|
| UMA_ENROLLMENT_TIME(kMetricEnrollmentTimeFailure, elapsed_timer_);
|
| }
|
|
|
Chromium Code Reviews
Issue 2186623002:
Minimal attestation-based enrollment flow. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master