Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(708)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/policy/enrollment_config.h

Issue 2186623002: Minimal attestation-based enrollment flow. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed achuithb's feedback. Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.cc ('k') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/policy/enrollment_config.h
diff --git a/chrome/browser/chromeos/policy/enrollment_config.h b/chrome/browser/chromeos/policy/enrollment_config.h
index 03788c1e3facd5a8a41f34e6e7550fef29759d7d..344694c57d4a7c19efb57fa1843d9d04fdc94372 100644
--- a/chrome/browser/chromeos/policy/enrollment_config.h
+++ b/chrome/browser/chromeos/policy/enrollment_config.h
@@ -35,6 +35,10 @@ struct EnrollmentConfig {
MODE_SERVER_ADVERTISED,
// Recover from "spontaneous unenrollment", user can't skip.
MODE_RECOVERY,
+ // Start attestation-based enrollment.
+ MODE_ATTESTATION,
+ // Start attestation-based enrollment and only uses that.
+ MODE_ATTESTATION_FORCED,
};
// An enumeration of authentication mechanisms that can be used for
@@ -50,13 +54,39 @@ struct EnrollmentConfig {
};
// Whether enrollment should be triggered.
- bool should_enroll() const { return mode != MODE_NONE; }
+ bool should_enroll() const {
+ return should_enroll_with_attestation() || should_enroll_interactively();
+ }
+
+ // Whether attestation enrollment should be triggered.
+ bool should_enroll_with_attestation() const {
+ return auth_mechanism != AUTH_MECHANISM_INTERACTIVE;
+ }
+
+ // Whether interactive enrollment should be triggered.
+ bool should_enroll_interactively() const { return mode != MODE_NONE; }
// Whether enrollment is forced. The user can't skip the enrollment step
// during OOBE if this returns true.
bool is_forced() const {
return mode == MODE_LOCAL_FORCED || mode == MODE_SERVER_FORCED ||
- mode == MODE_RECOVERY;
+ mode == MODE_RECOVERY || is_attestation_forced();
+ }
+
+ // Whether attestation-based enrollment is forced. The user can't skip
+ // the enrollment step during OOBE if this returns true.
+ bool is_attestation_forced() const {
+ return auth_mechanism == AUTH_MECHANISM_ATTESTATION;
+ }
+
+ // Whether this configuration is in attestation mode.
+ bool is_mode_attestation() const {
+ return mode == MODE_ATTESTATION || mode == MODE_ATTESTATION_FORCED;
+ }
+
+ // Whether this configuration is in OAuth mode.
+ bool is_mode_oauth() const {
+ return mode != MODE_NONE && !is_mode_attestation();
}
// Indicates the enrollment flow variant to trigger during OOBE.
« no previous file with comments | « chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.cc ('k') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698