chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.cc - Issue 2433363004: Chromad: added AD Join ui, authpolicy_client

Side by Side Diff: chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.cc

Issue 2433363004: Chromad: added AD Join ui, authpolicy_client (Closed)

Patch Set: Fixed nit Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.h ('K') | « chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.h ('k') | chromeos/chromeos.gyp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.h"	5 #include "chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.h"

6	6

7 #include <algorithm>	7 #include <algorithm>

8	8

9 #include "ash/common/system/chromeos/devicetype_utils.h"	9 #include "ash/common/system/chromeos/devicetype_utils.h"

10 #include "base/bind.h"	10 #include "base/bind.h"

11 #include "base/bind_helpers.h"	11 #include "base/bind_helpers.h"

	12 #include "base/files/file_util.h"

12 #include "base/logging.h"	13 #include "base/logging.h"

13 #include "base/macros.h"	14 #include "base/macros.h"

14 #include "base/strings/stringprintf.h"	15 #include "base/strings/stringprintf.h"

15 #include "base/values.h"	16 #include "base/values.h"

16 #include "chrome/browser/browser_process.h"	17 #include "chrome/browser/browser_process.h"

17 #include "chrome/browser/browser_process_platform_part.h"	18 #include "chrome/browser/browser_process_platform_part.h"

18 #include "chrome/browser/chromeos/login/error_screens_histogram_helper.h"	19 #include "chrome/browser/chromeos/login/error_screens_histogram_helper.h"

19 #include "chrome/browser/chromeos/login/help_app_launcher.h"	20 #include "chrome/browser/chromeos/login/help_app_launcher.h"

20 #include "chrome/browser/chromeos/login/screens/network_error.h"	21 #include "chrome/browser/chromeos/login/screens/network_error.h"

21 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"	22 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"

22 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"	23 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"

23 #include "chrome/browser/chromeos/policy/enrollment_status_chromeos.h"	24 #include "chrome/browser/chromeos/policy/enrollment_status_chromeos.h"

24 #include "chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.h"	25 #include "chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.h"

25 #include "chrome/browser/ui/webui/chromeos/login/oobe_screen.h"	26 #include "chrome/browser/ui/webui/chromeos/login/oobe_screen.h"

26 #include "chrome/grit/generated_resources.h"	27 #include "chrome/grit/generated_resources.h"

	28 #include "chromeos/dbus/auth_policy_client.h"

	29 #include "chromeos/dbus/dbus_thread_manager.h"

27 #include "chromeos/network/network_state.h"	30 #include "chromeos/network/network_state.h"

28 #include "chromeos/network/network_state_handler.h"	31 #include "chromeos/network/network_state_handler.h"

29 #include "components/login/localized_values_builder.h"	32 #include "components/login/localized_values_builder.h"

30 #include "components/policy/core/browser/cloud/message_util.h"	33 #include "components/policy/core/browser/cloud/message_util.h"

	34 #include "content/public/browser/browser_thread.h"

31 #include "google_apis/gaia/gaia_auth_util.h"	35 #include "google_apis/gaia/gaia_auth_util.h"

32 #include "google_apis/gaia/gaia_urls.h"	36 #include "google_apis/gaia/gaia_urls.h"

33 #include "google_apis/gaia/google_service_auth_error.h"	37 #include "google_apis/gaia/google_service_auth_error.h"

34 #include "ui/base/l10n/l10n_util.h"	38 #include "ui/base/l10n/l10n_util.h"

35	39

36 namespace chromeos {	40 namespace chromeos {

37 namespace {	41 namespace {

38	42

39 const char kJsScreenPath[] = "login.OAuthEnrollmentScreen";	43 const char kJsScreenPath[] = "login.OAuthEnrollmentScreen";

40	44

41 // Enrollment step names.	45 // Enrollment step names.

42 const char kEnrollmentStepSignin[] = "signin";	46 const char kEnrollmentStepSignin[] = "signin";

	47 const char kEnrollmentStepADJoin[] = "ad-join";

43 const char kEnrollmentStepSuccess[] = "success";	48 const char kEnrollmentStepSuccess[] = "success";

44 const char kEnrollmentStepWorking[] = "working";	49 const char kEnrollmentStepWorking[] = "working";

45	50

46 // Enrollment mode constants used in the UI. This needs to be kept in sync with	51 // Enrollment mode constants used in the UI. This needs to be kept in sync with

47 // oobe_screen_oauth_enrollment.js.	52 // oobe_screen_oauth_enrollment.js.

48 const char kEnrollmentModeUIForced[] = "forced";	53 const char kEnrollmentModeUIForced[] = "forced";

49 const char kEnrollmentModeUIManual[] = "manual";	54 const char kEnrollmentModeUIManual[] = "manual";

50 const char kEnrollmentModeUIRecovery[] = "recovery";	55 const char kEnrollmentModeUIRecovery[] = "recovery";

51	56

52 // Converts \|mode\| to a mode identifier for the UI.	57 // Converts \|mode\| to a mode identifier for the UI.

(...skipping 43 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
96 }	101 }

97	102

98	103

99 // Returns the enterprise domain after enrollment, or an empty string.	104 // Returns the enterprise domain after enrollment, or an empty string.

100 std::string GetEnterpriseDomain() {	105 std::string GetEnterpriseDomain() {

101 policy::BrowserPolicyConnectorChromeOS* connector =	106 policy::BrowserPolicyConnectorChromeOS* connector =

102 g_browser_process->platform_part()->browser_policy_connector_chromeos();	107 g_browser_process->platform_part()->browser_policy_connector_chromeos();

103 return connector->GetEnterpriseDomain();	108 return connector->GetEnterpriseDomain();

104 }	109 }

105	110

	111 // Returns reading end of pipe with the password to read.
	Alexander Alekseev 2016/10/28 10:49:11 nit: Returns file descriptor of a pipe, open for r nit: Returns file descriptor of a pipe, open for reading. Pipe keeps user password, which can be read from the returned descriptor. Roman Sorokin (ftl) 2016/10/28 12:35:29 Done. Show quoted text On 2016/10/28 10:49:11, Alexander Alekseev wrote: > nit: Returns file descriptor of a pipe, open for reading. Pipe keeps user > password, which can be read from the returned descriptor. Done.
	112 base::ScopedFD GetPasswordReadPipe(const std::string& password) {
	Alexander Alekseev 2016/10/28 10:49:11 Add DCHECK that this function is rinnung on a Bloc Add DCHECK that this function is rinnung on a BlockingPool. Roman Sorokin (ftl) 2016/10/28 12:35:29 Hm, How to check that? DCHECK_CURRENTLY_ON accepts Show quoted text On 2016/10/28 10:49:11, Alexander Alekseev wrote: > Add DCHECK that this function is rinnung on a BlockingPool. Hm, How to check that? DCHECK_CURRENTLY_ON accepts only names threads, which blockingpool is not. Alexander Alekseev 2016/10/28 13:00:59 DCHECK(BrowserThread::GetBlockingPool()->RunsTasks Show quoted text On 2016/10/28 12:35:29, Roman Sorokin wrote: > On 2016/10/28 10:49:11, Alexander Alekseev wrote: > > Add DCHECK that this function is rinnung on a BlockingPool. > > Hm, How to check that? DCHECK_CURRENTLY_ON accepts only names threads, which > blockingpool is not. DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread()); Roman Sorokin (ftl) 2016/10/28 14:07:13 Done. Show quoted text On 2016/10/28 13:00:59, Alexander Alekseev wrote: > On 2016/10/28 12:35:29, Roman Sorokin wrote: > > On 2016/10/28 10:49:11, Alexander Alekseev wrote: > > > Add DCHECK that this function is rinnung on a BlockingPool. > > > > Hm, How to check that? DCHECK_CURRENTLY_ON accepts only names threads, which > > blockingpool is not. > > DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread()); Done.
	113 int pipe_fds[2];

	114 if (!base::CreateLocalNonBlockingPipe(pipe_fds)) {

	115 LOG(ERROR) << "Failed to create pipes";
	Alexander Alekseev 2016/10/28 10:49:11 nit: pipe nit: pipe Roman Sorokin (ftl) 2016/10/28 12:35:29 Done. Show quoted text On 2016/10/28 10:49:11, Alexander Alekseev wrote: > nit: pipe Done.
	116 return base::ScopedFD();

	117 }

	118 base::ScopedFD pipe_read_end(pipe_fds[0]);

	119 base::ScopedFD pipe_write_end(pipe_fds[1]);

	120

	121 if (!base::WriteFileDescriptor(pipe_write_end.get(),

	122 password.c_str(),

	123 password.size())) {

	124 LOG(ERROR) << "Failed to write to pipe";

	125 return base::ScopedFD();

	126 }

	127 return pipe_read_end;

	128 }

	129

106 } // namespace	130 } // namespace

107	131

108 // EnrollmentScreenHandler, public ------------------------------	132 // EnrollmentScreenHandler, public ------------------------------

109	133

110 EnrollmentScreenHandler::EnrollmentScreenHandler(	134 EnrollmentScreenHandler::EnrollmentScreenHandler(

111 const scoped_refptr<NetworkStateInformer>& network_state_informer,	135 const scoped_refptr<NetworkStateInformer>& network_state_informer,

112 NetworkErrorModel* network_error_model)	136 NetworkErrorModel* network_error_model)

113 : BaseScreenHandler(kJsScreenPath),	137 : BaseScreenHandler(kJsScreenPath),

114 controller_(NULL),	138 controller_(NULL),

115 show_on_init_(false),	139 show_on_init_(false),

(...skipping 16 matching lines...) Expand all Loading...
132	156

133 // EnrollmentScreenHandler, WebUIMessageHandler implementation --	157 // EnrollmentScreenHandler, WebUIMessageHandler implementation --

134	158

135 void EnrollmentScreenHandler::RegisterMessages() {	159 void EnrollmentScreenHandler::RegisterMessages() {

136 AddCallback("toggleFakeEnrollment",	160 AddCallback("toggleFakeEnrollment",

137 &EnrollmentScreenHandler::HandleToggleFakeEnrollment);	161 &EnrollmentScreenHandler::HandleToggleFakeEnrollment);

138 AddCallback("oauthEnrollClose",	162 AddCallback("oauthEnrollClose",

139 &EnrollmentScreenHandler::HandleClose);	163 &EnrollmentScreenHandler::HandleClose);

140 AddCallback("oauthEnrollCompleteLogin",	164 AddCallback("oauthEnrollCompleteLogin",

141 &EnrollmentScreenHandler::HandleCompleteLogin);	165 &EnrollmentScreenHandler::HandleCompleteLogin);

	166 AddCallback("oauthEnrollADCompleteLogin",

	167 &EnrollmentScreenHandler::HandleADCompleteLogin);

142 AddCallback("oauthEnrollRetry",	168 AddCallback("oauthEnrollRetry",

143 &EnrollmentScreenHandler::HandleRetry);	169 &EnrollmentScreenHandler::HandleRetry);

144 AddCallback("frameLoadingCompleted",	170 AddCallback("frameLoadingCompleted",

145 &EnrollmentScreenHandler::HandleFrameLoadingCompleted);	171 &EnrollmentScreenHandler::HandleFrameLoadingCompleted);

146 AddCallback("oauthEnrollAttributes",	172 AddCallback("oauthEnrollAttributes",

147 &EnrollmentScreenHandler::HandleDeviceAttributesProvided);	173 &EnrollmentScreenHandler::HandleDeviceAttributesProvided);

148 AddCallback("oauthEnrollOnLearnMore",	174 AddCallback("oauthEnrollOnLearnMore",

149 &EnrollmentScreenHandler::HandleOnLearnMore);	175 &EnrollmentScreenHandler::HandleOnLearnMore);

150 }	176 }

151	177

(...skipping 19 matching lines...) Expand all Loading...
171 }	197 }

172	198

173 void EnrollmentScreenHandler::Hide() {	199 void EnrollmentScreenHandler::Hide() {

174 }	200 }

175	201

176 void EnrollmentScreenHandler::ShowSigninScreen() {	202 void EnrollmentScreenHandler::ShowSigninScreen() {

177 observe_network_failure_ = true;	203 observe_network_failure_ = true;

178 ShowStep(kEnrollmentStepSignin);	204 ShowStep(kEnrollmentStepSignin);

179 }	205 }

180	206

	207 void EnrollmentScreenHandler::ShowADJoin() {

	208 observe_network_failure_ = false;

	209 ShowStep(kEnrollmentStepADJoin);

	210 }

	211

181 void EnrollmentScreenHandler::ShowAttributePromptScreen(	212 void EnrollmentScreenHandler::ShowAttributePromptScreen(

182 const std::string& asset_id,	213 const std::string& asset_id,

183 const std::string& location) {	214 const std::string& location) {

184 CallJS("showAttributePromptStep", asset_id, location);	215 CallJS("showAttributePromptStep", asset_id, location);

185 }	216 }

186	217

187 void EnrollmentScreenHandler::ShowEnrollmentSpinnerScreen() {	218 void EnrollmentScreenHandler::ShowEnrollmentSpinnerScreen() {

188 ShowStep(kEnrollmentStepWorking);	219 ShowStep(kEnrollmentStepWorking);

189 }	220 }

190	221

(...skipping 188 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
379 IDS_ENTERPRISE_ENROLLMENT_EXPLAIN_ATTRIBUTE_LINK);	410 IDS_ENTERPRISE_ENROLLMENT_EXPLAIN_ATTRIBUTE_LINK);

380 builder->Add("oauthEnrollAttributeExplanation",	411 builder->Add("oauthEnrollAttributeExplanation",

381 IDS_ENTERPRISE_ENROLLMENT_ATTRIBUTE_EXPLANATION);	412 IDS_ENTERPRISE_ENROLLMENT_ATTRIBUTE_EXPLANATION);

382 builder->Add("oauthEnrollAssetIdLabel",	413 builder->Add("oauthEnrollAssetIdLabel",

383 IDS_ENTERPRISE_ENROLLMENT_ASSET_ID_LABEL);	414 IDS_ENTERPRISE_ENROLLMENT_ASSET_ID_LABEL);

384 builder->Add("oauthEnrollLocationLabel",	415 builder->Add("oauthEnrollLocationLabel",

385 IDS_ENTERPRISE_ENROLLMENT_LOCATION_LABEL);	416 IDS_ENTERPRISE_ENROLLMENT_LOCATION_LABEL);

386 builder->Add("oauthEnrollWorking", IDS_ENTERPRISE_ENROLLMENT_WORKING_MESSAGE);	417 builder->Add("oauthEnrollWorking", IDS_ENTERPRISE_ENROLLMENT_WORKING_MESSAGE);

387 // Do not use AddF for this string as it will be rendered by the JS code.	418 // Do not use AddF for this string as it will be rendered by the JS code.

388 builder->Add("oauthEnrollAbeSuccess", IDS_ENTERPRISE_ENROLLMENT_ABE_SUCCESS);	419 builder->Add("oauthEnrollAbeSuccess", IDS_ENTERPRISE_ENROLLMENT_ABE_SUCCESS);

	420 builder->Add("oauthEnrollADMachineNameInput",

	421 IDS_AD_MACHINE_NAME_INPUT_LABEL);

	422 builder->Add("oauthEnrollADDomainJoinWelcomeMessage",

	423 IDS_AD_DOMAIN_JOIN_WELCOME_MESSAGE);

	424 builder->Add("adLoginUser", IDS_AD_LOGIN_USER);

	425 builder->Add("adLoginPassword", IDS_AD_LOGIN_PASSWORD);

389 }	426 }

390	427

391 bool EnrollmentScreenHandler::IsOnEnrollmentScreen() const {	428 bool EnrollmentScreenHandler::IsOnEnrollmentScreen() const {

392 return (GetCurrentScreen() == OobeScreen::SCREEN_OOBE_ENROLLMENT);	429 return (GetCurrentScreen() == OobeScreen::SCREEN_OOBE_ENROLLMENT);

393 }	430 }

394	431

395 bool EnrollmentScreenHandler::IsEnrollmentScreenHiddenByError() const {	432 bool EnrollmentScreenHandler::IsEnrollmentScreenHiddenByError() const {

396 return (GetCurrentScreen() == OobeScreen::SCREEN_ERROR_MESSAGE &&	433 return (GetCurrentScreen() == OobeScreen::SCREEN_ERROR_MESSAGE &&

397 network_error_model_->GetParentScreen() ==	434 network_error_model_->GetParentScreen() ==

398 OobeScreen::SCREEN_OOBE_ENROLLMENT);	435 OobeScreen::SCREEN_OOBE_ENROLLMENT);

(...skipping 109 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
508 }	545 }

509	546

510 void EnrollmentScreenHandler::HandleCompleteLogin(	547 void EnrollmentScreenHandler::HandleCompleteLogin(

511 const std::string& user,	548 const std::string& user,

512 const std::string& auth_code) {	549 const std::string& auth_code) {

513 observe_network_failure_ = false;	550 observe_network_failure_ = false;

514 DCHECK(controller_);	551 DCHECK(controller_);

515 controller_->OnLoginDone(gaia::SanitizeEmail(user), auth_code);	552 controller_->OnLoginDone(gaia::SanitizeEmail(user), auth_code);

516 }	553 }

517	554

	555 void EnrollmentScreenHandler::HandleADCompleteLogin(

	556 const std::string& machine_name,

	557 const std::string& user,

	558 const std::string& password) {

	559 observe_network_failure_ = false;

	560 DCHECK(controller_);

	561 base::PostTaskAndReplyWithResult(

	562 content::BrowserThread::GetBlockingPool(), FROM_HERE,

	563 base::Bind(&GetPasswordReadPipe, password),

	564 base::Bind(&EnrollmentScreenHandler::OnPasswordPipeReady,

	565 weak_ptr_factory_.GetWeakPtr(), machine_name, user));

	566 }

	567

	568 void EnrollmentScreenHandler::OnPasswordPipeReady(

	569 const std::string& machine_name,

	570 const std::string& user,

	571 base::ScopedFD password_fd) {
	Alexander Alekseev 2016/10/28 10:49:11 Add DCHECK for UI thread. Add DCHECK for UI thread. Roman Sorokin (ftl) 2016/10/28 12:35:28 Done. Show quoted text On 2016/10/28 10:49:11, Alexander Alekseev wrote: > Add DCHECK for UI thread. Done.
	572 if (!password_fd.is_valid()) {

	573 LOG(ERROR) << "Got invalid password_fd";

	574 return;

	575 }

	576 chromeos::AuthPolicyClient* client =

	577 chromeos::DBusThreadManager::Get()->GetAuthPolicyClient();

	578

	579 client->JoinADDomain(machine_name,

	580 user,

	581 password_fd.get(),

	582 base::Bind(&EnrollmentScreenHandler::HandleADDomainJoin,

	583 weak_ptr_factory_.GetWeakPtr(),

	584 machine_name,

	585 user));

	586 }

	587

	588 void EnrollmentScreenHandler::HandleADDomainJoin(

	589 const std::string& machine_name,

	590 const std::string& user,

	591 int code) {

	592 if (code == 0) {

	593 controller_->OnADJoined(gaia::ExtractDomainName(user));
	Alexander Alekseev 2016/10/28 10:49:11 return here? return here? Roman Sorokin (ftl) 2016/10/28 12:35:29 Done. Show quoted text On 2016/10/28 10:49:11, Alexander Alekseev wrote: > return here? Done.
	594 } else {

	595 // TODO(rsorokin,659984): Add passing/displaying error codes.
	Alexander Alekseev 2016/10/28 10:49:11 Could you, please, add issues as full URL? Like cr Could you, please, add issues as full URL? Like crbug.com/659984 . This makes it simpler to open. Roman Sorokin (ftl) 2016/10/28 12:35:29 Done. Show quoted text On 2016/10/28 10:49:11, Alexander Alekseev wrote: > Could you, please, add issues as full URL? > Like crbug.com/659984 . This makes it simpler to open. Done.
	596 CallJS("invalidateAD", machine_name, user);

	597 }

	598 }

	599

518 void EnrollmentScreenHandler::HandleRetry() {	600 void EnrollmentScreenHandler::HandleRetry() {

519 DCHECK(controller_);	601 DCHECK(controller_);

520 controller_->OnRetry();	602 controller_->OnRetry();

521 }	603 }

522	604

523 void EnrollmentScreenHandler::HandleFrameLoadingCompleted() {	605 void EnrollmentScreenHandler::HandleFrameLoadingCompleted() {

524 if (network_state_informer_->state() != NetworkStateInformer::ONLINE)	606 if (network_state_informer_->state() != NetworkStateInformer::ONLINE)

525 return;	607 return;

526	608

527 UpdateState(NetworkError::ERROR_REASON_UPDATE);	609 UpdateState(NetworkError::ERROR_REASON_UPDATE);

(...skipping 48 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
576	658

577 ShowScreenWithData(OobeScreen::SCREEN_OOBE_ENROLLMENT, &screen_data);	659 ShowScreenWithData(OobeScreen::SCREEN_OOBE_ENROLLMENT, &screen_data);

578 if (first_show_) {	660 if (first_show_) {

579 first_show_ = false;	661 first_show_ = false;

580 UpdateStateInternal(NetworkError::ERROR_REASON_UPDATE, true);	662 UpdateStateInternal(NetworkError::ERROR_REASON_UPDATE, true);

581 }	663 }

582 histogram_helper_->OnScreenShow();	664 histogram_helper_->OnScreenShow();

583 }	665 }

584	666

585 } // namespace chromeos	667 } // namespace chromeos

OLD	NEW