| Index: chrome/browser/chromeos/arc/arc_auth_service.cc
|
| diff --git a/chrome/browser/chromeos/arc/arc_auth_service.cc b/chrome/browser/chromeos/arc/arc_auth_service.cc
|
| index 195c2ec539f8acfed17bb503d7c755283d6afb8b..33a82f001cbe9adc2726f57d4ff0a363d47e2028 100644
|
| --- a/chrome/browser/chromeos/arc/arc_auth_service.cc
|
| +++ b/chrome/browser/chromeos/arc/arc_auth_service.cc
|
| @@ -7,20 +7,22 @@
|
| #include <utility>
|
|
|
| #include "base/command_line.h"
|
| -#include "base/logging.h"
|
| #include "base/memory/ptr_util.h"
|
| #include "chrome/browser/chromeos/arc/arc_optin_uma.h"
|
| #include "chrome/browser/chromeos/arc/arc_session_manager.h"
|
| -#include "chrome/browser/chromeos/arc/auth/arc_auth_code_fetcher.h"
|
| +#include "chrome/browser/chromeos/arc/auth/arc_active_directory_enrollment_token_fetcher.h"
|
| +#include "chrome/browser/chromeos/arc/auth/arc_auth_info_fetcher.h"
|
| #include "chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.h"
|
| #include "chrome/browser/chromeos/arc/auth/arc_manual_auth_code_fetcher.h"
|
| #include "chrome/browser/chromeos/arc/auth/arc_robot_auth_code_fetcher.h"
|
| #include "chrome/browser/chromeos/arc/policy/arc_policy_util.h"
|
| +#include "chrome/browser/chromeos/profiles/profile_helper.h"
|
| #include "chrome/browser/lifetime/application_lifetime.h"
|
| #include "chromeos/chromeos_switches.h"
|
| #include "components/arc/arc_bridge_service.h"
|
| #include "components/arc/arc_features.h"
|
| #include "components/arc/arc_util.h"
|
| +#include "components/user_manager/user_manager.h"
|
| #include "content/public/browser/browser_thread.h"
|
|
|
| namespace arc {
|
| @@ -86,25 +88,29 @@ class ArcAuthService::AccountInfoNotifier {
|
| account_info_callback_(account_info_callback) {}
|
|
|
| void Notify(bool is_enforced,
|
| - const std::string& auth_code,
|
| + const std::string& auth_info,
|
| mojom::ChromeAccountType account_type,
|
| bool is_managed) {
|
| switch (callback_type_) {
|
| case CallbackType::AUTH_CODE:
|
| DCHECK(!auth_callback_.is_null());
|
| - auth_callback_.Run(auth_code, is_enforced);
|
| + auth_callback_.Run(auth_info, is_enforced);
|
| break;
|
| case CallbackType::AUTH_CODE_AND_ACCOUNT:
|
| DCHECK(!auth_account_callback_.is_null());
|
| - auth_account_callback_.Run(auth_code, is_enforced, account_type);
|
| + auth_account_callback_.Run(auth_info, is_enforced, account_type);
|
| break;
|
| case CallbackType::ACCOUNT_INFO:
|
| DCHECK(!account_info_callback_.is_null());
|
| mojom::AccountInfoPtr account_info = mojom::AccountInfo::New();
|
| - if (!is_enforced) {
|
| - account_info->auth_code = base::nullopt;
|
| + if (account_type ==
|
| + mojom::ChromeAccountType::ACTIVE_DIRECTORY_ACCOUNT) {
|
| + account_info->enrollment_token = auth_info;
|
| } else {
|
| - account_info->auth_code = auth_code;
|
| + if (!is_enforced)
|
| + account_info->auth_code = base::nullopt;
|
| + else
|
| + account_info->auth_code = auth_info;
|
| }
|
| account_info->account_type = account_type;
|
| account_info->is_managed = is_managed;
|
| @@ -223,14 +229,27 @@ void ArcAuthService::RequestAccountInfoInternal(
|
| // Hereafter asynchronous operation. Remember the notifier.
|
| notifier_ = std::move(notifier);
|
|
|
| + Profile* profile = ArcSessionManager::Get()->profile();
|
| + const user_manager::User* user = nullptr;
|
| + if (profile)
|
| + user = chromeos::ProfileHelper::Get()->GetUserByProfile(profile);
|
| + if (user && user->IsActiveDirectoryUser()) {
|
| + // For Active Directory enrolled devices, we get an enrollment token for a
|
| + // managed Google Play account from DMServer.
|
| + fetcher_ = base::MakeUnique<ArcActiveDirectoryEnrollmentTokenFetcher>();
|
| + fetcher_->Fetch(base::Bind(&ArcAuthService::OnEnrollmentTokenFetched,
|
| + weak_ptr_factory_.GetWeakPtr()));
|
| + return;
|
| + }
|
| + // For non-AD enrolled devices an auth code is fetched.
|
| if (IsArcKioskMode()) {
|
| // In Kiosk mode, use Robot auth code fetching.
|
| fetcher_ = base::MakeUnique<ArcRobotAuthCodeFetcher>();
|
| } else if (base::FeatureList::IsEnabled(arc::kArcUseAuthEndpointFeature)) {
|
| // Optionally retrieve auth code in silent mode.
|
| + DCHECK(profile);
|
| fetcher_ = base::MakeUnique<ArcBackgroundAuthCodeFetcher>(
|
| - ArcSessionManager::Get()->profile(),
|
| - ArcSessionManager::Get()->auth_context());
|
| + profile, ArcSessionManager::Get()->auth_context());
|
| } else {
|
| // Report that silent auth code is not activated. All other states are
|
| // reported in ArcBackgroundAuthCodeFetcher.
|
| @@ -247,6 +266,22 @@ void ArcAuthService::RequestAccountInfoInternal(
|
| weak_ptr_factory_.GetWeakPtr()));
|
| }
|
|
|
| +void ArcAuthService::OnEnrollmentTokenFetched(
|
| + const std::string& enrollment_token) {
|
| + DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
|
| + fetcher_.reset();
|
| +
|
| + if (enrollment_token.empty()) {
|
| + ArcSessionManager::Get()->OnProvisioningFinished(
|
| + ProvisioningResult::CHROME_SERVER_COMMUNICATION_ERROR);
|
| + return;
|
| + }
|
| +
|
| + notifier_->Notify(true /*is_enforced*/, enrollment_token,
|
| + mojom::ChromeAccountType::ACTIVE_DIRECTORY_ACCOUNT, true);
|
| + notifier_.reset();
|
| +}
|
| +
|
| void ArcAuthService::OnAuthCodeFetched(const std::string& auth_code) {
|
| DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
|
| fetcher_.reset();
|
|
|
Chromium Code Reviews
Issue 2655873002:
Get enrollment token from DMServer when an Active Directory user uses ARC (Closed)
