| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" | 5 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 72 bool fre_flag_found = provider->GetMachineStatistic( | 72 bool fre_flag_found = provider->GetMachineStatistic( |
| 73 system::kCheckEnrollmentKey, &check_enrollment_value); | 73 system::kCheckEnrollmentKey, &check_enrollment_value); |
| 74 | 74 |
| 75 if (fre_flag_found) { | 75 if (fre_flag_found) { |
| 76 if (check_enrollment_value == "0") | 76 if (check_enrollment_value == "0") |
| 77 return AutoEnrollmentController::EXPLICITLY_NOT_REQUIRED; | 77 return AutoEnrollmentController::EXPLICITLY_NOT_REQUIRED; |
| 78 if (check_enrollment_value == "1") | 78 if (check_enrollment_value == "1") |
| 79 return AutoEnrollmentController::EXPLICITLY_REQUIRED; | 79 return AutoEnrollmentController::EXPLICITLY_REQUIRED; |
| 80 } | 80 } |
| 81 if (!provider->GetMachineStatistic(system::kActivateDateKey, nullptr) && | 81 if (!provider->GetMachineStatistic(system::kActivateDateKey, nullptr) && |
| 82 !provider->GetEnterpriseMachineID().empty()) | 82 !provider->GetEnterpriseMachineID().empty()) { |
| 83 return AutoEnrollmentController::NOT_REQUIRED; | 83 return AutoEnrollmentController::NOT_REQUIRED; |
| 84 } |
| 84 return AutoEnrollmentController::REQUIRED; | 85 return AutoEnrollmentController::REQUIRED; |
| 85 } | 86 } |
| 86 | 87 |
| 87 std::string FRERequirementToString( | 88 std::string FRERequirementToString( |
| 88 AutoEnrollmentController::FRERequirement requirement) { | 89 AutoEnrollmentController::FRERequirement requirement) { |
| 89 switch (requirement) { | 90 switch (requirement) { |
| 90 case AutoEnrollmentController::REQUIRED: | 91 case AutoEnrollmentController::REQUIRED: |
| 91 return "Auto-enrollment required."; | 92 return "Auto-enrollment required."; |
| 92 case AutoEnrollmentController::NOT_REQUIRED: | 93 case AutoEnrollmentController::NOT_REQUIRED: |
| 93 return "Auto-enrollment disabled: first setup."; | 94 return "Auto-enrollment disabled: first setup."; |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 133 | 134 |
| 134 LOG(FATAL) << "Unknown auto-enrollment mode " << command_line_mode; | 135 LOG(FATAL) << "Unknown auto-enrollment mode " << command_line_mode; |
| 135 return MODE_NONE; | 136 return MODE_NONE; |
| 136 } | 137 } |
| 137 | 138 |
| 138 AutoEnrollmentController::AutoEnrollmentController() {} | 139 AutoEnrollmentController::AutoEnrollmentController() {} |
| 139 | 140 |
| 140 AutoEnrollmentController::~AutoEnrollmentController() {} | 141 AutoEnrollmentController::~AutoEnrollmentController() {} |
| 141 | 142 |
| 142 void AutoEnrollmentController::Start() { | 143 void AutoEnrollmentController::Start() { |
| 143 // This method is called at the point in the OOBE/login flow at which the | 144 switch (state_) { |
| 144 // auto-enrollment check can start. This happens either after the EULA is | 145 case policy::AUTO_ENROLLMENT_STATE_PENDING: |
| 145 // accepted, or right after a reboot if the EULA has already been accepted. | 146 // Abort re-start if the check is still running. |
| 147 return; |
| 148 case policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT: |
| 149 case policy::AUTO_ENROLLMENT_STATE_TRIGGER_ENROLLMENT: |
| 150 // Abort re-start when there's already a final decision. |
| 151 return; |
| 152 |
| 153 case policy::AUTO_ENROLLMENT_STATE_IDLE: |
| 154 case policy::AUTO_ENROLLMENT_STATE_CONNECTION_ERROR: |
| 155 case policy::AUTO_ENROLLMENT_STATE_SERVER_ERROR: |
| 156 // Continue (re-)start. |
| 157 break; |
| 158 } |
| 146 | 159 |
| 147 // Skip if GAIA is disabled or modulus configuration is not present. | 160 // Skip if GAIA is disabled or modulus configuration is not present. |
| 148 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); | 161 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); |
| 149 if (command_line->HasSwitch(chromeos::switches::kDisableGaiaServices) || | 162 if (command_line->HasSwitch(chromeos::switches::kDisableGaiaServices) || |
| 150 (!command_line->HasSwitch( | 163 (!command_line->HasSwitch( |
| 151 chromeos::switches::kEnterpriseEnrollmentInitialModulus) && | 164 chromeos::switches::kEnterpriseEnrollmentInitialModulus) && |
| 152 !command_line->HasSwitch( | 165 !command_line->HasSwitch( |
| 153 chromeos::switches::kEnterpriseEnrollmentModulusLimit))) { | 166 chromeos::switches::kEnterpriseEnrollmentModulusLimit))) { |
| 154 VLOG(1) << "Auto-enrollment disabled: command line."; | 167 VLOG(1) << "Auto-enrollment disabled: command line."; |
| 155 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); | 168 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); |
| (...skipping 27 matching lines...) Expand all Loading... |
| 183 base::Bind(&AutoEnrollmentController::Timeout, | 196 base::Bind(&AutoEnrollmentController::Timeout, |
| 184 weak_ptr_factory_.GetWeakPtr())); | 197 weak_ptr_factory_.GetWeakPtr())); |
| 185 | 198 |
| 186 // Start by checking if the device has already been owned. | 199 // Start by checking if the device has already been owned. |
| 187 UpdateState(policy::AUTO_ENROLLMENT_STATE_PENDING); | 200 UpdateState(policy::AUTO_ENROLLMENT_STATE_PENDING); |
| 188 DeviceSettingsService::Get()->GetOwnershipStatusAsync( | 201 DeviceSettingsService::Get()->GetOwnershipStatusAsync( |
| 189 base::Bind(&AutoEnrollmentController::OnOwnershipStatusCheckDone, | 202 base::Bind(&AutoEnrollmentController::OnOwnershipStatusCheckDone, |
| 190 client_start_weak_factory_.GetWeakPtr())); | 203 client_start_weak_factory_.GetWeakPtr())); |
| 191 } | 204 } |
| 192 | 205 |
| 193 void AutoEnrollmentController::Cancel() { | |
| 194 if (client_) { | |
| 195 // Cancelling the |client_| allows it to determine whether | |
| 196 // its protocol finished before login was complete. | |
| 197 client_.release()->CancelAndDeleteSoon(); | |
| 198 } | |
| 199 | |
| 200 // Make sure to nuke pending |client_| start sequences. | |
| 201 client_start_weak_factory_.InvalidateWeakPtrs(); | |
| 202 | |
| 203 safeguard_timer_.Stop(); | |
| 204 } | |
| 205 | |
| 206 void AutoEnrollmentController::Retry() { | 206 void AutoEnrollmentController::Retry() { |
| 207 if (client_) | 207 if (client_) |
| 208 client_->Retry(); | 208 client_->Retry(); |
| 209 else | 209 else |
| 210 Start(); | 210 Start(); |
| 211 } | 211 } |
| 212 | 212 |
| 213 std::unique_ptr<AutoEnrollmentController::ProgressCallbackList::Subscription> | 213 std::unique_ptr<AutoEnrollmentController::ProgressCallbackList::Subscription> |
| 214 AutoEnrollmentController::RegisterProgressCallback( | 214 AutoEnrollmentController::RegisterProgressCallback( |
| 215 const ProgressCallbackList::CallbackType& callback) { | 215 const ProgressCallbackList::CallbackType& callback) { |
| 216 return progress_callbacks_.Add(callback); | 216 return progress_callbacks_.Add(callback); |
| 217 } | 217 } |
| 218 | 218 |
| 219 void AutoEnrollmentController::OnOwnershipStatusCheckDone( | 219 void AutoEnrollmentController::OnOwnershipStatusCheckDone( |
| 220 DeviceSettingsService::OwnershipStatus status) { | 220 DeviceSettingsService::OwnershipStatus status) { |
| 221 policy::ServerBackedStateKeysBroker* state_keys_broker = | 221 switch (status) { |
| 222 case DeviceSettingsService::OWNERSHIP_NONE: |
| 222 g_browser_process->platform_part() | 223 g_browser_process->platform_part() |
| 223 ->browser_policy_connector_chromeos() | 224 ->browser_policy_connector_chromeos() |
| 224 ->GetStateKeysBroker(); | 225 ->GetStateKeysBroker() |
| 225 switch (status) { | 226 ->RequestStateKeys( |
| 226 case DeviceSettingsService::OWNERSHIP_NONE: | 227 base::Bind(&AutoEnrollmentController::StartClient, |
| 227 // TODO(tnagel): Prevent missing state keys broker in the first place. | 228 client_start_weak_factory_.GetWeakPtr())); |
| 228 // https://crbug.com/703658 | |
| 229 if (!state_keys_broker) { | |
| 230 LOG(ERROR) << "State keys broker missing."; | |
| 231 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); | |
| 232 return; | |
| 233 } | |
| 234 state_keys_broker->RequestStateKeys( | |
| 235 base::Bind(&AutoEnrollmentController::StartClient, | |
| 236 client_start_weak_factory_.GetWeakPtr())); | |
| 237 return; | 229 return; |
| 238 case DeviceSettingsService::OWNERSHIP_TAKEN: | 230 case DeviceSettingsService::OWNERSHIP_TAKEN: |
| 239 VLOG(1) << "Device already owned, skipping auto-enrollment check."; | 231 VLOG(1) << "Device already owned, skipping auto-enrollment check."; |
| 240 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); | 232 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); |
| 241 return; | 233 return; |
| 242 case DeviceSettingsService::OWNERSHIP_UNKNOWN: | 234 case DeviceSettingsService::OWNERSHIP_UNKNOWN: |
| 243 LOG(ERROR) << "Ownership unknown, skipping auto-enrollment check."; | 235 LOG(ERROR) << "Ownership unknown, skipping auto-enrollment check."; |
| 244 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); | 236 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); |
| 245 return; | 237 return; |
| 246 } | 238 } |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 342 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); | 334 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); |
| 343 } else { | 335 } else { |
| 344 // This can actually happen in some cases, for example when state key | 336 // This can actually happen in some cases, for example when state key |
| 345 // generation is waiting for time sync or the server just doesn't reply and | 337 // generation is waiting for time sync or the server just doesn't reply and |
| 346 // keeps the connection open. | 338 // keeps the connection open. |
| 347 LOG(ERROR) << "AutoEnrollmentClient didn't complete within time limit."; | 339 LOG(ERROR) << "AutoEnrollmentClient didn't complete within time limit."; |
| 348 UpdateState(policy::AUTO_ENROLLMENT_STATE_CONNECTION_ERROR); | 340 UpdateState(policy::AUTO_ENROLLMENT_STATE_CONNECTION_ERROR); |
| 349 } | 341 } |
| 350 | 342 |
| 351 // Reset state. | 343 // Reset state. |
| 352 Cancel(); | 344 if (client_) { |
| 345 // Cancelling the |client_| allows it to determine whether |
| 346 // its protocol finished before login was complete. |
| 347 client_.release()->CancelAndDeleteSoon(); |
| 348 } |
| 349 |
| 350 // Make sure to nuke pending |client_| start sequences. |
| 351 client_start_weak_factory_.InvalidateWeakPtrs(); |
| 353 } | 352 } |
| 354 | 353 |
| 355 } // namespace chromeos | 354 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2771803003:
Don't start FRE from the login screen (Closed)
