| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/dbus/fake_auth_policy_client.h" | 5 #include "chromeos/dbus/fake_auth_policy_client.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/files/file_util.h" | 9 #include "base/files/file_util.h" |
| 10 #include "base/location.h" | 10 #include "base/location.h" |
| 11 #include "base/md5.h" | 11 #include "base/md5.h" |
| 12 #include "base/path_service.h" | 12 #include "base/path_service.h" |
| 13 #include "base/strings/string_split.h" | 13 #include "base/strings/string_split.h" |
| 14 #include "base/task_scheduler/post_task.h" | 14 #include "base/task_scheduler/post_task.h" |
| 15 #include "base/threading/platform_thread.h" | 15 #include "base/threading/platform_thread.h" |
| 16 #include "base/threading/thread_task_runner_handle.h" |
| 16 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" | 17 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" |
| 17 #include "chromeos/chromeos_paths.h" | 18 #include "chromeos/chromeos_paths.h" |
| 18 #include "chromeos/cryptohome/cryptohome_parameters.h" | 19 #include "chromeos/cryptohome/cryptohome_parameters.h" |
| 19 #include "chromeos/dbus/cryptohome_client.h" | 20 #include "chromeos/dbus/cryptohome_client.h" |
| 20 #include "components/policy/proto/cloud_policy.pb.h" | 21 #include "components/policy/proto/cloud_policy.pb.h" |
| 21 #include "components/policy/proto/device_management_backend.pb.h" | 22 #include "components/policy/proto/device_management_backend.pb.h" |
| 22 #include "components/signin/core/account_id/account_id.h" | 23 #include "components/signin/core/account_id/account_id.h" |
| 23 #include "third_party/cros_system_api/dbus/service_constants.h" | 24 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 24 | 25 |
| 25 namespace em = enterprise_management; | 26 namespace em = enterprise_management; |
| 26 | 27 |
| 27 namespace { | 28 namespace { |
| 28 | 29 |
| 29 const size_t kMaxMachineNameLength = 15; | 30 const size_t kMaxMachineNameLength = 15; |
| 30 const char kInvalidMachineNameCharacters[] = "\\/:*?\"<>|"; | 31 const char kInvalidMachineNameCharacters[] = "\\/:*?\"<>|"; |
| 31 | 32 |
| 32 // Delay policy fetch to be more realistic. | 33 // Delay operations to be more realistic. |
| 33 constexpr int kPolicyFetchDelaySeconds = 5; | 34 constexpr int kOperationDelaySeconds = 3; |
| 34 | 35 |
| 35 // Drop stub policy file of |policy_type| at |policy_path| containing | 36 // Drop stub policy file of |policy_type| at |policy_path| containing |
| 36 // |serialized_payload|. | 37 // |serialized_payload|. |
| 37 bool WritePolicyFile(const base::FilePath& policy_path, | 38 bool WritePolicyFile(const base::FilePath& policy_path, |
| 38 const std::string& serialized_payload, | 39 const std::string& serialized_payload, |
| 39 const std::string& policy_type) { | 40 const std::string& policy_type) { |
| 40 base::PlatformThread::Sleep( | 41 base::PlatformThread::Sleep( |
| 41 base::TimeDelta::FromSeconds(kPolicyFetchDelaySeconds)); | 42 base::TimeDelta::FromSeconds(kOperationDelaySeconds)); |
| 42 | 43 |
| 43 em::PolicyData data; | 44 em::PolicyData data; |
| 44 data.set_policy_value(serialized_payload); | 45 data.set_policy_value(serialized_payload); |
| 45 data.set_policy_type(policy_type); | 46 data.set_policy_type(policy_type); |
| 46 | 47 |
| 47 em::PolicyFetchResponse response; | 48 em::PolicyFetchResponse response; |
| 48 CHECK(data.SerializeToString(response.mutable_policy_data())); | 49 CHECK(data.SerializeToString(response.mutable_policy_data())); |
| 49 std::string serialized_response; | 50 std::string serialized_response; |
| 50 CHECK(response.SerializeToString(&serialized_response)); | 51 CHECK(response.SerializeToString(&serialized_response)); |
| 51 | 52 |
| 52 if (!base::CreateDirectory(policy_path.DirName())) | 53 if (!base::CreateDirectory(policy_path.DirName())) |
| 53 return false; | 54 return false; |
| 54 | 55 |
| 55 // Note that in theory there could be a short time window in which a | 56 // Note that in theory there could be a short time window in which a |
| 56 // concurrent reader sees a partial (and thus invalid) file, but given the | 57 // concurrent reader sees a partial (and thus invalid) file, but given the |
| 57 // small file size that seems very unlikely in practice. | 58 // small file size that seems very unlikely in practice. |
| 58 const int bytes_written = base::WriteFile( | 59 const int bytes_written = base::WriteFile( |
| 59 policy_path, serialized_response.c_str(), serialized_response.size()); | 60 policy_path, serialized_response.c_str(), serialized_response.size()); |
| 60 if (bytes_written < 0) | 61 if (bytes_written < 0) |
| 61 return false; | 62 return false; |
| 62 return bytes_written == static_cast<int>(serialized_response.size()); | 63 return bytes_written == static_cast<int>(serialized_response.size()); |
| 63 } | 64 } |
| 64 | 65 |
| 66 void PostDelayedClosure(const base::Closure& closure) { |
| 67 base::ThreadTaskRunnerHandle::Get()->PostDelayedTask( |
| 68 FROM_HERE, closure, base::TimeDelta::FromSeconds(kOperationDelaySeconds)); |
| 69 } |
| 70 |
| 65 } // namespace | 71 } // namespace |
| 66 | 72 |
| 67 namespace chromeos { | 73 namespace chromeos { |
| 68 | 74 |
| 69 FakeAuthPolicyClient::FakeAuthPolicyClient() {} | 75 FakeAuthPolicyClient::FakeAuthPolicyClient() {} |
| 70 | 76 |
| 71 FakeAuthPolicyClient::~FakeAuthPolicyClient() {} | 77 FakeAuthPolicyClient::~FakeAuthPolicyClient() {} |
| 72 | 78 |
| 73 void FakeAuthPolicyClient::Init(dbus::Bus* bus) {} | 79 void FakeAuthPolicyClient::Init(dbus::Bus* bus) {} |
| 74 | 80 |
| 75 void FakeAuthPolicyClient::JoinAdDomain(const std::string& machine_name, | 81 void FakeAuthPolicyClient::JoinAdDomain(const std::string& machine_name, |
| 76 const std::string& user_principal_name, | 82 const std::string& user_principal_name, |
| 77 int password_fd, | 83 int password_fd, |
| 78 const JoinCallback& callback) { | 84 const JoinCallback& callback) { |
| 85 authpolicy::ErrorType error = authpolicy::ERROR_NONE; |
| 79 if (!started_) { | 86 if (!started_) { |
| 80 LOG(ERROR) << "authpolicyd not started"; | 87 LOG(ERROR) << "authpolicyd not started"; |
| 81 callback.Run(authpolicy::ERROR_DBUS_FAILURE); | 88 error = authpolicy::ERROR_DBUS_FAILURE; |
| 82 return; | 89 } else if (machine_name.size() > kMaxMachineNameLength) { |
| 90 error = authpolicy::ERROR_MACHINE_NAME_TOO_LONG; |
| 91 } else if (machine_name.empty() || |
| 92 machine_name.find_first_of(kInvalidMachineNameCharacters) != |
| 93 std::string::npos) { |
| 94 error = authpolicy::ERROR_BAD_MACHINE_NAME; |
| 95 } else { |
| 96 std::vector<std::string> parts = base::SplitString( |
| 97 user_principal_name, "@", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL); |
| 98 if (parts.size() != 2 || parts[0].empty() || parts[1].empty()) { |
| 99 error = authpolicy::ERROR_PARSE_UPN_FAILED; |
| 100 } |
| 83 } | 101 } |
| 84 if (machine_name.size() > kMaxMachineNameLength) { | 102 PostDelayedClosure(base::Bind(callback, error)); |
| 85 callback.Run(authpolicy::ERROR_MACHINE_NAME_TOO_LONG); | |
| 86 return; | |
| 87 } | |
| 88 | |
| 89 if (machine_name.empty() || | |
| 90 machine_name.find_first_of(kInvalidMachineNameCharacters) != | |
| 91 std::string::npos) { | |
| 92 callback.Run(authpolicy::ERROR_BAD_MACHINE_NAME); | |
| 93 return; | |
| 94 } | |
| 95 | |
| 96 std::vector<std::string> parts = base::SplitString( | |
| 97 user_principal_name, "@", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL); | |
| 98 if (parts.size() != 2 || parts[0].empty() || parts[1].empty()) { | |
| 99 callback.Run(authpolicy::ERROR_PARSE_UPN_FAILED); | |
| 100 return; | |
| 101 } | |
| 102 | |
| 103 callback.Run(authpolicy::ERROR_NONE); | |
| 104 } | 103 } |
| 105 | 104 |
| 106 void FakeAuthPolicyClient::AuthenticateUser( | 105 void FakeAuthPolicyClient::AuthenticateUser( |
| 107 const std::string& user_principal_name, | 106 const std::string& user_principal_name, |
| 108 int password_fd, | 107 int password_fd, |
| 109 const AuthCallback& callback) { | 108 const AuthCallback& callback) { |
| 109 authpolicy::ErrorType error = authpolicy::ERROR_NONE; |
| 110 authpolicy::ActiveDirectoryAccountData account_data; | 110 authpolicy::ActiveDirectoryAccountData account_data; |
| 111 if (!started_) { | 111 if (!started_) { |
| 112 LOG(ERROR) << "authpolicyd not started"; | 112 LOG(ERROR) << "authpolicyd not started"; |
| 113 callback.Run(authpolicy::ERROR_DBUS_FAILURE, account_data); | 113 error = authpolicy::ERROR_DBUS_FAILURE; |
| 114 return; | 114 } else { |
| 115 if (auth_error_ == authpolicy::ERROR_NONE) |
| 116 account_data.set_account_id(base::MD5String(user_principal_name)); |
| 117 error = auth_error_; |
| 115 } | 118 } |
| 116 if (auth_error_ == authpolicy::ERROR_NONE) | 119 PostDelayedClosure(base::Bind(callback, error, account_data)); |
| 117 account_data.set_account_id(base::MD5String(user_principal_name)); | |
| 118 callback.Run(auth_error_, account_data); | |
| 119 } | 120 } |
| 120 | 121 |
| 121 void FakeAuthPolicyClient::RefreshDevicePolicy( | 122 void FakeAuthPolicyClient::RefreshDevicePolicy( |
| 122 const RefreshPolicyCallback& callback) { | 123 const RefreshPolicyCallback& callback) { |
| 123 if (!started_) { | 124 if (!started_) { |
| 124 LOG(ERROR) << "authpolicyd not started"; | 125 LOG(ERROR) << "authpolicyd not started"; |
| 125 callback.Run(false); | 126 callback.Run(false); |
| 126 return; | 127 return; |
| 127 } | 128 } |
| 128 base::FilePath policy_path; | 129 base::FilePath policy_path; |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 177 .WithShutdownBehavior( | 178 .WithShutdownBehavior( |
| 178 base::TaskShutdownBehavior::CONTINUE_ON_SHUTDOWN) | 179 base::TaskShutdownBehavior::CONTINUE_ON_SHUTDOWN) |
| 179 .WithPriority(base::TaskPriority::BACKGROUND) | 180 .WithPriority(base::TaskPriority::BACKGROUND) |
| 180 .MayBlock(), | 181 .MayBlock(), |
| 181 base::Bind(&WritePolicyFile, policy_path, payload, | 182 base::Bind(&WritePolicyFile, policy_path, payload, |
| 182 "google/chromeos/user"), | 183 "google/chromeos/user"), |
| 183 callback); | 184 callback); |
| 184 } | 185 } |
| 185 | 186 |
| 186 } // namespace chromeos | 187 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2794493002:
Add AuthPolicyLoginHelper (Closed)
