Abandon user sign in when policy is retrieved before session started

chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h"
 
 #include <stddef.h>
 #include <utility>
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/callback.h"
 #include "base/files/file_util.h"
 #include "base/location.h"
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/sequenced_task_runner.h"
 #include "base/stl_util.h"
 #include "base/strings/stringprintf.h"
 #include "chrome/browser/chromeos/policy/user_policy_token_loader.h"
+#include "chrome/browser/lifetime/application_lifetime.h"
 #include "chromeos/cryptohome/cryptohome_parameters.h"
 #include "chromeos/dbus/cryptohome_client.h"
-#include "chromeos/dbus/session_manager_client.h"
 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
 #include "components/policy/proto/cloud_policy.pb.h"
 #include "components/policy/proto/device_management_local.pb.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 
 namespace em = enterprise_management;
 
 namespace policy {
 
 namespace {
@@ skipping 172 matching lines @@
   } else {
     // Load the policy right after storing it, to make sure it was accepted by
     // the session manager. An additional validation is performed after the
     // load; reload the key for that validation too, in case it was rotated.
     ReloadPolicyKey(base::Bind(&UserCloudPolicyStoreChromeOS::Load,
                                weak_factory_.GetWeakPtr()));
   }
 }
 
 void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved(
-    const std::string& policy_blob) {
+    const std::string& policy_blob,
+    const chromeos::SessionManagerClient::RetrievePolicyResponseType&
+        response_type) {
+  // Disallow the sign in when the error is dbus_error::kSessionDoesNotExist

[emaxx, 2017/04/18 15:03:17]

nit: Please rephrase the comment to be explanatory instead of writing down the
condition in words. E.g. something like (not insisting on the exact text - just
giving the idea):
"Disallow the sign in when the Chrome OS user session has not started, which
should always happen before the profile construction. An attempt to read the
policy outside the session will always fail and return an empty policy blob."

[igorcov, 2017/04/20 14:52:29]

Done.

+  // from session manager.
+  // TODO(igorcov): crbug/689206. Find the root cause for the behavior that

[emaxx, 2017/04/18 15:03:17]

nit: Is this TODO really needed here? I thought the idea was to put this code
here forever - regardless of whether http://crbug.com/68920 gets resolved.

[igorcov, 2017/04/20 14:52:29]

Done.

+  // makes Chrome request the user policy before the session is started.
+  if (response_type == chromeos::SessionManagerClient::
+                           RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) {
+    chrome::AttemptUserExit();
+    return;
+  }
+
   if (policy_blob.empty()) {
     // session_manager doesn't have policy. Adjust internal state and notify
     // the world about the policy update.
     policy_map_.Clear();
     policy_.reset();
     policy_signature_public_key_.clear();
     NotifyStoreLoaded();
     return;
   }
 
@@ skipping 147 matching lines @@
     validator->ValidateUsername(account_id_.GetUserEmail(), true);
     // The policy loaded from session manager need not be validated using the
     // verification key since it is secure, and since there may be legacy policy
     // data that was stored without a verification key.
     validator->ValidateSignature(cached_policy_key_);
   }
   return validator;
 }
 
 }  // namespace policy