Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(474)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/policy/device_local_account_policy_store.cc

Issue 2820063005: Remove the "not_after" validation of policy timestamps (Closed)
Patch Set: Rebase Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.cc ('k') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/callback.h" 10 #include "base/callback.h"
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after
188 UserCloudPolicyValidator::Create(std::move(policy_response), 188 UserCloudPolicyValidator::Create(std::move(policy_response),
189 background_task_runner())); 189 background_task_runner()));
190 validator->ValidateUsername(account_id_, false); 190 validator->ValidateUsername(account_id_, false);
191 validator->ValidatePolicyType(dm_protocol::kChromePublicAccountPolicyType); 191 validator->ValidatePolicyType(dm_protocol::kChromePublicAccountPolicyType);
192 // The timestamp is verified when storing a new policy downloaded from the 192 // The timestamp is verified when storing a new policy downloaded from the
193 // server but not when loading a cached policy from disk. 193 // server but not when loading a cached policy from disk.
194 // See SessionManagerOperation::ValidateDeviceSettings for the rationale. 194 // See SessionManagerOperation::ValidateDeviceSettings for the rationale.
195 validator->ValidateAgainstCurrentPolicy( 195 validator->ValidateAgainstCurrentPolicy(
196 policy(), 196 policy(),
197 valid_timestamp_required 197 valid_timestamp_required
198 ? CloudPolicyValidatorBase::TIMESTAMP_FULLY_VALIDATED 198 ? CloudPolicyValidatorBase::TIMESTAMP_VALIDATED
199 : CloudPolicyValidatorBase::TIMESTAMP_NOT_VALIDATED, 199 : CloudPolicyValidatorBase::TIMESTAMP_NOT_VALIDATED,
200 CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED, 200 CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED,
201 CloudPolicyValidatorBase::DEVICE_ID_NOT_REQUIRED); 201 CloudPolicyValidatorBase::DEVICE_ID_NOT_REQUIRED);
202 202
203 // Validate the DMToken to match what device policy has. 203 // Validate the DMToken to match what device policy has.
204 validator->ValidateDMToken(device_policy_data->request_token(), 204 validator->ValidateDMToken(device_policy_data->request_token(),
205 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); 205 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED);
206 206
207 // Validate the device id to match what device policy has. 207 // Validate the device id to match what device policy has.
208 validator->ValidateDeviceId(device_policy_data->device_id(), 208 validator->ValidateDeviceId(device_policy_data->device_id(),
209 CloudPolicyValidatorBase::DEVICE_ID_REQUIRED); 209 CloudPolicyValidatorBase::DEVICE_ID_REQUIRED);
210 210
211 validator->ValidatePayload(); 211 validator->ValidatePayload();
212 validator->ValidateSignature(key->as_string()); 212 validator->ValidateSignature(key->as_string());
213 213
214 if (validate_in_background) { 214 if (validate_in_background) {
215 UserCloudPolicyValidator::StartValidation( 215 UserCloudPolicyValidator::StartValidation(
216 std::move(validator), base::Bind(callback, key->as_string())); 216 std::move(validator), base::Bind(callback, key->as_string()));
217 } else { 217 } else {
218 validator->RunValidation(); 218 validator->RunValidation();
219 219
220 UpdatePolicy(key->as_string(), validator.get()); 220 UpdatePolicy(key->as_string(), validator.get());
221 } 221 }
222 } 222 }
223 223
224 } // namespace policy 224 } // namespace policy
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.cc ('k') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698