chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc - Issue 2977033002: Mixed Licenses Enrollment

Side by Side Diff: chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc

Issue 2977033002: Mixed Licenses Enrollment (Closed)

Patch Set: Created 3 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« chrome/browser/chromeos/policy/enrollment_handler_chromeos.h ('K') | « chrome/browser/chromeos/policy/enrollment_handler_chromeos.h ('k') | chrome/browser/chromeos/policy/fake_device_cloud_policy_initializer.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h"	5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h"

6	6

7 #include <utility>	7 #include <utility>

8	8

9 #include "base/bind.h"	9 #include "base/bind.h"

10 #include "base/command_line.h"	10 #include "base/command_line.h"

(...skipping 113 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
124 state_keys_broker_(state_keys_broker),	124 state_keys_broker_(state_keys_broker),

125 attestation_flow_(attestation_flow),	125 attestation_flow_(attestation_flow),

126 client_(std::move(client)),	126 client_(std::move(client)),

127 background_task_runner_(background_task_runner),	127 background_task_runner_(background_task_runner),

128 ad_join_delegate_(ad_join_delegate),	128 ad_join_delegate_(ad_join_delegate),

129 enrollment_config_(enrollment_config),	129 enrollment_config_(enrollment_config),

130 auth_token_(auth_token),	130 auth_token_(auth_token),

131 client_id_(client_id),	131 client_id_(client_id),

132 requisition_(requisition),	132 requisition_(requisition),

133 completion_callback_(completion_callback),	133 completion_callback_(completion_callback),

	134 license_type_(enterprise_management::LicenseType::UNDEFINED),
	emaxx 2017/07/21 12:57:30 nit: s/enterprise_management/em/ nit: s/enterprise_management/em/ Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done. Show quoted text On 2017/07/21 12:57:30, emaxx (OOO till July 31st) wrote: > nit: s/enterprise_management/em/ Done.
134 enrollment_step_(STEP_PENDING),	135 enrollment_step_(STEP_PENDING),

135 weak_ptr_factory_(this) {	136 weak_ptr_factory_(this) {

136 CHECK(!client_->is_registered());	137 CHECK(!client_->is_registered());

137 CHECK_EQ(DM_STATUS_SUCCESS, client_->status());	138 CHECK_EQ(DM_STATUS_SUCCESS, client_->status());

138 CHECK((enrollment_config_.mode == EnrollmentConfig::MODE_ATTESTATION \|\|	139 CHECK((enrollment_config_.mode == EnrollmentConfig::MODE_ATTESTATION \|\|

139 enrollment_config_.mode ==	140 enrollment_config_.mode ==

140 EnrollmentConfig::MODE_ATTESTATION_FORCED) == auth_token_.empty());	141 EnrollmentConfig::MODE_ATTESTATION_FORCED) == auth_token_.empty());

141 CHECK(enrollment_config_.auth_mechanism !=	142 CHECK(enrollment_config_.auth_mechanism !=

142 EnrollmentConfig::AUTH_MECHANISM_ATTESTATION \|\|	143 EnrollmentConfig::AUTH_MECHANISM_ATTESTATION \|\|

143 attestation_flow_);	144 attestation_flow_);

144 store_->AddObserver(this);	145 store_->AddObserver(this);

145 client_->AddObserver(this);	146 client_->AddObserver(this);

146 client_->AddPolicyTypeToFetch(dm_protocol::kChromeDevicePolicyType,	147 client_->AddPolicyTypeToFetch(dm_protocol::kChromeDevicePolicyType,

147 std::string());	148 std::string());

148 }	149 }

149	150

150 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() {	151 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() {

151 Stop();	152 Stop();

152 store_->RemoveObserver(this);	153 store_->RemoveObserver(this);

153 }	154 }

154	155

	156 void EnrollmentHandlerChromeOS::CheckAvailableLicenses(

	157 const LicenseSelectionCallback& license_callback) {

	158 CHECK_EQ(STEP_PENDING, enrollment_step_);

	159 license_selection_callback_ = license_callback;

	160 client_->RequestAvailableLicenses(

	161 auth_token_,

	162 base::Bind(&EnrollmentHandlerChromeOS::HandleAvailableLicensesResult,

	163 weak_ptr_factory_.GetWeakPtr()));

	164 }

	165

	166 void EnrollmentHandlerChromeOS::HandleAvailableLicensesResult(

	167 bool success,

	168 const policy::CloudPolicyClient::LicenseMap& license_map) {

	169 if (!success) {

	170 ReportResult(

	171 EnrollmentStatus::ForStatus(EnrollmentStatus::LICENSE_REQUEST_FAILED));

	172 return;

	173 }

	174 if (!license_selection_callback_.is_null()) {
	emaxx 2017/07/21 12:57:30 nit: It's possible to write it simply as: if (li nit: It's possible to write it simply as: if (license_selection_callback_) { Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done. Show quoted text On 2017/07/21 12:57:30, emaxx (OOO till July 31st) wrote: > nit: It's possible to write it simply as: > if (license_selection_callback_) { Done.
	175 license_selection_callback_.Run(license_map);

	176 }

	177 }

	178

	179 void EnrollmentHandlerChromeOS::StartEnrollmentWithLicense(

	180 ::policy::LicenseType license_type) {

	181 CHECK_EQ(STEP_PENDING, enrollment_step_);

	182 CHECK(license_type != ::policy::LicenseType::UNKNOWN);
	emaxx 2017/07/21 12:57:30 nit: Use CHECK_NE? nit: Use CHECK_NE? Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done. Show quoted text On 2017/07/21 12:57:30, emaxx (OOO till July 31st) wrote: > nit: Use CHECK_NE? Done.
	183 switch (license_type) {

	184 case ::policy::LicenseType::PERPETUAL:

	185 license_type_ = ::enterprise_management::LicenseType::CDM_PERPETUAL;
	emaxx 2017/07/21 12:57:30 nit: s/enterprise_management/em/ nit: s/enterprise_management/em/ Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done. Show quoted text On 2017/07/21 12:57:30, emaxx (OOO till July 31st) wrote: > nit: s/enterprise_management/em/ Done.
	186 return;
	emaxx 2017/07/21 12:57:30 This method is called "StartEnrollment...", but do This method is called "StartEnrollment...", but does nothing except updating the data field. Shouldn't the enrollment be started? Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done. Show quoted text On 2017/07/21 12:57:30, emaxx (OOO till July 31st) wrote: > This method is called "StartEnrollment...", but does nothing except updating the > data field. Shouldn't the enrollment be started? Done.
	187 case ::policy::LicenseType::ANNUAL:

	188 license_type_ = ::enterprise_management::LicenseType::CDM_ANNUAL;

	189 return;

	190 case ::policy::LicenseType::KIOSK:

	191 license_type_ = ::enterprise_management::LicenseType::KIOSK;

	192 return;

	193 case ::policy::LicenseType::UNKNOWN:

	194 NOTREACHED();

	195 }

	196 }

	197

155 void EnrollmentHandlerChromeOS::StartEnrollment() {	198 void EnrollmentHandlerChromeOS::StartEnrollment() {

156 CHECK_EQ(STEP_PENDING, enrollment_step_);	199 CHECK_EQ(STEP_PENDING, enrollment_step_);

157 SetStep(STEP_STATE_KEYS);	200 SetStep(STEP_STATE_KEYS);

158	201

159 if (client_->machine_id().empty()) {	202 if (client_->machine_id().empty()) {

160 LOG(ERROR) << "Machine id empty.";	203 LOG(ERROR) << "Machine id empty.";

161 ReportResult(EnrollmentStatus::ForStatus(	204 ReportResult(EnrollmentStatus::ForStatus(

162 EnrollmentStatus::NO_MACHINE_IDENTIFICATION));	205 EnrollmentStatus::NO_MACHINE_IDENTIFICATION));

163 return;	206 return;

164 }	207 }

(...skipping 150 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
315 // after the CloudPolicyStore has initialized.	358 // after the CloudPolicyStore has initialized.

316 return;	359 return;

317 }	360 }

318 SetStep(STEP_REGISTRATION);	361 SetStep(STEP_REGISTRATION);

319 if (enrollment_config_.is_mode_attestation()) {	362 if (enrollment_config_.is_mode_attestation()) {

320 StartAttestationBasedEnrollmentFlow();	363 StartAttestationBasedEnrollmentFlow();

321 } else {	364 } else {

322 client_->Register(	365 client_->Register(

323 em::DeviceRegisterRequest::DEVICE,	366 em::DeviceRegisterRequest::DEVICE,

324 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode),	367 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode),

325 auth_token_, client_id_, requisition_, current_state_key_);	368 license_type_, auth_token_, client_id_, requisition_,

	369 current_state_key_);

326 }	370 }

327 }	371 }

328	372

329 void EnrollmentHandlerChromeOS::StartAttestationBasedEnrollmentFlow() {	373 void EnrollmentHandlerChromeOS::StartAttestationBasedEnrollmentFlow() {

330 const chromeos::attestation::AttestationFlow::CertificateCallback callback =	374 const chromeos::attestation::AttestationFlow::CertificateCallback callback =

331 base::Bind(	375 base::Bind(

332 &EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult,	376 &EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult,

333 weak_ptr_factory_.GetWeakPtr());	377 weak_ptr_factory_.GetWeakPtr());

334 attestation_flow_->GetCertificate(	378 attestation_flow_->GetCertificate(

335 chromeos::attestation::PROFILE_ENTERPRISE_ENROLLMENT_CERTIFICATE,	379 chromeos::attestation::PROFILE_ENTERPRISE_ENROLLMENT_CERTIFICATE,

336 EmptyAccountId(), "" /* request_origin /, false / force_new_key */,	380 EmptyAccountId(), "" /* request_origin /, false / force_new_key */,

337 callback);	381 callback);

338 }	382 }

339	383

340 void EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult(	384 void EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult(

341 bool success,	385 bool success,

342 const std::string& pem_certificate_chain) {	386 const std::string& pem_certificate_chain) {

343 if (success)	387 if (success)

344 client_->RegisterWithCertificate(	388 client_->RegisterWithCertificate(

345 em::DeviceRegisterRequest::DEVICE,	389 em::DeviceRegisterRequest::DEVICE,

346 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode),	390 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode),

347 pem_certificate_chain, client_id_, requisition_, current_state_key_);	391 license_type_, pem_certificate_chain, client_id_, requisition_,

	392 current_state_key_);

348 else	393 else

349 ReportResult(EnrollmentStatus::ForStatus(	394 ReportResult(EnrollmentStatus::ForStatus(

350 EnrollmentStatus::REGISTRATION_CERT_FETCH_FAILED));	395 EnrollmentStatus::REGISTRATION_CERT_FETCH_FAILED));

351 }	396 }

352	397

353 void EnrollmentHandlerChromeOS::HandlePolicyValidationResult(	398 void EnrollmentHandlerChromeOS::HandlePolicyValidationResult(

354 DeviceCloudPolicyValidator* validator) {	399 DeviceCloudPolicyValidator* validator) {

355 DCHECK_EQ(STEP_VALIDATION, enrollment_step_);	400 DCHECK_EQ(STEP_VALIDATION, enrollment_step_);

356 if (validator->success()) {	401 if (validator->success()) {

357 std::string username = validator->policy_data()->username();	402 std::string username = validator->policy_data()->username();

(...skipping 270 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
628 // After that, the enrollment flow continues in one of the OnStore* observers.	673 // After that, the enrollment flow continues in one of the OnStore* observers.

629 store_->Load();	674 store_->Load();

630 }	675 }

631	676

632 void EnrollmentHandlerChromeOS::Stop() {	677 void EnrollmentHandlerChromeOS::Stop() {

633 if (client_.get())	678 if (client_.get())

634 client_->RemoveObserver(this);	679 client_->RemoveObserver(this);

635 SetStep(STEP_FINISHED);	680 SetStep(STEP_FINISHED);

636 weak_ptr_factory_.InvalidateWeakPtrs();	681 weak_ptr_factory_.InvalidateWeakPtrs();

637 completion_callback_.Reset();	682 completion_callback_.Reset();

	683 license_selection_callback_.Reset();

638 }	684 }

639	685

640 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) {	686 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) {

641 EnrollmentCallback callback = completion_callback_;	687 EnrollmentCallback callback = completion_callback_;

642 Stop();	688 Stop();

643	689

644 if (status.status() != EnrollmentStatus::SUCCESS) {	690 if (status.status() != EnrollmentStatus::SUCCESS) {

645 LOG(WARNING) << "Enrollment failed: " << status.status()	691 LOG(WARNING) << "Enrollment failed: " << status.status()

646 << ", client: " << status.client_status()	692 << ", client: " << status.client_status()

647 << ", validation: " << status.validation_status()	693 << ", validation: " << status.validation_status()

648 << ", store: " << status.store_status()	694 << ", store: " << status.store_status()

649 << ", lock: " << status.lock_status();	695 << ", lock: " << status.lock_status();

650 }	696 }

651	697

652 if (!callback.is_null())	698 if (!callback.is_null())

653 callback.Run(status);	699 callback.Run(status);

654 }	700 }

655	701

656 void EnrollmentHandlerChromeOS::SetStep(EnrollmentStep step) {	702 void EnrollmentHandlerChromeOS::SetStep(EnrollmentStep step) {

657 DCHECK_LE(enrollment_step_, step);	703 DCHECK_LE(enrollment_step_, step);

658 VLOG(1) << "Step: " << step;	704 VLOG(1) << "Step: " << step;

659 enrollment_step_ = step;	705 enrollment_step_ = step;

660 }	706 }

661	707

662 } // namespace policy	708 } // namespace policy

OLD	NEW