Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(73)

Side by Side Diff: chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc

Issue 2977033002: Mixed Licenses Enrollment (Closed)
Patch Set: Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after
124 state_keys_broker_(state_keys_broker), 124 state_keys_broker_(state_keys_broker),
125 attestation_flow_(attestation_flow), 125 attestation_flow_(attestation_flow),
126 client_(std::move(client)), 126 client_(std::move(client)),
127 background_task_runner_(background_task_runner), 127 background_task_runner_(background_task_runner),
128 ad_join_delegate_(ad_join_delegate), 128 ad_join_delegate_(ad_join_delegate),
129 enrollment_config_(enrollment_config), 129 enrollment_config_(enrollment_config),
130 auth_token_(auth_token), 130 auth_token_(auth_token),
131 client_id_(client_id), 131 client_id_(client_id),
132 requisition_(requisition), 132 requisition_(requisition),
133 completion_callback_(completion_callback), 133 completion_callback_(completion_callback),
134 license_type_(enterprise_management::LicenseType::UNDEFINED),
emaxx 2017/07/21 12:57:30 nit: s/enterprise_management/em/
Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done.
134 enrollment_step_(STEP_PENDING), 135 enrollment_step_(STEP_PENDING),
135 weak_ptr_factory_(this) { 136 weak_ptr_factory_(this) {
136 CHECK(!client_->is_registered()); 137 CHECK(!client_->is_registered());
137 CHECK_EQ(DM_STATUS_SUCCESS, client_->status()); 138 CHECK_EQ(DM_STATUS_SUCCESS, client_->status());
138 CHECK((enrollment_config_.mode == EnrollmentConfig::MODE_ATTESTATION || 139 CHECK((enrollment_config_.mode == EnrollmentConfig::MODE_ATTESTATION ||
139 enrollment_config_.mode == 140 enrollment_config_.mode ==
140 EnrollmentConfig::MODE_ATTESTATION_FORCED) == auth_token_.empty()); 141 EnrollmentConfig::MODE_ATTESTATION_FORCED) == auth_token_.empty());
141 CHECK(enrollment_config_.auth_mechanism != 142 CHECK(enrollment_config_.auth_mechanism !=
142 EnrollmentConfig::AUTH_MECHANISM_ATTESTATION || 143 EnrollmentConfig::AUTH_MECHANISM_ATTESTATION ||
143 attestation_flow_); 144 attestation_flow_);
144 store_->AddObserver(this); 145 store_->AddObserver(this);
145 client_->AddObserver(this); 146 client_->AddObserver(this);
146 client_->AddPolicyTypeToFetch(dm_protocol::kChromeDevicePolicyType, 147 client_->AddPolicyTypeToFetch(dm_protocol::kChromeDevicePolicyType,
147 std::string()); 148 std::string());
148 } 149 }
149 150
150 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() { 151 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() {
151 Stop(); 152 Stop();
152 store_->RemoveObserver(this); 153 store_->RemoveObserver(this);
153 } 154 }
154 155
156 void EnrollmentHandlerChromeOS::CheckAvailableLicenses(
157 const LicenseSelectionCallback& license_callback) {
158 CHECK_EQ(STEP_PENDING, enrollment_step_);
159 license_selection_callback_ = license_callback;
160 client_->RequestAvailableLicenses(
161 auth_token_,
162 base::Bind(&EnrollmentHandlerChromeOS::HandleAvailableLicensesResult,
163 weak_ptr_factory_.GetWeakPtr()));
164 }
165
166 void EnrollmentHandlerChromeOS::HandleAvailableLicensesResult(
167 bool success,
168 const policy::CloudPolicyClient::LicenseMap& license_map) {
169 if (!success) {
170 ReportResult(
171 EnrollmentStatus::ForStatus(EnrollmentStatus::LICENSE_REQUEST_FAILED));
172 return;
173 }
174 if (!license_selection_callback_.is_null()) {
emaxx 2017/07/21 12:57:30 nit: It's possible to write it simply as: if (li
Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done.
175 license_selection_callback_.Run(license_map);
176 }
177 }
178
179 void EnrollmentHandlerChromeOS::StartEnrollmentWithLicense(
180 ::policy::LicenseType license_type) {
181 CHECK_EQ(STEP_PENDING, enrollment_step_);
182 CHECK(license_type != ::policy::LicenseType::UNKNOWN);
emaxx 2017/07/21 12:57:30 nit: Use CHECK_NE?
Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done.
183 switch (license_type) {
184 case ::policy::LicenseType::PERPETUAL:
185 license_type_ = ::enterprise_management::LicenseType::CDM_PERPETUAL;
emaxx 2017/07/21 12:57:30 nit: s/enterprise_management/em/
Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done.
186 return;
emaxx 2017/07/21 12:57:30 This method is called "StartEnrollment...", but do
Denis Kuznetsov (DE-MUC) 2017/07/25 21:51:06 Done.
187 case ::policy::LicenseType::ANNUAL:
188 license_type_ = ::enterprise_management::LicenseType::CDM_ANNUAL;
189 return;
190 case ::policy::LicenseType::KIOSK:
191 license_type_ = ::enterprise_management::LicenseType::KIOSK;
192 return;
193 case ::policy::LicenseType::UNKNOWN:
194 NOTREACHED();
195 }
196 }
197
155 void EnrollmentHandlerChromeOS::StartEnrollment() { 198 void EnrollmentHandlerChromeOS::StartEnrollment() {
156 CHECK_EQ(STEP_PENDING, enrollment_step_); 199 CHECK_EQ(STEP_PENDING, enrollment_step_);
157 SetStep(STEP_STATE_KEYS); 200 SetStep(STEP_STATE_KEYS);
158 201
159 if (client_->machine_id().empty()) { 202 if (client_->machine_id().empty()) {
160 LOG(ERROR) << "Machine id empty."; 203 LOG(ERROR) << "Machine id empty.";
161 ReportResult(EnrollmentStatus::ForStatus( 204 ReportResult(EnrollmentStatus::ForStatus(
162 EnrollmentStatus::NO_MACHINE_IDENTIFICATION)); 205 EnrollmentStatus::NO_MACHINE_IDENTIFICATION));
163 return; 206 return;
164 } 207 }
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after
315 // after the CloudPolicyStore has initialized. 358 // after the CloudPolicyStore has initialized.
316 return; 359 return;
317 } 360 }
318 SetStep(STEP_REGISTRATION); 361 SetStep(STEP_REGISTRATION);
319 if (enrollment_config_.is_mode_attestation()) { 362 if (enrollment_config_.is_mode_attestation()) {
320 StartAttestationBasedEnrollmentFlow(); 363 StartAttestationBasedEnrollmentFlow();
321 } else { 364 } else {
322 client_->Register( 365 client_->Register(
323 em::DeviceRegisterRequest::DEVICE, 366 em::DeviceRegisterRequest::DEVICE,
324 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode), 367 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode),
325 auth_token_, client_id_, requisition_, current_state_key_); 368 license_type_, auth_token_, client_id_, requisition_,
369 current_state_key_);
326 } 370 }
327 } 371 }
328 372
329 void EnrollmentHandlerChromeOS::StartAttestationBasedEnrollmentFlow() { 373 void EnrollmentHandlerChromeOS::StartAttestationBasedEnrollmentFlow() {
330 const chromeos::attestation::AttestationFlow::CertificateCallback callback = 374 const chromeos::attestation::AttestationFlow::CertificateCallback callback =
331 base::Bind( 375 base::Bind(
332 &EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult, 376 &EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult,
333 weak_ptr_factory_.GetWeakPtr()); 377 weak_ptr_factory_.GetWeakPtr());
334 attestation_flow_->GetCertificate( 378 attestation_flow_->GetCertificate(
335 chromeos::attestation::PROFILE_ENTERPRISE_ENROLLMENT_CERTIFICATE, 379 chromeos::attestation::PROFILE_ENTERPRISE_ENROLLMENT_CERTIFICATE,
336 EmptyAccountId(), "" /* request_origin */, false /* force_new_key */, 380 EmptyAccountId(), "" /* request_origin */, false /* force_new_key */,
337 callback); 381 callback);
338 } 382 }
339 383
340 void EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult( 384 void EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult(
341 bool success, 385 bool success,
342 const std::string& pem_certificate_chain) { 386 const std::string& pem_certificate_chain) {
343 if (success) 387 if (success)
344 client_->RegisterWithCertificate( 388 client_->RegisterWithCertificate(
345 em::DeviceRegisterRequest::DEVICE, 389 em::DeviceRegisterRequest::DEVICE,
346 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode), 390 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode),
347 pem_certificate_chain, client_id_, requisition_, current_state_key_); 391 license_type_, pem_certificate_chain, client_id_, requisition_,
392 current_state_key_);
348 else 393 else
349 ReportResult(EnrollmentStatus::ForStatus( 394 ReportResult(EnrollmentStatus::ForStatus(
350 EnrollmentStatus::REGISTRATION_CERT_FETCH_FAILED)); 395 EnrollmentStatus::REGISTRATION_CERT_FETCH_FAILED));
351 } 396 }
352 397
353 void EnrollmentHandlerChromeOS::HandlePolicyValidationResult( 398 void EnrollmentHandlerChromeOS::HandlePolicyValidationResult(
354 DeviceCloudPolicyValidator* validator) { 399 DeviceCloudPolicyValidator* validator) {
355 DCHECK_EQ(STEP_VALIDATION, enrollment_step_); 400 DCHECK_EQ(STEP_VALIDATION, enrollment_step_);
356 if (validator->success()) { 401 if (validator->success()) {
357 std::string username = validator->policy_data()->username(); 402 std::string username = validator->policy_data()->username();
(...skipping 270 matching lines...) Expand 10 before | Expand all | Expand 10 after
628 // After that, the enrollment flow continues in one of the OnStore* observers. 673 // After that, the enrollment flow continues in one of the OnStore* observers.
629 store_->Load(); 674 store_->Load();
630 } 675 }
631 676
632 void EnrollmentHandlerChromeOS::Stop() { 677 void EnrollmentHandlerChromeOS::Stop() {
633 if (client_.get()) 678 if (client_.get())
634 client_->RemoveObserver(this); 679 client_->RemoveObserver(this);
635 SetStep(STEP_FINISHED); 680 SetStep(STEP_FINISHED);
636 weak_ptr_factory_.InvalidateWeakPtrs(); 681 weak_ptr_factory_.InvalidateWeakPtrs();
637 completion_callback_.Reset(); 682 completion_callback_.Reset();
683 license_selection_callback_.Reset();
638 } 684 }
639 685
640 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) { 686 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) {
641 EnrollmentCallback callback = completion_callback_; 687 EnrollmentCallback callback = completion_callback_;
642 Stop(); 688 Stop();
643 689
644 if (status.status() != EnrollmentStatus::SUCCESS) { 690 if (status.status() != EnrollmentStatus::SUCCESS) {
645 LOG(WARNING) << "Enrollment failed: " << status.status() 691 LOG(WARNING) << "Enrollment failed: " << status.status()
646 << ", client: " << status.client_status() 692 << ", client: " << status.client_status()
647 << ", validation: " << status.validation_status() 693 << ", validation: " << status.validation_status()
648 << ", store: " << status.store_status() 694 << ", store: " << status.store_status()
649 << ", lock: " << status.lock_status(); 695 << ", lock: " << status.lock_status();
650 } 696 }
651 697
652 if (!callback.is_null()) 698 if (!callback.is_null())
653 callback.Run(status); 699 callback.Run(status);
654 } 700 }
655 701
656 void EnrollmentHandlerChromeOS::SetStep(EnrollmentStep step) { 702 void EnrollmentHandlerChromeOS::SetStep(EnrollmentStep step) {
657 DCHECK_LE(enrollment_step_, step); 703 DCHECK_LE(enrollment_step_, step);
658 VLOG(1) << "Step: " << step; 704 VLOG(1) << "Step: " << step;
659 enrollment_step_ = step; 705 enrollment_step_ = step;
660 } 706 }
661 707
662 } // namespace policy 708 } // namespace policy
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698