OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
124 state_keys_broker_(state_keys_broker), | 124 state_keys_broker_(state_keys_broker), |
125 attestation_flow_(attestation_flow), | 125 attestation_flow_(attestation_flow), |
126 client_(std::move(client)), | 126 client_(std::move(client)), |
127 background_task_runner_(background_task_runner), | 127 background_task_runner_(background_task_runner), |
128 ad_join_delegate_(ad_join_delegate), | 128 ad_join_delegate_(ad_join_delegate), |
129 enrollment_config_(enrollment_config), | 129 enrollment_config_(enrollment_config), |
130 auth_token_(auth_token), | 130 auth_token_(auth_token), |
131 client_id_(client_id), | 131 client_id_(client_id), |
132 requisition_(requisition), | 132 requisition_(requisition), |
133 completion_callback_(completion_callback), | 133 completion_callback_(completion_callback), |
134 license_type_(enterprise_management::LicenseType::UNDEFINED), | |
emaxx
2017/07/21 12:57:30
nit: s/enterprise_management/em/
Denis Kuznetsov (DE-MUC)
2017/07/25 21:51:06
Done.
| |
134 enrollment_step_(STEP_PENDING), | 135 enrollment_step_(STEP_PENDING), |
135 weak_ptr_factory_(this) { | 136 weak_ptr_factory_(this) { |
136 CHECK(!client_->is_registered()); | 137 CHECK(!client_->is_registered()); |
137 CHECK_EQ(DM_STATUS_SUCCESS, client_->status()); | 138 CHECK_EQ(DM_STATUS_SUCCESS, client_->status()); |
138 CHECK((enrollment_config_.mode == EnrollmentConfig::MODE_ATTESTATION || | 139 CHECK((enrollment_config_.mode == EnrollmentConfig::MODE_ATTESTATION || |
139 enrollment_config_.mode == | 140 enrollment_config_.mode == |
140 EnrollmentConfig::MODE_ATTESTATION_FORCED) == auth_token_.empty()); | 141 EnrollmentConfig::MODE_ATTESTATION_FORCED) == auth_token_.empty()); |
141 CHECK(enrollment_config_.auth_mechanism != | 142 CHECK(enrollment_config_.auth_mechanism != |
142 EnrollmentConfig::AUTH_MECHANISM_ATTESTATION || | 143 EnrollmentConfig::AUTH_MECHANISM_ATTESTATION || |
143 attestation_flow_); | 144 attestation_flow_); |
144 store_->AddObserver(this); | 145 store_->AddObserver(this); |
145 client_->AddObserver(this); | 146 client_->AddObserver(this); |
146 client_->AddPolicyTypeToFetch(dm_protocol::kChromeDevicePolicyType, | 147 client_->AddPolicyTypeToFetch(dm_protocol::kChromeDevicePolicyType, |
147 std::string()); | 148 std::string()); |
148 } | 149 } |
149 | 150 |
150 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() { | 151 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() { |
151 Stop(); | 152 Stop(); |
152 store_->RemoveObserver(this); | 153 store_->RemoveObserver(this); |
153 } | 154 } |
154 | 155 |
156 void EnrollmentHandlerChromeOS::CheckAvailableLicenses( | |
157 const LicenseSelectionCallback& license_callback) { | |
158 CHECK_EQ(STEP_PENDING, enrollment_step_); | |
159 license_selection_callback_ = license_callback; | |
160 client_->RequestAvailableLicenses( | |
161 auth_token_, | |
162 base::Bind(&EnrollmentHandlerChromeOS::HandleAvailableLicensesResult, | |
163 weak_ptr_factory_.GetWeakPtr())); | |
164 } | |
165 | |
166 void EnrollmentHandlerChromeOS::HandleAvailableLicensesResult( | |
167 bool success, | |
168 const policy::CloudPolicyClient::LicenseMap& license_map) { | |
169 if (!success) { | |
170 ReportResult( | |
171 EnrollmentStatus::ForStatus(EnrollmentStatus::LICENSE_REQUEST_FAILED)); | |
172 return; | |
173 } | |
174 if (!license_selection_callback_.is_null()) { | |
emaxx
2017/07/21 12:57:30
nit: It's possible to write it simply as:
if (li
Denis Kuznetsov (DE-MUC)
2017/07/25 21:51:06
Done.
| |
175 license_selection_callback_.Run(license_map); | |
176 } | |
177 } | |
178 | |
179 void EnrollmentHandlerChromeOS::StartEnrollmentWithLicense( | |
180 ::policy::LicenseType license_type) { | |
181 CHECK_EQ(STEP_PENDING, enrollment_step_); | |
182 CHECK(license_type != ::policy::LicenseType::UNKNOWN); | |
emaxx
2017/07/21 12:57:30
nit: Use CHECK_NE?
Denis Kuznetsov (DE-MUC)
2017/07/25 21:51:06
Done.
| |
183 switch (license_type) { | |
184 case ::policy::LicenseType::PERPETUAL: | |
185 license_type_ = ::enterprise_management::LicenseType::CDM_PERPETUAL; | |
emaxx
2017/07/21 12:57:30
nit: s/enterprise_management/em/
Denis Kuznetsov (DE-MUC)
2017/07/25 21:51:06
Done.
| |
186 return; | |
emaxx
2017/07/21 12:57:30
This method is called "StartEnrollment...", but do
Denis Kuznetsov (DE-MUC)
2017/07/25 21:51:06
Done.
| |
187 case ::policy::LicenseType::ANNUAL: | |
188 license_type_ = ::enterprise_management::LicenseType::CDM_ANNUAL; | |
189 return; | |
190 case ::policy::LicenseType::KIOSK: | |
191 license_type_ = ::enterprise_management::LicenseType::KIOSK; | |
192 return; | |
193 case ::policy::LicenseType::UNKNOWN: | |
194 NOTREACHED(); | |
195 } | |
196 } | |
197 | |
155 void EnrollmentHandlerChromeOS::StartEnrollment() { | 198 void EnrollmentHandlerChromeOS::StartEnrollment() { |
156 CHECK_EQ(STEP_PENDING, enrollment_step_); | 199 CHECK_EQ(STEP_PENDING, enrollment_step_); |
157 SetStep(STEP_STATE_KEYS); | 200 SetStep(STEP_STATE_KEYS); |
158 | 201 |
159 if (client_->machine_id().empty()) { | 202 if (client_->machine_id().empty()) { |
160 LOG(ERROR) << "Machine id empty."; | 203 LOG(ERROR) << "Machine id empty."; |
161 ReportResult(EnrollmentStatus::ForStatus( | 204 ReportResult(EnrollmentStatus::ForStatus( |
162 EnrollmentStatus::NO_MACHINE_IDENTIFICATION)); | 205 EnrollmentStatus::NO_MACHINE_IDENTIFICATION)); |
163 return; | 206 return; |
164 } | 207 } |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
315 // after the CloudPolicyStore has initialized. | 358 // after the CloudPolicyStore has initialized. |
316 return; | 359 return; |
317 } | 360 } |
318 SetStep(STEP_REGISTRATION); | 361 SetStep(STEP_REGISTRATION); |
319 if (enrollment_config_.is_mode_attestation()) { | 362 if (enrollment_config_.is_mode_attestation()) { |
320 StartAttestationBasedEnrollmentFlow(); | 363 StartAttestationBasedEnrollmentFlow(); |
321 } else { | 364 } else { |
322 client_->Register( | 365 client_->Register( |
323 em::DeviceRegisterRequest::DEVICE, | 366 em::DeviceRegisterRequest::DEVICE, |
324 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode), | 367 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode), |
325 auth_token_, client_id_, requisition_, current_state_key_); | 368 license_type_, auth_token_, client_id_, requisition_, |
369 current_state_key_); | |
326 } | 370 } |
327 } | 371 } |
328 | 372 |
329 void EnrollmentHandlerChromeOS::StartAttestationBasedEnrollmentFlow() { | 373 void EnrollmentHandlerChromeOS::StartAttestationBasedEnrollmentFlow() { |
330 const chromeos::attestation::AttestationFlow::CertificateCallback callback = | 374 const chromeos::attestation::AttestationFlow::CertificateCallback callback = |
331 base::Bind( | 375 base::Bind( |
332 &EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult, | 376 &EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult, |
333 weak_ptr_factory_.GetWeakPtr()); | 377 weak_ptr_factory_.GetWeakPtr()); |
334 attestation_flow_->GetCertificate( | 378 attestation_flow_->GetCertificate( |
335 chromeos::attestation::PROFILE_ENTERPRISE_ENROLLMENT_CERTIFICATE, | 379 chromeos::attestation::PROFILE_ENTERPRISE_ENROLLMENT_CERTIFICATE, |
336 EmptyAccountId(), "" /* request_origin */, false /* force_new_key */, | 380 EmptyAccountId(), "" /* request_origin */, false /* force_new_key */, |
337 callback); | 381 callback); |
338 } | 382 } |
339 | 383 |
340 void EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult( | 384 void EnrollmentHandlerChromeOS::HandleRegistrationCertificateResult( |
341 bool success, | 385 bool success, |
342 const std::string& pem_certificate_chain) { | 386 const std::string& pem_certificate_chain) { |
343 if (success) | 387 if (success) |
344 client_->RegisterWithCertificate( | 388 client_->RegisterWithCertificate( |
345 em::DeviceRegisterRequest::DEVICE, | 389 em::DeviceRegisterRequest::DEVICE, |
346 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode), | 390 EnrollmentModeToRegistrationFlavor(enrollment_config_.mode), |
347 pem_certificate_chain, client_id_, requisition_, current_state_key_); | 391 license_type_, pem_certificate_chain, client_id_, requisition_, |
392 current_state_key_); | |
348 else | 393 else |
349 ReportResult(EnrollmentStatus::ForStatus( | 394 ReportResult(EnrollmentStatus::ForStatus( |
350 EnrollmentStatus::REGISTRATION_CERT_FETCH_FAILED)); | 395 EnrollmentStatus::REGISTRATION_CERT_FETCH_FAILED)); |
351 } | 396 } |
352 | 397 |
353 void EnrollmentHandlerChromeOS::HandlePolicyValidationResult( | 398 void EnrollmentHandlerChromeOS::HandlePolicyValidationResult( |
354 DeviceCloudPolicyValidator* validator) { | 399 DeviceCloudPolicyValidator* validator) { |
355 DCHECK_EQ(STEP_VALIDATION, enrollment_step_); | 400 DCHECK_EQ(STEP_VALIDATION, enrollment_step_); |
356 if (validator->success()) { | 401 if (validator->success()) { |
357 std::string username = validator->policy_data()->username(); | 402 std::string username = validator->policy_data()->username(); |
(...skipping 270 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
628 // After that, the enrollment flow continues in one of the OnStore* observers. | 673 // After that, the enrollment flow continues in one of the OnStore* observers. |
629 store_->Load(); | 674 store_->Load(); |
630 } | 675 } |
631 | 676 |
632 void EnrollmentHandlerChromeOS::Stop() { | 677 void EnrollmentHandlerChromeOS::Stop() { |
633 if (client_.get()) | 678 if (client_.get()) |
634 client_->RemoveObserver(this); | 679 client_->RemoveObserver(this); |
635 SetStep(STEP_FINISHED); | 680 SetStep(STEP_FINISHED); |
636 weak_ptr_factory_.InvalidateWeakPtrs(); | 681 weak_ptr_factory_.InvalidateWeakPtrs(); |
637 completion_callback_.Reset(); | 682 completion_callback_.Reset(); |
683 license_selection_callback_.Reset(); | |
638 } | 684 } |
639 | 685 |
640 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) { | 686 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) { |
641 EnrollmentCallback callback = completion_callback_; | 687 EnrollmentCallback callback = completion_callback_; |
642 Stop(); | 688 Stop(); |
643 | 689 |
644 if (status.status() != EnrollmentStatus::SUCCESS) { | 690 if (status.status() != EnrollmentStatus::SUCCESS) { |
645 LOG(WARNING) << "Enrollment failed: " << status.status() | 691 LOG(WARNING) << "Enrollment failed: " << status.status() |
646 << ", client: " << status.client_status() | 692 << ", client: " << status.client_status() |
647 << ", validation: " << status.validation_status() | 693 << ", validation: " << status.validation_status() |
648 << ", store: " << status.store_status() | 694 << ", store: " << status.store_status() |
649 << ", lock: " << status.lock_status(); | 695 << ", lock: " << status.lock_status(); |
650 } | 696 } |
651 | 697 |
652 if (!callback.is_null()) | 698 if (!callback.is_null()) |
653 callback.Run(status); | 699 callback.Run(status); |
654 } | 700 } |
655 | 701 |
656 void EnrollmentHandlerChromeOS::SetStep(EnrollmentStep step) { | 702 void EnrollmentHandlerChromeOS::SetStep(EnrollmentStep step) { |
657 DCHECK_LE(enrollment_step_, step); | 703 DCHECK_LE(enrollment_step_, step); |
658 VLOG(1) << "Step: " << step; | 704 VLOG(1) << "Step: " << step; |
659 enrollment_step_ = step; | 705 enrollment_step_ = step; |
660 } | 706 } |
661 | 707 |
662 } // namespace policy | 708 } // namespace policy |
OLD | NEW |