Support for remote enrollment.

chrome/browser/chromeos/login/enrollment/enrollment_screen.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/enrollment/enrollment_screen.h"
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/logging.h"
 #include "base/message_loop/message_loop.h"
 #include "base/metrics/histogram.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chromeos/login/login_utils.h"
 #include "chrome/browser/chromeos/login/screens/screen_observer.h"
 #include "chrome/browser/chromeos/login/startup_utils.h"
 #include "chrome/browser/chromeos/login/wizard_controller.h"
 #include "chrome/browser/chromeos/policy/auto_enrollment_client.h"
 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h"
+#include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"
 #include "chromeos/dbus/cryptohome_client.h"
 #include "chromeos/dbus/dbus_method_call_status.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "chromeos/dbus/session_manager_client.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 #include "google_apis/gaia/google_service_auth_error.h"
 #include "policy/proto/device_management_backend.pb.h"
 
 namespace chromeos {
 
 EnrollmentScreen::EnrollmentScreen(
     ScreenObserver* observer,
     EnrollmentScreenActor* actor)
     : WizardScreen(observer),
       actor_(actor),
       enrollment_mode_(EnrollmentScreenActor::ENROLLMENT_MODE_MANUAL),
       enrollment_failed_once_(false),
+      remora_token_sent_(false),
       lockbox_init_duration_(0),
       weak_ptr_factory_(this) {
   // Init the TPM if it has not been done until now (in debug build we might
   // have not done that yet).
   DBusThreadManager::Get()->GetCryptohomeClient()->TpmCanAttemptOwnership(
       EmptyVoidDBusMethodCallback());
 }
 
 EnrollmentScreen::~EnrollmentScreen() {}
 
 void EnrollmentScreen::SetParameters(
     EnrollmentScreenActor::EnrollmentMode enrollment_mode,
     const std::string& management_domain,
-    const std::string& user) {
+    const std::string& user,
+    const std::string& auth_token) {
   enrollment_mode_ = enrollment_mode;
   user_ = user.empty() ? user : gaia::CanonicalizeEmail(user);
+  auth_token_ = auth_token;
   actor_->SetParameters(this, enrollment_mode_, management_domain);
 }
 
 void EnrollmentScreen::PrepareToShow() {
   actor_->PrepareToShow();
 }
 
 void EnrollmentScreen::Show() {
   if (is_auto_enrollment() && !enrollment_failed_once_) {
     actor_->Show();
     UMA(policy::kMetricEnrollmentAutoStarted);
     actor_->ShowEnrollmentSpinnerScreen();
     actor_->FetchOAuthToken();
-  } else {
+  } else if (auth_token_.empty()) {
     UMA(policy::kMetricEnrollmentTriggered);
     actor_->ResetAuth(base::Bind(&EnrollmentScreen::ShowSigninScreen,
                                  weak_ptr_factory_.GetWeakPtr()));
+  } else {
+    actor_->Show();
+    actor_->ShowEnrollmentSpinnerScreen();
+    OnOAuthTokenAvailable(auth_token_);
   }
 }
 
 void EnrollmentScreen::Hide() {
   actor_->Hide();
   weak_ptr_factory_.InvalidateWeakPtrs();
 }
 
 std::string EnrollmentScreen::GetName() const {
   return WizardController::kEnrollmentScreenName;
@@ skipping 42 matching lines @@
       return;
     case GoogleServiceAuthError::NUM_STATES:
       break;
   }
 
   NOTREACHED();
   UMAFailure(policy::kMetricEnrollmentOtherFailed);
 }
 
 void EnrollmentScreen::OnOAuthTokenAvailable(const std::string& token) {
-  RegisterForDevicePolicy(token);
+  VLOG(1) << "OnOAuthTokenAvailable " << token;
+  const bool is_shark =
+      g_browser_process->platform_part()->browser_policy_connector_chromeos()->

[bartfab (slow), 2014/08/20 09:31:34]

Nit: #include "chrome/browser/process/browser_process_platform_part.h"

[achuithb, 2014/08/25 20:50:37]

Done.

+          GetDeviceCloudPolicyManager()->IsSharkRequisition();
+
+  if (is_shark && !remora_token_sent_) {
+    // Fetch a second token for shark devices.
+    remora_token_sent_ = true;
+    SendEnrollmentAuthToken(token);
+    actor_->FetchOAuthToken();
+  } else {
+    RegisterForDevicePolicy(token);
+  }
 }
 
 void EnrollmentScreen::OnRetry() {
   actor_->ResetAuth(base::Bind(&EnrollmentScreen::ShowSigninScreen,
                                weak_ptr_factory_.GetWeakPtr()));
 }
 
 void EnrollmentScreen::OnCancel() {
   if (enrollment_mode_ == EnrollmentScreenActor::ENROLLMENT_MODE_FORCED ||
       enrollment_mode_ == EnrollmentScreenActor::ENROLLMENT_MODE_RECOVERY) {
@@ skipping 62 matching lines @@
       connector->GetDeviceCloudPolicyInitializer();
   CHECK(dcp_initializer);
   dcp_initializer->StartEnrollment(
       enterprise_management::PolicyData::ENTERPRISE_MANAGED,
       connector->device_management_service(),
       token, is_auto_enrollment(), device_modes,
       base::Bind(&EnrollmentScreen::ReportEnrollmentStatus,
                  weak_ptr_factory_.GetWeakPtr()));
 }
 
+void EnrollmentScreen::SendEnrollmentAuthToken(const std::string& token) {
+  // TODO(achuith, zork): Send token via bluetooth to remote device.

[bartfab (slow), 2014/08/20 09:31:34]

Nit: s/bluetooth/Bluetooth/

[achuithb, 2014/08/25 20:50:37]

Done.

+}
+
 void EnrollmentScreen::ShowEnrollmentStatusOnSuccess(
     const policy::EnrollmentStatus& status) {
   actor_->ShowEnrollmentStatus(status);
   StartupUtils::MarkOobeCompleted();
 }
 
 void EnrollmentScreen::ReportEnrollmentStatus(policy::EnrollmentStatus status) {
   if (status.status() == policy::EnrollmentStatus::STATUS_SUCCESS) {
     StartupUtils::MarkDeviceRegistered(
         base::Bind(&EnrollmentScreen::ShowEnrollmentStatusOnSuccess,
@@ skipping 96 matching lines @@
     sample = policy::kMetricEnrollmentAutoFailed;
   UMA(sample);
 }
 
 void EnrollmentScreen::ShowSigninScreen() {
   actor_->Show();
   actor_->ShowSigninScreen();
 }
 
 }  // namespace chromeos