| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| 11 #include "base/prefs/pref_registry_simple.h" |
| 12 #include "base/prefs/pref_service.h" |
| 11 #include "chrome/browser/browser_process.h" | 13 #include "chrome/browser/browser_process.h" |
| 12 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" | 14 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" |
| 15 #include "chrome/browser/chromeos/login/startup_utils.h" |
| 13 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" | 16 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" |
| 14 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" | 17 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" |
| 15 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" | 18 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" |
| 16 #include "chrome/browser/chromeos/settings/device_oauth2_token_service.h" | 19 #include "chrome/browser/chromeos/settings/device_oauth2_token_service.h" |
| 17 #include "chrome/browser/chromeos/settings/device_oauth2_token_service_factory.h
" | 20 #include "chrome/browser/chromeos/settings/device_oauth2_token_service_factory.h
" |
| 21 #include "chrome/common/pref_names.h" |
| 18 #include "chromeos/chromeos_switches.h" | 22 #include "chromeos/chromeos_switches.h" |
| 23 #include "chromeos/system/statistics_provider.h" |
| 19 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 24 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 20 #include "google_apis/gaia/gaia_urls.h" | 25 #include "google_apis/gaia/gaia_urls.h" |
| 21 #include "net/http/http_status_code.h" | 26 #include "net/http/http_status_code.h" |
| 22 #include "policy/proto/device_management_backend.pb.h" | 27 #include "policy/proto/device_management_backend.pb.h" |
| 23 | 28 |
| 24 namespace em = enterprise_management; | 29 namespace em = enterprise_management; |
| 25 | 30 |
| 26 namespace policy { | 31 namespace policy { |
| 27 | 32 |
| 28 namespace { | 33 namespace { |
| 29 | 34 |
| 30 // Retry for InstallAttrs initialization every 500ms. | 35 // Retry for InstallAttrs initialization every 500ms. |
| 31 const int kLockRetryIntervalMs = 500; | 36 const int kLockRetryIntervalMs = 500; |
| 32 // Maximum time to retry InstallAttrs initialization before we give up. | 37 // Maximum time to retry InstallAttrs initialization before we give up. |
| 33 const int kLockRetryTimeoutMs = 10 * 60 * 1000; // 10 minutes. | 38 const int kLockRetryTimeoutMs = 10 * 60 * 1000; // 10 minutes. |
| 34 | 39 |
| 35 // Testing token used when the enrollment-skip-robot-auth is set to skip talking | 40 // Testing token used when the enrollment-skip-robot-auth is set to skip talking |
| 36 // to GAIA for an actual token. This is needed to be able to run against the | 41 // to GAIA for an actual token. This is needed to be able to run against the |
| 37 // testing DMServer implementations. | 42 // testing DMServer implementations. |
| 38 const char kTestingRobotToken[] = "test-token"; | 43 const char kTestingRobotToken[] = "test-token"; |
| 39 | 44 |
| 45 // Device requisition constants. |
| 46 const char kNoRequisition[] = "none"; |
| 47 const char kRemoraRequisition[] = "remora"; |
| 48 const char kSharkRequisition[] = "shark"; |
| 49 |
| 50 |
| 51 // Gets a machine flag from StatisticsProvider, returns the given |
| 52 // |default_value| if not present. |
| 53 bool GetMachineFlag(const std::string& key, bool default_value) { |
| 54 bool value = default_value; |
| 55 chromeos::system::StatisticsProvider* provider = |
| 56 chromeos::system::StatisticsProvider::GetInstance(); |
| 57 if (!provider->GetMachineFlag(key, &value)) |
| 58 return default_value; |
| 59 |
| 60 return value; |
| 61 } |
| 62 |
| 40 } // namespace | 63 } // namespace |
| 41 | 64 |
| 42 EnrollmentHandlerChromeOS::EnrollmentHandlerChromeOS( | 65 EnrollmentHandlerChromeOS::EnrollmentHandlerChromeOS( |
| 66 PrefService* local_state, |
| 43 DeviceCloudPolicyStoreChromeOS* store, | 67 DeviceCloudPolicyStoreChromeOS* store, |
| 44 EnterpriseInstallAttributes* install_attributes, | 68 EnterpriseInstallAttributes* install_attributes, |
| 45 ServerBackedStateKeysBroker* state_keys_broker, | 69 ServerBackedStateKeysBroker* state_keys_broker, |
| 46 scoped_ptr<CloudPolicyClient> client, | 70 scoped_ptr<CloudPolicyClient> client, |
| 47 scoped_refptr<base::SequencedTaskRunner> background_task_runner, | 71 scoped_refptr<base::SequencedTaskRunner> background_task_runner, |
| 48 const std::string& auth_token, | 72 const std::string& auth_token, |
| 49 const std::string& client_id, | 73 const std::string& client_id, |
| 50 bool is_auto_enrollment, | 74 bool is_auto_enrollment, |
| 51 const std::string& requisition, | |
| 52 const AllowedDeviceModes& allowed_device_modes, | 75 const AllowedDeviceModes& allowed_device_modes, |
| 53 const EnrollmentCallback& completion_callback) | 76 const EnrollmentCallback& completion_callback) |
| 54 : store_(store), | 77 : local_state_(local_state), |
| 78 store_(store), |
| 55 install_attributes_(install_attributes), | 79 install_attributes_(install_attributes), |
| 56 state_keys_broker_(state_keys_broker), | 80 state_keys_broker_(state_keys_broker), |
| 57 client_(client.Pass()), | 81 client_(client.Pass()), |
| 58 background_task_runner_(background_task_runner), | 82 background_task_runner_(background_task_runner), |
| 59 auth_token_(auth_token), | 83 auth_token_(auth_token), |
| 60 client_id_(client_id), | 84 client_id_(client_id), |
| 61 is_auto_enrollment_(is_auto_enrollment), | 85 is_auto_enrollment_(is_auto_enrollment), |
| 62 requisition_(requisition), | |
| 63 allowed_device_modes_(allowed_device_modes), | 86 allowed_device_modes_(allowed_device_modes), |
| 64 completion_callback_(completion_callback), | 87 completion_callback_(completion_callback), |
| 65 device_mode_(DEVICE_MODE_NOT_SET), | 88 device_mode_(DEVICE_MODE_NOT_SET), |
| 66 enrollment_step_(STEP_PENDING), | 89 enrollment_step_(STEP_PENDING), |
| 67 lockbox_init_duration_(0), | 90 lockbox_init_duration_(0), |
| 68 weak_ptr_factory_(this) { | 91 weak_ptr_factory_(this) { |
| 69 CHECK(!client_->is_registered()); | 92 CHECK(!client_->is_registered()); |
| 70 CHECK_EQ(DM_STATUS_SUCCESS, client_->status()); | 93 CHECK_EQ(DM_STATUS_SUCCESS, client_->status()); |
| 94 InitializeRequisition(); |
| 71 store_->AddObserver(this); | 95 store_->AddObserver(this); |
| 72 client_->AddObserver(this); | 96 client_->AddObserver(this); |
| 73 client_->AddNamespaceToFetch(PolicyNamespaceKey( | 97 client_->AddNamespaceToFetch(PolicyNamespaceKey( |
| 74 dm_protocol::kChromeDevicePolicyType, std::string())); | 98 dm_protocol::kChromeDevicePolicyType, std::string())); |
| 75 } | 99 } |
| 76 | 100 |
| 77 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() { | 101 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() { |
| 78 Stop(); | 102 Stop(); |
| 79 store_->RemoveObserver(this); | 103 store_->RemoveObserver(this); |
| 80 } | 104 } |
| (...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 212 enrollment_step_ = STEP_LOADING_STORE; | 236 enrollment_step_ = STEP_LOADING_STORE; |
| 213 AttemptRegistration(); | 237 AttemptRegistration(); |
| 214 } | 238 } |
| 215 | 239 |
| 216 void EnrollmentHandlerChromeOS::AttemptRegistration() { | 240 void EnrollmentHandlerChromeOS::AttemptRegistration() { |
| 217 CHECK_EQ(STEP_LOADING_STORE, enrollment_step_); | 241 CHECK_EQ(STEP_LOADING_STORE, enrollment_step_); |
| 218 if (store_->is_initialized()) { | 242 if (store_->is_initialized()) { |
| 219 enrollment_step_ = STEP_REGISTRATION; | 243 enrollment_step_ = STEP_REGISTRATION; |
| 220 client_->Register(em::DeviceRegisterRequest::DEVICE, | 244 client_->Register(em::DeviceRegisterRequest::DEVICE, |
| 221 auth_token_, client_id_, is_auto_enrollment_, | 245 auth_token_, client_id_, is_auto_enrollment_, |
| 222 requisition_, current_state_key_); | 246 GetDeviceRequisition(), current_state_key_); |
| 223 } | 247 } |
| 224 } | 248 } |
| 225 | 249 |
| 226 void EnrollmentHandlerChromeOS::PolicyValidated( | 250 void EnrollmentHandlerChromeOS::PolicyValidated( |
| 227 DeviceCloudPolicyValidator* validator) { | 251 DeviceCloudPolicyValidator* validator) { |
| 228 CHECK_EQ(STEP_VALIDATION, enrollment_step_); | 252 CHECK_EQ(STEP_VALIDATION, enrollment_step_); |
| 229 if (validator->success()) { | 253 if (validator->success()) { |
| 230 policy_ = validator->policy().Pass(); | 254 policy_ = validator->policy().Pass(); |
| 231 username_ = validator->policy_data()->username(); | 255 username_ = validator->policy_data()->username(); |
| 232 device_id_ = validator->policy_data()->device_id(); | 256 device_id_ = validator->policy_data()->device_id(); |
| (...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 408 LOG(WARNING) << "Enrollment failed: " << status.status() | 432 LOG(WARNING) << "Enrollment failed: " << status.status() |
| 409 << " " << status.client_status() | 433 << " " << status.client_status() |
| 410 << " " << status.validation_status() | 434 << " " << status.validation_status() |
| 411 << " " << status.store_status(); | 435 << " " << status.store_status(); |
| 412 } | 436 } |
| 413 | 437 |
| 414 if (!callback.is_null()) | 438 if (!callback.is_null()) |
| 415 callback.Run(status); | 439 callback.Run(status); |
| 416 } | 440 } |
| 417 | 441 |
| 442 // static |
| 443 void EnrollmentHandlerChromeOS::RegisterPrefs( |
| 444 PrefRegistrySimple* registry) { |
| 445 registry->RegisterStringPref(prefs::kDeviceEnrollmentRequisition, |
| 446 std::string()); |
| 447 registry->RegisterBooleanPref(prefs::kDeviceEnrollmentAutoStart, false); |
| 448 registry->RegisterBooleanPref(prefs::kDeviceEnrollmentCanExit, true); |
| 449 registry->RegisterDictionaryPref(prefs::kServerBackedDeviceState); |
| 450 } |
| 451 |
| 452 void Foo(PersistentPrefStore::PrefReadError) {} |
| 453 |
| 454 void EnrollmentHandlerChromeOS::InitializeRequisition() { |
| 455 // OEM statistics are only loaded when OOBE is not completed. |
| 456 if (chromeos::StartupUtils::IsOobeCompleted()) |
| 457 return; |
| 458 |
| 459 const PrefService::Preference* pref = local_state_->FindPreference( |
| 460 prefs::kDeviceEnrollmentRequisition); |
| 461 if (pref->IsDefaultValue()) { |
| 462 std::string requisition; |
| 463 chromeos::system::StatisticsProvider::GetInstance()->GetMachineStatistic( |
| 464 chromeos::system::kOemDeviceRequisitionKey, &requisition); |
| 465 |
| 466 if (!requisition.empty()) { |
| 467 local_state_->SetString(prefs::kDeviceEnrollmentRequisition, |
| 468 requisition); |
| 469 if (requisition == kRemoraRequisition || |
| 470 requisition == kSharkRequisition) { |
| 471 local_state_->SetBoolean(prefs::kDeviceEnrollmentAutoStart, true); |
| 472 local_state_->SetBoolean(prefs::kDeviceEnrollmentCanExit, false); |
| 473 } else { |
| 474 local_state_->SetBoolean( |
| 475 prefs::kDeviceEnrollmentAutoStart, |
| 476 GetMachineFlag(chromeos::system::kOemIsEnterpriseManagedKey, |
| 477 false)); |
| 478 local_state_->SetBoolean( |
| 479 prefs::kDeviceEnrollmentCanExit, |
| 480 GetMachineFlag(chromeos::system::kOemCanExitEnterpriseEnrollmentKey, |
| 481 false)); |
| 482 } |
| 483 } |
| 484 } |
| 485 } |
| 486 |
| 487 std::string EnrollmentHandlerChromeOS::GetDeviceRequisition() const { |
| 488 std::string requisition; |
| 489 const PrefService::Preference* pref = local_state_->FindPreference( |
| 490 prefs::kDeviceEnrollmentRequisition); |
| 491 if (!pref->IsDefaultValue()) |
| 492 pref->GetValue()->GetAsString(&requisition); |
| 493 |
| 494 if (requisition == kNoRequisition) |
| 495 requisition.clear(); |
| 496 |
| 497 return requisition; |
| 498 } |
| 499 |
| 500 void EnrollmentHandlerChromeOS::SetDeviceRequisition( |
| 501 const std::string& requisition) { |
| 502 VLOG(1) << "SetDeviceRequisition " << requisition; |
| 503 if (local_state_) { |
| 504 if (requisition.empty()) { |
| 505 local_state_->ClearPref(prefs::kDeviceEnrollmentRequisition); |
| 506 local_state_->ClearPref(prefs::kDeviceEnrollmentAutoStart); |
| 507 local_state_->ClearPref(prefs::kDeviceEnrollmentCanExit); |
| 508 } else { |
| 509 local_state_->SetString(prefs::kDeviceEnrollmentRequisition, requisition); |
| 510 if (requisition == kNoRequisition) { |
| 511 local_state_->ClearPref(prefs::kDeviceEnrollmentAutoStart); |
| 512 local_state_->ClearPref(prefs::kDeviceEnrollmentCanExit); |
| 513 } else { |
| 514 local_state_->SetBoolean(prefs::kDeviceEnrollmentAutoStart, true); |
| 515 local_state_->SetBoolean(prefs::kDeviceEnrollmentCanExit, false); |
| 516 } |
| 517 } |
| 518 } |
| 519 } |
| 520 |
| 521 bool EnrollmentHandlerChromeOS::IsRemoraRequisition() const { |
| 522 return GetDeviceRequisition() == kRemoraRequisition; |
| 523 } |
| 524 |
| 525 bool EnrollmentHandlerChromeOS::IsSharkRequisition() const { |
| 526 return GetDeviceRequisition() == kSharkRequisition; |
| 527 } |
| 528 |
| 418 } // namespace policy | 529 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 408013003:
Move device requisition to EnterpriseEnrollmentHandlerChromeOS.
Base URL: https://chromium.googlesource.com/chromium/src.git@master