| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 82 | 82 |
| 83 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() { | 83 EnrollmentHandlerChromeOS::~EnrollmentHandlerChromeOS() { |
| 84 Stop(); | 84 Stop(); |
| 85 store_->RemoveObserver(this); | 85 store_->RemoveObserver(this); |
| 86 } | 86 } |
| 87 | 87 |
| 88 void EnrollmentHandlerChromeOS::StartEnrollment() { | 88 void EnrollmentHandlerChromeOS::StartEnrollment() { |
| 89 CHECK_EQ(STEP_PENDING, enrollment_step_); | 89 CHECK_EQ(STEP_PENDING, enrollment_step_); |
| 90 enrollment_step_ = STEP_STATE_KEYS; | 90 enrollment_step_ = STEP_STATE_KEYS; |
| 91 state_keys_broker_->RequestStateKeys( | 91 state_keys_broker_->RequestStateKeys( |
| 92 base::Bind(&EnrollmentHandlerChromeOS::CheckStateKeys, | 92 base::Bind(&EnrollmentHandlerChromeOS::HandleStateKeysResult, |
| 93 weak_ptr_factory_.GetWeakPtr())); | 93 weak_ptr_factory_.GetWeakPtr())); |
| 94 } | 94 } |
| 95 | 95 |
| 96 scoped_ptr<CloudPolicyClient> EnrollmentHandlerChromeOS::ReleaseClient() { | 96 scoped_ptr<CloudPolicyClient> EnrollmentHandlerChromeOS::ReleaseClient() { |
| 97 Stop(); | 97 Stop(); |
| 98 return client_.Pass(); | 98 return client_.Pass(); |
| 99 } | 99 } |
| 100 | 100 |
| 101 void EnrollmentHandlerChromeOS::OnPolicyFetched(CloudPolicyClient* client) { | 101 void EnrollmentHandlerChromeOS::OnPolicyFetched(CloudPolicyClient* client) { |
| 102 DCHECK_EQ(client_.get(), client); | 102 DCHECK_EQ(client_.get(), client); |
| (...skipping 30 matching lines...) Expand all Loading... |
| 133 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); | 133 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); |
| 134 validator->ValidatePolicyType(dm_protocol::kChromeDevicePolicyType); | 134 validator->ValidatePolicyType(dm_protocol::kChromeDevicePolicyType); |
| 135 validator->ValidatePayload(); | 135 validator->ValidatePayload(); |
| 136 // If |domain| is empty here, the policy validation code will just use the | 136 // If |domain| is empty here, the policy validation code will just use the |
| 137 // domain from the username field in the policy itself to do key validation. | 137 // domain from the username field in the policy itself to do key validation. |
| 138 // TODO(mnissler): Plumb the enrolling user's username into this object so | 138 // TODO(mnissler): Plumb the enrolling user's username into this object so |
| 139 // we can validate the username on the resulting policy, and use the domain | 139 // we can validate the username on the resulting policy, and use the domain |
| 140 // from that username to validate the key below (http://crbug.com/343074). | 140 // from that username to validate the key below (http://crbug.com/343074). |
| 141 validator->ValidateInitialKey(GetPolicyVerificationKey(), domain); | 141 validator->ValidateInitialKey(GetPolicyVerificationKey(), domain); |
| 142 validator.release()->StartValidation( | 142 validator.release()->StartValidation( |
| 143 base::Bind(&EnrollmentHandlerChromeOS::PolicyValidated, | 143 base::Bind(&EnrollmentHandlerChromeOS::HandlePolicyValidationResult, |
| 144 weak_ptr_factory_.GetWeakPtr())); | 144 weak_ptr_factory_.GetWeakPtr())); |
| 145 } | 145 } |
| 146 | 146 |
| 147 void EnrollmentHandlerChromeOS::OnRegistrationStateChanged( | 147 void EnrollmentHandlerChromeOS::OnRegistrationStateChanged( |
| 148 CloudPolicyClient* client) { | 148 CloudPolicyClient* client) { |
| 149 DCHECK_EQ(client_.get(), client); | 149 DCHECK_EQ(client_.get(), client); |
| 150 | 150 |
| 151 if (enrollment_step_ == STEP_REGISTRATION && client_->is_registered()) { | 151 if (enrollment_step_ == STEP_REGISTRATION && client_->is_registered()) { |
| 152 enrollment_step_ = STEP_POLICY_FETCH, | 152 enrollment_step_ = STEP_POLICY_FETCH, |
| 153 device_mode_ = client_->device_mode(); | 153 device_mode_ = client_->device_mode(); |
| 154 if (device_mode_ == DEVICE_MODE_NOT_SET) | 154 if (device_mode_ == DEVICE_MODE_NOT_SET) |
| 155 device_mode_ = DEVICE_MODE_ENTERPRISE; | 155 device_mode_ = DEVICE_MODE_ENTERPRISE; |
| 156 if (!allowed_device_modes_.test(device_mode_)) { | 156 if (!allowed_device_modes_.test(device_mode_)) { |
| 157 LOG(ERROR) << "Bad device mode " << device_mode_; | 157 LOG(ERROR) << "Bad device mode " << device_mode_; |
| 158 ReportResult(EnrollmentStatus::ForStatus( | 158 ReportResult(EnrollmentStatus::ForStatus( |
| 159 EnrollmentStatus::STATUS_REGISTRATION_BAD_MODE)); | 159 EnrollmentStatus::STATUS_REGISTRATION_BAD_MODE)); |
| 160 return; | 160 return; |
| 161 } | 161 } |
| 162 client_->FetchPolicy(); | 162 client_->FetchPolicy(); |
| 163 } else { | 163 } else { |
| 164 LOG(FATAL) << "Registration state changed to " << client_->is_registered() | 164 LOG(FATAL) << "Registration state changed to " << client_->is_registered() |
| 165 << " in step " << enrollment_step_; | 165 << " in step " << enrollment_step_ << "."; |
| 166 } | 166 } |
| 167 } | 167 } |
| 168 | 168 |
| 169 void EnrollmentHandlerChromeOS::OnClientError(CloudPolicyClient* client) { | 169 void EnrollmentHandlerChromeOS::OnClientError(CloudPolicyClient* client) { |
| 170 DCHECK_EQ(client_.get(), client); | 170 DCHECK_EQ(client_.get(), client); |
| 171 | 171 |
| 172 if (enrollment_step_ == STEP_ROBOT_AUTH_FETCH) { | 172 if (enrollment_step_ == STEP_ROBOT_AUTH_FETCH) { |
| 173 LOG(ERROR) << "API authentication code fetch failed: " | 173 LOG(ERROR) << "API authentication code fetch failed: " |
| 174 << client_->status(); | 174 << client_->status(); |
| 175 ReportResult(EnrollmentStatus::ForRobotAuthFetchError(client_->status())); | 175 ReportResult(EnrollmentStatus::ForRobotAuthFetchError(client_->status())); |
| 176 } else if (enrollment_step_ < STEP_POLICY_FETCH) { | 176 } else if (enrollment_step_ < STEP_POLICY_FETCH) { |
| 177 ReportResult(EnrollmentStatus::ForRegistrationError(client_->status())); | 177 ReportResult(EnrollmentStatus::ForRegistrationError(client_->status())); |
| 178 } else { | 178 } else { |
| 179 ReportResult(EnrollmentStatus::ForFetchError(client_->status())); | 179 ReportResult(EnrollmentStatus::ForFetchError(client_->status())); |
| 180 } | 180 } |
| 181 } | 181 } |
| 182 | 182 |
| 183 void EnrollmentHandlerChromeOS::OnStoreLoaded(CloudPolicyStore* store) { | 183 void EnrollmentHandlerChromeOS::OnStoreLoaded(CloudPolicyStore* store) { |
| 184 DCHECK_EQ(store_, store); | 184 DCHECK_EQ(store_, store); |
| 185 | 185 |
| 186 if (enrollment_step_ == STEP_LOADING_STORE) { | 186 if (enrollment_step_ == STEP_LOADING_STORE) { |
| 187 // If the |store_| wasn't initialized when StartEnrollment() was | 187 // If the |store_| wasn't initialized when StartEnrollment() was called, |
| 188 // called, then AttemptRegistration() bails silently. This gets | 188 // then StartRegistration() bails silently. This gets registration rolling |
| 189 // registration rolling again after the store finishes loading. | 189 // again after the store finishes loading. |
| 190 AttemptRegistration(); | 190 StartRegistration(); |
| 191 } else if (enrollment_step_ == STEP_STORE_POLICY) { | 191 } else if (enrollment_step_ == STEP_STORE_POLICY) { |
| 192 ReportResult(EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_SUCCESS)); | 192 ReportResult(EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_SUCCESS)); |
| 193 } | 193 } |
| 194 } | 194 } |
| 195 | 195 |
| 196 void EnrollmentHandlerChromeOS::OnStoreError(CloudPolicyStore* store) { | 196 void EnrollmentHandlerChromeOS::OnStoreError(CloudPolicyStore* store) { |
| 197 DCHECK_EQ(store_, store); | 197 DCHECK_EQ(store_, store); |
| 198 if (enrollment_step_ == STEP_STORE_TOKEN_AND_ID) { | 198 if (enrollment_step_ == STEP_STORE_TOKEN_AND_ID) { |
| 199 // Calling DeviceSettingsService::SetManagementSettings() on a non- | 199 // Calling DeviceSettingsService::SetManagementSettings() on a non- |
| 200 // enterprise-managed device will trigger OnStoreError(), as | 200 // enterprise-managed device will trigger OnStoreError(), as |
| 201 // DeviceCloudPolicyStore listens to all changes on DeviceSettingsService, | 201 // DeviceCloudPolicyStore listens to all changes on DeviceSettingsService, |
| 202 // and it calls OnStoreError() when the device is not enterprise-managed. | 202 // and it calls OnStoreError() when the device is not enterprise-managed. |
| 203 return; | 203 return; |
| 204 } | 204 } |
| 205 ReportResult(EnrollmentStatus::ForStoreError(store_->status(), | 205 ReportResult(EnrollmentStatus::ForStoreError(store_->status(), |
| 206 store_->validation_status())); | 206 store_->validation_status())); |
| 207 } | 207 } |
| 208 | 208 |
| 209 void EnrollmentHandlerChromeOS::CheckStateKeys( | 209 void EnrollmentHandlerChromeOS::HandleStateKeysResult( |
| 210 const std::vector<std::string>& state_keys, bool /* first_boot */) { | 210 const std::vector<std::string>& state_keys, bool /* first_boot */) { |
| 211 CHECK_EQ(STEP_STATE_KEYS, enrollment_step_); | 211 CHECK_EQ(STEP_STATE_KEYS, enrollment_step_); |
| 212 | 212 |
| 213 // Make sure state keys are available if forced re-enrollment is on. | 213 // Make sure state keys are available if forced re-enrollment is on. |
| 214 if (chromeos::AutoEnrollmentController::GetMode() == | 214 if (chromeos::AutoEnrollmentController::GetMode() == |
| 215 chromeos::AutoEnrollmentController::MODE_FORCED_RE_ENROLLMENT) { | 215 chromeos::AutoEnrollmentController::MODE_FORCED_RE_ENROLLMENT) { |
| 216 if (state_keys.empty()) { | 216 client_->SetStateKeysToUpload(state_keys); |
| 217 current_state_key_ = state_keys_broker_->current_state_key(); |
| 218 if (state_keys.empty() || current_state_key_.empty()) { |
| 217 ReportResult( | 219 ReportResult( |
| 218 EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_NO_STATE_KEYS)); | 220 EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_NO_STATE_KEYS)); |
| 219 return; | 221 return; |
| 220 } | 222 } |
| 221 client_->SetStateKeysToUpload(state_keys); | |
| 222 current_state_key_ = state_keys_broker_->current_state_key(); | |
| 223 } | 223 } |
| 224 | 224 |
| 225 enrollment_step_ = STEP_LOADING_STORE; | 225 enrollment_step_ = STEP_LOADING_STORE; |
| 226 AttemptRegistration(); | 226 StartRegistration(); |
| 227 } | 227 } |
| 228 | 228 |
| 229 void EnrollmentHandlerChromeOS::AttemptRegistration() { | 229 void EnrollmentHandlerChromeOS::StartRegistration() { |
| 230 CHECK_EQ(STEP_LOADING_STORE, enrollment_step_); | 230 CHECK_EQ(STEP_LOADING_STORE, enrollment_step_); |
| 231 if (store_->is_initialized()) { | 231 if (store_->is_initialized()) { |
| 232 enrollment_step_ = STEP_REGISTRATION; | 232 enrollment_step_ = STEP_REGISTRATION; |
| 233 client_->Register(em::DeviceRegisterRequest::DEVICE, | 233 client_->Register(em::DeviceRegisterRequest::DEVICE, |
| 234 auth_token_, client_id_, is_auto_enrollment_, | 234 auth_token_, client_id_, is_auto_enrollment_, |
| 235 requisition_, current_state_key_); | 235 requisition_, current_state_key_); |
| 236 } else { |
| 237 // Do nothing. StartRegistration() will be called again from OnStoreLoaded() |
| 238 // after the CloudPolicyStore has initialized. |
| 236 } | 239 } |
| 237 } | 240 } |
| 238 | 241 |
| 239 void EnrollmentHandlerChromeOS::PolicyValidated( | 242 void EnrollmentHandlerChromeOS::HandlePolicyValidationResult( |
| 240 DeviceCloudPolicyValidator* validator) { | 243 DeviceCloudPolicyValidator* validator) { |
| 241 CHECK_EQ(STEP_VALIDATION, enrollment_step_); | 244 CHECK_EQ(STEP_VALIDATION, enrollment_step_); |
| 242 if (validator->success()) { | 245 if (validator->success()) { |
| 243 policy_ = validator->policy().Pass(); | 246 policy_ = validator->policy().Pass(); |
| 244 username_ = validator->policy_data()->username(); | 247 username_ = validator->policy_data()->username(); |
| 245 device_id_ = validator->policy_data()->device_id(); | 248 device_id_ = validator->policy_data()->device_id(); |
| 246 request_token_ = validator->policy_data()->request_token(); | 249 request_token_ = validator->policy_data()->request_token(); |
| 247 | 250 |
| 248 if (CommandLine::ForCurrentProcess()->HasSwitch( | 251 if (CommandLine::ForCurrentProcess()->HasSwitch( |
| 249 chromeos::switches::kEnterpriseEnrollmentSkipRobotAuth)) { | 252 chromeos::switches::kEnterpriseEnrollmentSkipRobotAuth)) { |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 295 | 298 |
| 296 enrollment_step_ = STEP_LOCK_DEVICE; | 299 enrollment_step_ = STEP_LOCK_DEVICE; |
| 297 StartLockDevice(); | 300 StartLockDevice(); |
| 298 } | 301 } |
| 299 | 302 |
| 300 // GaiaOAuthClient::Delegate | 303 // GaiaOAuthClient::Delegate |
| 301 void EnrollmentHandlerChromeOS::OnRefreshTokenResponse( | 304 void EnrollmentHandlerChromeOS::OnRefreshTokenResponse( |
| 302 const std::string& access_token, | 305 const std::string& access_token, |
| 303 int expires_in_seconds) { | 306 int expires_in_seconds) { |
| 304 // We never use the code that should trigger this callback. | 307 // We never use the code that should trigger this callback. |
| 305 LOG(FATAL) << "Unexpected callback invoked"; | 308 LOG(FATAL) << "Unexpected callback invoked."; |
| 306 } | 309 } |
| 307 | 310 |
| 308 // GaiaOAuthClient::Delegate OAuth2 error when fetching refresh token request. | 311 // GaiaOAuthClient::Delegate OAuth2 error when fetching refresh token request. |
| 309 void EnrollmentHandlerChromeOS::OnOAuthError() { | 312 void EnrollmentHandlerChromeOS::OnOAuthError() { |
| 310 CHECK_EQ(STEP_ROBOT_AUTH_REFRESH, enrollment_step_); | 313 CHECK_EQ(STEP_ROBOT_AUTH_REFRESH, enrollment_step_); |
| 311 // OnOAuthError is only called if the request is bad (malformed) or the | 314 // OnOAuthError is only called if the request is bad (malformed) or the |
| 312 // response is bad (empty access token returned). | 315 // response is bad (empty access token returned). |
| 313 LOG(ERROR) << "OAuth protocol error while fetching API refresh token."; | 316 LOG(ERROR) << "OAuth protocol error while fetching API refresh token."; |
| 314 ReportResult( | 317 ReportResult( |
| 315 EnrollmentStatus::ForRobotRefreshFetchError(net::HTTP_BAD_REQUEST)); | 318 EnrollmentStatus::ForRobotRefreshFetchError(net::HTTP_BAD_REQUEST)); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 328 CHECK_EQ(STEP_LOCK_DEVICE, enrollment_step_); | 331 CHECK_EQ(STEP_LOCK_DEVICE, enrollment_step_); |
| 329 // Since this method is also called directly. | 332 // Since this method is also called directly. |
| 330 weak_ptr_factory_.InvalidateWeakPtrs(); | 333 weak_ptr_factory_.InvalidateWeakPtrs(); |
| 331 | 334 |
| 332 if (management_mode_ == em::PolicyData::CONSUMER_MANAGED) { | 335 if (management_mode_ == em::PolicyData::CONSUMER_MANAGED) { |
| 333 // Consumer device enrollment doesn't use install attributes. Instead, | 336 // Consumer device enrollment doesn't use install attributes. Instead, |
| 334 // we put the information in the owners settings. | 337 // we put the information in the owners settings. |
| 335 enrollment_step_ = STEP_STORE_TOKEN_AND_ID; | 338 enrollment_step_ = STEP_STORE_TOKEN_AND_ID; |
| 336 device_settings_service_->SetManagementSettings( | 339 device_settings_service_->SetManagementSettings( |
| 337 management_mode_, request_token_, device_id_, | 340 management_mode_, request_token_, device_id_, |
| 338 base::Bind(&EnrollmentHandlerChromeOS::OnSetManagementSettingsDone, | 341 base::Bind(&EnrollmentHandlerChromeOS::HandleSetManagementSettingsDone, |
| 339 weak_ptr_factory_.GetWeakPtr())); | 342 weak_ptr_factory_.GetWeakPtr())); |
| 340 } else { | 343 } else { |
| 341 install_attributes_->LockDevice( | 344 install_attributes_->LockDevice( |
| 342 username_, device_mode_, device_id_, | 345 username_, device_mode_, device_id_, |
| 343 base::Bind(&EnrollmentHandlerChromeOS::HandleLockDeviceResult, | 346 base::Bind(&EnrollmentHandlerChromeOS::HandleLockDeviceResult, |
| 344 weak_ptr_factory_.GetWeakPtr())); | 347 weak_ptr_factory_.GetWeakPtr())); |
| 345 } | 348 } |
| 346 } | 349 } |
| 347 | 350 |
| 348 void EnrollmentHandlerChromeOS::OnSetManagementSettingsDone() { | 351 void EnrollmentHandlerChromeOS::HandleSetManagementSettingsDone() { |
| 349 CHECK_EQ(STEP_STORE_TOKEN_AND_ID, enrollment_step_); | 352 CHECK_EQ(STEP_STORE_TOKEN_AND_ID, enrollment_step_); |
| 350 if (device_settings_service_->status() != | 353 if (device_settings_service_->status() != |
| 351 chromeos::DeviceSettingsService::STORE_SUCCESS) { | 354 chromeos::DeviceSettingsService::STORE_SUCCESS) { |
| 352 ReportResult(EnrollmentStatus::ForStatus( | 355 ReportResult(EnrollmentStatus::ForStatus( |
| 353 EnrollmentStatus::STATUS_STORE_TOKEN_AND_ID_FAILED)); | 356 EnrollmentStatus::STATUS_STORE_TOKEN_AND_ID_FAILED)); |
| 354 return; | 357 return; |
| 355 } | 358 } |
| 356 | 359 |
| 357 StoreRobotAuth(); | 360 StartStoreRobotAuth(); |
| 358 } | 361 } |
| 359 | 362 |
| 360 void EnrollmentHandlerChromeOS::HandleLockDeviceResult( | 363 void EnrollmentHandlerChromeOS::HandleLockDeviceResult( |
| 361 EnterpriseInstallAttributes::LockResult lock_result) { | 364 EnterpriseInstallAttributes::LockResult lock_result) { |
| 362 CHECK_EQ(STEP_LOCK_DEVICE, enrollment_step_); | 365 CHECK_EQ(STEP_LOCK_DEVICE, enrollment_step_); |
| 363 switch (lock_result) { | 366 switch (lock_result) { |
| 364 case EnterpriseInstallAttributes::LOCK_SUCCESS: | 367 case EnterpriseInstallAttributes::LOCK_SUCCESS: |
| 365 StoreRobotAuth(); | 368 StartStoreRobotAuth(); |
| 366 return; | 369 break; |
| 367 case EnterpriseInstallAttributes::LOCK_NOT_READY: | 370 case EnterpriseInstallAttributes::LOCK_NOT_READY: |
| 368 // We wait up to |kLockRetryTimeoutMs| milliseconds and if it hasn't | 371 // We wait up to |kLockRetryTimeoutMs| milliseconds and if it hasn't |
| 369 // succeeded by then show an error to the user and stop the enrollment. | 372 // succeeded by then show an error to the user and stop the enrollment. |
| 370 if (lockbox_init_duration_ < kLockRetryTimeoutMs) { | 373 if (lockbox_init_duration_ < kLockRetryTimeoutMs) { |
| 371 // InstallAttributes not ready yet, retry later. | 374 // InstallAttributes not ready yet, retry later. |
| 372 LOG(WARNING) << "Install Attributes not ready yet will retry in " | 375 LOG(WARNING) << "Install Attributes not ready yet will retry in " |
| 373 << kLockRetryIntervalMs << "ms."; | 376 << kLockRetryIntervalMs << "ms."; |
| 374 base::MessageLoop::current()->PostDelayedTask( | 377 base::MessageLoop::current()->PostDelayedTask( |
| 375 FROM_HERE, | 378 FROM_HERE, |
| 376 base::Bind(&EnrollmentHandlerChromeOS::StartLockDevice, | 379 base::Bind(&EnrollmentHandlerChromeOS::StartLockDevice, |
| 377 weak_ptr_factory_.GetWeakPtr()), | 380 weak_ptr_factory_.GetWeakPtr()), |
| 378 base::TimeDelta::FromMilliseconds(kLockRetryIntervalMs)); | 381 base::TimeDelta::FromMilliseconds(kLockRetryIntervalMs)); |
| 379 lockbox_init_duration_ += kLockRetryIntervalMs; | 382 lockbox_init_duration_ += kLockRetryIntervalMs; |
| 380 } else { | 383 } else { |
| 381 ReportResult(EnrollmentStatus::ForStatus( | 384 ReportResult(EnrollmentStatus::ForStatus( |
| 382 EnrollmentStatus::STATUS_LOCK_TIMEOUT)); | 385 EnrollmentStatus::STATUS_LOCK_TIMEOUT)); |
| 383 } | 386 } |
| 384 return; | 387 break; |
| 385 case EnterpriseInstallAttributes::LOCK_BACKEND_ERROR: | 388 case EnterpriseInstallAttributes::LOCK_BACKEND_ERROR: |
| 386 ReportResult(EnrollmentStatus::ForStatus( | 389 ReportResult(EnrollmentStatus::ForStatus( |
| 387 EnrollmentStatus::STATUS_LOCK_ERROR)); | 390 EnrollmentStatus::STATUS_LOCK_ERROR)); |
| 388 return; | 391 break; |
| 389 case EnterpriseInstallAttributes::LOCK_WRONG_USER: | 392 case EnterpriseInstallAttributes::LOCK_WRONG_USER: |
| 390 LOG(ERROR) << "Enrollment cannot proceed because the InstallAttrs " | 393 LOG(ERROR) << "Enrollment cannot proceed because the InstallAttrs " |
| 391 << "has been locked already!"; | 394 << "has been locked already!"; |
| 392 ReportResult(EnrollmentStatus::ForStatus( | 395 ReportResult(EnrollmentStatus::ForStatus( |
| 393 EnrollmentStatus::STATUS_LOCK_WRONG_USER)); | 396 EnrollmentStatus::STATUS_LOCK_WRONG_USER)); |
| 394 return; | 397 break; |
| 395 } | 398 } |
| 396 | |
| 397 NOTREACHED() << "Invalid lock result " << lock_result; | |
| 398 ReportResult(EnrollmentStatus::ForStatus( | |
| 399 EnrollmentStatus::STATUS_LOCK_ERROR)); | |
| 400 } | 399 } |
| 401 | 400 |
| 402 void EnrollmentHandlerChromeOS::StoreRobotAuth() { | 401 void EnrollmentHandlerChromeOS::StartStoreRobotAuth() { |
| 403 // Get the token service so we can store our robot refresh token. | 402 // Get the token service so we can store our robot refresh token. |
| 404 enrollment_step_ = STEP_STORE_ROBOT_AUTH; | 403 enrollment_step_ = STEP_STORE_ROBOT_AUTH; |
| 405 chromeos::DeviceOAuth2TokenServiceFactory::Get()->SetAndSaveRefreshToken( | 404 chromeos::DeviceOAuth2TokenServiceFactory::Get()->SetAndSaveRefreshToken( |
| 406 refresh_token_, | 405 refresh_token_, |
| 407 base::Bind(&EnrollmentHandlerChromeOS::HandleRobotAuthTokenStored, | 406 base::Bind(&EnrollmentHandlerChromeOS::HandleStoreRobotAuthTokenResult, |
| 408 weak_ptr_factory_.GetWeakPtr())); | 407 weak_ptr_factory_.GetWeakPtr())); |
| 409 } | 408 } |
| 410 | 409 |
| 411 void EnrollmentHandlerChromeOS::HandleRobotAuthTokenStored(bool result) { | 410 void EnrollmentHandlerChromeOS::HandleStoreRobotAuthTokenResult(bool result) { |
| 412 CHECK_EQ(STEP_STORE_ROBOT_AUTH, enrollment_step_); | 411 CHECK_EQ(STEP_STORE_ROBOT_AUTH, enrollment_step_); |
| 413 | 412 |
| 414 if (!result) { | 413 if (!result) { |
| 415 LOG(ERROR) << "Failed to store API refresh token."; | 414 LOG(ERROR) << "Failed to store API refresh token."; |
| 416 ReportResult(EnrollmentStatus::ForStatus( | 415 ReportResult(EnrollmentStatus::ForStatus( |
| 417 EnrollmentStatus::STATUS_ROBOT_REFRESH_STORE_FAILED)); | 416 EnrollmentStatus::STATUS_ROBOT_REFRESH_STORE_FAILED)); |
| 418 return; | 417 return; |
| 419 } | 418 } |
| 420 | 419 |
| 421 if (management_mode_ == em::PolicyData::CONSUMER_MANAGED) { | 420 if (management_mode_ == em::PolicyData::CONSUMER_MANAGED) { |
| (...skipping 13 matching lines...) Expand all Loading... |
| 435 weak_ptr_factory_.InvalidateWeakPtrs(); | 434 weak_ptr_factory_.InvalidateWeakPtrs(); |
| 436 completion_callback_.Reset(); | 435 completion_callback_.Reset(); |
| 437 } | 436 } |
| 438 | 437 |
| 439 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) { | 438 void EnrollmentHandlerChromeOS::ReportResult(EnrollmentStatus status) { |
| 440 EnrollmentCallback callback = completion_callback_; | 439 EnrollmentCallback callback = completion_callback_; |
| 441 Stop(); | 440 Stop(); |
| 442 | 441 |
| 443 if (status.status() != EnrollmentStatus::STATUS_SUCCESS) { | 442 if (status.status() != EnrollmentStatus::STATUS_SUCCESS) { |
| 444 LOG(WARNING) << "Enrollment failed: " << status.status() | 443 LOG(WARNING) << "Enrollment failed: " << status.status() |
| 445 << " " << status.client_status() | 444 << ", client: " << status.client_status() |
| 446 << " " << status.validation_status() | 445 << ", validation: " << status.validation_status() |
| 447 << " " << status.store_status(); | 446 << ", store: " << status.store_status(); |
| 448 } | 447 } |
| 449 | 448 |
| 450 if (!callback.is_null()) | 449 if (!callback.is_null()) |
| 451 callback.Run(status); | 450 callback.Run(status); |
| 452 } | 451 } |
| 453 | 452 |
| 454 } // namespace policy | 453 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 465413002:
Minor cleanup of EnrollmentHandlerChromeOS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master