| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/cloud/cloud_policy_client.h" | 5 #include "chrome/browser/policy/cloud/cloud_policy_client.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/guid.h" | 8 #include "base/guid.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| 11 #include "chrome/browser/policy/cloud/device_management_service.h" | 11 #include "chrome/browser/policy/cloud/device_management_service.h" |
| 12 #include "google_apis/gaia/gaia_constants.h" |
| 13 #include "google_apis/gaia/gaia_urls.h" |
| 12 | 14 |
| 13 namespace em = enterprise_management; | 15 namespace em = enterprise_management; |
| 14 | 16 |
| 15 namespace policy { | 17 namespace policy { |
| 16 | 18 |
| 17 namespace { | 19 namespace { |
| 18 | 20 |
| 19 // Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used | 21 // Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used |
| 20 // internally to represent different device modes. | 22 // internally to represent different device modes. |
| 21 DeviceMode TranslateProtobufDeviceMode( | 23 DeviceMode TranslateProtobufDeviceMode( |
| (...skipping 10 matching lines...) Expand all Loading... |
| 32 | 34 |
| 33 bool IsChromePolicy(const std::string& type) { | 35 bool IsChromePolicy(const std::string& type) { |
| 34 return type == dm_protocol::kChromeDevicePolicyType || | 36 return type == dm_protocol::kChromeDevicePolicyType || |
| 35 type == dm_protocol::kChromeUserPolicyType; | 37 type == dm_protocol::kChromeUserPolicyType; |
| 36 } | 38 } |
| 37 | 39 |
| 38 } // namespace | 40 } // namespace |
| 39 | 41 |
| 40 CloudPolicyClient::Observer::~Observer() {} | 42 CloudPolicyClient::Observer::~Observer() {} |
| 41 | 43 |
| 44 void CloudPolicyClient::Observer::OnRobotAuthCodesFetched( |
| 45 CloudPolicyClient* client) {} |
| 46 |
| 42 CloudPolicyClient::StatusProvider::~StatusProvider() {} | 47 CloudPolicyClient::StatusProvider::~StatusProvider() {} |
| 43 | 48 |
| 44 CloudPolicyClient::CloudPolicyClient(const std::string& machine_id, | 49 CloudPolicyClient::CloudPolicyClient(const std::string& machine_id, |
| 45 const std::string& machine_model, | 50 const std::string& machine_model, |
| 46 UserAffiliation user_affiliation, | 51 UserAffiliation user_affiliation, |
| 47 StatusProvider* status_provider, | 52 StatusProvider* status_provider, |
| 48 DeviceManagementService* service) | 53 DeviceManagementService* service) |
| 49 : machine_id_(machine_id), | 54 : machine_id_(machine_id), |
| 50 machine_model_(machine_model), | 55 machine_model_(machine_model), |
| 51 user_affiliation_(user_affiliation), | 56 user_affiliation_(user_affiliation), |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 170 request->mutable_session_status_report_request())) { | 175 request->mutable_session_status_report_request())) { |
| 171 request->clear_session_status_report_request(); | 176 request->clear_session_status_report_request(); |
| 172 } | 177 } |
| 173 } | 178 } |
| 174 | 179 |
| 175 // Fire the job. | 180 // Fire the job. |
| 176 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, | 181 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, |
| 177 base::Unretained(this))); | 182 base::Unretained(this))); |
| 178 } | 183 } |
| 179 | 184 |
| 185 void CloudPolicyClient::FetchRobotAuthCodes(const std::string& auth_token) { |
| 186 CHECK(is_registered()); |
| 187 DCHECK(!auth_token.empty()); |
| 188 |
| 189 request_job_.reset(service_->CreateJob( |
| 190 DeviceManagementRequestJob::TYPE_API_AUTH_CODE_FETCH)); |
| 191 // The credentials of a domain user are needed in order to mint a new OAuth2 |
| 192 // authorization token for the robot account. |
| 193 request_job_->SetOAuthToken(auth_token); |
| 194 request_job_->SetDMToken(dm_token_); |
| 195 request_job_->SetClientID(client_id_); |
| 196 |
| 197 em::DeviceServiceApiAccessRequest* request = |
| 198 request_job_->GetRequest()->mutable_service_api_access_request(); |
| 199 request->set_oauth2_client_id( |
| 200 GaiaUrls::GetInstance()->oauth2_chrome_client_id()); |
| 201 request->add_auth_scope(GaiaConstants::kAnyApiOAuth2Scope); |
| 202 |
| 203 request_job_->Start( |
| 204 base::Bind(&CloudPolicyClient::OnFetchRobotAuthCodesCompleted, |
| 205 base::Unretained(this))); |
| 206 } |
| 207 |
| 180 void CloudPolicyClient::Unregister() { | 208 void CloudPolicyClient::Unregister() { |
| 181 DCHECK(service_); | 209 DCHECK(service_); |
| 182 request_job_.reset( | 210 request_job_.reset( |
| 183 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); | 211 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); |
| 184 request_job_->SetDMToken(dm_token_); | 212 request_job_->SetDMToken(dm_token_); |
| 185 request_job_->SetClientID(client_id_); | 213 request_job_->SetClientID(client_id_); |
| 186 request_job_->GetRequest()->mutable_unregister_request(); | 214 request_job_->GetRequest()->mutable_unregister_request(); |
| 187 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, | 215 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, |
| 188 base::Unretained(this))); | 216 base::Unretained(this))); |
| 189 } | 217 } |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 device_mode_ = TranslateProtobufDeviceMode( | 290 device_mode_ = TranslateProtobufDeviceMode( |
| 263 response.register_response().enrollment_type()); | 291 response.register_response().enrollment_type()); |
| 264 } | 292 } |
| 265 | 293 |
| 266 NotifyRegistrationStateChanged(); | 294 NotifyRegistrationStateChanged(); |
| 267 } else { | 295 } else { |
| 268 NotifyClientError(); | 296 NotifyClientError(); |
| 269 } | 297 } |
| 270 } | 298 } |
| 271 | 299 |
| 300 void CloudPolicyClient::OnFetchRobotAuthCodesCompleted( |
| 301 DeviceManagementStatus status, |
| 302 const em::DeviceManagementResponse& response) { |
| 303 if (status == DM_STATUS_SUCCESS && |
| 304 (!response.has_service_api_access_response() || |
| 305 response.service_api_access_response().auth_code().empty())) { |
| 306 LOG(WARNING) << "Invalid service api access response."; |
| 307 status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| 308 } |
| 309 |
| 310 status_ = status; |
| 311 if (status == DM_STATUS_SUCCESS) { |
| 312 robot_api_auth_code_ = response.service_api_access_response().auth_code(); |
| 313 DVLOG(1) << "Device robot account auth code fetch complete - code = " |
| 314 << robot_api_auth_code_; |
| 315 |
| 316 NotifyRobotAuthCodesFetched(); |
| 317 } else { |
| 318 NotifyClientError(); |
| 319 } |
| 320 } |
| 321 |
| 272 void CloudPolicyClient::OnPolicyFetchCompleted( | 322 void CloudPolicyClient::OnPolicyFetchCompleted( |
| 273 DeviceManagementStatus status, | 323 DeviceManagementStatus status, |
| 274 const em::DeviceManagementResponse& response) { | 324 const em::DeviceManagementResponse& response) { |
| 275 if (status == DM_STATUS_SUCCESS) { | 325 if (status == DM_STATUS_SUCCESS) { |
| 276 if (!response.has_policy_response() || | 326 if (!response.has_policy_response() || |
| 277 response.policy_response().response_size() == 0) { | 327 response.policy_response().response_size() == 0) { |
| 278 LOG(WARNING) << "Empty policy response."; | 328 LOG(WARNING) << "Empty policy response."; |
| 279 status = DM_STATUS_RESPONSE_DECODING_ERROR; | 329 status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| 280 } | 330 } |
| 281 } | 331 } |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 351 } | 401 } |
| 352 | 402 |
| 353 void CloudPolicyClient::NotifyPolicyFetched() { | 403 void CloudPolicyClient::NotifyPolicyFetched() { |
| 354 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this)); | 404 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this)); |
| 355 } | 405 } |
| 356 | 406 |
| 357 void CloudPolicyClient::NotifyRegistrationStateChanged() { | 407 void CloudPolicyClient::NotifyRegistrationStateChanged() { |
| 358 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this)); | 408 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this)); |
| 359 } | 409 } |
| 360 | 410 |
| 411 void CloudPolicyClient::NotifyRobotAuthCodesFetched() { |
| 412 FOR_EACH_OBSERVER(Observer, observers_, OnRobotAuthCodesFetched(this)); |
| 413 } |
| 414 |
| 361 void CloudPolicyClient::NotifyClientError() { | 415 void CloudPolicyClient::NotifyClientError() { |
| 362 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this)); | 416 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this)); |
| 363 } | 417 } |
| 364 | 418 |
| 365 } // namespace policy | 419 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12538009:
Public Sessions: fetch device robot api token during enterprise enrollment. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master