Google Git
Sign in
chromium / chromium / src / 11ae6639a / . / chrome / browser / chromeos / policy / consumer_enrollment_handler.cc
blob: 25cfdb544185f7812c1c08c7fa23f65454cb9377 [file] [log] [blame]
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/policy/consumer_enrollment_handler.h"
#include "base/bind.h"
#include "base/location.h"
#include "base/logging.h"
#include "base/message_loop/message_loop.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/browser_process_platform_part.h"
#include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos_factory.h"
#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
#include "chrome/browser/chromeos/policy/consumer_management_service.h"
#include "chrome/browser/chromeos/policy/consumer_management_stage.h"
#include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h"
#include "chrome/browser/chromeos/policy/enrollment_config.h"
#include "chrome/browser/chromeos/policy/enrollment_status_chromeos.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
#include "chrome/browser/signin/signin_manager_factory.h"
#include "components/policy/core/common/cloud/cloud_policy_constants.h"
#include "components/signin/core/browser/profile_oauth2_token_service.h"
#include "components/signin/core/browser/signin_manager_base.h"
#include "google_apis/gaia/gaia_constants.h"
#include "google_apis/gaia/google_service_auth_error.h"
namespace policy {
ConsumerEnrollmentHandler::ConsumerEnrollmentHandler(
Profile* profile,
ConsumerManagementService* consumer_management_service,
DeviceManagementService* device_management_service)
: Consumer("consumer_enrollment_handler"),
profile_(profile),
consumer_management_service_(consumer_management_service),
device_management_service_(device_management_service),
weak_ptr_factory_(this) {
gaia_account_id_ = SigninManagerFactory::GetForProfile(profile)->
GetAuthenticatedAccountId();
ContinueEnrollmentProcess();
}
ConsumerEnrollmentHandler::~ConsumerEnrollmentHandler() {
}
void ConsumerEnrollmentHandler::Shutdown() {
ProfileOAuth2TokenServiceFactory::GetForProfile(profile_)->
RemoveObserver(this);
}
void ConsumerEnrollmentHandler::OnRefreshTokenAvailable(
const std::string& account_id) {
if (account_id == gaia_account_id_) {
ProfileOAuth2TokenServiceFactory::GetForProfile(profile_)->
RemoveObserver(this);
OnOwnerRefreshTokenAvailable();
}
}
void ConsumerEnrollmentHandler::OnGetTokenSuccess(
const OAuth2TokenService::Request* request,
const std::string& access_token,
const base::Time& expiration_time) {
DCHECK_EQ(token_request_, request);
base::MessageLoop::current()->DeleteSoon(FROM_HERE, token_request_.release());
OnOwnerAccessTokenAvailable(access_token);
}
void ConsumerEnrollmentHandler::OnGetTokenFailure(
const OAuth2TokenService::Request* request,
const GoogleServiceAuthError& error) {
DCHECK_EQ(token_request_, request);
base::MessageLoop::current()->DeleteSoon(FROM_HERE, token_request_.release());
LOG(ERROR) << "Failed to get the access token: " << error.ToString();
EndEnrollment(ConsumerManagementStage::EnrollmentGetTokenFailed());
}
void ConsumerEnrollmentHandler::ContinueEnrollmentProcess() {
// First, we need to ensure that the refresh token is available.
ProfileOAuth2TokenService* token_service =
ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
if (token_service->RefreshTokenIsAvailable(gaia_account_id_)) {
OnOwnerRefreshTokenAvailable();
} else {
token_service->AddObserver(this);
}
}
void ConsumerEnrollmentHandler::OnOwnerRefreshTokenAvailable() {
// Now we can request the OAuth access token for device management to send the
// device registration request to the device management server.
OAuth2TokenService::ScopeSet oauth_scopes;
oauth_scopes.insert(GaiaConstants::kDeviceManagementServiceOAuth);
token_request_ = ProfileOAuth2TokenServiceFactory::GetForProfile(
profile_)->StartRequest(gaia_account_id_, oauth_scopes, this);
}
void ConsumerEnrollmentHandler::OnOwnerAccessTokenAvailable(
const std::string& access_token) {
// Now that we have the access token, we got everything we need to send the
// device registration request to the device management server.
BrowserPolicyConnectorChromeOS* connector =
g_browser_process->platform_part()->browser_policy_connector_chromeos();
DeviceCloudPolicyInitializer* initializer =
connector->GetDeviceCloudPolicyInitializer();
CHECK(initializer);
policy::DeviceCloudPolicyInitializer::AllowedDeviceModes device_modes;
device_modes[policy::DEVICE_MODE_ENTERPRISE] = true;
EnrollmentConfig enrollment_config;
enrollment_config.mode = EnrollmentConfig::MODE_MANUAL;
initializer->StartEnrollment(
MANAGEMENT_MODE_CONSUMER_MANAGED, device_management_service_,
chromeos::OwnerSettingsServiceChromeOSFactory::GetForBrowserContext(
profile_),
enrollment_config, access_token, device_modes,
base::Bind(&ConsumerEnrollmentHandler::OnEnrollmentCompleted,
weak_ptr_factory_.GetWeakPtr()));
}
void ConsumerEnrollmentHandler::OnEnrollmentCompleted(EnrollmentStatus status) {
if (status.status() != EnrollmentStatus::STATUS_SUCCESS) {
LOG(ERROR) << "Failed to enroll the device."
<< " status=" << status.status()
<< " client_status=" << status.client_status()
<< " http_status=" << status.http_status()
<< " store_status=" << status.store_status()
<< " validation_status=" << status.validation_status();
EndEnrollment(ConsumerManagementStage::EnrollmentDMServerFailed());
return;
}
EndEnrollment(ConsumerManagementStage::EnrollmentSuccess());
}
void ConsumerEnrollmentHandler::EndEnrollment(
const ConsumerManagementStage& stage) {
consumer_management_service_->SetStage(stage);
}
} // namespace policy