This source file includes following definitions.
- EnrollmentModeToString
- Start
- OnOAuth2RevokeTokenCompleted
- browsing_data_remover_
- RegisterMessages
- SetParameters
- PrepareToShow
- Show
- Hide
- FetchOAuthToken
- ResetAuth
- ShowSigninScreen
- ShowEnrollmentSpinnerScreen
- ShowLoginSpinnerScreen
- ShowAuthError
- ShowUIError
- ShowEnrollmentStatus
- Initialize
- DeclareLocalizedValues
- OnBrowsingDataRemoverDone
- HandleRetrieveAuthenticatedUserEmail
- HandleClose
- HandleCompleteLogin
- HandleRetry
- ShowStep
- ShowError
- ShowErrorMessage
- ShowWorking
- OnTokenFetched
- DoShow
#include "chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.h"
#include <algorithm>
#include "base/bind.h"
#include "base/bind_helpers.h"
#include "base/compiler_specific.h"
#include "base/message_loop/message_loop.h"
#include "base/values.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/browsing_data/browsing_data_helper.h"
#include "chrome/browser/browsing_data/browsing_data_remover.h"
#include "chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/webui/chromeos/login/authenticated_user_email_retriever.h"
#include "chrome/browser/ui/webui/chromeos/login/oobe_ui.h"
#include "components/policy/core/browser/cloud/message_util.h"
#include "content/public/browser/web_contents.h"
#include "google_apis/gaia/gaia_auth_fetcher.h"
#include "google_apis/gaia/gaia_auth_util.h"
#include "google_apis/gaia/gaia_constants.h"
#include "google_apis/gaia/gaia_urls.h"
#include "google_apis/gaia/google_service_auth_error.h"
#include "grit/chromium_strings.h"
#include "grit/generated_resources.h"
#include "net/url_request/url_request_context_getter.h"
#include "ui/base/l10n/l10n_util.h"
namespace chromeos {
namespace {
const char kJsScreenPath[] = "login.OAuthEnrollmentScreen";
const char kGaiaExtStartPage[] =
"chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/main.html";
const char kEnrollmentStepSignin[] = "signin";
const char kEnrollmentStepSuccess[] = "success";
const char kEnrollmentModeManual[] = "manual";
const char kEnrollmentModeForced[] = "forced";
const char kEnrollmentModeAuto[] = "auto";
std::string EnrollmentModeToString(EnrollmentScreenActor::EnrollmentMode mode) {
switch (mode) {
case EnrollmentScreenActor::ENROLLMENT_MODE_MANUAL:
return kEnrollmentModeManual;
case EnrollmentScreenActor::ENROLLMENT_MODE_FORCED:
return kEnrollmentModeForced;
case EnrollmentScreenActor::ENROLLMENT_MODE_AUTO:
return kEnrollmentModeAuto;
}
NOTREACHED() << "Bad enrollment mode " << mode;
return kEnrollmentModeManual;
}
class TokenRevoker : public GaiaAuthConsumer {
public:
TokenRevoker()
: gaia_fetcher_(this,
GaiaConstants::kChromeOSSource,
g_browser_process->system_request_context()) {}
virtual ~TokenRevoker() {}
void Start(const std::string& token) {
gaia_fetcher_.StartRevokeOAuth2Token(token);
}
virtual void OnOAuth2RevokeTokenCompleted() OVERRIDE {
base::MessageLoop::current()->DeleteSoon(FROM_HERE, this);
}
private:
GaiaAuthFetcher gaia_fetcher_;
DISALLOW_COPY_AND_ASSIGN(TokenRevoker);
};
}
EnrollmentScreenHandler::EnrollmentScreenHandler()
: BaseScreenHandler(kJsScreenPath),
controller_(NULL),
show_on_init_(false),
enrollment_mode_(ENROLLMENT_MODE_MANUAL),
browsing_data_remover_(NULL) {
set_async_assets_load_id(OobeUI::kScreenOobeEnrollment);
}
EnrollmentScreenHandler::~EnrollmentScreenHandler() {
if (browsing_data_remover_)
browsing_data_remover_->RemoveObserver(this);
}
void EnrollmentScreenHandler::RegisterMessages() {
AddCallback("oauthEnrollRetrieveAuthenticatedUserEmail",
&EnrollmentScreenHandler::HandleRetrieveAuthenticatedUserEmail);
AddCallback("oauthEnrollClose",
&EnrollmentScreenHandler::HandleClose);
AddCallback("oauthEnrollCompleteLogin",
&EnrollmentScreenHandler::HandleCompleteLogin);
AddCallback("oauthEnrollRetry",
&EnrollmentScreenHandler::HandleRetry);
}
void EnrollmentScreenHandler::SetParameters(
Controller* controller,
EnrollmentMode enrollment_mode,
const std::string& management_domain) {
controller_ = controller;
enrollment_mode_ = enrollment_mode;
management_domain_ = management_domain;
}
void EnrollmentScreenHandler::PrepareToShow() {
}
void EnrollmentScreenHandler::Show() {
if (!page_is_ready())
show_on_init_ = true;
else
DoShow();
}
void EnrollmentScreenHandler::Hide() {
}
void EnrollmentScreenHandler::FetchOAuthToken() {
Profile* profile = Profile::FromWebUI(web_ui());
oauth_fetcher_.reset(
new policy::PolicyOAuth2TokenFetcher(
profile->GetRequestContext(),
g_browser_process->system_request_context(),
base::Bind(&EnrollmentScreenHandler::OnTokenFetched,
base::Unretained(this))));
oauth_fetcher_->Start();
}
void EnrollmentScreenHandler::ResetAuth(const base::Closure& callback) {
auth_reset_callbacks_.push_back(callback);
if (browsing_data_remover_)
return;
if (oauth_fetcher_) {
if (!oauth_fetcher_->oauth2_access_token().empty())
(new TokenRevoker())->Start(oauth_fetcher_->oauth2_access_token());
if (!oauth_fetcher_->oauth2_refresh_token().empty())
(new TokenRevoker())->Start(oauth_fetcher_->oauth2_refresh_token());
}
Profile* profile = Profile::FromBrowserContext(
web_ui()->GetWebContents()->GetBrowserContext());
browsing_data_remover_ =
BrowsingDataRemover::CreateForUnboundedRange(profile);
browsing_data_remover_->AddObserver(this);
browsing_data_remover_->Remove(BrowsingDataRemover::REMOVE_SITE_DATA,
BrowsingDataHelper::UNPROTECTED_WEB);
}
void EnrollmentScreenHandler::ShowSigninScreen() {
ShowStep(kEnrollmentStepSignin);
}
void EnrollmentScreenHandler::ShowEnrollmentSpinnerScreen() {
ShowWorking(IDS_ENTERPRISE_ENROLLMENT_WORKING);
}
void EnrollmentScreenHandler::ShowLoginSpinnerScreen() {
ShowWorking(IDS_ENTERPRISE_ENROLLMENT_RESUMING_LOGIN);
}
void EnrollmentScreenHandler::ShowAuthError(
const GoogleServiceAuthError& error) {
switch (error.state()) {
case GoogleServiceAuthError::NONE:
case GoogleServiceAuthError::CAPTCHA_REQUIRED:
case GoogleServiceAuthError::TWO_FACTOR:
case GoogleServiceAuthError::HOSTED_NOT_ALLOWED:
case GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS:
case GoogleServiceAuthError::REQUEST_CANCELED:
case GoogleServiceAuthError::UNEXPECTED_SERVICE_RESPONSE:
case GoogleServiceAuthError::SERVICE_ERROR:
ShowError(IDS_ENTERPRISE_ENROLLMENT_AUTH_FATAL_ERROR, false);
return;
case GoogleServiceAuthError::USER_NOT_SIGNED_UP:
case GoogleServiceAuthError::ACCOUNT_DELETED:
case GoogleServiceAuthError::ACCOUNT_DISABLED:
ShowError(IDS_ENTERPRISE_ENROLLMENT_AUTH_ACCOUNT_ERROR, true);
return;
case GoogleServiceAuthError::CONNECTION_FAILED:
case GoogleServiceAuthError::SERVICE_UNAVAILABLE:
ShowError(IDS_ENTERPRISE_ENROLLMENT_AUTH_NETWORK_ERROR, true);
return;
case GoogleServiceAuthError::NUM_STATES:
break;
}
NOTREACHED();
}
void EnrollmentScreenHandler::ShowUIError(UIError error) {
switch (error) {
case UI_ERROR_DOMAIN_MISMATCH:
ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_WRONG_USER, true);
return;
case UI_ERROR_AUTO_ENROLLMENT_BAD_MODE:
ShowError(IDS_ENTERPRISE_AUTO_ENROLLMENT_BAD_MODE, true);
return;
case UI_ERROR_FATAL:
ShowError(IDS_ENTERPRISE_ENROLLMENT_FATAL_ENROLLMENT_ERROR, true);
return;
}
NOTREACHED();
}
void EnrollmentScreenHandler::ShowEnrollmentStatus(
policy::EnrollmentStatus status) {
switch (status.status()) {
case policy::EnrollmentStatus::STATUS_SUCCESS:
ShowStep(kEnrollmentStepSuccess);
return;
case policy::EnrollmentStatus::STATUS_REGISTRATION_FAILED:
switch (status.client_status()) {
case policy::DM_STATUS_SERVICE_MANAGEMENT_NOT_SUPPORTED:
ShowError(IDS_ENTERPRISE_ENROLLMENT_ACCOUNT_ERROR, true);
break;
case policy::DM_STATUS_SERVICE_MISSING_LICENSES:
ShowError(IDS_ENTERPRISE_ENROLLMENT_MISSING_LICENSES_ERROR, true);
break;
case policy::DM_STATUS_SERVICE_DEPROVISIONED:
ShowError(IDS_ENTERPRISE_ENROLLMENT_DEPROVISIONED_ERROR, true);
break;
case policy::DM_STATUS_SERVICE_DOMAIN_MISMATCH:
ShowError(IDS_ENTERPRISE_ENROLLMENT_DOMAIN_MISMATCH_ERROR, true);
break;
default:
ShowErrorMessage(
l10n_util::GetStringFUTF8(
IDS_ENTERPRISE_ENROLLMENT_STATUS_REGISTRATION_FAILED,
policy::FormatDeviceManagementStatus(status.client_status())),
true);
}
return;
case policy::EnrollmentStatus::STATUS_ROBOT_AUTH_FETCH_FAILED:
ShowError(IDS_ENTERPRISE_ENROLLMENT_ROBOT_AUTH_FETCH_FAILED, true);
return;
case policy::EnrollmentStatus::STATUS_ROBOT_REFRESH_FETCH_FAILED:
ShowError(IDS_ENTERPRISE_ENROLLMENT_ROBOT_REFRESH_FETCH_FAILED, true);
return;
case policy::EnrollmentStatus::STATUS_ROBOT_REFRESH_STORE_FAILED:
ShowError(IDS_ENTERPRISE_ENROLLMENT_ROBOT_REFRESH_STORE_FAILED, true);
return;
case policy::EnrollmentStatus::STATUS_REGISTRATION_BAD_MODE:
ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_REGISTRATION_BAD_MODE, false);
return;
case policy::EnrollmentStatus::STATUS_POLICY_FETCH_FAILED:
ShowErrorMessage(
l10n_util::GetStringFUTF8(
IDS_ENTERPRISE_ENROLLMENT_STATUS_POLICY_FETCH_FAILED,
policy::FormatDeviceManagementStatus(status.client_status())),
true);
return;
case policy::EnrollmentStatus::STATUS_VALIDATION_FAILED:
ShowErrorMessage(
l10n_util::GetStringFUTF8(
IDS_ENTERPRISE_ENROLLMENT_STATUS_VALIDATION_FAILED,
policy::FormatValidationStatus(status.validation_status())),
true);
return;
case policy::EnrollmentStatus::STATUS_LOCK_ERROR:
ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_ERROR, false);
return;
case policy::EnrollmentStatus::STATUS_LOCK_TIMEOUT:
ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_TIMEOUT, false);
return;
case policy::EnrollmentStatus::STATUS_LOCK_WRONG_USER:
ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_WRONG_USER, true);
return;
case policy::EnrollmentStatus::STATUS_STORE_ERROR:
ShowErrorMessage(
l10n_util::GetStringFUTF8(
IDS_ENTERPRISE_ENROLLMENT_STATUS_STORE_ERROR,
policy::FormatStoreStatus(status.store_status(),
status.validation_status())),
true);
return;
}
NOTREACHED();
}
void EnrollmentScreenHandler::Initialize() {
if (show_on_init_) {
Show();
show_on_init_ = false;
}
}
void EnrollmentScreenHandler::DeclareLocalizedValues(
LocalizedValuesBuilder* builder) {
builder->Add("oauthEnrollScreenTitle",
IDS_ENTERPRISE_ENROLLMENT_SCREEN_TITLE);
builder->Add("oauthEnrollDescription", IDS_ENTERPRISE_ENROLLMENT_DESCRIPTION);
builder->Add("oauthEnrollReEnrollmentText",
IDS_ENTERPRISE_ENROLLMENT_RE_ENROLLMENT_TEXT);
builder->Add("oauthEnrollRetry", IDS_ENTERPRISE_ENROLLMENT_RETRY);
builder->Add("oauthEnrollCancel", IDS_ENTERPRISE_ENROLLMENT_CANCEL);
builder->Add("oauthEnrollDone", IDS_ENTERPRISE_ENROLLMENT_DONE);
builder->Add("oauthEnrollSuccess", IDS_ENTERPRISE_ENROLLMENT_SUCCESS);
builder->Add("oauthEnrollExplain", IDS_ENTERPRISE_ENROLLMENT_EXPLAIN);
builder->Add("oauthEnrollExplainLink",
IDS_ENTERPRISE_ENROLLMENT_EXPLAIN_LINK);
builder->Add("oauthEnrollExplainButton",
IDS_ENTERPRISE_ENROLLMENT_EXPLAIN_BUTTON);
builder->Add("oauthEnrollCancelAutoEnrollmentReally",
IDS_ENTERPRISE_ENROLLMENT_CANCEL_AUTO_REALLY);
builder->Add("oauthEnrollCancelAutoEnrollmentConfirm",
IDS_ENTERPRISE_ENROLLMENT_CANCEL_AUTO_CONFIRM);
builder->Add("oauthEnrollCancelAutoEnrollmentGoBack",
IDS_ENTERPRISE_ENROLLMENT_CANCEL_AUTO_GO_BACK);
}
void EnrollmentScreenHandler::OnBrowsingDataRemoverDone() {
browsing_data_remover_->RemoveObserver(this);
browsing_data_remover_ = NULL;
std::vector<base::Closure> callbacks_to_run;
callbacks_to_run.swap(auth_reset_callbacks_);
for (std::vector<base::Closure>::iterator callback(callbacks_to_run.begin());
callback != callbacks_to_run.end(); ++callback) {
callback->Run();
}
}
void EnrollmentScreenHandler::HandleRetrieveAuthenticatedUserEmail(
double attempt_token) {
email_retriever_.reset(new AuthenticatedUserEmailRetriever(
base::Bind(&EnrollmentScreenHandler::CallJS<double, std::string>,
base::Unretained(this),
"setAuthenticatedUserEmail",
attempt_token),
Profile::FromWebUI(web_ui())->GetRequestContext()));
}
void EnrollmentScreenHandler::HandleClose(const std::string& reason) {
if (!controller_) {
NOTREACHED();
return;
}
if (reason == "cancel" || reason == "autocancel")
controller_->OnCancel();
else if (reason == "done")
controller_->OnConfirmationClosed();
else
NOTREACHED();
}
void EnrollmentScreenHandler::HandleCompleteLogin(const std::string& user) {
if (!controller_) {
NOTREACHED();
return;
}
controller_->OnLoginDone(gaia::SanitizeEmail(user));
}
void EnrollmentScreenHandler::HandleRetry() {
if (!controller_) {
NOTREACHED();
return;
}
controller_->OnRetry();
}
void EnrollmentScreenHandler::ShowStep(const char* step) {
CallJS("showStep", std::string(step));
}
void EnrollmentScreenHandler::ShowError(int message_id, bool retry) {
ShowErrorMessage(l10n_util::GetStringUTF8(message_id), retry);
}
void EnrollmentScreenHandler::ShowErrorMessage(const std::string& message,
bool retry) {
CallJS("showError", message, retry);
}
void EnrollmentScreenHandler::ShowWorking(int message_id) {
CallJS("showWorking", l10n_util::GetStringUTF16(message_id));
}
void EnrollmentScreenHandler::OnTokenFetched(
const std::string& token,
const GoogleServiceAuthError& error) {
if (!controller_)
return;
if (error.state() != GoogleServiceAuthError::NONE)
controller_->OnAuthError(error);
else
controller_->OnOAuthTokenAvailable(token);
}
void EnrollmentScreenHandler::DoShow() {
base::DictionaryValue screen_data;
screen_data.SetString("signin_url", kGaiaExtStartPage);
screen_data.SetString("gaiaUrl", GaiaUrls::GetInstance()->gaia_url().spec());
screen_data.SetString("enrollment_mode",
EnrollmentModeToString(enrollment_mode_));
screen_data.SetString("management_domain", management_domain_);
ShowScreen(OobeUI::kScreenOobeEnrollment, &screen_data);
}
}