#include "base/logging.h"
#include "base/strings/string_number_conversions.h"
#include "chrome/browser/browser_process.h"
+#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
#include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"
+#include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h"
#include "chromeos/chromeos_switches.h"
-#include "components/policy/core/browser/browser_policy_connector.h"
#include "components/policy/core/common/cloud/device_management_service.h"
#include "net/url_request/url_request_context_getter.h"
} // namespace
+const char AutoEnrollmentController::kForcedReEnrollmentAlways[] = "always";
+const char AutoEnrollmentController::kForcedReEnrollmentLegacy[] = "legacy";
+const char AutoEnrollmentController::kForcedReEnrollmentNever[] = "never";
+const char AutoEnrollmentController::kForcedReEnrollmentOfficialBuild[] =
+ "official";
+
+AutoEnrollmentController::Mode AutoEnrollmentController::GetMode() {
+ CommandLine* command_line = CommandLine::ForCurrentProcess();
+
+ if (!command_line->HasSwitch(switches::kEnterpriseEnableForcedReEnrollment))
+ return MODE_LEGACY_AUTO_ENROLLMENT;
+
+ std::string command_line_mode = command_line->GetSwitchValueASCII(
+ switches::kEnterpriseEnableForcedReEnrollment);
+ if (command_line_mode == kForcedReEnrollmentAlways) {
+ return MODE_FORCED_RE_ENROLLMENT;
+ } else if (command_line_mode.empty() ||
+ command_line_mode == kForcedReEnrollmentOfficialBuild) {
+#if defined(OFFICIAL_BUILD)
+ return MODE_FORCED_RE_ENROLLMENT;
+#else
+ return MODE_NONE;
+#endif
+ } else if (command_line_mode == kForcedReEnrollmentLegacy) {
+ return MODE_LEGACY_AUTO_ENROLLMENT;
+ }
+
+ return MODE_NONE;
+}
+
AutoEnrollmentController::AutoEnrollmentController()
: state_(policy::AUTO_ENROLLMENT_STATE_IDLE),
- weak_factory_(this) {}
+ client_start_weak_factory_(this) {}
AutoEnrollmentController::~AutoEnrollmentController() {}
// accepted, or right after a reboot if the EULA has already been accepted.
// Do not communicate auto-enrollment data to the server if
- // 1. we are running integration or perf tests with telemetry.
+ // 1. we are running telemetry tests.
// 2. modulus configuration is not present.
+ // 3. Auto-enrollment is disabled via the command line.
+
CommandLine* command_line = CommandLine::ForCurrentProcess();
- if (command_line->HasSwitch(chromeos::switches::kOobeSkipPostLogin) ||
+ if (command_line->HasSwitch(chromeos::switches::kDisableGaiaServices) ||
(!command_line->HasSwitch(
chromeos::switches::kEnterpriseEnrollmentInitialModulus) &&
!command_line->HasSwitch(
- chromeos::switches::kEnterpriseEnrollmentModulusLimit))) {
+ chromeos::switches::kEnterpriseEnrollmentModulusLimit)) ||
+ GetMode() == MODE_NONE) {
VLOG(1) << "Auto-enrollment disabled.";
UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT);
return;
}
- // If there already is a client, bail out.
- if (client_)
+ // If a client is being created or already existing, bail out.
+ if (client_start_weak_factory_.HasWeakPtrs() || client_)
return;
// Start by checking if the device has already been owned.
UpdateState(policy::AUTO_ENROLLMENT_STATE_PENDING);
- weak_factory_.InvalidateWeakPtrs();
DeviceSettingsService::Get()->GetOwnershipStatusAsync(
base::Bind(&AutoEnrollmentController::OnOwnershipStatusCheckDone,
- weak_factory_.GetWeakPtr()));
+ client_start_weak_factory_.GetWeakPtr()));
}
void AutoEnrollmentController::Cancel() {
// its protocol finished before login was complete.
client_.release()->CancelAndDeleteSoon();
}
+
+ // Make sure to nuke pending |client_| start sequences.
+ client_start_weak_factory_.InvalidateWeakPtrs();
}
void AutoEnrollmentController::Retry() {
}
bool AutoEnrollmentController::ShouldEnrollSilently() {
- return !CommandLine::ForCurrentProcess()->HasSwitch(
- chromeos::switches::kEnterpriseEnableForcedReEnrollment) &&
- state_ == policy::AUTO_ENROLLMENT_STATE_TRIGGER_ENROLLMENT;
+ return state_ == policy::AUTO_ENROLLMENT_STATE_TRIGGER_ENROLLMENT &&
+ GetMode() == MODE_LEGACY_AUTO_ENROLLMENT;
}
void AutoEnrollmentController::OnOwnershipStatusCheckDone(
return;
}
- policy::BrowserPolicyConnector* connector =
- g_browser_process->browser_policy_connector();
+ // Make sure state keys are available.
+ g_browser_process->platform_part()
+ ->browser_policy_connector_chromeos()
+ ->GetStateKeysBroker()
+ ->RequestStateKeys(base::Bind(&AutoEnrollmentController::StartClient,
+ client_start_weak_factory_.GetWeakPtr()));
+}
+
+void AutoEnrollmentController::StartClient(
+ const std::vector<std::string>& state_keys, bool first_boot) {
+ policy::BrowserPolicyConnectorChromeOS* connector =
+ g_browser_process->platform_part()->browser_policy_connector_chromeos();
policy::DeviceManagementService* service =
connector->device_management_service();
service->ScheduleInitialization(0);
bool retrieve_device_state = false;
std::string device_id;
- if (CommandLine::ForCurrentProcess()->HasSwitch(
- chromeos::switches::kEnterpriseEnableForcedReEnrollment)) {
+ if (GetMode() == MODE_FORCED_RE_ENROLLMENT) {
retrieve_device_state = true;
- device_id = policy::DeviceCloudPolicyManagerChromeOS::GetDeviceStateKey();
+ if (!state_keys.empty() && !first_boot)
+ device_id = state_keys.front();
} else {
device_id = policy::DeviceCloudPolicyManagerChromeOS::GetMachineID();
}
void AutoEnrollmentController::UpdateState(
policy::AutoEnrollmentState new_state) {
+ VLOG(1) << "New state: " << new_state << ".";
state_ = new_state;
progress_callbacks_.Notify(state_);
}