1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/ui/webui/chromeos/login/enrollment_screen_handler.h"
10 #include "base/bind_helpers.h"
11 #include "base/compiler_specific.h"
12 #include "base/message_loop/message_loop.h"
13 #include "base/values.h"
14 #include "chrome/browser/browser_process.h"
15 #include "chrome/browser/browsing_data/browsing_data_helper.h"
16 #include "chrome/browser/browsing_data/browsing_data_remover.h"
17 #include "chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.h"
18 #include "chrome/browser/policy/cloud/message_util.h"
19 #include "chrome/browser/profiles/profile.h"
20 #include "chrome/browser/ui/webui/chromeos/login/oobe_ui.h"
21 #include "content/public/browser/web_contents.h"
22 #include "google_apis/gaia/gaia_auth_fetcher.h"
23 #include "google_apis/gaia/gaia_auth_util.h"
24 #include "google_apis/gaia/gaia_constants.h"
25 #include "google_apis/gaia/gaia_urls.h"
26 #include "google_apis/gaia/google_service_auth_error.h"
27 #include "grit/chromium_strings.h"
28 #include "grit/generated_resources.h"
29 #include "ui/base/l10n/l10n_util.h"
33 const char kJsScreenPath[] = "login.OAuthEnrollmentScreen";
35 // Start page of GAIA authentication extension.
36 const char kGaiaExtStartPage[] =
37 "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/main.html";
39 // Enrollment step names.
40 const char kEnrollmentStepSignin[] = "signin";
41 const char kEnrollmentStepSuccess[] = "success";
43 // A helper class that takes care of asynchronously revoking a given token.
44 class TokenRevoker : public GaiaAuthConsumer {
48 GaiaConstants::kChromeOSSource,
49 g_browser_process->system_request_context()) {}
50 virtual ~TokenRevoker() {}
52 void Start(const std::string& token) {
53 gaia_fetcher_.StartRevokeOAuth2Token(token);
57 virtual void OnOAuth2RevokeTokenCompleted() OVERRIDE {
58 base::MessageLoop::current()->DeleteSoon(FROM_HERE, this);
62 GaiaAuthFetcher gaia_fetcher_;
64 DISALLOW_COPY_AND_ASSIGN(TokenRevoker);
71 // EnrollmentScreenHandler, public ------------------------------
73 EnrollmentScreenHandler::EnrollmentScreenHandler()
74 : BaseScreenHandler(kJsScreenPath),
77 is_auto_enrollment_(false),
78 can_exit_enrollment_(true),
79 browsing_data_remover_(NULL) {
82 EnrollmentScreenHandler::~EnrollmentScreenHandler() {
83 if (browsing_data_remover_)
84 browsing_data_remover_->RemoveObserver(this);
87 // EnrollmentScreenHandler, WebUIMessageHandler implementation --
89 void EnrollmentScreenHandler::RegisterMessages() {
90 AddCallback("oauthEnrollClose",
91 &EnrollmentScreenHandler::HandleClose);
92 AddCallback("oauthEnrollCompleteLogin",
93 &EnrollmentScreenHandler::HandleCompleteLogin);
94 AddCallback("oauthEnrollRetry",
95 &EnrollmentScreenHandler::HandleRetry);
98 // EnrollmentScreenHandler
99 // EnrollmentScreenActor implementation -----------------------------------
101 void EnrollmentScreenHandler::SetParameters(Controller* controller,
102 bool is_auto_enrollment,
103 bool can_exit_enrollment,
104 const std::string& user) {
105 controller_ = controller;
106 is_auto_enrollment_ = is_auto_enrollment;
107 can_exit_enrollment_ = can_exit_enrollment;
108 if (is_auto_enrollment_)
112 void EnrollmentScreenHandler::PrepareToShow() {
115 void EnrollmentScreenHandler::Show() {
116 if (!page_is_ready())
117 show_on_init_ = true;
122 void EnrollmentScreenHandler::Hide() {
125 void EnrollmentScreenHandler::FetchOAuthToken() {
126 Profile* profile = Profile::FromWebUI(web_ui());
127 oauth_fetcher_.reset(
128 new policy::PolicyOAuth2TokenFetcher(
129 profile->GetRequestContext(),
130 g_browser_process->system_request_context(),
131 base::Bind(&EnrollmentScreenHandler::OnTokenFetched,
132 base::Unretained(this))));
133 oauth_fetcher_->Start();
136 void EnrollmentScreenHandler::ResetAuth(const base::Closure& callback) {
137 auth_reset_callbacks_.push_back(callback);
138 if (browsing_data_remover_)
141 if (oauth_fetcher_) {
142 if (!oauth_fetcher_->oauth2_access_token().empty())
143 (new TokenRevoker())->Start(oauth_fetcher_->oauth2_access_token());
145 if (!oauth_fetcher_->oauth2_refresh_token().empty())
146 (new TokenRevoker())->Start(oauth_fetcher_->oauth2_refresh_token());
149 Profile* profile = Profile::FromBrowserContext(
150 web_ui()->GetWebContents()->GetBrowserContext());
151 browsing_data_remover_ =
152 BrowsingDataRemover::CreateForUnboundedRange(profile);
153 browsing_data_remover_->AddObserver(this);
154 browsing_data_remover_->Remove(BrowsingDataRemover::REMOVE_SITE_DATA,
155 BrowsingDataHelper::UNPROTECTED_WEB);
158 void EnrollmentScreenHandler::ShowSigninScreen() {
159 ShowStep(kEnrollmentStepSignin);
162 void EnrollmentScreenHandler::ShowEnrollmentSpinnerScreen() {
163 ShowWorking(IDS_ENTERPRISE_ENROLLMENT_WORKING);
166 void EnrollmentScreenHandler::ShowLoginSpinnerScreen() {
167 ShowWorking(IDS_ENTERPRISE_ENROLLMENT_RESUMING_LOGIN);
170 void EnrollmentScreenHandler::ShowAuthError(
171 const GoogleServiceAuthError& error) {
172 switch (error.state()) {
173 case GoogleServiceAuthError::NONE:
174 case GoogleServiceAuthError::CAPTCHA_REQUIRED:
175 case GoogleServiceAuthError::TWO_FACTOR:
176 case GoogleServiceAuthError::HOSTED_NOT_ALLOWED:
177 case GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS:
178 case GoogleServiceAuthError::REQUEST_CANCELED:
179 case GoogleServiceAuthError::UNEXPECTED_SERVICE_RESPONSE:
180 case GoogleServiceAuthError::SERVICE_ERROR:
181 ShowError(IDS_ENTERPRISE_ENROLLMENT_AUTH_FATAL_ERROR, false);
183 case GoogleServiceAuthError::USER_NOT_SIGNED_UP:
184 case GoogleServiceAuthError::ACCOUNT_DELETED:
185 case GoogleServiceAuthError::ACCOUNT_DISABLED:
186 ShowError(IDS_ENTERPRISE_ENROLLMENT_AUTH_ACCOUNT_ERROR, true);
188 case GoogleServiceAuthError::CONNECTION_FAILED:
189 case GoogleServiceAuthError::SERVICE_UNAVAILABLE:
190 ShowError(IDS_ENTERPRISE_ENROLLMENT_AUTH_NETWORK_ERROR, true);
192 case GoogleServiceAuthError::NUM_STATES:
198 void EnrollmentScreenHandler::ShowUIError(UIError error) {
200 case UI_ERROR_DOMAIN_MISMATCH:
201 ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_WRONG_USER, true);
203 case UI_ERROR_AUTO_ENROLLMENT_BAD_MODE:
204 ShowError(IDS_ENTERPRISE_AUTO_ENROLLMENT_BAD_MODE, true);
207 ShowError(IDS_ENTERPRISE_ENROLLMENT_FATAL_ENROLLMENT_ERROR, true);
213 void EnrollmentScreenHandler::ShowEnrollmentStatus(
214 policy::EnrollmentStatus status) {
215 switch (status.status()) {
216 case policy::EnrollmentStatus::STATUS_SUCCESS:
217 ShowStep(kEnrollmentStepSuccess);
219 case policy::EnrollmentStatus::STATUS_REGISTRATION_FAILED:
220 // Some special cases for generating a nicer message that's more helpful.
221 switch (status.client_status()) {
222 case policy::DM_STATUS_SERVICE_MISSING_LICENSES:
223 ShowError(IDS_ENTERPRISE_ENROLLMENT_MISSING_LICENSES_ERROR, true);
225 case policy::DM_STATUS_SERVICE_MANAGEMENT_NOT_SUPPORTED:
226 ShowError(IDS_ENTERPRISE_ENROLLMENT_ACCOUNT_ERROR, true);
230 l10n_util::GetStringFUTF8(
231 IDS_ENTERPRISE_ENROLLMENT_STATUS_REGISTRATION_FAILED,
232 policy::FormatDeviceManagementStatus(status.client_status())),
236 case policy::EnrollmentStatus::STATUS_ROBOT_AUTH_FETCH_FAILED:
237 ShowError(IDS_ENTERPRISE_ENROLLMENT_ROBOT_AUTH_FETCH_FAILED, true);
239 case policy::EnrollmentStatus::STATUS_ROBOT_REFRESH_FETCH_FAILED:
240 ShowError(IDS_ENTERPRISE_ENROLLMENT_ROBOT_REFRESH_FETCH_FAILED, true);
242 case policy::EnrollmentStatus::STATUS_ROBOT_REFRESH_STORE_FAILED:
243 ShowError(IDS_ENTERPRISE_ENROLLMENT_ROBOT_REFRESH_STORE_FAILED, true);
245 case policy::EnrollmentStatus::STATUS_REGISTRATION_BAD_MODE:
246 ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_REGISTRATION_BAD_MODE, false);
248 case policy::EnrollmentStatus::STATUS_POLICY_FETCH_FAILED:
250 l10n_util::GetStringFUTF8(
251 IDS_ENTERPRISE_ENROLLMENT_STATUS_POLICY_FETCH_FAILED,
252 policy::FormatDeviceManagementStatus(status.client_status())),
255 case policy::EnrollmentStatus::STATUS_VALIDATION_FAILED:
257 l10n_util::GetStringFUTF8(
258 IDS_ENTERPRISE_ENROLLMENT_STATUS_VALIDATION_FAILED,
259 policy::FormatValidationStatus(status.validation_status())),
262 case policy::EnrollmentStatus::STATUS_LOCK_ERROR:
263 ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_ERROR, false);
265 case policy::EnrollmentStatus::STATUS_LOCK_TIMEOUT:
266 ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_TIMEOUT, false);
268 case policy::EnrollmentStatus::STATUS_LOCK_WRONG_USER:
269 ShowError(IDS_ENTERPRISE_ENROLLMENT_STATUS_LOCK_WRONG_USER, true);
271 case policy::EnrollmentStatus::STATUS_STORE_ERROR:
273 l10n_util::GetStringFUTF8(
274 IDS_ENTERPRISE_ENROLLMENT_STATUS_STORE_ERROR,
275 policy::FormatStoreStatus(status.store_status(),
276 status.validation_status())),
283 // EnrollmentScreenHandler BaseScreenHandler implementation -----
285 void EnrollmentScreenHandler::Initialize() {
288 show_on_init_ = false;
292 void EnrollmentScreenHandler::DeclareLocalizedValues(
293 LocalizedValuesBuilder* builder) {
294 builder->Add("oauthEnrollScreenTitle",
295 IDS_ENTERPRISE_ENROLLMENT_SCREEN_TITLE);
296 builder->Add("oauthEnrollRetry", IDS_ENTERPRISE_ENROLLMENT_RETRY);
297 builder->Add("oauthEnrollCancel", IDS_ENTERPRISE_ENROLLMENT_CANCEL);
298 builder->Add("oauthEnrollDone", IDS_ENTERPRISE_ENROLLMENT_DONE);
299 builder->Add("oauthEnrollSuccess", IDS_ENTERPRISE_ENROLLMENT_SUCCESS);
300 builder->Add("oauthEnrollExplain", IDS_ENTERPRISE_ENROLLMENT_EXPLAIN);
301 builder->Add("oauthEnrollExplainLink",
302 IDS_ENTERPRISE_ENROLLMENT_EXPLAIN_LINK);
303 builder->Add("oauthEnrollExplainButton",
304 IDS_ENTERPRISE_ENROLLMENT_EXPLAIN_BUTTON);
305 builder->Add("oauthEnrollCancelAutoEnrollmentReally",
306 IDS_ENTERPRISE_ENROLLMENT_CANCEL_AUTO_REALLY);
307 builder->Add("oauthEnrollCancelAutoEnrollmentConfirm",
308 IDS_ENTERPRISE_ENROLLMENT_CANCEL_AUTO_CONFIRM);
309 builder->Add("oauthEnrollCancelAutoEnrollmentGoBack",
310 IDS_ENTERPRISE_ENROLLMENT_CANCEL_AUTO_GO_BACK);
313 void EnrollmentScreenHandler::OnBrowsingDataRemoverDone() {
314 browsing_data_remover_->RemoveObserver(this);
315 browsing_data_remover_ = NULL;
317 std::vector<base::Closure> callbacks_to_run;
318 callbacks_to_run.swap(auth_reset_callbacks_);
319 for (std::vector<base::Closure>::iterator callback(callbacks_to_run.begin());
320 callback != callbacks_to_run.end(); ++callback) {
325 // EnrollmentScreenHandler, private -----------------------------
327 void EnrollmentScreenHandler::HandleClose(const std::string& reason) {
333 if (reason == "cancel" || reason == "autocancel")
334 controller_->OnCancel();
335 else if (reason == "done")
336 controller_->OnConfirmationClosed();
341 void EnrollmentScreenHandler::HandleCompleteLogin(const std::string& user) {
346 controller_->OnLoginDone(gaia::SanitizeEmail(user));
349 void EnrollmentScreenHandler::HandleRetry() {
354 controller_->OnRetry();
357 void EnrollmentScreenHandler::ShowStep(const char* step) {
358 CallJS("showStep", std::string(step));
361 void EnrollmentScreenHandler::ShowError(int message_id, bool retry) {
362 ShowErrorMessage(l10n_util::GetStringUTF8(message_id), retry);
365 void EnrollmentScreenHandler::ShowErrorMessage(const std::string& message,
367 CallJS("showError", message, retry);
370 void EnrollmentScreenHandler::ShowWorking(int message_id) {
371 CallJS("showWorking", l10n_util::GetStringUTF16(message_id));
374 void EnrollmentScreenHandler::OnTokenFetched(
375 const std::string& token,
376 const GoogleServiceAuthError& error) {
380 if (error.state() != GoogleServiceAuthError::NONE)
381 controller_->OnAuthError(error);
383 controller_->OnOAuthTokenAvailable(token);
386 void EnrollmentScreenHandler::DoShow() {
387 DictionaryValue screen_data;
388 screen_data.SetString("signin_url", kGaiaExtStartPage);
389 screen_data.SetString("gaiaUrl", GaiaUrls::GetInstance()->gaia_url().spec());
390 screen_data.SetBoolean("is_auto_enrollment", is_auto_enrollment_);
391 screen_data.SetBoolean("prevent_cancellation", !can_exit_enrollment_);
393 ShowScreen(OobeUI::kScreenOobeEnrollment, &screen_data);
396 } // namespace chromeos