search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix wrong method name in SessionManagerClient log message.
[chromium-blink-merge.git] / chromeos / dbus / session_manager_client.cc
blob395631c4777e2d3ce81c9cab2c3275e11ec4abf2
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chromeos/dbus/session_manager_client.h"
6
7 #include <sys/socket.h>
8
9 #include "base/bind.h"
10 #include "base/callback.h"
11 #include "base/files/file_path.h"
12 #include "base/files/file_util.h"
13 #include "base/location.h"
14 #include "base/path_service.h"
15 #include "base/strings/string_number_conversions.h"
16 #include "base/strings/string_util.h"
17 #include "base/task_runner_util.h"
18 #include "base/threading/worker_pool.h"
19 #include "chromeos/chromeos_paths.h"
20 #include "chromeos/dbus/blocking_method_caller.h"
21 #include "chromeos/dbus/cryptohome_client.h"
22 #include "crypto/sha2.h"
23 #include "dbus/bus.h"
24 #include "dbus/message.h"
25 #include "dbus/object_path.h"
26 #include "dbus/object_proxy.h"
27 #include "policy/proto/device_management_backend.pb.h"
28 #include "third_party/cros_system_api/dbus/service_constants.h"
29
30 namespace chromeos {
31
32 namespace {
33
34 // Returns a location for |file| that is specific to the given |username|.
35 // These paths will be relative to DIR_USER_POLICY_KEYS, and can be used only
36 // to store stub files.
37 base::FilePath GetUserFilePath(const std::string& username, const char* file) {
38 base::FilePath keys_path;
39 if (!PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &keys_path))
40 return base::FilePath();
41 const std::string sanitized =
42 CryptohomeClient::GetStubSanitizedUsername(username);
43 return keys_path.AppendASCII(sanitized).AppendASCII(file);
44 }
45
46 // Helper to asynchronously retrieve a file's content.
47 std::string GetFileContent(const base::FilePath& path) {
48 std::string result;
49 if (!path.empty())
50 base::ReadFileToString(path, &result);
51 return result;
52 }
53
54 // Helper to write a file in a background thread.
55 void StoreFile(const base::FilePath& path, const std::string& data) {
56 const int size = static_cast<int>(data.size());
57 if (path.empty() ||
58 !base::CreateDirectory(path.DirName()) ||
59 base::WriteFile(path, data.data(), size) != size) {
60 LOG(WARNING) << "Failed to write to " << path.value();
61 }
62 }
63
64 // Creates a pair of file descriptors that form a conduit for trustworthy
65 // transfer of credentials between Chrome and the session_manager
66 void CreateValidCredConduit(dbus::FileDescriptor* local_auth_fd,
67 dbus::FileDescriptor* remote_auth_fd) {
68 int sockets[2] = {-1, -1};
69 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockets) < 0) {
70 PLOG(ERROR) << "Failed to create a unix domain socketpair";
71 return;
72 }
73
74 local_auth_fd->PutValue(sockets[0]);
75 local_auth_fd->CheckValidity();
76
77 remote_auth_fd->PutValue(sockets[1]);
78 remote_auth_fd->CheckValidity();
79 }
80
81 } // namespace
82
83 // The SessionManagerClient implementation used in production.
84 class SessionManagerClientImpl : public SessionManagerClient {
85 public:
86 SessionManagerClientImpl()
87 : session_manager_proxy_(NULL),
88 screen_is_locked_(false),
89 weak_ptr_factory_(this) {}
90
91 ~SessionManagerClientImpl() override {}
92
93 // SessionManagerClient overrides:
94 void SetStubDelegate(StubDelegate* delegate) override {
95 // Do nothing; this isn't a stub implementation.
96 }
97
98 void AddObserver(Observer* observer) override {
99 observers_.AddObserver(observer);
100 }
101
102 void RemoveObserver(Observer* observer) override {
103 observers_.RemoveObserver(observer);
104 }
105
106 bool HasObserver(const Observer* observer) const override {
107 return observers_.HasObserver(observer);
108 }
109
110 bool IsScreenLocked() const override { return screen_is_locked_; }
111
112 void EmitLoginPromptVisible() override {
113 SimpleMethodCallToSessionManager(
114 login_manager::kSessionManagerEmitLoginPromptVisible);
115 FOR_EACH_OBSERVER(Observer, observers_, EmitLoginPromptVisibleCalled());
116 }
117
118 void RestartJob(int pid, const std::string& command_line) override {
119 dbus::ScopedFileDescriptor local_auth_fd(new dbus::FileDescriptor);
120 dbus::ScopedFileDescriptor remote_auth_fd(new dbus::FileDescriptor);
121
122 // The session_manager provides a new method to replace RestartJob, called
123 // RestartJobWithAuth, that is able to be used correctly within a PID
124 // namespace. To use it, the caller must create a unix domain socket pair
125 // and pass one end over dbus while holding the local end open for the
126 // duration of the call.
127 // Here, we call CreateValidCredConduit() to create the socket pair,
128 // and then pass both ends along to CallRestartJobWithValidFd(), which
129 // takes care of them from there.
130 // NB: PostTaskAndReply ensures that the second callback (which owns the
131 // ScopedFileDescriptor objects) outlives the first, so passing the
132 // bare pointers to CreateValidCredConduit is safe...
133 // -- BUT --
134 // you have to grab pointers to the contents of {local,remote}_auth_fd
135 // _before_ they're acted on by base::Passed() below. Passing ownership
136 // of the ScopedFileDescriptor objects to the callback actually nulls
137 // out the storage inside the local instances. Since there are
138 // no guarantees about the order of evaluation of arguments in a
139 // function call, merely having them appear earlier among the args
140 // to PostTaskAndReply() is not enough. Relying on this crashed on
141 // some platforms.
142 base::Closure create_credentials_conduit_closure = base::Bind(
143 &CreateValidCredConduit, local_auth_fd.get(), remote_auth_fd.get());
144
145 base::WorkerPool::PostTaskAndReply(
146 FROM_HERE, create_credentials_conduit_closure,
147 base::Bind(&SessionManagerClientImpl::CallRestartJobWithValidFd,
148 weak_ptr_factory_.GetWeakPtr(), base::Passed(&local_auth_fd),
149 base::Passed(&remote_auth_fd), command_line),
150 false);
151 }
152
153 void StartSession(const std::string& user_email) override {
154 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
155 login_manager::kSessionManagerStartSession);
156 dbus::MessageWriter writer(&method_call);
157 writer.AppendString(user_email);
158 writer.AppendString(""); // Unique ID is deprecated
159 session_manager_proxy_->CallMethod(
160 &method_call,
161 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
162 base::Bind(&SessionManagerClientImpl::OnStartSession,
163 weak_ptr_factory_.GetWeakPtr()));
164 }
165
166 void StopSession() override {
167 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
168 login_manager::kSessionManagerStopSession);
169 dbus::MessageWriter writer(&method_call);
170 writer.AppendString(""); // Unique ID is deprecated
171 session_manager_proxy_->CallMethod(
172 &method_call,
173 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
174 base::Bind(&SessionManagerClientImpl::OnStopSession,
175 weak_ptr_factory_.GetWeakPtr()));
176 }
177
178 void StartDeviceWipe() override {
179 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
180 login_manager::kSessionManagerStartDeviceWipe);
181 session_manager_proxy_->CallMethod(
182 &method_call,
183 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
184 base::Bind(&SessionManagerClientImpl::OnDeviceWipe,
185 weak_ptr_factory_.GetWeakPtr()));
186 }
187
188 void RequestLockScreen() override {
189 SimpleMethodCallToSessionManager(login_manager::kSessionManagerLockScreen);
190 }
191
192 void NotifyLockScreenShown() override {
193 SimpleMethodCallToSessionManager(
194 login_manager::kSessionManagerHandleLockScreenShown);
195 }
196
197 void NotifyLockScreenDismissed() override {
198 SimpleMethodCallToSessionManager(
199 login_manager::kSessionManagerHandleLockScreenDismissed);
200 }
201
202 void NotifySupervisedUserCreationStarted() override {
203 SimpleMethodCallToSessionManager(
204 login_manager::kSessionManagerHandleSupervisedUserCreationStarting);
205 }
206
207 void NotifySupervisedUserCreationFinished() override {
208 SimpleMethodCallToSessionManager(
209 login_manager::kSessionManagerHandleSupervisedUserCreationFinished);
210 }
211
212 void RetrieveActiveSessions(const ActiveSessionsCallback& callback) override {
213 dbus::MethodCall method_call(
214 login_manager::kSessionManagerInterface,
215 login_manager::kSessionManagerRetrieveActiveSessions);
216
217 session_manager_proxy_->CallMethod(
218 &method_call,
219 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
220 base::Bind(&SessionManagerClientImpl::OnRetrieveActiveSessions,
221 weak_ptr_factory_.GetWeakPtr(),
222 login_manager::kSessionManagerRetrieveActiveSessions,
223 callback));
224 }
225
226 void RetrieveDevicePolicy(const RetrievePolicyCallback& callback) override {
227 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
228 login_manager::kSessionManagerRetrievePolicy);
229 session_manager_proxy_->CallMethod(
230 &method_call,
231 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
232 base::Bind(&SessionManagerClientImpl::OnRetrievePolicy,
233 weak_ptr_factory_.GetWeakPtr(),
234 login_manager::kSessionManagerRetrievePolicy,
235 callback));
236 }
237
238 void RetrievePolicyForUser(const std::string& username,
239 const RetrievePolicyCallback& callback) override {
240 CallRetrievePolicyByUsername(
241 login_manager::kSessionManagerRetrievePolicyForUser,
242 username,
243 callback);
244 }
245
246 std::string BlockingRetrievePolicyForUser(
247 const std::string& username) override {
248 dbus::MethodCall method_call(
249 login_manager::kSessionManagerInterface,
250 login_manager::kSessionManagerRetrievePolicyForUser);
251 dbus::MessageWriter writer(&method_call);
252 writer.AppendString(username);
253 scoped_ptr<dbus::Response> response =
254 blocking_method_caller_->CallMethodAndBlock(&method_call);
255 std::string policy;
256 ExtractString(login_manager::kSessionManagerRetrievePolicyForUser,
257 response.get(),
258 &policy);
259 return policy;
260 }
261
262 void RetrieveDeviceLocalAccountPolicy(
263 const std::string& account_name,
264 const RetrievePolicyCallback& callback) override {
265 CallRetrievePolicyByUsername(
266 login_manager::kSessionManagerRetrieveDeviceLocalAccountPolicy,
267 account_name,
268 callback);
269 }
270
271 void StoreDevicePolicy(const std::string& policy_blob,
272 const StorePolicyCallback& callback) override {
273 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
274 login_manager::kSessionManagerStorePolicy);
275 dbus::MessageWriter writer(&method_call);
276 // static_cast does not work due to signedness.
277 writer.AppendArrayOfBytes(
278 reinterpret_cast<const uint8*>(policy_blob.data()), policy_blob.size());
279 session_manager_proxy_->CallMethod(
280 &method_call,
281 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
282 base::Bind(&SessionManagerClientImpl::OnStorePolicy,
283 weak_ptr_factory_.GetWeakPtr(),
284 login_manager::kSessionManagerStorePolicy,
285 callback));
286 }
287
288 void StorePolicyForUser(const std::string& username,
289 const std::string& policy_blob,
290 const StorePolicyCallback& callback) override {
291 CallStorePolicyByUsername(login_manager::kSessionManagerStorePolicyForUser,
292 username,
293 policy_blob,
294 callback);
295 }
296
297 void StoreDeviceLocalAccountPolicy(
298 const std::string& account_name,
299 const std::string& policy_blob,
300 const StorePolicyCallback& callback) override {
301 CallStorePolicyByUsername(
302 login_manager::kSessionManagerStoreDeviceLocalAccountPolicy,
303 account_name,
304 policy_blob,
305 callback);
306 }
307
308 void SetFlagsForUser(const std::string& username,
309 const std::vector<std::string>& flags) override {
310 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
311 login_manager::kSessionManagerSetFlagsForUser);
312 dbus::MessageWriter writer(&method_call);
313 writer.AppendString(username);
314 writer.AppendArrayOfStrings(flags);
315 session_manager_proxy_->CallMethod(
316 &method_call,
317 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
318 dbus::ObjectProxy::EmptyResponseCallback());
319 }
320
321 void GetServerBackedStateKeys(const StateKeysCallback& callback) override {
322 dbus::MethodCall method_call(
323 login_manager::kSessionManagerInterface,
324 login_manager::kSessionManagerGetServerBackedStateKeys);
325
326 session_manager_proxy_->CallMethod(
327 &method_call,
328 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
329 base::Bind(&SessionManagerClientImpl::OnGetServerBackedStateKeys,
330 weak_ptr_factory_.GetWeakPtr(),
331 callback));
332 }
333
334 protected:
335 void Init(dbus::Bus* bus) override {
336 session_manager_proxy_ = bus->GetObjectProxy(
337 login_manager::kSessionManagerServiceName,
338 dbus::ObjectPath(login_manager::kSessionManagerServicePath));
339 blocking_method_caller_.reset(
340 new BlockingMethodCaller(bus, session_manager_proxy_));
341
342 // Signals emitted on the session manager's interface.
343 session_manager_proxy_->ConnectToSignal(
344 login_manager::kSessionManagerInterface,
345 login_manager::kOwnerKeySetSignal,
346 base::Bind(&SessionManagerClientImpl::OwnerKeySetReceived,
347 weak_ptr_factory_.GetWeakPtr()),
348 base::Bind(&SessionManagerClientImpl::SignalConnected,
349 weak_ptr_factory_.GetWeakPtr()));
350 session_manager_proxy_->ConnectToSignal(
351 login_manager::kSessionManagerInterface,
352 login_manager::kPropertyChangeCompleteSignal,
353 base::Bind(&SessionManagerClientImpl::PropertyChangeCompleteReceived,
354 weak_ptr_factory_.GetWeakPtr()),
355 base::Bind(&SessionManagerClientImpl::SignalConnected,
356 weak_ptr_factory_.GetWeakPtr()));
357 session_manager_proxy_->ConnectToSignal(
358 login_manager::kSessionManagerInterface,
359 login_manager::kScreenIsLockedSignal,
360 base::Bind(&SessionManagerClientImpl::ScreenIsLockedReceived,
361 weak_ptr_factory_.GetWeakPtr()),
362 base::Bind(&SessionManagerClientImpl::SignalConnected,
363 weak_ptr_factory_.GetWeakPtr()));
364 session_manager_proxy_->ConnectToSignal(
365 login_manager::kSessionManagerInterface,
366 login_manager::kScreenIsUnlockedSignal,
367 base::Bind(&SessionManagerClientImpl::ScreenIsUnlockedReceived,
368 weak_ptr_factory_.GetWeakPtr()),
369 base::Bind(&SessionManagerClientImpl::SignalConnected,
370 weak_ptr_factory_.GetWeakPtr()));
371 }
372
373 private:
374 // Makes a method call to the session manager with no arguments and no
375 // response.
376 void SimpleMethodCallToSessionManager(const std::string& method_name) {
377 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
378 method_name);
379 session_manager_proxy_->CallMethod(
380 &method_call,
381 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
382 dbus::ObjectProxy::EmptyResponseCallback());
383 }
384
385 // Helper for RetrieveDeviceLocalAccountPolicy and RetrievePolicyForUser.
386 void CallRetrievePolicyByUsername(const std::string& method_name,
387 const std::string& username,
388 const RetrievePolicyCallback& callback) {
389 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
390 method_name);
391 dbus::MessageWriter writer(&method_call);
392 writer.AppendString(username);
393 session_manager_proxy_->CallMethod(
394 &method_call,
395 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
396 base::Bind(
397 &SessionManagerClientImpl::OnRetrievePolicy,
398 weak_ptr_factory_.GetWeakPtr(),
399 method_name,
400 callback));
401 }
402
403 void CallStorePolicyByUsername(const std::string& method_name,
404 const std::string& username,
405 const std::string& policy_blob,
406 const StorePolicyCallback& callback) {
407 dbus::MethodCall method_call(login_manager::kSessionManagerInterface,
408 method_name);
409 dbus::MessageWriter writer(&method_call);
410 writer.AppendString(username);
411 // static_cast does not work due to signedness.
412 writer.AppendArrayOfBytes(
413 reinterpret_cast<const uint8*>(policy_blob.data()), policy_blob.size());
414 session_manager_proxy_->CallMethod(
415 &method_call,
416 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
417 base::Bind(
418 &SessionManagerClientImpl::OnStorePolicy,
419 weak_ptr_factory_.GetWeakPtr(),
420 method_name,
421 callback));
422 }
423
424 // Calls RestartJobWithAuth to tell the session manager to restart the
425 // browser using the contents of command_line, authorizing the call
426 // using credentials acquired via remote_auth_fd.
427 // Ownership of local_auth_fd is held for the duration of the dbus call.
428 void CallRestartJobWithValidFd(dbus::ScopedFileDescriptor local_auth_fd,
429 dbus::ScopedFileDescriptor remote_auth_fd,
430 const std::string& command_line) {
431 dbus::MethodCall method_call(
432 login_manager::kSessionManagerInterface,
433 login_manager::kSessionManagerRestartJobWithAuth);
434 dbus::MessageWriter writer(&method_call);
435 writer.AppendFileDescriptor(*remote_auth_fd);
436 writer.AppendString(command_line);
437
438 // Ownership of local_auth_fd is passed to the callback that is to be
439 // called on completion of this method call. This keeps the browser end
440 // of the socket-pair alive for the duration of the RPC.
441 session_manager_proxy_->CallMethod(
442 &method_call, dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
443 base::Bind(&SessionManagerClientImpl::OnRestartJob,
444 weak_ptr_factory_.GetWeakPtr(),
445 base::Passed(&local_auth_fd)));
446 }
447
448 // Called when kSessionManagerRestartJob method is complete.
449 // Now that the call is complete, local_auth_fd can be closed and discarded,
450 // which will happen automatically when it goes out of scope.
451 void OnRestartJob(dbus::ScopedFileDescriptor local_auth_fd,
452 dbus::Response* response) {
453 LOG_IF(ERROR, !response)
454 << "Failed to call "
455 << login_manager::kSessionManagerRestartJob;
456 }
457
458 // Called when kSessionManagerStartSession method is complete.
459 void OnStartSession(dbus::Response* response) {
460 LOG_IF(ERROR, !response)
461 << "Failed to call "
462 << login_manager::kSessionManagerStartSession;
463 }
464
465 // Called when kSessionManagerStopSession method is complete.
466 void OnStopSession(dbus::Response* response) {
467 LOG_IF(ERROR, !response)
468 << "Failed to call "
469 << login_manager::kSessionManagerStopSession;
470 }
471
472 // Called when kSessionManagerStopSession method is complete.
473 void OnDeviceWipe(dbus::Response* response) {
474 LOG_IF(ERROR, !response)
475 << "Failed to call "
476 << login_manager::kSessionManagerStartDeviceWipe;
477 }
478
479 // Called when kSessionManagerRetrieveActiveSessions method is complete.
480 void OnRetrieveActiveSessions(const std::string& method_name,
481 const ActiveSessionsCallback& callback,
482 dbus::Response* response) {
483 ActiveSessionsMap sessions;
484 bool success = false;
485 if (!response) {
486 LOG(ERROR) << "Failed to call " << method_name;
487 callback.Run(sessions, success);
488 return;
489 }
490
491 dbus::MessageReader reader(response);
492 dbus::MessageReader array_reader(NULL);
493
494 if (!reader.PopArray(&array_reader)) {
495 LOG(ERROR) << method_name << " response is incorrect: "
496 << response->ToString();
497 } else {
498 while (array_reader.HasMoreData()) {
499 dbus::MessageReader dict_entry_reader(NULL);
500 std::string key;
501 std::string value;
502 if (!array_reader.PopDictEntry(&dict_entry_reader) ||
503 !dict_entry_reader.PopString(&key) ||
504 !dict_entry_reader.PopString(&value)) {
505 LOG(ERROR) << method_name << " response is incorrect: "
506 << response->ToString();
507 } else {
508 sessions[key] = value;
509 }
510 }
511 success = true;
512 }
513 callback.Run(sessions, success);
514 }
515
516 void ExtractString(const std::string& method_name,
517 dbus::Response* response,
518 std::string* extracted) {
519 if (!response) {
520 LOG(ERROR) << "Failed to call " << method_name;
521 return;
522 }
523 dbus::MessageReader reader(response);
524 const uint8* values = NULL;
525 size_t length = 0;
526 if (!reader.PopArrayOfBytes(&values, &length)) {
527 LOG(ERROR) << "Invalid response: " << response->ToString();
528 return;
529 }
530 // static_cast does not work due to signedness.
531 extracted->assign(reinterpret_cast<const char*>(values), length);
532 }
533
534 // Called when kSessionManagerRetrievePolicy or
535 // kSessionManagerRetrievePolicyForUser method is complete.
536 void OnRetrievePolicy(const std::string& method_name,
537 const RetrievePolicyCallback& callback,
538 dbus::Response* response) {
539 std::string serialized_proto;
540 ExtractString(method_name, response, &serialized_proto);
541 callback.Run(serialized_proto);
542 }
543
544 // Called when kSessionManagerStorePolicy or kSessionManagerStorePolicyForUser
545 // method is complete.
546 void OnStorePolicy(const std::string& method_name,
547 const StorePolicyCallback& callback,
548 dbus::Response* response) {
549 bool success = false;
550 if (!response) {
551 LOG(ERROR) << "Failed to call " << method_name;
552 } else {
553 dbus::MessageReader reader(response);
554 if (!reader.PopBool(&success))
555 LOG(ERROR) << "Invalid response: " << response->ToString();
556 }
557 callback.Run(success);
558 }
559
560 // Called when the owner key set signal is received.
561 void OwnerKeySetReceived(dbus::Signal* signal) {
562 dbus::MessageReader reader(signal);
563 std::string result_string;
564 if (!reader.PopString(&result_string)) {
565 LOG(ERROR) << "Invalid signal: " << signal->ToString();
566 return;
567 }
568 const bool success = base::StartsWithASCII(result_string, "success", false);
569 FOR_EACH_OBSERVER(Observer, observers_, OwnerKeySet(success));
570 }
571
572 // Called when the property change complete signal is received.
573 void PropertyChangeCompleteReceived(dbus::Signal* signal) {
574 dbus::MessageReader reader(signal);
575 std::string result_string;
576 if (!reader.PopString(&result_string)) {
577 LOG(ERROR) << "Invalid signal: " << signal->ToString();
578 return;
579 }
580 const bool success = base::StartsWithASCII(result_string, "success", false);
581 FOR_EACH_OBSERVER(Observer, observers_, PropertyChangeComplete(success));
582 }
583
584 void ScreenIsLockedReceived(dbus::Signal* signal) {
585 screen_is_locked_ = true;
586 FOR_EACH_OBSERVER(Observer, observers_, ScreenIsLocked());
587 }
588
589 void ScreenIsUnlockedReceived(dbus::Signal* signal) {
590 screen_is_locked_ = false;
591 FOR_EACH_OBSERVER(Observer, observers_, ScreenIsUnlocked());
592 }
593
594 // Called when the object is connected to the signal.
595 void SignalConnected(const std::string& interface_name,
596 const std::string& signal_name,
597 bool success) {
598 LOG_IF(ERROR, !success) << "Failed to connect to " << signal_name;
599 }
600
601 // Called when kSessionManagerGetServerBackedStateKeys method is complete.
602 void OnGetServerBackedStateKeys(const StateKeysCallback& callback,
603 dbus::Response* response) {
604 std::vector<std::string> state_keys;
605 if (!response) {
606 LOG(ERROR) << "Failed to call "
607 << login_manager::kSessionManagerGetServerBackedStateKeys;
608 } else {
609 dbus::MessageReader reader(response);
610 dbus::MessageReader array_reader(NULL);
611
612 if (!reader.PopArray(&array_reader)) {
613 LOG(ERROR) << "Bad response: " << response->ToString();
614 } else {
615 while (array_reader.HasMoreData()) {
616 const uint8* data = NULL;
617 size_t size = 0;
618 if (!array_reader.PopArrayOfBytes(&data, &size)) {
619 LOG(ERROR) << "Bad response: " << response->ToString();
620 state_keys.clear();
621 break;
622 }
623 state_keys.push_back(
624 std::string(reinterpret_cast<const char*>(data), size));
625 }
626 }
627 }
628
629 if (!callback.is_null())
630 callback.Run(state_keys);
631 }
632
633
634 dbus::ObjectProxy* session_manager_proxy_;
635 scoped_ptr<BlockingMethodCaller> blocking_method_caller_;
636 base::ObserverList<Observer> observers_;
637
638 // Most recent screen-lock state received from session_manager.
639 bool screen_is_locked_;
640
641 // Note: This should remain the last member so it'll be destroyed and
642 // invalidate its weak pointers before any other members are destroyed.
643 base::WeakPtrFactory<SessionManagerClientImpl> weak_ptr_factory_;
644
645 DISALLOW_COPY_AND_ASSIGN(SessionManagerClientImpl);
646 };
647
648 // The SessionManagerClient implementation used on Linux desktop,
649 // which does nothing.
650 class SessionManagerClientStubImpl : public SessionManagerClient {
651 public:
652 SessionManagerClientStubImpl() : delegate_(NULL), screen_is_locked_(false) {}
653 ~SessionManagerClientStubImpl() override {}
654
655 // SessionManagerClient overrides
656 void Init(dbus::Bus* bus) override {}
657 void SetStubDelegate(StubDelegate* delegate) override {
658 delegate_ = delegate;
659 }
660 void AddObserver(Observer* observer) override {
661 observers_.AddObserver(observer);
662 }
663 void RemoveObserver(Observer* observer) override {
664 observers_.RemoveObserver(observer);
665 }
666 bool HasObserver(const Observer* observer) const override {
667 return observers_.HasObserver(observer);
668 }
669 bool IsScreenLocked() const override { return screen_is_locked_; }
670 void EmitLoginPromptVisible() override {}
671 void RestartJob(int pid, const std::string& command_line) override {}
672 void StartSession(const std::string& user_email) override {}
673 void StopSession() override {}
674 void NotifySupervisedUserCreationStarted() override {}
675 void NotifySupervisedUserCreationFinished() override {}
676 void StartDeviceWipe() override {}
677 void RequestLockScreen() override {
678 if (delegate_)
679 delegate_->LockScreenForStub();
680 }
681 void NotifyLockScreenShown() override {
682 screen_is_locked_ = true;
683 FOR_EACH_OBSERVER(Observer, observers_, ScreenIsLocked());
684 }
685 void NotifyLockScreenDismissed() override {
686 screen_is_locked_ = false;
687 FOR_EACH_OBSERVER(Observer, observers_, ScreenIsUnlocked());
688 }
689 void RetrieveActiveSessions(const ActiveSessionsCallback& callback) override {
690 }
691 void RetrieveDevicePolicy(const RetrievePolicyCallback& callback) override {
692 base::FilePath owner_key_path;
693 if (!PathService::Get(chromeos::FILE_OWNER_KEY, &owner_key_path)) {
694 callback.Run("");
695 return;
696 }
697 base::FilePath device_policy_path =
698 owner_key_path.DirName().AppendASCII("stub_device_policy");
699 base::PostTaskAndReplyWithResult(
700 base::WorkerPool::GetTaskRunner(false).get(),
701 FROM_HERE,
702 base::Bind(&GetFileContent, device_policy_path),
703 callback);
704 }
705 void RetrievePolicyForUser(const std::string& username,
706 const RetrievePolicyCallback& callback) override {
707 base::PostTaskAndReplyWithResult(
708 base::WorkerPool::GetTaskRunner(false).get(),
709 FROM_HERE,
710 base::Bind(&GetFileContent, GetUserFilePath(username, "stub_policy")),
711 callback);
712 }
713 std::string BlockingRetrievePolicyForUser(
714 const std::string& username) override {
715 return GetFileContent(GetUserFilePath(username, "stub_policy"));
716 }
717 void RetrieveDeviceLocalAccountPolicy(
718 const std::string& account_name,
719 const RetrievePolicyCallback& callback) override {
720 RetrievePolicyForUser(account_name, callback);
721 }
722 void StoreDevicePolicy(const std::string& policy_blob,
723 const StorePolicyCallback& callback) override {
724 enterprise_management::PolicyFetchResponse response;
725 base::FilePath owner_key_path;
726 if (!response.ParseFromString(policy_blob) ||
727 !PathService::Get(chromeos::FILE_OWNER_KEY, &owner_key_path)) {
728 callback.Run(false);
729 return;
730 }
731
732 if (response.has_new_public_key()) {
733 base::WorkerPool::PostTask(
734 FROM_HERE,
735 base::Bind(&StoreFile, owner_key_path, response.new_public_key()),
736 false);
737 }
738
739 // Chrome will attempt to retrieve the device policy right after storing
740 // during enrollment, so make sure it's written before signaling
741 // completion.
742 // Note also that the owner key will be written before the device policy,
743 // if it was present in the blob.
744 base::FilePath device_policy_path =
745 owner_key_path.DirName().AppendASCII("stub_device_policy");
746 base::WorkerPool::PostTaskAndReply(
747 FROM_HERE,
748 base::Bind(&StoreFile, device_policy_path, policy_blob),
749 base::Bind(callback, true),
750 false);
751 }
752 void StorePolicyForUser(const std::string& username,
753 const std::string& policy_blob,
754 const StorePolicyCallback& callback) override {
755 // The session manager writes the user policy key to a well-known
756 // location. Do the same with the stub impl, so that user policy works and
757 // can be tested on desktop builds.
758 enterprise_management::PolicyFetchResponse response;
759 if (!response.ParseFromString(policy_blob)) {
760 callback.Run(false);
761 return;
762 }
763
764 if (response.has_new_public_key()) {
765 base::FilePath key_path = GetUserFilePath(username, "policy.pub");
766 base::WorkerPool::PostTask(
767 FROM_HERE,
768 base::Bind(&StoreFile, key_path, response.new_public_key()),
769 false);
770 }
771
772 // This file isn't read directly by Chrome, but is used by this class to
773 // reload the user policy across restarts.
774 base::FilePath stub_policy_path = GetUserFilePath(username, "stub_policy");
775 base::WorkerPool::PostTaskAndReply(
776 FROM_HERE,
777 base::Bind(&StoreFile, stub_policy_path, policy_blob),
778 base::Bind(callback, true),
779 false);
780 }
781 void StoreDeviceLocalAccountPolicy(
782 const std::string& account_name,
783 const std::string& policy_blob,
784 const StorePolicyCallback& callback) override {
785 StorePolicyForUser(account_name, policy_blob, callback);
786 }
787 void SetFlagsForUser(const std::string& username,
788 const std::vector<std::string>& flags) override {}
789
790 void GetServerBackedStateKeys(const StateKeysCallback& callback) override {
791 std::vector<std::string> state_keys;
792 for (int i = 0; i < 5; ++i)
793 state_keys.push_back(crypto::SHA256HashString(base::IntToString(i)));
794
795 if (!callback.is_null())
796 callback.Run(state_keys);
797 }
798
799 private:
800 StubDelegate* delegate_; // Weak pointer; may be NULL.
801 base::ObserverList<Observer> observers_;
802 std::string device_policy_;
803 bool screen_is_locked_;
804
805 DISALLOW_COPY_AND_ASSIGN(SessionManagerClientStubImpl);
806 };
807
808 SessionManagerClient::SessionManagerClient() {
809 }
810
811 SessionManagerClient::~SessionManagerClient() {
812 }
813
814 SessionManagerClient* SessionManagerClient::Create(
815 DBusClientImplementationType type) {
816 if (type == REAL_DBUS_CLIENT_IMPLEMENTATION)
817 return new SessionManagerClientImpl();
818 DCHECK_EQ(STUB_DBUS_CLIENT_IMPLEMENTATION, type);
819 return new SessionManagerClientStubImpl();
820 }
821
822 } // namespace chromeos