[gnome-online-accounts/gnome-3-6] identity: Don't enroll machine



commit 5dbeb26da136f7e0b32d5f6a8c8bf5623529adb1
Author: Stef Walter <stefw gnome org>
Date:   Thu Oct 18 22:48:47 2012 +0200

    identity: Don't enroll machine
    
    It's not necessary or desirable to enroll the machine for using
    domain accounts locally when setting up a kerberos identity.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=686410

 src/goaidentity/goaidentityservice.c |  432 +---------------------------------
 1 files changed, 1 insertions(+), 431 deletions(-)
---
diff --git a/src/goaidentity/goaidentityservice.c b/src/goaidentity/goaidentityservice.c
index ba1089d..661a824 100644
--- a/src/goaidentity/goaidentityservice.c
+++ b/src/goaidentity/goaidentityservice.c
@@ -64,10 +64,6 @@ struct _GoaIdentityServicePrivate
 
 static void identity_service_manager_interface_init (GoaIdentityServiceManagerIface *interface);
 
-static void on_realm_joined (UmRealmObject      *realm,
-                             GAsyncResult       *result,
-                             GSimpleAsyncResult *operation_result);
-
 static void on_realm_looked_up_for_sign_in (GoaIdentityService *self,
                                             GAsyncResult       *result,
                                             GSimpleAsyncResult *operation_result);
@@ -251,412 +247,12 @@ export_realm (GoaIdentityService *self,
 }
 
 static void
-on_system_enrollment_prompt_answered (GcrPrompt           *prompt,
-                                      GAsyncResult        *result,
-                                      GSimpleAsyncResult  *operation_result)
-{
-  GCancellable       *cancellable;
-  const char         *answer;
-  GError             *error;
-
-  error = NULL;
-  cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
-  answer = gcr_prompt_password_finish (prompt, result, &error);
-
-  if (answer == NULL)
-    {
-      if (error != NULL)
-        g_simple_async_result_take_error (operation_result, error);
-      else
-        g_cancellable_cancel (cancellable);
-
-      g_simple_async_result_complete_in_idle (operation_result);
-      g_object_unref (operation_result);
-      return;
-    }
-
-  g_simple_async_result_set_op_res_gpointer (operation_result,
-                                             (gpointer)
-                                             answer,
-                                             NULL);
-  g_simple_async_result_complete_in_idle (operation_result);
-  g_object_unref (operation_result);
-}
-
-static void
-on_system_enrollment_prompt_open (GcrSystemPrompt    *system_prompt,
-                                  GAsyncResult       *result,
-                                  GSimpleAsyncResult *operation_result)
-{
-  GCancellable       *cancellable;
-  GcrPrompt          *prompt;
-  GError             *error;
-  const char         *message;
-
-  cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-  message = g_simple_async_result_get_source_tag (operation_result);
-
-  error = NULL;
-  prompt = gcr_system_prompt_open_finish (result, &error);
-
-  if (prompt == NULL)
-    {
-      if (error != NULL)
-        g_simple_async_result_complete_in_idle (operation_result);
-      else
-        g_cancellable_cancel (cancellable);
-
-      g_simple_async_result_complete_in_idle (operation_result);
-      g_object_unref (operation_result);
-      return;
-    }
-
-  g_object_set_data (G_OBJECT (operation_result), "prompt", prompt);
-
-  gcr_prompt_set_title (prompt, _("Domain Administrator Login"));
-
-  message = g_object_get_data (G_OBJECT (operation_result), "message");
-  gcr_prompt_set_message (prompt, message);
-
-  /* FIXME: When asking for a username, we show password bullets.
-   */
-  gcr_prompt_password_async (prompt,
-                             cancellable,
-                             (GAsyncReadyCallback)
-                             on_system_enrollment_prompt_answered,
-                             operation_result);
-}
-
-static void
-open_system_enrollment_prompt (GoaIdentityService  *self,
-                               const char          *message,
-                               GCancellable        *cancellable,
-                               GAsyncReadyCallback  callback,
-                               gpointer             user_data)
-{
-  GSimpleAsyncResult *operation_result;
-
-  operation_result = g_simple_async_result_new (G_OBJECT (self),
-                                                callback,
-                                                user_data,
-                                                (gpointer)
-                                                message);
-  g_simple_async_result_set_check_cancellable (operation_result, cancellable);
-
-  g_object_set_data (G_OBJECT (operation_result),
-                     "cancellable",
-                     cancellable);
-
-  gcr_system_prompt_open_async (-1,
-                                cancellable,
-                                (GAsyncReadyCallback)
-                                on_system_enrollment_prompt_open,
-                                operation_result);
-}
-
-static void
-on_system_enrollment_password_answered (GoaIdentityService  *self,
-                                        GAsyncResult        *result,
-                                        GSimpleAsyncResult  *operation_result)
-{
-  GCancellable       *cancellable;
-  GcrPrompt          *prompt;
-  UmRealmObject      *realm;
-  GBytes             *credentials;
-  const char         *username;
-  const char         *password;
-  GError             *error;
-
-  prompt = g_object_get_data (G_OBJECT (result), "prompt");
-
-  error = NULL;
-  if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), &error))
-    {
-      g_simple_async_result_take_error (operation_result, error);
-
-      gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-
-      g_simple_async_result_complete_in_idle (operation_result);
-      g_object_unref (operation_result);
-      return;
-    }
-
-  cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
-  password = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
-
-  realm = g_simple_async_result_get_source_tag (operation_result);
-  username = g_object_get_data (G_OBJECT (operation_result), "username");
-  credentials = g_object_get_data (G_OBJECT (operation_result), "credentials");
-
-  if (!um_realm_join_as_admin (realm,
-                               username,
-                               password,
-                               credentials,
-                               cancellable,
-                               (GAsyncReadyCallback)
-                               on_realm_joined,
-                               operation_result))
-    {
-       g_simple_async_result_set_error (operation_result,
-                                        UM_REALM_ERROR,
-                                        UM_REALM_ERROR_GENERIC,
-                                        _("Could not find supported credentials"));
-       g_simple_async_result_complete_in_idle (operation_result);
-       g_object_unref (operation_result);
-       return;
-    }
-  gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-}
-
-static void
-on_system_enrollment_username_answered (GoaIdentityService  *self,
-                                        GAsyncResult        *result,
-                                        GSimpleAsyncResult  *operation_result)
-{
-  GCancellable       *cancellable;
-  GcrPrompt          *prompt;
-  const char         *username;
-  GError             *error;
-
-  prompt = g_object_get_data (G_OBJECT (result), "prompt");
-
-  error = NULL;
-  if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), &error))
-    {
-      g_simple_async_result_take_error (operation_result, error);
-
-      gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-
-      g_simple_async_result_complete_in_idle (operation_result);
-      g_object_unref (operation_result);
-      return;
-    }
-
-  cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
-  username = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
-  g_object_set_data_full (G_OBJECT (operation_result),
-                          "username",
-                          g_strdup (username),
-                          (GDestroyNotify)
-                          g_free);
-  gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-
-  open_system_enrollment_prompt (self,
-                                 _("In order to use this enterprise identity, the computer needs to be "
-                                   "enrolled in the domain. Please have your network administrator "
-                                   "type their domain password here."),
-                                 cancellable,
-                                 (GAsyncReadyCallback)
-                                 on_system_enrollment_password_answered,
-                                 operation_result);
-}
-
-static void
-enroll_machine_as_administrator (GoaIdentityService  *self,
-                                 GoaIdentity         *identity,
-                                 UmRealmObject       *realm,
-                                 GBytes              *credentials,
-                                 GCancellable        *cancellable,
-                                 GAsyncReadyCallback  callback,
-                                 gpointer             user_data)
-{
-  GSimpleAsyncResult *operation_result;
-
-  operation_result = g_simple_async_result_new (G_OBJECT (self),
-                                                callback,
-                                                user_data,
-                                                realm);
-  g_simple_async_result_set_check_cancellable (operation_result, cancellable);
-
-  g_object_set_data (G_OBJECT (operation_result),
-                     "cancellable",
-                     cancellable);
-  g_object_set_data_full (G_OBJECT (operation_result),
-                          "identity",
-                          g_object_ref (identity),
-                          (GDestroyNotify)
-                          g_object_unref);
-  g_object_set_data_full (G_OBJECT (operation_result),
-                          "credentials",
-                          g_bytes_ref (credentials),
-                          (GDestroyNotify)
-                          g_bytes_unref);
-  open_system_enrollment_prompt (self,
-                                 _("In order to use this enterprise identity, the computer needs to be "
-                                   "enrolled in the domain. Please have your network administrator "
-                                   "type their domain username here."),
-                                 cancellable,
-                                 (GAsyncReadyCallback)
-                                 on_system_enrollment_username_answered,
-                                 operation_result);
-
-}
-
-static void
-on_machine_enrolled (GoaIdentityService *self,
-                     GAsyncResult       *result,
-                     GSimpleAsyncResult *operation_result)
-{
-  g_object_unref (operation_result);
-}
-
-static void
-on_realm_joined (UmRealmObject      *realm,
-                 GAsyncResult       *result,
-                 GSimpleAsyncResult *operation_result)
-{
-  GoaIdentityService  *self;
-  GoaIdentity         *identity;
-  GError              *error;
-
-  self = GOA_IDENTITY_SERVICE (g_async_result_get_source_object (G_ASYNC_RESULT (operation_result)));
-
-  error = NULL;
-  if (!um_realm_join_finish (realm, result, &error))
-    {
-      GCancellable *cancellable;
-      GBytes       *credentials;
-
-      if (!g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN) &&
-          !g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD))
-        {
-          g_simple_async_result_take_error (operation_result, error);
-          g_simple_async_result_complete_in_idle (operation_result);
-          g_object_unref (operation_result);
-          return;
-        }
-
-      cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-      identity = g_object_get_data (G_OBJECT (operation_result), "identify");
-      credentials = g_object_get_data (G_OBJECT (operation_result), "credentials");
-
-      /* Try again, as an administrator */
-      enroll_machine_as_administrator (self,
-                                       identity,
-                                       realm,
-                                       credentials,
-                                       cancellable,
-                                       (GAsyncReadyCallback)
-                                       on_machine_enrolled,
-                                       operation_result);
-
-      return;
-    }
-
-  g_simple_async_result_complete_in_idle (operation_result);
-  g_object_unref (operation_result);
-}
-
-static void
-enroll_machine_as_user (GoaIdentityService  *self,
-                        GoaIdentity         *identity,
-                        UmRealmObject       *realm,
-                        const char          *password,
-                        GBytes              *credentials,
-                        GCancellable        *cancellable,
-                        GAsyncReadyCallback  callback,
-                        gpointer             user_data)
-{
-  GSimpleAsyncResult *operation_result;
-
-  operation_result = g_simple_async_result_new (G_OBJECT (self),
-                                                callback,
-                                                user_data,
-                                                realm);
-  g_simple_async_result_set_check_cancellable (operation_result, cancellable);
-
-  g_object_set_data (G_OBJECT (operation_result),
-                     "cancellable",
-                     cancellable);
-  g_object_set_data_full (G_OBJECT (operation_result),
-                          "identity",
-                          g_object_ref (identity),
-                          (GDestroyNotify)
-                          g_object_unref);
-  g_object_set_data_full (G_OBJECT (operation_result),
-                          "credentials",
-                          g_bytes_ref (credentials),
-                          (GDestroyNotify)
-                          g_bytes_unref);
-
-  if (!um_realm_join_as_user (realm,
-                              goa_identity_get_identifier (identity),
-                              password,
-                              credentials,
-                              cancellable,
-                              (GAsyncReadyCallback)
-                              on_realm_joined,
-                              operation_result))
-    {
-       g_simple_async_result_set_error (operation_result,
-                                        UM_REALM_ERROR,
-                                        UM_REALM_ERROR_GENERIC,
-                                        _("Could not find supported credentials"));
-       g_simple_async_result_complete_in_idle (operation_result);
-       g_object_unref (operation_result);
-       return;
-    }
-}
-
-static void
-on_realm_looked_up_for_enrollment (GoaIdentityService *self,
-                                   GAsyncResult       *result,
-                                   GSimpleAsyncResult *operation_result)
-{
-  UmRealmObject *realm;
-  GoaIdentity   *identity;
-  GError        *error;
-  GCancellable  *cancellable;
-  GBytes        *credentials;
-  gconstpointer  initial_password;
-
-  realm = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
-
-  error = NULL;
-  if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result),
-                                             &error))
-    {
-      goa_debug ("GoaIdentityService: Could not discover realm: %s",
-                 error->message);
-      g_error_free (error);
-
-      g_object_unref (operation_result);
-      return;
-    }
-
-  cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-  initial_password = g_object_get_data (G_OBJECT (operation_result),
-                                        "initial-password");
-  identity = g_object_get_data (G_OBJECT (operation_result), "identity");
-  credentials = goa_identity_get_credentials (identity);
-
-  /* Otherwise, try to enroll the machine with the domain controller
-   */
-  enroll_machine_as_user (self,
-                          identity,
-                          realm,
-                          initial_password,
-                          credentials,
-                          cancellable,
-                          (GAsyncReadyCallback)
-                          on_machine_enrolled,
-                          operation_result);
-  g_bytes_unref (credentials);
-}
-
-static void
 on_sign_in_done (GoaIdentityService *self,
                  GAsyncResult       *result,
                  GSimpleAsyncResult *operation_result)
 {
   GoaIdentity      *identity;
   char             *object_path;
-  char             *domain;
-  GCancellable     *cancellable;
-  UmRealmObject    *realm;
   GError           *error;
 
   error = NULL;
@@ -670,7 +266,6 @@ on_sign_in_done (GoaIdentityService *self,
 
   identity = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
   object_path = export_identity (self, identity);
-  realm = g_simple_async_result_get_source_tag (G_SIMPLE_ASYNC_RESULT (result));
 
   g_simple_async_result_set_op_res_gpointer (operation_result,
                                              object_path,
@@ -680,32 +275,7 @@ on_sign_in_done (GoaIdentityService *self,
   /* User is signed in, so we're mostly done
    */
   g_simple_async_result_complete_in_idle (operation_result);
-
-  if (realm != NULL && um_realm_is_configured (realm))
-    {
-      g_object_unref (operation_result);
-      return;
-    }
-
-  /* Try to enroll the machine at the point, too, if necessary.
-   */
-  g_object_set_data_full (G_OBJECT (operation_result),
-                          "identity",
-                          g_object_ref (identity),
-                          (GDestroyNotify)
-                          g_object_unref);
-
-  domain = g_object_get_data (G_OBJECT (operation_result),
-                                        "domain");
-  cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
-  look_up_realm (self,
-                 goa_identity_get_identifier (identity),
-                 domain,
-                 cancellable,
-                 (GAsyncReadyCallback)
-                 on_realm_looked_up_for_enrollment,
-                 operation_result);
+  g_object_unref (operation_result);
 }
 
 static GoaObject *



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]