[gnome-online-accounts/gnome-3-6] identity: Don't enroll machine
- From: Debarshi Ray <debarshir src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-online-accounts/gnome-3-6] identity: Don't enroll machine
- Date: Mon, 29 Oct 2012 16:54:35 +0000 (UTC)
commit 5dbeb26da136f7e0b32d5f6a8c8bf5623529adb1
Author: Stef Walter <stefw gnome org>
Date: Thu Oct 18 22:48:47 2012 +0200
identity: Don't enroll machine
It's not necessary or desirable to enroll the machine for using
domain accounts locally when setting up a kerberos identity.
https://bugzilla.gnome.org/show_bug.cgi?id=686410
src/goaidentity/goaidentityservice.c | 432 +---------------------------------
1 files changed, 1 insertions(+), 431 deletions(-)
---
diff --git a/src/goaidentity/goaidentityservice.c b/src/goaidentity/goaidentityservice.c
index ba1089d..661a824 100644
--- a/src/goaidentity/goaidentityservice.c
+++ b/src/goaidentity/goaidentityservice.c
@@ -64,10 +64,6 @@ struct _GoaIdentityServicePrivate
static void identity_service_manager_interface_init (GoaIdentityServiceManagerIface *interface);
-static void on_realm_joined (UmRealmObject *realm,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result);
-
static void on_realm_looked_up_for_sign_in (GoaIdentityService *self,
GAsyncResult *result,
GSimpleAsyncResult *operation_result);
@@ -251,412 +247,12 @@ export_realm (GoaIdentityService *self,
}
static void
-on_system_enrollment_prompt_answered (GcrPrompt *prompt,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result)
-{
- GCancellable *cancellable;
- const char *answer;
- GError *error;
-
- error = NULL;
- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
- answer = gcr_prompt_password_finish (prompt, result, &error);
-
- if (answer == NULL)
- {
- if (error != NULL)
- g_simple_async_result_take_error (operation_result, error);
- else
- g_cancellable_cancel (cancellable);
-
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
- return;
- }
-
- g_simple_async_result_set_op_res_gpointer (operation_result,
- (gpointer)
- answer,
- NULL);
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
-}
-
-static void
-on_system_enrollment_prompt_open (GcrSystemPrompt *system_prompt,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result)
-{
- GCancellable *cancellable;
- GcrPrompt *prompt;
- GError *error;
- const char *message;
-
- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
- message = g_simple_async_result_get_source_tag (operation_result);
-
- error = NULL;
- prompt = gcr_system_prompt_open_finish (result, &error);
-
- if (prompt == NULL)
- {
- if (error != NULL)
- g_simple_async_result_complete_in_idle (operation_result);
- else
- g_cancellable_cancel (cancellable);
-
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
- return;
- }
-
- g_object_set_data (G_OBJECT (operation_result), "prompt", prompt);
-
- gcr_prompt_set_title (prompt, _("Domain Administrator Login"));
-
- message = g_object_get_data (G_OBJECT (operation_result), "message");
- gcr_prompt_set_message (prompt, message);
-
- /* FIXME: When asking for a username, we show password bullets.
- */
- gcr_prompt_password_async (prompt,
- cancellable,
- (GAsyncReadyCallback)
- on_system_enrollment_prompt_answered,
- operation_result);
-}
-
-static void
-open_system_enrollment_prompt (GoaIdentityService *self,
- const char *message,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
-{
- GSimpleAsyncResult *operation_result;
-
- operation_result = g_simple_async_result_new (G_OBJECT (self),
- callback,
- user_data,
- (gpointer)
- message);
- g_simple_async_result_set_check_cancellable (operation_result, cancellable);
-
- g_object_set_data (G_OBJECT (operation_result),
- "cancellable",
- cancellable);
-
- gcr_system_prompt_open_async (-1,
- cancellable,
- (GAsyncReadyCallback)
- on_system_enrollment_prompt_open,
- operation_result);
-}
-
-static void
-on_system_enrollment_password_answered (GoaIdentityService *self,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result)
-{
- GCancellable *cancellable;
- GcrPrompt *prompt;
- UmRealmObject *realm;
- GBytes *credentials;
- const char *username;
- const char *password;
- GError *error;
-
- prompt = g_object_get_data (G_OBJECT (result), "prompt");
-
- error = NULL;
- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), &error))
- {
- g_simple_async_result_take_error (operation_result, error);
-
- gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
- return;
- }
-
- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
- password = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
-
- realm = g_simple_async_result_get_source_tag (operation_result);
- username = g_object_get_data (G_OBJECT (operation_result), "username");
- credentials = g_object_get_data (G_OBJECT (operation_result), "credentials");
-
- if (!um_realm_join_as_admin (realm,
- username,
- password,
- credentials,
- cancellable,
- (GAsyncReadyCallback)
- on_realm_joined,
- operation_result))
- {
- g_simple_async_result_set_error (operation_result,
- UM_REALM_ERROR,
- UM_REALM_ERROR_GENERIC,
- _("Could not find supported credentials"));
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
- return;
- }
- gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-}
-
-static void
-on_system_enrollment_username_answered (GoaIdentityService *self,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result)
-{
- GCancellable *cancellable;
- GcrPrompt *prompt;
- const char *username;
- GError *error;
-
- prompt = g_object_get_data (G_OBJECT (result), "prompt");
-
- error = NULL;
- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), &error))
- {
- g_simple_async_result_take_error (operation_result, error);
-
- gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
- return;
- }
-
- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
- username = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
- g_object_set_data_full (G_OBJECT (operation_result),
- "username",
- g_strdup (username),
- (GDestroyNotify)
- g_free);
- gcr_system_prompt_close (GCR_SYSTEM_PROMPT (prompt), NULL, &error);
-
- open_system_enrollment_prompt (self,
- _("In order to use this enterprise identity, the computer needs to be "
- "enrolled in the domain. Please have your network administrator "
- "type their domain password here."),
- cancellable,
- (GAsyncReadyCallback)
- on_system_enrollment_password_answered,
- operation_result);
-}
-
-static void
-enroll_machine_as_administrator (GoaIdentityService *self,
- GoaIdentity *identity,
- UmRealmObject *realm,
- GBytes *credentials,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
-{
- GSimpleAsyncResult *operation_result;
-
- operation_result = g_simple_async_result_new (G_OBJECT (self),
- callback,
- user_data,
- realm);
- g_simple_async_result_set_check_cancellable (operation_result, cancellable);
-
- g_object_set_data (G_OBJECT (operation_result),
- "cancellable",
- cancellable);
- g_object_set_data_full (G_OBJECT (operation_result),
- "identity",
- g_object_ref (identity),
- (GDestroyNotify)
- g_object_unref);
- g_object_set_data_full (G_OBJECT (operation_result),
- "credentials",
- g_bytes_ref (credentials),
- (GDestroyNotify)
- g_bytes_unref);
- open_system_enrollment_prompt (self,
- _("In order to use this enterprise identity, the computer needs to be "
- "enrolled in the domain. Please have your network administrator "
- "type their domain username here."),
- cancellable,
- (GAsyncReadyCallback)
- on_system_enrollment_username_answered,
- operation_result);
-
-}
-
-static void
-on_machine_enrolled (GoaIdentityService *self,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result)
-{
- g_object_unref (operation_result);
-}
-
-static void
-on_realm_joined (UmRealmObject *realm,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result)
-{
- GoaIdentityService *self;
- GoaIdentity *identity;
- GError *error;
-
- self = GOA_IDENTITY_SERVICE (g_async_result_get_source_object (G_ASYNC_RESULT (operation_result)));
-
- error = NULL;
- if (!um_realm_join_finish (realm, result, &error))
- {
- GCancellable *cancellable;
- GBytes *credentials;
-
- if (!g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN) &&
- !g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD))
- {
- g_simple_async_result_take_error (operation_result, error);
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
- return;
- }
-
- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
- identity = g_object_get_data (G_OBJECT (operation_result), "identify");
- credentials = g_object_get_data (G_OBJECT (operation_result), "credentials");
-
- /* Try again, as an administrator */
- enroll_machine_as_administrator (self,
- identity,
- realm,
- credentials,
- cancellable,
- (GAsyncReadyCallback)
- on_machine_enrolled,
- operation_result);
-
- return;
- }
-
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
-}
-
-static void
-enroll_machine_as_user (GoaIdentityService *self,
- GoaIdentity *identity,
- UmRealmObject *realm,
- const char *password,
- GBytes *credentials,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
-{
- GSimpleAsyncResult *operation_result;
-
- operation_result = g_simple_async_result_new (G_OBJECT (self),
- callback,
- user_data,
- realm);
- g_simple_async_result_set_check_cancellable (operation_result, cancellable);
-
- g_object_set_data (G_OBJECT (operation_result),
- "cancellable",
- cancellable);
- g_object_set_data_full (G_OBJECT (operation_result),
- "identity",
- g_object_ref (identity),
- (GDestroyNotify)
- g_object_unref);
- g_object_set_data_full (G_OBJECT (operation_result),
- "credentials",
- g_bytes_ref (credentials),
- (GDestroyNotify)
- g_bytes_unref);
-
- if (!um_realm_join_as_user (realm,
- goa_identity_get_identifier (identity),
- password,
- credentials,
- cancellable,
- (GAsyncReadyCallback)
- on_realm_joined,
- operation_result))
- {
- g_simple_async_result_set_error (operation_result,
- UM_REALM_ERROR,
- UM_REALM_ERROR_GENERIC,
- _("Could not find supported credentials"));
- g_simple_async_result_complete_in_idle (operation_result);
- g_object_unref (operation_result);
- return;
- }
-}
-
-static void
-on_realm_looked_up_for_enrollment (GoaIdentityService *self,
- GAsyncResult *result,
- GSimpleAsyncResult *operation_result)
-{
- UmRealmObject *realm;
- GoaIdentity *identity;
- GError *error;
- GCancellable *cancellable;
- GBytes *credentials;
- gconstpointer initial_password;
-
- realm = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
-
- error = NULL;
- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result),
- &error))
- {
- goa_debug ("GoaIdentityService: Could not discover realm: %s",
- error->message);
- g_error_free (error);
-
- g_object_unref (operation_result);
- return;
- }
-
- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
- initial_password = g_object_get_data (G_OBJECT (operation_result),
- "initial-password");
- identity = g_object_get_data (G_OBJECT (operation_result), "identity");
- credentials = goa_identity_get_credentials (identity);
-
- /* Otherwise, try to enroll the machine with the domain controller
- */
- enroll_machine_as_user (self,
- identity,
- realm,
- initial_password,
- credentials,
- cancellable,
- (GAsyncReadyCallback)
- on_machine_enrolled,
- operation_result);
- g_bytes_unref (credentials);
-}
-
-static void
on_sign_in_done (GoaIdentityService *self,
GAsyncResult *result,
GSimpleAsyncResult *operation_result)
{
GoaIdentity *identity;
char *object_path;
- char *domain;
- GCancellable *cancellable;
- UmRealmObject *realm;
GError *error;
error = NULL;
@@ -670,7 +266,6 @@ on_sign_in_done (GoaIdentityService *self,
identity = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
object_path = export_identity (self, identity);
- realm = g_simple_async_result_get_source_tag (G_SIMPLE_ASYNC_RESULT (result));
g_simple_async_result_set_op_res_gpointer (operation_result,
object_path,
@@ -680,32 +275,7 @@ on_sign_in_done (GoaIdentityService *self,
/* User is signed in, so we're mostly done
*/
g_simple_async_result_complete_in_idle (operation_result);
-
- if (realm != NULL && um_realm_is_configured (realm))
- {
- g_object_unref (operation_result);
- return;
- }
-
- /* Try to enroll the machine at the point, too, if necessary.
- */
- g_object_set_data_full (G_OBJECT (operation_result),
- "identity",
- g_object_ref (identity),
- (GDestroyNotify)
- g_object_unref);
-
- domain = g_object_get_data (G_OBJECT (operation_result),
- "domain");
- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable");
-
- look_up_realm (self,
- goa_identity_get_identifier (identity),
- domain,
- cancellable,
- (GAsyncReadyCallback)
- on_realm_looked_up_for_enrollment,
- operation_result);
+ g_object_unref (operation_result);
}
static GoaObject *
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
