chromeos: Stringify status codes in login messages.

In an attempt to make login failures easier to debug, update
several messages describing progress and errors to include
string descriptions of numeric codes:

  Policy validation failed: 2
  Session manager operation failed: 5
  Failed to retrieve cros policies. Reason: 5
  Resolved state to: 13

Bug: 888520
Change-Id: I8c331c6af7f68dd2e0aa7cdfc98336f4af27f9c2
Reviewed-on: https://chromium-review.googlesource.com/1249730Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Reviewed-by: Sergey Poromov <poromov@chromium.org>
Commit-Queue: Dan Erat <derat@chromium.org>
Cr-Commit-Position: refs/heads/master@{#595160}

chrome/browser/chromeos/settings/device_settings_provider.cc

@@ -1011,11 +1011,14 @@ bool DeviceSettingsProvider::UpdateFromService() {
       break;
     case DeviceSettingsService::STORE_VALIDATION_ERROR:
     case DeviceSettingsService::STORE_INVALID_POLICY:
-    case DeviceSettingsService::STORE_OPERATION_FAILED:
-      LOG(ERROR) << "Failed to retrieve cros policies. Reason: "
-                 << device_settings_service_->status();
+    case DeviceSettingsService::STORE_OPERATION_FAILED: {
+      DeviceSettingsService::Status status = device_settings_service_->status();
+      LOG(ERROR) << "Failed to retrieve cros policies. Reason: " << status
+                 << " (" << DeviceSettingsService::StatusToString(status)
+                 << ")";
       trusted_status_ = PERMANENTLY_UNTRUSTED;
       break;
+    }
   }
 
   // Notify the observers we are done.

chrome/browser/chromeos/settings/device_settings_service.cc

@@ -66,6 +66,25 @@ DeviceSettingsService* DeviceSettingsService::Get() {
   return g_device_settings_service;
 }
 
+// static
+const char* DeviceSettingsService::StatusToString(Status status) {
+  switch (status) {
+    case STORE_SUCCESS:
+      return "SUCCESS";
+    case STORE_KEY_UNAVAILABLE:
+      return "KEY_UNAVAILABLE";
+    case STORE_OPERATION_FAILED:
+      return "OPERATION_FAILED";
+    case STORE_NO_POLICY:
+      return "NO_POLICY";
+    case STORE_INVALID_POLICY:
+      return "INVALID_POLICY";
+    case STORE_VALIDATION_ERROR:
+      return "VALIDATION_ERROR";
+  }
+  return "UNKNOWN";
+}
+
 DeviceSettingsService::DeviceSettingsService() {
   device_off_hours_controller_ =
       std::make_unique<policy::off_hours::DeviceOffHoursController>();
@@ -311,7 +330,8 @@ void DeviceSettingsService::HandleCompletedOperation(
         device_settings_.swap(off_device_settings);
     }
   } else if (status != STORE_KEY_UNAVAILABLE) {
-    LOG(ERROR) << "Session manager operation failed: " << status;
+    LOG(ERROR) << "Session manager operation failed: " << status << " ("
+               << StatusToString(status) << ")";
   }
 
   public_key_ = scoped_refptr<PublicKey>(operation->public_key());

chrome/browser/chromeos/settings/device_settings_service.h

@@ -97,6 +97,9 @@ class DeviceSettingsService : public SessionManagerClient::Observer {
   static void Shutdown();
   static DeviceSettingsService* Get();
 
+  // Returns a human-readable string describing |status|.
+  static const char* StatusToString(Status status);
+
   // Creates a device settings service instance. This is meant for unit tests,
   // production code uses the singleton returned by Get() above.
   DeviceSettingsService();

chrome/browser/chromeos/settings/session_manager_operation.cc

@@ -213,7 +213,10 @@ void SessionManagerOperation::ReportValidatorStatus(
     device_settings_ = std::move(validator->payload());
     ReportResult(DeviceSettingsService::STORE_SUCCESS);
   } else {
-    LOG(ERROR) << "Policy validation failed: " << validator->status();
+    LOG(ERROR) << "Policy validation failed: " << validator->status() << " ("
+               << policy::DeviceCloudPolicyValidator::StatusToString(
+                      validator->status())
+               << ")";
     ReportResult(DeviceSettingsService::STORE_VALIDATION_ERROR);
   }
 }

chromeos/login/auth/cryptohome_authenticator.cc

@@ -76,6 +76,67 @@ void UMACryptohomeMigrationToGaiaId(const CryptohomeMigrationToGaiaId status) {
                             CryptohomeMigrationToGaiaId::ENTRIES_COUNT);
 }
 
+// Returns a human-readable string describing |state|.
+const char* AuthStateToString(CryptohomeAuthenticator::AuthState state) {
+  switch (state) {
+    case CryptohomeAuthenticator::CONTINUE:
+      return "CONTINUE";
+    case CryptohomeAuthenticator::NO_MOUNT:
+      return "NO_MOUNT";
+    case CryptohomeAuthenticator::FAILED_MOUNT:
+      return "FAILED_MOUNT";
+    case CryptohomeAuthenticator::FAILED_REMOVE:
+      return "FAILED_REMOVE";
+    case CryptohomeAuthenticator::FAILED_TMPFS:
+      return "FAILED_TMPFS";
+    case CryptohomeAuthenticator::FAILED_TPM:
+      return "FAILED_TPM";
+    case CryptohomeAuthenticator::CREATE_NEW:
+      return "CREATE_NEW";
+    case CryptohomeAuthenticator::RECOVER_MOUNT:
+      return "RECOVER_MONUT";
+    case CryptohomeAuthenticator::POSSIBLE_PW_CHANGE:
+      return "POSSIBLE_PW_CHANGE";
+    case CryptohomeAuthenticator::NEED_NEW_PW:
+      return "NEED_NEW_PW";
+    case CryptohomeAuthenticator::NEED_OLD_PW:
+      return "NEED_OLD_PW";
+    case CryptohomeAuthenticator::HAVE_NEW_PW:
+      return "HAVE_NEW_PW";
+    case CryptohomeAuthenticator::OFFLINE_LOGIN:
+      return "OFFLINE_LOGIN";
+    case CryptohomeAuthenticator::ONLINE_LOGIN:
+      return "ONLINE_LOGIN";
+    case CryptohomeAuthenticator::UNLOCK:
+      return "UNLOCK";
+    case CryptohomeAuthenticator::ONLINE_FAILED:
+      return "ONLINE_FAILED";
+    case CryptohomeAuthenticator::GUEST_LOGIN:
+      return "GUEST_LOGIN";
+    case CryptohomeAuthenticator::PUBLIC_ACCOUNT_LOGIN:
+      return "PUBLIC_ACCOUNT_LOGIN";
+    case CryptohomeAuthenticator::SUPERVISED_USER_LOGIN:
+      return "SUPERVISED_USER_LOGIN";
+    case CryptohomeAuthenticator::LOGIN_FAILED:
+      return "LOGIN_FAILED";
+    case CryptohomeAuthenticator::OWNER_REQUIRED:
+      return "OWNER_REQUIRED";
+    case CryptohomeAuthenticator::FAILED_USERNAME_HASH:
+      return "FAILED_USERNAME_HASH";
+    case CryptohomeAuthenticator::KIOSK_ACCOUNT_LOGIN:
+      return "KIOSK_ACCOUNT_LOGIN";
+    case CryptohomeAuthenticator::REMOVED_DATA_AFTER_FAILURE:
+      return "REMOVED_DATA_AFTER_FAILURE";
+    case CryptohomeAuthenticator::FAILED_OLD_ENCRYPTION:
+      return "FAILED_OLD_ENCRYPTION";
+    case CryptohomeAuthenticator::FAILED_PREVIOUS_MIGRATION_INCOMPLETE:
+      return "FAILED_PREVIOUS_MIGRATION_INCOMPLETE";
+    case CryptohomeAuthenticator::OFFLINE_NO_MOUNT:
+      return "OFFLINE_NO_MOUNT";
+  }
+  return "UNKNOWN";
+}
+
 // Hashes |key| with |system_salt| if it its type is KEY_TYPE_PASSWORD_PLAIN.
 // Returns the keys unmodified otherwise.
 std::unique_ptr<Key> TransformKeyIfNeeded(const Key& key,
@@ -808,7 +869,8 @@ void CryptohomeAuthenticator::Resolve() {
   DCHECK(task_runner_->RunsTasksInCurrentSequence());
   bool create_if_nonexistent = false;
   CryptohomeAuthenticator::AuthState state = ResolveState();
-  VLOG(1) << "Resolved state to: " << state;
+  VLOG(1) << "Resolved state to " << state << " (" << AuthStateToString(state)
+          << ")";
   switch (state) {
     case CONTINUE:
     case POSSIBLE_PW_CHANGE:

components/policy/core/common/cloud/cloud_policy_validator.cc

@@ -64,6 +64,45 @@ enum class MetricPolicyUserVerification {
 
 }  // namespace
 
+// static
+const char* CloudPolicyValidatorBase::StatusToString(Status status) {
+  switch (status) {
+    case VALIDATION_OK:
+      return "OK";
+    case VALIDATION_BAD_INITIAL_SIGNATURE:
+      return "BAD_INITIAL_SIGNATURE";
+    case VALIDATION_BAD_SIGNATURE:
+      return "BAD_SIGNATURE";
+    case VALIDATION_ERROR_CODE_PRESENT:
+      return "ERROR_CODE_PRESENT";
+    case VALIDATION_PAYLOAD_PARSE_ERROR:
+      return "PAYLOAD_PARSE_ERROR";
+    case VALIDATION_WRONG_POLICY_TYPE:
+      return "WRONG_POLICY_TYPE";
+    case VALIDATION_WRONG_SETTINGS_ENTITY_ID:
+      return "WRONG_SETTINGS_ENTITY_ID";
+    case VALIDATION_BAD_TIMESTAMP:
+      return "BAD_TIMESTAMP";
+    case VALIDATION_BAD_DM_TOKEN:
+      return "BAD_DM_TOKEN";
+    case VALIDATION_BAD_DEVICE_ID:
+      return "BAD_DEVICE_ID";
+    case VALIDATION_BAD_USER:
+      return "BAD_USER";
+    case VALIDATION_POLICY_PARSE_ERROR:
+      return "POLICY_PARSE_ERROR";
+    case VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE:
+      return "BAD_KEY_VERIFICATION_SIGNATURE";
+    case VALIDATION_VALUE_WARNING:
+      return "VALUE_WARNING";
+    case VALIDATION_VALUE_ERROR:
+      return "VALUE_ERROR";
+    case VALIDATION_STATUS_SIZE:
+      return "UNKNOWN";
+  }
+  return "UNKNOWN";
+}
+
 CloudPolicyValidatorBase::ValidationResult::ValidationResult() = default;
 CloudPolicyValidatorBase::ValidationResult::~ValidationResult() = default;
 

components/policy/core/common/cloud/cloud_policy_validator.h

@@ -138,6 +138,9 @@ class POLICY_EXPORT CloudPolicyValidatorBase {
     ~ValidationResult();
   };
 
+  // Returns a human-readable representation of |status|.
+  static const char* StatusToString(Status status);
+
   virtual ~CloudPolicyValidatorBase();
 
   // Validation status which can be read after completion has been signaled.