| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_POLICY_DEVICE_TOKEN_FETCHER_H_ | 5 #ifndef CHROME_BROWSER_POLICY_DEVICE_TOKEN_FETCHER_H_ |
| 6 #define CHROME_BROWSER_POLICY_DEVICE_TOKEN_FETCHER_H_ | 6 #define CHROME_BROWSER_POLICY_DEVICE_TOKEN_FETCHER_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| 11 #include "base/file_path.h" | 11 #include "base/file_path.h" |
| 12 #include "base/ref_counted.h" | 12 #include "base/ref_counted.h" |
| 13 #include "base/waitable_event.h" | 13 #include "base/waitable_event.h" |
| 14 #include "chrome/browser/policy/device_management_backend.h" | 14 #include "chrome/browser/policy/device_management_backend.h" |
| 15 #include "chrome/common/notification_observer.h" | 15 #include "chrome/common/notification_observer.h" |
| 16 #include "chrome/common/notification_registrar.h" | 16 #include "chrome/common/notification_registrar.h" |
| 17 | 17 |
| 18 class TokenService; | 18 class TokenService; |
| 19 class Profile; |
| 19 | 20 |
| 20 namespace policy { | 21 namespace policy { |
| 21 | 22 |
| 22 namespace em = enterprise_management; | 23 namespace em = enterprise_management; |
| 23 | 24 |
| 24 // Fetches the device token that can be used for policy requests with the device | 25 // Fetches the device token that can be used for policy requests with the device |
| 25 // management server, either from disk if it already has been successfully | 26 // management server, either from disk if it already has been successfully |
| 26 // requested, otherwise from the device management server. An instance of the | 27 // requested, otherwise from the device management server. An instance of the |
| 27 // fetcher is shared as a singleton by all users of the device management token | 28 // fetcher is shared as a singleton by all users of the device management token |
| 28 // to ensure they all get the same token. | 29 // to ensure they all get the same token. |
| 29 class DeviceTokenFetcher | 30 class DeviceTokenFetcher |
| 30 : public NotificationObserver, | 31 : public NotificationObserver, |
| 31 public DeviceManagementBackend::DeviceRegisterResponseDelegate, | 32 public DeviceManagementBackend::DeviceRegisterResponseDelegate, |
| 32 public base::RefCountedThreadSafe<DeviceTokenFetcher> { | 33 public base::RefCountedThreadSafe<DeviceTokenFetcher> { |
| 33 public: | 34 public: |
| 34 // Requests to the device management server are sent through |backend|. It | 35 // Requests to the device management server are sent through |backend|. It |
| 35 // obtains the authentication token from |token_service|. The fetcher stores | 36 // obtains the authentication token from |token_service|. The fetcher stores |
| 36 // the device token to |token_path| once it's retrieved from the server. | 37 // the device token to |token_path| once it's retrieved from the server. |
| 37 DeviceTokenFetcher(DeviceManagementBackend* backend, | 38 DeviceTokenFetcher(DeviceManagementBackend* backend, |
| 38 TokenService* token_service, | 39 Profile* profile, |
| 39 const FilePath& token_path); | 40 const FilePath& token_path); |
| 40 virtual ~DeviceTokenFetcher() {} | 41 virtual ~DeviceTokenFetcher() {} |
| 41 | 42 |
| 42 // NotificationObserver method overrides: | 43 // NotificationObserver method overrides: |
| 43 virtual void Observe(NotificationType type, | 44 virtual void Observe(NotificationType type, |
| 44 const NotificationSource& source, | 45 const NotificationSource& source, |
| 45 const NotificationDetails& details); | 46 const NotificationDetails& details); |
| 46 | 47 |
| 47 // DeviceManagementBackend::DeviceRegisterResponseDelegate method overrides: | 48 // DeviceManagementBackend::DeviceRegisterResponseDelegate method overrides: |
| 48 virtual void HandleRegisterResponse( | 49 virtual void HandleRegisterResponse( |
| (...skipping 20 matching lines...) Expand all Loading... |
| 69 // Returns the device ID for this device. If no such ID has been set yet, a | 70 // Returns the device ID for this device. If no such ID has been set yet, a |
| 70 // new ID is generated and returned. | 71 // new ID is generated and returned. |
| 71 std::string GetDeviceID(); | 72 std::string GetDeviceID(); |
| 72 | 73 |
| 73 // True if the fetcher has a valid AuthToken for the device management server. | 74 // True if the fetcher has a valid AuthToken for the device management server. |
| 74 bool HasAuthToken() const { return !auth_token_.empty(); } | 75 bool HasAuthToken() const { return !auth_token_.empty(); } |
| 75 | 76 |
| 76 // True if the device token has been fetched and is valid. | 77 // True if the device token has been fetched and is valid. |
| 77 bool IsTokenValid() const; | 78 bool IsTokenValid() const; |
| 78 | 79 |
| 80 protected: |
| 81 // Returns the email address of the currently logged-in user. |
| 82 virtual std::string GetCurrentUser(); |
| 83 |
| 84 // Used to identify GOOGLE_SIGNIN_SUCCESSFUL notifications from the owning |
| 85 // profile, and to query for the current username. |
| 86 Profile* profile_; // weak |
| 87 |
| 79 private: | 88 private: |
| 80 friend class DeviceTokenFetcherTest; | 89 friend class DeviceTokenFetcherTest; |
| 81 | 90 |
| 82 // The different states that the fetcher can be in during the process of | 91 // The different states that the fetcher can be in during the process of |
| 83 // getting the device token. | 92 // getting the device token. |
| 84 enum FetcherState { | 93 enum FetcherState { |
| 85 kStateNotStarted, | 94 kStateNotStarted, |
| 86 kStateLoadDeviceTokenFromDisk, | 95 kStateLoadDeviceTokenFromDisk, |
| 87 kStateReadyToRequestDeviceTokenFromServer, | 96 kStateReadyToRequestDeviceTokenFromServer, |
| 88 kStateRequestingDeviceTokenFromServer, | 97 kStateRequestingDeviceTokenFromServer, |
| (...skipping 13 matching lines...) Expand all Loading... |
| 102 // thread. | 111 // thread. |
| 103 void AttemptTokenLoadFromDisk(); | 112 void AttemptTokenLoadFromDisk(); |
| 104 | 113 |
| 105 // Called if it's not possible to load the device token from disk. Sets the | 114 // Called if it's not possible to load the device token from disk. Sets the |
| 106 // fetcher in a state that's ready to register the device with the device | 115 // fetcher in a state that's ready to register the device with the device |
| 107 // management server and receive the device token in return. If the AuthToken | 116 // management server and receive the device token in return. If the AuthToken |
| 108 // for the device management server is available, initiate the server | 117 // for the device management server is available, initiate the server |
| 109 // request. | 118 // request. |
| 110 void MakeReadyToRequestDeviceToken(); | 119 void MakeReadyToRequestDeviceToken(); |
| 111 | 120 |
| 121 // Checks the email of the currently logged-in user against the list of known |
| 122 // non-dasher domain names. Returns false if there is no user logged in, or |
| 123 // if the domain part of the email of the currently logged in user is in |
| 124 // |kNonDasherDomains|. |
| 125 bool CanCurrentUserBeDasher(); |
| 126 |
| 112 // Issues a registration request to the server if both the fetcher is in the | 127 // Issues a registration request to the server if both the fetcher is in the |
| 113 // ready-to-request state and the device management server AuthToken is | 128 // ready-to-request state and the device management server AuthToken is |
| 114 // available. | 129 // available. |
| 115 void SendServerRequestIfPossible(); | 130 void SendServerRequestIfPossible(); |
| 116 | 131 |
| 117 // Saves the device management token to disk once it has been retrieved from | 132 // Saves the device management token to disk once it has been retrieved from |
| 118 // the server. Must be called on the FILE thread. | 133 // the server. Must be called on the FILE thread. |
| 119 static void WriteDeviceTokenToDisk(const FilePath& path, | 134 static void WriteDeviceTokenToDisk(const FilePath& path, |
| 120 const std::string& token, | 135 const std::string& token, |
| 121 const std::string& device_id); | 136 const std::string& device_id); |
| (...skipping 18 matching lines...) Expand all Loading... |
| 140 // or it has been determined that there was an error during fetching. | 155 // or it has been determined that there was an error during fetching. |
| 141 base::WaitableEvent device_token_load_complete_event_; | 156 base::WaitableEvent device_token_load_complete_event_; |
| 142 | 157 |
| 143 // Registers the fetcher for notification of successful Gaia logins. | 158 // Registers the fetcher for notification of successful Gaia logins. |
| 144 NotificationRegistrar registrar_; | 159 NotificationRegistrar registrar_; |
| 145 }; | 160 }; |
| 146 | 161 |
| 147 } // namespace policy | 162 } // namespace policy |
| 148 | 163 |
| 149 #endif // CHROME_BROWSER_POLICY_DEVICE_TOKEN_FETCHER_H_ | 164 #endif // CHROME_BROWSER_POLICY_DEVICE_TOKEN_FETCHER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 4960003:
Don't register gmail users at the device management server (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src