| Index: chrome/browser/policy/proto/device_management_backend.proto
|
| diff --git a/chrome/browser/policy/proto/device_management_backend.proto b/chrome/browser/policy/proto/device_management_backend.proto
|
| index 1a857b62f9d8b529fdca22b0d31e9e200ea51220..a192a254940156e35a73ff28b9592d2d2adf5c85 100644
|
| --- a/chrome/browser/policy/proto/device_management_backend.proto
|
| +++ b/chrome/browser/policy/proto/device_management_backend.proto
|
| @@ -4,18 +4,31 @@
|
|
|
| syntax = "proto2";
|
|
|
| -import "cloud_policy.proto";
|
| -
|
| option optimize_for = LITE_RUNTIME;
|
|
|
| package enterprise_management;
|
|
|
| -// Protocol buffers for the obsolete protocol:
|
| -// -------------------------------------------
|
| -// GenericValue, GenericNamedValue, GenericSetting, DevicePolicySetting,
|
| -// DevicePolicySettingRequest, DevicePolicyRequest, DevicePolicyResponse
|
| -// TODO(gfeher): Remove these when both Chrome and DMServer is switched to
|
| -// using the new protocol.
|
| +// Meta-settings that control how a user receives regular settings
|
| +// (CloudPolicySettings) for Chrome. The name "Initial" indicates that
|
| +// these settings will be downloaded before Chrome starts requesting
|
| +// regular settings.
|
| +message ChromeInitialSettingsProto {
|
| + enum EnrollmentProvision {
|
| + // The users's device is not automatically enrolled for policies, but the
|
| + // user may choose to try to enroll it.
|
| + UNMANAGED = 0;
|
| + // The user must enroll its device for policies.
|
| + MANAGED = 1;
|
| + }
|
| + // Chrome will interpret this as UNMANAGED if unset.
|
| + optional EnrollmentProvision enrollment_provision = 1 [default = UNMANAGED];
|
| +}
|
| +
|
| +// A setting is a set of generic name value pairs.
|
| +// TODO(gfeher): remove this after Chrome OS TT is over.
|
| +message GenericSetting {
|
| + repeated GenericNamedValue named_value = 1;
|
| +}
|
|
|
| // Generic value container.
|
| message GenericValue {
|
| @@ -51,12 +64,8 @@ message GenericNamedValue {
|
| optional GenericValue value = 2;
|
| }
|
|
|
| -// A setting is a set of generic name value pairs.
|
| -message GenericSetting {
|
| - repeated GenericNamedValue named_value = 1;
|
| -}
|
| -
|
| // Identify a single device policy setting key/value pair.
|
| +// TODO(gfeher): remove this after Chrome OS TT is over.
|
| message DevicePolicySetting {
|
| // key of the policy setting
|
| required string policy_key = 1;
|
| @@ -66,189 +75,205 @@ message DevicePolicySetting {
|
| optional string watermark = 3;
|
| }
|
|
|
| -// Request for a setting or with optional watermark on client side.
|
| -message DevicePolicySettingRequest {
|
| - // setting key
|
| - required string key = 1;
|
| - // watermark last read from server if available.
|
| - optional string watermark = 2;
|
| -}
|
| -
|
| -// Request from device to server to read device policies.
|
| -message DevicePolicyRequest {
|
| - // identify request scope: CrOS settings or other type of settings.
|
| - optional string policy_scope = 1;
|
| - // identify key to the settings: proxy etc.
|
| - repeated DevicePolicySettingRequest setting_request = 2;
|
| -}
|
| -
|
| -// Response from server to agent for reading policies.
|
| -message DevicePolicyResponse {
|
| - // the result of the settings.
|
| - repeated DevicePolicySetting setting = 1;
|
| -}
|
| -
|
| -// Request from device to server to register device. The response will include
|
| -// a device token that can be used to query policies.
|
| +// Request from device to server to register device.
|
| message DeviceRegisterRequest {
|
| - // reregister device without erasing server state.
|
| - // it can be used to refresh dmtoken etc.
|
| + // Reregister device without erasing server state. It can be used
|
| + // to refresh dmtoken etc. Client MUST set this value to true if it
|
| + // reuses an existing device id.
|
| optional bool reregister = 1;
|
| +
|
| + // Device register type. This field does not exist for TT release.
|
| + // When a client requests for policies, server should verify the
|
| + // client has been registered properly. For example, a client must
|
| + // register with type DEVICE in order to retrieve device policies.
|
| + enum Type {
|
| + TT = 0; // Register for TT release.
|
| + USER = 1; // Register for user polices.
|
| + DEVICE = 2; // Register for device policies.
|
| + }
|
| + // NOTE: we also use this field to detect client version. If this
|
| + // field is missing, then the request comes from TT. We will remove
|
| + // Chrome OS TT support once it is over.
|
| + optional Type type = 2 [default = TT];
|
| +
|
| + // Machine hardware id, such as MEID, Mac adress.
|
| + // This field is required if register type == DEVICE.
|
| + optional string machine_id = 3;
|
| +
|
| + // Machine model name, such as "ZGA", "Cr-48", "Nexus One". If the
|
| + // model name is not available, client SHOULD send generic name like
|
| + // "Android", or "Chrome OS".
|
| + optional string machine_model = 4;
|
| }
|
|
|
| // Response from server to device register request.
|
| message DeviceRegisterResponse {
|
| - // device mangement toke for this registration.
|
| + // Device mangement token for this registration. This token MUST be
|
| + // part of HTTP Authorization header for all future requests from
|
| + // device to server.
|
| required string device_management_token = 1;
|
| -}
|
|
|
| -// Protocol buffers for the new protocol:
|
| -// --------------------------------------
|
| -
|
| -// Request from device to server to get policies for an unregistered user.
|
| -// These are actually "meta-policies", that control the rules for the user
|
| -// about enrolling for real policies.
|
| -message InitialPolicyRequest {
|
| + // Device display name. By default, server generates the name in
|
| + // the format of "Machine Model - Machine Id". However, domain
|
| + // admin can update it using CPanel, so do NOT treat it as constant.
|
| + optional string machine_name = 2;
|
| }
|
|
|
| -message InitialPolicySettings {
|
| - enum EnrollmentRule {
|
| - // The user must enroll its device for policies.
|
| - MANAGED = 1;
|
| - // The users's device is not automatically enrolled for policies, but the
|
| - // user may choose to try to enroll it.
|
| - UNMANAGED = 2;
|
| - }
|
| -
|
| - optional EnrollmentRule enrollment_rule = 1;
|
| +// Request from device to server to unregister device.
|
| +// GoogleDMToken MUST be in HTTP Authorization header.
|
| +message DeviceUnregisterRequest {
|
| }
|
|
|
| -// Response from server to device containing the policies available before
|
| -// registration.
|
| -message InitialPolicyResponse {
|
| - optional InitialPolicySettings settings = 1;
|
| +// Response from server to device for unregister request.
|
| +message DeviceUnregisterResponse {
|
| }
|
|
|
| -// Request from device to server to unregister device management token.
|
| -message DeviceUnregisterRequest {
|
| +// Request for a setting or with optional watermark on client side.
|
| +// TODO(gfeher): remove this after Chrome OS TT is over.
|
| +message DevicePolicySettingRequest {
|
| + // setting key
|
| + required string key = 1;
|
| + // watermark last read from server if available.
|
| + optional string watermark = 2;
|
| }
|
|
|
| -// Response from server to unregister request.
|
| -message DeviceUnregisterResponse {
|
| +message PolicyFetchRequest {
|
| + // This is the policy type, which maps to D3 policy type internally.
|
| + // By convention, we use "/" as separator to create policy namespace.
|
| + // The policy type names are case insensitive.
|
| + //
|
| + // Possible values for Chrome OS are:
|
| + // google/chromeos/device => ChromeSettingsProto
|
| + // google/chromeos/user => ChromeSettingsProto
|
| + // google/chromeos/unregistered_user => ChromeInitialSettingsProto
|
| + optional string policy_type = 1;
|
| +
|
| + // This is the last policy timestamp that client received from server.
|
| + optional int64 timestamp = 2;
|
| +
|
| + // Tell server what kind of security signature is required.
|
| + enum SignatureType {
|
| + NONE = 0;
|
| + X509 = 1;
|
| + }
|
| + optional SignatureType signature_type = 3 [default = NONE];
|
| }
|
|
|
| -// Request from device to server to register device. The response will include
|
| -// a device token that can be used to query policies.
|
| -message CloudRegisterRequest {
|
| - enum Type {
|
| - // Requesting token for user policies.
|
| - USER = 1;
|
| - // Requesting token for device policies.
|
| - DEVICE = 2;
|
| - }
|
| - optional Type type = 1;
|
| - // Unique identifier of the machine. Only set if type == DEVICE.
|
| - // This won't be sent in later requests, the machine can be identified
|
| - // by its device token.
|
| - optional string machine_id = 2;
|
| +// This message is included in serialized form in PolicyFetchResponse
|
| +// below. It may also be signed, with the signature being created for
|
| +// the serialized form.
|
| +message PolicyData {
|
| + // See PolicyFetchRequest.policy_type.
|
| + optional string policy_type = 1;
|
| +
|
| + // [timestamp] is milli seconds since Epoch in UTC timezone. It is
|
| + // included here so that the time at which the server issued this
|
| + // response cannot be faked (as protection against replay attacks).
|
| + // It is the timestamp generated by DMServer, NOT the time admin
|
| + // last updated the policy or anything like that.
|
| + optional int64 timestamp = 2;
|
| +
|
| + // The DM token that was used by the client in the HTTP POST header
|
| + // for authenticating the request. It is included here again so that
|
| + // the client can verify that the response is meant for him (and not
|
| + // issued by a replay or man-in-the-middle attack).
|
| + optional string request_token = 3;
|
| +
|
| + // The serialized value of the actual policy protobuf. This can be
|
| + // deserialized to an instance of, for example, ChromeSettingsProto
|
| + // or ChromeUserSettingsProto.
|
| + optional bytes policy_value = 4;
|
| +
|
| + // The device display name assigned by the server. It is only
|
| + // filled if the display name is available.
|
| + //
|
| + // The display name of the machine as generated by the server or set
|
| + // by the Administrator in the CPanel GUI. This is the same thing as
|
| + // |machine_name| in DeviceRegisterResponse but it might have
|
| + // changed since then.
|
| + optional string machine_name = 5;
|
| }
|
|
|
| -// Response from server to device register request.
|
| -message CloudRegisterResponse {
|
| - // Token for this registration.
|
| - required string device_management_token = 1;
|
| +message PolicyFetchResponse {
|
| + // Since a single policy request may ask for multiple policies, we
|
| + // provide separate error code for each individual policy fetch.
|
|
|
| - // The name of the requesting device, assigned by the server.
|
| - optional string machine_name = 2;
|
| + // We will use standard HTTP Status Code as error code.
|
| + optional int32 error_code = 1;
|
| +
|
| + // Human readable error message for customer support purpose.
|
| + optional string error_message = 2;
|
| +
|
| + // This is a serialized bytes of PolicyData protobuf above.
|
| + optional bytes policy_data = 3;
|
| +
|
| + // Signature of the policy data above.
|
| + optional bytes policy_data_signature = 4;
|
| +
|
| + // The chain of DER-encoded X.509 certificates of the server's
|
| + // signing key. The first element should be the certificate whose
|
| + // private key was used for signing the response, and each of the
|
| + // following certificates signs the previous one.
|
| + //
|
| + // If this field does not exist, it means the policy_data is not
|
| + // signed.
|
| + repeated bytes certificate_chain = 5;
|
| }
|
|
|
| -message CloudPolicyRequest {
|
| - // Identify request scope: chromeos/device for device policies, chromeos/user
|
| - // for user policies. Only those policy scopes will be served, that are
|
| - // allowed by the type choice in CloudRegisterRequest.
|
| +// Request from device to server for reading policies.
|
| +message DevicePolicyRequest {
|
| + // identify request scope: CrOS settings or other type of settings.
|
| + // TODO(gfeher): remove this after Chrome OS TT is over.
|
| optional string policy_scope = 1;
|
| + // identify key to the settings: proxy etc.
|
| + // TODO(gfeher): remove this after Chrome OS TT is over.
|
| + repeated DevicePolicySettingRequest setting_request = 2;
|
|
|
| - // The token used to query device policies on the device sending the request.
|
| - // Note, that the token used for actual authentication is sent in an HTTP
|
| - // header. These two tokens are the same if this request is for querying
|
| - // device policies and they differ if this request is for querying user
|
| - // policies. In the second case, the server can use device_policy_token to
|
| - // identify the device and determine if the user is allowed to get policies
|
| - // on the given device.
|
| - optional string device_policy_token = 2;
|
| + // The policy fetch request. If this field exists, the request must
|
| + // comes from a non-TT client. The repeated field allows client to
|
| + // request multiple policies for better performance.
|
| + repeated PolicyFetchRequest request = 3;
|
| }
|
|
|
| // Response from server to device for reading policies.
|
| -message CloudPolicyResponse {
|
| - // Serialized SignedCloudPolicyResponse.
|
| - optional bytes signed_response = 1;
|
| - // RSA signature of the SHA1 hash of the above data.
|
| - optional bytes signature = 2;
|
| - // The chain of DER-encoded X.509 certificates of the server's signing key.
|
| - // The first element should be the certificate whose private key was used
|
| - // for signing the response, and each of the following certificates signs the
|
| - // previous one.
|
| - repeated bytes certificate_chain = 3;
|
| -}
|
| -message SignedCloudPolicyResponse {
|
| - // The following two are necessary against replay attacks.
|
| - // |timestamp| is a unix timestamp (seconds since 1970).
|
| - optional int64 timestamp = 1;
|
| - // The token that was used for the request.
|
| - optional string request_token = 2;
|
| - // The name of the device, assigned by the server.
|
| - optional string device_name = 3;
|
| - // CloudPolicySettings is defined in cloud_policy.proto (which is
|
| - // auto-generated from chrome/app/policy_templates.json).
|
| - optional CloudPolicySettings settings = 4;
|
| +message DevicePolicyResponse {
|
| + // the result of the settings.
|
| + // TODO(gfeher): remove this after Chrome OS TT is over.
|
| + repeated DevicePolicySetting setting = 1;
|
| +
|
| + // The policy fetch response.
|
| + repeated PolicyFetchResponse response = 3;
|
| }
|
|
|
| -// Request from the DMAgent on the device to the DMServer.
|
| -// This is container for all requests from client.
|
| +// Request from the DMAgent on the device to the DMServer. This is
|
| +// container for all requests from device to server. The overall HTTP
|
| +// request MUST be in the following format:
|
| //
|
| -// Http Query parameters:
|
| -// Query parameters contain the following information in each request:
|
| -// request: register/unregister/policy/cloud_policy/cloud_register/
|
| -// initial_policy
|
| -// devicetype: CrOS/Android/Iphone etc.
|
| -// apptype: CrOS/AndroidDM etc.
|
| -// agent: identify agent on device.
|
| +// * HTTP method is POST
|
| +// * Data mime type is application/x-protobuffer
|
| +// * HTTP parameters are (all required, all case sensitive):
|
| +// * request: MUST BE one of register/unregister/policy/ping
|
| +// * devicetype: MUST BE "1" for Android or "2" for Chrome OS.
|
| +// * apptype: MUST BE Android or Chrome.
|
| +// * deviceid: MUST BE no more than 64-char in [\x20-\x7E].
|
| +// * agent: MUST BE no more than 64-char long.
|
| +// * HTTP Authorization header MUST be in the following formats:
|
| +// * For register and ping requests
|
| +// Authorization: GoogleLogin auth=<auth cookie for Mobile Sync>
|
| //
|
| -// Authorization:
|
| -// 1. If request is initial_policy, client must pass in GoogleLogin
|
| -// auth cookie in Authorization header:
|
| -// Authorization: GoogleLogin auth=<auth cookie>
|
| -// The response will contain settings that a user can get without
|
| -// registration. Currently the only such setting is a flag indicating if the
|
| -// user is in a managed domain or not. (We don't want to expose device ids of
|
| -// users not in managed domains.)
|
| -// 2. If request is register_request, client must pass in GoogleLogin auth
|
| -// cookie in Authorization header:
|
| -// Authorization: GoogleLogin auth=<auth cookie>
|
| -// The response will contain an unique DMToken for future requests.
|
| -// Depending on domain policy, the request may need admin approval before
|
| -// DMToken is issued.
|
| -// 3. For other requests, client must pass in DMToken in Authorization header:
|
| -// Authorization: GoogleDMToken token=<google dm token>
|
| +// * For unregister and policy requests
|
| +// Authorization: GoogleDMToken token=<dm token from register>
|
| //
|
| +// * OAuth is NOT supported yet.
|
| message DeviceManagementRequest {
|
| - // Register request (old protocol).
|
| + // Register request.
|
| optional DeviceRegisterRequest register_request = 1;
|
|
|
| // Unregister request.
|
| optional DeviceUnregisterRequest unregister_request = 2;
|
|
|
| - // Data request.
|
| + // Policy request.
|
| optional DevicePolicyRequest policy_request = 3;
|
| -
|
| - // Data request (new protocol).
|
| - optional CloudPolicyRequest cloud_policy_request = 4;
|
| -
|
| - // Request for initial (before registration) policies.
|
| - optional InitialPolicyRequest initial_policy_request = 5;
|
| -
|
| - // Register request (new protocol).
|
| - optional CloudRegisterRequest cloud_register_request = 6;
|
| }
|
|
|
| // Response from server to device.
|
| @@ -276,7 +301,7 @@ message DeviceManagementResponse {
|
| // Error message.
|
| optional string error_message = 2;
|
|
|
| - // Register response (old protocol).
|
| + // Register response
|
| optional DeviceRegisterResponse register_response = 3;
|
|
|
| // Unregister response
|
| @@ -284,13 +309,4 @@ message DeviceManagementResponse {
|
|
|
| // Policy response.
|
| optional DevicePolicyResponse policy_response = 5;
|
| -
|
| - // Policy response (new protocol).
|
| - optional CloudPolicyResponse cloud_policy_response = 6;
|
| -
|
| - // Response to initial (before registration) policy request.
|
| - optional InitialPolicyResponse initial_policy_response = 7;
|
| -
|
| - // Register response (new protocol).
|
| - optional CloudRegisterResponse cloud_register_response = 8;
|
| }
|
|
|
Chromium Code Reviews
Issue 6537020:
Update policy backend and testserver for the newest policy protocol (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src