Chromium Code Reviews| Index: chrome/browser/policy/cloud_policy_client.cc |
| diff --git a/chrome/browser/policy/cloud_policy_client.cc b/chrome/browser/policy/cloud_policy_client.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..a23343f99bf0b5f92f232719bde378a2d34b205d |
| --- /dev/null |
| +++ b/chrome/browser/policy/cloud_policy_client.cc |
| @@ -0,0 +1,240 @@ |
| +// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/policy/cloud_policy_client.h" |
| + |
| +#include "base/bind.h" |
| +#include "base/logging.h" |
| +#include "chrome/browser/policy/device_management_service.h" |
| +#include "chrome/browser/policy/proto/device_management_backend.pb.h" |
| +#include "chrome/common/guid.h" |
| + |
| +namespace em = enterprise_management; |
| + |
| +namespace policy { |
| + |
| +CloudPolicyClient::PublicKeyVersion::PublicKeyVersion() |
| + : valid_(false), |
| + version_(-1) {} |
| + |
| +CloudPolicyClient::PublicKeyVersion::PublicKeyVersion(int version) |
| + : valid_(true), |
| + version_(version) {} |
| + |
| +CloudPolicyClient::PublicKeyVersion::PublicKeyVersion( |
| + const PublicKeyVersion& other) |
| + : valid_(other.valid_), |
| + version_(other.version_) {} |
| + |
| +const CloudPolicyClient::PublicKeyVersion& |
| + CloudPolicyClient::PublicKeyVersion::operator=( |
| + const PublicKeyVersion& other) { |
| + valid_ = other.valid_; |
| + version_ = other.version_; |
| + return *this; |
| +} |
| + |
| +CloudPolicyClient::Observer::~Observer() {} |
| + |
| +CloudPolicyClient::StatusProvider::~StatusProvider() {} |
| + |
| +CloudPolicyClient::CloudPolicyClient(const std::string& machine_id, |
| + const std::string& machine_model, |
| + UserAffiliation user_affiliation, |
| + PolicyScope scope, |
| + StatusProvider* status_provider, |
| + DeviceManagementService* service) |
| + : machine_id_(machine_id), |
| + machine_model_(machine_model), |
| + user_affiliation_(user_affiliation), |
| + scope_(scope), |
| + submit_machine_id_(false), |
| + service_(service), |
| + request_job_(NULL), |
| + status_provider_(status_provider) {} |
| + |
| +CloudPolicyClient::~CloudPolicyClient() {} |
| + |
| +void CloudPolicyClient::SetupRegistration(const std::string& dm_token, |
| + const std::string& client_id) { |
| + DCHECK(!dm_token.empty()); |
| + DCHECK(!client_id.empty()); |
| + |
| + dm_token_ = dm_token; |
| + client_id_ = client_id; |
| + request_job_.reset(); |
| + policy_.reset(); |
| + |
| + FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged()); |
| + FOR_EACH_OBSERVER(Observer, observers_, OnPolicyChanged()); |
| +} |
| + |
| +void CloudPolicyClient::Register(const std::string& auth_token) { |
| + client_id_ = guid::GenerateGUID(); |
| + |
| + request_job_.reset( |
| + service_->CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)); |
| + request_job_->SetOAuthToken(auth_token); |
| + request_job_->SetClientID(client_id_); |
| + |
| + em::DeviceRegisterRequest* request = |
| + request_job_->GetRequest()->mutable_register_request(); |
| + SetRegistrationType(request); |
| + if (!machine_id_.empty()) |
|
Joao da Silva
2012/01/05 15:35:01
if (submit_machine_id && !machine_id_.empty()) ? S
Mattias Nissler (ping if slow)
2012/04/16 14:28:38
Nah, that flag is just for policy fetches. For reg
|
| + request->set_machine_id(machine_id_); |
| + if (!machine_model_.empty()) |
| + request->set_machine_model(machine_model_); |
| + |
| + request_job_->Start(base::Bind(&CloudPolicyClient::OnRegisterCompleted, |
| + base::Unretained(this))); |
| +} |
| + |
| +bool CloudPolicyClient::FetchPolicy() { |
| + if (dm_token_.empty()) |
| + return false; |
| + |
| + request_job_.reset( |
| + service_->CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)); |
| + request_job_->SetDMToken(dm_token_); |
| + request_job_->SetClientID(client_id_); |
| + request_job_->SetUserAffiliation(user_affiliation_); |
| + |
| + em::DeviceManagementRequest* request = request_job_->GetRequest(); |
| + |
| + // Build policy fetch request. |
| + em::PolicyFetchRequest* policy_request = |
| + request->mutable_policy_request()->add_request(); |
| + policy_request->set_signature_type(em::PolicyFetchRequest::SHA1_RSA); |
| + SetPolicyType(policy_request); |
| + if (!last_fetch_timestamp_.is_null()) { |
| + base::TimeDelta timestamp = last_fetch_timestamp_ - base::Time::UnixEpoch(); |
| + policy_request->set_timestamp(timestamp.InMilliseconds()); |
| + } |
| + if (submit_machine_id_ && !machine_id_.empty()) |
| + policy_request->set_machine_id(machine_id_); |
| + if (public_key_version_.valid()) |
| + policy_request->set_public_key_version(public_key_version_.version()); |
| + |
| + // Add status data. |
| + if (status_provider_) { |
| + if (!status_provider_->GetDeviceStatus( |
| + request->mutable_device_status_report_request())) { |
| + request->clear_device_status_report_request(); |
| + } |
| + if (!status_provider_->GetSessionStatus( |
| + request->mutable_session_status_report_request())) { |
| + request->clear_session_status_report_request(); |
| + } |
| + } |
| + |
| + // Fire the job. |
| + request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, |
| + base::Unretained(this))); |
| + |
| + return true; |
| +} |
| + |
| +void CloudPolicyClient::Unregister() { |
| + request_job_.reset( |
| + service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); |
| + request_job_->SetDMToken(dm_token_); |
| + request_job_->SetClientID(client_id_); |
| + request_job_->GetRequest()->mutable_unregister_request(); |
| + request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, |
| + base::Unretained(this))); |
| +} |
| + |
| +void CloudPolicyClient::AddObserver(Observer* observer) { |
| + observers_.AddObserver(observer); |
| +} |
| + |
| +void CloudPolicyClient::RemoveObserver(Observer* observer) { |
| + observers_.RemoveObserver(observer); |
| +} |
| + |
| +void CloudPolicyClient::SetRegistrationType( |
| + em::DeviceRegisterRequest* request) const { |
| + switch (scope_) { |
| + case POLICY_SCOPE_USER: |
| + request->set_type(em::DeviceRegisterRequest::USER); |
| + return; |
| + case POLICY_SCOPE_DEVICE: |
| + request->set_type(em::DeviceRegisterRequest::DEVICE); |
| + return; |
| + } |
| + NOTREACHED() << "Invalid policy scope " << scope_; |
| +} |
| + |
| +void CloudPolicyClient::SetPolicyType(em::PolicyFetchRequest* request) const { |
| + switch (scope_) { |
| + case POLICY_SCOPE_USER: |
| + request->set_policy_type(dm_protocol::kChromeUserPolicyType); |
| + return; |
| + case POLICY_SCOPE_DEVICE: |
| + request->set_policy_type(dm_protocol::kChromeDevicePolicyType); |
| + return; |
| + } |
| + NOTREACHED() << "Invalid policy scope " << scope_; |
| +} |
| + |
| +void CloudPolicyClient::OnRegisterCompleted( |
| + DeviceManagementStatus status, |
| + const em::DeviceManagementResponse& response) { |
| + if (status == DM_STATUS_SUCCESS && |
| + (!response.has_register_response() || |
| + !response.register_response().has_device_management_token())) { |
| + LOG(WARNING) << "Empty registration response."; |
| + status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| + } |
| + |
| + status_ = status; |
| + if (status == DM_STATUS_SUCCESS) { |
| + dm_token_ = response.register_response().device_management_token(); |
| + FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged()); |
| + } else { |
| + FOR_EACH_OBSERVER(Observer, observers_, OnError()); |
| + } |
| +} |
| + |
| +void CloudPolicyClient::OnPolicyFetchCompleted( |
| + DeviceManagementStatus status, |
| + const em::DeviceManagementResponse& response) { |
| + if (status == DM_STATUS_SUCCESS) { |
| + if (!response.has_policy_response() || |
| + response.policy_response().response_size() == 0) { |
| + LOG(WARNING) << "Empty policy response."; |
| + status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| + } else if (response.policy_response().response_size() > 1) { |
| + LOG(WARNING) << "More than one response entries, ignoring all but first."; |
| + } |
| + } |
| + |
| + status_ = status; |
| + if (status == DM_STATUS_SUCCESS) { |
| + policy_.reset(new enterprise_management::PolicyFetchResponse( |
| + response.policy_response().response(0))); |
| + FOR_EACH_OBSERVER(Observer, observers_, OnPolicyChanged()); |
| + } else { |
| + FOR_EACH_OBSERVER(Observer, observers_, OnError()); |
| + } |
| +} |
| + |
| +void CloudPolicyClient::OnUnregisterCompleted( |
| + DeviceManagementStatus status, |
| + const em::DeviceManagementResponse& response) { |
| + if (status == DM_STATUS_SUCCESS && !response.has_unregister_response()) { |
| + // Assume unregistration has succeeded either way. |
| + LOG(WARNING) << "Empty unregistration response."; |
| + } |
| + |
| + status_ = status; |
| + if (status == DM_STATUS_SUCCESS) { |
| + dm_token_.clear(); |
| + FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged()); |
| + } else { |
| + FOR_EACH_OBSERVER(Observer, observers_, OnError()); |
| + } |
| +} |
| + |
| +} // namespace policy |