OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_POLICY_USER_POLICY_SIGNIN_SERVICE_H_ | 5 #ifndef CHROME_BROWSER_POLICY_USER_POLICY_SIGNIN_SERVICE_H_ |
6 #define CHROME_BROWSER_POLICY_USER_POLICY_SIGNIN_SERVICE_H_ | 6 #define CHROME_BROWSER_POLICY_USER_POLICY_SIGNIN_SERVICE_H_ |
7 | 7 |
8 #include "base/basictypes.h" | 8 #include "base/basictypes.h" |
| 9 #include "base/callback.h" |
9 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
10 #include "base/memory/weak_ptr.h" | |
11 #include "chrome/browser/policy/cloud_policy_service.h" | 11 #include "chrome/browser/policy/cloud_policy_service.h" |
12 #include "chrome/browser/policy/user_info_fetcher.h" | 12 #include "chrome/browser/policy/user_info_fetcher.h" |
13 #include "chrome/browser/profiles/profile_keyed_service.h" | 13 #include "chrome/browser/profiles/profile_keyed_service.h" |
14 #include "content/public/browser/notification_observer.h" | 14 #include "content/public/browser/notification_observer.h" |
15 #include "content/public/browser/notification_registrar.h" | 15 #include "content/public/browser/notification_registrar.h" |
16 #include "google_apis/gaia/oauth2_access_token_consumer.h" | |
17 | 16 |
18 class OAuth2AccessTokenFetcher; | |
19 class Profile; | 17 class Profile; |
20 | 18 |
21 namespace base { | 19 namespace base { |
22 class Time; | 20 class Time; |
23 } | 21 } |
24 | 22 |
25 namespace policy { | 23 namespace policy { |
26 | 24 |
| 25 class CloudPolicyClientRegistrationHelper; |
| 26 class CloudPolicyClient; |
27 class UserCloudPolicyManager; | 27 class UserCloudPolicyManager; |
28 | 28 |
29 // The UserPolicySigninService is responsible for interacting with the policy | 29 // The UserPolicySigninService is responsible for interacting with the policy |
30 // infrastructure (mainly UserCloudPolicyManager) to load policy for the signed | 30 // infrastructure (mainly UserCloudPolicyManager) to load policy for the signed |
31 // in user. | 31 // in user. |
32 // | 32 // |
33 // At signin time, this class initializes the UCPM and loads policy before any | 33 // At signin time, this class initializes the UCPM and loads policy before any |
34 // other signed in services are initialized. After each restart, this class | 34 // other signed in services are initialized. After each restart, this class |
35 // ensures that the CloudPolicyClient is registered (in case the policy server | 35 // ensures that the CloudPolicyClient is registered (in case the policy server |
36 // was offline during the initial policy fetch) and if not it initiates a fresh | 36 // was offline during the initial policy fetch) and if not it initiates a fresh |
37 // registration process. | 37 // registration process. |
38 // | 38 // |
39 // Finally, if the user signs out, this class is responsible for shutting down | 39 // Finally, if the user signs out, this class is responsible for shutting down |
40 // the policy infrastructure to ensure that any cached policy is cleared. | 40 // the policy infrastructure to ensure that any cached policy is cleared. |
41 class UserPolicySigninService | 41 class UserPolicySigninService |
42 : public ProfileKeyedService, | 42 : public ProfileKeyedService, |
43 public OAuth2AccessTokenConsumer, | |
44 public CloudPolicyService::Observer, | 43 public CloudPolicyService::Observer, |
45 public CloudPolicyClient::Observer, | |
46 public UserInfoFetcher::Delegate, | |
47 public content::NotificationObserver { | 44 public content::NotificationObserver { |
48 public: | 45 public: |
| 46 // The callback invoked once policy registration is complete. Passed |
| 47 // CloudPolicyClient parameter is null if DMToken fetch failed. |
| 48 typedef base::Callback<void(scoped_ptr<CloudPolicyClient>)> |
| 49 PolicyRegistrationCallback; |
| 50 |
49 // The callback invoked once policy fetch is complete. Passed boolean | 51 // The callback invoked once policy fetch is complete. Passed boolean |
50 // parameter is set to true if the policy fetch succeeded. | 52 // parameter is set to true if the policy fetch succeeded. |
51 typedef base::Callback<void(bool)> PolicyFetchCallback; | 53 typedef base::Callback<void(bool)> PolicyFetchCallback; |
52 | 54 |
53 // Creates a UserPolicySigninService associated with the passed |profile|. | 55 // Creates a UserPolicySigninService associated with the passed |profile|. |
54 explicit UserPolicySigninService(Profile* profile); | 56 explicit UserPolicySigninService(Profile* profile); |
55 virtual ~UserPolicySigninService(); | 57 virtual ~UserPolicySigninService(); |
56 | 58 |
57 // Initiates a policy fetch as part of user signin. The |oauth2_access_token| | 59 // Registers a CloudPolicyClient for fetching policy for a user. The |
58 // is explicitly passed because TokenService does not have the token yet | 60 // |oauth2_login_token| and |username| are explicitly passed because |
59 // (to prevent services from using it until after we've fetched policy). | 61 // the user is not signed in yet (TokenService does not have any tokens yet |
60 // |callback| is invoked once the policy fetch is complete, passing true if | 62 // to prevent services from using it until after we've fetched policy). |
61 // the policy fetch succeeded. | 63 void RegisterPolicyClient(const std::string& username, |
62 void FetchPolicyForSignedInUser(const std::string& oauth2_access_token, | 64 const std::string& oauth2_login_token, |
| 65 const PolicyRegistrationCallback& callback); |
| 66 |
| 67 // Initiates a policy fetch as part of user signin, using a CloudPolicyClient |
| 68 // previously initialized via RegisterPolicyClient. |callback| is invoked |
| 69 // once the policy fetch is complete, passing true if the policy fetch |
| 70 // succeeded. |
| 71 void FetchPolicyForSignedInUser(scoped_ptr<CloudPolicyClient> client, |
63 const PolicyFetchCallback& callback); | 72 const PolicyFetchCallback& callback); |
64 | 73 |
65 // content::NotificationObserver implementation. | 74 // content::NotificationObserver implementation. |
66 virtual void Observe(int type, | 75 virtual void Observe(int type, |
67 const content::NotificationSource& source, | 76 const content::NotificationSource& source, |
68 const content::NotificationDetails& details) OVERRIDE; | 77 const content::NotificationDetails& details) OVERRIDE; |
69 | 78 |
70 // CloudPolicyService::Observer implementation. | 79 // CloudPolicyService::Observer implementation. |
71 virtual void OnInitializationCompleted(CloudPolicyService* service) OVERRIDE; | 80 virtual void OnInitializationCompleted(CloudPolicyService* service) OVERRIDE; |
72 | 81 |
73 // CloudPolicyClient::Observer implementation. | |
74 virtual void OnClientError(CloudPolicyClient* client) OVERRIDE; | |
75 virtual void OnPolicyFetched(CloudPolicyClient* client) OVERRIDE; | |
76 virtual void OnRegistrationStateChanged(CloudPolicyClient* client) OVERRIDE; | |
77 | |
78 // OAuth2AccessTokenConsumer implementation. | |
79 virtual void OnGetTokenSuccess(const std::string& access_token, | |
80 const base::Time& expiration_time) OVERRIDE; | |
81 virtual void OnGetTokenFailure(const GoogleServiceAuthError& error) OVERRIDE; | |
82 | |
83 // ProfileKeyedService implementation: | 82 // ProfileKeyedService implementation: |
84 virtual void Shutdown() OVERRIDE; | 83 virtual void Shutdown() OVERRIDE; |
85 | 84 |
86 // UserInfoFetcher::Delegate implementation: | 85 private: |
87 virtual void OnGetUserInfoSuccess(const DictionaryValue* response) OVERRIDE; | 86 // Returns false if cloud policy is disabled or if the passed |email_address| |
88 virtual void OnGetUserInfoFailure( | 87 // is definitely not from a hosted domain (according to the blacklist in |
89 const GoogleServiceAuthError& error) OVERRIDE; | 88 // BrowserPolicyConnector::IsNonEnterpriseUser()). |
| 89 bool ShouldLoadPolicyForUser(const std::string& email_address); |
90 | 90 |
91 private: | 91 // Initializes the UserCloudPolicyManager using the passed CloudPolicyClient. |
92 // Returns false if cloud policy is disabled or if the currently signed-in | 92 void InitializeUserCloudPolicyManager(scoped_ptr<CloudPolicyClient> client); |
93 // user is definitely not from a hosted domain (according to the blacklist in | |
94 // BrowserPolicyConnector::IsNonEnterpriseUser()). | |
95 bool ShouldLoadPolicyForSignedInUser(); | |
96 | 93 |
97 // Initializes the UserCloudPolicyManager to reflect the currently-signed-in | 94 // Initializes the UserCloudPolicyManager with policy for the currently |
98 // user. | 95 // signed-in user. |
99 void InitializeUserCloudPolicyManager(); | 96 void InitializeForSignedInUser(); |
100 | 97 |
101 // Fetches an OAuth token to allow the cloud policy service to register with | 98 // Fetches an OAuth token to allow the cloud policy service to register with |
102 // the cloud policy server. |oauth_login_token| should contain an OAuth login | 99 // the cloud policy server. |oauth_login_token| should contain an OAuth login |
103 // refresh token that can be downscoped to get an access token for the | 100 // refresh token that can be downscoped to get an access token for the |
104 // device_management service. | 101 // device_management service. |
105 void RegisterCloudPolicyService(std::string oauth_login_token); | 102 void RegisterCloudPolicyService(std::string oauth_login_token); |
106 | 103 |
| 104 // Callback invoked when policy registration has finished. |
| 105 void OnRegistrationComplete(); |
| 106 |
107 // Helper routines to (un)register for CloudPolicyService and | 107 // Helper routines to (un)register for CloudPolicyService and |
108 // CloudPolicyClient notifications. | 108 // CloudPolicyClient notifications. |
109 void StartObserving(); | 109 void StartObserving(); |
110 void StopObserving(); | 110 void StopObserving(); |
111 | 111 |
112 // If a policy fetch was requested, invokes the callback passing through the | |
113 // |success| flag. | |
114 void NotifyPendingFetchCallback(bool success); | |
115 | |
116 // Shuts down the UserCloudPolicyManager (for example, after the user signs | 112 // Shuts down the UserCloudPolicyManager (for example, after the user signs |
117 // out) and deletes any cached policy. | 113 // out) and deletes any cached policy. |
118 void ShutdownUserCloudPolicyManager(); | 114 void ShutdownUserCloudPolicyManager(); |
119 | 115 |
| 116 // Invoked when a policy registration request is complete. |
| 117 void CallPolicyRegistrationCallback(scoped_ptr<CloudPolicyClient> client, |
| 118 PolicyRegistrationCallback callback); |
| 119 |
120 // Convenience helper to get the UserCloudPolicyManager for |profile_|. | 120 // Convenience helper to get the UserCloudPolicyManager for |profile_|. |
121 UserCloudPolicyManager* GetManager(); | 121 UserCloudPolicyManager* GetManager(); |
122 | 122 |
123 // WeakPtrFactory used to create callbacks for loading policy. | |
124 base::WeakPtrFactory<UserPolicySigninService> weak_factory_; | |
125 | |
126 // Weak pointer to the profile this service is associated with. | 123 // Weak pointer to the profile this service is associated with. |
127 Profile* profile_; | 124 Profile* profile_; |
128 | 125 |
129 // If true, we have a pending fetch so notify the callback the next time | |
130 // the appropriate notification is delivered from CloudPolicyService/Client. | |
131 bool pending_fetch_; | |
132 | |
133 // The callback to invoke when the pending policy fetch is completed. | |
134 PolicyFetchCallback pending_fetch_callback_; | |
135 | |
136 content::NotificationRegistrar registrar_; | 126 content::NotificationRegistrar registrar_; |
137 | 127 |
138 // Fetcher used while obtaining an OAuth token for client registration. | 128 scoped_ptr<CloudPolicyClientRegistrationHelper> registration_helper_; |
139 scoped_ptr<OAuth2AccessTokenFetcher> oauth2_access_token_fetcher_; | |
140 | |
141 // Helper class for fetching information from GAIA about the currently | |
142 // signed-in user. | |
143 scoped_ptr<UserInfoFetcher> user_info_fetcher_; | |
144 | |
145 // Access token used to register the CloudPolicyClient and also access | |
146 // GAIA to get information about the signed in user. | |
147 std::string oauth_access_token_; | |
148 | 129 |
149 DISALLOW_COPY_AND_ASSIGN(UserPolicySigninService); | 130 DISALLOW_COPY_AND_ASSIGN(UserPolicySigninService); |
150 }; | 131 }; |
151 | 132 |
152 } // namespace policy | 133 } // namespace policy |
153 | 134 |
154 #endif // CHROME_BROWSER_POLICY_USER_POLICY_SIGNIN_SERVICE_H_ | 135 #endif // CHROME_BROWSER_POLICY_USER_POLICY_SIGNIN_SERVICE_H_ |
OLD | NEW |