Execute ClientCertResolver on network disconnection.

chromeos/network/client_cert_resolver.h

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_
 #define CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_
 
 #include <set>
 #include <string>
 #include <vector>
 
 #include "base/basictypes.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
-#include "base/memory/scoped_ptr.h"
 #include "base/memory/weak_ptr.h"
 #include "base/observer_list.h"
+#include "base/time/time.h"
 #include "chromeos/cert_loader.h"
 #include "chromeos/chromeos_export.h"
 #include "chromeos/network/client_cert_util.h"
 #include "chromeos/network/network_policy_observer.h"
 #include "chromeos/network/network_state_handler.h"
 #include "chromeos/network/network_state_handler_observer.h"
 
 namespace base {
+class Clock;
 class TaskRunner;
 }
 
 namespace chromeos {
 
 class NetworkState;
 class ManagedNetworkConfigurationHandler;
 
 // Observes the known networks. If a network is configured with a client
 // certificate pattern, this class searches for a matching client certificate.
@@ skipping 31 matching lines @@
       const scoped_refptr<base::TaskRunner>& task_runner);
 
   void AddObserver(Observer* observer);
   void RemoveObserver(Observer* observer);
 
   // Returns true if any resolve tasks are running. Every time a task finishes
   // and no further requests are pending, a notification is sent, see
   // |Observer|.
   bool IsAnyResolveTaskRunning() const;
 
+  // Sets the clock for testing. This clock is used when checking the
+  // certificates for expiration.
+  void SetClockForTesting(base::Clock* clock);
+
   // Returns true and sets the Shill properties that have to be configured in
   // |shill_properties| if the certificate pattern |pattern| could be resolved.
   // Returns false otherwise and sets empty Shill properties to clear the
   // certificate configuration.
+  // Note that it uses the global clock when checking the certificates for
+  // expiration.
   static bool ResolveCertificatePatternSync(
       const client_cert::ConfigType client_cert_type,
       const CertificatePattern& pattern,
       base::DictionaryValue* shill_properties);
 
  private:
   // NetworkStateHandlerObserver overrides
   void NetworkListChanged() override;
+  void NetworkConnectionStateChanged(const NetworkState* network) override;
 
   // CertLoader::Observer overrides
   void OnCertificatesLoaded(const net::CertificateList& cert_list,
                             bool initial_load) override;
 
   // NetworkPolicyObserver overrides
   void PolicyAppliedToNetwork(const std::string& service_path) override;
 
   // Check which networks of |networks| are configured with a client certificate
   // pattern. Search for certificates, on the worker thread, and configure the
   // networks for which a matching cert is found (see ConfigureCertificates).
   void ResolveNetworks(const NetworkStateHandler::NetworkStateList& networks);
 
   // Resolves certificates for the pending networks. This will always trigger a
   // ResolveRequestCompleted notification, even if the queue is empty.
   void ResolvePendingNetworks();
 
   // |matches| contains networks for which a matching certificate was found.
   // Configures these networks.
   void ConfigureCertificates(std::vector<NetworkAndMatchingCert>* matches);
 
   // Trigger a ResolveRequestCompleted event on all observers.
   void NotifyResolveRequestCompleted();
 
+  // Returns Time::Now() unless a mock clock has been installed with
+  // SetClockForTesting, in which case the time according to that clock is used
+  // instead.
+  base::Time Now() const;
+
   base::ObserverList<Observer> observers_;
 
   // The set of networks that were checked/resolved in previous passes. These
   // networks are skipped in the NetworkListChanged notification.
   std::set<std::string> resolved_networks_;
 
   // The list of network paths that still have to be resolved.
   std::set<std::string> queued_networks_to_resolve_;
 
   // True if currently a resolve task is running.
   bool resolve_task_running_;
 
   // True if any network properties were changed since the last notification to
   // observers.
   bool network_properties_changed_;
 
   // Unowned associated (global or test) instance.
   NetworkStateHandler* network_state_handler_;
 
   // Unowned associated (global or test) instance.
   ManagedNetworkConfigurationHandler* managed_network_config_handler_;
 
   // TaskRunner for slow tasks.
   scoped_refptr<base::TaskRunner> slow_task_runner_for_test_;
 
+  // Can be set for testing.
+  base::Clock* testing_clock_;
+
   base::WeakPtrFactory<ClientCertResolver> weak_ptr_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(ClientCertResolver);
 };
 
 }  // namespace chromeos
 
 #endif  // CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_