Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(243)

Side by Side Diff: chrome/browser/chromeos/policy/enrollment_handler_chromeos.h

Issue 2186623002: Minimal attestation-based enrollment flow. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed achuithb's feedback. Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_
6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ 6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_
7 7
8 #include <memory> 8 #include <memory>
9 #include <string> 9 #include <string>
10 10
(...skipping 10 matching lines...) Expand all
21 #include "components/policy/core/common/cloud/cloud_policy_store.h" 21 #include "components/policy/core/common/cloud/cloud_policy_store.h"
22 #include "google_apis/gaia/gaia_oauth_client.h" 22 #include "google_apis/gaia/gaia_oauth_client.h"
23 #include "policy/proto/device_management_backend.pb.h" 23 #include "policy/proto/device_management_backend.pb.h"
24 24
25 namespace base { 25 namespace base {
26 class SequencedTaskRunner; 26 class SequencedTaskRunner;
27 } 27 }
28 28
29 namespace chromeos { 29 namespace chromeos {
30 class CryptohomeClient; 30 class CryptohomeClient;
31
32 namespace attestation {
33 class AttestationFlow;
34 }
31 } 35 }
32 36
33 namespace cryptohome { 37 namespace cryptohome {
34 class AsyncMethodCaller; 38 class AsyncMethodCaller;
35 } 39 }
36 40
37 namespace policy { 41 namespace policy {
38 42
39 class DeviceCloudPolicyStoreChromeOS; 43 class DeviceCloudPolicyStoreChromeOS;
40 class ServerBackedStateKeysBroker; 44 class ServerBackedStateKeysBroker;
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after
118 STEP_VALIDATION, // Policy validation. 122 STEP_VALIDATION, // Policy validation.
119 STEP_ROBOT_AUTH_FETCH, // Fetching device API auth code. 123 STEP_ROBOT_AUTH_FETCH, // Fetching device API auth code.
120 STEP_ROBOT_AUTH_REFRESH, // Fetching device API refresh token. 124 STEP_ROBOT_AUTH_REFRESH, // Fetching device API refresh token.
121 STEP_LOCK_DEVICE, // Writing installation-time attributes. 125 STEP_LOCK_DEVICE, // Writing installation-time attributes.
122 STEP_STORE_TOKEN_AND_ID, // Storing DM token and virtual device ID. 126 STEP_STORE_TOKEN_AND_ID, // Storing DM token and virtual device ID.
123 STEP_STORE_ROBOT_AUTH, // Encrypting & writing robot refresh token. 127 STEP_STORE_ROBOT_AUTH, // Encrypting & writing robot refresh token.
124 STEP_STORE_POLICY, // Storing policy and API refresh token. 128 STEP_STORE_POLICY, // Storing policy and API refresh token.
125 STEP_FINISHED, // Enrollment process finished, no further action. 129 STEP_FINISHED, // Enrollment process finished, no further action.
126 }; 130 };
127 131
128 // Handles the response to the attestation flow requesting a registration 132 // Handles the response to a request for server-backed state keys.
129 // certificate. 133 void HandleStateKeysResult(const std::vector<std::string>& state_keys);
134
135 // Starts attestation based enrollment flow.
136 void StartAttestationBasedEnrollmentFlow();
137
138 // Handles the response to a request for a registration certificate.
130 void HandleRegistrationCertificateResult( 139 void HandleRegistrationCertificateResult(
131 bool success, 140 bool success,
132 const std::string& pem_certificate_chain); 141 const std::string& pem_certificate_chain);
133 // Handles the response to a request for server-backed state keys.
134 void HandleStateKeysResult(const std::vector<std::string>& state_keys);
135 142
136 // Starts registration if the store is initialized. 143 // Starts registration if the store is initialized.
137 void StartRegistration(); 144 void StartRegistration();
138 145
139 // Handles the policy validation result, proceeding with device lock if 146 // Handles the policy validation result, proceeding with device lock if
140 // successful. 147 // successful.
141 void HandlePolicyValidationResult(DeviceCloudPolicyValidator* validator); 148 void HandlePolicyValidationResult(DeviceCloudPolicyValidator* validator);
142 149
143 // Calls InstallAttributes::LockDevice() for enterprise enrollment and 150 // Calls InstallAttributes::LockDevice() for enterprise enrollment and
144 // DeviceSettingsService::SetManagementSettings() for consumer 151 // DeviceSettingsService::SetManagementSettings() for consumer
(...skipping 21 matching lines...) Expand all
166 void ReportResult(EnrollmentStatus status); 173 void ReportResult(EnrollmentStatus status);
167 174
168 DeviceCloudPolicyStoreChromeOS* store_; 175 DeviceCloudPolicyStoreChromeOS* store_;
169 EnterpriseInstallAttributes* install_attributes_; 176 EnterpriseInstallAttributes* install_attributes_;
170 ServerBackedStateKeysBroker* state_keys_broker_; 177 ServerBackedStateKeysBroker* state_keys_broker_;
171 cryptohome::AsyncMethodCaller* async_method_caller_; 178 cryptohome::AsyncMethodCaller* async_method_caller_;
172 chromeos::CryptohomeClient* cryptohome_client_; 179 chromeos::CryptohomeClient* cryptohome_client_;
173 std::unique_ptr<CloudPolicyClient> client_; 180 std::unique_ptr<CloudPolicyClient> client_;
174 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; 181 scoped_refptr<base::SequencedTaskRunner> background_task_runner_;
175 std::unique_ptr<gaia::GaiaOAuthClient> gaia_oauth_client_; 182 std::unique_ptr<gaia::GaiaOAuthClient> gaia_oauth_client_;
183 std::unique_ptr<chromeos::attestation::AttestationFlow> attestation_flow_;
176 184
177 EnrollmentConfig enrollment_config_; 185 EnrollmentConfig enrollment_config_;
178 std::string auth_token_; 186 std::string auth_token_;
179 std::string client_id_; 187 std::string client_id_;
180 std::string requisition_; 188 std::string requisition_;
181 AllowedDeviceModes allowed_device_modes_; 189 AllowedDeviceModes allowed_device_modes_;
182 EnrollmentCallback completion_callback_; 190 EnrollmentCallback completion_callback_;
183 191
184 // The current state key provided by |state_keys_broker_|. 192 // The current state key provided by |state_keys_broker_|.
185 std::string current_state_key_; 193 std::string current_state_key_;
(...skipping 21 matching lines...) Expand all
207 int lockbox_init_duration_; 215 int lockbox_init_duration_;
208 216
209 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_; 217 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_;
210 218
211 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS); 219 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS);
212 }; 220 };
213 221
214 } // namespace policy 222 } // namespace policy
215 223
216 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ 224 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/policy/enrollment_config.h ('k') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698