Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(360)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/policy/core/common/cloud/cloud_policy_client.h

Issue 2261763002: Device enterprise registration with a certificate. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed more feedback. Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/policy/core/browser/cloud/message_util.cc ('k') | components/policy/core/common/cloud/cloud_policy_client.cc » ('j') | components/policy/core/common/cloud/cloud_policy_client.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/policy/core/common/cloud/cloud_policy_client.h
diff --git a/components/policy/core/common/cloud/cloud_policy_client.h b/components/policy/core/common/cloud/cloud_policy_client.h
index 2fb9f4bdc5c24a312649adeb212d321c6e072943..d2fec13505cf9b0d233a0b383493e371ac971961 100644
--- a/components/policy/core/common/cloud/cloud_policy_client.h
+++ b/components/policy/core/common/cloud/cloud_policy_client.h
@@ -24,6 +24,10 @@
#include "components/policy/policy_export.h"
#include "policy/proto/device_management_backend.pb.h"
+namespace cryptohome {
+class AsyncMethodCaller;
+}
+
namespace net {
class URLRequestContextGetter;
}
@@ -79,10 +83,31 @@ class POLICY_EXPORT CloudPolicyClient {
virtual void OnClientError(CloudPolicyClient* client) = 0;
};
+ // Data signing interface.
+ class POLICY_EXPORT SigningService {
+ public:
+ typedef base::Callback<void(bool success,
achuithb 2016/08/23 18:40:28 use using here instead. https://groups.google.com/
The one and only Dr. Crash 2016/08/24 05:53:44 Done.
+ enterprise_management::SignedData signed_data)>
+ SigningCallback;
+
+ // Signs |data| and calls |callback| with the signed data.
+ virtual void SignData(const std::string& data,
+ SigningCallback callback) = 0;
achuithb 2016/08/23 18:40:28 pass const reference instead.
The one and only Dr. Crash 2016/08/24 05:53:44 Done.
+ };
+
// |provider| and |service| are weak pointers and it's the caller's
// responsibility to keep them valid for the lifetime of CloudPolicyClient.
// |verification_key_hash| contains an identifier telling the DMServer which
- // verification key to use.
+ // verification key to use. The |signing_service| is used to sign sensitive
+ // requests.
+ CloudPolicyClient(
+ const std::string& machine_id,
+ const std::string& machine_model,
+ const std::string& verification_key_hash,
+ DeviceManagementService* service,
+ scoped_refptr<net::URLRequestContextGetter> request_context,
+ SigningService* signing_service);
+ // Constructs a client without signing support.
CloudPolicyClient(
achuithb 2016/08/23 18:40:28 we don't prefer multiple ctors. Please just use th
The one and only Dr. Crash 2016/08/24 05:53:44 Done.
const std::string& machine_id,
const std::string& machine_model,
@@ -107,6 +132,17 @@ class POLICY_EXPORT CloudPolicyClient {
const std::string& requisition,
const std::string& current_state_key);
+ // Attempts to register with the device management service using a
+ // registration certificate. Results in a registration change or
+ // error notification.
+ virtual void RegisterWithCertificate(
+ enterprise_management::DeviceRegisterRequest::Type registration_type,
+ enterprise_management::DeviceRegisterRequest::Flavor flavor,
+ const std::string& pem_certificate_chain,
+ const std::string& client_id,
+ const std::string& requisition,
+ const std::string& current_state_key);
+
// Sets information about a policy invalidation. Subsequent fetch operations
// will use the given info, and callers can use fetched_invalidation_version
// to determine which version of policy was fetched.
@@ -269,6 +305,10 @@ class POLICY_EXPORT CloudPolicyClient {
// Callback for retries of registration requests.
void OnRetryRegister(DeviceManagementRequestJob* job);
+ // Callback for siganture of requests.
+ void OnRegisterWithCertificateRequestSigned(bool success,
+ enterprise_management::SignedData signed_data);
+
// Callback for registration requests.
void OnRegisterCompleted(
DeviceManagementStatus status,
@@ -376,6 +416,9 @@ class POLICY_EXPORT CloudPolicyClient {
// Used for issuing requests to the cloud.
DeviceManagementService* service_;
+ // Used for signing requests.
+ SigningService* signing_service_;
+
// Only one outstanding policy fetch is allowed, so this is tracked in
// its own member variable.
std::unique_ptr<DeviceManagementRequestJob> policy_fetch_request_job_;
@@ -392,6 +435,8 @@ class POLICY_EXPORT CloudPolicyClient {
scoped_refptr<net::URLRequestContextGetter> request_context_;
private:
+ void SetClientId(const std::string& client_id);
+
DISALLOW_COPY_AND_ASSIGN(CloudPolicyClient);
};
« no previous file with comments | « components/policy/core/browser/cloud/message_util.cc ('k') | components/policy/core/common/cloud/cloud_policy_client.cc » ('j') | components/policy/core/common/cloud/cloud_policy_client.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698