| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | 6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| 11 #include "base/compiler_specific.h" | 11 #include "base/compiler_specific.h" |
| 12 #include "base/macros.h" | 12 #include "base/macros.h" |
| 13 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
| 14 #include "base/memory/weak_ptr.h" | 14 #include "base/memory/weak_ptr.h" |
| 15 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" | 15 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" |
| 16 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h" | 16 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h" |
| 17 #include "chrome/browser/chromeos/policy/enrollment_config.h" | 17 #include "chrome/browser/chromeos/policy/enrollment_config.h" |
| 18 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" | 18 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" |
| 19 #include "components/policy/core/common/cloud/cloud_policy_client.h" | 19 #include "components/policy/core/common/cloud/cloud_policy_client.h" |
| 20 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 20 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 21 #include "components/policy/core/common/cloud/cloud_policy_store.h" | 21 #include "components/policy/core/common/cloud/cloud_policy_store.h" |
| 22 #include "components/policy/proto/device_management_backend.pb.h" | 22 #include "components/policy/proto/device_management_backend.pb.h" |
| 23 #include "google_apis/gaia/gaia_oauth_client.h" | 23 #include "google_apis/gaia/gaia_oauth_client.h" |
| 24 | 24 |
| 25 namespace base { | 25 namespace base { |
| 26 class SequencedTaskRunner; | 26 class SequencedTaskRunner; |
| 27 } | 27 } |
| 28 | 28 |
| 29 namespace chromeos { | 29 namespace chromeos { |
| 30 class CryptohomeClient; | |
| 31 | |
| 32 namespace attestation { | 30 namespace attestation { |
| 33 class AttestationFlow; | 31 class AttestationFlow; |
| 34 } | 32 } |
| 35 } | 33 } |
| 36 | 34 |
| 37 namespace cryptohome { | |
| 38 class AsyncMethodCaller; | |
| 39 } | |
| 40 | |
| 41 namespace policy { | 35 namespace policy { |
| 42 | 36 |
| 43 class DeviceCloudPolicyStoreChromeOS; | 37 class DeviceCloudPolicyStoreChromeOS; |
| 44 class ServerBackedStateKeysBroker; | 38 class ServerBackedStateKeysBroker; |
| 45 | 39 |
| 46 // Implements the logic that establishes enterprise enrollment for Chromium OS | 40 // Implements the logic that establishes enterprise enrollment for Chromium OS |
| 47 // devices. The process is as follows: | 41 // devices. The process is as follows: |
| 48 // 1. Given an auth token, register with the policy service. | 42 // 1. Given an auth token, register with the policy service. |
| 49 // 2. Download the initial policy blob from the service. | 43 // 2. Download the initial policy blob from the service. |
| 50 // 3. Verify the policy blob. Everything up to this point doesn't touch device | 44 // 3. Verify the policy blob. Everything up to this point doesn't touch device |
| (...skipping 14 matching lines...) Expand all Loading... |
| 65 | 59 |
| 66 // |store| and |install_attributes| must remain valid for the life time of the | 60 // |store| and |install_attributes| must remain valid for the life time of the |
| 67 // enrollment handler. |allowed_device_modes| determines what device modes | 61 // enrollment handler. |allowed_device_modes| determines what device modes |
| 68 // are acceptable. If the mode specified by the server is not acceptable, | 62 // are acceptable. If the mode specified by the server is not acceptable, |
| 69 // enrollment will fail with an EnrollmentStatus indicating | 63 // enrollment will fail with an EnrollmentStatus indicating |
| 70 // STATUS_REGISTRATION_BAD_MODE. | 64 // STATUS_REGISTRATION_BAD_MODE. |
| 71 EnrollmentHandlerChromeOS( | 65 EnrollmentHandlerChromeOS( |
| 72 DeviceCloudPolicyStoreChromeOS* store, | 66 DeviceCloudPolicyStoreChromeOS* store, |
| 73 EnterpriseInstallAttributes* install_attributes, | 67 EnterpriseInstallAttributes* install_attributes, |
| 74 ServerBackedStateKeysBroker* state_keys_broker, | 68 ServerBackedStateKeysBroker* state_keys_broker, |
| 75 cryptohome::AsyncMethodCaller* async_method_caller, | 69 chromeos::attestation::AttestationFlow* attestation_flow, |
| 76 chromeos::CryptohomeClient* cryptohome_client, | |
| 77 std::unique_ptr<CloudPolicyClient> client, | 70 std::unique_ptr<CloudPolicyClient> client, |
| 78 scoped_refptr<base::SequencedTaskRunner> background_task_runner, | 71 scoped_refptr<base::SequencedTaskRunner> background_task_runner, |
| 79 const EnrollmentConfig& enrollment_config, | 72 const EnrollmentConfig& enrollment_config, |
| 80 const std::string& auth_token, | 73 const std::string& auth_token, |
| 81 const std::string& client_id, | 74 const std::string& client_id, |
| 82 const std::string& requisition, | 75 const std::string& requisition, |
| 83 const AllowedDeviceModes& allowed_device_modes, | 76 const AllowedDeviceModes& allowed_device_modes, |
| 84 const EnrollmentCallback& completion_callback); | 77 const EnrollmentCallback& completion_callback); |
| 85 ~EnrollmentHandlerChromeOS() override; | 78 ~EnrollmentHandlerChromeOS() override; |
| 86 | 79 |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 168 | 161 |
| 169 // Drops any ongoing actions. | 162 // Drops any ongoing actions. |
| 170 void Stop(); | 163 void Stop(); |
| 171 | 164 |
| 172 // Reports the result of the enrollment process to the initiator. | 165 // Reports the result of the enrollment process to the initiator. |
| 173 void ReportResult(EnrollmentStatus status); | 166 void ReportResult(EnrollmentStatus status); |
| 174 | 167 |
| 175 DeviceCloudPolicyStoreChromeOS* store_; | 168 DeviceCloudPolicyStoreChromeOS* store_; |
| 176 EnterpriseInstallAttributes* install_attributes_; | 169 EnterpriseInstallAttributes* install_attributes_; |
| 177 ServerBackedStateKeysBroker* state_keys_broker_; | 170 ServerBackedStateKeysBroker* state_keys_broker_; |
| 178 cryptohome::AsyncMethodCaller* async_method_caller_; | 171 chromeos::attestation::AttestationFlow* attestation_flow_; |
| 179 chromeos::CryptohomeClient* cryptohome_client_; | |
| 180 std::unique_ptr<CloudPolicyClient> client_; | 172 std::unique_ptr<CloudPolicyClient> client_; |
| 181 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; | 173 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; |
| 182 std::unique_ptr<gaia::GaiaOAuthClient> gaia_oauth_client_; | 174 std::unique_ptr<gaia::GaiaOAuthClient> gaia_oauth_client_; |
| 183 std::unique_ptr<chromeos::attestation::AttestationFlow> attestation_flow_; | |
| 184 | 175 |
| 185 EnrollmentConfig enrollment_config_; | 176 EnrollmentConfig enrollment_config_; |
| 186 std::string auth_token_; | 177 std::string auth_token_; |
| 187 std::string client_id_; | 178 std::string client_id_; |
| 188 std::string requisition_; | 179 std::string requisition_; |
| 189 AllowedDeviceModes allowed_device_modes_; | 180 AllowedDeviceModes allowed_device_modes_; |
| 190 EnrollmentCallback completion_callback_; | 181 EnrollmentCallback completion_callback_; |
| 191 | 182 |
| 192 // The current state key provided by |state_keys_broker_|. | 183 // The current state key provided by |state_keys_broker_|. |
| 193 std::string current_state_key_; | 184 std::string current_state_key_; |
| (...skipping 21 matching lines...) Expand all Loading... |
| 215 int lockbox_init_duration_; | 206 int lockbox_init_duration_; |
| 216 | 207 |
| 217 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_; | 208 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_; |
| 218 | 209 |
| 219 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS); | 210 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS); |
| 220 }; | 211 }; |
| 221 | 212 |
| 222 } // namespace policy | 213 } // namespace policy |
| 223 | 214 |
| 224 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | 215 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2276593004:
Device registration using an enrollment certificate from the PCA. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master