chromeos/dbus/auth_policy_client.h - Issue 2519823006: Chromad: Add authentication flow

Side by Side Diff: chromeos/dbus/auth_policy_client.h

Issue 2519823006: Chromad: Add authentication flow (Closed)

Patch Set: Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« chrome/browser/ui/webui/chromeos/login/gaia_screen_handler.cc ('K') | « chrome/browser/ui/webui/chromeos/login/gaia_screen_handler.cc ('k') | chromeos/dbus/auth_policy_client.cc » ('j') | components/signin/core/account_id/account_id.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2016 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef CHROMEOS_DBUS_AUTH_POLICY_CLIENT_H_	5 #ifndef CHROMEOS_DBUS_AUTH_POLICY_CLIENT_H_

6 #define CHROMEOS_DBUS_AUTH_POLICY_CLIENT_H_	6 #define CHROMEOS_DBUS_AUTH_POLICY_CLIENT_H_

7	7

8 #include <string>	8 #include <string>

9	9

10 #include "base/callback.h"	10 #include "base/callback.h"

11 #include "chromeos/chromeos_export.h"	11 #include "chromeos/chromeos_export.h"

12 #include "chromeos/dbus/dbus_client.h"	12 #include "chromeos/dbus/dbus_client.h"

13	13

14 // TODO(rsorokin): Switch to service constants when it's landed.	14 // TODO(rsorokin): Switch to service constants when it's landed.

15 // (see crbug.com/659732)	15 // (see crbug.com/659732)

16 namespace authpolicy {	16 namespace authpolicy {
	hashimoto 2016/11/28 03:28:50 nit: Please put a blank line here. nit: Please put a blank line here. Roman Sorokin (ftl) 2016/12/02 12:35:12 Done. Show quoted text On 2016/11/28 03:28:50, hashimoto wrote: > nit: Please put a blank line here. Done.
17 enum ADJoinErrorType {	17 enum ADJoinErrorType {

18 AD_JOIN_ERROR_NONE = 0,	18 AD_JOIN_ERROR_NONE = 0,

19 AD_JOIN_ERROR_UNKNOWN = 1,	19 AD_JOIN_ERROR_UNKNOWN = 1,

20 AD_JOIN_ERROR_DBUS_FAIL = 2,	20 AD_JOIN_ERROR_DBUS_FAIL = 2,

21 };	21 };

22 }	22

	23 enum AuthUserErrorType {

	24 AUTH_USER_ERROR_NONE = 0,

	25 AUTH_USER_ERROR_UNKNOWN = 1,

	26 AUTH_USER_ERROR_DBUS_FAILURE = 2,

	27 };
	hashimoto 2016/11/28 03:28:50 ditto. ditto. Roman Sorokin (ftl) 2016/12/02 12:35:12 Done. Show quoted text On 2016/11/28 03:28:50, hashimoto wrote: > ditto. Done.
	28 } // namespace authpolicy

23	29

24 namespace chromeos {	30 namespace chromeos {

25	31

26 // AuthPolicyClient is used to communicate with the org.chromium.AuthPolicy	32 // AuthPolicyClient is used to communicate with the org.chromium.AuthPolicy

27 // sevice. All method should be called from the origin thread (UI thread) which	33 // sevice. All method should be called from the origin thread (UI thread) which

28 // initializes the DBusThreadManager instance.	34 // initializes the DBusThreadManager instance.

29 class CHROMEOS_EXPORT AuthPolicyClient : public DBusClient {	35 class CHROMEOS_EXPORT AuthPolicyClient : public DBusClient {

30 public:	36 public:

	37 // \|user_id\| is a unique id for the users. Using objectGUID from Active

	38 // Directory server.

	39 using AuthCallback =

	40 base::Callback<void(int error_code, const std::string& user_id)>;

31 using JoinCallback = base::Callback<void(int error_code)>;	41 using JoinCallback = base::Callback<void(int error_code)>;

32 using RefreshPolicyCallback = base::Callback<void(bool success)>;	42 using RefreshPolicyCallback = base::Callback<void(bool success)>;

33	43

34 ~AuthPolicyClient() override;	44 ~AuthPolicyClient() override;

35	45

36 // Factory function, creates a new instance and returns ownership.	46 // Factory function, creates a new instance and returns ownership.

37 // For normal usage, access the singleton via DBusThreadManager::Get().	47 // For normal usage, access the singleton via DBusThreadManager::Get().

38 static AuthPolicyClient* Create();	48 static AuthPolicyClient* Create();

39	49

40 // Calls JoinADDomain. It runs "net ads join ..." which joins machine to	50 // Calls JoinADDomain. It runs "net ads join ..." which joins machine to

41 // Active directory domain.	51 // Active directory domain.

42 // \|machine_name\| is a name for a local machine. \|user\|,	52 // \|machine_name\| is a name for a local machine. \|user\|,
	hashimoto 2016/11/28 03:28:50 user -> user_principal_name user -> user_principal_name Roman Sorokin (ftl) 2016/12/02 12:35:12 Done. Show quoted text On 2016/11/28 03:28:50, hashimoto wrote: > user -> user_principal_name Done.
43 // \|password_fd\| are credentials of the Active directory account which has	53 // \|password_fd\| are credentials of the Active directory account which has

44 // right to join the machine to the domain. \|password_fd\| is a file descriptor	54 // right to join the machine to the domain. \|password_fd\| is a file descriptor

45 // password is read from. The caller should close it after the call.	55 // password is read from. The caller should close it after the call.

46 // \|callback\| is called after the method call succeeds.	56 // \|callback\| is called after the method call succeeds.

47 virtual void JoinAdDomain(const std::string& machine_name,	57 virtual void JoinAdDomain(const std::string& machine_name,

48 const std::string& user,	58 const std::string& user_principal_name,

49 int password_fd,	59 int password_fd,

50 const JoinCallback& callback) = 0;	60 const JoinCallback& callback) = 0;

51	61

	62 // Calls AuthenticateUser. It runs "kinit <user_principal_name> .. " which

	63 // does kerberos authentication against Active Directory server.

	64 // \|password_fd\| is similar to the one in the JoinAdDomain.

	65 // \|callback\| is called after the method call succeeds.
	xiyuan 2016/11/28 23:43:05 Think \|callback\| is invoked when auth fails as wel Think \|callback\| is invoked when auth fails as well. Please update the comment to avoid confusions. Roman Sorokin (ftl) 2016/12/02 12:35:12 Done. Show quoted text On 2016/11/28 23:43:05, xiyuan wrote: > Think \|callback\| is invoked when auth fails as well. Please update the comment > to avoid confusions. Done.
	66 virtual void AuthenticateUser(const std::string& user_principal_name,

	67 int password_fd,

	68 const AuthCallback& callback) = 0;

	69

52 // Calls RefreshDevicePolicy - handle policy for the device.	70 // Calls RefreshDevicePolicy - handle policy for the device.

53 // Fetch GPO files from Active directory server, parse it, encode it into	71 // Fetch GPO files from Active directory server, parse it, encode it into

54 // protobuf and send to SessionManager. Callback is called after that.	72 // protobuf and send to SessionManager. Callback is called after that.

55 virtual void RefreshDevicePolicy(const RefreshPolicyCallback& callback) = 0;	73 virtual void RefreshDevicePolicy(const RefreshPolicyCallback& callback) = 0;

56	74

57 // Calls RefreshUserPolicy - handle policy for the user specified by	75 // Calls RefreshUserPolicy - handle policy for the user specified by

58 // \|account_id\|. Similar to RefreshDevicePolicy.	76 // \|account_id\|. Similar to RefreshDevicePolicy.

59 virtual void RefreshUserPolicy(const std::string& account_id,	77 virtual void RefreshUserPolicy(const std::string& account_id,

60 const RefreshPolicyCallback& callback) = 0;	78 const RefreshPolicyCallback& callback) = 0;

61	79

62 protected:	80 protected:

63 // Create() should be used instead.	81 // Create() should be used instead.

64 AuthPolicyClient();	82 AuthPolicyClient();

65	83

66 private:	84 private:

67 DISALLOW_COPY_AND_ASSIGN(AuthPolicyClient);	85 DISALLOW_COPY_AND_ASSIGN(AuthPolicyClient);

68 };	86 };

69	87

70 } // namespace chromeos	88 } // namespace chromeos

71	89

72 #endif // CHROMEOS_DBUS_AUTH_POLICY_CLIENT_H_	90 #endif // CHROMEOS_DBUS_AUTH_POLICY_CLIENT_H_

OLD	NEW