| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | 6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| 11 #include "base/compiler_specific.h" | 11 #include "base/compiler_specific.h" |
| 12 #include "base/memory/ref_counted.h" | 12 #include "base/memory/ref_counted.h" |
| 13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/memory/weak_ptr.h" | 14 #include "base/memory/weak_ptr.h" |
| 15 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" | 15 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" |
| 16 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h" | 16 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h" |
| 17 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" | 17 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" |
| 18 #include "components/policy/core/common/cloud/cloud_policy_client.h" | 18 #include "components/policy/core/common/cloud/cloud_policy_client.h" |
| 19 #include "components/policy/core/common/cloud/cloud_policy_store.h" | 19 #include "components/policy/core/common/cloud/cloud_policy_store.h" |
| 20 #include "google_apis/gaia/gaia_oauth_client.h" | 20 #include "google_apis/gaia/gaia_oauth_client.h" |
| 21 | 21 |
| 22 namespace base { | 22 namespace base { |
| 23 class SequencedTaskRunner; | 23 class SequencedTaskRunner; |
| 24 } | 24 } |
| 25 | 25 |
| 26 namespace enterprise_management { | 26 namespace enterprise_management { |
| 27 class PolicyFetchResponse; | 27 class PolicyFetchResponse; |
| 28 } | 28 } |
| 29 | 29 |
| 30 class PrefRegistrySimple; |
| 31 class PrefService; |
| 32 |
| 30 namespace policy { | 33 namespace policy { |
| 31 | 34 |
| 32 class DeviceCloudPolicyStoreChromeOS; | 35 class DeviceCloudPolicyStoreChromeOS; |
| 33 class ServerBackedStateKeysBroker; | 36 class ServerBackedStateKeysBroker; |
| 34 | 37 |
| 35 // Implements the logic that establishes enterprise enrollment for Chromium OS | 38 // Implements the logic that establishes enterprise enrollment for Chromium OS |
| 36 // devices. The process is as follows: | 39 // devices. The process is as follows: |
| 37 // 1. Given an auth token, register with the policy service. | 40 // 1. Given an auth token, register with the policy service. |
| 38 // 2. Download the initial policy blob from the service. | 41 // 2. Download the initial policy blob from the service. |
| 39 // 3. Verify the policy blob. Everything up to this point doesn't touch device | 42 // 3. Verify the policy blob. Everything up to this point doesn't touch device |
| (...skipping 11 matching lines...) Expand all Loading... |
| 51 AllowedDeviceModes; | 54 AllowedDeviceModes; |
| 52 typedef DeviceCloudPolicyInitializer::EnrollmentCallback | 55 typedef DeviceCloudPolicyInitializer::EnrollmentCallback |
| 53 EnrollmentCallback; | 56 EnrollmentCallback; |
| 54 | 57 |
| 55 // |store| and |install_attributes| must remain valid for the life time of the | 58 // |store| and |install_attributes| must remain valid for the life time of the |
| 56 // enrollment handler. |allowed_device_modes| determines what device modes | 59 // enrollment handler. |allowed_device_modes| determines what device modes |
| 57 // are acceptable. If the mode specified by the server is not acceptable, | 60 // are acceptable. If the mode specified by the server is not acceptable, |
| 58 // enrollment will fail with an EnrollmentStatus indicating | 61 // enrollment will fail with an EnrollmentStatus indicating |
| 59 // STATUS_REGISTRATION_BAD_MODE. | 62 // STATUS_REGISTRATION_BAD_MODE. |
| 60 EnrollmentHandlerChromeOS( | 63 EnrollmentHandlerChromeOS( |
| 64 PrefService* local_state, |
| 61 DeviceCloudPolicyStoreChromeOS* store, | 65 DeviceCloudPolicyStoreChromeOS* store, |
| 62 EnterpriseInstallAttributes* install_attributes, | 66 EnterpriseInstallAttributes* install_attributes, |
| 63 ServerBackedStateKeysBroker* state_keys_broker, | 67 ServerBackedStateKeysBroker* state_keys_broker, |
| 64 scoped_ptr<CloudPolicyClient> client, | 68 scoped_ptr<CloudPolicyClient> client, |
| 65 scoped_refptr<base::SequencedTaskRunner> background_task_runner, | 69 scoped_refptr<base::SequencedTaskRunner> background_task_runner, |
| 66 const std::string& auth_token, | 70 const std::string& auth_token, |
| 67 const std::string& client_id, | 71 const std::string& client_id, |
| 68 bool is_auto_enrollment, | 72 bool is_auto_enrollment, |
| 69 const std::string& requisition, | |
| 70 const AllowedDeviceModes& allowed_device_modes, | 73 const AllowedDeviceModes& allowed_device_modes, |
| 71 const EnrollmentCallback& completion_callback); | 74 const EnrollmentCallback& completion_callback); |
| 72 virtual ~EnrollmentHandlerChromeOS(); | 75 virtual ~EnrollmentHandlerChromeOS(); |
| 73 | 76 |
| 77 // Pref registration helper. |
| 78 static void RegisterPrefs(PrefRegistrySimple* registry); |
| 79 |
| 74 // Starts the enrollment process and reports the result to | 80 // Starts the enrollment process and reports the result to |
| 75 // |completion_callback_|. | 81 // |completion_callback_|. |
| 76 void StartEnrollment(); | 82 void StartEnrollment(); |
| 77 | 83 |
| 78 // Releases the client. | 84 // Releases the client. |
| 79 scoped_ptr<CloudPolicyClient> ReleaseClient(); | 85 scoped_ptr<CloudPolicyClient> ReleaseClient(); |
| 80 | 86 |
| 87 // Gets/Sets the device requisition. |
| 88 std::string GetDeviceRequisition() const; |
| 89 void SetDeviceRequisition(const std::string& requisition); |
| 90 |
| 91 // Returns true if device requisition is remora/shark. |
| 92 bool IsRemoraRequisition() const; |
| 93 bool IsSharkRequisition() const; |
| 94 |
| 81 // CloudPolicyClient::Observer: | 95 // CloudPolicyClient::Observer: |
| 82 virtual void OnPolicyFetched(CloudPolicyClient* client) OVERRIDE; | 96 virtual void OnPolicyFetched(CloudPolicyClient* client) OVERRIDE; |
| 83 virtual void OnRegistrationStateChanged(CloudPolicyClient* client) OVERRIDE; | 97 virtual void OnRegistrationStateChanged(CloudPolicyClient* client) OVERRIDE; |
| 84 virtual void OnRobotAuthCodesFetched(CloudPolicyClient* client) OVERRIDE; | 98 virtual void OnRobotAuthCodesFetched(CloudPolicyClient* client) OVERRIDE; |
| 85 virtual void OnClientError(CloudPolicyClient* client) OVERRIDE; | 99 virtual void OnClientError(CloudPolicyClient* client) OVERRIDE; |
| 86 | 100 |
| 87 // CloudPolicyStore::Observer: | 101 // CloudPolicyStore::Observer: |
| 88 virtual void OnStoreLoaded(CloudPolicyStore* store) OVERRIDE; | 102 virtual void OnStoreLoaded(CloudPolicyStore* store) OVERRIDE; |
| 89 virtual void OnStoreError(CloudPolicyStore* store) OVERRIDE; | 103 virtual void OnStoreError(CloudPolicyStore* store) OVERRIDE; |
| 90 | 104 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 108 STEP_POLICY_FETCH, // Fetching policy. | 122 STEP_POLICY_FETCH, // Fetching policy. |
| 109 STEP_VALIDATION, // Policy validation. | 123 STEP_VALIDATION, // Policy validation. |
| 110 STEP_ROBOT_AUTH_FETCH, // Fetching device API auth code. | 124 STEP_ROBOT_AUTH_FETCH, // Fetching device API auth code. |
| 111 STEP_ROBOT_AUTH_REFRESH, // Fetching device API refresh token. | 125 STEP_ROBOT_AUTH_REFRESH, // Fetching device API refresh token. |
| 112 STEP_LOCK_DEVICE, // Writing installation-time attributes. | 126 STEP_LOCK_DEVICE, // Writing installation-time attributes. |
| 113 STEP_STORE_ROBOT_AUTH, // Encrypting & writing robot refresh token. | 127 STEP_STORE_ROBOT_AUTH, // Encrypting & writing robot refresh token. |
| 114 STEP_STORE_POLICY, // Storing policy and API refresh token. | 128 STEP_STORE_POLICY, // Storing policy and API refresh token. |
| 115 STEP_FINISHED, // Enrollment process finished, no further action. | 129 STEP_FINISHED, // Enrollment process finished, no further action. |
| 116 }; | 130 }; |
| 117 | 131 |
| 132 // Initializes requisition settings at OOBE with values from VPD. |
| 133 void InitializeRequisition(); |
| 134 |
| 118 // Handles the response to a request for server-backed state keys. | 135 // Handles the response to a request for server-backed state keys. |
| 119 void CheckStateKeys(const std::vector<std::string>& state_keys); | 136 void CheckStateKeys(const std::vector<std::string>& state_keys); |
| 120 | 137 |
| 121 // Starts registration if the store is initialized. | 138 // Starts registration if the store is initialized. |
| 122 void AttemptRegistration(); | 139 void AttemptRegistration(); |
| 123 | 140 |
| 124 // Handles the policy validation result, proceeding with installation-time | 141 // Handles the policy validation result, proceeding with installation-time |
| 125 // attributes locking if successful. | 142 // attributes locking if successful. |
| 126 void PolicyValidated(DeviceCloudPolicyValidator* validator); | 143 void PolicyValidated(DeviceCloudPolicyValidator* validator); |
| 127 | 144 |
| (...skipping 14 matching lines...) Expand all Loading... |
| 142 | 159 |
| 143 // Handles completion of the robot token store operation. | 160 // Handles completion of the robot token store operation. |
| 144 void HandleRobotAuthTokenStored(bool result); | 161 void HandleRobotAuthTokenStored(bool result); |
| 145 | 162 |
| 146 // Drops any ongoing actions. | 163 // Drops any ongoing actions. |
| 147 void Stop(); | 164 void Stop(); |
| 148 | 165 |
| 149 // Reports the result of the enrollment process to the initiator. | 166 // Reports the result of the enrollment process to the initiator. |
| 150 void ReportResult(EnrollmentStatus status); | 167 void ReportResult(EnrollmentStatus status); |
| 151 | 168 |
| 169 PrefService* local_state_; |
| 152 DeviceCloudPolicyStoreChromeOS* store_; | 170 DeviceCloudPolicyStoreChromeOS* store_; |
| 153 EnterpriseInstallAttributes* install_attributes_; | 171 EnterpriseInstallAttributes* install_attributes_; |
| 154 ServerBackedStateKeysBroker* state_keys_broker_; | 172 ServerBackedStateKeysBroker* state_keys_broker_; |
| 155 scoped_ptr<CloudPolicyClient> client_; | 173 scoped_ptr<CloudPolicyClient> client_; |
| 156 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; | 174 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; |
| 157 scoped_ptr<gaia::GaiaOAuthClient> gaia_oauth_client_; | 175 scoped_ptr<gaia::GaiaOAuthClient> gaia_oauth_client_; |
| 158 | 176 |
| 159 std::string auth_token_; | 177 std::string auth_token_; |
| 160 std::string client_id_; | 178 std::string client_id_; |
| 161 bool is_auto_enrollment_; | 179 bool is_auto_enrollment_; |
| (...skipping 19 matching lines...) Expand all Loading... |
| 181 int lockbox_init_duration_; | 199 int lockbox_init_duration_; |
| 182 | 200 |
| 183 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_; | 201 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_; |
| 184 | 202 |
| 185 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS); | 203 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS); |
| 186 }; | 204 }; |
| 187 | 205 |
| 188 } // namespace policy | 206 } // namespace policy |
| 189 | 207 |
| 190 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | 208 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 408013003:
Move device requisition to EnterpriseEnrollmentHandlerChromeOS.
Base URL: https://chromium.googlesource.com/chromium/src.git@master