Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_ |
| 6 | #define CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_ |
| 7 | |
| 8 | #include <string> |
| 9 | |
| 10 | #include "base/basictypes.h" |
| 11 | #include "base/callback.h" |
| 12 | #include "base/compiler_specific.h" |
| 13 | #include "base/memory/scoped_ptr.h" |
Ben Murdoch | eb525c5 | 2013-07-10 11:40:50 +0100 | [diff] [blame] | 14 | #include "base/time/time.h" |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 15 | #include "chrome/browser/policy/cloud/cloud_policy_constants.h" |
Ben Murdoch | bb1529c | 2013-08-08 10:24:53 +0100 | [diff] [blame^] | 16 | #include "net/base/network_change_notifier.h" |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 17 | #include "third_party/protobuf/src/google/protobuf/repeated_field.h" |
| 18 | |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 19 | class PrefRegistrySimple; |
Torne (Richard Coles) | b2df76e | 2013-05-13 16:52:09 +0100 | [diff] [blame] | 20 | class PrefService; |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 21 | |
| 22 | namespace enterprise_management { |
| 23 | class DeviceManagementResponse; |
| 24 | } |
| 25 | |
| 26 | namespace policy { |
| 27 | |
| 28 | class DeviceManagementRequestJob; |
| 29 | class DeviceManagementService; |
| 30 | |
| 31 | // Interacts with the device management service and determines whether this |
| 32 | // machine should automatically enter the Enterprise Enrollment screen during |
| 33 | // OOBE. |
Ben Murdoch | bb1529c | 2013-08-08 10:24:53 +0100 | [diff] [blame^] | 34 | class AutoEnrollmentClient |
| 35 | : public net::NetworkChangeNotifier::NetworkChangeObserver { |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 36 | public: |
| 37 | // |completion_callback| will be invoked on completion of the protocol, after |
| 38 | // Start() is invoked. |
| 39 | // Takes ownership of |device_management_service|. |
| 40 | // The result of the protocol will be cached in |local_state|. |
| 41 | // |power_initial| and |power_limit| are exponents of power-of-2 values which |
| 42 | // will be the initial modulus and the maximum modulus used by this client. |
| 43 | AutoEnrollmentClient(const base::Closure& completion_callback, |
| 44 | DeviceManagementService* device_management_service, |
| 45 | PrefService* local_state, |
| 46 | const std::string& serial_number, |
| 47 | int power_initial, |
| 48 | int power_limit); |
| 49 | virtual ~AutoEnrollmentClient(); |
| 50 | |
| 51 | // Registers preferences in local state. |
| 52 | static void RegisterPrefs(PrefRegistrySimple* registry); |
| 53 | |
| 54 | // Returns true if auto-enrollment is disabled in this device. In that case, |
| 55 | // instances returned by Create() fail immediately once Start() is invoked. |
| 56 | static bool IsDisabled(); |
| 57 | |
| 58 | // Convenience method to create instances of this class. |
| 59 | static AutoEnrollmentClient* Create(const base::Closure& completion_callback); |
| 60 | |
| 61 | // Cancels auto-enrollment. |
| 62 | // This function does not interrupt a running auto-enrollment check. It only |
| 63 | // stores a pref in |local_state| that prevents the client from entering |
| 64 | // auto-enrollment mode for the future. |
| 65 | static void CancelAutoEnrollment(); |
| 66 | |
| 67 | // Starts the auto-enrollment check protocol with the device management |
| 68 | // service. Subsequent calls drop any previous requests. Notice that this |
| 69 | // call can invoke the |completion_callback_| if errors occur. |
| 70 | void Start(); |
| 71 | |
| 72 | // Cancels any pending requests. |completion_callback_| will not be invoked. |
| 73 | // |this| will delete itself. |
| 74 | void CancelAndDeleteSoon(); |
| 75 | |
| 76 | // Returns true if the protocol completed successfully and determined that |
| 77 | // this device should do enterprise enrollment. |
| 78 | bool should_auto_enroll() const { return should_auto_enroll_; } |
| 79 | |
| 80 | // Returns the device_id randomly generated for the auto-enrollment requests. |
| 81 | // It can be reused for subsequent requests to the device management service. |
| 82 | std::string device_id() const { return device_id_; } |
| 83 | |
Ben Murdoch | bb1529c | 2013-08-08 10:24:53 +0100 | [diff] [blame^] | 84 | // Implementation of net::NetworkChangeNotifier::NetworkChangeObserver: |
| 85 | virtual void OnNetworkChanged( |
| 86 | net::NetworkChangeNotifier::ConnectionType type) OVERRIDE; |
| 87 | |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 88 | private: |
| 89 | // Tries to load the result of a previous execution of the protocol from |
| 90 | // local state. Returns true if that decision has been made and is valid. |
| 91 | bool GetCachedDecision(); |
| 92 | |
| 93 | // Sends an auto-enrollment check request to the device management service. |
| 94 | // |power| is the power of the power-of-2 to use as a modulus for this |
| 95 | // request. |
| 96 | void SendRequest(int power); |
| 97 | |
| 98 | // Handles auto-enrollment request completion. |
| 99 | void OnRequestCompletion( |
| 100 | DeviceManagementStatus status, |
Torne (Richard Coles) | b2df76e | 2013-05-13 16:52:09 +0100 | [diff] [blame] | 101 | int net_error, |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 102 | const enterprise_management::DeviceManagementResponse& response); |
| 103 | |
| 104 | // Returns true if |serial_number_hash_| is contained in |hashes|. |
| 105 | bool IsSerialInProtobuf( |
| 106 | const google::protobuf::RepeatedPtrField<std::string>& hashes); |
| 107 | |
| 108 | // Invoked when the protocol completes. This invokes the callback and records |
| 109 | // some UMA metrics. |
| 110 | void OnProtocolDone(); |
| 111 | |
Ben Murdoch | bb1529c | 2013-08-08 10:24:53 +0100 | [diff] [blame^] | 112 | // Invoked when a request job completes. Resets the internal state, and |
| 113 | // deletes the client if necessary. |
| 114 | void OnRequestDone(); |
| 115 | |
Torne (Richard Coles) | 2a99a7e | 2013-03-28 15:31:22 +0000 | [diff] [blame] | 116 | // Callback to invoke when the protocol completes. |
| 117 | base::Closure completion_callback_; |
| 118 | |
| 119 | // Whether to auto-enroll or not. This is reset by calls to Start(), and only |
| 120 | // turns true if the protocol and the serial number check succeed. |
| 121 | bool should_auto_enroll_; |
| 122 | |
| 123 | // Randomly generated device id for the auto-enrollment requests. |
| 124 | std::string device_id_; |
| 125 | |
| 126 | // SHA256 hash of the device's serial number. Empty if the serial couldn't be |
| 127 | // retrieved. |
| 128 | std::string serial_number_hash_; |
| 129 | |
| 130 | // Power of the power-of-2 modulus used in the initial auto-enrollment |
| 131 | // request. |
| 132 | int power_initial_; |
| 133 | |
| 134 | // Power of the maximum power-of-2 modulus that this client will accept from |
| 135 | // a retry response from the server. |
| 136 | int power_limit_; |
| 137 | |
| 138 | // Number of requests sent to the server so far. |
| 139 | // Used to determine if the server keeps asking for different moduli. |
| 140 | int requests_sent_; |
| 141 | |
| 142 | // Used to communicate with the device management service. |
| 143 | scoped_ptr<DeviceManagementService> device_management_service_; |
| 144 | scoped_ptr<DeviceManagementRequestJob> request_job_; |
| 145 | |
| 146 | // PrefService where the protocol's results are cached. |
| 147 | PrefService* local_state_; |
| 148 | |
| 149 | // Times used to determine the duration of the protocol, and the extra time |
| 150 | // needed to complete after the signin was complete. |
| 151 | // If |time_start_| is not null, the protocol is still running. |
| 152 | // If |time_extra_start_| is not null, the protocol is still running but our |
| 153 | // owner has relinquished ownership. |
| 154 | base::Time time_start_; |
| 155 | base::Time time_extra_start_; |
| 156 | |
| 157 | DISALLOW_COPY_AND_ASSIGN(AutoEnrollmentClient); |
| 158 | }; |
| 159 | |
| 160 | } // namespace policy |
| 161 | |
| 162 | #endif // CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_ |