1dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// Use of this source code is governed by a BSD-style license that can be 3dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// found in the LICENSE file. 4dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 5dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#ifndef CHROME_BROWSER_POLICY_DEVICE_POLICY_IDENTITY_STRATEGY_H_ 6dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#define CHROME_BROWSER_POLICY_DEVICE_POLICY_IDENTITY_STRATEGY_H_ 7dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#pragma once 8dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 9dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include <string> 10dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 11ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/compiler_specific.h" 12dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "chrome/browser/policy/cloud_policy_identity_strategy.h" 13dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 14dc0f95d653279beabeb9817299e2902918ba123eKristian Monsenclass TokenService; 15dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 16dc0f95d653279beabeb9817299e2902918ba123eKristian Monsennamespace policy { 17dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 18dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// DM token provider that stores the token in CrOS signed settings. 19ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsenclass DevicePolicyIdentityStrategy : public CloudPolicyIdentityStrategy { 20dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen public: 21dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen DevicePolicyIdentityStrategy(); 22dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen virtual ~DevicePolicyIdentityStrategy(); 23dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 24ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // Sets (GAIA) auth credentials of the owner of the device during device 25ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // enrollment. This automatically triggers fetching a DMToken that can 26ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // be used for future authentication with DMServer. 27ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen void SetAuthCredentials(const std::string& username, 28ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen const std::string& auth_token); 29ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 30ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // Sets the device's credentials when they have been read from disk after 31ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // a reboot. 32ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen void SetDeviceManagementCredentials(const std::string& owner_email, 33ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen const std::string& device_id, 34ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen const std::string& device_token); 35ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 36ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // Initiates a policy fetch after a successful device registration. This 37ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // function should be called only after the device token has been fetched 38ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // either through the DMServer or loaded from the cache. 39ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen void FetchPolicy(); 40dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 41dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // CloudPolicyIdentityStrategy implementation: 42ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual std::string GetDeviceToken() OVERRIDE; 43ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual std::string GetDeviceID() OVERRIDE; 44ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual std::string GetMachineID() OVERRIDE; 45ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual std::string GetMachineModel() OVERRIDE; 46ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual em::DeviceRegisterRequest_Type GetPolicyRegisterType() OVERRIDE; 47ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual std::string GetPolicyType() OVERRIDE; 48dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen virtual bool GetCredentials(std::string* username, 49ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen std::string* auth_token) OVERRIDE; 50ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual void OnDeviceTokenAvailable(const std::string& token) OVERRIDE; 51dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 52dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen private: 53ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // The e-mail and auth token of the device owner. Set by |SetCredentials()|. 54ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen std::string username_; 55ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen std::string auth_token_; 56dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 57ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // The machine identifier and model. 58dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen std::string machine_id_; 59ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen std::string machine_model_; 60dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 61dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // The device identifier to be sent with requests. (This is actually more like 62dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // a session identifier since it is re-generated for each registration 63dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // request.) 64dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen std::string device_id_; 65dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 66dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // Current token. Empty if not available. 67dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen std::string device_token_; 68dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 69dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen DISALLOW_COPY_AND_ASSIGN(DevicePolicyIdentityStrategy); 70dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen}; 71dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 72dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen} // namespace policy 73dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 74dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#endif // CHROME_BROWSER_POLICY_DEVICE_POLICY_IDENTITY_STRATEGY_H_ 75