1dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// Use of this source code is governed by a BSD-style license that can be
3dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// found in the LICENSE file.
4dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
5dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#ifndef CHROME_BROWSER_POLICY_DEVICE_POLICY_IDENTITY_STRATEGY_H_
6dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#define CHROME_BROWSER_POLICY_DEVICE_POLICY_IDENTITY_STRATEGY_H_
7dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#pragma once
8dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
9dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include <string>
10dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
11ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/compiler_specific.h"
12dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "chrome/browser/policy/cloud_policy_identity_strategy.h"
13dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
14dc0f95d653279beabeb9817299e2902918ba123eKristian Monsenclass TokenService;
15dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
16dc0f95d653279beabeb9817299e2902918ba123eKristian Monsennamespace policy {
17dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
18dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// DM token provider that stores the token in CrOS signed settings.
19ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsenclass DevicePolicyIdentityStrategy : public CloudPolicyIdentityStrategy {
20dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen public:
21dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  DevicePolicyIdentityStrategy();
22dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  virtual ~DevicePolicyIdentityStrategy();
23dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
24ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // Sets (GAIA) auth credentials of the owner of the device during device
25ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // enrollment. This automatically triggers fetching a DMToken that can
26ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // be used for future authentication with DMServer.
27ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  void SetAuthCredentials(const std::string& username,
28ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen                          const std::string& auth_token);
29ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen
30ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // Sets the device's credentials when they have been read from disk after
31ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // a reboot.
32ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  void SetDeviceManagementCredentials(const std::string& owner_email,
33ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen                                      const std::string& device_id,
34ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen                                      const std::string& device_token);
35ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen
36ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // Initiates a policy fetch after a successful device registration. This
37ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // function should be called only after the device token has been fetched
38ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // either through the DMServer or loaded from the cache.
39ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  void FetchPolicy();
40dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
41dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // CloudPolicyIdentityStrategy implementation:
42ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual std::string GetDeviceToken() OVERRIDE;
43ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual std::string GetDeviceID() OVERRIDE;
44ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual std::string GetMachineID() OVERRIDE;
45ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual std::string GetMachineModel() OVERRIDE;
46ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual em::DeviceRegisterRequest_Type GetPolicyRegisterType() OVERRIDE;
47ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual std::string GetPolicyType() OVERRIDE;
48dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  virtual bool GetCredentials(std::string* username,
49ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen                              std::string* auth_token) OVERRIDE;
50ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual void OnDeviceTokenAvailable(const std::string& token) OVERRIDE;
51dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
52dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen private:
53ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // The e-mail and auth token of the device owner. Set by |SetCredentials()|.
54ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  std::string username_;
55ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  std::string auth_token_;
56dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
57ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // The machine identifier and model.
58dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  std::string machine_id_;
59ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  std::string machine_model_;
60dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
61dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // The device identifier to be sent with requests. (This is actually more like
62dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // a session identifier since it is re-generated for each registration
63dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // request.)
64dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  std::string device_id_;
65dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
66dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // Current token. Empty if not available.
67dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  std::string device_token_;
68dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
69dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  DISALLOW_COPY_AND_ASSIGN(DevicePolicyIdentityStrategy);
70dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen};
71dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
72dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen}  // namespace policy
73dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
74dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#endif  // CHROME_BROWSER_POLICY_DEVICE_POLICY_IDENTITY_STRATEGY_H_
75