auto_enrollment_client.h revision 4e180b6a0b4720a9b8e9e959a882386f690f08ff 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_
6#define CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_
7
8#include <string>
9
10#include "base/basictypes.h"
11#include "base/callback.h"
12#include "base/compiler_specific.h"
13#include "base/memory/scoped_ptr.h"
14#include "base/time/time.h"
15#include "chrome/browser/policy/cloud/cloud_policy_constants.h"
16#include "net/base/network_change_notifier.h"
17#include "third_party/protobuf/src/google/protobuf/repeated_field.h"
18
19class PrefRegistrySimple;
20class PrefService;
21
22namespace enterprise_management {
23class DeviceManagementResponse;
24}
25
26namespace policy {
27
28class DeviceManagementRequestJob;
29class DeviceManagementService;
30
31// Interacts with the device management service and determines whether this
32// machine should automatically enter the Enterprise Enrollment screen during
33// OOBE.
34class AutoEnrollmentClient
35    : public net::NetworkChangeNotifier::NetworkChangeObserver {
36 public:
37  // |completion_callback| will be invoked on completion of the protocol, after
38  // Start() is invoked.
39  // The result of the protocol will be cached in |local_state|.
40  // |power_initial| and |power_limit| are exponents of power-of-2 values which
41  // will be the initial modulus and the maximum modulus used by this client.
42  AutoEnrollmentClient(const base::Closure& completion_callback,
43                       DeviceManagementService* device_management_service,
44                       PrefService* local_state,
45                       const std::string& serial_number,
46                       int power_initial,
47                       int power_limit);
48  virtual ~AutoEnrollmentClient();
49
50  // Registers preferences in local state.
51  static void RegisterPrefs(PrefRegistrySimple* registry);
52
53  // Returns true if auto-enrollment is disabled in this device. In that case,
54  // instances returned by Create() fail immediately once Start() is invoked.
55  static bool IsDisabled();
56
57  // Convenience method to create instances of this class.
58  static AutoEnrollmentClient* Create(const base::Closure& completion_callback);
59
60  // Cancels auto-enrollment.
61  // This function does not interrupt a running auto-enrollment check. It only
62  // stores a pref in |local_state| that prevents the client from entering
63  // auto-enrollment mode for the future.
64  static void CancelAutoEnrollment();
65
66  // Starts the auto-enrollment check protocol with the device management
67  // service. Subsequent calls drop any previous requests. Notice that this
68  // call can invoke the |completion_callback_| if errors occur.
69  void Start();
70
71  // Cancels any pending requests. |completion_callback_| will not be invoked.
72  // |this| will delete itself.
73  void CancelAndDeleteSoon();
74
75  // Returns true if the protocol completed successfully and determined that
76  // this device should do enterprise enrollment.
77  bool should_auto_enroll() const { return should_auto_enroll_; }
78
79  // Returns the device_id randomly generated for the auto-enrollment requests.
80  // It can be reused for subsequent requests to the device management service.
81  std::string device_id() const { return device_id_; }
82
83  // Implementation of net::NetworkChangeNotifier::NetworkChangeObserver:
84  virtual void OnNetworkChanged(
85      net::NetworkChangeNotifier::ConnectionType type) OVERRIDE;
86
87 private:
88  // Tries to load the result of a previous execution of the protocol from
89  // local state. Returns true if that decision has been made and is valid.
90  bool GetCachedDecision();
91
92  // Sends an auto-enrollment check request to the device management service.
93  // |power| is the power of the power-of-2 to use as a modulus for this
94  // request.
95  void SendRequest(int power);
96
97  // Handles auto-enrollment request completion.
98  void OnRequestCompletion(
99      DeviceManagementStatus status,
100      int net_error,
101      const enterprise_management::DeviceManagementResponse& response);
102
103  // Returns true if |serial_number_hash_| is contained in |hashes|.
104  bool IsSerialInProtobuf(
105      const google::protobuf::RepeatedPtrField<std::string>& hashes);
106
107  // Invoked when the protocol completes. This invokes the callback and records
108  // some UMA metrics.
109  void OnProtocolDone();
110
111  // Invoked when a request job completes. Resets the internal state, and
112  // deletes the client if necessary.
113  void OnRequestDone();
114
115  // Callback to invoke when the protocol completes.
116  base::Closure completion_callback_;
117
118  // Whether to auto-enroll or not. This is reset by calls to Start(), and only
119  // turns true if the protocol and the serial number check succeed.
120  bool should_auto_enroll_;
121
122  // Randomly generated device id for the auto-enrollment requests.
123  std::string device_id_;
124
125  // SHA256 hash of the device's serial number. Empty if the serial couldn't be
126  // retrieved.
127  std::string serial_number_hash_;
128
129  // Power of the power-of-2 modulus used in the initial auto-enrollment
130  // request.
131  int power_initial_;
132
133  // Power of the maximum power-of-2 modulus that this client will accept from
134  // a retry response from the server.
135  int power_limit_;
136
137  // Number of requests sent to the server so far.
138  // Used to determine if the server keeps asking for different moduli.
139  int requests_sent_;
140
141  // Used to communicate with the device management service.
142  DeviceManagementService* device_management_service_;
143  scoped_ptr<DeviceManagementRequestJob> request_job_;
144
145  // PrefService where the protocol's results are cached.
146  PrefService* local_state_;
147
148  // Times used to determine the duration of the protocol, and the extra time
149  // needed to complete after the signin was complete.
150  // If |time_start_| is not null, the protocol is still running.
151  // If |time_extra_start_| is not null, the protocol is still running but our
152  // owner has relinquished ownership.
153  base::Time time_start_;
154  base::Time time_extra_start_;
155
156  DISALLOW_COPY_AND_ASSIGN(AutoEnrollmentClient);
157};
158
159}  // namespace policy
160
161#endif  // CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_
162