auto_enrollment_client.h revision eb525c5499e34cc9c4b825d6d9e75bb07cc06ace
19066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project// Copyright (c) 2012 The Chromium Authors. All rights reserved. 29066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project// Use of this source code is governed by a BSD-style license that can be 39066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project// found in the LICENSE file. 4f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen 5f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen#ifndef CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_ 6f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen#define CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_ 79066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project 8f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen#include <string> 99066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project 10f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen#include "base/basictypes.h" 11f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen#include "base/callback.h" 12f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen#include "base/compiler_specific.h" 13f42f15cf450772d8eeb9c0c81a8403d33ffe1c9bEric Olsen#include "base/memory/scoped_ptr.h" 149066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project#include "base/time/time.h" 159066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project#include "chrome/browser/policy/cloud/cloud_policy_constants.h" 169066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project#include "third_party/protobuf/src/google/protobuf/repeated_field.h" 179066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project 189066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Projectclass PrefRegistrySimple; 199066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Projectclass PrefService; 203a32213c4029a03fe39486f3d6ebd0ea18928ee1Mike Lockwood 219066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Projectnamespace enterprise_management { 22ea9020e0854427d47e566a1394df6749f3265410Dianne Hackbornclass DeviceManagementResponse; 237b41467704f941b11af6aace3e40993afc7f6c6fJohn Spurlock} 247b41467704f941b11af6aace3e40993afc7f6c6fJohn Spurlock 2518dd5f0d25f1004e123dc265dc498a8bf8897af9Patrick Scottnamespace policy { 269066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Project 279066cfe9886ac131c34d59ed0e2d287b0e3c0087The Android Open Source Projectclass DeviceManagementRequestJob; 28class DeviceManagementService; 29 30// Interacts with the device management service and determines whether this 31// machine should automatically enter the Enterprise Enrollment screen during 32// OOBE. 33class AutoEnrollmentClient { 34 public: 35 // |completion_callback| will be invoked on completion of the protocol, after 36 // Start() is invoked. 37 // Takes ownership of |device_management_service|. 38 // The result of the protocol will be cached in |local_state|. 39 // |power_initial| and |power_limit| are exponents of power-of-2 values which 40 // will be the initial modulus and the maximum modulus used by this client. 41 AutoEnrollmentClient(const base::Closure& completion_callback, 42 DeviceManagementService* device_management_service, 43 PrefService* local_state, 44 const std::string& serial_number, 45 int power_initial, 46 int power_limit); 47 virtual ~AutoEnrollmentClient(); 48 49 // Registers preferences in local state. 50 static void RegisterPrefs(PrefRegistrySimple* registry); 51 52 // Returns true if auto-enrollment is disabled in this device. In that case, 53 // instances returned by Create() fail immediately once Start() is invoked. 54 static bool IsDisabled(); 55 56 // Convenience method to create instances of this class. 57 static AutoEnrollmentClient* Create(const base::Closure& completion_callback); 58 59 // Cancels auto-enrollment. 60 // This function does not interrupt a running auto-enrollment check. It only 61 // stores a pref in |local_state| that prevents the client from entering 62 // auto-enrollment mode for the future. 63 static void CancelAutoEnrollment(); 64 65 // Starts the auto-enrollment check protocol with the device management 66 // service. Subsequent calls drop any previous requests. Notice that this 67 // call can invoke the |completion_callback_| if errors occur. 68 void Start(); 69 70 // Cancels any pending requests. |completion_callback_| will not be invoked. 71 // |this| will delete itself. 72 void CancelAndDeleteSoon(); 73 74 // Returns true if the protocol completed successfully and determined that 75 // this device should do enterprise enrollment. 76 bool should_auto_enroll() const { return should_auto_enroll_; } 77 78 // Returns the device_id randomly generated for the auto-enrollment requests. 79 // It can be reused for subsequent requests to the device management service. 80 std::string device_id() const { return device_id_; } 81 82 private: 83 // Tries to load the result of a previous execution of the protocol from 84 // local state. Returns true if that decision has been made and is valid. 85 bool GetCachedDecision(); 86 87 // Sends an auto-enrollment check request to the device management service. 88 // |power| is the power of the power-of-2 to use as a modulus for this 89 // request. 90 void SendRequest(int power); 91 92 // Handles auto-enrollment request completion. 93 void OnRequestCompletion( 94 DeviceManagementStatus status, 95 int net_error, 96 const enterprise_management::DeviceManagementResponse& response); 97 98 // Returns true if |serial_number_hash_| is contained in |hashes|. 99 bool IsSerialInProtobuf( 100 const google::protobuf::RepeatedPtrField<std::string>& hashes); 101 102 // Invoked when the protocol completes. This invokes the callback and records 103 // some UMA metrics. 104 void OnProtocolDone(); 105 106 // Callback to invoke when the protocol completes. 107 base::Closure completion_callback_; 108 109 // Whether to auto-enroll or not. This is reset by calls to Start(), and only 110 // turns true if the protocol and the serial number check succeed. 111 bool should_auto_enroll_; 112 113 // Randomly generated device id for the auto-enrollment requests. 114 std::string device_id_; 115 116 // SHA256 hash of the device's serial number. Empty if the serial couldn't be 117 // retrieved. 118 std::string serial_number_hash_; 119 120 // Power of the power-of-2 modulus used in the initial auto-enrollment 121 // request. 122 int power_initial_; 123 124 // Power of the maximum power-of-2 modulus that this client will accept from 125 // a retry response from the server. 126 int power_limit_; 127 128 // Number of requests sent to the server so far. 129 // Used to determine if the server keeps asking for different moduli. 130 int requests_sent_; 131 132 // Used to communicate with the device management service. 133 scoped_ptr<DeviceManagementService> device_management_service_; 134 scoped_ptr<DeviceManagementRequestJob> request_job_; 135 136 // PrefService where the protocol's results are cached. 137 PrefService* local_state_; 138 139 // Times used to determine the duration of the protocol, and the extra time 140 // needed to complete after the signin was complete. 141 // If |time_start_| is not null, the protocol is still running. 142 // If |time_extra_start_| is not null, the protocol is still running but our 143 // owner has relinquished ownership. 144 base::Time time_start_; 145 base::Time time_extra_start_; 146 147 DISALLOW_COPY_AND_ASSIGN(AutoEnrollmentClient); 148}; 149 150} // namespace policy 151 152#endif // CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_ 153