manager_password_service.h revision f8ee788a64d60abd8f2d742a5fdedde054ecd910 
1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_SUPERVISED_USER_CHROMEOS_MANAGER_PASSWORD_SERVICE_H_
6#define CHROME_BROWSER_SUPERVISED_USER_CHROMEOS_MANAGER_PASSWORD_SERVICE_H_
7
8#include <string>
9
10#include "base/compiler_specific.h"
11#include "base/memory/scoped_ptr.h"
12#include "base/memory/weak_ptr.h"
13#include "chrome/browser/chromeos/login/auth/extended_authenticator.h"
14#include "chrome/browser/supervised_user/supervised_user_shared_settings_service.h"
15#include "chrome/browser/supervised_user/supervised_user_sync_service.h"
16#include "chrome/browser/supervised_user/supervised_users.h"
17#include "components/keyed_service/core/keyed_service.h"
18
19namespace chromeos {
20
21class UserContext;
22
23// Handles supervised user password change that is detected while manager is
24// signed in.
25// It uses manager's master key to authorize update of supervised user's key.
26// Edge case: Pre-M35 supervised users don't have correct labels for keys.
27// After new supervised user key is added, migration is done in following way:
28// 1) Master key is added with correct label
29// 2) Old supervised user's key is deleted.
30// 3) Old master key is deleted.
31class ManagerPasswordService
32    : public KeyedService,
33      public chromeos::ExtendedAuthenticator::AuthStatusConsumer {
34 public:
35  ManagerPasswordService();
36  virtual ~ManagerPasswordService();
37
38  virtual void Shutdown() OVERRIDE;
39
40  void Init(const std::string& user_id,
41            SupervisedUserSyncService* user_service,
42            SupervisedUserSharedSettingsService* service);
43
44  // chromeos::ExtendedAuthenticator::AuthStatusConsumer overrides:
45  virtual void OnAuthenticationFailure(ExtendedAuthenticator::AuthState state)
46      OVERRIDE;
47
48 private:
49  void OnSharedSettingsChange(const std::string& su_id, const std::string& key);
50  void GetSupervisedUsersCallback(
51      const std::string& sync_su_id,
52      const std::string& user_id,
53      scoped_ptr<base::DictionaryValue> password_data,
54      const base::DictionaryValue* supervised_users);
55  void OnAddKeySuccess(const UserContext& master_key_context,
56                       const std::string& user_id,
57                       scoped_ptr<base::DictionaryValue> password_data);
58  void OnKeyTransformedIfNeeded(const UserContext& master_key_context);
59  void OnNewManagerKeySuccess(const UserContext& master_key_context);
60  void OnOldSupervisedUserKeyDeleted(const UserContext& master_key_context);
61  void OnOldManagerKeyDeleted(const UserContext& master_key_context);
62
63  // Cached value from Init().
64  // User id of currently logged in user, that have supervised users on device.
65  std::string user_id_;
66  SupervisedUserSyncService* user_service_;
67  SupervisedUserSharedSettingsService* settings_service_;
68
69  scoped_ptr<SupervisedUserSharedSettingsService::ChangeCallbackList::
70                 Subscription>
71      settings_service_subscription_;
72
73  scoped_refptr<ExtendedAuthenticator> authenticator_;
74
75  base::WeakPtrFactory<ManagerPasswordService> weak_ptr_factory_;
76
77  DISALLOW_COPY_AND_ASSIGN(ManagerPasswordService);
78};
79
80}  // namespace chromeos
81#endif  // CHROME_BROWSER_SUPERVISED_USER_CHROMEOS_MANAGER_PASSWORD_SERVICE_H_
82