Home | History | Annotate | Download | only in policy 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_
      6 #define CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_
      7 
      8 #include <string>
      9 
     10 #include "base/basictypes.h"
     11 #include "base/callback.h"
     12 #include "base/compiler_specific.h"
     13 #include "base/memory/scoped_ptr.h"
     14 #include "base/time/time.h"
     15 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
     16 #include "net/base/network_change_notifier.h"
     17 #include "third_party/protobuf/src/google/protobuf/repeated_field.h"
     18 
     19 class PrefRegistrySimple;
     20 class PrefService;
     21 
     22 namespace enterprise_management {
     23 class DeviceManagementResponse;
     24 }
     25 
     26 namespace net {
     27 class URLRequestContextGetter;
     28 }
     29 
     30 namespace policy {
     31 
     32 class DeviceManagementRequestJob;
     33 class DeviceManagementService;
     34 
     35 // Interacts with the device management service and determines whether this
     36 // machine should automatically enter the Enterprise Enrollment screen during
     37 // OOBE.
     38 class AutoEnrollmentClient
     39     : public net::NetworkChangeNotifier::NetworkChangeObserver {
     40  public:
     41   // |completion_callback| will be invoked on completion of the protocol, after
     42   // Start() is invoked.
     43   // The result of the protocol will be cached in |local_state|.
     44   // |power_initial| and |power_limit| are exponents of power-of-2 values which
     45   // will be the initial modulus and the maximum modulus used by this client.
     46   AutoEnrollmentClient(
     47       const base::Closure& completion_callback,
     48       DeviceManagementService* device_management_service,
     49       PrefService* local_state,
     50       scoped_refptr<net::URLRequestContextGetter> system_request_context,
     51       const std::string& serial_number,
     52       int power_initial,
     53       int power_limit);
     54   virtual ~AutoEnrollmentClient();
     55 
     56   // Registers preferences in local state.
     57   static void RegisterPrefs(PrefRegistrySimple* registry);
     58 
     59   // Returns true if auto-enrollment is disabled in this device. In that case,
     60   // instances returned by Create() fail immediately once Start() is invoked.
     61   static bool IsDisabled();
     62 
     63   // Convenience method to create instances of this class.
     64   static AutoEnrollmentClient* Create(const base::Closure& completion_callback);
     65 
     66   // Cancels auto-enrollment.
     67   // This function does not interrupt a running auto-enrollment check. It only
     68   // stores a pref in |local_state| that prevents the client from entering
     69   // auto-enrollment mode for the future.
     70   static void CancelAutoEnrollment();
     71 
     72   // Starts the auto-enrollment check protocol with the device management
     73   // service. Subsequent calls drop any previous requests. Notice that this
     74   // call can invoke the |completion_callback_| if errors occur.
     75   void Start();
     76 
     77   // Cancels any pending requests. |completion_callback_| will not be invoked.
     78   // |this| will delete itself.
     79   void CancelAndDeleteSoon();
     80 
     81   // Returns true if the protocol completed successfully and determined that
     82   // this device should do enterprise enrollment.
     83   bool should_auto_enroll() const { return should_auto_enroll_; }
     84 
     85   // Returns the device_id randomly generated for the auto-enrollment requests.
     86   // It can be reused for subsequent requests to the device management service.
     87   std::string device_id() const { return device_id_; }
     88 
     89   // Implementation of net::NetworkChangeNotifier::NetworkChangeObserver:
     90   virtual void OnNetworkChanged(
     91       net::NetworkChangeNotifier::ConnectionType type) OVERRIDE;
     92 
     93  private:
     94   // Tries to load the result of a previous execution of the protocol from
     95   // local state. Returns true if that decision has been made and is valid.
     96   bool GetCachedDecision();
     97 
     98   // Sends an auto-enrollment check request to the device management service.
     99   // |power| is the power of the power-of-2 to use as a modulus for this
    100   // request.
    101   void SendRequest(int power);
    102 
    103   // Handles auto-enrollment request completion.
    104   void OnRequestCompletion(
    105       DeviceManagementStatus status,
    106       int net_error,
    107       const enterprise_management::DeviceManagementResponse& response);
    108 
    109   // Returns true if |serial_number_hash_| is contained in |hashes|.
    110   bool IsSerialInProtobuf(
    111       const google::protobuf::RepeatedPtrField<std::string>& hashes);
    112 
    113   // Invoked when the protocol completes. This invokes the callback and records
    114   // some UMA metrics.
    115   void OnProtocolDone();
    116 
    117   // Invoked when a request job completes. Resets the internal state, and
    118   // deletes the client if necessary.
    119   void OnRequestDone();
    120 
    121   // Callback to invoke when the protocol completes.
    122   base::Closure completion_callback_;
    123 
    124   // Whether to auto-enroll or not. This is reset by calls to Start(), and only
    125   // turns true if the protocol and the serial number check succeed.
    126   bool should_auto_enroll_;
    127 
    128   // Randomly generated device id for the auto-enrollment requests.
    129   std::string device_id_;
    130 
    131   // SHA256 hash of the device's serial number. Empty if the serial couldn't be
    132   // retrieved.
    133   std::string serial_number_hash_;
    134 
    135   // Power of the power-of-2 modulus used in the initial auto-enrollment
    136   // request.
    137   int power_initial_;
    138 
    139   // Power of the maximum power-of-2 modulus that this client will accept from
    140   // a retry response from the server.
    141   int power_limit_;
    142 
    143   // Number of requests sent to the server so far.
    144   // Used to determine if the server keeps asking for different moduli.
    145   int requests_sent_;
    146 
    147   // Used to communicate with the device management service.
    148   DeviceManagementService* device_management_service_;
    149   scoped_ptr<DeviceManagementRequestJob> request_job_;
    150 
    151   // PrefService where the protocol's results are cached.
    152   PrefService* local_state_;
    153 
    154   // The request context to use to perform the auto enrollment request.
    155   scoped_refptr<net::URLRequestContextGetter> request_context_;
    156 
    157   // Times used to determine the duration of the protocol, and the extra time
    158   // needed to complete after the signin was complete.
    159   // If |time_start_| is not null, the protocol is still running.
    160   // If |time_extra_start_| is not null, the protocol is still running but our
    161   // owner has relinquished ownership.
    162   base::Time time_start_;
    163   base::Time time_extra_start_;
    164 
    165   DISALLOW_COPY_AND_ASSIGN(AutoEnrollmentClient);
    166 };
    167 
    168 }  // namespace policy
    169 
    170 #endif  // CHROME_BROWSER_CHROMEOS_POLICY_AUTO_ENROLLMENT_CLIENT_H_
    171