1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_SUPERVISED_USER_CHROMEOS_MANAGER_PASSWORD_SERVICE_H_ 6 #define CHROME_BROWSER_SUPERVISED_USER_CHROMEOS_MANAGER_PASSWORD_SERVICE_H_ 7 8 #include <string> 9 10 #include "base/compiler_specific.h" 11 #include "base/memory/scoped_ptr.h" 12 #include "base/memory/weak_ptr.h" 13 #include "chrome/browser/supervised_user/supervised_user_shared_settings_service.h" 14 #include "chrome/browser/supervised_user/supervised_user_sync_service.h" 15 #include "chrome/browser/supervised_user/supervised_users.h" 16 #include "chromeos/login/auth/extended_authenticator.h" 17 #include "components/keyed_service/core/keyed_service.h" 18 19 namespace chromeos { 20 21 class UserContext; 22 23 // Handles supervised user password change that is detected while manager is 24 // signed in. 25 // It uses manager's master key to authorize update of supervised user's key. 26 // Edge case: Pre-M35 supervised users don't have correct labels for keys. 27 // After new supervised user key is added, migration is done in following way: 28 // 1) Master key is added with correct label 29 // 2) Old supervised user's key is deleted. 30 // 3) Old master key is deleted. 31 class ManagerPasswordService 32 : public KeyedService, 33 public chromeos::ExtendedAuthenticator::NewAuthStatusConsumer { 34 public: 35 ManagerPasswordService(); 36 virtual ~ManagerPasswordService(); 37 38 virtual void Shutdown() OVERRIDE; 39 40 void Init(const std::string& user_id, 41 SupervisedUserSyncService* user_service, 42 SupervisedUserSharedSettingsService* service); 43 44 // chromeos::ExtendedAuthenticator::AuthStatusConsumer overrides: 45 virtual void OnAuthenticationFailure(ExtendedAuthenticator::AuthState state) 46 OVERRIDE; 47 48 private: 49 void OnSharedSettingsChange(const std::string& su_id, const std::string& key); 50 void GetSupervisedUsersCallback( 51 const std::string& sync_su_id, 52 const std::string& user_id, 53 scoped_ptr<base::DictionaryValue> password_data, 54 const base::DictionaryValue* supervised_users); 55 void OnAddKeySuccess(const UserContext& master_key_context, 56 const std::string& user_id, 57 scoped_ptr<base::DictionaryValue> password_data); 58 void OnKeyTransformedIfNeeded(const UserContext& master_key_context); 59 void OnNewManagerKeySuccess(const UserContext& master_key_context); 60 void OnOldSupervisedUserKeyDeleted(const UserContext& master_key_context); 61 void OnOldManagerKeyDeleted(const UserContext& master_key_context); 62 63 // Cached value from Init(). 64 // User id of currently logged in user, that have supervised users on device. 65 std::string user_id_; 66 SupervisedUserSyncService* user_service_; 67 SupervisedUserSharedSettingsService* settings_service_; 68 69 scoped_ptr<SupervisedUserSharedSettingsService::ChangeCallbackList:: 70 Subscription> 71 settings_service_subscription_; 72 73 scoped_refptr<ExtendedAuthenticator> authenticator_; 74 75 base::WeakPtrFactory<ManagerPasswordService> weak_ptr_factory_; 76 77 DISALLOW_COPY_AND_ASSIGN(ManagerPasswordService); 78 }; 79 80 } // namespace chromeos 81 #endif // CHROME_BROWSER_SUPERVISED_USER_CHROMEOS_MANAGER_PASSWORD_SERVICE_H_ 82