1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_
#define CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_
#include <string>
#include "base/basictypes.h"
#include "base/callback.h"
#include "base/compiler_specific.h"
#include "base/memory/ref_counted.h"
#include "base/memory/scoped_ptr.h"
#include "base/memory/weak_ptr.h"
#include "components/keyed_service/core/keyed_service.h"
#include "components/policy/core/common/cloud/cloud_policy_client.h"
#include "components/policy/core/common/cloud/cloud_policy_service.h"
#include "components/signin/core/browser/signin_manager.h"
#include "content/public/browser/notification_observer.h"
#include "content/public/browser/notification_registrar.h"
class PrefService;
class Profile;
namespace net {
class URLRequestContextGetter;
}
namespace policy {
class DeviceManagementService;
class UserCloudPolicyManager;
// The UserPolicySigninService is responsible for interacting with the policy
// infrastructure (mainly UserCloudPolicyManager) to load policy for the signed
// in user. This is the base class that contains shared behavior.
//
// At signin time, this class initializes the UCPM and loads policy before any
// other signed in services are initialized. After each restart, this class
// ensures that the CloudPolicyClient is registered (in case the policy server
// was offline during the initial policy fetch) and if not it initiates a fresh
// registration process.
//
// Finally, if the user signs out, this class is responsible for shutting down
// the policy infrastructure to ensure that any cached policy is cleared.
class UserPolicySigninServiceBase : public KeyedService,
public CloudPolicyClient::Observer,
public CloudPolicyService::Observer,
public content::NotificationObserver,
public SigninManagerBase::Observer {
public:
// The callback invoked once policy registration is complete. Passed
// |dm_token| and |client_id| parameters are empty if policy registration
// failed.
typedef base::Callback<void(const std::string& dm_token,
const std::string& client_id)>
PolicyRegistrationCallback;
// The callback invoked once policy fetch is complete. Passed boolean
// parameter is set to true if the policy fetch succeeded.
typedef base::Callback<void(bool)> PolicyFetchCallback;
// Creates a UserPolicySigninServiceBase associated with the passed |profile|.
UserPolicySigninServiceBase(
Profile* profile,
PrefService* local_state,
DeviceManagementService* device_management_service,
UserCloudPolicyManager* policy_manager,
SigninManager* signin_manager,
scoped_refptr<net::URLRequestContextGetter> system_request_context);
virtual ~UserPolicySigninServiceBase();
// Initiates a policy fetch as part of user signin, using a |dm_token| and
// |client_id| fetched via RegisterForPolicy(). |callback| is invoked
// once the policy fetch is complete, passing true if the policy fetch
// succeeded.
void FetchPolicyForSignedInUser(
const std::string& username,
const std::string& dm_token,
const std::string& client_id,
scoped_refptr<net::URLRequestContextGetter> profile_request_context,
const PolicyFetchCallback& callback);
// SigninManagerBase::Observer implementation:
virtual void GoogleSignedOut(const std::string& username) OVERRIDE;
// content::NotificationObserver implementation:
virtual void Observe(int type,
const content::NotificationSource& source,
const content::NotificationDetails& details) OVERRIDE;
// CloudPolicyService::Observer implementation:
virtual void OnInitializationCompleted(CloudPolicyService* service) OVERRIDE;
// CloudPolicyClient::Observer implementation:
virtual void OnPolicyFetched(CloudPolicyClient* client) OVERRIDE;
virtual void OnRegistrationStateChanged(CloudPolicyClient* client) OVERRIDE;
virtual void OnClientError(CloudPolicyClient* client) OVERRIDE;
// KeyedService implementation:
virtual void Shutdown() OVERRIDE;
void SetSystemRequestContext(
scoped_refptr<net::URLRequestContextGetter> request_context);
protected:
net::URLRequestContextGetter* system_request_context() {
return system_request_context_;
}
// Returns a CloudPolicyClient to perform a registration with the DM server,
// or NULL if |username| shouldn't register for policy management.
scoped_ptr<CloudPolicyClient> CreateClientForRegistrationOnly(
const std::string& username);
// Returns false if cloud policy is disabled or if the passed |email_address|
// is definitely not from a hosted domain (according to the blacklist in
// BrowserPolicyConnector::IsNonEnterpriseUser()).
bool ShouldLoadPolicyForUser(const std::string& email_address);
// Invoked to initialize the UserPolicySigninService once its owning Profile
// becomes ready. If the Profile has a signed-in account associated with it
// at startup then this initializes the cloud policy manager by calling
// InitializeForSignedInUser(); otherwise it clears any stored policies.
void InitializeOnProfileReady(Profile* profile);
// Invoked to initialize the cloud policy service for |username|, which is the
// account associated with the Profile that owns this service. This is invoked
// from InitializeOnProfileReady() if the Profile already has a signed-in
// account at startup, or (on the desktop platforms) as soon as the user
// signs-in and an OAuth2 login refresh token becomes available.
void InitializeForSignedInUser(
const std::string& username,
scoped_refptr<net::URLRequestContextGetter> profile_request_context);
// Initializes the cloud policy manager with the passed |client|. This is
// called from InitializeForSignedInUser() when the Profile already has a
// signed in account at startup, and from FetchPolicyForSignedInUser() during
// the initial policy fetch after signing in.
virtual void InitializeUserCloudPolicyManager(
const std::string& username,
scoped_ptr<CloudPolicyClient> client);
// Prepares for the UserCloudPolicyManager to be shutdown due to
// user signout or profile destruction.
virtual void PrepareForUserCloudPolicyManagerShutdown();
// Shuts down the UserCloudPolicyManager (for example, after the user signs
// out) and deletes any cached policy.
virtual void ShutdownUserCloudPolicyManager();
// Convenience helpers to get the associated UserCloudPolicyManager and
// SigninManager.
UserCloudPolicyManager* policy_manager() { return policy_manager_; }
SigninManager* signin_manager() { return signin_manager_; }
content::NotificationRegistrar* registrar() { return ®istrar_; }
private:
// Helper functions to create a request context for use by CloudPolicyClients.
scoped_refptr<net::URLRequestContextGetter> CreateUserRequestContext(
scoped_refptr<net::URLRequestContextGetter> profile_request_context);
scoped_refptr<net::URLRequestContextGetter> CreateSystemRequestContext();
// Weak pointer to the UserCloudPolicyManager and SigninManager this service
// is associated with.
UserCloudPolicyManager* policy_manager_;
SigninManager* signin_manager_;
content::NotificationRegistrar registrar_;
PrefService* local_state_;
DeviceManagementService* device_management_service_;
scoped_refptr<net::URLRequestContextGetter> system_request_context_;
base::WeakPtrFactory<UserPolicySigninServiceBase> weak_factory_;
DISALLOW_COPY_AND_ASSIGN(UserPolicySigninServiceBase);
};
} // namespace policy
#endif // CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_
|
