• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1/*
2 * Copyright (C) 2023 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17syntax = "proto2";
18
19package devicelockcontroller;
20
21import "google/protobuf/timestamp.proto";
22import "configuration_info.proto";
23import "device_checkin_info.proto";
24import "device_info.proto";
25import "enrollment_info.proto";
26
27option java_package = "com.android.devicelockcontroller.proto";
28option java_multiple_files = true;
29
30// This service is used by the Device Lock Android client to facilitate device
31// provisioning of an eligible device into a Device Lock locking program.
32service DeviceLockCheckinService {
33  // Fetches the check-in status of the device.
34  rpc GetDeviceCheckinStatus(GetDeviceCheckinStatusRequest)
35      returns (GetDeviceCheckinStatusResponse) {}
36
37  // Determines if a device is in an approved country.
38  rpc IsDeviceInApprovedCountry(IsDeviceInApprovedCountryRequest)
39      returns (IsDeviceInApprovedCountryResponse) {}
40
41  // Pauses the provisioning of the device.
42  rpc PauseDeviceProvisioning(PauseDeviceProvisioningRequest)
43      returns (PauseDeviceProvisioningResponse) {}
44
45  // Reports the device provision state of a device that is undergoing device
46  // provisioning.
47  rpc ReportDeviceProvisionState(ReportDeviceProvisionStateRequest)
48      returns (ReportDeviceProvisionStateResponse) {}
49
50  // Updates FCM token for a device.
51  rpc UpdateFcmToken(UpdateFcmTokenRequest)
52      returns (UpdateFcmTokenResponse) {}
53}
54
55// Request to retrieve the check-in status of the device.
56message GetDeviceCheckinStatusRequest {
57  // The device identifiers associated with the device provided by the Device
58  // Lock Android client. The Device Lock Android client would provide only one
59  // device identifier once the Device Lock Check-in service determines which
60  // of the device identifiers is registered with a locking program.
61  repeated ClientDeviceIdentifier client_device_identifiers = 1;
62  // The Mobile Network Code for the carrier, the Device Lock Android client
63  // would fetch it from TelephonyManager#getSimOperator().
64  optional string carrier_mccmnc = 2;
65  // The Firebase Cloud Messaging (FCM) registration token associated with the
66  // device provided by the Device Lock Android client. The token is only used
67  // for GMS devices.
68  optional string fcm_registration_token = 3;
69  // The name of the manufacturer of the device.
70  optional string device_manufacturer = 4;
71  // The name of the model of the device.
72  optional string device_model = 5;
73  // The internal name of the device.
74  optional string device_internal_name = 6;
75  // The locale of the device.
76  optional string device_locale = 7;
77  // The version of the apex package on the device.
78  optional uint64 apex_version = 8;
79}
80
81message ClientDeviceIdentifier {
82  // The device identifier associated with the device.
83  optional string device_identifier = 1;
84  // The type of the device identifier.
85  optional DeviceIdentifierType device_identifier_type = 2;
86}
87
88// The different check-in status the Device Lock Android client can be in.
89enum ClientCheckinStatus {
90  CLIENT_CHECKIN_STATUS_UNSPECIFIED = 0;
91  // The device is not ready for provision. The Device Lock Android client
92  // would need to do another check-in.
93  CLIENT_CHECKIN_STATUS_RETRY_CHECKIN = 1;
94  // The device is ready for provision. The Device Lock Android client can use
95  // the device provisioning information provided by the Device Lock server to
96  // provision the device.
97  CLIENT_CHECKIN_STATUS_READY_FOR_PROVISION = 2;
98  // The device no longer needs to be provisioned. The Device Lock Android
99  // client can stop future check-ins.
100  CLIENT_CHECKIN_STATUS_STOP_CHECKIN = 3;
101}
102
103// Response to a request to retrieve the check-in status of a given device.
104message GetDeviceCheckinStatusResponse {
105  // The Device Lock Android client check-in status determined by the Device
106  // Lock server.
107  optional ClientCheckinStatus client_checkin_status = 1;
108  // Set by the Device Lock server when the Device Lock Android client provides
109  // multiple device identifiers and one of the multiple device identifiers is
110  // registered with the Device Lock server. The client should use the device
111  // identifier that was found for any future communications with the Device
112  // Lock server.
113  optional string registered_device_identifier = 2;
114  // One of the following fields will get populated based on the device
115  // check-in status. But if the Device Lock server determines that the Device
116  // Lock Android client no longer needs to do a check-in, then none of the
117  // fields will be populated.
118  oneof next_steps {
119    // The Device Lock server determined that the Device Lock Android client
120    // needs to perform another device check-in.
121    NextCheckinInformation next_checkin_information = 3;
122    // The Device Lock server determined that the Device Lock Android client
123    // can now provision the device.
124    DeviceProvisioningInformation device_provisioning_information = 4;
125  }
126}
127
128// Information needed by the Device Lock Android client for the next check-in.
129message NextCheckinInformation {
130  // Set by the Device Lock server which tells the Device Lock Android client
131  // the date when the next check-in should happen.
132  optional google.protobuf.Timestamp next_checkin_timestamp = 1;
133}
134
135// Information needed by the Device Lock Android client for device provisioning.
136message DeviceProvisioningInformation {
137  // The configuration information assigned to the device.
138  optional ConfigurationInfo configuration_information = 1;
139  // The type of enrollment assigned to the device. This is used by the
140  // Device Lock Android client to determine what type of strings should be
141  // shown to the user.
142  optional EnrollmentType enrollment_type = 2;
143  // The provision type selected when enrolling the device into a locking
144  // program. The Device Lock Android client would use this to determine which
145  // provision approach should be used to provision the device.
146  optional DeviceProvisionType device_provision_type = 3;
147  // Whether the Device Lock Android client should force the provisioning. If
148  // true, then the user cannot stop device provisioning. Otherwise, if false,
149  // then the user can optionally pause device provisioning.
150  optional bool force_provisioning = 4;
151  // Whether the device is an approved country. If true, then the Device Lock
152  // Android client can proceed with device provisioning. Otherwise, this would
153  // be considered a provisioning failure and the Device Lock Android client
154  // would use the ReportDeviceProvisionState RPC to report the provision
155  // failure.
156  optional bool is_device_in_approved_country = 5;
157  // Whether the device is allowed to use adb debugging on production builds.
158  // Should only be true for a small set of tester devices.
159  optional bool allow_debugging = 6;
160}
161
162// Request to determine whether a registered device is in an approved country.
163message IsDeviceInApprovedCountryRequest {
164  // The device identifier that is registered with the Device Lock server.
165  optional string registered_device_identifier = 1;
166  // The Mobile Network Code for the carrier, the Device Lock Android client
167  // would fetch it from TelephonyManager#getSimOperator().
168  optional string carrier_mccmnc = 2;
169}
170
171// Response to a request for determining if a registered device is in an
172// approved country.
173message IsDeviceInApprovedCountryResponse {
174  // Whether the device is an approved country.
175  optional bool is_device_in_approved_country = 1;
176}
177
178// The different reasons device provisioning can be paused.
179enum PauseDeviceProvisioningReason {
180  PAUSE_DEVICE_PROVISIONING_REASON_UNSPECIFIED = 0;
181  // If given as an option to the user, the user can pause device provisioning.
182  // For example, the user is currently driving and the Device Lock Android
183  // client is prompting the user to proceed with device provisioning.
184  PAUSE_DEVICE_PROVISIONING_REASON_USER_DEFERRED_DEVICE_PROVISIONING = 1;
185}
186
187// Request to pause device provisioning of an eligible device.
188message PauseDeviceProvisioningRequest {
189  // The device identifier that is registered with the Device Lock server that
190  // is requesting to pause device provisioning.
191  optional string registered_device_identifier = 1;
192  // The reason for pausing device provisioning.
193  optional PauseDeviceProvisioningReason pause_device_provisioning_reason = 2;
194}
195
196// Response to a request to pause device provisioning of an eligible device.
197message PauseDeviceProvisioningResponse {}
198
199// The different reasons device provisioning can fail on a device.
200enum ClientProvisionFailureReason {
201  PROVISION_FAILURE_REASON_UNSPECIFIED = 0;
202  // Provision failed due to play installation task class is unavailable.
203  PROVISION_FAILURE_REASON_PLAY_TASK_UNAVAILABLE = 1;
204  // Provision failed due to play installation failed.
205  PROVISION_FAILURE_REASON_PLAY_INSTALLATION_FAILED = 2;
206  // Provision failed due to country eligibility information unavailable.
207  PROVISION_FAILURE_REASON_COUNTRY_INFO_UNAVAILABLE = 3;
208  // Provision failed due to device is not in an eligible country or region.
209  PROVISION_FAILURE_REASON_NOT_IN_ELIGIBLE_COUNTRY = 4;
210  // Provision failed due to inability to enforce policies.
211  PROVISION_FAILURE_REASON_POLICY_ENFORCEMENT_FAILED = 5;
212  // Provision failed previously and the device has stayed failing beyond
213  // the deadline.
214  PROVISION_FAILURE_REASON_DEADLINE_PASSED = 6;
215}
216
217// The different provision states of a device.
218enum ClientProvisionState {
219  CLIENT_PROVISION_STATE_UNSPECIFIED = 0;
220  // The Device Lock Android client would retry to provision the device.
221  CLIENT_PROVISION_STATE_RETRY = 1;
222  // The Device Lock Android client would inform the user that there has been
223  // an issue with device provisioning. The user can dismiss this.
224  CLIENT_PROVISION_STATE_DISMISSIBLE_UI = 2;
225  // The Device Lock Android client would inform the user that there has been
226  // an issue with device provisioning. The user cannot dismiss this.
227  CLIENT_PROVISION_STATE_PERSISTENT_UI = 3;
228  // The Device Lock Android client would factory reset the device because
229  // device provisioning could not be done.
230  CLIENT_PROVISION_STATE_FACTORY_RESET = 4;
231  // Device provisioning was a success.
232  CLIENT_PROVISION_STATE_SUCCESS = 5;
233}
234
235// Request to report the device provision state of a device that is
236// undergoing device provisioning.
237message ReportDeviceProvisionStateRequest {
238  // The reason why device provisioning failed if applicable.
239  optional ClientProvisionFailureReason client_provision_failure_reason = 1;
240  // The previous device provision state that the device was in. If not known,
241  // then CLIENT_PROVISION_STATE_UNSPECIFIED should be used. It is not known
242  // by the client on the first attempt of device provisioning.
243  optional ClientProvisionState previous_client_provision_state = 2;
244  // Whether device provision was a success.
245  optional bool provision_success = 3;
246  // The device identifier that is registered with the Device Lock server.
247  optional string registered_device_identifier = 4;
248}
249
250// Response to a request that is reporting the device provision state of a
251// device undergoing device provisioning.
252message ReportDeviceProvisionStateResponse {
253  // The Device Lock server determined the next provision state of the client.
254  // If the Device Lock Android client needs to send another gRPC request, then
255  // this provision state would be used as the previous provision state in the
256  // request.
257  optional ClientProvisionState next_client_provision_state = 1;
258  // The number of days left until the device should factory reset because of a failed provision.
259  // This number should only be used when next_client_provision_state is
260  // CLIENT_PROVISION_STATE_DISMISSIBLE_UI
261  optional uint32 days_left_until_reset = 2;
262}
263
264// Request to update FCM token for a device.
265message UpdateFcmTokenRequest {
266  // The device identifiers associated with the device provided by the Device
267  // Lock Android client.
268  repeated ClientDeviceIdentifier client_device_identifiers = 1;
269
270  // The Firebase Cloud Messaging (FCM) registration token associated with the
271  // device provided by the Device Lock Android client. The token is only used
272  // for GMS devices.
273  optional string fcm_registration_token = 2;
274}
275
276// Response to a request to update FCM token for a device.
277message UpdateFcmTokenResponse {
278  // The result of the update.
279  optional UpdateFcmTokenResult result = 1;
280}
281
282// The results of FCM token update.
283enum UpdateFcmTokenResult {
284  // Unspecified result.
285  UPDATE_FCM_TOKEN_RESULT_UNSPECIFIED = 0;
286
287  // Update to FCM token was successful.
288  UPDATE_FCM_TOKEN_RESULT_SUCCESS = 1;
289
290  // Update to FCM token was unsuccessful.
291  UPDATE_FCM_TOKEN_RESULT_FAILURE = 2;
292}
293