• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5syntax = "proto2";
6
7option optimize_for = LITE_RUNTIME;
8
9package enterprise_management;
10
11// Meta-settings that control how a user receives regular settings
12// (CloudPolicySettings) for Chrome. The name "Initial" indicates that
13// these settings will be downloaded before Chrome starts requesting
14// regular settings.
15message ChromeInitialSettingsProto {
16  enum EnrollmentProvision {
17    // The users's device is not automatically enrolled for policies, but the
18    // user may choose to try to enroll it.
19    UNMANAGED = 0;
20    // The user must enroll its device for policies.
21    MANAGED = 1;
22  }
23  // Chrome will interpret this as UNMANAGED if unset.
24  optional EnrollmentProvision enrollment_provision = 1 [default = UNMANAGED];
25}
26
27// Request from device to server to register device.
28message DeviceRegisterRequest {
29  // Reregister device without erasing server state.  It can be used
30  // to refresh dmtoken etc.  Client MUST set this value to true if it
31  // reuses an existing device id.
32  optional bool reregister = 1;
33
34  // Device register type.  This field does not exist for TT release.
35  // When a client requests for policies, server should verify the
36  // client has been registered properly.  For example, a client must
37  // register with type DEVICE in order to retrieve device policies.
38  enum Type {
39    TT   = 0;       // Register for TT release.
40    USER = 1;       // Register for user polices.
41    DEVICE = 2;     // Register for device policies.
42  }
43  // NOTE: we also use this field to detect client version.  If this
44  // field is missing, then the request comes from TT.  We will remove
45  // Chrome OS TT support once it is over.
46  optional Type type = 2 [default = TT];
47
48  // Machine hardware id, such as MEID, Mac adress.
49  // This field is required if register type == DEVICE.
50  optional string machine_id = 3;
51
52  // Machine model name, such as "ZGA", "Cr-48", "Nexus One".  If the
53  // model name is not available, client SHOULD send generic name like
54  // "Android", or "Chrome OS".
55  optional string machine_model = 4;
56}
57
58// Response from server to device register request.
59message DeviceRegisterResponse {
60  // Device mangement token for this registration.  This token MUST be
61  // part of HTTP Authorization header for all future requests from
62  // device to server.
63  required string device_management_token = 1;
64
65  // Device display name.  By default, server generates the name in
66  // the format of "Machine Model - Machine Id".  However, domain
67  // admin can update it using CPanel, so do NOT treat it as constant.
68  optional string machine_name = 2;
69}
70
71// Request from device to server to unregister device.
72// GoogleDMToken MUST be in HTTP Authorization header.
73message DeviceUnregisterRequest {
74}
75
76// Response from server to device for unregister request.
77message DeviceUnregisterResponse {
78}
79
80// Request for a setting or with optional watermark on client side.
81// TODO(gfeher): remove this after Chrome OS TT is over.
82message DevicePolicySettingRequest {
83  // setting key
84  required string key = 1;
85  // watermark last read from server if available.
86  optional string watermark = 2;
87}
88
89message PolicyFetchRequest {
90  // This is the policy type, which maps to D3 policy type internally.
91  // By convention, we use "/" as separator to create policy namespace.
92  // The policy type names are case insensitive.
93  //
94  // Possible values for Chrome OS are:
95  //   google/chromeos/device => ChromeDeviceSettingsProto
96  //   google/chromeos/user => ChromeSettingsProto
97  //   google/chromeos/unregistered_user => ChromeInitialSettingsProto
98  optional string policy_type = 1;
99
100  // This is the last policy timestamp that client received from server.
101  optional int64 timestamp = 2;
102
103  // Tell server what kind of security signature is required.
104  enum SignatureType {
105    NONE = 0;
106    SHA1_RSA = 1;
107  }
108  optional SignatureType signature_type = 3 [default = NONE];
109
110  // The version number of the public key that is currently stored
111  // on the client. This should be the last number the server had
112  // supplied as new_public_key_version in PolicyData.
113  // This field is unspecified if the client does not yet have a
114  // public key.
115  optional int32 public_key_version = 4;
116}
117
118// This message is included in serialized form in PolicyFetchResponse
119// below.  It may also be signed, with the signature being created for
120// the serialized form.
121message PolicyData {
122  // See PolicyFetchRequest.policy_type.
123  optional string policy_type = 1;
124
125  // [timestamp] is milli seconds since Epoch in UTC timezone. It is
126  // included here so that the time at which the server issued this
127  // response cannot be faked (as protection against replay attacks).
128  // It is the timestamp generated by DMServer, NOT the time admin
129  // last updated the policy or anything like that.
130  optional int64 timestamp = 2;
131
132  // The DM token that was used by the client in the HTTP POST header
133  // for authenticating the request. It is included here again so that
134  // the client can verify that the response is meant for him (and not
135  // issued by a replay or man-in-the-middle attack).
136  optional string request_token = 3;
137
138  // The serialized value of the actual policy protobuf.  This can be
139  // deserialized to an instance of, for example, ChromeSettingsProto
140  // or ChromeUserSettingsProto.
141  optional bytes policy_value = 4;
142
143  // The device display name assigned by the server.  It is only
144  // filled if the display name is available.
145  //
146  // The display name of the machine as generated by the server or set
147  // by the Administrator in the CPanel GUI. This is the same thing as
148  // |machine_name| in DeviceRegisterResponse but it might have
149  // changed since then.
150  optional string machine_name = 5;
151
152  // Version number of the server's current public key. (The key that
153  // was used to sign this response. Numbering should start at 1 and be
154  // increased by 1 at each key rotation.)
155  optional int32 public_key_version = 6;
156
157  // The user this policy is intended for. In case of device policy, the name
158  // of the owner (who registered the device).
159  optional string username = 7;
160
161  // In this field the DMServer should echo back the "deviceid" HTTP parameter
162  // from the request.
163  optional string device_id = 8;
164}
165
166message PolicyFetchResponse {
167  // Since a single policy request may ask for multiple policies, we
168  // provide separate error code for each individual policy fetch.
169
170  // We will use standard HTTP Status Code as error code.
171  optional int32  error_code = 1;
172
173  // Human readable error message for customer support purpose.
174  optional string error_message = 2;
175
176  // This is a serialized |PolicyData| protobuf (defined above).
177  optional bytes policy_data = 3;
178
179  // Signature of the policy data above.
180  optional bytes policy_data_signature = 4;
181
182  // If the public key has been rotated on the server, the new public
183  // key is sent here. It is already used for |policy_data_signature|
184  // above, whereas |new_public_key_signature| is created using the
185  // old key (so the client can trust the new key). If this is the
186  // first time when the client requests policies (so it doesn't have
187  // on old public key), then |new_public_key_signature| is empty.
188  optional bytes new_public_key = 5;
189  optional bytes new_public_key_signature = 6;
190}
191
192// Request from device to server for reading policies.
193message DevicePolicyRequest {
194  // identify request scope: CrOS settings or other type of settings.
195  // TODO(gfeher): remove this after Chrome OS TT is over.
196  optional string policy_scope = 1;
197  // identify key to the settings: proxy etc.
198  // TODO(gfeher): remove this after Chrome OS TT is over.
199  repeated DevicePolicySettingRequest setting_request = 2;
200
201  // The policy fetch request.  If this field exists, the request must
202  // comes from a non-TT client.  The repeated field allows client to
203  // request multiple policies for better performance.
204  repeated PolicyFetchRequest request = 3;
205}
206
207// Response from server to device for reading policies.
208message DevicePolicyResponse {
209  // The policy fetch response.
210  repeated PolicyFetchResponse response = 3;
211}
212
213// Request from the DMAgent on the device to the DMServer.  This is
214// container for all requests from device to server.  The overall HTTP
215// request MUST be in the following format:
216//
217// * HTTP method is POST
218// * Data mime type is application/x-protobuffer
219// * HTTP parameters are (all required, all case sensitive):
220//   * request: MUST BE one of register/unregister/policy/ping
221//   * devicetype: MUST BE "1" for Android or "2" for Chrome OS.
222//   * apptype: MUST BE Android or Chrome.
223//   * deviceid: MUST BE no more than 64-char in [\x21-\x7E].
224//   * agent: MUST BE no more than 64-char long.
225// * HTTP Authorization header MUST be in the following formats:
226//   * For register and ping requests
227//     Authorization: GoogleLogin auth=<auth cookie for Mobile Sync>
228//
229//   * For unregister and policy requests
230//      Authorization: GoogleDMToken token=<dm token from register>
231//
232//   * OAuth is NOT supported yet.
233message DeviceManagementRequest {
234  // Register request.
235  optional DeviceRegisterRequest register_request = 1;
236
237  // Unregister request.
238  optional DeviceUnregisterRequest unregister_request = 2;
239
240  // Policy request.
241  optional DevicePolicyRequest policy_request = 3;
242}
243
244// Response from server to device.
245//
246// The server uses the following numbers as HTTP status codes
247// to report top-level errors.
248//
249// 200 OK: valid response is returned to client.
250// 400 Bad Request: invalid argument.
251// 401 Unauthorized: invalid auth cookie or DM token.
252// 403 Forbidden: device management is not allowed.
253// 404 Not Found: the request URL is invalid.
254// 491 Request Pending: the request is pending approval.
255// 500 Internal Server Error: most likely a bug in DM server.
256// 503 Service Unavailable: most likely a backend error.
257// 901 Device Not Found: the device id is not found.
258// 902 Policy Not Found: the policy is not found.
259message DeviceManagementResponse {
260  // Error message.
261  optional string error_message = 2;
262
263  // Register response
264  optional DeviceRegisterResponse register_response = 3;
265
266  // Unregister response
267  optional DeviceUnregisterResponse unregister_response = 4;
268
269  // Policy response.
270  optional DevicePolicyResponse policy_response = 5;
271}
272