1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_ 6 #define CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_ 7 8 #include <string> 9 10 #include "base/basictypes.h" 11 #include "base/callback.h" 12 #include "base/compiler_specific.h" 13 #include "base/memory/ref_counted.h" 14 #include "base/memory/scoped_ptr.h" 15 #include "base/memory/weak_ptr.h" 16 #include "components/keyed_service/core/keyed_service.h" 17 #include "components/policy/core/common/cloud/cloud_policy_client.h" 18 #include "components/policy/core/common/cloud/cloud_policy_service.h" 19 #include "components/signin/core/browser/signin_manager.h" 20 #include "content/public/browser/notification_observer.h" 21 #include "content/public/browser/notification_registrar.h" 22 23 class PrefService; 24 class Profile; 25 26 namespace net { 27 class URLRequestContextGetter; 28 } 29 30 namespace policy { 31 32 class DeviceManagementService; 33 class UserCloudPolicyManager; 34 35 // The UserPolicySigninService is responsible for interacting with the policy 36 // infrastructure (mainly UserCloudPolicyManager) to load policy for the signed 37 // in user. This is the base class that contains shared behavior. 38 // 39 // At signin time, this class initializes the UCPM and loads policy before any 40 // other signed in services are initialized. After each restart, this class 41 // ensures that the CloudPolicyClient is registered (in case the policy server 42 // was offline during the initial policy fetch) and if not it initiates a fresh 43 // registration process. 44 // 45 // Finally, if the user signs out, this class is responsible for shutting down 46 // the policy infrastructure to ensure that any cached policy is cleared. 47 class UserPolicySigninServiceBase : public KeyedService, 48 public CloudPolicyClient::Observer, 49 public CloudPolicyService::Observer, 50 public content::NotificationObserver, 51 public SigninManagerBase::Observer { 52 public: 53 // The callback invoked once policy registration is complete. Passed 54 // |dm_token| and |client_id| parameters are empty if policy registration 55 // failed. 56 typedef base::Callback<void(const std::string& dm_token, 57 const std::string& client_id)> 58 PolicyRegistrationCallback; 59 60 // The callback invoked once policy fetch is complete. Passed boolean 61 // parameter is set to true if the policy fetch succeeded. 62 typedef base::Callback<void(bool)> PolicyFetchCallback; 63 64 // Creates a UserPolicySigninServiceBase associated with the passed |profile|. 65 UserPolicySigninServiceBase( 66 Profile* profile, 67 PrefService* local_state, 68 DeviceManagementService* device_management_service, 69 UserCloudPolicyManager* policy_manager, 70 SigninManager* signin_manager, 71 scoped_refptr<net::URLRequestContextGetter> system_request_context); 72 virtual ~UserPolicySigninServiceBase(); 73 74 // Initiates a policy fetch as part of user signin, using a |dm_token| and 75 // |client_id| fetched via RegisterForPolicy(). |callback| is invoked 76 // once the policy fetch is complete, passing true if the policy fetch 77 // succeeded. 78 void FetchPolicyForSignedInUser( 79 const std::string& username, 80 const std::string& dm_token, 81 const std::string& client_id, 82 scoped_refptr<net::URLRequestContextGetter> profile_request_context, 83 const PolicyFetchCallback& callback); 84 85 // SigninManagerBase::Observer implementation: 86 virtual void GoogleSignedOut(const std::string& username) OVERRIDE; 87 88 // content::NotificationObserver implementation: 89 virtual void Observe(int type, 90 const content::NotificationSource& source, 91 const content::NotificationDetails& details) OVERRIDE; 92 93 // CloudPolicyService::Observer implementation: 94 virtual void OnInitializationCompleted(CloudPolicyService* service) OVERRIDE; 95 96 // CloudPolicyClient::Observer implementation: 97 virtual void OnPolicyFetched(CloudPolicyClient* client) OVERRIDE; 98 virtual void OnRegistrationStateChanged(CloudPolicyClient* client) OVERRIDE; 99 virtual void OnClientError(CloudPolicyClient* client) OVERRIDE; 100 101 // KeyedService implementation: 102 virtual void Shutdown() OVERRIDE; 103 104 void SetSystemRequestContext( 105 scoped_refptr<net::URLRequestContextGetter> request_context); 106 107 protected: system_request_context()108 net::URLRequestContextGetter* system_request_context() { 109 return system_request_context_; 110 } 111 112 // Returns a CloudPolicyClient to perform a registration with the DM server, 113 // or NULL if |username| shouldn't register for policy management. 114 scoped_ptr<CloudPolicyClient> CreateClientForRegistrationOnly( 115 const std::string& username); 116 117 // Returns false if cloud policy is disabled or if the passed |email_address| 118 // is definitely not from a hosted domain (according to the blacklist in 119 // BrowserPolicyConnector::IsNonEnterpriseUser()). 120 bool ShouldLoadPolicyForUser(const std::string& email_address); 121 122 // Invoked to initialize the UserPolicySigninService once its owning Profile 123 // becomes ready. If the Profile has a signed-in account associated with it 124 // at startup then this initializes the cloud policy manager by calling 125 // InitializeForSignedInUser(); otherwise it clears any stored policies. 126 void InitializeOnProfileReady(Profile* profile); 127 128 // Invoked to initialize the cloud policy service for |username|, which is the 129 // account associated with the Profile that owns this service. This is invoked 130 // from InitializeOnProfileReady() if the Profile already has a signed-in 131 // account at startup, or (on the desktop platforms) as soon as the user 132 // signs-in and an OAuth2 login refresh token becomes available. 133 void InitializeForSignedInUser( 134 const std::string& username, 135 scoped_refptr<net::URLRequestContextGetter> profile_request_context); 136 137 // Initializes the cloud policy manager with the passed |client|. This is 138 // called from InitializeForSignedInUser() when the Profile already has a 139 // signed in account at startup, and from FetchPolicyForSignedInUser() during 140 // the initial policy fetch after signing in. 141 virtual void InitializeUserCloudPolicyManager( 142 const std::string& username, 143 scoped_ptr<CloudPolicyClient> client); 144 145 // Prepares for the UserCloudPolicyManager to be shutdown due to 146 // user signout or profile destruction. 147 virtual void PrepareForUserCloudPolicyManagerShutdown(); 148 149 // Shuts down the UserCloudPolicyManager (for example, after the user signs 150 // out) and deletes any cached policy. 151 virtual void ShutdownUserCloudPolicyManager(); 152 153 // Convenience helpers to get the associated UserCloudPolicyManager and 154 // SigninManager. policy_manager()155 UserCloudPolicyManager* policy_manager() { return policy_manager_; } signin_manager()156 SigninManager* signin_manager() { return signin_manager_; } 157 registrar()158 content::NotificationRegistrar* registrar() { return ®istrar_; } 159 160 private: 161 // Helper functions to create a request context for use by CloudPolicyClients. 162 scoped_refptr<net::URLRequestContextGetter> CreateUserRequestContext( 163 scoped_refptr<net::URLRequestContextGetter> profile_request_context); 164 scoped_refptr<net::URLRequestContextGetter> CreateSystemRequestContext(); 165 166 // Weak pointer to the UserCloudPolicyManager and SigninManager this service 167 // is associated with. 168 UserCloudPolicyManager* policy_manager_; 169 SigninManager* signin_manager_; 170 171 content::NotificationRegistrar registrar_; 172 173 PrefService* local_state_; 174 DeviceManagementService* device_management_service_; 175 scoped_refptr<net::URLRequestContextGetter> system_request_context_; 176 177 base::WeakPtrFactory<UserPolicySigninServiceBase> weak_factory_; 178 179 DISALLOW_COPY_AND_ASSIGN(UserPolicySigninServiceBase); 180 }; 181 182 } // namespace policy 183 184 #endif // CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_ 185