1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_
6 #define CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_
10 #include "base/basictypes.h"
11 #include "base/callback.h"
12 #include "base/compiler_specific.h"
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "base/memory/weak_ptr.h"
16 #include "components/keyed_service/core/keyed_service.h"
17 #include "components/policy/core/common/cloud/cloud_policy_client.h"
18 #include "components/policy/core/common/cloud/cloud_policy_service.h"
19 #include "components/signin/core/browser/signin_manager.h"
20 #include "content/public/browser/notification_observer.h"
21 #include "content/public/browser/notification_registrar.h"
27 class URLRequestContextGetter
;
32 class DeviceManagementService
;
33 class UserCloudPolicyManager
;
35 // The UserPolicySigninService is responsible for interacting with the policy
36 // infrastructure (mainly UserCloudPolicyManager) to load policy for the signed
37 // in user. This is the base class that contains shared behavior.
39 // At signin time, this class initializes the UCPM and loads policy before any
40 // other signed in services are initialized. After each restart, this class
41 // ensures that the CloudPolicyClient is registered (in case the policy server
42 // was offline during the initial policy fetch) and if not it initiates a fresh
43 // registration process.
45 // Finally, if the user signs out, this class is responsible for shutting down
46 // the policy infrastructure to ensure that any cached policy is cleared.
47 class UserPolicySigninServiceBase
: public KeyedService
,
48 public CloudPolicyClient::Observer
,
49 public CloudPolicyService::Observer
,
50 public content::NotificationObserver
,
51 public SigninManagerBase::Observer
{
53 // The callback invoked once policy registration is complete. Passed
54 // |dm_token| and |client_id| parameters are empty if policy registration
56 typedef base::Callback
<void(const std::string
& dm_token
,
57 const std::string
& client_id
)>
58 PolicyRegistrationCallback
;
60 // The callback invoked once policy fetch is complete. Passed boolean
61 // parameter is set to true if the policy fetch succeeded.
62 typedef base::Callback
<void(bool)> PolicyFetchCallback
;
64 // Creates a UserPolicySigninServiceBase associated with the passed |profile|.
65 UserPolicySigninServiceBase(
67 PrefService
* local_state
,
68 DeviceManagementService
* device_management_service
,
69 UserCloudPolicyManager
* policy_manager
,
70 SigninManager
* signin_manager
,
71 scoped_refptr
<net::URLRequestContextGetter
> system_request_context
);
72 ~UserPolicySigninServiceBase() override
;
74 // Initiates a policy fetch as part of user signin, using a |dm_token| and
75 // |client_id| fetched via RegisterForPolicy(). |callback| is invoked
76 // once the policy fetch is complete, passing true if the policy fetch
78 void FetchPolicyForSignedInUser(
79 const std::string
& username
,
80 const std::string
& dm_token
,
81 const std::string
& client_id
,
82 scoped_refptr
<net::URLRequestContextGetter
> profile_request_context
,
83 const PolicyFetchCallback
& callback
);
85 // SigninManagerBase::Observer implementation:
86 void GoogleSignedOut(const std::string
& account_id
,
87 const std::string
& username
) override
;
89 // content::NotificationObserver implementation:
90 void Observe(int type
,
91 const content::NotificationSource
& source
,
92 const content::NotificationDetails
& details
) override
;
94 // CloudPolicyService::Observer implementation:
95 void OnInitializationCompleted(CloudPolicyService
* service
) override
;
97 // CloudPolicyClient::Observer implementation:
98 void OnPolicyFetched(CloudPolicyClient
* client
) override
;
99 void OnRegistrationStateChanged(CloudPolicyClient
* client
) override
;
100 void OnClientError(CloudPolicyClient
* client
) override
;
102 // KeyedService implementation:
103 void Shutdown() override
;
105 void SetSystemRequestContext(
106 scoped_refptr
<net::URLRequestContextGetter
> request_context
);
109 net::URLRequestContextGetter
* system_request_context() {
110 return system_request_context_
.get();
113 // Returns a CloudPolicyClient to perform a registration with the DM server,
114 // or NULL if |username| shouldn't register for policy management.
115 scoped_ptr
<CloudPolicyClient
> CreateClientForRegistrationOnly(
116 const std::string
& username
);
118 // Returns false if cloud policy is disabled or if the passed |email_address|
119 // is definitely not from a hosted domain (according to the blacklist in
120 // BrowserPolicyConnector::IsNonEnterpriseUser()).
121 bool ShouldLoadPolicyForUser(const std::string
& email_address
);
123 // Invoked to initialize the UserPolicySigninService once its owning Profile
124 // becomes ready. If the Profile has a signed-in account associated with it
125 // at startup then this initializes the cloud policy manager by calling
126 // InitializeForSignedInUser(); otherwise it clears any stored policies.
127 void InitializeOnProfileReady(Profile
* profile
);
129 // Invoked to initialize the cloud policy service for |username|, which is the
130 // account associated with the Profile that owns this service. This is invoked
131 // from InitializeOnProfileReady() if the Profile already has a signed-in
132 // account at startup, or (on the desktop platforms) as soon as the user
133 // signs-in and an OAuth2 login refresh token becomes available.
134 void InitializeForSignedInUser(
135 const std::string
& username
,
136 scoped_refptr
<net::URLRequestContextGetter
> profile_request_context
);
138 // Initializes the cloud policy manager with the passed |client|. This is
139 // called from InitializeForSignedInUser() when the Profile already has a
140 // signed in account at startup, and from FetchPolicyForSignedInUser() during
141 // the initial policy fetch after signing in.
142 virtual void InitializeUserCloudPolicyManager(
143 const std::string
& username
,
144 scoped_ptr
<CloudPolicyClient
> client
);
146 // Prepares for the UserCloudPolicyManager to be shutdown due to
147 // user signout or profile destruction.
148 virtual void PrepareForUserCloudPolicyManagerShutdown();
150 // Shuts down the UserCloudPolicyManager (for example, after the user signs
151 // out) and deletes any cached policy.
152 virtual void ShutdownUserCloudPolicyManager();
154 // Convenience helpers to get the associated UserCloudPolicyManager and
156 UserCloudPolicyManager
* policy_manager() { return policy_manager_
; }
157 SigninManager
* signin_manager() { return signin_manager_
; }
159 content::NotificationRegistrar
* registrar() { return ®istrar_
; }
162 // Helper functions to create a request context for use by CloudPolicyClients.
163 scoped_refptr
<net::URLRequestContextGetter
> CreateUserRequestContext(
164 scoped_refptr
<net::URLRequestContextGetter
> profile_request_context
);
165 scoped_refptr
<net::URLRequestContextGetter
> CreateSystemRequestContext();
167 // Weak pointer to the UserCloudPolicyManager and SigninManager this service
168 // is associated with.
169 UserCloudPolicyManager
* policy_manager_
;
170 SigninManager
* signin_manager_
;
172 content::NotificationRegistrar registrar_
;
174 PrefService
* local_state_
;
175 DeviceManagementService
* device_management_service_
;
176 scoped_refptr
<net::URLRequestContextGetter
> system_request_context_
;
178 base::WeakPtrFactory
<UserPolicySigninServiceBase
> weak_factory_
;
180 DISALLOW_COPY_AND_ASSIGN(UserPolicySigninServiceBase
);
183 } // namespace policy
185 #endif // CHROME_BROWSER_POLICY_CLOUD_USER_POLICY_SIGNIN_SERVICE_BASE_H_