search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ExtensionSyncService: listen for relevant changes instead of being explicitly called...
[chromium-blink-merge.git] / chrome / browser / chromeos / login / supervised / supervised_user_creation_controller_new.h
blob6e0c6ac37eda66f821d54a5ee93471394b1f9d3e
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SUPERVISED_SUPERVISED_USER_CREATION_CONTROLLER_NEW_H_
6 #define CHROME_BROWSER_CHROMEOS_LOGIN_SUPERVISED_SUPERVISED_USER_CREATION_CONTROLLER_NEW_H_
7
8 #include <string>
9
10 #include "base/files/file_path.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/memory/weak_ptr.h"
13 #include "base/strings/string16.h"
14 #include "base/timer/timer.h"
15 #include "base/values.h"
16 #include "chrome/browser/chromeos/login/supervised/supervised_user_creation_controller.h"
17 #include "chrome/browser/supervised_user/legacy/supervised_user_registration_utility.h"
18 #include "chromeos/login/auth/extended_authenticator.h"
19
20 class Profile;
21
22 namespace chromeos {
23
24 class UserContext;
25
26 // Supervised user creation process:
27 // 0. Manager is logged in
28 // 1. Generate ID for new supervised user
29 // 2. Start "transaction" in Local State.
30 // 3, Generate keys for user : master key, salt, encryption and signature keys.
31 // 4. Create local cryptohome (errors could arise)
32 // 5. Create user in cloud (errors could arise)
33 // 6. Store cloud token in cryptohome (actually, error could arise).
34 // 7. Mark "transaction" as completed.
35 // 8. End manager session.
36 class SupervisedUserCreationControllerNew
37 : public SupervisedUserCreationController,
38 public ExtendedAuthenticator::NewAuthStatusConsumer {
39 public:
40 // All UI initialization is deferred till Init() call.
41 // |Consumer| is not owned by controller, and it is expected that it wouldn't
42 // be deleted before SupervisedUserCreationControllerNew.
43 SupervisedUserCreationControllerNew(StatusConsumer* consumer,
44 const std::string& manager_id);
45 ~SupervisedUserCreationControllerNew() override;
46
47 // Returns the current supervised user controller if it has been created.
48 static SupervisedUserCreationControllerNew* current_controller() {
49 return current_controller_;
50 }
51
52 // Set up controller for creating new supervised user with |display_name|,
53 // |password| and avatar indexed by |avatar_index|. StartCreation() have to
54 // be called to actually start creating user.
55 void StartCreation(const base::string16& display_name,
56 const std::string& password,
57 int avatar_index) override;
58
59 // Starts import of the supervised users created prior to M35. They lack
60 // information about password.
61 // Configures and initiates importing existing supervised user to this device.
62 // Existing user is identified by |sync_id|, has |display_name|, |password|,
63 // |avatar_index|. The master key for cryptohome is a |master_key|.
64 void StartImport(const base::string16& display_name,
65 const std::string& password,
66 int avatar_index,
67 const std::string& sync_id,
68 const std::string& master_key) override;
69
70 // Configures and initiates importing existing supervised user to this device.
71 // Existing user is identified by |sync_id|, has |display_name|,
72 // |avatar_index|. The master key for cryptohome is a |master_key|. The user
73 // has password specified in |password_data| and
74 // |encryption_key|/|signature_key| for cryptohome.
75 void StartImport(const base::string16& display_name,
76 int avatar_index,
77 const std::string& sync_id,
78 const std::string& master_key,
79 const base::DictionaryValue* password_data,
80 const std::string& encryption_key,
81 const std::string& signature_key) override;
82
83 void SetManagerProfile(Profile* manager_profile) override;
84 Profile* GetManagerProfile() override;
85
86 void CancelCreation() override;
87 void FinishCreation() override;
88 std::string GetSupervisedUserId() override;
89
90 private:
91 enum Stage {
92 // Just initial stage.
93 STAGE_INITIAL,
94
95 // Creation attempt is recoreded to allow cleanup in case of failure.
96 TRANSACTION_STARTED,
97 // Different keys are generated and public ones are stored in LocalState.
98 KEYS_GENERATED,
99 // Home directory is created with all necessary passwords.
100 CRYPTOHOME_CREATED,
101 // All user-related information is confirmed to exist on server.
102 DASHBOARD_CREATED,
103 // Managed user's sync token is written.
104 TOKEN_WRITTEN,
105 // Managed user is succesfully created.
106 TRANSACTION_COMMITTED,
107 // Some error happened while creating supervised user.
108 STAGE_ERROR,
109 };
110
111 // Indicates if we create new user, or import an existing one.
112 enum CreationType { NEW_USER, USER_IMPORT_OLD, USER_IMPORT_NEW, };
113
114 // Contains information necessary for new user creation.
115 struct UserCreationContext {
116 UserCreationContext();
117 ~UserCreationContext();
118
119 base::string16 display_name;
120 int avatar_index;
121
122 std::string manager_id;
123
124 std::string local_user_id; // Used to identify cryptohome.
125 std::string sync_user_id; // Used to identify user in manager's sync data.
126
127 // Keys:
128 std::string master_key; // Random string
129 std::string signature_key; // 256 bit HMAC key
130 std::string encryption_key; // 256 bit HMAC key
131 std::string salted_password; // Hash(salt + Hash(password))
132
133 std::string password;
134
135 std::string salted_master_key; // Hash(system salt + master key)
136 std::string mount_hash;
137
138 std::string token;
139
140 CreationType creation_type;
141
142 base::DictionaryValue password_data;
143
144 Profile* manager_profile;
145 scoped_ptr<SupervisedUserRegistrationUtility> registration_utility;
146 };
147
148 // SupervisedUserAuthenticator::StatusConsumer overrides.
149 void OnAuthenticationFailure(ExtendedAuthenticator::AuthState error) override;
150
151 // Authenticator success callbacks.
152 void OnMountSuccess(const std::string& mount_hash);
153 void OnAddKeySuccess();
154 void OnKeyTransformedIfNeeded(const UserContext& user_context);
155
156 void StartCreationImpl();
157
158 // Guard timer callback.
159 void CreationTimedOut();
160 // SupervisedUserRegistrationUtility callback.
161 void RegistrationCallback(const GoogleServiceAuthError& error,
162 const std::string& token);
163
164 // Completion callback for StoreSupervisedUserFiles method.
165 // Called on the UI thread.
166 void OnSupervisedUserFilesStored(bool success);
167
168 // Pointer to the current instance of the controller to be used by
169 // automation tests.
170 static SupervisedUserCreationControllerNew* current_controller_;
171
172 // Current stage of user creation.
173 Stage stage_;
174
175 // Authenticator used for user creation.
176 scoped_refptr<ExtendedAuthenticator> authenticator_;
177
178 // Creation context. Not null while creating new LMU.
179 scoped_ptr<UserCreationContext> creation_context_;
180
181 // Timer for showing warning if creation process takes too long.
182 base::OneShotTimer<SupervisedUserCreationControllerNew> timeout_timer_;
183
184 // Factory of callbacks.
185 base::WeakPtrFactory<SupervisedUserCreationControllerNew> weak_factory_;
186
187 DISALLOW_COPY_AND_ASSIGN(SupervisedUserCreationControllerNew);
188 };
189
190 } // namespace chromeos
191
192 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_SUPERVISED_SUPERVISED_USER_CREATION_CONTROLLER_NEW_H_