Add new certificateProvider extension API.
[chromium-blink-merge.git] / chrome / browser / policy / cloud / user_policy_signin_service_mobile.cc
bloba73af22a7e193f6f5602479b21df8cf9822b55f9
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/policy/cloud/user_policy_signin_service_mobile.h"
7 #include "base/bind.h"
8 #include "base/bind_helpers.h"
9 #include "base/callback.h"
10 #include "base/logging.h"
11 #include "base/message_loop/message_loop.h"
12 #include "base/prefs/pref_service.h"
13 #include "base/time/time.h"
14 #include "chrome/browser/profiles/profile.h"
15 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
16 #include "chrome/common/pref_names.h"
17 #include "components/policy/core/common/cloud/cloud_policy_client_registration_helper.h"
18 #include "components/policy/core/common/cloud/user_cloud_policy_manager.h"
19 #include "components/policy/core/common/policy_switches.h"
20 #include "components/signin/core/browser/profile_oauth2_token_service.h"
21 #include "components/signin/core/browser/signin_manager.h"
22 #include "net/base/network_change_notifier.h"
23 #include "net/url_request/url_request_context_getter.h"
24 #include "policy/proto/device_management_backend.pb.h"
26 namespace em = enterprise_management;
28 namespace policy {
30 namespace {
32 #if defined(OS_IOS)
33 const em::DeviceRegisterRequest::Type kCloudPolicyRegistrationType =
34 em::DeviceRegisterRequest::IOS_BROWSER;
35 #elif defined(OS_ANDROID)
36 const em::DeviceRegisterRequest::Type kCloudPolicyRegistrationType =
37 em::DeviceRegisterRequest::ANDROID_BROWSER;
38 #else
39 #error "This file can be built only on OS_IOS or OS_ANDROID."
40 #endif
42 } // namespace
44 UserPolicySigninService::UserPolicySigninService(
45 Profile* profile,
46 PrefService* local_state,
47 DeviceManagementService* device_management_service,
48 UserCloudPolicyManager* policy_manager,
49 SigninManager* signin_manager,
50 scoped_refptr<net::URLRequestContextGetter> system_request_context,
51 ProfileOAuth2TokenService* token_service)
52 : UserPolicySigninServiceBase(profile,
53 local_state,
54 device_management_service,
55 policy_manager,
56 signin_manager,
57 system_request_context),
58 oauth2_token_service_(token_service),
59 profile_prefs_(profile->GetPrefs()),
60 weak_factory_(this) {
61 #if defined(OS_IOS)
62 // iOS doesn't create this service with the Profile; instead it's created
63 // a little bit later. See UserPolicySigninServiceFactory.
64 InitializeOnProfileReady(profile);
65 #endif
68 UserPolicySigninService::~UserPolicySigninService() {}
70 void UserPolicySigninService::RegisterForPolicy(
71 const std::string& username,
72 const PolicyRegistrationCallback& callback) {
73 RegisterForPolicyInternal(username, "", callback);
76 #if !defined(OS_ANDROID)
77 void UserPolicySigninService::RegisterForPolicyWithAccessToken(
78 const std::string& username,
79 const std::string& access_token,
80 const PolicyRegistrationCallback& callback) {
81 RegisterForPolicyInternal(username, access_token, callback);
84 // static
85 std::vector<std::string> UserPolicySigninService::GetScopes() {
86 return CloudPolicyClientRegistrationHelper::GetScopes();
88 #endif
90 void UserPolicySigninService::RegisterForPolicyInternal(
91 const std::string& username,
92 const std::string& access_token,
93 const PolicyRegistrationCallback& callback) {
94 // Create a new CloudPolicyClient for fetching the DMToken.
95 scoped_ptr<CloudPolicyClient> policy_client = CreateClientForRegistrationOnly(
96 username);
97 if (!policy_client) {
98 callback.Run(std::string(), std::string());
99 return;
102 CancelPendingRegistration();
104 // Fire off the registration process. Callback keeps the CloudPolicyClient
105 // alive for the length of the registration process.
106 registration_helper_.reset(new CloudPolicyClientRegistrationHelper(
107 policy_client.get(),
108 kCloudPolicyRegistrationType));
110 if (access_token.empty()) {
111 registration_helper_->StartRegistration(
112 oauth2_token_service_,
113 username,
114 base::Bind(&UserPolicySigninService::CallPolicyRegistrationCallback,
115 base::Unretained(this),
116 base::Passed(&policy_client),
117 callback));
118 } else {
119 #if defined(OS_ANDROID)
120 NOTREACHED();
121 #else
122 registration_helper_->StartRegistrationWithAccessToken(
123 access_token,
124 base::Bind(&UserPolicySigninService::CallPolicyRegistrationCallback,
125 base::Unretained(this),
126 base::Passed(&policy_client),
127 callback));
128 #endif
132 void UserPolicySigninService::CallPolicyRegistrationCallback(
133 scoped_ptr<CloudPolicyClient> client,
134 PolicyRegistrationCallback callback) {
135 registration_helper_.reset();
136 callback.Run(client->dm_token(), client->client_id());
139 void UserPolicySigninService::Shutdown() {
140 CancelPendingRegistration();
141 registration_helper_.reset();
142 UserPolicySigninServiceBase::Shutdown();
145 void UserPolicySigninService::OnInitializationCompleted(
146 CloudPolicyService* service) {
147 UserCloudPolicyManager* manager = policy_manager();
148 DCHECK_EQ(service, manager->core()->service());
149 DCHECK(service->IsInitializationComplete());
150 // The service is now initialized - if the client is not yet registered, then
151 // it means that there is no cached policy and so we need to initiate a new
152 // client registration.
153 if (manager->IsClientRegistered()) {
154 DVLOG(1) << "Client already registered - not fetching DMToken";
155 return;
158 net::NetworkChangeNotifier::ConnectionType connection_type =
159 net::NetworkChangeNotifier::GetConnectionType();
160 base::TimeDelta retry_delay = base::TimeDelta::FromDays(3);
161 if (connection_type == net::NetworkChangeNotifier::CONNECTION_ETHERNET ||
162 connection_type == net::NetworkChangeNotifier::CONNECTION_WIFI) {
163 retry_delay = base::TimeDelta::FromDays(1);
166 base::Time last_check_time = base::Time::FromInternalValue(
167 profile_prefs_->GetInt64(prefs::kLastPolicyCheckTime));
168 base::Time now = base::Time::Now();
169 base::Time next_check_time = last_check_time + retry_delay;
171 // Check immediately if no check was ever done before (last_check_time == 0),
172 // or if the last check was in the future (?), or if we're already past the
173 // next check time. Otherwise, delay checking until the next check time.
174 base::TimeDelta try_registration_delay = base::TimeDelta::FromSeconds(5);
175 if (now > last_check_time && now < next_check_time)
176 try_registration_delay = next_check_time - now;
178 base::MessageLoop::current()->PostDelayedTask(
179 FROM_HERE,
180 base::Bind(&UserPolicySigninService::RegisterCloudPolicyService,
181 weak_factory_.GetWeakPtr()),
182 try_registration_delay);
185 void UserPolicySigninService::ShutdownUserCloudPolicyManager() {
186 CancelPendingRegistration();
187 UserPolicySigninServiceBase::ShutdownUserCloudPolicyManager();
190 void UserPolicySigninService::RegisterCloudPolicyService() {
191 // If the user signed-out while this task was waiting then Shutdown() would
192 // have been called, which would have invalidated this task. Since we're here
193 // then the user must still be signed-in.
194 DCHECK(signin_manager()->IsAuthenticated());
195 DCHECK(!policy_manager()->IsClientRegistered());
196 DCHECK(policy_manager()->core()->client());
198 // Persist the current time as the last policy registration attempt time.
199 profile_prefs_->SetInt64(prefs::kLastPolicyCheckTime,
200 base::Time::Now().ToInternalValue());
202 registration_helper_.reset(new CloudPolicyClientRegistrationHelper(
203 policy_manager()->core()->client(),
204 kCloudPolicyRegistrationType));
205 registration_helper_->StartRegistration(
206 oauth2_token_service_,
207 signin_manager()->GetAuthenticatedAccountId(),
208 base::Bind(&UserPolicySigninService::OnRegistrationDone,
209 base::Unretained(this)));
212 void UserPolicySigninService::CancelPendingRegistration() {
213 weak_factory_.InvalidateWeakPtrs();
216 void UserPolicySigninService::OnRegistrationDone() {
217 registration_helper_.reset();
220 } // namespace policy