1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_SIGNIN_EASY_UNLOCK_SERVICE_H_
6 #define CHROME_BROWSER_SIGNIN_EASY_UNLOCK_SERVICE_H_
11 #include "base/macros.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "base/memory/weak_ptr.h"
14 #include "base/observer_list.h"
15 #include "chrome/browser/signin/easy_unlock_screenlock_state_handler.h"
16 #include "components/keyed_service/core/keyed_service.h"
18 #if defined(OS_CHROMEOS)
19 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_types.h"
23 class DictionaryValue;
27 namespace user_manager {
31 namespace user_prefs {
32 class PrefRegistrySyncable;
35 class EasyUnlockAuthAttempt;
36 class EasyUnlockServiceObserver;
38 class PrefRegistrySimple;
40 class EasyUnlockService : public KeyedService {
42 enum TurnOffFlowStatus {
53 // Gets EasyUnlockService instance.
54 static EasyUnlockService* Get(Profile* profile);
56 // Gets EasyUnlockService instance associated with a user if the user is
57 // logged in and his profile is initialized.
58 static EasyUnlockService* GetForUser(const user_manager::User& user);
60 // Registers Easy Unlock profile preferences.
61 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry);
63 // Registers Easy Unlock local state entries.
64 static void RegisterPrefs(PrefRegistrySimple* registry);
66 // Removes the hardlock state for the given user.
67 static void ResetLocalStateForUser(const std::string& user_id);
69 // Returns true if Easy sign-in is enabled.
70 static bool IsSignInEnabled();
72 // Returns the EasyUnlockService type.
73 virtual Type GetType() const = 0;
75 // Returns the user currently associated with the service.
76 virtual std::string GetUserEmail() const = 0;
78 // Launches Easy Unlock Setup app.
79 virtual void LaunchSetup() = 0;
81 // Gets/Sets/Clears the permit access for the local device.
82 virtual const base::DictionaryValue* GetPermitAccess() const = 0;
83 virtual void SetPermitAccess(const base::DictionaryValue& permit) = 0;
84 virtual void ClearPermitAccess() = 0;
86 // Gets/Sets/Clears the remote devices list.
87 virtual const base::ListValue* GetRemoteDevices() const = 0;
88 virtual void SetRemoteDevices(const base::ListValue& devices) = 0;
89 virtual void ClearRemoteDevices() = 0;
91 // Runs the flow for turning Easy unlock off.
92 virtual void RunTurnOffFlow() = 0;
94 // Resets the turn off flow if one is in progress.
95 virtual void ResetTurnOffFlow() = 0;
97 // Returns the current turn off flow status.
98 virtual TurnOffFlowStatus GetTurnOffFlowStatus() const = 0;
100 // Gets the challenge bytes for the user currently associated with the
102 virtual std::string GetChallenge() const = 0;
104 // Retrieved wrapped secret that should be used to unlock cryptohome for the
105 // user currently associated with the service. If the service does not support
106 // signin (i.e. service for a regular profile) or there is no secret available
107 // for the user, returns an empty string.
108 virtual std::string GetWrappedSecret() const = 0;
110 // Records metrics for Easy sign-in outcome for the given user.
111 virtual void RecordEasySignInOutcome(const std::string& user_id,
112 bool success) const = 0;
114 // Records metrics for password based flow for the given user.
115 virtual void RecordPasswordLoginEvent(const std::string& user_id) const = 0;
117 // Whether easy unlock is allowed to be used. If the controlling preference
118 // is set (from policy), this returns the preference value. Otherwise, it is
119 // permitted either the flag is enabled or its field trial is enabled.
122 // Sets the hardlock state for the associated user.
123 void SetHardlockState(EasyUnlockScreenlockStateHandler::HardlockState state);
125 // Returns the hardlock state for the associated user.
126 EasyUnlockScreenlockStateHandler::HardlockState GetHardlockState() const;
128 // Gets the persisted hardlock state. Return true if there is persisted
129 // hardlock state and the value would be set to |state|. Otherwise,
130 // returns false and |state| is unchanged.
131 bool GetPersistedHardlockState(
132 EasyUnlockScreenlockStateHandler::HardlockState* state) const;
134 // Shows the hardlock or connecting state as initial UI before cryptohome
135 // keys checking and state update from the app.
136 void ShowInitialUserState();
138 // Updates the user pod on the signin/lock screen for the user associated with
139 // the service to reflect the provided screenlock state.
140 bool UpdateScreenlockState(EasyUnlockScreenlockStateHandler::State state);
142 // Starts an auth attempt for the user associated with the service. The
143 // attempt type (unlock vs. signin) will depend on the service type.
144 void AttemptAuth(const std::string& user_id);
146 // Finalizes the previously started auth attempt for easy unlock. If called on
147 // signin profile service, it will cancel the current auth attempt if one
149 void FinalizeUnlock(bool success);
151 // Finalizes previously started auth attempt for easy signin. If called on
152 // regular profile service, it will cancel the current auth attempt if one
154 void FinalizeSignin(const std::string& secret);
156 // Handles Easy Unlock auth failure for the user.
157 void HandleAuthFailure(const std::string& user_id);
159 // Checks the consistency between pairing data and cryptohome keys. Set
160 // hardlock state if the two do not match.
161 void CheckCryptohomeKeysAndMaybeHardlock();
163 // Marks the Easy Unlock screen lock state as the one associated with the
164 // trial run initiated by Easy Unlock app.
167 void AddObserver(EasyUnlockServiceObserver* observer);
168 void RemoveObserver(EasyUnlockServiceObserver* observer);
171 explicit EasyUnlockService(Profile* profile);
172 ~EasyUnlockService() override;
174 // Does a service type specific initialization.
175 virtual void InitializeInternal() = 0;
177 // Does a service type specific shutdown. Called from |Shutdown|.
178 virtual void ShutdownInternal() = 0;
180 // Service type specific tests for whether the service is allowed. Returns
181 // false if service is not allowed. If true is returned, the service may still
182 // not be allowed if common tests fail (e.g. if Bluetooth is not available).
183 virtual bool IsAllowedInternal() = 0;
185 // KeyedService override:
186 void Shutdown() override;
188 // Exposes the profile to which the service is attached to subclasses.
189 Profile* profile() const { return profile_; }
191 // Installs the Easy unlock component app if it isn't installed and enables
192 // the app if it is disabled.
195 // Disables the Easy unlock component app if it's loaded.
196 void DisableAppIfLoaded();
198 // Unloads the Easy unlock component app if it's loaded.
201 // Reloads the Easy unlock component app if it's loaded.
204 // Checks whether Easy unlock should be running and updates app state.
205 void UpdateAppState();
207 // Notifies the easy unlock app that the user state has been updated.
208 void NotifyUserUpdated();
210 // Notifies observers that the turn off flow status changed.
211 void NotifyTurnOffOperationStatusChanged();
213 // Resets the screenlock state set by this service.
214 void ResetScreenlockState();
216 // Updates |screenlock_state_handler_|'s hardlocked state.
217 void SetScreenlockHardlockedState(
218 EasyUnlockScreenlockStateHandler::HardlockState state);
220 const EasyUnlockScreenlockStateHandler* screenlock_state_handler() const {
221 return screenlock_state_handler_.get();
224 // Saves hardlock state for the given user. Update UI if the currently
225 // associated user is the same.
226 void SetHardlockStateForUser(
227 const std::string& user_id,
228 EasyUnlockScreenlockStateHandler::HardlockState state);
231 // A class to detect whether a bluetooth adapter is present.
232 class BluetoothDetector;
234 // Initializes the service after ExtensionService is ready.
237 // Gets |screenlock_state_handler_|. Returns NULL if Easy Unlock is not
238 // allowed. Otherwise, if |screenlock_state_handler_| is not set, an instance
239 // is created. Do not cache the returned value, as it may go away if Easy
240 // Unlock gets disabled.
241 EasyUnlockScreenlockStateHandler* GetScreenlockStateHandler();
243 // Callback when Bluetooth adapter present state changes.
244 void OnBluetoothAdapterPresentChanged();
246 #if defined(OS_CHROMEOS)
247 // Callback for get key operation from CheckCryptohomeKeysAndMaybeHardlock.
248 void OnCryptohomeKeysFetchedForChecking(
249 const std::string& user_id,
250 const std::set<std::string> paired_devices,
252 const chromeos::EasyUnlockDeviceKeyDataList& key_data_list);
255 // Updates the service to state for handling system suspend.
256 void PrepareForSuspend();
260 // Created lazily in |GetScreenlockStateHandler|.
261 scoped_ptr<EasyUnlockScreenlockStateHandler> screenlock_state_handler_;
263 // The handler for the current auth attempt. Set iff an auth attempt is in
265 scoped_ptr<EasyUnlockAuthAttempt> auth_attempt_;
267 scoped_ptr<BluetoothDetector> bluetooth_detector_;
269 #if defined(OS_CHROMEOS)
270 // Monitors suspend and wake state of ChromeOS.
272 scoped_ptr<PowerMonitor> power_monitor_;
275 // Whether the service has been shut down.
278 ObserverList<EasyUnlockServiceObserver> observers_;
280 base::WeakPtrFactory<EasyUnlockService> weak_ptr_factory_;
282 DISALLOW_COPY_AND_ASSIGN(EasyUnlockService);
285 #endif // CHROME_BROWSER_SIGNIN_EASY_UNLOCK_SERVICE_H_