// Copyright 2015 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. // Next MinVersion: 15 module arc.mojom; // These values describe failure reason of sign-in. [Extensible] enum ArcSignInStatus { // Negative values are reserved for internal use. // The values are shuffled to keep the backward compatibility and don't match // ProvisioningResult in arc_optin_uma.h // Next value: 19. UNKNOWN_ERROR = 0, // Mojo errors: // MOJO_VERSION_MISMATCH: is sent when an API is not supported // due to Host/Instance version mismatch. // MOJO_CALL_TIMEOUT: is sent when a Mojo invocation is started // but not completed with time out. MOJO_VERSION_MISMATCH = 6, MOJO_CALL_TIMEOUT = 7, // Device check-in errors: // DEVICE_CHECK_IN_FAILED: is sent when "check-in" procedure is completed // but is actually failed. // DEVICE_CHECK_IN_TIMEOUT: is sent when "check-in" procedure started // but is not completed. // DEVICE_CHECK_IN_INTERNAL_ERROR: is sent when "check-in" procedure is // started, but some unexpected error situation happens so that it could // not completed. DEVICE_CHECK_IN_FAILED = 4, DEVICE_CHECK_IN_TIMEOUT = 8, DEVICE_CHECK_IN_INTERNAL_ERROR = 9, // GMS errors: // GMS_NETWORK_ERROR: is sent when GMS sign-in procedure is started, but // it reports NETWORK_ERROR. // GMS_SERVICE_UNAVAILABLE: is sent when GMS sign-in procedure is started // but it reports SERVICE_UNAVAILABLE. Note that this is not generic // service unavailable error code. // GMS_BAD_AUTHENTICATION: is sent when GMS sign-in procedure is started // but it reports BAD_AUTHENTICATION. // GMS_SIGN_IN_FAILED: is sent when GMS sign in procedure is started but // it reports an error other than above NETWORK_ERROR, SERVICE_UNAVAILABLE // or BAD_AUTHENTICATION. In general, we do not expect this kind of cases. // GMS_SIGN_IN_TIMEOUT: is sent when GMS sign in procedure is started but // not returned. // GMS_SIGN_IN_INTERNAL_ERROR: is sent when GMS sign in procedure is started // but could not completed. GMS_NETWORK_ERROR = 1, GMS_SERVICE_UNAVAILABLE = 2, GMS_BAD_AUTHENTICATION = 3, GMS_SIGN_IN_FAILED = 10, GMS_SIGN_IN_TIMEOUT = 11, GMS_SIGN_IN_INTERNAL_ERROR = 12, // Cloud provisioning errors. CLOUD_PROVISION_FLOW_FAILED = 5, CLOUD_PROVISION_FLOW_TIMEOUT = 13, CLOUD_PROVISION_FLOW_INTERNAL_ERROR = 14, // Network connection is unavailable. [MinVersion=8] NO_NETWORK_CONNECTION = 15, // Server does not return authorization. [MinVersion=10] CHROME_SERVER_COMMUNICATION_ERROR = 16, // ARC was disabled for Active Directory user. [MinVersion=10] ARC_DISABLED = 17, [MinVersion=10] SUCCESS = 18, // ARC was already provisioned. [MinVersion=11] SUCCESS_ALREADY_PROVISIONED = 19, }; // These values describe account check status. [Extensible] enum AccountCheckStatus { // Checked account exists and is up to date. [MinVersion=9] UP_TO_DATE = 0, // Checked account is new in the system. [MinVersion=9] NEW = 1, // Checked account exists but need to be reauthorized. [MinVersion=9] NEED_REAUTH = 2, // Checked account exists but it is in unknown state. [MinVersion=9] UNKNOWN = 3, // Account check has failed. [MinVersion=9] CHECK_FAILED = 4, // NOTE: If you add any entries to this enum, you must also update the // corresponding UMA callsite in Chrome arc::UpdateAuthAccountCheckStatus. }; // These values describe the result of ARC attempting to change supervision // state after an account type change. [Extensible] enum SupervisionChangeStatus { // CloudDPC supervision was disabled successfully. [MinVersion=13] CLOUD_DPC_DISABLED = 0, // CloudDPC supervision was already disabled. [MinVersion=13] CLOUD_DPC_ALREADY_DISABLED = 1, // CloudDPC supervision was enabled successfully. [MinVersion=13] CLOUD_DPC_ENABLED = 2, // CloudDPC supervision was already enabled. [MinVersion=13] CLOUD_DPC_ALREADY_ENABLED = 3, // Invalid state returned from Chrome. [MinVersion=13] INVALID_SUPERVISION_STATE = 4, // Failed to disable CloudDPC due to an unspecified error. [MinVersion=13] CLOUD_DPC_DISABLING_FAILED = 5, // Failed to enable CloudDPC due to an unspecified error. [MinVersion=13] CLOUD_DPC_ENABLING_FAILED = 6, }; // These values describe the type of the Chrome account to provision. [Extensible] enum ChromeAccountType { // Next value: 6 UNKNOWN = 0, // Chrome login account type is a user account. USER_ACCOUNT = 1, // Chrome login account type is a robot (service) account. ROBOT_ACCOUNT = 2, // Chrome login account type is an Active Directory account. ACTIVE_DIRECTORY_ACCOUNT = 3, // Chrome login account type is a child account. CHILD_ACCOUNT = 4, // Chrome login account is a demo session account that was enrolled offline, // using policies bundled with Chrome OS, and thus does not have a working // robot account associated with it. [MinVersion=14] OFFLINE_DEMO_ACCOUNT = 5, }; // These values describe the type of the metrics to report. [Extensible] enum MetricsType { // Duration of waiting for network connection in milliseconds. NETWORK_WAITING_TIME_MILLISECONDS = 0, // Number of attempts to wait for Checkin task completed. 0 indicates that // Checkin task was already completed prior to GMS SignIn. CHECKIN_ATTEMPTS = 1, // Duration of waiting for Checkin task completed in milliseconds. CHECKIN_TIME_MILLISECONDS = 2, // Duration of waiting for sign-in completed in milliseconds. SIGNIN_TIME_MILLISECONDS = 3, // Duration of checking the status of account. [MinVersion=9] ACCOUNT_CHECK_MILLISECONDS = 4, }; // The necessary information for Android to sign in and provision itself. struct AccountInfo { // Name of account, used to map to existing Android account. [MinVersion=9] string? account_name@4; // The authorization code that can be used in Android to sign in when // account_type is USER_ACCOUNT, ROBOT_ACCOUNT or CHILD_ACCOUNT. If it is // null in these cases, sign-in will be skipped. string? auth_code@0; // If account_type is ACTIVE_DIRECTORY_ACCOUNT, this contains an enrollment // token for a Managed Google Play account. If it is null in this case, // sign-in will be skipped. [MinVersion=6] string? enrollment_token@3; // The type of Chrome account to provision. ChromeAccountType account_type@1; // Whether the account is managed from Chrome OS. bool is_managed@2; }; // Next Method ID: 12. interface AuthHost { // Notifies Chrome that the authorization flow is completed and provides // resulting |status|. If |initial_signin| is true then this indicates that // authorization happened for initial device provisioning. [MinVersion=11] OnAuthorizationComplete@10(ArcSignInStatus status, bool initial_signin); // Notifies Chrome that the sign-in is completed successfully. [MinVersion=2] OnSignInCompleteDeprecated@2(); // Notifies Chrome that the sign-in fails to complete and provides failure // reason. [MinVersion=2] OnSignInFailedDeprecated@3(ArcSignInStatus reason); // Asynchronously requests an authorization code, as well as the account // information. If |initial_signin| is true then that means request is for // initial signin flow. Otherwise it is used for reauthorization flow. [MinVersion=5] RequestAccountInfo@7([MinVersion=11] bool initial_signin); // Reports metrics to Chrome to be recorded in UMA. [MinVersion=7] ReportMetrics@8(MetricsType metrics_type, int32 value); // Reports result of account check. [MinVersion=9] ReportAccountCheckStatus@9(AccountCheckStatus status); // Reports to Chrome the result of changing the supervision state. // Chrome informs ARC on every boot if a supervision transition is necessary // or not (see https://crrev.com/c/1069031). ARC should report back only if // a transition was necessary. [MinVersion=13] ReportSupervisionChangeStatus@11( SupervisionChangeStatus status); }; // Next Method ID: 3 interface AuthInstance { // DEPRECATED: Please use Init@2 instead. InitDeprecated@0(AuthHost host_ptr); // Establishes full-duplex communication with the host. [MinVersion=12] Init@2(AuthHost host_ptr) => (); // Callback from RequestAccountInfo. This cannot be a normal callback since // the result can sometimes take a few minutes in some cases (Kiosk mode), // and in other cases there is a UI that the user is shown and they can take // an arbitrarily long amount of time to interact with. If request completes // successfully, |account_info| is not null and |status| must be SUCCESS. // In case of error |account_info| is null, |status| must contain the reason // of failure, other than SUCCESS. [MinVersion=5] OnAccountInfoReady@1( AccountInfo? account_info, [MinVersion=10] ArcSignInStatus status); };