// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. syntax = "proto2"; option optimize_for = LITE_RUNTIME; package enterprise_management; option go_package = "chromium/policy/enterprise_management_proto"; import "private_membership_rlwe.proto"; // Everything below this comment will be synchronized between client and server // repos ( go/cros-proto-sync ). // This enum needs to be shared between DeviceRegisterRequest and // LicenseAvailability protos. With java_api_version 1, this means that enum // needs to be wrapped into a message. message LicenseType { // Enumerates different license types. enum LicenseTypeEnum { // Unknown/undefined UNDEFINED = 0; // Chrome Device Management Perpetual CDM_PERPETUAL = 1; // Chrome Device Management Annual CDM_ANNUAL = 2; // Chrome Kiosk KIOSK = 3; // Chrome Enterprise bundled license CDM_PACKAGED = 4; } optional LicenseTypeEnum license_type = 1; } // The current active session type on the device, or `NO_SESSION` if no user // is currently logged in. // This enum is used in the response payload of the // `FETCH_CRD_AVAILABILITY_INFO` remote command. // NOTE: Please DO NOT rename enum entries as they are used by external APIs. enum UserSessionType { USER_SESSION_TYPE_UNKNOWN = 0; AUTO_LAUNCHED_KIOSK_SESSION = 1; MANUALLY_LAUNCHED_KIOSK_SESSION = 2; AFFILIATED_USER_SESSION = 3; UNAFFILIATED_USER_SESSION = 4; MANAGED_GUEST_SESSION = 5; GUEST_SESSION = 6; NO_SESSION = 7; } // The type of the CRD session. This enum is used in: // * the response payload of `FETCH_CRD_AVAILABILITY_INFO`. // * the request payload of `DEVICE_START_CRD_SESSION`. enum CrdSessionType { CRD_SESSION_TYPE_UNKNOWN = 0; // A session where the admin has exclusive control of the remote machine. REMOTE_ACCESS_SESSION = 1; // A session where the admin and the local user share control of the remote // machine. REMOTE_SUPPORT_SESSION = 2; } // Enum indicating why a CRD session is or is not available. // This enum is used in the response payload of the // `FETCH_CRD_AVAILABILITY_INFO` remote command. // NOTE: Please DO NOT rename enum entries as they are used by external APIs. enum CrdSessionAvailability { CRD_SESSION_AVAILABILITY_UNKNOWN = 0; // The CRD session is available and the admin can start a CRD session. AVAILABLE = 1; // The CRD session is not available for the current user session type. UNAVAILABLE_UNSUPPORTED_USER_SESSION_TYPE = 2; // The CRD session is not available since the device is in an unmanaged // environment. UNAVAILABLE_UNMANAGED_ENVIRONMENT = 3; // The CRD session type is unsupported by device os version UNAVAILABLE_UNSUPPORTED_DEVICE_OS_VERSION = 4; // CRD is disabled on the device by the 'enterprise remote support connection' // policy. UNAVAILABLE_DISABLED_BY_POLICY = 5; } // Result code used in the response payload of the `START_CRD_SESSION` remote // command. This is used because it is more granular than the normal // `ResultType` enum used as the result code for a remote command. enum StartCrdSessionResultCode { START_CRD_SESSION_RESULT_UNKNOWN = -1; // Successfully obtained access code. START_CRD_SESSION_SUCCESS = 0; // Failed as required services are not launched on the device. SERVICES_NOT_READY = 1; // Failure as the current user type does not support remotely starting CRD. FAILURE_UNSUPPORTED_USER_TYPE = 2; // Failed as device is currently in use and no interruptUser flag is set. FAILURE_NOT_IDLE = 3; // Failed as we could not get OAuth token for whatever reason. FAILURE_NO_OAUTH_TOKEN = 4; // Failed as we could not get ICE configuration for whatever reason. // deprecated FAILURE_NO_ICE_CONFIG = 5; // Failure during attempt to start CRD host and obtain CRD token. FAILURE_CRD_HOST_ERROR = 6; // Failure to start a curtained session as we're not in a managed environment. FAILURE_UNMANAGED_ENVIRONMENT = 7; // Failed because RemoteAccessHostAllowEnterpriseRemoteSupportConnections // policy is disabled. FAILURE_DISABLED_BY_POLICY = 8; } // Result code used in the response payload of the `FETCH_SUPPORT_PACKET` remote // command. The response payload will be a JSON string as follows: // { // "result": , // (optional) "notes": [] // } enum FetchSupportPacketResultCode { // Unspecified result. FETCH_SUPPORT_PACKET_RESULT_CODE_UNSPECIFIED = 0; // Success. FETCH_SUPPORT_PACKET_RESULT_SUCCESS = 1; // Command is not enabled for the device or the user. FAILURE_COMMAND_NOT_ENABLED = 2; // Failed to create the file to upload. FAILURE_EXPORTING_FILE = 3; // Internal failure at reporting pipeline. LogUploadEvent can't be enqueued. FAILURE_REPORTING_PIPELINE = 4; // File upload to File Storage Server has failed. FAILURE_LOG_UPLOAD = 5; } // Result payload field that will used for FETCH_SUPPORT_PACKET remote command. // This field represents the warnings or notes that the device sends along with // the command result. This enum will be used to attach optional notes to // successful execution. Failure details will be send to the server in // FetchSupportPacketResultCode enum. enum FetchSupportPacketResultNote { FETCH_SUPPORT_PACKET_RESULT_PAYLOAD_UNSPECIFIED = 0; // Warning that the requested PII is not allowed to be included in the // collected logs due to privacy issues. This is not an error but a warning to // the admin. The log file will be created and uploaded without PII. WARNING_PII_NOT_ALLOWED = 1; } // Data along with a cryptographic signature verifying their authenticity. message SignedData { // The data to be signed. optional bytes data = 1; // The signature of the data field. optional bytes signature = 2; // How many bytes were added to the end of original data before signature // (e.g. a nonce to avoid proxy attacks of the signing service). optional int32 extra_data_bytes = 3; } // Request from device to server to check user account type for enrollment. message CheckUserAccountRequest { // Email address of a user. // The user may not exist in GAIA. optional string user_email = 1; // If enrollment nudge policy is required. optional bool enrollment_nudge_request = 2 [default = false]; } // Request from device to server to register a device, user or browser. message DeviceRegisterRequest { reserved 5, 10; // Reregister device without erasing server state. It can be used // to refresh dmtoken etc. Client MUST set this value to true if it // reuses an existing device id. optional bool reregister = 1; // Register type. This field does not exist for TT release. // When a client requests for policies, server should verify the // client has been registered properly. For example, a client must // register with type DEVICE in order to retrieve device policies. enum Type { reserved 5; TT = 0; // Register for TT release. USER = 1; // Register for Chrome OS user polices. DEVICE = 2; // Register for Chrome OS device policies. BROWSER = 3; // Register for desktop Chrome browser user policies. ANDROID_BROWSER = 4; // Register for Android Chrome browser user policies. IOS_BROWSER = 6; // Register for iOS Chrome browser user policies. } // NOTE: we also use this field to detect client version. If this // field is missing, then the request comes from TT. We will remove // Chrome OS TT support once it is over. optional Type type = 2 [default = TT]; // Machine hardware id, such as serial number. // This field is required if register type == DEVICE. optional string machine_id = 3; // Machine model name, such as "ZGA", "Cr-48", "Nexus One". If the // model name is not available, client SHOULD send generic name like // "Android", or "Chrome OS". optional string machine_model = 4; // Indicates a requisition of the registering entity that the server can act // upon. This allows clients to pass hints e.g. at device enrollment time // about the intended use of the device. optional string requisition = 6; // The current server-backed state key for the client, if applicable. This can // be used by the server to link the registration request to an existing // device record for re-enrollment. optional bytes server_backed_state_key = 7; // Enumerates different flavors of registration. enum Flavor { reserved 12; // User manually enrolls a device for device management. FLAVOR_ENROLLMENT_MANUAL = 0; // User re-starts enrollment manually to recover from loss of policy. FLAVOR_ENROLLMENT_MANUAL_RENEW = 1; // Device enrollment forced by local device configuration, such as OEM // partition flags to force enrollment. FLAVOR_ENROLLMENT_LOCAL_FORCED = 2; // Enrollment advertised by local device configuration, such as OEM // partition flags indicating to prompt for enrollment, but allowing the // user to skip. FLAVOR_ENROLLMENT_LOCAL_ADVERTISED = 3; // Device state downloaded from the server during OOBE indicates that // re-enrollment is mandatory. FLAVOR_ENROLLMENT_SERVER_FORCED = 4; // Device state downloaded from the server during OOBE indicates that the // device should prompt for (re-)enrollment, but the user is allowed to // skip. FLAVOR_ENROLLMENT_SERVER_ADVERTISED = 5; // Device detected in steady state that it is supposed to be enrolled, but // the policy is missing. FLAVOR_ENROLLMENT_RECOVERY = 6; // User policy registration for a logged-in user. FLAVOR_USER_REGISTRATION = 7; // Attestation-based with the option to use a different authentication // mechanism. FLAVOR_ENROLLMENT_ATTESTATION = 8; // Forced attestation-based enrollment (cannot fallback to another flavor). FLAVOR_ENROLLMENT_ATTESTATION_LOCAL_FORCED = 9; // Device state downloaded from the server during OOBE indicates that // re-enrollment is mandatory and should be attestation-based. FLAVOR_ENROLLMENT_ATTESTATION_SERVER_FORCED = 10; // Device state downloaded from the server indicated that re-enrollment is // mandatory, but it failed and we are doing a fallback to manual // enrollment. FLAVOR_ENROLLMENT_ATTESTATION_MANUAL_FALLBACK = 11; // Device state downloaded from the server during OOBE indicates that // initial enrollment is mandatory. FLAVOR_ENROLLMENT_INITIAL_SERVER_FORCED = 13; // Device state downloaded from the server during OOBE indicates that // initial enrollment is mandatory and should be attestation-based. FLAVOR_ENROLLMENT_ATTESTATION_INITIAL_SERVER_FORCED = 14; // Device state downloaded from the server indicated that initial enrollment // is mandatory, but it failed and we are doing a fallback to manual // enrollment. FLAVOR_ENROLLMENT_ATTESTATION_INITIAL_MANUAL_FALLBACK = 15; // An enterprise rollback just took place and the device was wiped. // Attempt to re-enroll with attestation. This is forced from the // client side. FLAVOR_ENROLLMENT_ATTESTATION_ROLLBACK_FORCED = 16; // An enterprise rollback just took place and the device was wiped. // Attestation re-enrollment just failed, attempt manual enrollment as // fallback. FLAVOR_ENROLLMENT_ATTESTATION_ROLLBACK_MANUAL_FALLBACK = 17; // Device state downloaded from the server indicated that initial enrollment // is mandatory and should be token-based. FLAVOR_ENROLLMENT_TOKEN_INITIAL_SERVER_FORCED = 18; // Device state downloaded from the server indicated that initial // token-based enrollment is mandatory, but it failed and we are doing // fallback to manual enrollment. FLAVOR_ENROLLMENT_TOKEN_INITIAL_MANUAL_FALLBACK = 19; } // Indicates the registration flavor. This is passed to the server FYI when // registering for policy so the server can distinguish registration triggers. optional Flavor flavor = 8; // If specified, represents the license type selected by user on the device. optional LicenseType license_type = 9; // Enumerates different expected lifetimes of registration. enum Lifetime { // Default case. LIFETIME_UNDEFINED = 0; // No expiration, most of the registrations have this lifetime. LIFETIME_INDEFINITE = 1; // Lifetime for ephemeral user policy registration. LIFETIME_EPHEMERAL_USER = 2; } // Indicates the expected lifetime of registration. optional Lifetime lifetime = 11 [default = LIFETIME_INDEFINITE]; // The 4-character brand code of the device. optional string brand_code = 12; // Previous DMToken that should be reused for re-registration. optional string reregistration_dm_token = 13; // MAC address for onboard network (ethernet) interface. // The format is twelve (12) hexadecimal digits without any delimiter // (uppercase letters). // This field might be set only if register type == DEVICE. optional string ethernet_mac_address = 14; // Built-in MAC address for the docking station that the device can be // connected to. // The format is twelve (12) hexadecimal digits without any delimiter // (uppercase letters). // This field might be set only if register type == DEVICE. optional string dock_mac_address = 15; // The date the device was manufactured in yyyy-mm-dd format. // This field might be set only if register type == DEVICE. optional string manufacture_date = 16; // Currently using in token enrollment to ensure domain in request matches // domain from token. optional string expected_enrollment_domain = 17; // Identification of the device that is not already available. optional DeviceRegisterIdentification device_register_identification = 18; // Indicates all possible PSM (Private Set Membership) protocol final results // without specifying the root cause in case of an error. enum PsmExecutionResult { // PSM protocol started and it neither finished successfully nor // terminated due to a protocol's error. PSM_RESULT_UNKNOWN = 0; // PSM finished successfully and there was server-backed state for the // device. PSM_RESULT_SUCCESSFUL_WITH_STATE = 1; // PSM finished successfully and there was no server-backed state for the // device. PSM_RESULT_SUCCESSFUL_WITHOUT_STATE = 2; // PSM terminated due to an error. PSM_RESULT_ERROR = 3; // PSM check was skipped, as the device is going through Flex Auto // Enrollment after legacy state determination. PSM_SKIPPED_FOR_FLEX_AUTO_ENROLLMENT = 4; } optional PsmExecutionResult psm_execution_result = 19; // Timestamp of PSM retrieving the device's determination successfully in // milliseconds since Epoch in UTC timezone (Java time). optional int64 psm_determination_timestamp_ms = 20; // Information specific to Demo Mode about the device and the demo context. // Only set when the device is enrolling into Demo Mode, as defined by // DeviceRegisterRequest.requisition == "cros-demo-mode". optional DemoModeDimensions demo_mode_dimensions = 21; // Contains encoded customer information relevant for the generic OIDC profile // enrollment process. optional string oidc_profile_enrollment_state = 22; // Next id: 23. } // Identification of a device used during its registration. message DeviceRegisterIdentification { // The attested device ID for devices using Zero-Touch (see go/zt-sn). optional string attested_device_id = 1; } // Response from server to device message CheckUserAccountResponse { // Enum listing the possible user account status. enum UserAccountType { UNKNOWN_USER_ACCOUNT_TYPE = 0; // There is no GAIA user exist mapping to the specific user email. NOT_EXIST = 1; // The GAIA user mapping to the specific user email is not a dasher user. CONSUMER = 2; // The GAIA user is a dasher user. See http://go/is-dasher-user DASHER = 3; } // The domain abstracted from the specific email has been verified by dasher. optional bool domain_verified = 1; // The account type mapping from the specific user email. optional UserAccountType user_account_type = 2; // Enum listing the possible enrollment nudge types. enum EnrollmentNudgeType { UNKNOWN_ENROLLMENT_NUDGE_TYPE = 0; // Enrollment is not required. NONE = 1; // Requires the user to complete the enrollment process before they can // login. ENROLLMENT_REQUIRED = 2; } // Whether to nudge managed users to enroll unowned devices. optional EnrollmentNudgeType enrollment_nudge_type = 3; } // Response from server to device register request. message DeviceRegisterResponse { reserved 6; // Device management token for this registration. This token MUST be // part of HTTP Authorization header for all future requests from // device to server. required string device_management_token = 1; // Device display name. By default, server generates the name in // the format of "Machine Model - Machine Id". However, domain // admin can update it using Admin console, so do NOT treat it as constant. optional string machine_name = 2; // Enum listing the possible modes the device should be locked into when the // registration is finished. enum DeviceMode { // In ENTERPRISE mode the device has no local owner and device settings are // controlled through the cloud policy infrastructure. Auto-enrollment is // supported in that mode. ENTERPRISE = 0; // DEPRECATED: Devices in RETAIL mode also have no local owner and get their // device settings from the cloud, but additionally this mode enables the // demo account on the device. RETAIL_DEPRECATED = 1; // DEPRECATED: Devices in CHROME_AD mode are in enterprises with AD. Device // settings are controlled through the AD policy infrastructure. CHROME_AD_DEPRECATED = 2; // Devices in DEMO mode have no local owner and get their device settings // from the cloud. They are controlled by demo mode domain and provide // customized demo experience to the users. DEMO = 3; } optional DeviceMode enrollment_type = 3 [default = ENTERPRISE]; // An opaque configuration string for devices that require it. CHROME_AD // devices, for example, may use this string for AD discovery. Must be at // most a few kBytes. optional string configuration_seed = 4; // List of user affiliation IDs. The list is used to define if the user // registering for policy is affiliated on the device. // Only sent if DeviceRegisterRequest.Type == USER repeated string user_affiliation_ids = 5; // The display name Chrome should use when setting up the profile, used for // OIDC managed profile only. optional string user_display_name = 7; // The email of the user who logged into this profile, used for OIDC managed // profile only. optional string user_email = 8; // Enum listing the possible types of the third party identity used for OIDC // managed profiles. enum ThirdPartyIdentityType { // The profile does not have third party identity. NONE = 0; // The third party identity is synced to Google (Dasher) and there is an // associated GAIA ID for it. DASHER_BASED = 1; // The third party identity is not synced to Google and there is no // associated GAIA ID for it. DASHERLESS = 2; } optional ThirdPartyIdentityType third_party_identity_type = 9 [default = NONE]; } // Request from device to server to unregister device. // GoogleDMToken MUST be in HTTP Authorization header. message DeviceUnregisterRequest {} // Response from server to device for unregister request. message DeviceUnregisterResponse {} // Request from device to server to upload a device certificate or an enrollment // identifier. // GoogleDMToken MUST be in HTTP Authorization header. message DeviceCertUploadRequest { enum CertificateType { // Default value for when a type is not specified. CERTIFICATE_TYPE_UNSPECIFIED = 0; // Enterprise machine certificate used for remote attestation. ENTERPRISE_MACHINE_CERTIFICATE = 1; // Enrollment certificate used to obtain an enrollment identifier. ENTERPRISE_ENROLLMENT_CERTIFICATE = 2; } // Certificate in X.509 format. optional bytes device_certificate = 1; // Type of certificate. If omitted, will be guessed from the other fields. optional CertificateType certificate_type = 2; // Enrollment identifier if provided. optional bytes enrollment_id = 3; } // Response from server to device for cert upload request. message DeviceCertUploadResponse {} // Request to access a Google service with the given scope. message DeviceServiceApiAccessRequest { // The list of auth scopes the device requests from DMServer. repeated string auth_scopes = 1; // OAuth2 client ID to which the returned authorization code is bound. optional string oauth2_client_id = 2; // Enumerates different flavors of registration. enum DeviceType { // Authcode will be used by Chrome OS // (this is typically requested during device enrollment) CHROME_OS = 0; // Authcode will be used by Android (ARC) subsystem // (this is typically requested during ARC Kiosk session setup) ANDROID_OS = 1; // Authcode will be used by Chrome OS Demo Mode. This auth code can be used // to access Google Docs. // Please see go/cros-demo-mode and go/demo-mode-account-brainstorm. CHROME_OS_DEMO_MODE = 2; // Authcode will be used by the enterprise-managed Chrome Browser to // register for policy invalidations. This is requested during enrollment. CHROME_BROWSER = 3; } // Device type indicates the intended use of the auth code. optional DeviceType device_type = 3; } // Response from server to API access request. message DeviceServiceApiAccessResponse { // The OAuth2 authorization code for the requested scope(s). // This can be exchanged for a refresh token. optional string auth_code = 1; } // Device Identifier for non-Chrome OS platform. message BrowserDeviceIdentifier { reserved 3; // Name of the computer. optional string computer_name = 1; // Device serial number (definition depending on the platform). optional string serial_number = 2; } message PolicyFetchRequest { reserved 5; // This is the policy type, which maps to D3 policy type internally. // By convention, we use "/" as separator to create policy namespace. // The policy type names are case insensitive. // // Possible values for Chrome OS are: // google/chromeos/device => ChromeDeviceSettingsProto // google/chromeos/publicaccount => ChromeSettingsProto // google/chromeos/signinextension => ExternalPolicyData // google/chromeos/remotecommand => RemoteCommand (*) // // For users signed in to Chrome, // google/chromeos/user => ChromeSettingsProto // google/android/user => ChromeSettingsProto // google/chrome/user => ChromeSettingsProto // google/ios/user => ChromeSettingsProto // google/chrome/extension => ExternalPolicyData // // For Chrome Browser Cloud Management, // google/chrome/machine-level-user => ChromeSettingsProto // google/chrome/machine-level-user-android => ChromeSettingsProto // google/chrome/machine-level-user-ios => ChromeSettingsProto // google/chrome/machine-level-extension => ExternalPolicyData // google/machine-level-apps => // Omaha policy fetch is translated into two policy types // google/chrome/machine-level-user => ChromeSettingsProto // google/machine-level-omaha => OmahaSettingsClientProto // // Types marked with an (*) are not policies, but data signed with the policy // key. It is illegal to try to fetch policies with those types. optional string policy_type = 1; // This is the last policy timestamp that client received from server. The // expectation is that this field is filled by the value of // PolicyData.timestamp from the last policy received by the client. optional int64 timestamp = 2; // Tell server what kind of security signature is required. // TODO(b/147782972): Move to toplevel in sync with Chrome OS client code. enum SignatureType { NONE = 0; SHA1_RSA = 1; SHA256_RSA = 2; } optional SignatureType signature_type = 3 [default = NONE]; // The version number of the public key that is currently stored // on the client. This should be the last number the server had // supplied as new_public_key_version in PolicyData. // This field is unspecified if the client does not yet have a // public key. optional int32 public_key_version = 4; // This field is used for devices to send the additional ID to fetch settings. // Retrieving some settings requires more than just device or user ID. // For example, to retrieve public account, devices need to pass in // public account ID in addition to device ID. To retrieve extension or // plug-in settings, devices need to pass in extension/plug-in ID in // addition to user ID. // policy_type represents the type of settings (e.g. public account, // extension) devices request to fetch. optional string settings_entity_id = 6; // If this fetch is due to a policy invalidation, this field contains the // version provided with the invalidation. The server interprets this value // and the value of invalidation_payload to fetch the up-to-date policy. optional int64 invalidation_version = 7; // If this fetch is due to a policy invalidation, this field contains the // payload delivered with the invalidation. The server interprets this value // and the value of invalidation_version to fetch the up-to-date policy. optional bytes invalidation_payload = 8; // Hash string for the chrome policy verification public key which is embedded // into Chrome binary. Matching private key will be used by the server // to sign per-domain policy keys during key rotation. If server does not // have the key which matches this hash string, that could indicate malicious // or out-of-date Chrome client. optional string verification_key_hash = 9; // Encoded information from a policy invalidation notification. This is opaque // to the client and should be forwarded from the invalidation notification. optional string policy_invalidation_info = 10; // Whether or not the client only supports the new PolicyData invalidation // topics. If true, only the policy_invalidation_topic and // command_invalidation_topic fields will be set in the PolicyData response. optional bool invalidation_topics_only = 11; // If this is an affiliated user, this is the device's DMToken. optional string device_dm_token = 12; // Device identifier for helping identify non-Chrome OS devices. optional BrowserDeviceIdentifier browser_device_identifier = 13; } // This message customizes how the device behaves when it is disabled by its // owner. The message will be sent as part of the DeviceState fetched during // normal operation and as part of the DeviceStateRetrievalResponse fetched when // the device is wiped/reinstalled. message DisabledState { // A message to the finder/thief that should be shown on the screen. optional string message = 1; } message DeviceState { // Modes of operation that the device can be in. enum DeviceMode { // The device is operating normally. Sessions can be started and the device // can be used. DEVICE_MODE_NORMAL = 0; // The device has been disabled by its owner. The device will show a warning // screen and will not allow any sessions to be started. DEVICE_MODE_DISABLED = 1; } // The mode of operation that the device should be in. optional DeviceMode device_mode = 1 [default = DEVICE_MODE_NORMAL]; // State that is relevant only when the |device_mode| is // |DEVICE_MODE_DISABLED|. optional DisabledState disabled_state = 2; } message CustomerLogo { // The SCS url for the logo set by the admin for a particular OU. // This is in the form https://admin.googleusercontent.com/. optional string logo_url = 1; } // This message is included in serialized form in PolicyFetchResponse below. It // may also be signed, with the signature being created for the serialized form. message PolicyData { reserved 10, 13, 14, 18, 19; reserved "command_invalidation_name"; reserved "command_invalidation_source"; reserved "invalidation_name"; reserved "invalidation_source"; reserved "valid_serial_number_missing"; // See PolicyFetchRequest.policy_type. optional string policy_type = 1; // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). It is // included here so that the time at which the server issued this response // cannot be faked (as protection against replay attacks). It is the timestamp // generated by DMServer, NOT the time admin last updated the policy or // anything like that. optional int64 timestamp = 2; // The DMToken that was used by the client in the HTTP POST header for // authenticating the request. It is included here again so that the client // can verify that the response is meant for them (and not issued by a replay // or man-in-the-middle attack). // Note that the existence or non-existence of the DMToken is not the correct // way to determine whether the device is managed. Cf. |management_mode| below // for details. optional string request_token = 3; // The serialized value of the actual policy protobuf. This can be // deserialized to an instance of, for example, ChromeSettingsProto, // ChromeDeviceSettingsProto, or ExternalPolicyData. optional bytes policy_value = 4; // The device display name assigned by the server. It is only // filled if the display name is available. // // The display name of the machine as generated by the server or set // by the Administrator in the Admin console GUI. This is the same thing as // |machine_name| in DeviceRegisterResponse but it might have // changed since then. optional string machine_name = 5; // Version number of the server's current public key. (The key that // was used to sign this response. Numbering should start at 1 and be // increased by 1 at each key rotation.) optional int32 public_key_version = 6; // The user this policy is intended for. In case of device policy, the name // of the owner (who registered the device). optional string username = 7; // In this field the DMServer should echo back the "deviceid" HTTP parameter // from the request. This is also used for user and device local accounts ids, // see client_id in code. optional string device_id = 8; // Indicates which state this association with DMServer is in. This can be // used to tell the client that it is not receiving policy even though the // registration with the server is kept active. enum AssociationState { // Association is active and policy is pushed. ACTIVE = 0; // Association is alive, but the corresponding domain is not managed. UNMANAGED = 1; // The device has been deprovisioned by the administrator and is no longer // managed. DEPROVISIONED = 2; } optional AssociationState state = 9 [default = ACTIVE]; // Indicates which public account or extension/plug-in this policy data is // for. See PolicyFetchRequest.settings_entity_id for more details. optional string settings_entity_id = 11; // Indicates the identity the device service account is associated with. // This is only sent as part of device policy fetch. optional string service_account_identity = 12; // Server-provided identifier of the fetched policy. This is to be used // by the client when requesting Policy Posture assertion through an API // call or SAML flow. For details, see http://go/chrome-nac-server-design. optional string policy_token = 15; // Indicates the management mode of the device. Note that old policies do not // have this field. If this field is not set but request_token is set, assume // the management mode is ENTERPRISE_MANAGED. If both this field and // request_token are not set, assume the management mode is LOCAL_OWNER. enum ManagementMode { // The device is owned locally. The policies are set by the local owner of // the device. LOCAL_OWNER = 0; // The device is enterprise-managed (either via DM server or through Active // Directory). See the comment above for backward compatibility. ENTERPRISE_MANAGED = 1; // Obsolete. Don't use. OBSOLETE_CONSUMER_MANAGED = 2; } optional ManagementMode management_mode = 16; // Indicates the state that the device should be in. optional DeviceState device_state = 17; // The free-text location info the admin enters to associate the device // with a location. optional string annotated_location = 20; // The free-text asset identifier the admin enters to associate the device // with a user-generated identifier. optional string annotated_asset_id = 21; // The unique directory api ID of the device which was generated on the // server-side. optional string directory_api_id = 22; // List of device affiliation IDs. If there exists an overlap between user // affiliation IDs and device affiliation IDs, we consider that the user is // affiliated on the device. Otherwise the user is not affiliated on the // device. Should be fetched with device policy. Ignored if fetched with // other polices. repeated string device_affiliation_ids = 23; // List of user affiliation IDs. The list is used to define if current user // is affiliated on the device. See device_affiliation_ids for details. // Should be fetched with user policy. Ignored if fetched with other polices. repeated string user_affiliation_ids = 24; // Used as the display domain when the primary domain gets renamed. This field // is present only for device policies. optional string display_domain = 25; // Invalidation topic for devices. Clients register for FCM messages using // this topic in order to receive notifications for device policy changes. optional string policy_invalidation_topic = 26; // Invalidation topic for commands. Clients register for FCM messages using // this topic in order to receive notifications that one or more commands are // available for execution. optional string command_invalidation_topic = 27; // Whether the device needs to upload an enrollment identifier to the cloud. // TODO(b/136188860) migrates to enrollment_certificate_needed under // client_action_required. optional bool enrollment_id_needed = 28; // Gaia id of the user the policy is intended for. // Should be fetched with user policy. optional string gaia_id = 29; // Indicate this device's market segment. The MarketSegment enum in // cloud_policy_constants.h (http://shortn/_3iFWcdjy0P) must be kept in sync // with this enum. enum MarketSegment { MARKET_SEGMENT_UNSPECIFIED = 0; ENROLLED_EDUCATION = 1; ENROLLED_ENTERPRISE = 2; } // This field should only be set for Device Policy response. // See go/cros-rlz-segments optional MarketSegment market_segment = 30; // This field is currently only set for Device Policy response. // This represents the logo set by the admin for the OU that the device // belongs to. This is domain metadata included in a device policy response, // but it is not an explicit device policy. optional CustomerLogo customer_logo = 31; // b/129771193 // This setting is from SingleSignOnSettingsProto#change_password_uri // http://google3/ccc/hosted/policies/services/common/sso_settings.proto?l=48&rcl=241246111 // This field is currently only set for User Policy response. optional string change_password_uri = 32; // This field is used for asking client to perform some actions. For instance, // server asks client to re-upload enrollment certificate. In long term, new // added field which asks client to perform an action in policy data should be // put in ClientActionRequired message. optional ClientActionRequired client_action_required = 33; // Obfuscated customerId the device is enrolled into. // Only set for device policy. optional string obfuscated_customer_id = 34; // The different types of user segments for metrics logging. If any values are // added to this enum, the corresponding enum in // UserTypeByDeviceTypeMetricsProvider::UserSegment // (http://shortn/_uK3ZM4pC0a) should be updated. enum MetricsLogSegment { UNSPECIFIED = 0; K12 = 1; UNIVERSITY = 2; NONPROFIT = 3; ENTERPRISE = 4; } // Indicates the segment the user's metrics should be logged under, // UNSPECIFIED if not relevant. // This field should only be set for User Policy response. optional MetricsLogSegment metrics_log_segment = 35; // This field will be populated with primary domain name for domain verified // customer, and primary admin email for domainless customer. The client side // will use this field to display who manages this device/browser/user. optional string managed_by = 36; // An identifier (e.g. "inboundSamlSsoProfiles/0abcdefg1234567") for the // device's managing OU's SSO profile. Currently, this points to the OU's // SAML settings. May support OIDC in the future. optional string sso_profile = 37; // Indicates which kind of licenses this device is using, so that chrome OS // can check that. The value is from ChromeOsDeviceInfo // http://google3/ccc/hosted/devices/services/chromeos/common.proto;rcl=436571779;l=549 optional string license_sku = 38; } message ClientActionRequired { // Whether device needs to upload an enterprise enrollment certificate to // cloud. optional bool enrollment_certificate_needed = 1; } message PolicyFetchResponse { // Since a single policy request may ask for multiple policies, DM server // provides separate error codes (making use of standard HTTP Status Codes) // for each individual policy fetch. optional int32 error_code = 1; // Human readable error message for customer support purpose. optional string error_message = 2; // This is a serialized |PolicyData| protobuf (defined above). optional bytes policy_data = 3; // Signature of the policy data above. optional bytes policy_data_signature = 4; // If the public key has been rotated on the server, the new public // key is sent here. It is already used for |policy_data_signature| // above, whereas |new_public_key_signature| is created using the // old key (so the client can trust the new key). If this is the // first time when the client requests policies (so it doesn't have // on old public key), then |new_public_key_signature| is empty. optional bytes new_public_key = 5; optional bytes new_public_key_signature = 6; // DEPRECATED: Exists only to support older clients. This signature is similar // to new_public_key_verification_data_signature, but is computed over // DEPRECATEDPolicyPublicKeyAndDomain (which is equivalent to // PublicKeyVerificationData proto with version field unset). // // Do not remove this unless you know for sure that this is not required by // managed devices any more, including devices that might be pinned to // milestones older than current Stable. // Note: As of February 2024, this is still strictly required by // CloudPolicyValidator, see // https://source.chromium.org/chromium/chromium/src/+/main:components/policy/core/common/cloud/cloud_policy_validator.cc;drc=08b91b49531894cbe9061a1148fd535155c2554b;l=407 optional bytes new_public_key_verification_signature_deprecated = 7 [deprecated = true]; // This is a serialized |PublicKeyVerificationData| protobuf (defined // below). See comments for |new_public_key_verification_data_signature| field // for details on how this data is signed. // Please note that |new_public_key| is also included inside this data // field. Thus we have new public key signed with old version of private key // (if client indicated to us that it has old key version), and // new public key data signed by primary verification key (if client told // us that it has public verification key - see |verification_key_id| field // of |PolicyFetchRequest|). In most cases, both signatures will be provided. // However, client might not have old policy signing key - for example, when // new profile is being set up. In this case, only verification signature // is supplied. // Or, client might not have verification public key (legacy Chrome build // before verification key was introduced, or outdated build which has // old/compromised verification key). In that case, verification signature // cannot be provided. // If client is missing both public keys (old signing key and verification // key), then we are unable to produce any valid signature and client must // drop such PolicyFetchResponse. optional bytes new_public_key_verification_data = 8; // If new_public_key is specified, this field contains the signature of a // PublicKeyVerificationData protobuf, signed using a key only available to // DMServer. The public key portion of this well-known key is embedded into // the Chrome binary. The hash of that embedded key is passed to DMServer as // verification_key_hash field in PolicyFetchRequest. DMServer picks a private // key on the server which matches the hash (matches public key on the // client). If DMServer is unable to find matching key, it returns an error // instead of policy data. In case a hash was not specified, DMServer leaves // the verification signature field empty (legacy behavior). // This signature is provided to better protect first key delivery (since the // browser does not possess the previous signing key, DMServer cannot compute // new_public_key_signature). // See http://go/chrome-nac-server-design for more information. optional bytes new_public_key_verification_data_signature = 9; // DEPRECATED! Client-side should verify and rely on the policy_type inside // the signed policy_data. optional string policy_type = 10 [deprecated = true]; // The type of signature used to generate policy_data_signature. optional PolicyFetchRequest.SignatureType policy_data_signature_type = 11; } // DEPRECATED: Protobuf used to generate the deprecated // new_public_key_verification_signature field. message DEPRECATEDPolicyPublicKeyAndDomain { // The public key to sign (taken from the |new_public_key| field in // PolicyFetchResponse). optional bytes new_public_key = 1; // The domain associated with this key (should match the domain portion of the // username field of the policy). optional string domain = 2; } // This message contains the information which is signed by the verification key // during policy key rotation. It is included in serialized form in // PolicyFetchResponse above. A signature of the serialized form is included in // the new_public_key_verification_data_signature field. message PublicKeyVerificationData { // The new public policy key after a key rotation. optional bytes new_public_key = 1; // The domain of the device/user. optional string domain = 2; // The version number of the new_public_key. This must be monotonically // increasing (within a domain). optional int32 new_public_key_version = 3; } // Request from device to server for reading policies. message DevicePolicyRequest { // The policy fetch requests. If this field exists, the requests must come // from a non-TT client. The repeated field allows clients to request // multiple policies for better performance. repeated PolicyFetchRequest requests = 3; // Reason for the requesting policies, to help with monitoring and alerting // (e.g. to detect an increase in fetch failures during enrollment). enum Reason { UNSPECIFIED = 0; // Required policy fetch during device enrollment. DEVICE_ENROLLMENT = 1; // Policy fetch triggered by incoming FCM invalidation. INVALIDATION = 2; // CloudPolicyClient registration changed (e.g. during startup). REGISTRATION_CHANGED = 3; // Retry after previous policy fetch failure. RETRY = 4; // Various retry reasons based on DMServer status, see // `CloudPolicyRefreshScheduler`. RETRY_AFTER_STATUS_SERVICE_ACTIVATION_PENDING = 5; RETRY_AFTER_STATUS_SERVICE_POLICY_NOT_FOUND = 6; RETRY_AFTER_STATUS_SERVICE_TOO_MANY_REQUESTS = 7; RETRY_AFTER_STATUS_REQUEST_FAILED = 8; RETRY_AFTER_STATUS_TEMPORARY_UNAVAILABLE = 9; RETRY_AFTER_STATUS_CANNOT_SIGN_REQUEST = 10; RETRY_AFTER_STATUS_REQUEST_INVALID = 11; RETRY_AFTER_STATUS_HTTP_STATUS_ERROR = 12; RETRY_AFTER_STATUS_RESPONSE_DECODING_ERROR = 13; RETRY_AFTER_STATUS_SERVICE_MANAGEMENT_NOT_SUPPORTED = 14; RETRY_AFTER_STATUS_REQUEST_TOO_LARGE = 15; // Scheduled policy refresh (e.g. once per day). SCHEDULED = 16; // Policy fetch triggered by sign-in. SIGNIN = 17; // A placeholder reason used for tests (should not occur in production). TEST = 18; // Policy fetched at browser start, e.g. device policies at Ash start. BROWSER_START = 19; // ChromeOS Policy fetch request from Lacros to Ash. LACROS = 20; // Policy fetched as requested by the user, e.g. through chrome://policy. USER_REQUEST = 21; // Policy fetches triggered by the Chrome Remote Desktop policy watcher. CRD_HOST_POLICY_WATCHER = 22; } optional Reason reason = 4; } // Response from server to device for reading policies. message DevicePolicyResponse { // The policy fetch responses. repeated PolicyFetchResponse responses = 3; } message TimePeriod { // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). optional int64 start_timestamp = 1; optional int64 end_timestamp = 2; } message ActiveTimePeriod { optional TimePeriod time_period = 1; // The active duration during the above time period. // The unit is milli-second. optional int32 active_duration = 2; // Email address of the active user. Present only if the user type is managed // and affiliated. optional string user_email = 3; enum SessionType { SESSION_UNKNOWN = 0; SESSION_AFFILIATED_USER = 1; SESSION_MANAGED_GUEST = 2; SESSION_KIOSK = 3; SESSION_ARC_KIOSK = 4; SESSION_WEB_KIOSK = 5; } optional SessionType session_type = 4; } // Details about a network interface. message NetworkInterface { // Indicates the type of network device. enum NetworkDeviceType { reserved 2; TYPE_ETHERNET = 0; TYPE_WIFI = 1; TYPE_BLUETOOTH = 3; TYPE_CELLULAR = 4; } // Network device type. optional NetworkDeviceType type = 1; // MAC address (if applicable) of the corresponding network device. This is // formatted as an ASCII string with 12 hex digits. Example: A0B1C2D3E4F5. optional string mac_address = 2; // MEID (if applicable) of the corresponding network device. Formatted as // ASCII string composed of 14 hex digits. Example: A10000009296F2. optional string meid = 3; // IMEI (if applicable) of the corresponding network device. 15-16 decimal // digits encoded as ASCII string. Example: 355402040158759. optional string imei = 4; // The device path associated with this network interface. optional string device_path = 5; // The integrated circuit card ID associated with the device's sim card. optional string iccid = 6; // The mobile directory number associated with the device's sim card. optional string mdn = 7; // List of EID (EUICC Identifier) of all cellular EUICCs // (Embedded Universal Integrated Circuit Cards) on the device. // 32 decimal digits encoded as ASCII string. e.g. repeated string eids = 8; } // Information about configured/visible networks - this is separate from // NetworkInterface because a configured network may not be associated with // any specific interface, or may be visible across multiple interfaces. message NetworkState { // The current state of this network. enum ConnectionState { reserved 1; // CARRIER reserved 6; // OFFLINE reserved 10; // ACTIVATION_FAILURE IDLE = 0; ASSOCIATION = 2; CONFIGURATION = 3; READY = 4; PORTAL = 5; ONLINE = 7; DISCONNECT = 8; FAILURE = 9; UNKNOWN = 11; } // For networks associated with a device, the path of the device. optional string device_path = 1; // Current state of this connection as reported by shill. optional ConnectionState connection_state = 2; // For wireless networks, the signal_strength in dBm. optional int32 signal_strength = 3; // The IP address this interface is bound to, if any. optional string ip_address = 4; // The gateway IP for this interface, if any. optional string gateway = 5; } // Details about a device user. message DeviceUser { // Types of device users which can be reported. enum UserType { // A user managed by the same domain as the device. USER_TYPE_MANAGED = 0; // A user not managed by the same domain as the device. USER_TYPE_UNMANAGED = 1; } // The type of the user. required UserType type = 1; // Email address of the user. Present only if the user type is managed. optional string email = 2; } // Information about a single disk volume. message VolumeInfo { optional string volume_id = 1; // The unit is bytes. optional int64 storage_total = 2; optional int64 storage_free = 3; } // Information about a single CPU utilization. message CpuUtilizationInfo { // CPU utilization (0-100). optional int32 cpu_utilization_pct = 1; // The timestamp representing time at which the information was collected. // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). optional int64 timestamp = 2; } // Information about a single free RAM. message SystemFreeRamInfo { // Free RAM [in bytes] (unreliable due to GC). optional int64 size_in_bytes = 1; // The timestamp representing time at which the information was collected. // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). optional int64 timestamp = 2; } // Information about a single CPU temperature channel. message CPUTempInfo { // Temperature channel label. optional string cpu_label = 1; // CPU temperature in Celsius. optional int32 cpu_temp = 2; // Unix timestamp. optional int64 timestamp = 3; } // Contains the Stateful Partition Information for user data storage in the // device. message StatefulPartitionInfo { // Available space for user data storage in the device in bytes. optional uint64 available_space = 1; // Total space for user data storage in the device in bytes. optional uint64 total_space = 2; // File system on stateful partition. e.g. ext4. optional string filesystem = 3; // Source of stateful partition. e.g. /dev/mmcblk0p1. optional string mount_source = 4; } // Chrome release channel, shared for different reports. enum Channel { CHANNEL_UNKNOWN = 0; CHANNEL_CANARY = 1; CHANNEL_DEV = 2; CHANNEL_BETA = 3; CHANNEL_STABLE = 4; } // Frequently changing data for battery. message BatterySample { optional int64 timestamp = 1; // Battery voltage optional int64 voltage = 2; // Battery remaining capacity (mA-hours) optional int64 remaining_capacity = 3; // Temperature in Celsius. optional int32 temperature = 4; // The battery discharge rate measured in mW. Positive if the battery is being // discharged, negative if it's being charged. optional int32 discharge_rate = 5; // Battery charge percentage optional int32 charge_rate = 6; // Battery current (mA) optional int64 current = 7; // Battery status read from sysfs optional string status = 8; } // Status of the single battery message BatteryInfo { optional string serial = 1; optional string manufacturer = 2; optional string battery_health = 3; // Design capacity (mA-hours) optional int64 design_capacity = 4; // Full charge capacity (mA-hours) optional int64 full_charge_capacity = 5; optional int32 cycle_count = 6; // Last sampling data. repeated BatterySample samples = 7; // Designed minimum output voltage (mV) optional int32 design_min_voltage = 9; // The date the battery was manufactured in yyyy-mm-dd format. optional string manufacture_date = 10; // Technology of the battery. optional string technology = 11; } // Status of the power subsystem message PowerStatus { enum PowerSource { POWER_UNKNOWN = 0; POWER_AC = 1; POWER_BATTERY = 2; } optional PowerSource power_source = 1; repeated BatteryInfo batteries = 2; } // LifeTime estimation for eMMC devices message DiskLifetimeEstimation { // Lifetime estimations for SLC and MLC areas of eMMC. // Values range from 00h to 0Bh -- indicating the percentage of device // lifetime used. optional int32 slc = 1; optional int32 mlc = 2; } // Status of the single storage device // Next id: 29 message DiskInfo { optional string serial = 1; optional string manufacturer = 2; optional string model = 3; // Size in bytes optional int64 size = 4; // eMMC / NVMe / ATA / SCSI. optional string type = 5; optional string health = 6; // volume_id for volumes on this disk. repeated string volumes = 7; // Read/write statistics for this disk. optional uint64 bytes_read_since_last_boot = 8; optional uint64 bytes_written_since_last_boot = 9; optional uint64 read_time_seconds_since_last_boot = 10; optional uint64 write_time_seconds_since_last_boot = 11; // Counts the time the disk and queue were busy, so unlike the fields above, // parallel requests are not counted multiple times. optional uint64 io_time_seconds_since_last_boot = 12; // Time spent discarding since last boot. Discarding is writing to clear // blocks which are no longer in use. Supported on kernels 4.18+. optional uint64 discard_time_seconds_since_last_boot = 13; // The manufacturer of the block device. oneof vendor_id { // NVME vendors: // https://pcisig.com/membership/member-companies uint32 nvme_subsystem_vendor = 14; // EMMC oemids // https://screenshot.googleplex.com/eZWNnV8qGnc uint32 emmc_oemid = 15; uint32 other_vendor = 16; uint32 jedec_manfid = 27; } // The manufacturer-specific product identifier. oneof product_id { uint32 nvme_subsystem_device = 17; uint32 emmc_pnm = 18; uint32 other_product = 19; } // The revision of the device's hardware. oneof hardware_revision { uint32 nvme_hardware_rev = 20; uint32 emmc_hardware_rev = 21; uint32 other_hardware_rev = 22; } // The revision of the device's firmware. oneof firmware_revision { uint64 nvme_firmware_rev = 23; uint64 emmc_firmware_rev = 24; uint32 other_firmware_rev = 25; uint32 ufs_firmware_rev = 28; } // The purpose of the device on the system. enum DevicePurpose { PURPOSE_UNKNOWN = 0; PURPOSE_BOOT = 1; PURPOSE_SWAP = 2; } optional DevicePurpose purpose = 26; } // Status of the storage subsystem. message StorageStatus { repeated DiskInfo disks = 1; optional DiskLifetimeEstimation lifetime_estimation = 2; } // Sampling for single temperature measurements message ThermalSample { optional int64 timestamp = 1; optional int32 temperature = 2; } // Temperature measurement series for thermal point. message ThermalInfo { reserved 2; optional string label = 1; repeated ThermalSample samples = 3; } // Status for various on-board components message BoardStatus { repeated ThermalInfo thermal_infos = 1; } // Status about a system's various elements. message SystemStatus { // The product SKU (stock keeping unit) number. optional string vpd_sku_number = 1; // The date the device was first activated. // Format: YYYY-WW. optional string first_power_date = 2; // The date the device was manufactured (finalized in factory). // Format: YYYY-MM-DD. optional string manufacture_date = 3; // Contents of CrosConfig in /arc/build-properties/marketing-name. E.g. "HP // Chromebook x360 14" optional string marketing_name = 4; // The BIOS version. E.g. "Google_Sarien.12200.58.0" optional string bios_version = 5; // The product name of the motherboard. E.g. "Sarien" optional string board_name = 6; // The version of the motherboard. E.g. "rev16" optional string board_version = 7; // The chassis type of the device. The values reported by chassis type are // mapped in // www.dmtf.org/sites/default/files/standards/documents/DSP0134_3.0.0.pdf. // E.g. "9" optional uint64 chassis_type = 8; // The product name (model) of the system. E.g. "Sarien" optional string product_name = 9; // The product serial number. optional string vpd_serial_number = 10; } // Status of a single C-state. C-states are various modes the CPU can transition // to in order to use more or less power. message CpuCStateInfo { // Name of the state. optional string name = 1; // Time spent in the state since the last reboot, in microseconds. optional uint64 time_in_state_since_last_boot_us = 2; } // Status of a single logical CPU. message LogicalCpuInfo { // Maximum frequency the CPU is allowed to run at, by policy. optional uint32 scaling_max_frequency_khz = 1; // Current frequency the CPU is running at. optional uint32 scaling_current_frequency_khz = 2; // Idle time since last boot. optional uint64 idle_time_seconds = 3; // Information about the logical CPU's time in various C-states. repeated CpuCStateInfo c_states = 4; } // Status of a single physical CPU on the device. message CpuInfo { // The CPU model name. optional string model_name = 1; // The CPU architecture. enum Architecture { ARCHITECTURE_UNSPECIFIED = 0; X86_64 = 1; AARCH64 = 2; ARMV7L = 3; } optional Architecture architecture = 2; // The max CPU clock speed in kHz. optional uint32 max_clock_speed_khz = 3; repeated LogicalCpuInfo logical_cpus = 4; } // Overall CPU information for the device. message GlobalCpuInfo { // Total number of threads on the device. optional uint32 num_total_threads = 1; } // Status for a single display. A display screen with resolution 1920x1080 // would have resolution_width: 1920 and resolution_height: 1080. message DisplayInfo { // Resolution width optional uint32 resolution_width = 1; // Resolution height optional uint32 resolution_height = 2; // Refresh rate (Hz) optional uint32 refresh_rate = 3; // Set to true if display is internal, otherwise set to false. optional bool is_internal = 4; } // Status of a single graphics adapter (GPU). message GraphicsAdapterInfo { // Adapter name. Example: Mesa DRI Intel(R) UHD Graphics 620 (Kabylake GT2) optional string name = 1; // Driver version optional string driver_version = 2; // Represents the graphics card device id optional uint64 device_id = 3; // GPU consumption of system RAM (bytes) optional uint64 system_ram_usage = 4; } // Status of the graphics subsystem. message GraphicsStatus { optional GraphicsAdapterInfo adapter = 1; repeated DisplayInfo displays = 2; } // Status of a crash report. message CrashReportInfo { // The status options should align with crash_reporter::ReportUploadState. enum CrashReportUploadStatus { UPLOAD_STATUS_UNKNOWN = 0; UPLOAD_STATUS_NOT_UPLOADED = 1; UPLOAD_STATUS_PENDING = 2; UPLOAD_STATUS_PENDING_USER_REQUESTED = 3; UPLOAD_STATUS_UPLOADED = 4; } // ID as provided by chrome://crashes. optional string remote_id = 1; // The timestamp when the crash is captured. // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). optional int64 capture_timestamp = 2; // Human readable string that identifies what caused the crash. optional string cause = 3; // The upload status of crash report. optional CrashReportUploadStatus upload_status = 4; } // Timezone information for the device. This reflects what set timezone of the // device, not necessarily the actual location of the device. message TimezoneInfo { // The timezone of the device in POSIX standard. (MST7MDT,M3.2.0,M11.1.0) optional string posix = 1; // The timezone region of the device in the Olsen format (America/Denver). optional string region = 2; } // Memory information for the device. message MemoryInfo { // Total memory, in KiB. optional uint32 total_memory_kib = 1; // Free memory, in KiB. optional uint32 free_memory_kib = 2; // Available memory, in KiB. optional uint32 available_memory_kib = 3; // Number of page faults since the last boot. optional uint64 page_faults_since_last_boot = 4; } // Information about the device's backlights. message BacklightInfo { // Path to this backlight on the system. Useful if the caller needs to // correlate with other information. optional string path = 1; // Maximum brightness for the backlight. optional uint32 max_brightness = 2; // Current brightness of the backlight, between 0 and max_brightness. optional uint32 brightness = 3; } // Information about the device's fan. message FanInfo { // Fan speed in RPM. optional uint32 speed_rpm = 1; } // Information about a device's Bluetooth adapter, which is used to detect and // connect to Bluetooth devices. message BluetoothAdapterInfo { // The name of the adapter. optional string name = 1; // The MAC address of the adapter. optional string address = 2; // Indicates whether the adapter is on or off. optional bool powered = 3; // The number of devices connected to this adapter. optional uint32 num_connected_devices = 4; } // Information from the device's SMBIOS. This is used to determine // info such as the device's vendor and product name/version. message SmbiosInfo { optional string sys_vendor = 1; optional string product_name = 2; optional string product_version = 3; optional string bios_version = 4; } // Information about the parameters passed to the kernel. message KernelParameters { // True if cros_efi was passed to the kernel. // Used to know if the device was booted via EFI. optional bool cros_efi = 1; } // Information about the device's EFI Variables from efivarfs. message EFIVars { // True if Secure Boot is enabled on the device. optional bool secure_boot = 1; } // Information about how the OS was booted. This is information // such as boot method and other bios settings message BootInfo { enum BootMethod { UNKNOWN = 0; CROS_SECURE = 1; // This field maps to kCrosEfi from cros_healthd. CROS_UEFI = 2; CROS_LEGACY = 3; CROS_EFI_SECURE = 4; } optional BootMethod boot_method = 1; // DEPRECATED: secure_boot is deprecated in favor of the // CROS_EFI_SECURE BootMethod value. optional bool secure_boot = 2 [deprecated = true]; } // Hardware component bus device classes. // Maps to BusDeviceClass from cros_healthd. enum BusDeviceClass { DEVICE_CLASS_UNSPECIFIED = 0; DISPLAY_CONTROLLER = 1; ETHERNET_CONTROLLER = 2; WIRELESS_CONTROLLER = 3; BLUETOOTH_ADAPTER = 4; THUNDERBOLT_CONTROLLER = 5; } // Hardware component buses. // Maps to BusInfo types from cros_healthd. enum BusType { BUS_TYPE_UNSPECIFIED = 0; PCI_BUS = 1; USB_BUS = 2; THUNDERBOLT_BUS = 3; } // Information about a device's network hardware. message NetworkAdapterInfo { optional BusDeviceClass device_class = 1; optional BusType bus_type = 2; optional int32 vendor_id = 3; optional string vendor_name = 4; optional int32 device_id = 5; optional string device_name = 6; repeated string driver = 7; } // Information about the list of browsers and profiles that are // running and installed on the device in the DeviceStatusReport message LaCrOsBrowserReport { // Limited to one user since LaCrosBrowserReport is repeated based on each // user. If multiple lacros user profiles exist, each LaCrOsBrowserReport // message (one per lacros user profile) will contain the same |device_user|. optional DeviceUser device_user = 1; // Group of data regarding the browser and user profile. optional BrowserReport browser_report = 2; } // Information specific to Demo Mode about the device and the demo context. message DemoModeDimensions { // Two-letter country code. optional string country = 1; // Name of the retailer whose store the device is running in. Also called // retailer_id elsewhere in some legacy field names. optional string retailer_name = 2; // Retailer-defined number to identify the store that a device is running in. // Also called store_id elsewhere in some legacy field names. optional string store_number = 3; // Device attributes significant to Demo Mode for customization purposes. enum CustomizationFacet { UNDEFINED = 0; CLOUD_GAMING_DEVICE = 1; FEATURE_AWARE_DEVICE = 2; } repeated CustomizationFacet customization_facets = 4; } // Report device level status. message DeviceStatusReportRequest { reserved 4, 7, 13, 20; // The OS version reported by the device is a platform version // e.g. 1435.0.2011_12_16_1635. optional string os_version = 1; optional string firmware_version = 2; // "Verified", "Dev". Same as verified mode. // If the mode is unknown, this field should not be set. optional string boot_mode = 3; // The browser version string as shown in the About dialog. // e.g. 17.0.963.18. optional string browser_version = 5; // A list of periods when the device was active, aggregated by day by user. repeated ActiveTimePeriod active_periods = 6; // List of network interfaces. repeated NetworkInterface network_interfaces = 8; // List of recent device users, in descending order by last login time. repeated DeviceUser users = 9; // Disk space + other info about mounted/connected volumes. repeated VolumeInfo volume_infos = 10; // List of visible/configured networks repeated NetworkState network_states = 11; // Samples of CPU utilization (0-100), sampled once every 120 seconds. // Deprecated: Use CpuUtilizationInfo instead. repeated int32 cpu_utilization_pct_samples = 12 [deprecated = true]; // Total RAM on the device. // To deprecate: Use SystemFreeRamInfo instead. optional int64 system_ram_total = 14; // Samples of free RAM [in bytes] (unreliable due to GC). // Deprecated: Use SystemRamFreeInfo instead. repeated int64 system_ram_free_samples = 15 [deprecated = true]; // Samples of CPU temperatures in Celsius, plus associated labels // identifying which CPU produced the temperature measurement. repeated CPUTempInfo cpu_temp_infos = 16; // This field is set only when an OS update is needed because of the required // platform version of an updated kiosk app is different from the current // OS version. optional OsUpdateStatus os_update_status = 17; // Set only when there is an auto launched with zero delay Chrome or ARC kiosk // app and it is currently running. Otherwise, this field is empty. optional AppStatus running_kiosk_app = 18; // Sound output volume level in range [0,100]. optional int32 sound_volume = 19; // TPM version information. optional TpmVersionInfo tpm_version_info = 21; // Release channel (stable, beta, etc.). optional Channel channel = 22; // TPM status information. optional TpmStatusInfo tpm_status_info = 23; // Whether hardware write protect switch is on. optional bool write_protect_switch = 24; // Status of the power subsystem. optional PowerStatus power_status = 25; // Status of the storage subsystem. optional StorageStatus storage_status = 26; // Status of various main board components. optional BoardStatus board_status = 27; // Information about a system's various non-hardware elements. This includes // information from cached VPD, CrosConfig, and DMI. optional SystemStatus system_status = 28; // Stateful Partition Information for user data. optional StatefulPartitionInfo stateful_partition_info = 29; // Samples of CPU utilization (0-100), sampled once every 120 seconds. repeated CpuUtilizationInfo cpu_utilization_infos = 30; // Samples of free RAM [in bytes] (unreliable due to GC). repeated SystemFreeRamInfo system_ram_free_infos = 31; // Information about a devices physical CPU(s). repeated CpuInfo cpu_info = 32; // Status of the graphics adapter(s) and display(s). optional GraphicsStatus graphics_status = 33; // Information about the crash report(s) generated from the local device. repeated CrashReportInfo crash_report_infos = 34; // Information of the device's current timezone. optional TimezoneInfo timezone_info = 35; // Information about the device's memory. optional MemoryInfo memory_info = 36; // Information about the device's backlights. repeated BacklightInfo backlight_info = 37; // Information about the device's fans. repeated FanInfo fan_info = 38; // Overall information about the device's CPUs. optional GlobalCpuInfo global_cpu_info = 39; // Information about the device's Bluetooth adapters. repeated BluetoothAdapterInfo bluetooth_adapter_info = 40; // Information from the device's SMBIOS. optional SmbiosInfo smbios_info = 41; // Information about the parameters passed to the kernel. optional KernelParameters kernel_parameters = 42; // Information about the device's EFI Variables from efivarfs. optional EFIVars efi_vars = 43; // KernelParameters(42) and EFIVars(43) are deprecated // and rolled into BootInfo(44) // Information about how the os was booted. optional BootInfo boot_info = 44; // Information about the device's network hardware. repeated NetworkAdapterInfo network_adapter_info = 45; // Information about LaCrOs repeated LaCrOsBrowserReport lacros_browser_report = 46; // Root device size as displayed in the device UI. optional int64 root_device_total_storage_bytes = 47; // Flag whether LaCros is the primary browser. optional bool is_lacros_primary_browser = 48; // Information specific to Demo Mode about the device and the demo context. // Only included for devices in Demo Mode. optional DemoModeDimensions demo_mode_dimensions = 49; } message OsUpdateStatus { enum UpdateStatus { OS_UP_TO_DATE = 0; OS_IMAGE_DOWNLOAD_NOT_STARTED = 1; OS_IMAGE_DOWNLOAD_IN_PROGRESS = 2; OS_UPDATE_NEED_REBOOT = 3; } optional UpdateStatus update_status = 1; // New platform version of the os image being downloaded and applied. It // is only set when update status is OS_IMAGE_DOWNLOAD_IN_PROGRESS or // OS_UPDATE_NEED_REBOOT. Note this could be a dummy "0.0.0.0" for // OS_UPDATE_NEED_REBOOT status for some edge cases, e.g. update engine is // restarted without a reboot. optional string new_platform_version = 2; // New required platform version from the pending updated kiosk app. optional string new_required_platform_version = 3; // The timestamp of the last update check. // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). optional int64 last_checked_timestamp = 4; // The timestamp of the last reboot. // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). optional int64 last_reboot_timestamp = 5; } // Provides status information for an installed app/extension. message AppStatus { // ID of the installed app/extension for a Chrome app. // Package name for ARC kiosk app. optional string app_id = 1; // Currently installed version of the app for a Chrome app. // Empty for ARC kiosk app. optional string extension_version = 2; // Self-reported status summary (via chrome.reporting APIs) optional string status = 3; // If true, the application is currently in a self-reported error state. optional bool error = 4; // App required Chrome version, specified in app’s manifest file. // Empty for ARC kiosk app. optional string required_platform_version = 5; } // Provides all application types information. message AppInfo { enum AppType { TYPE_UNKNOWN = 0; TYPE_ARC = 1; // Android app. TYPE_BUILTIN = 2; // Built-in app. TYPE_CROSTINI = 3; // Linux (via Crostini) app. TYPE_EXTENSION = 4; // Extension-backed app. TYPE_WEB = 5; // Web app. TYPE_PLUGINVM = 6; // Plugin VM app. TYPE_BOREALIS = 7; // Borealis app. TYPE_BRUSCHETTA = 8; // Bruschetta app. } enum Status { STATUS_UNKNOWN = 0; STATUS_INSTALLED = 1; // Installed and launachable. STATUS_DISABLED = 2; // Disabled or terminated. STATUS_UNINSTALLED = 3; // Uninstalled by user. } // ID of the application as defined by the OS, except for web apps, where it // is the start url. optional string app_id = 1; // Type of application (Chrome native, extension, Crostini, web app). optional AppType app_type = 2; // Name of the application as defined by the OS. optional string app_name = 3; // Identify if the app is installed, disabled, or uninstalled. optional Status status = 4; // The time the app was installed, if available. optional int64 install_time = 5; // Version of the application, if applicable. optional string version = 7; // A list of time periods when the app was active. These times are aggregated // per day, are pruned on the device after reporting successfully, and are // stored only for 30 days in the past. repeated TimePeriod active_time_periods = 8; } // LINT.IfChange // Provides Android application permission. message AndroidAppPermission { // Name of application permission. optional string name = 1; // Identify whether the application permission is granted. optional bool granted = 2; // Identify whether the application permission is managed. optional bool managed = 3; } // Provides Android application information. message AndroidAppInfo { enum AndroidAppStatus { STATUS_UNKNOWN = 0; STATUS_ENABLED = 1; STATUS_SUSPENDED = 2; STATUS_DISABLED = 3; } enum InstalledSource { SOURCE_UNKNOWN = 0; SOURCE_BY_ADMIN = 1; SOURCE_BY_USER = 2; SOURCE_NOT_INSTALLED = 3; } // ID of the Android application. optional string app_id = 1; // Name of the Android application. optional string app_name = 2; // Name of the Android application package. optional string package_name = 3; // Status of the Android application. It is set as STATUS_SUSPENDED if the // application is suspended by specific policies. optional AndroidAppStatus status = 4; // Identify how the Android application is installed. optional InstalledSource installed_source = 5; // Package version of the Android application. optional int32 version = 6; // Permissions of the Android application. repeated AndroidAppPermission permissions = 7; } // LINT.ThenChange(//depot/google3/java/com/google/chrome/cros/spanner/devicemanagement/schema/chrome_os.proto) // Chrome user profile level status. // Deprecated : Use ChromeUserProfileInfo instead. message ChromeUserProfileReport { // A string to uniquely identify this profile within the browser. optional string id = 1; // A JSON encoded string containing both the “email” and “id” (obfuscated // GaiaID) of the user signed in to the Chrome browser, if any. optional string chrome_signed_in_user = 2; // The list of extensions installed in the browser. This string contains // the json encoded data as returned by the chrome.management.getAll() API. optional string extension_data = 3; // The list of plugins installed in the browser, one plugin name per repeated // string. This string contains the JSON encoded data as returned by // the navigator.plugins . optional string plugins = 4; // The list of browser policies set for this user profile and their sources. // This string contains the json encoded data as generated by the // chrome://policy page “Export to JSON” button. optional string policy_data = 5; // The last time the user level policies where fetched. // [policy_fetched_timestamp] is milliseconds since Epoch in UTC timezone // (Java time). For V1, we may need to rely on the DM server for this info. optional int64 policy_fetched_timestamp = 6; // The number of safe browsing warning pages the user has seen since the last // report was successfully uploaded. optional uint64 safe_browsing_warnings = 7; // The number of safe browsing warning pages the user has clicked through // since the last report was successfully uploaded. optional uint64 safe_browsing_warnings_click_through = 8; // The name of the loaded profile, which was entered by the user when creating // the profile. Empty when in incognito mode. optional string name = 9; // A list of extensions requested for installation. repeated ExtensionRequest extension_requests = 10; } // Sign in information of Profile. message ChromeSignedInUser { // The email of the signed in user. optional string email = 1; // The obfuscated GaiaID of the signed in user. optional string obfuscated_gaia_id = 2; } // Extension request information. message ExtensionRequest { // ID of the installed app/extension for a Chrome app or extension. optional string id = 1; // When the user commits to requesting the extension. // [request_timestamp] is milliseconds since Epoch in UTC timezone // (Java time). optional int64 request_timestamp = 2; // User justification describing why the extension is being requested. optional string justification = 3; } // Extension information. message Extension { reserved 7, 12; // ID of the installed app/extension for a Chrome app or extension. optional string id = 1; // Currently installed version of the extension. optional string version = 2; // The name of the extension. optional string name = 3; // The description of the extension that is provided by extension author. optional string description = 4; // The type of extension. enum ExtensionType { TYPE_UNKNOWN = 0; TYPE_EXTENSION = 1; TYPE_HOSTED_APP = 2; TYPE_PACKAGED_APP = 3; TYPE_LEGACY_PACKAGED_APP = 4; TYPE_THEME = 5; TYPE_USER_SCRIPT = 6; TYPE_PLATFORM_APP = 7; TYPE_LOGIN_SCREEN_EXTENSION = 8; TYPE_CHROMEOS_SYSTEM_EXTENSION = 9; } optional ExtensionType app_type = 5; // URL of the homepage. optional string homepage_url = 6; // The installation source of the extension. enum InstallType { // An extension that is installed by user or installed by default but not // component extension. TYPE_NORMAL = 0; // An extension that is loaded as unpacked extension from chrome extension // page or --load-extension command line switch. TYPE_DEVELOPMENT = 1; // An extension that is loaded from the settings in Window Registry or // a preferences JSON file on Mac and Linux. TYPE_SIDELOAD = 2; // An extension that is loaded from policy settings. TYPE_ADMIN = 3; // Chrome component extension and unknown sources. TYPE_OTHER = 4; } optional InstallType install_type = 8; // True if the extension is currently enabled. optional bool enabled = 9; // The list of api based permissions the extension requires. repeated string permissions = 10; // The list of host based permissions the extension requires. repeated string host_permissions = 11; // True if the extension comes from web store. optional bool from_webstore = 13; // Manifest version of the extension. optional int32 manifest_version = 14; } // Policy information. message Policy { // The name of the policy. optional string name = 1; // The level of a policy determines its enforceability and whether users can // override it or not. enum PolicyLevel { LEVEL_UNKNOWN = 0; // Recommended policies are a default value configured by admins and users // can choose to override it. LEVEL_RECOMMENDED = 1; // Mandatory policies must be enforced and users can't circumvent them. LEVEL_MANDATORY = 2; } optional PolicyLevel level = 2; // The scope of a policy flags whether it's applied to the current user or to // the machine. enum PolicyScope { SCOPE_UNKNOWN = 0; // User policies apply to current Session/Profile if it's cloud policy. // Or apply to current OS user on Windows. SCOPE_USER = 1; // Machine policies apply to any users of the current machine. SCOPE_MACHINE = 2; } optional PolicyScope scope = 3; // The source of a policy indicates where its value is originating from. enum PolicySource { SOURCE_UNKNOWN = 0; // A policy is set by Chrome when it's running in an // enterprise environment. SOURCE_ENTERPRISE_DEFAULT = 1; // A policy is set by Google's cloud management tool. SOURCE_CLOUD = 2; // A policy is set by active directory on ChromeOS. SOURCE_ACTIVE_DIRECTORY = 3; // A policy is overridden by ChromeOS if it's running in a public session or // kiosk mode. SOURCE_DEVICE_LOCAL_ACCOUNT_OVERRIDE_DEPRECATED = 4; // A policy is set by OS built-in tool on desktop. SOURCE_PLATFORM = 5; // A policy is set by Google's cloud management tool but has higher // priority. SOURCE_PRIORITY_CLOUD_DEPRECATED = 6; // A policy is set by multiple sources and value has been merged. SOURCE_MERGED = 7; // A policy is set by command line switch for testing purpose. SOURCE_COMMAND_LINE = 8; // A policy is set by Google's cloud management tool in Ash and piped to // Lacros. SOURCE_CLOUD_FROM_ASH = 9; // A policy that is set by the restricted managed guest session override. SOURCE_RESTRICTED_MANAGED_GUEST_SESSION_OVERRIDE = 10; } optional PolicySource source = 4; // The value of policy. optional string value = 5; // The error message of policy. optional string error = 6; } // Extension policy information. message ExtensionPolicy { // The id of extension that policies apply to. optional string extension_id = 1; // The list of policies that extension currently uses. repeated Policy policies = 2; } // Cloud policy last fetch time. message PolicyFetchTimestamp { // The type of cloud policy. // TODO(b/327655459): This field is deprecated, delete once server // side references are all removed. optional string type = 1; // The last time the policies where fetched for the policy type. // [timestamp] is milliseconds since Epoch in UTC timezone (Java time). optional int64 timestamp = 2; } // Chrome user profile level status, used by activated Profiles. Profile name is // not listed here as they are in the ChromeUserProfileBasicInfo. message ChromeUserProfileInfo { reserved 6; // A string to uniquely identify this profile within the browser. optional string id = 1; // The name of the profile, which was entered by the user when creating // the profile. Empty when in incognito mode optional string name = 2; // Indicates if the profile contains all details. Only active profiles can // upload all needed details, idle profiles only upload |id| and |name|. optional bool is_detail_available = 3; // Gaia account information if the Profile is signed in. optional ChromeSignedInUser chrome_signed_in_user = 4; // A list of extensions installed in the browser. repeated Extension extensions = 5; // A list of extensions requested for installation. repeated ExtensionRequest extension_requests = 10; // A list of Chrome browser policies set for this user profile. repeated Policy chrome_policies = 7; // A list of extensions' policies set for this user profile. The policies is // only added if the extension is installed. repeated ExtensionPolicy extension_policies = 8; // The last time the cloud policies where fetched for each policy type. // Only one policy type which is google/chrome/machine-level-user uploads // timestamp currently. More details in b/132973694 repeated PolicyFetchTimestamp policy_fetched_timestamps = 9; } // Report browser level status. message BrowserReport { reserved 7; // The Chrome browser version, as seen from within Chrome code as opposed to // user agent. optional string browser_version = 1; // Release channel (stable, beta, etc.). optional Channel channel = 2; // Required. The path to the browser executable so that we can uniquely // identify it. optional string executable_path = 3; // Profile specific reports, one per profile. // Deprecated by ChromeUserProfileInfo and only used by old Chrome browser. repeated ChromeUserProfileReport chrome_user_profile_reports = 4; // A list of all Profiles that are created in the current browser instance. // Only activated Profiles are able to upload full details while the idle ones // contain id and name only. Please note that some activated Profiles may not // upload full details due to the limitation of the report size. // These details will be uploaded in the following reports. repeated ChromeUserProfileInfo chrome_user_profile_infos = 6; // The installed version of the browser if it differs from |browser_version|, // or absent otherwise. When present, it indicates that an update (of a higher // or lower version) has been installed and will be the active version // following a browser restart. optional string installed_browser_version = 8; // True for an extended stable channel installation. optional bool is_extended_stable_channel = 9 [default = false]; } // Report Operating system related information. message OSReport { // A string contains OS name. optional string name = 1; // A string contains OS architecture. optional string arch = 2; // A string contains OS version. optional string version = 3; enum VersionType { UNKNOWN = 0; HOME = 1; PROFESSIONAL = 2; SERVER = 3; ENTERPRISE = 4; EDUCATION = 5; EDUCATION_PRO = 6; } optional VersionType version_type = 4; } // Report the status of a Chrome installation on non-Chrome OS platform. message ChromeDesktopReportRequest { reserved 10; // The name of the machine within its local network. The string is a JSON // encoded structure with a single computername field. // This field is replaced by computer_name and only used by old Chrome // browser using the JSON legacy browser. // TODO(b/189584065): Remove when usage goes to zero. optional string machine_name = 1 [deprecated = true]; // OS info. The string is a an encoded JSON object as returned by // chrome.runtime.getPlatformInfo. // This field is replaced by OSReport and only used by old Chrome browser. optional string os_info = 2; // The user name from the OS point of view. The string is a JSON encoded // structure with a single username field containing "DOMAIN\username". // This field is replaced by os_user_name and only used by old Chrome browser. optional string os_user = 3; // Browser related info. optional BrowserReport browser_report = 4; // The device serial number (this might differ with the client ID, depending // on the platform). Deprecated: Please use // ChromeDesktopReportProtoProcessor.getBrowserDeviceIdentifier().getSerialNumber // to extract the Serial Number from the Report Request. optional string serial_number = 5 [deprecated = true]; // A string represents the name of computer. Deprecated: Please use // ChromeDesktopReportProtoProcessor.getBrowserDeviceIdentifier().getSerialNumber // to extract the Computer Name from the Report Request. optional string computer_name = 6 [deprecated = true]; // Operating system related information. optional OSReport os_report = 7; // A string contains OS user name. optional string os_user_name = 8; // Device identifier for helping identify non-Chrome OS devices. // TODO(crbug.com/40706071): This will also replace the computer_name and // serial_number fields. optional BrowserDeviceIdentifier browser_device_identifier = 9; // Public key that can be used for attesting the machine. optional string machine_attestation_key = 11; // A string that represents the device model. optional string device_model = 12; // A string that represents the brand/manufacturer of a device. optional string brand_name = 13; } // Report user level status on Chrome OS platform. Chrome OS equivalent of // ChromeDesktopReportRequest. message ChromeOsUserReportRequest { reserved 3; // Browser related info. optional BrowserReport browser_report = 1; // Android applications installed in primary profile. repeated AndroidAppInfo android_app_infos = 2; } // Report user level status on all platforms. It includes the information of the // profile that user has signed in plus some basic browser and OS information. message ChromeProfileReportRequest { // Browser related info optional BrowserReport browser_report = 1; // Basic OS information optional OSReport os_report = 2; } // A validation issue from validating a policy value that was contained in // the payload of the policy fetch response. message PolicyValueValidationIssue { // Policy name of the faulty value. optional string policy_name = 1; // LINT.IfChange enum ValueValidationIssueSeverity { // Default value for when a severity is not specified. VALUE_VALIDATION_ISSUE_SEVERITY_UNSPECIFIED = 0; // This result is a warning. The policy blob has not been rejected. VALUE_VALIDATION_ISSUE_SEVERITY_WARNING = 1; // This result is an error. The policy blob was rejected completely and not // updated on the device. VALUE_VALIDATION_ISSUE_SEVERITY_ERROR = 2; } // LINT.ThenChange(//depot/google3/chrome/cros/reporting/api/proto/policy_validation_report.proto) // Severity of this policy value validation result. optional ValueValidationIssueSeverity severity = 2; // Message containing detailed information about the value validation warning // or error (e.g. type and specific location). This message is intended as // debug information for developers (not localized). optional string debug_message = 3; } // This message is used to upload the result of cloud policy validation after a // PolicyFetchRequest. message PolicyValidationReportRequest { // |policy_type| sent in PolicyFetchRequest on the request which // returned policy with validation errors. optional string policy_type = 1; // |policy_token| from the PolicyFetchResponse. This is used to identify the // specific policy fetch event that triggered this validation report. optional string policy_token = 2; // Specifies the result type of the validation. // Each enum value can correspond to one of three client behaviors (noted as // 'Client behavior' in the comment for each enum value): // - Unknown: // It is not known if the fetched policy blob was accepted or rejected. // - Policy blob accepted: // The client has accepted and applied the fetched policy blob. // - Policy blob rejected: // The client has completely rejected the fetched policy blob. // LINT.IfChange enum ValidationResultType { // An enum value was received which is not known in this version of the // proto. // Client behavior: Unknown. VALIDATION_RESULT_TYPE_ERROR_UNSPECIFIED = 0; // Policy validated successfully. // Client behavior: Policy blob accepted. // Note: This result is here for completeness, the client will not send // reports with this enum value. VALIDATION_RESULT_TYPE_SUCCESS = 1; // Bad signature on the initial key. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_BAD_INITIAL_SIGNATURE = 2; // Bad signature. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_BAD_SIGNATURE = 3; // Policy blob contains error code. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_ERROR_CODE_PRESENT = 4; // Policy payload failed to decode. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_PAYLOAD_PARSE_ERROR = 5; // Unexpected policy type. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_WRONG_POLICY_TYPE = 6; // Unexpected settings entity id. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_WRONG_SETTINGS_ENTITY_ID = 7; // Timestamp is missing or is older than the timestamp of the previous // policy. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_BAD_TIMESTAMP = 8; // DMToken is empty or doesn't match. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_BAD_DM_TOKEN = 9; // Device id is empty or doesn't match. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_BAD_DEVICE_ID = 10; // Username doesn't match. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_BAD_USER = 11; // Policy payload protobuf parse error. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_POLICY_PARSE_ERROR = 12; // Policy key signature could not be verified using the hard-coded // verification key. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_BAD_KEY_VERIFICATION_SIGNATURE = 13; // There were validation warnings during validation of policy values in the // payload. See |policy_value_validation_results|. // Client behavior: Policy blob accepted. VALIDATION_RESULT_TYPE_VALUE_WARNING = 14; // There were validation errors during validation of policy values in the // payload. There may also have been warnings. See // |policy_value_validation_results| - that list will contain at least one // payload validation errors, and zero or more payload validation warnings. // Client behavior: Policy blob rejected. VALIDATION_RESULT_TYPE_VALUE_ERROR = 15; } // LINT.ThenChange(//depot/google3/chrome/cros/reporting/api/proto/policy_validation_report.proto) // The validation result. optional ValidationResultType validation_result_type = 3; // Value validation issues in the policy payload. Will be filled if // |validation_result_type| is VALIDATION_RESULT_TYPE_VALUE_WARNING // or VALIDATION_RESULT_TYPE_VALUE_ERROR. repeated PolicyValueValidationIssue policy_value_validation_issues = 4; } // Response from DMServer to a policy validation report. message PolicyValidationReportResponse {} message AndroidStatus { // JSON string of ARC status report. optional string status_payload = 1; // DroidGuard response obtained from DroidGuard server. optional string droid_guard_info = 2; } enum CrostiniAppType { // The default terminal App. CROSTINI_APP_TYPE_TERMINAL = 0; // A registered interactive Crostini App which is // not the default terminal app. CROSTINI_APP_TYPE_INTERACTIVE = 1; // Detected non-registered container applications. CROSTINI_APP_TYPE_OTHER = 2; } message CrostiniApp { // The default display name of the App. optional string app_name = 1; // The type of the App. optional CrostiniAppType app_type = 2; // Time stamp of last launch of the App with a three day granularity. // The timestamp is milliseconds since Epoch in UTC timezone (Java time). optional int64 last_launch_time_window_start_timestamp = 3; // If available, the name of the Debian package belonging to this App. optional string package_name = 4; // If available, the version of the Debian package belonging to this App. optional string package_version = 5; // If available, a hash of the package belonging to this App. optional string package_hash = 6; } message CrostiniStatus { // Time stamp of last launch of a Crostini app with three day granularity, // The timestamp is milliseconds since Epoch in UTC timezone (Java time). optional int64 last_launch_time_window_start_timestamp = 1; // The VM image version at the time of the last launch. optional string last_launch_vm_image_version = 2; // The VM kernel version at the time of the last launch. optional string last_launch_vm_kernel_version = 3; // Contains information about each installed app at the time of the // report. repeated CrostiniApp installed_apps = 4; } // Report current active session (a user on one device) level status. message SessionStatusReportRequest { reserved 1, 2, 3, 6; // If this is a kiosk session, this is the device local account ID. optional string device_local_account_id = 4; // Information about kiosk app for kiosk session. repeated AppStatus installed_apps = 5; // Information about ARC status. optional AndroidStatus android_status = 7; // If this is a regular user session, this is the user's DMToken. optional string user_dm_token = 8; // Time zone id of the active user. Not set for enterprise users. // Format of the id is as specified in tz database e.g. Pacific/Honolulu. For // more details check third_party/icu/source/i18n/unicode/timezone.h. optional string time_zone = 9; // Information about Crostini status. optional CrostiniStatus crostini_status = 10; // Information about all applications for this user on this device, including // uninstalled and disabled apps. repeated AppInfo app_infos = 11; } // Response from DMServer to update devices' status. // It is possible that status report fails but policy request succeed. In such // case, the DeviceStatusReportResponse will contain an error code and the // device should re-send status report data in the next policy request. The // device should re-send report data if policy request fails, even if // DeviceStatusReportResponse contains no error code. message DeviceStatusReportResponse { optional int32 error_code = 1; // Human readable error message for customer support purpose. optional string error_message = 2; } // Response from DMServer to a Chrome desktop report request. The report // upload errors will be set in the containing DeviceManagementResponse or // eventually at the HTTP level. message ChromeDesktopReportResponse {} // Response from DMServer to a ChromeOS user report request. The report // upload errors will be set in the containing DeviceManagementResponse or // eventually at the HTTP level. message ChromeOsUserReportResponse {} // Response from DMServer to a profile report request. The report // upload errors will be set in the containing DeviceManagementResponse or // eventually at the HTTP level. message ChromeProfileReportResponse {} // Response from DMServer to update user devices' status. // It is possible that status report fails but policy request succeed. In such // case, the SessionStatusReportResponse will contain an error code and the // device should re-send status report data in the next policy request. The // device should re-send report data if policy request fails, even if // SessionStatusReportResponse contains no error code. message SessionStatusReportResponse { optional int32 error_code = 1; // Human readable error message for customer support purpose. optional string error_message = 2; } // Request from client to query device state using Private Set Membership (PSM). // Please see go/cros-enterprise-psm and go/cros-client-psm for more details. message PrivateSetMembershipRequest { // A request proto from the RLWE PSM protocol. optional PrivateSetMembershipRlweRequest rlwe_request = 1; } message PrivateSetMembershipResponse { // A response proto from the RLWE PSM protocol. optional PrivateSetMembershipRlweResponse rlwe_response = 1; } message PrivateSetMembershipRlweRequest { // First request sent by the client for checking membership. optional private_membership.rlwe.PrivateMembershipRlweOprfRequest oprf_request = 1; // Second request sent by the client for checking membership. optional private_membership.rlwe.PrivateMembershipRlweQueryRequest query_request = 2; } message PrivateSetMembershipRlweResponse { // First response sent by the server for checking membership. optional private_membership.rlwe.PrivateMembershipRlweOprfResponse oprf_response = 1; // Second response sent by the server for checking membership. optional private_membership.rlwe.PrivateMembershipRlweQueryResponse query_response = 2; } // Request from device to server to determine whether the device should // go through enterprise enrollment. Unlike the other requests, this request is // not authenticated. message DeviceAutoEnrollmentRequest { // Device identifier hash, mod |modulus|. // The type of the device identifier hash depends on |enrollment_check_type|. // If |modulus| is 1, |remainder| should be 0. // |remainder| should always be present. optional int64 remainder = 1; // Modulus of the hash used by the client. For now, it is a power of 2, but // due to the strict constraint on how many serial numbers a bucket can // contain, it may become non power of 2. If that happens, client-side needs // to change its assumption. // |modulus| should always be present, but setting |modulus| to 1 means that // no bits of the client's hash are uploaded. |remainder| should be 0 in this // case. optional int64 modulus = 2; enum EnrollmentCheckType { // Unspecified. ENROLLMENT_CHECK_TYPE_UNSPECIFIED = 0; // Forced Re-Enrollment check with full SHA-256 hashes of the // server-backed state key. ENROLLMENT_CHECK_TYPE_FRE = 1; // Forced Enrollment check with SHA-256 hashes of (brand code + “_” + serial // number), truncated to first 8 bytes each. ENROLLMENT_CHECK_TYPE_FORCED_ENROLLMENT = 2; } // Specifies the type of auto enrollment check that is being made. // This also defines the format of the device identifier hash used in this // exchange. optional EnrollmentCheckType enrollment_check_type = 3 [default = ENROLLMENT_CHECK_TYPE_FRE]; } // Response from server to auto-enrollment detection request. message DeviceAutoEnrollmentResponse { // If this field is present, the other fields are ignored and the client // should send a new DeviceAutoEnrollmentRequest with a |remainder| // computed using this new |expected_modulus|. If this field is empty, the // client's request was accepted. // DMServer guarantees that if the modulus sent by client in // DeviceAutoEnrollmentRequest matches server's expectation, this field // is unset. optional int64 expected_modulus = 1; // List of hashes. If the client's hash matches any in this list, the // client device should do enterprise enrollment. If it matches none, // enrollment should be optional. // The format of each entry depends on the |enrollment_check_type| that was // set in the DeviceAutoEnrollmentRequest. repeated bytes hashes = 2; } // Sent by the client to the server. This request is keyed by the opaque // server-backed state key, (optionally) serial number and RLZ brand code; there // is no further authentication. // // This message can be used for secondary state determination by managed devices // after a hard reset to recover state. In this case, the client only sets the // `server_backed_state_key`. The device management server keeps a mapping of // this identifier to device state. In case device has been deprovisioned, the // server also performs initial enrollment check using the serial number and // brand code stored in device state from previous enrollment. // // It is also used for unified state determination, which replaces both initial // and secondary state enrollment. In this case, this request can also be sent // by brand new devices and the server would not know their serial number and // brand code, hence the values are supplied as part of the request. // // Another device state retrieval scenario is Flex Auto Enrollment initial // state determination, in which case the Flex enrollment token is included // (along with brand code and serial number) to retrieve token-keyed state // from the server. message DeviceStateRetrievalRequest { // Opaque, client-determined, unpredictable, stable and unique device // identifier to retrieve state for. This field contains 32 bytes of data that // looks essentially random to the server. It may be generated e.g. by running // a concatenation of suitable device identifiers through a cryptographic hash // algorithm such as SHA-256. optional bytes server_backed_state_key = 1; // The serial number of the device. optional string serial_number = 2; // The 4-character brand code of the device. optional string brand_code = 3; // The enrollment token for Flex Auto Enrollment. optional string enrollment_token = 4; } // Sent by the client to the server when in registered state to update the // device-determined device state keys. message DeviceStateKeyUpdateRequest { // The client-determined state keys. To the server, these look like 32 bytes // of random data. The client should generate these keys using a deterministic // algorithm that takes stable device identifiers as an input and produces a // key as the output, possibly by running the identifiers through a // cryptographic hash function such as SHA-256. repeated bytes server_backed_state_keys = 1; } // Server to client message carrying the device state response. Because the // request is not authenticated, the only protection against state extraction // from server is the unpredictability of the server-backed state ID. Thus, the // response should not contain any sensitive data. If the server doesn't know // the requested identifier, it just returns a message with restore_mode set to // RESTORE_MODE_NONE. message DeviceStateRetrievalResponse { // Restorative action to take after device reset. enum RestoreMode { // No secondary state restoration. RESTORE_MODE_NONE = 0; // Enterprise enrollment requested, but user may skip. RESTORE_MODE_REENROLLMENT_REQUESTED = 1; // Enterprise enrollment is enforced and cannot be skipped. RESTORE_MODE_REENROLLMENT_ENFORCED = 2; // The device has been disabled by its owner. The device will show a warning // screen and prevent the user from proceeding further. RESTORE_MODE_DISABLED = 3; // Enterprise enrollment is enforced using Zero-Touch and cannot be skipped. RESTORE_MODE_REENROLLMENT_ZERO_TOUCH = 4; } // The server-indicated restore mode. optional RestoreMode restore_mode = 1 [default = RESTORE_MODE_NONE]; // Primary domain the device is associated with. optional string management_domain = 2; // State that is relevant only when the |restore_mode| is // |RESTORE_MODE_DISABLED|. optional DisabledState disabled_state = 3; // Initial device state if |restore_mode| is |RESTORE_MODE_NONE|. optional DeviceInitialEnrollmentStateResponse initial_state_response = 4; // license type the device used in last enrollment optional LicenseType license_type = 5; } // Request from device to server to retrieve the enrollment mode and domain for // this device. The client will use this request when the // DeviceAutoEnrollmentRequest exchange with |enrollment_check_type| set to // |ENROLLMENT_CHECK_TYPE_FORCED_ENROLLMENT| indicated that it should be // enrolled. This request is not authenticated. message DeviceInitialEnrollmentStateRequest { // The serial number of the device. optional string serial_number = 1; // The 4-character brand code of the device. optional string brand_code = 2; // The enrollment token for Flex Auto Enrollment. optional string enrollment_token = 3; } // Response from server DeviceInitialEnrollmentStateRequest. message DeviceInitialEnrollmentStateResponse { // Initial action to take after OOBE. enum InitialEnrollmentMode { // No initial enrollment. INITIAL_ENROLLMENT_MODE_NONE = 0; // Enterprise enrollment is enforced and cannot be skipped. INITIAL_ENROLLMENT_MODE_ENROLLMENT_ENFORCED = 1; // Zero-Touch (attestation-based) enrollment is enforced and cannot be // skipped. INITIAL_ENROLLMENT_MODE_ZERO_TOUCH_ENFORCED = 2; // The device has been disabled by its owner. The device will show a warning // screen and prevent the user from proceeding further. INITIAL_ENROLLMENT_MODE_DISABLED = 3; // Token-based enrollment is enforced and cannot be skipped. INITIAL_ENROLLMENT_MODE_TOKEN_ENROLLMENT_ENFORCED = 4; } // The server-indicated initial enrollment mode. optional InitialEnrollmentMode initial_enrollment_mode = 1 [default = INITIAL_ENROLLMENT_MODE_NONE]; // The domain the device should be enrolled into. optional string management_domain = 2; // Whether the device comes packaged with a license or not. optional bool is_license_packaged_with_device = 3; // State that is relevant only when the |initial_enrollment_mode| is // |INITIAL_ENROLLMENT_MODE_DISABLED|. optional DisabledState disabled_state = 4; // License Packaging SKU type. // LINT.IfChange enum LicensePackagingSKU { // Not a License Packaged Device. NOT_EXIST = 0; // Enterprise SKU. CHROME_ENTERPRISE = 1; // Education SKU. CHROME_EDUCATION = 2; // Terminal SKU CHROME_TERMINAL = 3; } // LINT.ThenChange(//depot/google3/google/chrome/licensepackaging/v1/service.proto) // SKU Type for License Packaged Device. optional LicensePackagingSKU license_packaging_sku = 5; // Assigned upgrade type. See: go/zte-sku-consumption and go/cros-kiosk-prd // LINT.IfChange(AssignedUpgradeTypeChange) enum AssignedUpgradeType { // Unspecified ASSIGNED_UPGRADE_TYPE_UNSPECIFIED = 0; // Chrome Enterprise Upgrade (CEU) ASSIGNED_UPGRADE_TYPE_CHROME_ENTERPRISE = 1; // Kiosk & Signage Upgrade (KSU) ASSIGNED_UPGRADE_TYPE_KIOSK_AND_SIGNAGE = 2; } // LINT.ThenChange(//depot/google3/java/com/google/chrome/cros/spanner/devicemanagement/schema/enrollment.proto:AssignedUpgradeTypeChange) optional AssignedUpgradeType assigned_upgrade_type = 6; } // Sent by the client to the server to pair the Host device with the Controller // device. The HTTP request contains an end-user OAuth token and only succeeds // if both Host and Controller devices belong to the end-user domain. message DevicePairingRequest { // The device ID of the Host device. optional string host_device_id = 1; // The device ID of the Controller device. optional string controller_device_id = 2; } // Response from the server to the device pairing request. message DevicePairingResponse { // The client should check HTTP status code first. If HTTP status code is not // 200 (e.g. 500 internal error), then it means the pairing fails. If HTTP // status code is 200, then the client should check the status code within the // response. enum StatusCode { SUCCESS = 0; // A generic failure code for pairing. FAILED = 1; // The Host device cannot be found in the user's domain. HOST_DEVICE_NOT_FOUND = 2; // The Controller device cannot be found in the user's domain. CONTROLLER_DEVICE_NOT_FOUND = 3; // The Host device is deprovisioned. HOST_DEVICE_DEPROVISIONED = 4; // The Controller device is deprovisioned. CONTROLLER_DEVICE_DEPROVISIONED = 5; } optional StatusCode status_code = 1 [default = FAILED]; } // Sent by the client to the server to check if the devices are paired. The HTTP // request contains controller service account OAuth token as well as the // DMToken from the Host device. message CheckDevicePairingRequest { // The device ID of the Host device. optional string host_device_id = 1; // The device ID of the Controller device. optional string controller_device_id = 2; } // Response from the server to the check device pairing request. message CheckDevicePairingResponse { // The client should check HTTP status code first. If HTTP status code is not // 200 (e.g. 500 internal error), then it means the pairing status is unknown. // If HTTP status code is 200, then the client should check the status code // within the response. enum StatusCode { PAIRED = 0; // The Host and Controller devices are not paired. NOT_PAIRED = 1; // The Host device cannot be found in the Host device domain. HOST_DEVICE_NOT_FOUND = 2; // The Controller device cannot be found in the Host device domain. CONTROLLER_DEVICE_NOT_FOUND = 3; // The Host device is deprovisioned. HOST_DEVICE_DEPROVISIONED = 4; // The Controller device is deprovisioned. CONTROLLER_DEVICE_DEPROVISIONED = 5; // Invalid controller identity. INVALID_CONTROLLER_DEVICE_IDENTITY = 6; } optional StatusCode status_code = 1 [default = NOT_PAIRED]; } // This protobuf defines a single remote command from server to client for // execution. message RemoteCommand { // The names are used as part of metric names. If enumeration is updated // the names should also be updated: // - components/policy/core/common/cloud/enterprise_metrics.cc; // - components/policy/core/common/remote_commands/remote_commands_service.cc; // - Enterprise.RemoteCommandType in // tools/metrics/histograms/metadata/enterprise/histograms.xml; enum Type { // Simple echo command for testing, will be ignored in production code. COMMAND_ECHO_TEST = -1; // Reboot the device. DEVICE_REBOOT = 0; // Take a screenshot. DEVICE_SCREENSHOT = 1; // Set device volume. DEVICE_SET_VOLUME = 2; // Force a refresh of device status (attributes and logs). DEVICE_FETCH_STATUS = 3; // Forwards a user command received from the management server to the ARC++ // side. The payload is opaque to Chrome OS. USER_ARC_COMMAND = 4; // Wipe all the users off of the device. DEVICE_WIPE_USERS = 5; // Start Chrome Remote Desktop session. DEVICE_START_CRD_SESSION = 6; // Wipe the device (perform a powerwash). DEVICE_REMOTE_POWERWASH = 7; // Refresh the device machine certificate and re-upload it. DEVICE_REFRESH_ENTERPRISE_MACHINE_CERTIFICATE = 8; // Retrieve a list of available diagnostics routines. DEVICE_GET_AVAILABLE_DIAGNOSTIC_ROUTINES = 9; // Run a given diagnostics routine on the platform. DEVICE_RUN_DIAGNOSTIC_ROUTINE = 10; // Send a command or get an update from an existing diagnostics routine. DEVICE_GET_DIAGNOSTIC_ROUTINE_UPDATE = 11; // Clear the cache and cookies associated with a given profile. BROWSER_CLEAR_BROWSING_DATA = 12; // Reset the cellular EUICC (Embedded Universal Integrated Circuit Card) on // the device. DEVICE_RESET_EUICC = 13; // Rotates the attestation credentials associated with a browser device. BROWSER_ROTATE_ATTESTATION_CREDENTIAL = 14; // Fetch information that determines the availability of CRD on the device. FETCH_CRD_AVAILABILITY_INFO = 15; // Fetch the logs from the Support Tool on managed ChromeOS devices. FETCH_SUPPORT_PACKET = 16; // Please update metrics after adding a new item - see the comment above. } // The command type. optional Type type = 1; // An opaque unique identifier for the command. The client processes // the commands in the order of the command list it receives. optional int64 command_id = 2; // The age of the command (in milliseconds) when it is sent from server to // client, defined as current_server_time - command_generated_time. optional int64 age_of_command = 3; // Extra parameters for this command, expected to be a JSON string. The exact // format of the JSON payload depends on the command type specified by the // |type| field: // |DEVICE_SCREENSHOT|: {"fileUploadUrl" : url_string}. // |DEVICE_SET_VOLUME|: {"volume": volume_value}, where volume_value must be // an integer between 0 and 100. // |DEVICE_RUN_DIAGNOSTIC_ROUTINE|: {"routine" : routine_enum, "params" : // params_dict}, where params_dict varies by routine. // |DEVICE_GET_DIAGNOSTIC_ROUTINE_UPDATE|: {"id" : id_integer, "command" : // command, "includeOutput" : include_output_bool}, where command must be a // valid `ash::cros_healthd::mojom::DiagnosticRoutineCommandEnum`. // |DEVICE_REBOOT|: {"user_session_delay_s": delay_integer}, where delay value // represents seconds until reboot in user session. // |FETCH_SUPPORT_PACKET|: // {"supportPacketDetails":{ "issueCaseId": optional_support_case_id_string, // "issueDescription": optional_issue_description_string, // "requestedDataCollectors": [], "requestedPiiTypes": []}} optional string payload = 4; // An identifier for the target this command is for. This is the same as // the device_id in PolicyData. We rely on this identifier not being stable // across powerwashes. optional string target_device_id = 5; } // This protobuf defines the execution result of a single remote command // which will be sent back to the server. message RemoteCommandResult { // If you change this, update policy.mojom/CommandResultType. enum ResultType { RESULT_IGNORED = 0; // The command was ignored as obsolete. RESULT_FAILURE = 1; // The command could not be executed or parsed. RESULT_SUCCESS = 2; // The command was successfully executed. Commands // such as powerwash will return success before they // are executed since state will be forgotten. } // The result of the command. optional ResultType result = 1; // The opaque unique identifier of the command. This value is copied from the // RemoteCommand protobuf that contained the command. optional int64 command_id = 2; // The timestamp representing time at which the command was executed, if the // result is RESULT_SUCCESS. The timestamp is milliseconds since Epoch in UTC // timezone (Java time). optional int64 timestamp = 3; // Extra information sent to server as result of execution, expected to be a // JSON string. optional string payload = 4; } message DeviceRemoteCommandRequest { // The command ID of the last command received from the server until // now. Omitted if no commands have been received yet. optional int64 last_command_unique_id = 1; // The execution results of previously fetched commands. // The client should send back a command result whenever possible. repeated RemoteCommandResult command_results = 2; // Whether the server should send secure commands or not. optional bool send_secure_commands = 3; // What type of signature to use. Only valid if send_secure_commmands is true. // If NONE is passed, SHA1_RSA will be used instead for compatibility. optional PolicyFetchRequest.SignatureType signature_type = 4; // A string that represents the type of RemoteCommands that need to be // fetched. This type helps the server redirect the request to different // handlers. optional string type = 5; } message DeviceRemoteCommandResponse { // The queue of pending, non secure commands. If this is present then there // shall be no secure commands in this response (and vice versa). repeated RemoteCommand commands = 1; // The queue of pending, secure commands. If this is present then there shall // be no non secure commands in this response (and vice versa). // // The secure_commands.data field contains a serialized PolicyData with a // “google/chromeos/remotecommand” policy_type. The secure_commands.signature // field is a signature of the data field with the policy key for the domain // the device belongs to. repeated SignedData secure_commands = 2; } // Sent by the client to the server to check if the current user or device is // allowed to update attributes (asset id and location). The HTTP request // can contain an end-user OAuth token or a device DMToken. message DeviceAttributeUpdatePermissionRequest {} // Response from the server specifying whether the current user or device is // allowed to update attributes (asset id and location). message DeviceAttributeUpdatePermissionResponse { enum ResultType { ATTRIBUTE_UPDATE_DISALLOWED = 0; ATTRIBUTE_UPDATE_ALLOWED = 1; } optional ResultType result = 1; } // Sent by the client to the server to update device attributes (asset id and // location). The HTTP request can contain an end-user OAuth token or a device // DMToken. message DeviceAttributeUpdateRequest { // The user-generated asset identifier. optional string asset_id = 1; // The user input device location. optional string location = 2; } // Response from the server to update device attributes (asset id and location). message DeviceAttributeUpdateResponse { enum ResultType { ATTRIBUTE_UPDATE_ERROR = 0; ATTRIBUTE_UPDATE_SUCCESS = 1; } optional ResultType result = 1; } // Sent by the client to server to update the mapping from GCM id to device_id // on the server side. message GcmIdUpdateRequest { optional string gcm_id = 1; } // Response for GcmIdUpdateRequest, an empty message for now. message GcmIdUpdateResponse {} // Request from device to server to check for Android-for-Work service with // DPC enforcement. Must be sent only for users who are not managed in Chrome // OS. // Provide user's OAuth token with your HTTP Request. message CheckAndroidManagementRequest {} // Response from server to device for check for Android-for-Work service with // DPC enforcement request. // SC_CONFLICT HTTP code is returned if DPC enforcement is required. message CheckAndroidManagementResponse {} // Request to register a new device (authenticated by enterprise enrollment // certificate). See http://go/zero-touch-chrome for details. // The response message will be the DeviceRegisterResponse. message CertificateBasedDeviceRegisterRequest { // Signed request to register with a certificate. The signed_request.data // field contains a CertificateBasedDeviceRegistrationData with a nonce // (as added by the Chrome OS cryptohome client) appended. The // signed_request.signature field is a signature of the data field signed // with the enrollment certificate's private key. optional SignedData signed_request = 1; } // Request from device to server to register a device (authenticated with an // enrollment token). message TokenBasedDeviceRegisterRequest { optional DeviceRegisterRequest device_register_request = 1; } // Response to a token-based device registration request // (@code `TokenBasedDeviceRegisterRequest`). message TokenBasedDeviceRegisterResponse { optional DeviceRegisterResponse device_register_response = 1; } // Requested configuration to be passed along a registration request. message DeviceRegisterConfiguration { // The device owner's email address. optional string device_owner = 1; } message CertificateBasedDeviceRegistrationData { enum CertificateType { UNKNOWN = 0; ENTERPRISE_ENROLLMENT_CERTIFICATE = 1; } optional CertificateType certificate_type = 1; // Device certificate in X.509 format. // We use CertificateFactory.generateCertificate() call and // the certificate provided must be DER-encoded and may be supplied in binary // or printable (Base64) encoding. If the certificate is provided in Base64 // encoding, it must be bounded at the beginning by // -----BEGIN CERTIFICATE-----, and must be bounded at the end by // -----END CERTIFICATE-----. optional bytes device_certificate = 2; // regular device registration request optional DeviceRegisterRequest device_register_request = 3; // Additional configuration to register the device. optional DeviceRegisterConfiguration device_register_configuration = 4; } // Request to enroll a Chrome browser. Fields match identically named fields // in ChromeBrowserDeviceInfo. message RegisterBrowserRequest { // The name of the machine within its local network. optional string machine_name = 1; // Platform, e.g., Windows or Mac. optional string os_platform = 2; // Platform specific version number, e.g., 6.1.7601.0 or 10.12.6 optional string os_version = 3; // Device identifier for helping identify non-Chrome OS devices. // TODO(crbug.com/40706071): This will also replace the machine_name field. optional BrowserDeviceIdentifier browser_device_identifier = 4; // The device model, e.g., iPad6,11 optional string device_model = 5; // A string that represents the brand/manufacturer of a device. optional string brand_name = 6; } // Gets an enrollment token to a managed Google Play account for using it with // Active Directory. Sent when a new user logs in with Active Directory and // opens Play Store for the first time. message ActiveDirectoryEnrollPlayUserRequest { // A server-provider identifier for the previously established SAML session. // If left empty and SAML authentication is required, // ActiveDirectoryEnrollPlayUserResponse.saml_parameters.auth_redirect_url // will contain initial Redirect required to start the SAML flow. optional string auth_session_id = 1; } // The result when a new user logs in to Play Store with Active Directory. // 904 Arc Disabled HTTP error code is returned if the reason of the failure is // that ARC is not enabled for the domain. // 403 Forbidden HTTP error code is returned if the device can't get Managed // Google Play accounts. message ActiveDirectoryEnrollPlayUserResponse { // The enrollment token which can be used to fetch a Managed Google Play // account. optional string enrollment_token = 1; // The user id which identifies the user enrolled by this token. This user id // is opaque to the client and is only used in the ActiveDirectoryPlayActivity // requests. optional string user_id = 2; // If SAML authentication is required, SAML flow parameters are specified in // this proto and both enrollment_token and user_id fields are left unset. optional SamlParametersProto saml_parameters = 3; } message SamlParametersProto { // Initial Redirect URL to start the SAML flow. optional string auth_redirect_url = 1; // Auth Session ID which the client is supposed to use in the subsequent // DMServer request (to be sent after SAML flow completes). optional string auth_session_id = 2; } // Gets a URL to the SAML IdP authentication flow for using it with public // SAML session. Sent when a user logs in to a SAML public session account. message PublicSamlUserRequest { // Identifier for the public saml account. Same as // DeviceLocalAccountInfoProto.account_id. optional string account_id = 1; } // The result when a user logs in to a SAML public session account. message PublicSamlUserResponse { // SAML flow parameters are specified in this proto. optional SamlParametersProto saml_parameters = 1; } // Reports that a managed Google Play account is used. This makes the garbage // collection of accounts possible by reporting the ones which are still in use. message ActiveDirectoryPlayActivityRequest { // The user id received in ActiveDirectoryEnrollPlayUserResponse which // identifies the user. optional string user_id = 1; } // Response to the Play account activity request. message ActiveDirectoryPlayActivityResponse {} // DEPRECATED: Request to retrieve available device licenses. User auth token // or auth cookie must be provided with DeviceManagementRequest when // CheckDeviceLicenseRequest is being sent. // See go/cdm-mixed-license-pool for more info message CheckDeviceLicenseRequest {} // Represents availability of a single license type. message LicenseAvailability { // License type. optional LicenseType license_type_deprecated = 1 [deprecated = true]; // Remaining available licenses (can be 0). optional int32 available_licenses_deprecated = 2 [deprecated = true]; } // DEPRECATED: Response to a check device license request. message CheckDeviceLicenseResponse { enum LicenseSelectionMode { // Should not happen, included for compatibility. UNDEFINED = 0; // User is allowed to choose license. USER_SELECTION = 1; // Admin controls license selection preferences through management UI. ADMIN_SELECTION = 2; } // Policy setting value for license selection mode. optional LicenseSelectionMode license_selection_mode_deprecated = 1 [deprecated = true]; // Provides available license counts for each purchased license type. // This field would list each subscription for the domain even if all licenses // have been used up (in which case available_licenses field is set to zero). // // If license_selection_mode == USER_SELECTION and license_availability // contains more than one entry then device should display a screen asking // user to choose license type and send selected license type value in the // DeviceRegisterRequest.license_type field. repeated LicenseAvailability license_availabilities_deprecated = 2 [deprecated = true]; } // Sign in an Active Directory user using SAML SSO. The device management server // redirects the client to the Active Directory server in order to authenticate // and identify the Active Directory user. Active Directory redirects the client // back to the device management server with an assertion of the Active // Directory user's identity. The device management server then redirects the // client to Google's authentication service in order to provision the user on // the device. message ActiveDirectoryUserSigninRequest {} message ActiveDirectoryUserSigninResponse { // Initial Redirect URL to start the SAML flow. optional string auth_redirect_url = 1; } // Contains information about the TPM used on the device. message TpmVersionInfo { enum GscVersion { GSC_VERSION_UNSPECIFIED = 0; GSC_VERSION_NOT_GSC = 1; GSC_VERSION_CR50 = 2; GSC_VERSION_TI50 = 3; } optional uint32 family = 1; optional uint64 spec_level = 2; optional uint32 manufacturer = 3; optional uint32 tpm_model = 4; optional uint64 firmware_version = 5; optional string vendor_specific = 6; optional GscVersion gsc_version = 7; // This field represents the tpm device id and vendor id // which is a combined value as declared in the TPM spec. optional string did_vid = 8; } // Contains status of the TPM unit. message TpmStatusInfo { optional bool enabled = 1; optional bool owned = 2; // This field was previously named "initialized", but that's not a valid name // for a proto field since it generates isInitialized method for the Java // binding which collides with the isInitialized method that exists for all // Java protos. optional bool tpm_initialized = 3; optional bool attestation_prepared = 4; optional bool attestation_enrolled = 5; optional int32 dictionary_attack_counter = 6; optional int32 dictionary_attack_threshold = 7; optional bool dictionary_attack_lockout_in_effect = 8; optional int32 dictionary_attack_lockout_seconds_remaining = 9; // DEPRECATED: Not filled by the client anymore (since b/172748724). optional bool boot_lockbox_finalized = 10 [deprecated = true]; optional bool owner_password_is_present = 11; optional TpmSupportedFeatures tpm_supported_features = 12; } // Contains information about specific features of the TPM unit. message TpmSupportedFeatures { optional bool is_allowed = 1; optional bool support_pinweaver = 2; optional bool support_runtime_selection = 3; optional bool support_u2f = 4; } // System state included with some log events. message SystemState { // VolumeInfo is reused from existing Chrome reporting. repeated VolumeInfo volume_infos = 1; } // A single entry in the install log for an extension. message ExtensionInstallReportLogEvent { // Enumerates the possible event types. enum EventType { // Not used. LOG_EVENT_TYPE_UNKNOWN = 0; // Requested by policy to install the extension. POLICY_REQUEST = 1; // Install success. SUCCESS = 2; // Request canceled. CANCELED = 3; // Connectivity state changed. CONNECTIVITY_CHANGE = 4; // Session state changed. SESSION_STATE_CHANGE = 5; // Extension installation failed. INSTALLATION_FAILED = 6; } // Enumerates the possible changes in session state. enum SessionStateChangeType { // Not used. SESSION_STATE_CHANGE_TYPE_UNKNOWN = 0; // Session starting. LOGIN = 1; // Session ending. LOGOUT = 2; // Suspending. SUSPEND = 3; // Resuming. RESUME = 4; } // Possible failure reasons. See InstallStageTracker::FailureReason for more // details. InstallStageTracker::FailureReason is the main enum and this is // a copy used for reporting purposes. enum FailureReason { FAILURE_REASON_UNKNOWN = 0; INVALID_ID = 1; MALFORMED_EXTENSION_SETTINGS = 2; REPLACED_BY_ARC_APP = 3; MALFORMED_EXTENSION_DICT = 4; NOT_SUPPORTED_EXTENSION_DICT = 5; MALFORMED_EXTENSION_DICT_FILE_PATH = 6; MALFORMED_EXTENSION_DICT_VERSION = 7; MALFORMED_EXTENSION_DICT_UPDATE_URL = 8; LOCALE_NOT_SUPPORTED = 9; NOT_PERFORMING_NEW_INSTALL = 10; TOO_OLD_PROFILE = 11; DO_NOT_INSTALL_FOR_ENTERPRISE = 12; ALREADY_INSTALLED = 13; CRX_FETCH_FAILED = 14; MANIFEST_FETCH_FAILED = 15; MANIFEST_INVALID = 16; NO_UPDATE = 17; CRX_INSTALL_ERROR_DECLINED = 18; CRX_INSTALL_ERROR_SANDBOXED_UNPACKER_FAILURE = 19; CRX_INSTALL_ERROR_OTHER = 20; NO_UPDATE_URL = 21; PENDING_ADD_FAILED = 22; DOWNLOADER_ADD_FAILED = 23; IN_PROGRESS = 24; CRX_FETCH_URL_EMPTY = 25; CRX_FETCH_URL_INVALID = 26; OVERRIDDEN_BY_SETTINGS = 27; REPLACED_BY_SYSTEM_APP = 28; } // Stage of extension installing process. See InstallStageTracker::Stage for // more details. InstallStageTracker::Stage is the main enum and this is // a copy used for reporting purposes. The entries are in the order they occur // in the installation process. enum InstallationStage { INSTALLATION_STAGE_UNKNOWN = 0; CREATED = 1; PENDING = 2; DOWNLOADING = 3; INSTALLING = 4; COMPLETE = 5; } // Type of current user. See user_manager::UserType for more details. // user_manager::UserType is the main enum and this is a copy used for // reporting purposes. enum UserType { USER_TYPE_UNKNOWN = 0; USER_TYPE_REGULAR = 1; USER_TYPE_GUEST = 2; USER_TYPE_PUBLIC_ACCOUNT = 3; USER_TYPE_SUPERVISED_DEPRECATED = 4 [deprecated = true]; USER_TYPE_KIOSK_APP = 5; USER_TYPE_CHILD = 6; USER_TYPE_ARC_KIOSK_APP = 7; USER_TYPE_ACTIVE_DIRECTORY = 8; USER_TYPE_WEB_KIOSK_APP = 9; } // Current stage of the extension downloading process. See // ExtensionDownloaderDelegate::Stage for more details. // ExtensionDownloaderDelegate::Stage is the main enum and this is a copy used // for reporting purposes. enum DownloadingStage { DOWNLOADING_STAGE_UNKNOWN = 0; DOWNLOAD_PENDING = 1; QUEUED_FOR_MANIFEST = 2; DOWNLOADING_MANIFEST = 3; DOWNLOADING_MANIFEST_RETRY = 4; PARSING_MANIFEST = 5; MANIFEST_LOADED = 6; QUEUED_FOR_CRX = 7; DOWNLOADING_CRX = 8; DOWNLOADING_CRX_RETRY = 9; FINISHED = 10; } // Current stage of the extension creation process. See // InstallStageTracker::InstallCreationStage for more details. // InstallStageTracker::InstallCreationStage is the main enum and this is a // copy used for reporting purposes. enum InstallCreationStage { INSTALL_CREATION_STAGE_UNKNOWN = 0; CREATION_INITIATED = 1; NOTIFIED_FROM_MANAGEMENT_INITIAL_CREATION_FORCED = 2; NOTIFIED_FROM_MANAGEMENT_INITIAL_CREATION_NOT_FORCED = 3; NOTIFIED_FROM_MANAGEMENT = 4; NOTIFIED_FROM_MANAGEMENT_NOT_FORCED = 5; SEEN_BY_POLICY_LOADER = 6; SEEN_BY_EXTERNAL_PROVIDER = 7; } // Status of cache when an attempt is made to fetch the extension from it // during the downloading process. See // ExtensionDownloaderDelegate::CacheStatus for more details. // ExtensionDownloaderDelegate::CacheStatus is the main enum and this is a // copy used for reporting purposes. enum DownloadCacheStatus { CACHE_UNKNOWN = 0; CACHE_DISABLED = 1; CACHE_MISS = 2; CACHE_OUTDATED = 3; CACHE_HIT = 4; CACHE_HIT_ON_MANIFEST_FETCH_FAILURE = 5; } // All the ways SandboxedUnpacker can fail. See // extensions::SandboxedUnpackerFailureReason for more details. // extensions::SandboxedUnpackerFailureReason is the main enum and this is a // copy used for reporting purposes. enum SandboxedUnpackerFailureReason { SANDBOXED_UNPACKER_FAILURE_REASON_UNKNOWN = 0; COULD_NOT_GET_TEMP_DIRECTORY = 1; COULD_NOT_CREATE_TEMP_DIRECTORY = 2; FAILED_TO_COPY_EXTENSION_FILE_TO_TEMP_DIRECTORY = 3; COULD_NOT_GET_SANDBOX_FRIENDLY_PATH = 4; COULD_NOT_LOCALIZE_EXTENSION = 5; INVALID_MANIFEST = 6; UNPACKER_CLIENT_FAILED = 7; UTILITY_PROCESS_CRASHED_WHILE_TRYING_TO_INSTALL = 8; CRX_FILE_NOT_READABLE = 9; CRX_HEADER_INVALID = 10; CRX_MAGIC_NUMBER_INVALID = 11; CRX_VERSION_NUMBER_INVALID = 12; CRX_EXCESSIVELY_LARGE_KEY_OR_SIGNATURE = 13; CRX_ZERO_KEY_LENGTH = 14; CRX_ZERO_SIGNATURE_LENGTH = 15; CRX_PUBLIC_KEY_INVALID = 16; CRX_SIGNATURE_INVALID = 17; CRX_SIGNATURE_VERIFICATION_INITIALIZATION_FAILED = 18; CRX_SIGNATURE_VERIFICATION_FAILED = 19; ERROR_SERIALIZING_MANIFEST_JSON = 20; ERROR_SAVING_MANIFEST_JSON = 21; COULD_NOT_READ_IMAGE_DATA_FROM_DISK_UNUSED = 22; DECODED_IMAGES_DO_NOT_MATCH_THE_MANIFEST_UNUSED = 23; INVALID_PATH_FOR_BROWSER_IMAGE = 24; ERROR_REMOVING_OLD_IMAGE_FILE = 25; INVALID_PATH_FOR_BITMAP_IMAGE = 26; ERROR_RE_ENCODING_THEME_IMAGE = 27; ERROR_SAVING_THEME_IMAGE = 28; DEPRECATED_ABORTED_DUE_TO_SHUTDOWN = 29; COULD_NOT_READ_CATALOG_DATA_FROM_DISK_UNUSED = 30; INVALID_CATALOG_DATA = 31; INVALID_PATH_FOR_CATALOG_UNUSED = 32; ERROR_SERIALIZING_CATALOG = 33; ERROR_SAVING_CATALOG = 34; CRX_HASH_VERIFICATION_FAILED = 35; UNZIP_FAILED = 36; DIRECTORY_MOVE_FAILED = 37; CRX_FILE_IS_DELTA_UPDATE = 38; CRX_EXPECTED_HASH_INVALID = 39; DEPRECATED_ERROR_PARSING_DNR_RULESET = 40; ERROR_INDEXING_DNR_RULESET = 41; CRX_REQUIRED_PROOF_MISSING = 42; CRX_HEADER_VERIFIED_CONTENTS_UNCOMPRESSING_FAILURE = 43; MALFORMED_VERIFIED_CONTENTS = 44; COULD_NOT_CREATE_METADATA_DIRECTORY = 45; COULD_NOT_WRITE_VERIFIED_CONTENTS_INTO_FILE = 46; } // Reason why extension failed due to failure reason MANIFEST_INVALID. See // extensions::ManifestInvalidError for more details. // extensions::ManifestInvalidError is the main enum and this is a // copy used for reporting purposes. enum ManifestInvalidError { MANIFEST_INVALID_ERROR_UNKNOWN = 0; XML_PARSING_FAILED = 1; INVALID_XLMNS_ON_GUPDATE_TAG = 2; MISSING_GUPDATE_TAG = 3; INVALID_PROTOCOL_ON_GUPDATE_TAG = 4; MISSING_APP_ID = 5; MISSING_UPDATE_CHECK_TAGS = 6; MULTIPLE_UPDATE_CHECK_TAGS = 7; INVALID_PRODVERSION_MIN = 8; EMPTY_CODEBASE_URL = 9; INVALID_CODEBASE_URL = 10; MISSING_VERSION_FOR_UPDATE_CHECK = 11; INVALID_VERSION = 12; BAD_UPDATE_SPECIFICATION = 13; BAD_APP_STATUS = 14; } // Extended error code if the extension installation failed due to CRX install // error. See extensions::CrxInstallErrorDetail for more details. // extensions::CrxInstallErrorDetail is the main enum and this is a // copy used for reporting purposes. enum CrxInstallErrorDetail { CRX_INSTALL_ERROR_DETAIL_UNKNOWN = 0; CONVERT_USER_SCRIPT_TO_EXTENSION_FAILED = 1; UNEXPECTED_ID = 2; UNEXPECTED_VERSION = 3; MISMATCHED_VERSION = 4; CRX_ERROR_MANIFEST_INVALID = 5; INSTALL_NOT_ENABLED = 6; OFFSTORE_INSTALL_DISALLOWED = 7; INCORRECT_APP_CONTENT_TYPE = 8; NOT_INSTALLED_FROM_GALLERY = 9; INCORRECT_INSTALL_HOST = 10; DEPENDENCY_NOT_SHARED_MODULE = 11; DEPENDENCY_OLD_VERSION = 12; DEPENDENCY_NOT_ALLOWLISTED = 13; UNSUPPORTED_REQUIREMENTS = 14; EXTENSION_IS_BLOCKLISTED = 15; DISALLOWED_BY_POLICY = 16; KIOSK_MODE_ONLY = 17; OVERLAPPING_WEB_EXTENT = 18; CANT_DOWNGRADE_VERSION = 19; MOVE_DIRECTORY_TO_PROFILE_FAILED = 20; CANT_LOAD_EXTENSION = 21; USER_CANCELED = 22; USER_ABORTED = 23; UPDATE_NON_EXISTING_EXTENSION = 24; } // Timestamp, in microseconds since epoch. Set for all log // events. optional int64 timestamp = 1; // Event type. Set for all log events. optional EventType event_type = 2; // Total and available space on the stateful partition, in bytes. Set for // event types INSTALLATION_FAILED and SUCCESS. optional int64 stateful_total = 3; optional int64 stateful_free = 4; // Network state. Set for event type SESSION_STATE_CHANGE of type LOGIN and // CONNECTIVITY_CHANGE. optional bool online = 5; // Type of session state change. Set for event type SESSION_STATE_CHANGE. optional SessionStateChangeType session_state_change_type = 6; // Type of failure reason. Set for event type INSTALLATION_FAILED. optional FailureReason failure_reason = 7; // Stage of installation process. optional InstallationStage installation_stage = 8; // Stage of downloading process. optional DownloadingStage downloading_stage = 9; // Type of the extension. Set for event type SUCCESS and sometimes (when // possible) for INSTALLATION_FAILED. optional Extension.ExtensionType extension_type = 10; // Type of the current user. optional UserType user_type = 11; // Whether the current user is new. optional bool is_new_user = 12; // Whether the current failure is a admin side miconfiguration failure. Set // for event type INSTALLATION_FAILED. optional bool is_misconfiguration_failure = 13; // Stage of install creation process. optional InstallCreationStage install_creation_stage = 14; // Status of cache during downloading process. optional DownloadCacheStatus download_cache_status = 15; // Detailed reason why unpacking of extension failed. optional SandboxedUnpackerFailureReason unpacker_failure_reason = 16; // Detailed reason why extension failed due to failure reason // MANIFEST_INVALID. optional ManifestInvalidError manifest_invalid_error = 17; // Extended error code if the extension installation failed due to CRX install // error. optional CrxInstallErrorDetail crx_install_error_detail = 18; // Fetch error code when failure_reason is CRX_FETCH_FAILED or // MANIFEST_FETCH_FAILED. optional int32 fetch_error_code = 19; // Number of fetch tries made when failure reason is CRX_FETCH_FAILED or // MANIFEST_FETCH_FAILED. optional int32 fetch_tries = 20; } // A single entry in the push-install log for an app. message AppInstallReportLogEvent { // Enumerates the possible event types. enum EventType { // Not used. LOG_EVENT_TYPE_UNKNOWN = 0; // Request received by device SERVER_REQUEST = 1; // Request forwarded to CloudDPC CLOUDDPC_REQUEST = 2; // Request forwarded to CloudDPS CLOUDDPS_REQUEST = 3; // Response received from CloudDPS CLOUDDPS_RESPONSE = 4; // Log line written by Phonesky PHONESKY_LOG = 5; // Install success SUCCESS = 6; // Request canceled CANCELED = 7; // Connectivity state changed CONNECTIVITY_CHANGE = 8; // Session state changed SESSION_STATE_CHANGE = 9; // Package installation started INSTALLATION_STARTED = 10; // Package installation finished INSTALLATION_FINISHED = 11; // Package installation failed INSTALLATION_FAILED = 12; // Direct install scheduled DIRECT_INSTALL = 13; // No more regular attempts to install CLOUDDPC_MAIN_LOOP_FAILED = 14; // PlayStore local policy was set PLAYSTORE_LOCAL_POLICY_SET = 15; } // Enumerates the possible changes in session state. enum SessionStateChangeType { // Not used. SESSION_STATE_CHANGE_TYPE_UNKNOWN = 0; // Session starting LOGIN = 1; // Session ending LOGOUT = 2; // Suspending SUSPEND = 3; // Resuming RESUME = 4; } // Timestamp, in microseconds since epoch. Set for all log // events. optional int64 timestamp = 1; // Event type. Set for all log events. optional EventType event_type = 2; // Total and available space on the stateful partition, in bytes. Set for // event types SERVER_REQUEST, CLOUDDPS_RESPONSE, INSTALLATION_STARTED, // INSTALLATION_FINISHED, INSTALLATION_FAILED and SUCCESS. optional int64 stateful_total = 3; optional int64 stateful_free = 4; // CloudDPS response. Set for event type CLOUDDPS_RESPONSE. optional int32 clouddps_response = 5; // Log line written by Phonesky. Set for event type PHONESKY_LOG. optional string phonesky_log = 6; // Network state. Set for event type SESSION_STATE_CHANGE of type LOGIN and // CONNECTIVITY_CHANGE. optional bool online = 7; // Type of session state change. Set for event type SESSION_STATE_CHANGE. optional SessionStateChangeType session_state_change_type = 8; // ARC++ Android id. optional int64 android_id = 9; } // Log bucket for an extension. message ExtensionInstallReport { // Extension id for the extension. optional string extension_id = 1; // Whether the log is incomplete, e.g. due to the log ring buffer overflowing // or disk corruption. optional bool incomplete = 2; // Log events for the extension. repeated ExtensionInstallReportLogEvent logs = 3; } // Log bucket for an ARC++ app. message AppInstallReport { // Package name of the app. optional string package = 1; // Whether the log is incomplete, e.g. due to the log ring buffer overflowing // or disk corruption. optional bool incomplete = 2; // Log events for the app. repeated AppInstallReportLogEvent logs = 3; } // Push-install logs for all ARC++ apps. message AppInstallReportRequest { // Log buckets for each app. repeated AppInstallReport app_install_reports = 1; } // Installation logs for all extensions. message ExtensionInstallReportRequest { // Log buckets for each extension. repeated ExtensionInstallReport extension_install_reports = 1; } // Response from server after receiving a report on the status of app // push-installs. message AppInstallReportResponse {} // Request from device to stop using a previously issued service account. // The identity of a freshly-issued service account will be returned by a // subsequent device policy fetch (see the |service_account_identity| field in // |PolicyData| and auth codes tied to the new service account can be retrieved // by subsequent |DeviceServiceApiAccessRequest| requests. message RefreshAccountRequest { enum AccountType { ACCOUNT_TYPE_UNSPECIFIED = 0; // Refresh demo mode user account. // See go/cros-demo-mode and go/demo-mode-account-brainstorm. CHROME_OS_DEMO_MODE = 1; } optional AccountType account_type = 1; } // Response from server after receiving a request to refresh the service // account. message RefreshAccountResponse {} // Request from device to upload RSU lookup key. message RsuLookupKeyUploadRequest { // Google brand code for the given device SKU. optional bytes board_id = 1; // Hashed Cr50 device ID. optional bytes cr50_hashed_device_id = 2; } // Response to {@code RsuLookupKeyUploadRequest}. message RsuLookupKeyUploadResponse { // Whether RSU lookup key was received. optional bool rsu_lookup_key_updated = 1; } // Information about an eSIM profile installed on an EUICC (Embedded Universal // Integrated Circuit Card). message ESimProfileInfo { // ICCID of the eSIM profile. Up to 22 decimal digits encoded as ASCII string. // Example: 3554020401587593554020. optional string iccid = 1; // SM-DP+ (Subscription Manager - Data Preparation) activation code that was // used to install this eSIM profile. The "address" terminology is historical // since the string is not strictly just an address. This field should be // considered mutually exclusive with |smds_address|. Up to 255 characters // encoded as UTF8 string. // Example: LPA:1$esim.example.com$matchingId optional string smdp_address = 2; // SM-DS (Subscription Manager - Discovery Service) activation code that was // used to install this eSIM profile. The "address" terminology is historical // since the string is not strictly just an address. This field should be // considered mutually exclusive with |smdp_address|. Up to 255 characters // encoded as UTF8 string. // Example: LPA:1$esim.example.com$ optional string smds_address = 3; // The name of the policy-defined network that resulted in the installation of // this eSIM profile. This metadata is required to guarantee that multiple // policy-defined networks that are configured with the same activation code // are handled correctly, and will result in the appropriate number of eSIM // profiles being installed. optional string name = 4; } // Request from device to server to update information about EUICCs // on the device. message UploadEuiccInfoRequest { // Number of EUICCs on the device. optional uint32 euicc_count = 1; // List of policy provisioned eSIM profiles on the device. repeated ESimProfileInfo esim_profiles = 2; // A boolean flag which indicates that the list of eSim profiles was cleared. // We use this differentiate between intentionally empty profile list(after // cleanup) or not yet provisioned one. // On the server, we would ignore requests where |esim_profiles| is empty // if |clear_profile_list| is not set to |true| to not accidentally clear the // values previously stored for this device(which can happen in a case of // device being in after-powerwash state, for example). optional bool clear_profile_list = 3; } // Response from server to device for EUICC status update. message UploadEuiccInfoResponse {} // An event used for reporting when a new print job has completed. message PrintJobEvent { message PrintJobConfiguration { // The ID of the job. This and the device ID uniquely identify a print job // in enterprise reporting. optional string id = 1; // The name of the document. optional string title = 2; // The final status of the job. optional int32 status = 3; // The time the print job was created in milliseconds since epoch. optional int64 creation_timestamp_ms = 4; // The time the print job was completed in milliseconds since epoch. optional int64 completion_timestamp_ms = 5; // The number of pages in the document. optional int32 number_of_pages = 6; // The settings of the print job. optional PrintSettings settings = 7; } enum UserType { UNKNOWN_USER_TYPE = 0; REGULAR = 1; GUEST = 2; KIOSK = 3; } message Printer { // Displayed name of the printer in the client. optional string name = 1; // URI of the printer, which serves as a unique identifier. optional string uri = 2; // Printer ID. optional string id = 3; } // The finishing settings of the print job. message PrintSettings { enum ColorMode { UNKNOWN_COLOR_MODE = 0; BLACK_AND_WHITE = 1; COLOR = 2; } enum DuplexMode { UNKNOWN_DUPLEX_MODE = 0; ONE_SIDED = 1; TWO_SIDED_LONG_EDGE = 2; TWO_SIDED_SHORT_EDGE = 3; } message MediaSize { // Width (in micrometers) optional int32 width = 1; // Height (in micrometers) optional int32 height = 2; // Platform specific id to map it back to the particular media. optional string vendor_id = 3; } optional ColorMode color = 1; optional DuplexMode duplex = 2; optional MediaSize media_size = 3; optional int32 copies = 4; } optional PrintJobConfiguration job_configuration = 1; optional UserType user_type = 2; optional Printer printer = 3; } // Provides information about an installed app. message App { // Enum listing the available types of the apps. // Aligned with apps::mojom::AppType. enum AppType { // Unknown/undefined. UNKNOWN = 0; // ARC++/Android app. ARC = 1; // Built-in app. BUILT_IN = 2; // Linux/crostini app. CROSTINI = 3; // Chrome extension. EXTENSION = 4; // Progressive web app. WEB = 5; // Plugin VM app. PLUGIN_VM = 6; // Borealis VM app. BOREALIS = 7; // Bruschetta VM app. BRUSCHETTA = 8; } // ID of the installed application. Package name for Android apps and 32 // character long app id for other applications (PWAs, Extensions, Built-in // apps). optional string app_id = 1; // Type of the application. optional AppType app_type = 2; // Additional IDs of the installed application if exist. // For example it will contain Chrome style 32 character long ids for Android // apps, that use package name as their primary ID. repeated string additional_app_id = 3; } // Information about app activity used for Per-App Time Limits feature. message AppActivity { // Enumerates different states that the app can have. enum AppState { // State not known. UNKNOWN = 0; // Default state - no restrictions enforced. DEFAULT = 1; // Important app that cannot be blocked, because it is essential for the OS. ALWAYS_AVAILABLE = 2; // App blocked on the client. BLOCKED = 3; // App reached usage limit on the client. LIMIT_REACHED = 4; // App was uninstalled. It still might have some recent unreported activity. UNINSTALLED = 5; } // App identifying information. optional App app_info = 1; // A list of time periods when the app was active. repeated TimePeriod active_time_periods = 2; // Timestamp when this activity data were populated. // Specified in milliseconds since Epoch in UTC timezone (Java time). optional int64 populated_at = 3; // State of the app on client at the time of reporting. To maintain // consistency and help debugging between client and Family Link. optional AppState app_state = 4; } // Models a window for screen time. message ScreenTimeSpan { optional TimePeriod time_period = 1; // The actual activity duration during a particular time period window // (in milliseconds). optional int64 active_duration_ms = 2; } // Informs the server about the current state of a child user's session, to // allow parent supervision. message ChildStatusReportRequest { // The user's DMToken. optional string user_dm_token = 1; // Timestamp of this status report in milliseconds since epoch. optional int64 timestamp_ms = 2; // Time zone id of the active user (e.g. America/Sao_Paulo). // For more details check `third_party/icu/source/i18n/unicode/timezone.h`. optional string time_zone = 3; // A list of time spans when the screen was on during the user's session. repeated ScreenTimeSpan screen_time_span = 4; // Information about ARC status. optional AndroidStatus android_status = 5; // The OS version reported by the device is a platform version // e.g. 1435.0.2011_12_16_1635. optional string os_version = 6; // "Verified", "Dev". Same as verified mode. // If the mode is unknown, this field should not be set. optional string boot_mode = 7; // A list of per-app activity used for Per-App Time Limits feature. // It might not be sent in every report. repeated AppActivity app_activity = 8; // A list of applications which are hidden from the user. repeated App hidden_app = 9; // Next id: 10. } // Response from DMServer to update user devices' status. // It is possible that status report fails but policy request succeed. In such // case, the ChildStatusReportResponse will contain an error code and the // device should re-send status report data in the next policy request. The // device should re-send report data if policy request fails, even if // ChildStatusReportResponse contains no error code. message ChildStatusReportResponse { optional int32 error_code = 1; // Human readable error message for customer support purpose. optional string error_message = 2; } // Hashing Algorithm for Client Certificate Provisioning Flow. enum HashingAlgorithm { // DO NOT USE HASHING_ALGORITHM_UNSPECIFIED = 0; SHA1 = 1; SHA256 = 2; // Do not hash the input data - assume it is input to the signature algorithm. // The client supports this starting with M-89. // // For SigningAlgorithm RSA_PKCS1_V1_5, the client will perform PKCS#1 v1.5 // padding on `data_to_sign`. `data_to_sign` is expected to already contain a // PKCS#1 DigestInfo prefix - the client will not attempt to add such a // prefix. Also `data_to_sign` must be shorter than (key_size-11) bytes. If no // other key size was specified in the // RequiredClientCertificateFor{User,Device} policy, 2048 bits is assumed. NO_HASH = 3; } // Signing Algorithm for Client Certificate Provisioning Flow. enum SigningAlgorithm { // DO NOT USE SIGNING_ALGORITHM_UNSPECIFIED = 0; RSA_PKCS1_V1_5 = 1; } // Client Certificate Provisioning "Static" Flow, Stage 1: Start a CSR request. // No additional fields because cert_profile_id and public_key are passed in the // outer message. message StartCsrRequest {} message StartCsrResponse { // The client should register for FCM messages using this topic in order to // receive notifications for the certificate provisioning process. optional string invalidation_topic = 1; // The verified access challenge. optional bytes va_challenge = 2; // Algorithm to hash data with before signing. optional HashingAlgorithm hashing_algorithm = 5; // Algorithm to sign data with for CSR creation. optional SigningAlgorithm signing_algorithm = 3; // Data to sign for CSR creation. optional bytes data_to_sign = 4; } // Client Certificate Provisioning "Static" Flow, Stage 2: Finish the CSR // request. message FinishCsrRequest { // Verified access challenge response. optional bytes va_challenge_response = 1; // The signature generated using the private key. optional bytes signature = 2; } message FinishCsrResponse {} // Client Certificate Provisioning "Static" Flow, Stage 3: Download the issued // certificate. message DownloadCertRequest {} message DownloadCertResponse { // PEM-encoded issued certificate. optional string pem_encoded_certificate = 1; } // "Dynamic" flow: Used to start a cerificate provisioning process. message CertProvStartRequest {} message CertProvStartResponse { // The client should register for FCM messages using this topic in order to // receive notifications for the certificate provisioning process. optional string invalidation_topic = 1; } // "Dynamic" flow: Used to fetch the next instruction that the client should // process. message CertProvGetNextInstructionRequest {} message CertProvGetNextInstructionResponse { // One of the instructions must be filled. // If no instruction is available yet, the server should respond with a // `CertProvBackendError` instead of a `CertProvGetNextInstructionResponse`. oneof instruction { CertProvAuthorizeInstruction authorize_instruction = 1; CertProvProofOfPossessionInstruction proof_of_possession_instruction = 2; CertProvImportCertificateInstruction import_certificate_instruction = 3; } } // "Dynamic" flow: Used to authorize the client, currently using a Verified // Access challenge response. // The client should send this request after it received a // `CertProvAuthorizeInstruction`. message CertProvAuthorizeRequest { // Verified access challenge response. optional bytes va_challenge_response = 1; } message CertProvAuthorizeResponse {} // "Dynamic" flow: Upload the result of a `ProofOfPossessionInstruction`. message CertProvUploadProofOfPossessionRequest { // A client-generated cryptographic signature proving the possession of the // client's private key. // The signing key is the client-owned private key corresponding to // `ClientCertificateProvisioningRequest.public_key`. // The signed data has been previously delivered by the server in // `CertProvProofOfPossessionInstruction.data_to_sign`. // The hashing and signing algorithms have been previously delivered by the // server in the `hashing_algorithm` and `signing_algorithm` fields of // `CertProvProofOfPossessionInstruction`. optional bytes signature = 1; } message CertProvUploadProofOfPossessionResponse {} // The client should perform an authorization step. message CertProvAuthorizeInstruction { // The verified access challenge. optional bytes va_challenge = 1; } // The client should provide a proof-of-possession signature generated using // the private key. message CertProvProofOfPossessionInstruction { // Data to sign for CSR creation. // Depending on the `signature_algorithm` this may either contain the PKCS#1 // DigestInfo in DER format (note that it must be shorter than (key_size-11) // bytes) or unhashed data. The client must process `data_to_sign` according // to the specified `signature_algorithm`, see comments in the // `CertProvSignatureAlgorithm` enum for more details. optional bytes data_to_sign = 1; // The signature algorithm that the client uses to process `data_to_sign`. // This defines both the hashing and signing algorithm the client should use. optional CertProvSignatureAlgorithm signature_algorithm = 2; } // The algorithm that the client should use / has used to sign data using its // private key for proof-of-posession. enum CertProvSignatureAlgorithm { // Default value. This value is unused. SIGNATURE_ALGORITHM_UNSPECIFIED = 0; // The server-side builds the PKCS#1 DigestInfo, i.e., the SHA256 hash // is constructed on the server-side. The client should sign using RSA // with PKCS#1 v1.5 padding. If no other key size was specified in the // RequiredClientCertificateFor{User,Device} policy, 2048 bits is assumed. SIGNATURE_ALGORITHM_RSA_PKCS1_V1_5_NO_HASH = 1; } // The client should import an issued certificate. message CertProvImportCertificateInstruction { // PEM-encoded issued certificate. optional string pem_encoded_certificate = 1; } // Start / continue client certificate provisioning process for the profile // `cert_profile_id`. message ClientCertificateProvisioningRequest { reserved 9 to 11; // The id that uniquely identifies a certificate provisioning process. optional string certificate_provisioning_process_id = 16; // The scope of the certificate. Similar to policy_type in PolicyFetchRequest. // google/chromeos/device => a certificate for a device is being requested. // google/chromeos/user => a certificate for a user is being requested. optional string certificate_scope = 1; // The id of the client certificate profile, specified in the policy. optional string cert_profile_id = 2; // The public key for which the certificate should be issued. It's a // DER-serialized X.509 SubjectPublicKeyInfo. optional bytes public_key = 3; // Only filled if this is a request for a certificate for a user optional string device_dm_token = 4; oneof request { // "Static" flow // (go/chromeos-mgmt-cert-provisioning#heading=h.mh0xyf2o1ums). StartCsrRequest start_csr_request = 5; FinishCsrRequest finish_csr_request = 6; DownloadCertRequest download_cert_request = 7; // "Dynamic" flow (go/cert-prov-api-dm-changes) CertProvStartRequest start_request = 12; CertProvGetNextInstructionRequest get_next_instruction_request = 13; CertProvAuthorizeRequest authorize_request = 14; CertProvUploadProofOfPossessionRequest upload_proof_of_possession_request = 15; } // Received as part of policy for client certificate profiles. The client // should not interpret this data and should forward it verbatim. DMServer // uses `policy_version` as a hint to verify that the policy view of DMServer // matches the view of Chrome OS device. optional bytes policy_version = 8; } // This marks an error between ChromeOS client and backend, including those // involving the Certificate Authority or a Connector software. // These could be mapped to HTTP error codes, but reuse of HTTP error codes was // deemed confusing and difficult in the existing device management protocol // (see existing usage of HTTP error codes described in the // `DeviceManagementResponse` comment). message CertProvBackendError { // If a new error code is added to the enum and used by the DM Server to // propagate an error, ChromeOS clients running older versions // will not be aware of the new error code. As proto2 is using closed enums, // accessing such an unknown enum field returns the enum's default value // which is the first defined enum value, i.e., `ERROR_UNSPECIFIED`. ChromeOS // clients treat this error by marking the associated certificate provisioning // process as failing. enum Error { ERROR_UNSPECIFIED = 0; // The attempted request is invalid in the current state of the certificate // provisioning process. INVALID_OPERATION = 1; // The client has sent inconsistent data. This can happen if the client has // outdated policy. INCONSISTENT_DATA = 2; // The identity of the client could not be verified. IDENTITY_VERIFICATION_ERROR = 3; // The Certificate Provisioning Process (CPP) already exists and cannot be // started again. CPP_ALREADY_EXISTS = 4; // The backend does not accept the public key sent by the client. BAD_PUBLIC_KEY = 5; // The signature provided by the client is invalid. INVALID_SIGNATURE = 6; // The next instruction on how to proceed in the certificate provisioning // protocol is not yet available. INSTRUCTION_NOT_YET_AVAILABLE = 7; // The CA did not respond within the deadline. CA_UNAVAILABLE = 8; // The CA exhibited an internal server error. CA_FAILURE = 9; // The referenced certificate provisioning profile does not exist. PROFILE_NOT_FOUND = 10; // The user primary email cannot be found. USER_PRIMARY_EMAIL_NOT_FOUND = 11; // The certificate provisioning profile is referencing a non-existent CA // connection. CA_CONNECTION_NOT_FOUND = 12; // The CA connection referenced by the certificate provisioning profile // is referencing a non-existent PubSub topic, or the system does not have // permission to publish to that PubSub topic. PUBSUB_TOPIC_NOT_FOUND = 13; // The Adapter uploaded a certificate that cannot be parsed or was issued // for a wrong public key. BAD_ADAPTER_CERTIFICATE_RECEIVED = 14; // The requested certificate provisioning process cannot be found on // Spanner. CERTIFICATE_PROVISIONING_PROCESS_NOT_FOUND = 15; } // The specific error type. optional Error error = 1; // A debug message that could be useful for understanding the error. optional string debug_message = 2; } // Response for ClientCertificateProvisioningRequest. message ClientCertificateProvisioningResponse { reserved 6; // Error conditions that the server side reports to the client that don't fit // into the standard HTTP error schema. // Note that HTTP errors can still be signaled for the client certificate // provisioning requests, e.g. bad DMToken or internal errors will be // propagated as HTTP errors. enum Error { UNDEFINED = 0; // The backend has not received a certificate within the time limit. TIMED_OUT = 1; // The identity of the client could not be verified. IDENTITY_VERIFICATION_ERROR = 2; // The CA encountered an error when processing the certification request. CA_ERROR = 3; // The client has sent inconsistent data. INCONSISTENT_DATA = 4; // The backend does not accept the public key sent by the client. BAD_PUBLIC_KEY = 5; // The leaf CA certificate specified by the admin is invalid. BAD_CA_CERTIFICATE_SPECIFIED = 6; // The certificate received from the certificate enrollment agent cannot be // parsed or is not issued by the leaf CA certificate specified by the // admin. BAD_CLIENT_CERTIFICATE_RECEIVED = 7; // The CSR signature provided by the client is invalid. INVALID_CSR_SIGNATURE = 8; // A certificate signing request for the same public key has already been // sent. CSR_ALREADY_SENT = 9; } // If filled, the request can currently not be processed and the client // is supposed to try again later using the same data. // The value is the number of milliseconds when the client should // automatically retry. // Used in "Static" flow only. optional int64 try_again_later = 1; oneof response { // Used in "Static" flow. Error error = 2; StartCsrResponse start_csr_response = 3; FinishCsrResponse finish_csr_response = 4; DownloadCertResponse download_cert_response = 5; // Used in "Dynamic" flow. CertProvStartResponse start_response = 7; CertProvGetNextInstructionResponse get_next_instruction_response = 8; CertProvAuthorizeResponse authorize_response = 9; CertProvUploadProofOfPossessionResponse upload_proof_of_possession_response = 10; CertProvBackendError backend_error = 11; } } // Request from browser to server to upload public key. // GoogleDMToken MUST be in HTTP Authorization header. message BrowserPublicKeyUploadRequest { enum KeyTrustLevel { // UNSPECIFIED. KEY_TRUST_LEVEL_UNSPECIFIED = 0; // Chrome Browser with the key stored in the device hardware. CHROME_BROWSER_HW_KEY = 1; // Chrome Browser with the key stored at OS level. CHROME_BROWSER_OS_KEY = 2; } enum KeyType { KEY_TYPE_UNSPECIFIED = 0; RSA_KEY = 1; EC_KEY = 2; } // Public key in EC_NID_X9_62_PRIME256V1_PUBLIC_DER format. optional bytes public_key = 1; // Signature of the new public key signed using the existing key, empty for // initial upload. optional bytes signature = 2; // Trust Level of the key. optional KeyTrustLevel key_trust_level = 3; // Type of the key. optional KeyType key_type = 4; // Whether the server should create a client certificate for that public key // and return it as part of the response or not. optional bool provision_certificate = 5; } // Response from server to device for cert upload request. message BrowserPublicKeyUploadResponse { enum ResponseCode { UNDEFINED = 0; // The new key is uploaded successfully. SUCCESS = 1; // The signature could not be verified. INVALID_SIGNATURE = 2; } optional ResponseCode response_code = 1; // If the request had `provision_certificate` as true, this property will // contain the X.509 client certificate in PEM format. optional string pem_encoded_certificate = 2; } // Upload request for Firebase Messaging token to communicate registration token // to the server. The response message will be // `FmRegistrationTokenUploadResponse`. // See go/cros-invalidation-with-direct-messaging. message FmRegistrationTokenUploadRequest { // Scope of the uploaded token. enum TokenType { DEVICE = 0; BROWSER = 1; USER = 2; } optional string token = 1; // Invalidation protocol version that uploader currently supports. optional int64 protocol_version = 2; // Scope of the uploaded token. optional TokenType token_type = 3; // Token's expiration timestamp in milliseconds since Epoch in UTC timezone // (Java time). optional int64 expiration_timestamp_ms = 4; } // Response to `FmRegistrationTokenUploadRequest`. message FmRegistrationTokenUploadResponse {} // Additional detail about the error which can be used to clarify user messaging // around the error or to influence Chrome's error-handling behavior. enum DeviceManagementErrorDetail { NO_ERROR_DETAIL = 0; // Only valid for CBCM browser DEVICE_NOT_FOUND errors. Indicates that the // DMToken should be deleted entirely from its storage location. CBCM_DELETION_POLICY_PREFERENCE_DELETE_TOKEN = 1; // Only valid for CBCM browser DEVICE_NOT_FOUND errors. Indicates that the // DMToken should be invalidated, preventing device re-enrollment. CBCM_DELETION_POLICY_PREFERENCE_INVALIDATE_TOKEN = 2; } // Request from the DMAgent on the device to the DMServer. This is // container for all requests from device to server. The overall HTTP // request MUST be in the following format: // // * HTTP method is POST // * Data mime type is application/x-protobuffer // * See GoogleContentTypeEnum.java // * HTTP parameters are (all required, all case sensitive): // * request: MUST BE one of // * api_authorization // * cert_upload // * check_device_pairing // * device_pairing // * device_state_retrieval // * enterprise_check // * enterprise_psm_check // * chrome_desktop_report // * chrome_os_user_report // * policy // * register // * status_upload // * unregister // * remote_commands // * attribute_update_permission // * attribute_update // * gcm_id_update // * check_android_management // * certificate_based_register // * active_directory_enroll_play_user // * active_directory_play_activity // * active_directory_user_signin // * register_browser // * policy_validation_report // * device_initial_enrollment_state // * refresh_account // * client_cert_provisioning // * browser_public_key_upload // * upload_euicc_info // * devicetype: MUST BE "1" for Android, "2" for Chrome OS or "3" for Chrome // browser. // * apptype: MUST BE Android or Chrome. // * deviceid: MUST BE no more than 64-char in [\x21-\x7E]. // * agent: MUST BE no more than 64-char long. // * HTTP Authorization header MUST be in the following formats: // * For register for Chrome browsers and token_based_register requests. // Authorization: GoogleEnrollmentToken token= // // * For unregister, policy, status, cert_upload, remote_commands, // gcm_id_update, active_directory_enroll_play_user, // active_directory_play_activity, active_directory_user_signin, // policy_validation_report, chrome_desktop_report, // chrome_os_user_report, refresh_account, client_cert_provisioning, // api_authorization requests // Authorization: GoogleDMToken token= // // * The Authorization header isn't used for enterprise_check, // enterprise_psm_check, device_initial_enrollment_state or // certificate_based_register requests. // It is also not used for register requests and check_android_management // requests - for these requests, the OAuth token is passed in the "oauth" // HTTP query parameter. // // DeviceManagementRequest should only contain one request which matches the // HTTP query parameter - request, as mentioned in comments on the fields of the // message. Other requests within the container will be ignored. message DeviceManagementRequest { reserved 24; // unused previous version of chrome_desktop_report_request. // Register request. // HTTP query parameter 'request': 'register' optional DeviceRegisterRequest register_request = 1; // Unregister request. // HTTP query parameter 'request': 'unregister' optional DeviceUnregisterRequest unregister_request = 2; // Policy request. // HTTP query parameter 'request': 'policy' optional DevicePolicyRequest policy_request = 3; // Update status. // HTTP query parameter 'request': 'status' // (this applies to all of the following three fields, and they can all be // present in the same request). optional DeviceStatusReportRequest device_status_report_request = 4; optional SessionStatusReportRequest session_status_report_request = 5; optional ChildStatusReportRequest child_status_report_request = 30; // Auto-enrollment detection. // HTTP query parameter 'request': 'enterprise_check' optional DeviceAutoEnrollmentRequest auto_enrollment_request = 6; // EMCert upload (for remote attestation) // HTTP query parameter 'request': 'cert_upload' optional DeviceCertUploadRequest cert_upload_request = 7; // Request for OAuth2 authorization codes to access Google services. // HTTP query parameter 'request': 'api_authorization' optional DeviceServiceApiAccessRequest service_api_access_request = 8; // Device-state retrieval. // HTTP query parameter 'request': 'device_state_retrieval' optional DeviceStateRetrievalRequest device_state_retrieval_request = 9; // Device state key update. // HTTP query parameter 'request': 'policy' optional DeviceStateKeyUpdateRequest device_state_key_update_request = 10; // Pair two devices. // HTTP query parameter 'request': 'device_pairing' optional DevicePairingRequest device_pairing_request = 11; // Check if two devices are paired. // HTTP query parameter 'request': 'check_device_pairing' optional CheckDevicePairingRequest check_device_pairing_request = 12; // Remote command fetching. // HTTP query parameter 'request': 'remote_commands' optional DeviceRemoteCommandRequest remote_command_request = 13; // Check permission for updating device attribute. // HTTP query parameter 'request': 'attribute_update_permission' optional DeviceAttributeUpdatePermissionRequest device_attribute_update_permission_request = 14; // Update device attribute. // HTTP query parameter 'request': 'attribute_update' optional DeviceAttributeUpdateRequest device_attribute_update_request = 15; // Update the GCM id to device_id mapping. // HTTP query parameter 'request': 'gcm_id_update' optional GcmIdUpdateRequest gcm_id_update_request = 16; // Check if user is a managed Android-for-Work user with DPC enforcement. // HTTP query parameter 'request': 'check_android_management' optional CheckAndroidManagementRequest check_android_management_request = 17; // Request to register with a registration certificate. // HTTP query parameter 'request': 'certificate_based_register' optional CertificateBasedDeviceRegisterRequest certificate_based_register_request = 18; // Gets an enrollment token to a Managed Google Play Account for using it with // Active Directory. // HTTP query parameter 'request': 'active_directory_enroll_play_user' optional ActiveDirectoryEnrollPlayUserRequest active_directory_enroll_play_user_request = 19; // Reports that a Play account is used. // HTTP query parameter 'request': 'active_directory_play_activity' optional ActiveDirectoryPlayActivityRequest active_directory_play_activity_request = 20; // Request device license information. optional CheckDeviceLicenseRequest check_device_license_request_deprecated = 21 [deprecated = true]; // Initiate an Active Directory user signin. // HTTP query parameter 'request': 'active_directory_user_signin' optional ActiveDirectoryUserSigninRequest active_directory_user_signin_request = 22; // Request to register a browser independently of its users. // HTTP query parameter 'request': 'register_browser' optional RegisterBrowserRequest register_browser_request = 23; // A report on the status of app push-installs. // HTTP query parameter 'request': 'app_install_report' optional AppInstallReportRequest app_install_report_request = 25; // A Chrome desktop report request. // HTTP query parameter 'request': 'chrome_desktop_report' optional ChromeDesktopReportRequest chrome_desktop_report_request = 26; // Result of validating fetched policy on the client. // HTTP query parameter 'request': 'policy_validation_report' optional PolicyValidationReportRequest policy_validation_report_request = 27; // Query for initial enrollment details. // HTTP query parameter 'request': 'device_initial_enrollment_state' optional DeviceInitialEnrollmentStateRequest device_initial_enrollment_state_request = 28; // Request from device to wipe an old account and get a new account. // HTTP query parameter 'request': 'refresh_account' optional RefreshAccountRequest refresh_account_request = 29; // Request from device to upload RSU lookup key. // TODO(crbug.com/40210185): seems unused optional RsuLookupKeyUploadRequest rsu_lookup_key_upload_request = 31; // Request from device for SAML IdP URL address. // HTTP query parameter 'request': 'public_saml_user_request' optional PublicSamlUserRequest public_saml_user_request = 32; // A ChromeOS user report request. // HTTP query parameter 'request': 'chrome_os_user_report' optional ChromeOsUserReportRequest chrome_os_user_report_request = 33; // Request to start / continue client certificate provisioning process. // HTTP query parameter 'request': 'client_cert_provisioning' optional ClientCertificateProvisioningRequest client_certificate_provisioning_request = 34; // A report on the status of extension install process. // TODO(crbug.com/40210185): seems unused. optional ExtensionInstallReportRequest extension_install_report_request = 35; // Request to check user account for smart enrollment. // HTTP query parameter 'request': 'check_user_account' optional CheckUserAccountRequest check_user_account_request = 36; // Request from device to check the state stored in PSM. Currently, it is used // for ZTE/LP device initial enrollment state check. // HTTP query parameter 'request': 'enterprise_psm_check' optional PrivateSetMembershipRequest private_set_membership_request = 37; // Request from browser to upload public key. // HTTP query parameter 'request': 'browser_public_key_upload' optional BrowserPublicKeyUploadRequest browser_public_key_upload_request = 38; // Request to upload info about eSIM provisioning. // HTTP query parameter 'request': 'upload_euicc_info' optional UploadEuiccInfoRequest upload_euicc_info_request = 39; // Request to upload profile usage information. // HTTP query parameter 'request': 'chrome_profile_report' optional ChromeProfileReportRequest chrome_profile_report_request = 40; // Request to register a device with an enrollment token. // HTTP query parameter 'request': 'token_based_register' optional TokenBasedDeviceRegisterRequest token_based_device_register_request = 41; optional FmRegistrationTokenUploadRequest fm_registration_token_upload_request = 42; // Next id: 43. } // Response from server to device. // // For release clients, DMServer returns errors using HTTP Status Code, so that // clients only need to check one place for all error codes. It is also easier // to perform log analysis and customer support since HTTP Status Code is easily // visible in the logs. // // Possible HTTP status codes: // 200 OK: valid response is returned to client. // 400 Bad Request: invalid argument or payload. // 401 Unauthorized: invalid auth cookie/OAuth token, DMToken or enrollment // token. // 402 Missing license. // 403 Forbidden: device management is not allowed (e.g. user may not enroll). // 404 Not Found: the request URL is invalid. // 405 Invalid serial number. // 406 Domain mismatch (e.g. device is enrolling into the wrong domain, should // force-re-enroll into another domain). // 409 Device id conflict. // 410 Device Not Found: the device id is not found. // 412 Pending approval. Used with ClientCertificateProvisioningRequest to // indicate that a certificate has not been issued yet. // 413 Request payload too large. // 417 Consumer (non-dasher) account can not enroll with packaged license. // 429 Too many requests. // 500 Internal Server Error: most likely a bug in DM server. // 503 Service Unavailable: most likely a backend error. // 902 Policy Not Found: the policy is not found. // 903 Deprovisioned: the device has been deprovisioned. // 904 Arc Disabled: ARC is not enabled on the domain. // 905 Can not enroll packaged license device to domainless customer. // 906 TOS has not been accepted by customer. // 907 Illegal account for packaged EDU license. message DeviceManagementResponse { reserved 1, 24; // Error message. optional string error_message = 2; // Additional details about the error message. repeated DeviceManagementErrorDetail error_detail = 39; // Register response optional DeviceRegisterResponse register_response = 3; // Unregister response optional DeviceUnregisterResponse unregister_response = 4; // Policy response. optional DevicePolicyResponse policy_response = 5; // Update status report response. optional DeviceStatusReportResponse device_status_report_response = 6; optional SessionStatusReportResponse session_status_report_response = 7; optional ChildStatusReportResponse child_status_report_response = 29; // Auto-enrollment detection response. optional DeviceAutoEnrollmentResponse auto_enrollment_response = 8; // EMCert upload response. optional DeviceCertUploadResponse cert_upload_response = 9; // Response to OAuth2 authorization code request. optional DeviceServiceApiAccessResponse service_api_access_response = 10; // Device-state retrieval. optional DeviceStateRetrievalResponse device_state_retrieval_response = 11; // Response to device pairing request. optional DevicePairingResponse device_pairing_response = 12; // Response to check device pairing request. optional CheckDevicePairingResponse check_device_pairing_response = 13; // Response to remote command request. optional DeviceRemoteCommandResponse remote_command_response = 14; // Response to check device attribute update permission. optional DeviceAttributeUpdatePermissionResponse device_attribute_update_permission_response = 15; // Response to update device attribute. optional DeviceAttributeUpdateResponse device_attribute_update_response = 16; // Response to GCM id update request. optional GcmIdUpdateResponse gcm_id_update_response = 17; // Response to check Android management request. optional CheckAndroidManagementResponse check_android_management_response = 18; // Response to an Active Directory Play user enrollment request. optional ActiveDirectoryEnrollPlayUserResponse active_directory_enroll_play_user_response = 19; // Response to a Play activity request. optional ActiveDirectoryPlayActivityResponse active_directory_play_activity_response = 20; // Response to a check device license request. optional CheckDeviceLicenseResponse check_device_license_response_deprecated = 21 [deprecated = true]; // Response to a request initiating an Active Directory user signin. optional ActiveDirectoryUserSigninResponse active_directory_user_signin_response = 22; // Response to a Chrome desktop report request. optional ChromeDesktopReportResponse chrome_desktop_report_response = 23; // Response a report on the status of app push-installs optional AppInstallReportResponse app_install_report_response = 25; // Response to a policy validation report. optional PolicyValidationReportResponse policy_validation_report_response = 26; // Response to initial enrollment details query. optional DeviceInitialEnrollmentStateResponse device_initial_enrollment_state_response = 27; // Response to refresh account request. optional RefreshAccountResponse refresh_account_response = 28; // Response to RSU lookup key upload request. optional RsuLookupKeyUploadResponse rsu_lookup_key_upload_response = 30; // Response to public SAML session user request. optional PublicSamlUserResponse public_saml_user_response = 31; // Response to a ChromeOS user report request. optional ChromeOsUserReportResponse chrome_os_user_report_response = 32; // Response to a client certificate provisioning request. optional ClientCertificateProvisioningResponse client_certificate_provisioning_response = 33; // Response to a checking user account type for smart enrollment. optional CheckUserAccountResponse check_user_account_response = 34; // Response to a client private set membership request. optional PrivateSetMembershipResponse private_set_membership_response = 35; // Response to browser public key upload request. optional BrowserPublicKeyUploadResponse browser_public_key_upload_response = 36; // Response to EUICC info upload request. optional UploadEuiccInfoResponse upload_euicc_info_response = 37; // Response to a Chrome Profile report request. optional ChromeProfileReportResponse chrome_profile_report_response = 38; // Response to a token-based register request. optional TokenBasedDeviceRegisterResponse token_based_device_register_response = 40; optional FmRegistrationTokenUploadResponse fm_registration_token_upload_response = 41; // Next id: 42. } // Device State Information stored in the server is retrieval at // enrollment process. Learn more at go/cros-enterprise-psm message DeviceStateRetrievalInfo { // Whether the device should retrieve initial state or not. optional bool has_initial_state = 1; }