chromium/chromeos/services/network_config/public/mojom/cros_network_config.mojom

// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

// This API is used for configuring network connections (Cellular, Ethernet,
// VPN, WiFi, or Tether). See the Open Network Configuration
// (ONC) documentation for detailed descriptions of properties:
// components/onc/docs/onc_spec.md.

// Currently this service is implemented in the Chrome Browser process with
// clients in Chrome and WebUI.

module chromeos.network_config.mojom;

import "chromeos/services/network_config/public/mojom/network_types.mojom";
import "mojo/public/mojom/base/time.mojom";
import "services/network/public/mojom/ip_address.mojom";
import "url/mojom/url.mojom";

// The maximum number of custom APNs that a cellular network can have.
const uint8 kMaxNumCustomApns = 10;

// Activation state for Cellular networks.
enum ActivationStateType {
  kUnknown,
  kNotActivated,
  kActivating,
  kPartiallyActivated,
  kActivated,
  // A cellular modem exists, but no network service is available.
  kNoService,
};

// The authentication type for Ethernet networks.
enum AuthenticationType {
  kNone,
  k8021x,
};

// Tri-state status of hidden_ssid.
enum HiddenSsidMode {
  // Let the platform decide based on the presence of the SSID in current scan.
  kAutomatic,
  // HiddenSSID = false
  kDisabled,
  // HiddenSSID = true
  kEnabled,
};

enum ProxyMode {
  // Direct connection to the network.
  kDirect,
  // Try to retrieve a PAC script from http://wpad/wpad.dat.
  kAutoDetect,
  // Try to retrieve a PAC script from kProxyPacURL.
  kPacScript,
  // Use a specified list of servers.
  kFixedServers,
  // Use the system's proxy settings.
  kSystem,
};

// The security type for WiFi Ethernet networks.
enum SecurityType {
  kNone,
  kWep8021x,
  kWepPsk,
  kWpaEap,
  kWpaPsk,
};

// The network match type for WiFi Passpoint networks.
enum MatchType {
  // The Wi-Fi network had no match with Passpoint credentials.
  kNoMatch,
  // The WiFi network matched with a set of Passpoint credentials as a provider
  // home network.
  kHome,
  // The WiFI network matched with a set of Passpoint credentials as a provider
  // roaming network.
  kRoaming,
  // The match type of the network is unknown.
  kUnknown,
};

// The configuration type for virtual networks.
enum VpnType {
  // Internal VPN types.
  kIKEv2,
  kL2TPIPsec,
  kOpenVPN,
  kWireGuard,
  // VPN provided by a Chrome Extension.
  kExtension,
  // VPN provided by an Arc++ app.
  kArc,
};

// Filter used for requesting lists of network states.
enum FilterType {
  // Return active networks. A network is active when its ConnectionStateType
  // != kNotConnected. The ConnectionStateType is defined in
  // network_types.mojom.
  kActive,
  // Return visible (active, physically connected or in-range) networks.
  // Active networks will be listed first.
  kVisible,
  // Only include configured (saved) networks.
  kConfigured,
  // Include all networks.
  kAll,
};

enum StartConnectResult {
  // The request was successfully sent.
  kSuccess,
  // The provided GUID is not associated with an existing network configuration.
  kInvalidGuid,
  // The network is not in a connectable state (e.g. already connected or
  // connecting, or a required service is unavailable).
  kInvalidState,
  // The connect request was cancelled before being sent, e.g. due to another
  // connect request.
  kCanceled,
  // The network is in an error state because invalid credentials were provided
  // or a certificate is unavailable.
  kNotConfigured,
  // Connecting to the network is blocked, e.g. by policy.
  kBlocked,
  // Unknown or other error.
  kUnknown,
};

enum CertificateType {
  kServerCA,
  kUserCert,
};

// Reasons why the Cellular Device may have its scanning inhibited (i.e.,
// temporarily stopped).
enum InhibitReason {
  // Not inhibited.
  kNotInhibited,
  // Inhibited because an eSIM profile is being installed.
  kInstallingProfile,
  // Inhibited because an eSIM profile is being renamed.
  kRenamingProfile,
  // Inhibited because an eSIM profile is being removed.
  kRemovingProfile,
  // Inhibited because a connection is in progress which requires that the
  // device switch to a different eSIM profile.
  kConnectingToProfile,
  // Inhibited because the list of pending eSIM profiles is being refreshed by
  // checking with an SMDS server.
  kRefreshingProfileList,
  // Inhibited because the EUICC memory is being reset.
  kResettingEuiccMemory,
  // Inhibited because an eSIM profile is being disabled.
  kDisablingProfile,
  // Inhibited because SM-DS scans are being performed to discover profiles
  // available for this device.
  kRequestingAvailableProfiles,
};

// Always-on VPN operating mode.
enum AlwaysOnVpnMode {
  // Always-on VPN is disabled.
  kOff,
  // Always-on VPN is enabled, traffic goes through the tunnel as long as it is
  // available, otherwise it falls back to the default network.
  kBestEffort,
  // Always-on VPN is enabled and traffic is blocked when the tunnel is not
  // available.
  kStrict,
};

// The SIM card lock status for Cellular networks.
struct SIMLockStatus {
  // The status of SIM lock. Possible values are 'sim-pin', 'sim-puk' or empty.
  string lock_type;
  // Whether SIM lock is enabled.
  bool lock_enabled;
  // Number of PIN lock tries allowed before PUK is required to unlock the SIM.
  int32 retries_left;
};

// Details about a sim slot available on the device.
struct SIMInfo {
  // Slot identifier.
  int32 slot_id;
  // EID of EUICC at this slot. Empty if this is a physical SIM slot.
  string eid;
  // ICCID of the eSIM profile or the physical SIM
  // card active on this slot when available from Shill.
  string iccid;
  // True when this slot is currently active.
  bool is_primary;
};

struct CellularStateProperties {
  // ICCID of the eSIM profile or the physical SIM that corresponds to this
  // network.
  string iccid;
  // The EID of EUICC that this network is installed on. Empty if this network
  // corresponds to a physical SIM.
  string eid;
  // Enumerated ONC activation state.
  ActivationStateType activation_state = kUnknown;
  // ONC NetworkTechnology value.
  string network_technology;
  // True when in a roaming state and the provider is not always roaming.
  bool roaming = false;
  // The signal strength of the cellular connection.
  int32 signal_strength;
  // True when a SIM is present and has locking enabled.
  bool sim_lock_enabled = false;
  // True when a SIM is present and locked.
  bool sim_locked = false;
  // String representing the SIM lock type. This will be empty when the SIM
  // is unlocked.
  string sim_lock_type;
  // True when a SIM has a custom name.
  bool has_nick_name = false;
  // String representing the network operator.
  string network_operator;
  PaymentPortalProperties? payment_portal;
};

struct EthernetStateProperties {
  // This represents the actual authentication type for a connected Ethernet
  // network. Note: An EAP configuration may exist but not be applied (e.g. if
  // no certificate is installed), in which case the value will be kNone.
  AuthenticationType authentication;
};

struct TetherStateProperties {
  // The battery percentage of the tethered device.
  int32 battery_percentage;
  // The cellular carrier for the tethered device.
  string carrier;
  // Whether the tethered device has already been connected to.
  bool has_connected_to_host;
  // The signal strength of the tethered device's cellular connection.
  int32 signal_strength;
};

struct VPNStateProperties {
  VpnType type;
  string provider_id;
  string provider_name;
};

struct WiFiStateProperties {
  // The id of the basic service set (access point) associated with the network.
  string bssid;
  // The WiFi service operating frequency in MHz. For connected networks, the
  // current frequency, otherwise, the frequency of the best available BSS.
  int32 frequency;
  // The hex encoded SSID (name) of the network.
  string hex_ssid;
  SecurityType security;
  // The signal strength for visible networks.
  int32 signal_strength;
  // The network SSID.
  string ssid;
  // Whether the network is in range.
  bool visible;
  // Whether the AP has a hidden SSID.
  bool hidden_ssid;
  // Identifier of the set of Passpoint credentials that populated this Wi-Fi
  // network.
  string passpoint_id;
};

union NetworkTypeStateProperties {
  CellularStateProperties cellular;
  EthernetStateProperties ethernet;
  TetherStateProperties tether;
  VPNStateProperties vpn;
  WiFiStateProperties wifi;
};

struct NetworkStateProperties {
  // True if the network is configured and may be connectable.
  bool connectable = false;
  // True if an explicit connect was requested. The network state may not be
  // Connecting yet.
  bool connect_requested = false;
  ConnectionStateType connection_state;
  // A string describing the network error state. TODO(stevenjb): Use an enum.
  string? error_state;
  // The unique identifier for the network.
  string guid;
  // The human readable name of the network, e.g. WiFi SSID or network type.
  string name;
  // The captive portal state when connection_state == kPortal.
  PortalState portal_state = kUnknown;
  // The URL used to identify a captive portal state, set when portal_state is
  // kPortal or kPortalSuspected.
  url.mojom.Url? portal_probe_url;
  // The relative priority of the network. Larger values have higher priority.
  int32 priority;
  // The proxy mode affecting this network. Includes any settings that affect
  // this network (i.e. global proxy settings are also considered).
  ProxyMode proxy_mode;
  // True for visible networks that are blocked / disallowed by policy.
  bool prohibited_by_policy = false;
  OncSource source;
  // |type| is explicitly provided here to simplify UI code and will always
  // match the type of |type_state|, which will always be provided.
  NetworkType type;
  NetworkTypeStateProperties type_state;
};

struct DeviceStateProperties {
  // IP address for the primary network corresponding to the device type. If no
  // network is in a connected state, or the address type is not available,
  // these will be null. When there are multiple IP addresses, only the first
  // is provided.
  network.mojom.IPAddress? ipv4_address;
  network.mojom.IPAddress? ipv6_address;
  // IMEI of the cellular modem. Present only for Cellular device.
  string? imei;
  // AA:BB formatted MAC address for the device. Use for display purposes only.
  // May be null if no MAC address is available for the device.
  string? mac_address;
  // Set if the device is currently scanning.
  bool scanning = false;
  // The SIM lock status if Type = Cellular and a SIM is present.
  SIMLockStatus? sim_lock_status;
  // Details about the physical SIM and eSIM available on the device if Type =
  // Cellular. Note that the array will be ordered by the |slot_id|.
  array<SIMInfo>? sim_infos;
  // The reason for cellular scans to be inhibited; only set if Type = Cellular.
  InhibitReason inhibit_reason = kNotInhibited;
  // True when a SIM is required and not present.
  bool sim_absent = false;
  DeviceStateType device_state;
  NetworkType type;
  // Whether or not any managed networks are available.
  bool managed_network_available = false;
  // Serial number of the device, reported for cellular devices
  // to start with. Displayed along with IMEI/EID to help user
  // unlock carrier locked device.
  string? serial;
  // Indicates if the device is carrier locked.
  // Reported only for cellular devices. Defaults to false
  // for other device types.
  bool is_carrier_locked = false;
  // Indicates whether the device is in the flashing state. Reported only
  // for cellular devices. Defaults to false for other device types.
  bool is_flashing = false;
};

const int32 kNoLimit = 0;

struct NetworkFilter {
  // Which networks to return (active, visible, etc).
  FilterType filter;
  // The type of networks to return.
  NetworkType network_type;
  // Maximum number of networks to return. 0 indicates no limit.
  int32 limit = kNoLimit;
};

// Specialized unmanaged property types.

// Refers to whether the user or admin is allowing the APN to be used.
enum ApnState {
  // The APN is enabled in network settings. This indicates that the APN may be
  // used for cellular connectivity. However, it does not necessarily mean that
  // the APN *will* be used. If there are multiple custom APNs marked as
  // |kEnabled|, it is possible that one enabled APN will be used and another
  // will not be used.
  kEnabled,
  // The APN is disabled in network settings. This indicates that the APN won't
  // be used for cellular connectivity.
  kDisabled,
};

// Authentication types for APNs.
enum ApnAuthenticationType {
  kAutomatic,
  // Password Authentication Protocol
  kPap,
  // Challenge-Handshake Authentication Protocol
  kChap,
};

// IP types for APNs.
enum ApnIpType {
  kAutomatic,
  kIpv4,
  kIpv6,
  kIpv4Ipv6,
};

// Supported APN types.
enum ApnType {
  kDefault,
  kAttach,
  kTether,
};

// Sources for APNs.
enum ApnSource {
  kModem,
  kModb,
  kUi,
};

struct ApnProperties {
  string access_point_name;
  // This id will only be set for custom APNs.
  string? id;
  ApnAuthenticationType authentication;
  string? language;
  string? localized_name;
  string? name;
  string? password;
  string? username;
  // The attach property uses a string? instead of an enum to allow for possible
  // free-form entry in the future.
  // TODO(b/249550650) Remove attach after APN Revamp feature
  // has been completely transitioned.
  // TODO(b/249550650) Add all new properties to the
  // //components/onc/docs/onc_spec.md documentation.
  string? attach;
  // The state property will be used by Chrome to determine whether a custom APN
  // is disabled by the user or not. Chrome will filter out disabled APNs before
  // passing them to Shill.
  ApnState state;
  ApnIpType ip_type;
  array<ApnType> apn_types;
  ApnSource source;
};

struct RoamingProperties {
  bool allow_roaming;
};

struct CellularProviderProperties {
  string name;
  string code;
  string? country;
};

struct FoundNetworkProperties {
  string status;
  string network_id;
  string technology;
  string? short_name;
  string? long_name;
};

// A routing prefix can not be 0. Use 0 to indicate an unset value.
const int32 kNoRoutingPrefix = 0;

struct IPConfigProperties {
  string? gateway;
  // The IP address represented as a string, as provided by the configuration
  // manager (e.g. Shill) and/or the policy provider. It should be used for
  // display purposes only.
  string? ip_address;
  array<string>? excluded_routes;
  array<string>? included_routes;
  array<string>? name_servers;
  array<string>? search_domains;
  int32 routing_prefix = kNoRoutingPrefix;
  IPConfigType type;
  string? web_proxy_auto_discovery_url;
};

struct PaymentPortalProperties {
  string method;
  string? post_data;
  string? url;
};

// WireGuard per-peer properties. These properties are opaquely passed as
// strings to the platform daemon (e.g. Shill) and only from there are then
// parsed syntacticly.
// The syntax is as defined at https://www.wireguard.com/xplatform/.
// Particularly, |allowed_ips| is a comma-separated string of CIDR prefixes,
// and endpoint is a host name or IP address followed by ":port".
struct WireGuardPeerProperties {
  string public_key;
  // Note: when read by UI, |preshared_key| contains a placeholder if set to
  // avoid leaking secrets.
  string? preshared_key;
  string? allowed_ips;
  string? endpoint;
  int32 persistent_keepalive_interval;
};

// Managed property types. These types all share a common structure.
// The structure differs from the structure used in //components/onc which
// relies on optional boolean and integer values which are unsupported in mojo,
// and provides more detail than is required by the UI.

// active_value: The value provided by the configuration manager (e.g. Shill).
//     This will match |policy_value| when |policy_source| is enforced.
// policy_source: The source of the value provided by policy when available,
//     or kNone (see PolicySource in network_types.mojom).
// policy_value: The value provided by policy when available.

// Fundamental managed types.

struct ManagedBoolean {
  bool active_value;
  PolicySource policy_source = kNone;
  bool policy_value = false;
};

struct ManagedInt32 {
  int32 active_value = 0;
  PolicySource policy_source = kNone;
  int32 policy_value = 0;
};

struct ManagedString {
  string active_value;
  PolicySource policy_source = kNone;
  string? policy_value;
};

struct ManagedStringList {
  array<string> active_value;
  PolicySource policy_source = kNone;
  array<string>? policy_value;
};

// Specialized managed types.

struct ManagedApnProperties {
  ManagedString access_point_name;
  ManagedString? authentication;
  ManagedString? language;
  ManagedString? localized_name;
  ManagedString? name;
  ManagedString? password;
  ManagedString? username;
  // The attach property uses a string? instead of an enum to allow for possible
  // free-form entry in the future.
  ManagedString? attach;
};

struct ManagedApnList {
  array<ApnProperties> active_value;
  PolicySource policy_source = kNone;
  array<ApnProperties>? policy_value;
};

struct ManagedIssuerSubjectPattern {
  ManagedString? common_name;
  ManagedString? locality;
  ManagedString? organization;
  ManagedString? organizational_unit;
};

struct ManagedCertificatePattern {
  ManagedStringList? enrollment_uri;
  ManagedIssuerSubjectPattern? issuer;
  ManagedStringList? issuer_ca_ref;
  ManagedIssuerSubjectPattern? subject;
};

struct ManagedEAPProperties {
  ManagedString? anonymous_identity;
  ManagedCertificatePattern? client_cert_pattern;
  ManagedString? client_cert_pkcs11_id;
  ManagedString? client_cert_provisioning_profile_id;
  ManagedString? client_cert_ref;
  ManagedString? client_cert_type;
  ManagedStringList? domain_suffix_match;
  ManagedString? identity;
  ManagedString? inner;
  ManagedString? outer;
  // Note: |password| contains a placeholder if set to avoid leaking secrets.
  ManagedString? password;
  ManagedBoolean? save_credentials;
  ManagedStringList? server_ca_pems;
  ManagedStringList? server_ca_refs;
  ManagedSubjectAltNameMatchList? subject_alt_name_match;
  ManagedString? subject_match;
  ManagedString? tls_version_max;
  ManagedBoolean? use_proactive_key_caching;
  ManagedBoolean? use_system_cas;
};

struct ManagedSubjectAltNameMatchList {
  array<SubjectAltName> active_value;
  PolicySource policy_source = kNone;
  array<SubjectAltName> policy_value;
};

struct ManagedIPConfigProperties {
  ManagedString? gateway;
  // See comment for IPConfigProperties.
  ManagedString? ip_address;
  ManagedStringList? name_servers;
  ManagedInt32? routing_prefix;
  IPConfigType type;
  ManagedString? web_proxy_auto_discovery_url;
};

struct ManagedIPSecProperties {
  ManagedString authentication_type;
  ManagedCertificatePattern? client_cert_pattern;
  ManagedString? client_cert_pkcs11_id;
  ManagedString? client_cert_provisioning_profile_id;
  ManagedString? client_cert_ref;
  ManagedString? client_cert_type;
  ManagedEAPProperties? eap;
  ManagedString? group;
  ManagedInt32? ike_version;
  ManagedString? local_identity;
  // Note: |psk| contains a placeholder if set to avoid leaking secrets.
  ManagedString? psk;
  ManagedString? remote_identity;
  ManagedBoolean? save_credentials;
  ManagedStringList? server_ca_pems;
  ManagedStringList? server_ca_refs;
};

struct ManagedL2TPProperties {
  ManagedBoolean? lcp_echo_disabled;
  // Note: |password| contains a placeholder if set to avoid leaking secrets.
  ManagedString? password;
  ManagedBoolean? save_credentials;
  ManagedString? username;
};

struct ManagedProxyLocation {
  ManagedString host;
  ManagedInt32 port;
};

struct ManagedManualProxySettings {
  ManagedProxyLocation? http_proxy;
  ManagedProxyLocation? secure_http_proxy;
  ManagedProxyLocation? ftp_proxy;
  ManagedProxyLocation? socks;
};

struct ManagedProxySettings {
  ManagedString type;
  ManagedManualProxySettings? manual;
  ManagedStringList? exclude_domains;
  ManagedString? pac;
};

struct ManagedVerifyX509Properties {
  ManagedString? name;
  ManagedString? type;
};

struct ManagedOpenVPNProperties {
  ManagedString? auth;
  ManagedString? auth_retry;
  ManagedBoolean? auth_no_cache;
  ManagedString? cipher;
  ManagedString? client_cert_pkcs11_id;
  ManagedCertificatePattern? client_cert_pattern;
  ManagedString? client_cert_provisioning_profile_id;
  ManagedString? client_cert_ref;
  ManagedString? client_cert_type;
  ManagedString? compression_algorithm;
  ManagedStringList? extra_hosts;
  ManagedBoolean? ignore_default_route;
  ManagedString? key_direction;
  ManagedString? ns_cert_type;
  // Note: |password| contains a placeholder if set to avoid leaking secrets.
  ManagedString? password;
  ManagedInt32? port;
  ManagedString? proto;
  ManagedBoolean? push_peer_info;
  ManagedString? remote_cert_eku;
  ManagedStringList? remote_cert_ku;
  ManagedString? remote_cert_tls;
  ManagedInt32? reneg_sec;
  ManagedBoolean? save_credentials;
  ManagedStringList? server_ca_pems;
  ManagedStringList? server_ca_refs;
  ManagedString? server_cert_ref;
  ManagedInt32? server_poll_timeout;
  ManagedInt32? shaper;
  ManagedString? static_challenge;
  ManagedString? tls_auth_contents;
  ManagedString? tls_remote;
  ManagedString? tls_version_min;
  ManagedString? user_authentication_type;
  ManagedString? username;
  ManagedString? verb;
  ManagedString? verify_hash;
  ManagedVerifyX509Properties? verify_x509;
};

struct ManagedWireGuardPeerList {
  array<WireGuardPeerProperties> active_value;
  PolicySource policy_source = kNone;
  array<WireGuardPeerProperties>? policy_value;
};

struct ManagedWireGuardProperties {
  ManagedStringList? ip_addresses;
  // Note: |private_key| is not readable to avoid leaking secrets.
  ManagedString? private_key;
  ManagedString? public_key;
  ManagedWireGuardPeerList peers;
};

// Managed NetworkType specific dictionaries.

struct ManagedCellularProperties {
  ActivationStateType activation_state;
  // Note: |sim_locked| field is not part of ONC spec.
  bool sim_locked = false;
  ManagedBoolean? allow_roaming;
  ManagedBoolean? allow_text_messages;
  ManagedApnList? apn_list;
  ManagedBoolean? auto_connect;
  // List of user-entered custom APN entries. Note: This field is not
  // part of ONC spec.
  array<ApnProperties>? custom_apn_list;
  string? eid;
  string? esn;
  string? family;
  string? firmware_revision;
  array<FoundNetworkProperties>? found_networks;
  string? hardware_revision;
  CellularProviderProperties? home_provider;
  string? iccid;
  string? imei;
  // TODO(b/249550650) Remove last_good_apn after APN Revamp
  // feature has been completely transitioned.
  ApnProperties? last_good_apn;
  // The APN used to connect to the network. Note: This field is not
  // part of ONC, and it is set only when the kApnRevamp flag is enabled.
  ApnProperties? connected_apn;
  string? manufacturer;
  string? mdn;
  string? meid;
  string? min;
  string? model_id;
  string? network_technology;
  string sim_lock_type;
  PaymentPortalProperties? payment_portal;
  string? roaming_state;
  // The current user selected APN. This corresponds to APN field in ONC.
  // TODO(b/249550650) Remove selected_apn after APN Revamp
  // feature has been completely transitioned.
  ManagedApnProperties? selected_apn;
  CellularProviderProperties? serving_operator;
  int32 signal_strength = 0;
  bool support_network_scan = false;
};

struct ManagedEthernetProperties {
  // This represents the configured authentication type for an Ethernet network.
  // Note: This might not match the State value (which uses an enum instead of
  // a managed string) if the EAP configuration can not be applied (e.g. when
  // no certificate is installed).
  ManagedString? authentication;
  ManagedEAPProperties? eap;
};

struct ManagedVPNProperties {
  ManagedBoolean? auto_connect;
  // Note: in the case of WireGuard VPN |host| is not relevant and contains a
  // placeholder value.
  ManagedString? host;
  ManagedIPSecProperties? ip_sec;
  ManagedL2TPProperties? l2tp;
  ManagedOpenVPNProperties? open_vpn;
  ManagedWireGuardProperties? wireguard;
  ManagedString? provider_id;
  string provider_name;
  VpnType type;
};

struct ManagedWiFiProperties {
  ManagedBoolean? allow_gateway_arp_polling;
  ManagedBoolean? auto_connect;
  string? bssid;
  ManagedEAPProperties? eap;
  int32 frequency = 0;
  array<int32>? frequency_list;
  ManagedString? hex_ssid;
  ManagedBoolean? hidden_ssid;
  // Note: |passphrase| contains a placeholder if set to avoid leaking secrets.
  ManagedString? passphrase;
  ManagedString ssid;
  SecurityType security;
  int32 signal_strength = 0;
  // Indicates whether the network is eligible to be included in Chrome Sync.
  bool is_syncable;
  // True for unshared networks and for shared networks configured by the
  // active user.  Updated whenever the passphrase is modified.
  bool is_configured_by_active_user;
  // Identifier of the set of Passpoint credentials that populated this service.
  // Will be used to display the credentials.
  string? passpoint_id;
  // Network tier deduced from the match between the Wi-Fi network and the
  // Passpoint credentials.
  MatchType passpoint_match_type;
};

union NetworkTypeManagedProperties {
  ManagedCellularProperties cellular;
  ManagedEthernetProperties ethernet;
  // Tether has no managed properties. Provide TetherStateProperties for display
  // purposes.
  TetherStateProperties tether;
  ManagedVPNProperties vpn;
  ManagedWiFiProperties wifi;
};

struct UInt32Value {
  uint32 value;
};

struct TrafficCounterProperties {
  // Time when the traffic counters for a Service were last reset.
  mojo_base.mojom.Time? last_reset_time;
  // A friendly formatted sentence representing the |last_reset_time| as a
  // date, e.g., Monday, March 6, 2008. This value takes locale into account.
  string? friendly_date;
  // Whether traffic counters are reset automatically.
  bool auto_reset;
  // User selected day of month when traffic counters are reset.
  uint32 user_specified_reset_day;
};

// Managed properties provided by getManagedProperties. See
// //components/onc/docs/onc_spec.md for details about each property.
struct ManagedProperties {
  // Typed properties for compatibility with NetworkStateProperties.
  ConnectionStateType connection_state = kNotConnected;
  OncSource source;
  // Other properties and property dictionaries use ONC strings for values.
  bool connectable = false;
  string? error_state;
  string guid;
  ManagedString ip_address_config_type;
  array<IPConfigProperties>? ip_configs;
  ManagedBoolean? metered;
  ManagedString? name;
  ManagedString name_servers_config_type;
  ManagedInt32? priority;
  ManagedProxySettings? proxy_settings;
  PortalState portal_state = kUnknown;
  ManagedIPConfigProperties? static_ip_config;
  IPConfigProperties? saved_ip_config;
  // |type| is explicitly provided here to simplify UI code and will always
  // match the type of |type_properties|, which will always be provided.
  NetworkType type;
  NetworkTypeManagedProperties type_properties;
  // Contains traffic counter related information for this network. This field
  // is only applicable for Cellular and WiFi networks when
  // TrafficCountersEnabled and TrafficCountersForWiFiTesting, respectively, is
  // enabled.
  TrafficCounterProperties? traffic_counter_properties;
};

// Properties for SetProperties and ConfigureNetwork. All of the top level
// properties and many nested properties are optional so that sparse
// configurations can be provided, e.g. just the |auto_connect| property can
// be changed. The ONC validation code
// (chromeos/ash/components/network/onc/onc_validator.cc) ensures that
// configurations are valid before translating and passing them to Shill.

// Wrapper to allow optional auto_connect configuration.
struct AutoConnectConfig {
  bool value;
};

// Wrapper to allow optional metered configuration.
struct MeteredConfig {
  bool value;
};

// Wrapper to allow optional priority configuration.
struct PriorityConfig {
  int32 value;
};

// Wrapper to allow optional VpnType configuration. Note: only configuration of
// internal VPN types (kOpenVPN and kL2TPIPsec) is supported.
// TODO(crbug.com/40489779): Remove wrapper once optional enums are supported.
struct VpnTypeConfig {
  VpnType value;
};

struct ProxyLocation {
  string host;
  int32 port;
};

struct ManualProxySettings {
  ProxyLocation? http_proxy;
  ProxyLocation? secure_http_proxy;
  ProxyLocation? ftp_proxy;
  ProxyLocation? socks;
};

struct ProxySettings {
  string type;
  ManualProxySettings? manual;
  array<string>? exclude_domains;
  string? pac;
};

struct EAPConfigProperties {
  string? anonymous_identity;
  string? client_cert_pkcs11_id;
  string? client_cert_type;
  array<string> domain_suffix_match;
  string? identity;
  string? inner;
  string? outer;
  string? password;
  bool save_credentials = false;
  array<string>? server_ca_pems;
  array<SubjectAltName> subject_alt_name_match;
  string? subject_match;
  bool use_system_cas = false;
};

struct SubjectAltName {
  enum Type {
    kEmail,
    kDns,
    kUri
  };
  Type type;
  string value;
};

// Subset of currently implemented config properties in the UI. Additional
// optional properties from //components/onc/docs/onc_spec.md may be added as
// needed.
struct IPSecConfigProperties {
  string authentication_type;
  string? client_cert_pkcs11_id;
  string? client_cert_type;
  EAPConfigProperties? eap;
  string? group;
  int32 ike_version = 1;
  string? local_identity;
  string? psk;
  string? remote_identity;
  bool save_credentials = false;
  array<string>? server_ca_pems;
  array<string>? server_ca_refs;
};

// Subset of currently implemented config properties in the UI. Additional
// optional properties from //components/onc/docs/onc_spec.md may be added as
// needed.
struct L2TPConfigProperties {
  bool lcp_echo_disabled = false;
  string? password;
  bool save_credentials = false;
  string? username;
};

// Subset of currently implemented config properties in the UI. Additional
// optional properties from //components/onc/docs/onc_spec.md may be added as
// needed.
struct OpenVPNConfigProperties {
  string? client_cert_pkcs11_id;
  string? client_cert_type;
  array<string>? extra_hosts;
  string? otp;
  string? password;
  bool save_credentials = false;
  array<string>? server_ca_pems;
  array<string>? server_ca_refs;
  string? username;
  string? user_authentication_type;
};

// The WireGuard config properties implemented in UI.
struct WireGuardConfigProperties {
  // List of IP addresses in string representation (case-insensitive for IPv6)
  // to be configured on the WireGuard interface.
  array<string>? ip_addresses;
  // Private key of local peer, or empty string to indicate a key should be
  // generated by shill, or null to indicate the current stored key should be
  // kept unchanged.
  string? private_key;
  // List of peers. See WireGuardPeerProperties for detail.
  array<WireGuardPeerProperties>? peers;
};

struct TextMessagesAllowState {
  bool allow_text_messages;
};

// Only one of {Cellular|Ethernet|VPN|Wifi}ConfigProperties is allowed.
// TODO(stevenjb): Make these a union.
struct CellularConfigProperties {
  // TODO(b/249550650) Remove apn after APN Revamp feature
  // has been completely transitioned.
  ApnProperties? apn;
  // If not provided the default allow_roaming behavior will be used for the
  // network.
  RoamingProperties? roaming;

  // If not provided the existing user/policy set behavior
  // text_message_allow_state will be used.
  TextMessagesAllowState? text_message_allow_state;
};

struct EthernetConfigProperties {
  // |authentication| will default to "none" if not provided for new configs.
  // TODO(crbug.com/40489779): Use AuthenticationType here.
  string? authentication;
  EAPConfigProperties? eap;
};

struct VPNConfigProperties {
  string? host;
  IPSecConfigProperties? ip_sec;
  L2TPConfigProperties? l2tp;
  OpenVPNConfigProperties? open_vpn;
  WireGuardConfigProperties? wireguard;
  // |type| is required for new configs, optional otherwise.
  VpnTypeConfig? type;
};

struct WiFiConfigProperties {
  EAPConfigProperties? eap;
  string? passphrase;
  // |ssid| is required for new configurations, optional otherwise.
  string? ssid;
  SecurityType security = kNone;
  // Whether the AP has a hidden SSID.
  HiddenSsidMode hidden_ssid = kAutomatic;
};

union NetworkTypeConfigProperties {
  CellularConfigProperties cellular;
  EthernetConfigProperties ethernet;
  VPNConfigProperties vpn;
  WiFiConfigProperties wifi;
};

struct ConfigProperties {
  AutoConnectConfig? auto_connect;
  // An optional guid may be provided when configuring a visible network to
  // preserve the existing guid.
  string? guid;
  string? ip_address_config_type;
  MeteredConfig? metered;
  // Name is only required for new configurations.
  string? name;
  string? name_servers_config_type;
  PriorityConfig? priority;
  ProxySettings? proxy_settings;
  IPConfigProperties? static_ip_config;
  // NetworkType is inferred from |type_config|.
  NetworkTypeConfigProperties type_config;
};

// Properties provided to SetCellularSimState.
struct CellularSimState {
  // The current PIN or PUK. Required for unlocking the SIM, or when setting
  // |require_pin|.
  string current_pin_or_puk;
  // If provided change the PIN to |new_pin|. Required if the SIM is PUK locked.
  string? new_pin;
  // Whether a PIN should be required. Ignored when unlocking a locked SIM.
  bool require_pin;
};

// Properties provided by GetGlobalPolicy. These properties affect network
// configuration as a whole instead of individual network configurations.
// Default values should be explicitly provided for boolean values.
struct GlobalPolicy {
  // If true, users will be allowed to modify APNs.
  bool allow_apn_modification = true;

  // If true, allow PIN locking of SIMs attached to the device.
  // If false, PIN locking is prohibited.
  bool allow_cellular_sim_lock = true;

  // If true, users will be allowed to turn on cellular hotspot.
  bool allow_cellular_hotspot = true;

  // If true, only cellular networks present in policy may be connected to and
  // no new networks may be added or configured.
  bool allow_only_policy_cellular_networks = false;

  // If true, only policy networks may auto connect.
  bool allow_only_policy_networks_to_autoconnect = false;

  // If true, only WiFi networks present in policy may be connected to and no
  // new networks may be added or configured.
  bool allow_only_policy_wifi_networks_to_connect = false;

  // If true and a managed network is available in the visible network list,
  // only WiFi networks present in policy may be connected to and no new
  // networks may be added or configured.
  bool allow_only_policy_wifi_networks_to_connect_if_available = false;

  // Indicates if the DNS queries can be used to monitor user traffic via user
  // or device identifiers in the secure DNS URI templates.
  bool dns_queries_monitored = false;

  // Indicates if the deviceReportXDREvents policy is enabled. When enabled
  // user's network activity will be monitored/reported for system security.
  bool report_xdr_events_enabled = false;

  // List of blocked networks which can not be connected to.
  array<string> blocked_hex_ssids;

  // If true, ChromeOS wipes "Recommended" values in shared managed networks on
  // some occasions (see //components/onc/docs/onc_spec.md).
  bool recommended_values_are_ephemeral = false;

  // If true, ChromeOS deletes shared non-managed on some occasions (see
  // //components/onc/docs/onc_spec.md).
  bool user_created_network_configurations_are_ephemeral = false;

  // If set to kAllow, ChromeOS will allow showing text message notifications,
  // when set to kSuppress, notifications will not be shown, when kUnset
  // allows configuration by the user. (see //components/onc/docs/onc_spec.md).
  SuppressionType allow_text_messages = kUnset;
};

// Type of the allow text messages property, mapped from onc strings. (see
// components/onc/docs/onc_spec.md)
enum SuppressionType {
kUnset,
kAllow,
kSuppress,
};

// VPN providers for type kExtension and kArc are set via SetVpnProviders and
// stored in the service implementation. Clients may retrieve the current list
// and receive observer events to track changes to the list. The list of
// providers is only used by UI code, they are not sent to the connection
// manager (Shill).
struct VpnProvider {
  // Only type kExtension and kArc should be used here. Other provider types
  // are internal to Shill and implicit; VpnProvider properties will be ignored.
  VpnType type;
  // Extension id (GUID) or Arc package name, e.g. myvpn.app.package.
  string provider_id;
  // Extension provider name or Arc app name, e.g. MyVPN.
  string provider_name;
  // Extension id (GUID) or Arc app id (GUID), used to launch the VPN UI.
  string app_id;
  // Last launch time of the VPN.
  mojo_base.mojom.Time last_launch_time;
};

// Information about a network certificate for the purpose of selecting an
// available certificate in a UI and providing information in a ConfigProperties
// struct to SetProperties or ConfigureNetwork. No private information should
// be included here.
struct NetworkCertificate {
  CertificateType type;
  // Unique hash for the certificate, used to uniquely identify certificates.
  string hash;
  // Certificate issuer common name for display in a UI.
  string issued_by;
  // Certificate name or nickname for display in a UI.
  string issued_to;
  // For server certificate authorities (type == kServerCA), this contains the
  // public certificate in PEM format.
  // For user certificates, this contains the  PKCS#11 id to be passed to the
  // configuration manager (Shill) for retrieving the encrypted certificate.
  // This will be used in the appropriate ConfigProperties dictionary.
  // TODO(crbug.com/40100073): Use a union here instead once the issue is fixed.
  string pem_or_id;
  // Whether the certificate is available for network authentication.
  bool available_for_network_auth;
  // Whether the certificate is hardware backed.
  bool hardware_backed;
  // Whether the certificate is device wide (i.e. stored in a shared profile,
  // not a user specific profile).
  bool device_wide;
};

// Always-on VPN configuration obtained with GetAlwaysOnVpn and set using
// SetAlwaysOnVpn for the purpose of enabling/disabling the feature and choosing
// the service to be automatically started.
struct AlwaysOnVpnProperties {
  // Always-on VPN operating mode.
  AlwaysOnVpnMode mode;
  // GUID of the VPN service managed by always-on VPN. This can be configured
  // independently of |mode|, but it expected to be only used when |mode| is not
  // AlwaysOnVpnMode::kOff.
  string service_guid;
};

// Source of the traffic. These sources are kept in sync with
// third_party/cros_system_api/dbus/shill/dbus-constants.h.
enum TrafficCounterSource {
  kUnknown,
  kChrome,
  kUser,
  kArc,
  kCrosvm,
  kPluginvm,
  kUpdateEngine,
  kVpn,
  kSystem,
};

// Information about a traffic counter for a single source.
struct TrafficCounter {
  // Source of traffic.
  TrafficCounterSource source;
  // Corresponds to the number of bytes received by |source| since the last
  // reset.
  uint64 rx_bytes;
  // Corresponds to the number of bytes transmitted by |source| since the last
  // reset.
  uint64 tx_bytes;
};

// Interface for fetching and setting network configuration properties, e.g.
// from Settings WebUI or the SystemTray.
interface CrosNetworkConfig {
  AddObserver(pending_remote<CrosNetworkConfigObserver> observer);

  // Returns the state properties of the network matching |guid|. If the network
  // is not available returns null.
  GetNetworkState(string guid) => (NetworkStateProperties? result);

  // Returns a list of Network properties matching |filter|. Networks are
  // ordered by the system based on their priority, with active networks listed
  // first.
  GetNetworkStateList(NetworkFilter filter) =>
    (array<NetworkStateProperties> result);

  // Returns a list of Device properties.
  GetDeviceStateList() => (array<DeviceStateProperties> result);

  // Returns the managed properties of the network matching |guid|. The result
  // is an ONC dictionary with well defined property keys and managed ONC value
  // dictionaries (e.g. ManagedString). If the network properties are not
  // available returns null.
  GetManagedProperties(string guid) => (ManagedProperties? result);

  // Sets properties for the network matching |guid|. |properties.guid| must be
  // null or match |guid|, otherwise it will fail with an invalid input error.
  // If |success| is false, |error_message| provides a string identifying the
  // error. The string may be a Shill error, or an error token provided by the
  // NetworkHandler layer. JS localization for a common subset of these is
  // provided by network_element::AddErrorLocalizedStrings.
  // TODO(1004434): Consider enumerating these.
  SetProperties(string guid, ConfigProperties properties) =>
    (bool success, string error_message);

  // Configures a new network with |properties|. If |properties.guid| is
  // provided, an existing configuration must exist and match the provided
  // |properties|. Returns the guid of the new network configuration on success.
  // A null guid indicates that the properties were invalid or incomplete. See
  // SetProperties for notes on errorMessage.
  ConfigureNetwork(ConfigProperties properties, bool shared) =>
    (string? guid, string error_message);

  // Forgets an existing network configuration matching |guid| by clearing all
  // configured properties. Returns true if the network exists and is
  // successfully removed.
  ForgetNetwork(string guid) => (bool success);

  // Sets a single network type (e.g. WiFi) to enabled or disabled. Types
  // describing multiple technologies (e.g. kWireless) are not supported.
  // Returns false if the type is invalid, unavailable, or can not be disabled.
  // CrosNetworkConfigObserver::OnDeviceStateListChanged() can be used to be
  // notified when the enabled state changes.
  SetNetworkTypeEnabledState(NetworkType type, bool enabled) => (bool success);

  // Sets the SIM state for the primary Cellular device:
  // * If no SIM is present, returns false.
  // * If the SIM is PUK locked, attempts to unlock the SIM with the provided
  //   |current_pin_or_puk| value and set a new SIM value to |new_pin| which
  //   must be provided. |pin_required| is ignored. Returns true on success.
  // * If the SIM is PIN locked, attempts to unlock the SIM with the provided
  //   |current_pin_or_puk| value. |pin_required| is ignored. Returns true on
  //   success.
  // * If the SIM is unlocked, |current_pin_or_puk| must match the current PIN.
  //   * If |new_pin| if provided, attempts to set the new PIN.
  //   * Otherwise attempts to set the pin required state to |pin_required|.
  //   * Returns true if the operation succeeded.
  SetCellularSimState(CellularSimState state) => (bool success);

  // Selects which Cellular mobile network to use. |network_id| must match a
  // FoundNetworkProperties.network_id for an entry in the
  // ManagedProperties.found_networks property for the specified Cellular
  // network. Returns true if the operation succeeded.
  SelectCellularMobileNetwork(string guid, string network_id) => (bool success);

  // Requests a scan for new networks. If the list updates,
  // CrosNetworkConfigObserver::OnNetworkStateListChanged() will be signaled.
  // Note: If |type| is Cellular, a mobile network scan will be requested
  // if supported. This is disruptive and should only be triggered by an
  // explicit user action.
  RequestNetworkScan(NetworkType type);

  // Returns the global policy properties. These properties are not expected to
  // change during a session.
  GetGlobalPolicy() => (GlobalPolicy result);

  // Starts a connection to the network matching |guid|. The response returns
  // |result| when the connect request is sent or is determined unable to be
  // sent, not when the operation completes. Use CrosNetworkConfigObserver to
  // observe the connection state after a successful request. If the result is
  // not kSuccess, |message| will contain a descriptive string for debugging.
  StartConnect(string guid) => (StartConnectResult result, string message);

  // Starts a disconnect from the network matching |guid|. The response returns
  // true when the disconnect request is sent if the network exists and is
  // connected, or false if not. Use CrosNetworkConfigObserver to observe the
  // connection state after a successful request.
  StartDisconnect(string guid) => (bool success);

  // Provides a list of external VPN providers. Used to populate provider name
  // in VPN properties, returned from GetVpnProviders, and sent to observers.
  SetVpnProviders(array<VpnProvider> providers);

  // Returns the list of external VPN providers.
  GetVpnProviders() => (array<VpnProvider> providers);

  // Returns the lists of server certificate authorities and user certificates
  // available for network configuration. See NetworkCerificate for more info.
  GetNetworkCertificates() => (array<NetworkCertificate> server_cas,
                               array<NetworkCertificate> user_certs);

  // Returns the current always-on VPN configuration.
  GetAlwaysOnVpn() => (AlwaysOnVpnProperties properties);

  // Sets the always-on VPN mode and service with |properties.mode| and
  // |properties.service_guid|. The service GUID must match a VPN service.
  SetAlwaysOnVpn(AlwaysOnVpnProperties properties);

  // Returns the list of supported VPN types.
  GetSupportedVpnTypes() => (array<string> vpn_types);

  // Requests traffic counters for a service with ID |guid|.
  RequestTrafficCounters(string guid) =>
    (array<TrafficCounter> traffic_counters);

  // Resets traffic counters for a service with ID |guid|.
  ResetTrafficCounters(string guid);

  // Sets the traffic counters reset day. In order for |day| to be valid, it
  // must be within the limit 1 <= |day| <= 31.
  SetTrafficCountersResetDay(string guid, UInt32Value? day) => (bool success);

  // Creates a new APN for the cellular network with ID |network_guid|, and
  // appends it to |custom_apn_list|. Should only be called when the APN
  // Revamp feature flag is enabled.
  CreateCustomApn(string network_guid, ApnProperties apn) =>
    (bool success);

  // Creates a new APN for the cellular network with ID |network_guid|,
  // appends it to |custom_apn_list| in the enabled state, and disables
  // all other existing custom APNs. Should only be called when the APN
  // Revamp feature flag is enabled.
  CreateExclusivelyEnabledCustomApn(string network_guid, ApnProperties apn) =>
    (bool success);

  // Removes the APN with ID |apn_id| from |custom_apn_list| for the cellular
  // network with ID |network_guid|. Should only be called when the APN
  // Revamp feature flag is enabled.
  RemoveCustomApn(string network_guid, string apn_id);

  // Finds the APN that matches |apn.id| in |custom_apn_list| for the network
  // with ID |network_guid|. If found, replaces the content with |apn|.
  // Should only be called when the APN Revamp feature flag is enabled.
  ModifyCustomApn(string network_guid, ApnProperties apn);
};

interface CrosNetworkConfigObserver {
  // Fired when properties of any active network or previously active network
  // change. Provides all currently active network states.
  OnActiveNetworksChanged(array<NetworkStateProperties> networks);

  // Fired when the properties of a specific network state change. For active
  // networks this will be fired in addition to OnActiveNetworksChanged. For
  // other networks it will fire when the configuration changes or a non
  // active property changes (e.g. signal_strength).
  OnNetworkStateChanged(NetworkStateProperties network);

  // Fired when the list of networks changes.
  // CrosNetworkConfig::GetNetworkStateList() can be used to get the network
  // states.
  OnNetworkStateListChanged();

  // Fired when the list of devices changes or a device property changes.
  // CrosNetworkConfig::GetDeviceStateList() can be used to retrieve the device
  // states.
  OnDeviceStateListChanged();

  // Fired when the list of VPN providers changes. Use GetVpnProviders if the
  // updated provider list is required.
  OnVpnProvidersChanged();

  // Fired when the server CA or user certificate lists change. Use
  // GetNetworkCertificates if the updated certificate lists are required.
  OnNetworkCertificatesChanged();

  // Fired when managed policies for |userhash| are applied to networks.
  OnPoliciesApplied(string userhash);
};