| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/extensions/api/identity/web_auth_flow.h" |
| 6 |
| 7 #include "base/location.h" |
| 8 #include "base/message_loop.h" |
| 9 #include "base/stringprintf.h" |
| 10 #include "base/string_util.h" |
| 11 #include "content/public/browser/invalidate_type.h" |
| 12 #include "content/public/browser/navigation_controller.h" |
| 13 #include "content/public/browser/web_contents.h" |
| 14 #include "ipc/ipc_message.h" |
| 15 |
| 16 using content::BrowserContext; |
| 17 using content::WebContents; |
| 18 using content::WebContentsDelegate; |
| 19 |
| 20 namespace { |
| 21 |
| 22 static const char kChromeExtensionSchemeUrlPattern[] = |
| 23 "chrome-extension://%s/"; |
| 24 static const char kChromiumDomainRedirectUrlPattern[] = |
| 25 "https://%s.chromiumapp.org/"; |
| 26 |
| 27 } // namespace |
| 28 |
| 29 namespace extensions { |
| 30 |
| 31 WebAuthFlow::WebAuthFlow( |
| 32 Delegate* delegate, |
| 33 BrowserContext* browser_context, |
| 34 const std::string& extension_id, |
| 35 const GURL& provider_url) |
| 36 : delegate_(delegate), |
| 37 browser_context_(browser_context), |
| 38 provider_url_(provider_url), |
| 39 contents_(NULL), |
| 40 window_(NULL) { |
| 41 InitValidRedirectUrlPrefixes(extension_id); |
| 42 } |
| 43 |
| 44 WebAuthFlow::~WebAuthFlow() { |
| 45 if (window_) |
| 46 delete window_; |
| 47 if (contents_) { |
| 48 contents_->SetDelegate(NULL); |
| 49 contents_->Stop(); |
| 50 // Tell message loop to delete contents_ instead of deleting it |
| 51 // directly since destructor can run in response to a callback from |
| 52 // contents_. |
| 53 MessageLoop::current()->DeleteSoon(FROM_HERE, contents_); |
| 54 } |
| 55 } |
| 56 |
| 57 void WebAuthFlow::Start() { |
| 58 contents_ = CreateWebContents(); |
| 59 contents_->SetDelegate(this); |
| 60 contents_->GetController().LoadURL( |
| 61 provider_url_, |
| 62 content::Referrer(), |
| 63 content::PAGE_TRANSITION_START_PAGE, |
| 64 std::string()); |
| 65 } |
| 66 |
| 67 void WebAuthFlow::LoadingStateChanged(WebContents* source) { |
| 68 if (source->IsLoading()) |
| 69 return; |
| 70 OnUrlLoaded(); |
| 71 } |
| 72 |
| 73 void WebAuthFlow::NavigationStateChanged( |
| 74 const WebContents* source, unsigned changed_flags) { |
| 75 // If the URL has not changed, do not perform the check again (for |
| 76 // efficiency). |
| 77 if ((changed_flags & content::INVALIDATE_TYPE_URL) == 0) |
| 78 return; |
| 79 |
| 80 // If the URL is a valid extension redirect URL, capture the |
| 81 // results and end the flow. |
| 82 const GURL& url = source->GetURL(); |
| 83 |
| 84 if (IsValidRedirectUrl(url)) { |
| 85 ReportResult(url); |
| 86 return; |
| 87 } |
| 88 } |
| 89 |
| 90 WebContents* WebAuthFlow::CreateWebContents() { |
| 91 return WebContents::Create( |
| 92 browser_context_, NULL, MSG_ROUTING_NONE, NULL, NULL); |
| 93 } |
| 94 |
| 95 WebAuthFlowWindow* WebAuthFlow::CreateAuthWindow() { |
| 96 return WebAuthFlowWindow::Create(this, browser_context_, contents_); |
| 97 } |
| 98 |
| 99 void WebAuthFlow::OnUrlLoaded() { |
| 100 if (!window_) { |
| 101 window_ = CreateAuthWindow(); |
| 102 // TODO(munjal): Remove this null check once we have implementations |
| 103 // of WebAuthFlowWindow on all platforms. |
| 104 if (!window_) |
| 105 ReportResult(GURL()); |
| 106 else |
| 107 window_->Show(); |
| 108 } |
| 109 } |
| 110 |
| 111 void WebAuthFlow::OnClose() { |
| 112 ReportResult(GURL()); |
| 113 } |
| 114 |
| 115 void WebAuthFlow::ReportResult(const GURL& result) { |
| 116 if (!delegate_) |
| 117 return; |
| 118 |
| 119 if (result.is_empty()) { |
| 120 delegate_->OnAuthFlowFailure(); |
| 121 } else { |
| 122 // TODO(munjal): Consider adding code to parse out access token |
| 123 // from some common places (e.g. URL fragment) so the apps don't |
| 124 // have to do that work. |
| 125 delegate_->OnAuthFlowSuccess(result.spec()); |
| 126 } |
| 127 |
| 128 // IMPORTANT: Do not access any members after calling the delegate |
| 129 // since the delegate can destroy |this| in the callback and hence |
| 130 // all data members are invalid after that. |
| 131 } |
| 132 |
| 133 void WebAuthFlow::InitValidRedirectUrlPrefixes( |
| 134 const std::string& extension_id) { |
| 135 valid_prefixes_.push_back(base::StringPrintf( |
| 136 kChromeExtensionSchemeUrlPattern, extension_id.c_str())); |
| 137 valid_prefixes_.push_back(base::StringPrintf( |
| 138 kChromiumDomainRedirectUrlPattern, extension_id.c_str())); |
| 139 } |
| 140 |
| 141 bool WebAuthFlow::IsValidRedirectUrl(const GURL& url) const { |
| 142 std::vector<std::string>::const_iterator iter; |
| 143 for (iter = valid_prefixes_.begin(); iter != valid_prefixes_.end(); ++iter) { |
| 144 if (StartsWithASCII(url.spec(), *iter, false)) |
| 145 return true; |
| 146 } |
| 147 return false; |
| 148 } |
| 149 |
| 150 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10178020:
Start implementing an auth flow for platform apps to be able to do auth (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/