Start implementing an auth flow for platform apps to be able to do auth

chrome/browser/extensions/api/identity/extension_auth_flow.h

Index: chrome/browser/extensions/api/identity/extension_auth_flow.h
===================================================================
--- chrome/browser/extensions/api/identity/extension_auth_flow.h	(revision 0)
+++ chrome/browser/extensions/api/identity/extension_auth_flow.h	(revision 0)
@@ -0,0 +1,95 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_EXTENSIONS_API_IDENTITY_EXTENSION_AUTH_FLOW_H_
+#define CHROME_BROWSER_EXTENSIONS_API_IDENTITY_EXTENSION_AUTH_FLOW_H_
+#pragma once
+
+#include <string>
+#include <vector>
+
+#include "base/memory/scoped_ptr.h"
+#include "content/public/browser/web_contents.h"

[Mihai Parparita -not on Chrome, 2012/05/04 22:37:18]

Seems like you can just forward-declare WebContents, since you only use pointers
to it in this file.

[Munjal (Google), 2012/05/08 19:26:35]

Done. I started out using scoped_ptr (which I think requires full definition).
Don't need scoped_ptr anymore. Good catch.

+#include "content/public/browser/web_contents_delegate.h"
+#include "googleurl/src/gurl.h"
+#include "ui/views/controls/webview/webview.h"

[Mihai Parparita -not on Chrome, 2012/05/04 22:37:18]

Ditto for WebView and Widget.

[Mihai Parparita -not on Chrome, 2012/05/04 22:37:18]

Also, this is views-only code, so you'll need to have some mechanisms for
supporting this in a cross-platform way.

It's fine for this CL to only implement the flow on Windows, but I believe the
code as is will not even build on Linux or Mac.

[Munjal (Google), 2012/05/08 19:26:35]

Done.

[Munjal (Google), 2012/05/08 19:26:35]

I didn't realize I am using Windows / ChromeOS specific UI classes. Do you have
an example of some apps V2 code that does this correctly that I can look at?

+#include "ui/views/widget/widget.h"
+#include "ui/views/widget/widget_delegate.h"
+
+namespace content {
+class BrowserContext;
+}
+
+namespace extensions {
+
+// Controller class to perform an auth flow with a provider.
+// This is the class to start the auth flow and it takes care of all the
+// details. It behaves the following way:
+// Given a provider URL, load the URL and perform usual web navigation

[Mihai Parparita -not on Chrome, 2012/05/04 22:37:18]

To make this clearer, perhaps mention that the provider URL needs to indicate to
the provider a specific style of callback URL, so that this flow can intercept
it.

[Munjal (Google), 2012/05/08 19:26:35]

Actually I added a TODo to add a link to the design doc since I don't want to
repeat everything in the design doc here.

+// until it results in redirection to a valid extension redirect URL.
+// The provider can show a web page to the user if needed before redirecting
+// to an appropriate URL.
+class ExtensionAuthFlow : public content::WebContentsDelegate,

[Mihai Parparita -not on Chrome, 2012/05/04 22:37:18]

"ExtensionAuthFlow" isn't that descriptive. GenericDelegatedAuthFlow perhaps?
(it's already in the extensions namespace, so need for that in the name).

[Munjal (Google), 2012/05/08 19:26:35]

How about WebAuthFlow?

[Mihai Parparita -not on Chrome, 2012/05/08 21:33:30]

Sounds good.

+                          public views::WidgetDelegate {
+ public:
+  class Delegate {
+   public:
+    // Called when the auth flow is completed successfully.
+    // |redirect_url| is the full URL the provider redirected to at the end
+    // of the flow.
+    virtual void OnAuthFlowCompleted(const std::string& redirect_url) = 0;
+    // Called when the auth flow fails. This means that the flow did not result
+    // in a successful redirect to a valid redirect URL or the user canceled
+    // the flow.
+    virtual void OnAuthFlowFailed() = 0;
+  };
+
+  // Creates an instance with the given parameters.
+  ExtensionAuthFlow(Delegate* delegate,
+                    content::BrowserContext* browser_context,
+                    const std::string& extension_id,
+                    const GURL& provider_url);
+  ~ExtensionAuthFlow();
+
+  // Starts the flow.
+  // Delegate will be called when the flow is done.
+  void Start();
+
+ private:
+  // WebContentsDelegate implementation.
+  virtual void LoadingStateChanged(content::WebContents* source) OVERRIDE;
+  virtual void NavigationStateChanged(
+      const content::WebContents* source, unsigned changed_flags) OVERRIDE;
+
+  // WidgetDelegate implementation.
+  virtual views::View* GetContentsView() OVERRIDE;
+  virtual views::Widget* GetWidget() OVERRIDE;
+  virtual const views::Widget* GetWidget() const OVERRIDE;
+  virtual views::View* GetInitiallyFocusedView() OVERRIDE;
+  virtual void DeleteDelegate() OVERRIDE;
+
+  void OnUrlLoaded();
+  // Reports the results back to the delegate.
+  void ReportResult();
+  // Checks if |url| is a valid redirect URL for the extension.
+  bool IsValidExtensionRedirectUrl(const GURL& url) const;
+
+  Delegate* delegate_;

[Avi (use Gerrit), 2012/05/07 23:31:13]

What is the ownership story here? Make sure to use scoped_ptr as appropriate.

[Munjal (Google), 2012/05/08 19:26:35]

Caller owns it. Added comment to the constructor (where the caller passes in the
delegate).

+  content::BrowserContext* browser_context_;
+  GURL provider_url_;
+  std::string extension_id_;
+  GURL result_;
+  // List of valid redirect URL prefixes.
+  std::vector<std::string> valid_prefixes_;
+
+  content::WebContents* contents_;
+  views::Widget* widget_;
+  views::WebView* web_view_;
+
+  DISALLOW_COPY_AND_ASSIGN(ExtensionAuthFlow);
+};
+
+}  // namespace extensions
+
+#endif  // CHROME_BROWSER_EXTENSIONS_API_IDENTITY_EXTENSION_AUTH_FLOW_H_