Modify experimental identity flow to display scope descriptions and details.

chrome/browser/extensions/permissions_updater.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/permissions_updater.h"
 
 #include "base/json/json_writer.h"
 #include "base/memory/ref_counted.h"
 #include "base/values.h"
 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h"
 #include "chrome/browser/extensions/extension_event_router.h"
 #include "chrome/browser/extensions/extension_prefs.h"
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/signin/token_service.h"
+#include "chrome/browser/signin/token_service_factory.h"
 #include "chrome/common/extensions/api/permissions.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_messages.h"
+#include "chrome/common/net/gaia/oauth2_mint_token_flow.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/render_process_host.h"
 
 using content::RenderProcessHost;
 using extensions::permissions_api_helpers::PackPermissionSet;
+using extensions::PermissionSet;
 
 namespace extensions {
 
 namespace {
 
 const char kOnAdded[] = "permissions.onAdded";
 const char kOnRemoved[] = "permissions.onRemoved";
 
 }
 
 PermissionsUpdater::PermissionsUpdater(Profile* profile)
     : profile_(profile) {}
 
 PermissionsUpdater::~PermissionsUpdater() {}
 
 void PermissionsUpdater::AddPermissions(
     const Extension* extension, const PermissionSet* permissions) {
   scoped_refptr<const PermissionSet> existing(
       extension->GetActivePermissions());
   scoped_refptr<PermissionSet> total(
       PermissionSet::CreateUnion(existing, permissions));
   scoped_refptr<PermissionSet> added(
       PermissionSet::CreateDifference(total.get(), existing));
 
   UpdateActivePermissions(extension, total.get());
 
   // Update the granted permissions so we don't auto-disable the extension.
-  GrantActivePermissions(extension);
+  GrantActivePermissions(extension, false);
 
   NotifyPermissionsUpdated(ADDED, extension, added.get());
 }
 
 void PermissionsUpdater::RemovePermissions(
     const Extension* extension, const PermissionSet* permissions) {
   scoped_refptr<const PermissionSet> existing(
       extension->GetActivePermissions());
   scoped_refptr<PermissionSet> total(
       PermissionSet::CreateDifference(existing, permissions));
   scoped_refptr<PermissionSet> removed(
       PermissionSet::CreateDifference(existing, total.get()));
 
   // We update the active permissions, and not the granted permissions, because
   // the extension, not the user, removed the permissions. This allows the
   // extension to add them again without prompting the user.
   UpdateActivePermissions(extension, total.get());
 
   NotifyPermissionsUpdated(REMOVED, extension, removed.get());
 }
 
-void PermissionsUpdater::GrantActivePermissions(const Extension* extension) {
+void PermissionsUpdater::GrantActivePermissions(const Extension* extension,
+                                                bool record_oauth2_grant) {
   CHECK(extension);
 
   // We only maintain the granted permissions prefs for INTERNAL and LOAD
   // extensions.
   if (extension->location() != Extension::LOAD &&
       extension->location() != Extension::INTERNAL)
     return;
 
-  GetExtensionPrefs()->AddGrantedPermissions(
-      extension->id(), extension->GetActivePermissions());
+  scoped_refptr<const PermissionSet> permissions =
+      extension->GetActivePermissions();
+  if (record_oauth2_grant) {
+    RecordOAuth2Grant(extension);
+  } else {
+    scoped_refptr<PermissionSet> scopes =
+        new PermissionSet(permissions->scopes());
+    permissions = PermissionSet::CreateDifference(permissions, scopes);
+  }
+
+  GetExtensionPrefs()->AddGrantedPermissions(extension->id(), permissions);
 }
 
 void PermissionsUpdater::UpdateActivePermissions(
     const Extension* extension, const PermissionSet* permissions) {
   GetExtensionPrefs()->SetActivePermissions(extension->id(), permissions);
   extension->SetActivePermissions(permissions);
 }
 
+void PermissionsUpdater::RecordOAuth2Grant(const Extension* extension) {
+  TokenService* token_service = TokenServiceFactory::GetForProfile(profile_);
+  OAuth2MintTokenFlow* flow = new OAuth2MintTokenFlow(
+      profile_->GetRequestContext(), NULL, OAuth2MintTokenFlow::Parameters(
+          token_service->GetOAuth2LoginRefreshToken(),
+          extension->id(),
+          extension->oauth2_info().client_id,
+          extension->oauth2_info().scopes,
+          OAuth2MintTokenFlow::MODE_RECORD_GRANT));
+  // |flow| will delete itself.
+  flow->FireAndForget();
+}
+
 void PermissionsUpdater::DispatchEvent(
     const std::string& extension_id,
     const char* event_name,
     const PermissionSet* changed_permissions) {
   if (!profile_ || !profile_->GetExtensionEventRouter())
     return;
 
   ListValue value;
   scoped_ptr<api::permissions::Permissions> permissions =
     PackPermissionSet(changed_permissions);
@@ skipping 47 matching lines @@
 
   // Trigger the onAdded and onRemoved events in the extension.
   DispatchEvent(extension->id(), event_name, changed);
 }
 
 ExtensionPrefs* PermissionsUpdater::GetExtensionPrefs() {
   return profile_->GetExtensionService()->extension_prefs();
 }
 
 }  // namespace extensions