| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/api/identity/identity_api.h" | 5 #include "chrome/browser/extensions/api/identity/identity_api.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/lazy_instance.h" | 11 #include "base/lazy_instance.h" |
| 12 #include "base/stringprintf.h" | 12 #include "base/stringprintf.h" |
| 13 #include "base/strings/string_number_conversions.h" |
| 13 #include "base/values.h" | 14 #include "base/values.h" |
| 14 #include "chrome/browser/app_mode/app_mode_utils.h" | 15 #include "chrome/browser/app_mode/app_mode_utils.h" |
| 15 #include "chrome/browser/extensions/extension_function_dispatcher.h" | 16 #include "chrome/browser/extensions/extension_function_dispatcher.h" |
| 16 #include "chrome/browser/extensions/extension_install_prompt.h" | 17 #include "chrome/browser/extensions/extension_install_prompt.h" |
| 17 #include "chrome/browser/extensions/extension_service.h" | 18 #include "chrome/browser/extensions/extension_service.h" |
| 18 #include "chrome/browser/extensions/permissions_updater.h" | 19 #include "chrome/browser/extensions/permissions_updater.h" |
| 19 #include "chrome/browser/profiles/profile.h" | 20 #include "chrome/browser/profiles/profile.h" |
| 20 #include "chrome/browser/signin/signin_manager.h" | 21 #include "chrome/browser/signin/signin_manager.h" |
| 21 #include "chrome/browser/signin/signin_manager_factory.h" | 22 #include "chrome/browser/signin/signin_manager_factory.h" |
| 22 #include "chrome/browser/signin/token_service.h" | 23 #include "chrome/browser/signin/token_service.h" |
| (...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 217 StartMintTokenFlow(IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE); | 218 StartMintTokenFlow(IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE); |
| 218 break; | 219 break; |
| 219 } | 220 } |
| 220 } else { | 221 } else { |
| 221 DCHECK(type == IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE); | 222 DCHECK(type == IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE); |
| 222 | 223 |
| 223 if (cache_status == IdentityTokenCacheValue::CACHE_STATUS_TOKEN) { | 224 if (cache_status == IdentityTokenCacheValue::CACHE_STATUS_TOKEN) { |
| 224 CompleteMintTokenFlow(); | 225 CompleteMintTokenFlow(); |
| 225 CompleteFunctionWithResult(cache_entry.token()); | 226 CompleteFunctionWithResult(cache_entry.token()); |
| 226 } else { | 227 } else { |
| 227 install_ui_.reset(new ExtensionInstallPrompt(GetAssociatedWebContents())); | |
| 228 ShowOAuthApprovalDialog(issue_advice_); | 228 ShowOAuthApprovalDialog(issue_advice_); |
| 229 } | 229 } |
| 230 } | 230 } |
| 231 } | 231 } |
| 232 | 232 |
| 233 void IdentityGetAuthTokenFunction::OnMintTokenSuccess( | 233 void IdentityGetAuthTokenFunction::OnMintTokenSuccess( |
| 234 const std::string& access_token, int time_to_live) { | 234 const std::string& access_token, int time_to_live) { |
| 235 const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension()); | 235 const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension()); |
| 236 IdentityTokenCacheValue token(access_token, | 236 IdentityTokenCacheValue token(access_token, |
| 237 base::TimeDelta::FromSeconds(time_to_live)); | 237 base::TimeDelta::FromSeconds(time_to_live)); |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 284 | 284 |
| 285 void IdentityGetAuthTokenFunction::SigninSuccess(const std::string& token) { | 285 void IdentityGetAuthTokenFunction::SigninSuccess(const std::string& token) { |
| 286 refresh_token_ = token; | 286 refresh_token_ = token; |
| 287 StartMintTokenFlow(IdentityMintRequestQueue::MINT_TYPE_NONINTERACTIVE); | 287 StartMintTokenFlow(IdentityMintRequestQueue::MINT_TYPE_NONINTERACTIVE); |
| 288 } | 288 } |
| 289 | 289 |
| 290 void IdentityGetAuthTokenFunction::SigninFailed() { | 290 void IdentityGetAuthTokenFunction::SigninFailed() { |
| 291 CompleteFunctionWithError(identity_constants::kUserNotSignedIn); | 291 CompleteFunctionWithError(identity_constants::kUserNotSignedIn); |
| 292 } | 292 } |
| 293 | 293 |
| 294 void IdentityGetAuthTokenFunction::InstallUIProceed() { | 294 void IdentityGetAuthTokenFunction::OnGaiaFlowFailure( |
| 295 // The user has accepted the scopes, so we may now force (recording a grant | 295 GaiaWebAuthFlow::Failure failure, |
| 296 // and receiving a token). | 296 GoogleServiceAuthError service_error, |
| 297 StartGaiaRequest(OAuth2MintTokenFlow::MODE_MINT_TOKEN_FORCE); | 297 const std::string& oauth_error) { |
| 298 CompleteMintTokenFlow(); |
| 299 std::string error; |
| 300 |
| 301 switch (failure) { |
| 302 case GaiaWebAuthFlow::WINDOW_CLOSED: |
| 303 error = identity_constants::kUserRejected; |
| 304 break; |
| 305 |
| 306 case GaiaWebAuthFlow::INVALID_REDIRECT: |
| 307 error = identity_constants::kInvalidRedirect; |
| 308 break; |
| 309 |
| 310 case GaiaWebAuthFlow::SERVICE_AUTH_ERROR: |
| 311 error = std::string(identity_constants::kAuthFailure) + |
| 312 service_error.ToString(); |
| 313 break; |
| 314 |
| 315 case GaiaWebAuthFlow::OAUTH_ERROR: |
| 316 error = MapOAuth2ErrorToDescription(oauth_error); |
| 317 break; |
| 318 |
| 319 default: |
| 320 NOTREACHED() << "Unexpected error from gaia web auth flow: " << failure; |
| 321 error = identity_constants::kInvalidRedirect; |
| 322 break; |
| 323 } |
| 324 |
| 325 CompleteFunctionWithError(error); |
| 298 } | 326 } |
| 299 | 327 |
| 300 void IdentityGetAuthTokenFunction::InstallUIAbort(bool user_initiated) { | 328 void IdentityGetAuthTokenFunction::OnGaiaFlowCompleted( |
| 329 const std::string& access_token, |
| 330 const std::string& expiration) { |
| 331 |
| 332 int time_to_live; |
| 333 if (!expiration.empty() && base::StringToInt(expiration, &time_to_live)) { |
| 334 const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension()); |
| 335 IdentityTokenCacheValue token_value( |
| 336 access_token, base::TimeDelta::FromSeconds(time_to_live)); |
| 337 IdentityAPI::GetFactoryInstance()->GetForProfile(profile()) |
| 338 ->SetCachedToken(GetExtension()->id(), oauth2_info.scopes, token_value); |
| 339 } |
| 340 |
| 301 CompleteMintTokenFlow(); | 341 CompleteMintTokenFlow(); |
| 302 CompleteFunctionWithError(identity_constants::kUserRejected); | 342 CompleteFunctionWithResult(access_token); |
| 303 } | 343 } |
| 304 | 344 |
| 305 void IdentityGetAuthTokenFunction::StartGaiaRequest( | 345 void IdentityGetAuthTokenFunction::StartGaiaRequest( |
| 306 OAuth2MintTokenFlow::Mode mode) { | 346 OAuth2MintTokenFlow::Mode mode) { |
| 307 mint_token_flow_.reset(CreateMintTokenFlow(mode)); | 347 mint_token_flow_.reset(CreateMintTokenFlow(mode)); |
| 308 mint_token_flow_->Start(); | 348 mint_token_flow_->Start(); |
| 309 } | 349 } |
| 310 | 350 |
| 311 void IdentityGetAuthTokenFunction::ShowLoginPopup() { | 351 void IdentityGetAuthTokenFunction::ShowLoginPopup() { |
| 312 signin_flow_.reset(new IdentitySigninFlow(this, profile())); | 352 signin_flow_.reset(new IdentitySigninFlow(this, profile())); |
| 313 signin_flow_->Start(); | 353 signin_flow_->Start(); |
| 314 } | 354 } |
| 315 | 355 |
| 316 void IdentityGetAuthTokenFunction::ShowOAuthApprovalDialog( | 356 void IdentityGetAuthTokenFunction::ShowOAuthApprovalDialog( |
| 317 const IssueAdviceInfo& issue_advice) { | 357 const IssueAdviceInfo& issue_advice) { |
| 318 install_ui_->ConfirmIssueAdvice(this, GetExtension(), issue_advice); | 358 Browser* current_browser = this->GetCurrentBrowser(); |
| 359 chrome::HostDesktopType host_desktop_type = |
| 360 current_browser ? current_browser->host_desktop_type() |
| 361 : chrome::GetActiveDesktop(); |
| 362 const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension()); |
| 363 |
| 364 gaia_web_auth_flow_.reset(new GaiaWebAuthFlow( |
| 365 this, profile(), host_desktop_type, GetExtension()->id(), oauth2_info)); |
| 366 gaia_web_auth_flow_->Start(); |
| 319 } | 367 } |
| 320 | 368 |
| 321 OAuth2MintTokenFlow* IdentityGetAuthTokenFunction::CreateMintTokenFlow( | 369 OAuth2MintTokenFlow* IdentityGetAuthTokenFunction::CreateMintTokenFlow( |
| 322 OAuth2MintTokenFlow::Mode mode) { | 370 OAuth2MintTokenFlow::Mode mode) { |
| 323 const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension()); | 371 const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension()); |
| 324 OAuth2MintTokenFlow* mint_token_flow = | 372 OAuth2MintTokenFlow* mint_token_flow = |
| 325 new OAuth2MintTokenFlow( | 373 new OAuth2MintTokenFlow( |
| 326 profile()->GetRequestContext(), | 374 profile()->GetRequestContext(), |
| 327 this, | 375 this, |
| 328 OAuth2MintTokenFlow::Parameters( | 376 OAuth2MintTokenFlow::Parameters( |
| (...skipping 14 matching lines...) Expand all Loading... |
| 343 } | 391 } |
| 344 #endif | 392 #endif |
| 345 return mint_token_flow; | 393 return mint_token_flow; |
| 346 } | 394 } |
| 347 | 395 |
| 348 bool IdentityGetAuthTokenFunction::HasLoginToken() const { | 396 bool IdentityGetAuthTokenFunction::HasLoginToken() const { |
| 349 TokenService* token_service = TokenServiceFactory::GetForProfile(profile()); | 397 TokenService* token_service = TokenServiceFactory::GetForProfile(profile()); |
| 350 return token_service->HasOAuthLoginToken(); | 398 return token_service->HasOAuthLoginToken(); |
| 351 } | 399 } |
| 352 | 400 |
| 401 std::string IdentityGetAuthTokenFunction::MapOAuth2ErrorToDescription( |
| 402 const std::string& error) { |
| 403 const char kOAuth2ErrorAccessDenied[] = "access_denied"; |
| 404 const char kOAuth2ErrorInvalidScope[] = "invalid_scope"; |
| 405 |
| 406 if (error == kOAuth2ErrorAccessDenied) |
| 407 return std::string(identity_constants::kUserRejected); |
| 408 else if (error == kOAuth2ErrorInvalidScope) |
| 409 return std::string(identity_constants::kInvalidScopes); |
| 410 else |
| 411 return std::string(identity_constants::kAuthFailure) + error; |
| 412 } |
| 413 |
| 353 IdentityRemoveCachedAuthTokenFunction::IdentityRemoveCachedAuthTokenFunction() { | 414 IdentityRemoveCachedAuthTokenFunction::IdentityRemoveCachedAuthTokenFunction() { |
| 354 } | 415 } |
| 355 | 416 |
| 356 IdentityRemoveCachedAuthTokenFunction:: | 417 IdentityRemoveCachedAuthTokenFunction:: |
| 357 ~IdentityRemoveCachedAuthTokenFunction() { | 418 ~IdentityRemoveCachedAuthTokenFunction() { |
| 358 } | 419 } |
| 359 | 420 |
| 360 bool IdentityRemoveCachedAuthTokenFunction::RunImpl() { | 421 bool IdentityRemoveCachedAuthTokenFunction::RunImpl() { |
| 361 if (profile()->IsOffTheRecord()) { | 422 if (profile()->IsOffTheRecord()) { |
| 362 error_ = identity_constants::kOffTheRecord; | 423 error_ = identity_constants::kOffTheRecord; |
| (...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 612 const IdentityAPI::TokenCacheKey& rhs) const { | 673 const IdentityAPI::TokenCacheKey& rhs) const { |
| 613 if (extension_id < rhs.extension_id) | 674 if (extension_id < rhs.extension_id) |
| 614 return true; | 675 return true; |
| 615 else if (rhs.extension_id < extension_id) | 676 else if (rhs.extension_id < extension_id) |
| 616 return false; | 677 return false; |
| 617 | 678 |
| 618 return scopes < rhs.scopes; | 679 return scopes < rhs.scopes; |
| 619 } | 680 } |
| 620 | 681 |
| 621 } // namespace extensions | 682 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 15148007:
Identity API: web-based scope approval dialogs for getAuthToken (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master