Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(972)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/managed_mode/managed_user_refresh_token_fetcher.cc

Issue 16173008: Reland 203015 "Add ManagedUserTokenFetcher to fetch scoped-down ..." (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: . Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/managed_mode/managed_user_refresh_token_fetcher.h ('k') | chrome/browser/managed_mode/managed_user_refresh_token_fetcher_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/managed_mode/managed_user_refresh_token_fetcher.h"
6
7 #include "base/callback.h"
8 #include "base/json/json_reader.h"
9 #include "base/logging.h"
10 #include "base/string16.h"
11 #include "base/stringprintf.h"
12 #include "base/utf_string_conversions.h"
13 #include "base/values.h"
14 #include "chrome/browser/signin/oauth2_token_service.h"
15 #include "google_apis/gaia/gaia_oauth_client.h"
16 #include "google_apis/gaia/gaia_urls.h"
17 #include "google_apis/gaia/google_service_auth_error.h"
18 #include "google_apis/gaia/oauth2_api_call_flow.h"
19 #include "net/base/escape.h"
20 #include "net/base/load_flags.h"
21 #include "net/base/net_errors.h"
22 #include "net/http/http_status_code.h"
23 #include "net/url_request/url_fetcher.h"
24 #include "net/url_request/url_request_status.h"
25
26 using base::Time;
27 using gaia::GaiaOAuthClient;
28 using net::URLFetcher;
29 using net::URLFetcherDelegate;
30 using net::URLRequestContextGetter;
31
32 namespace {
33
34 const int kNumRetries = 1;
35
36 static const char kChromeSyncManagedScope[] =
37 "https://www.googleapis.com/auth/chromesync_playpen";
38
39 static const char kIssueTokenBodyFormat[] =
40 "client_id=%s"
41 "&scope=&%s"
42 "&response_type=code"
43 "&profile_id=%s"
44 "&profile_name=%s"
45 "&device_name=%s";
46
47 static const char kAuthorizationHeaderFormat[] =
48 "Authorization: Bearer %s";
49
50 static const char kCodeKey[] = "code";
51
52 class ManagedUserRefreshTokenFetcherImpl
53 : public ManagedUserRefreshTokenFetcher,
54 public OAuth2TokenService::Consumer,
55 public URLFetcherDelegate,
56 public GaiaOAuthClient::Delegate {
57 public:
58 ManagedUserRefreshTokenFetcherImpl(OAuth2TokenService* oauth2_token_service,
59 URLRequestContextGetter* context);
60 virtual ~ManagedUserRefreshTokenFetcherImpl();
61
62 // ManagedUserRefreshTokenFetcher implementation:
63 virtual void Start(const std::string& managed_user_id,
64 const string16& name,
65 const std::string& device_name,
66 const TokenCallback& callback) OVERRIDE;
67
68 protected:
69 // OAuth2TokenService::Consumer implementation:
70 virtual void OnGetTokenSuccess(const OAuth2TokenService::Request* request,
71 const std::string& access_token,
72 const Time& expiration_time) OVERRIDE;
73 virtual void OnGetTokenFailure(const OAuth2TokenService::Request* request,
74 const GoogleServiceAuthError& error) OVERRIDE;
75
76 // net::URLFetcherDelegate implementation.
77 virtual void OnURLFetchComplete(const URLFetcher* source) OVERRIDE;
78
79 // GaiaOAuthClient::Delegate implementation:
80 virtual void OnGetTokensResponse(const std::string& refresh_token,
81 const std::string& access_token,
82 int expires_in_seconds) OVERRIDE;
83 virtual void OnRefreshTokenResponse(const std::string& access_token,
84 int expires_in_seconds) OVERRIDE;
85 virtual void OnOAuthError() OVERRIDE;
86 virtual void OnNetworkError(int response_code) OVERRIDE;
87
88 private:
89 // Requests an access token, which is the first thing we need. This is where
90 // we restart when the returned access token has expired.
91 void StartFetching();
92
93 void DispatchNetworkError(int error_code);
94 void DispatchGoogleServiceAuthError(const GoogleServiceAuthError& error,
95 const std::string& token);
96 OAuth2TokenService* oauth2_token_service_;
97 URLRequestContextGetter* context_;
98
99 std::string device_name_;
100 std::string managed_user_id_;
101 string16 name_;
102 TokenCallback callback_;
103
104 scoped_ptr<OAuth2TokenService::Request> access_token_request_;
105 std::string access_token_;
106 bool access_token_expired_;
107 scoped_ptr<URLFetcher> url_fetcher_;
108 scoped_ptr<GaiaOAuthClient> gaia_oauth_client_;
109 };
110
111 ManagedUserRefreshTokenFetcherImpl::ManagedUserRefreshTokenFetcherImpl(
112 OAuth2TokenService* oauth2_token_service,
113 URLRequestContextGetter* context)
114 : oauth2_token_service_(oauth2_token_service),
115 context_(context),
116 access_token_expired_(false) {}
117
118 ManagedUserRefreshTokenFetcherImpl::~ManagedUserRefreshTokenFetcherImpl() {}
119
120 void ManagedUserRefreshTokenFetcherImpl::Start(
121 const std::string& managed_user_id,
122 const string16& name,
123 const std::string& device_name,
124 const TokenCallback& callback) {
125 DCHECK(callback_.is_null());
126 managed_user_id_ = managed_user_id;
127 name_ = name;
128 device_name_ = device_name;
129 callback_ = callback;
130 StartFetching();
131 }
132
133 void ManagedUserRefreshTokenFetcherImpl::StartFetching() {
134 OAuth2TokenService::ScopeSet scopes;
135 scopes.insert(GaiaUrls::GetInstance()->oauth1_login_scope());
136 access_token_request_ = oauth2_token_service_->StartRequest(scopes, this);
137 }
138
139 void ManagedUserRefreshTokenFetcherImpl::OnGetTokenSuccess(
140 const OAuth2TokenService::Request* request,
141 const std::string& access_token,
142 const Time& expiration_time) {
143 DCHECK_EQ(access_token_request_.get(), request);
144 access_token_ = access_token;
145
146 GURL url(GaiaUrls::GetInstance()->oauth2_issue_token_url());
147 // GaiaOAuthClient uses id 0, so we use 1 to distinguish the requests in
148 // unit tests.
149 const int id = 1;
150
151 url_fetcher_.reset(URLFetcher::Create(id, url, URLFetcher::POST, this));
152
153 url_fetcher_->SetRequestContext(context_);
154 url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
155 net::LOAD_DO_NOT_SAVE_COOKIES);
156 url_fetcher_->SetAutomaticallyRetryOnNetworkChanges(kNumRetries);
157 url_fetcher_->AddExtraRequestHeader(
158 base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str()));
159
160 std::string body = base::StringPrintf(
161 kIssueTokenBodyFormat,
162 net::EscapeUrlEncodedData(
163 GaiaUrls::GetInstance()->oauth2_chrome_client_id(), true).c_str(),
164 net::EscapeUrlEncodedData(kChromeSyncManagedScope, true).c_str(),
165 net::EscapeUrlEncodedData(managed_user_id_, true).c_str(),
166 net::EscapeUrlEncodedData(UTF16ToUTF8(name_), true).c_str(),
167 net::EscapeUrlEncodedData(device_name_, true).c_str());
168 url_fetcher_->SetUploadData("application/x-www-form-urlencoded", body);
169
170 url_fetcher_->Start();
171 }
172
173 void ManagedUserRefreshTokenFetcherImpl::OnGetTokenFailure(
174 const OAuth2TokenService::Request* request,
175 const GoogleServiceAuthError& error) {
176 DCHECK_EQ(access_token_request_.get(), request);
177 callback_.Run(error, std::string());
178 callback_.Reset();
179 }
180
181 void ManagedUserRefreshTokenFetcherImpl::OnURLFetchComplete(
182 const URLFetcher* source) {
183 const net::URLRequestStatus& status = source->GetStatus();
184 if (!status.is_success()) {
185 DispatchNetworkError(status.error());
186 return;
187 }
188
189 int response_code = source->GetResponseCode();
190 if (response_code == net::HTTP_UNAUTHORIZED && !access_token_expired_) {
191 access_token_expired_ = true;
192 oauth2_token_service_->InvalidateToken(OAuth2TokenService::ScopeSet(),
193 access_token_);
194 StartFetching();
195 return;
196 }
197
198 if (response_code != net::HTTP_OK) {
199 // TODO(bauerb): We should return the HTTP response code somehow.
200 DLOG(WARNING) << "HTTP error " << response_code;
201 DispatchGoogleServiceAuthError(
202 GoogleServiceAuthError(GoogleServiceAuthError::CONNECTION_FAILED),
203 std::string());
204 return;
205 }
206
207 std::string response_body;
208 source->GetResponseAsString(&response_body);
209 scoped_ptr<base::Value> value(base::JSONReader::Read(response_body));
210 DictionaryValue* dict = NULL;
211 if (!value.get() || !value->GetAsDictionary(&dict)) {
212 DispatchNetworkError(net::ERR_INVALID_RESPONSE);
213 return;
214 }
215 std::string auth_code;
216 if (!dict->GetString(kCodeKey, &auth_code)) {
217 DispatchNetworkError(net::ERR_INVALID_RESPONSE);
218 return;
219 }
220
221 gaia::OAuthClientInfo client_info;
222 GaiaUrls* urls = GaiaUrls::GetInstance();
223 client_info.client_id = urls->oauth2_chrome_client_id();
224 client_info.client_secret = urls->oauth2_chrome_client_secret();
225 gaia_oauth_client_.reset(
226 new gaia::GaiaOAuthClient(GaiaUrls::GetInstance()->oauth2_token_url(),
227 context_));
228 gaia_oauth_client_->GetTokensFromAuthCode(client_info, auth_code, kNumRetries,
229 this);
230 }
231
232 void ManagedUserRefreshTokenFetcherImpl::OnGetTokensResponse(
233 const std::string& refresh_token,
234 const std::string& access_token,
235 int expires_in_seconds) {
236 // TODO(bauerb): It would be nice if we could pass the access token as well,
237 // so we don't need to fetch another one immediately.
238 DispatchGoogleServiceAuthError(GoogleServiceAuthError::AuthErrorNone(),
239 refresh_token);
240 }
241
242 void ManagedUserRefreshTokenFetcherImpl::OnRefreshTokenResponse(
243 const std::string& access_token,
244 int expires_in_seconds) {
245 NOTREACHED();
246 }
247
248 void ManagedUserRefreshTokenFetcherImpl::OnOAuthError() {
249 DispatchGoogleServiceAuthError(
250 GoogleServiceAuthError(GoogleServiceAuthError::CONNECTION_FAILED),
251 std::string());
252 }
253
254 void ManagedUserRefreshTokenFetcherImpl::OnNetworkError(int response_code) {
255 // TODO(bauerb): We should return the HTTP response code somehow.
256 DLOG(WARNING) << "HTTP error " << response_code;
257 DispatchGoogleServiceAuthError(
258 GoogleServiceAuthError(GoogleServiceAuthError::CONNECTION_FAILED),
259 std::string());
260 }
261
262 void ManagedUserRefreshTokenFetcherImpl::DispatchNetworkError(int error_code) {
263 DispatchGoogleServiceAuthError(
264 GoogleServiceAuthError::FromConnectionError(error_code), std::string());
265 }
266
267 void ManagedUserRefreshTokenFetcherImpl::DispatchGoogleServiceAuthError(
268 const GoogleServiceAuthError& error,
269 const std::string& token) {
270 callback_.Run(error, token);
271 callback_.Reset();
272 }
273
274 } // namespace
275
276 // static
277 scoped_ptr<ManagedUserRefreshTokenFetcher>
278 ManagedUserRefreshTokenFetcher::Create(OAuth2TokenService* oauth2_token_service,
279 URLRequestContextGetter* context) {
280 scoped_ptr<ManagedUserRefreshTokenFetcher> fetcher(
281 new ManagedUserRefreshTokenFetcherImpl(oauth2_token_service, context));
282 return fetcher.Pass();
283 }
284
285 ManagedUserRefreshTokenFetcher::~ManagedUserRefreshTokenFetcher() {}
OLDNEW
« no previous file with comments | « chrome/browser/managed_mode/managed_user_refresh_token_fetcher.h ('k') | chrome/browser/managed_mode/managed_user_refresh_token_fetcher_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698