| Index: chrome/browser/signin/profile_oauth2_token_service.cc
|
| diff --git a/chrome/browser/signin/profile_oauth2_token_service.cc b/chrome/browser/signin/profile_oauth2_token_service.cc
|
| index 8722688614beb69ced1fdfda67bede83bffafeba..cc89a9d79604a70f7009c6be31ef1b194b1ce9a1 100644
|
| --- a/chrome/browser/signin/profile_oauth2_token_service.cc
|
| +++ b/chrome/browser/signin/profile_oauth2_token_service.cc
|
| @@ -46,13 +46,6 @@ std::string RemoveAccountIdPrefix(const std::string& prefixed_account_id) {
|
| return prefixed_account_id.substr(kAccountIdPrefixLength);
|
| }
|
|
|
| -std::string GetAccountId(Profile* profile) {
|
| - SigninManagerBase* signin_manager =
|
| - SigninManagerFactory::GetForProfileIfExists(profile);
|
| - return signin_manager ? signin_manager->GetAuthenticatedUsername() :
|
| - std::string();
|
| -}
|
| -
|
| } // namespace
|
|
|
| ProfileOAuth2TokenService::ProfileOAuth2TokenService()
|
| @@ -99,12 +92,13 @@ void ProfileOAuth2TokenService::Shutdown() {
|
| signin_global_error_.reset();
|
| }
|
|
|
| -std::string ProfileOAuth2TokenService::GetRefreshToken() {
|
| - TokenService* token_service = TokenServiceFactory::GetForProfile(profile_);
|
| - if (!token_service || !token_service->HasOAuthLoginToken()) {
|
| - return std::string();
|
| - }
|
| - return token_service->GetOAuth2LoginRefreshToken();
|
| +std::string ProfileOAuth2TokenService::GetRefreshToken(
|
| + const std::string& account_id) {
|
| + std::map<std::string, std::string>::const_iterator iter =
|
| + refresh_tokens_.find(account_id);
|
| + if (iter != refresh_tokens_.end())
|
| + return iter->second;
|
| + return std::string();
|
| }
|
|
|
| net::URLRequestContextGetter* ProfileOAuth2TokenService::GetRequestContext() {
|
| @@ -112,7 +106,9 @@ net::URLRequestContextGetter* ProfileOAuth2TokenService::GetRequestContext() {
|
| }
|
|
|
| void ProfileOAuth2TokenService::UpdateAuthError(
|
| + const std::string& account_id,
|
| const GoogleServiceAuthError& error) {
|
| + // TODO(fgorski): SigninGlobalError needs to be made multi-login aware.
|
| // Do not report connection errors as these are not actually auth errors.
|
| // We also want to avoid masking a "real" auth error just because we
|
| // subsequently get a transient network error.
|
| @@ -129,29 +125,29 @@ void ProfileOAuth2TokenService::Observe(
|
| int type,
|
| const content::NotificationSource& source,
|
| const content::NotificationDetails& details) {
|
| + const std::string& account_id = GetPrimaryAccountId();
|
| switch (type) {
|
| case chrome::NOTIFICATION_TOKEN_AVAILABLE: {
|
| TokenService::TokenAvailableDetails* tok_details =
|
| content::Details<TokenService::TokenAvailableDetails>(details).ptr();
|
| if (tok_details->service() ==
|
| GaiaConstants::kGaiaOAuth2LoginRefreshToken) {
|
| - // TODO(fgorski): Canceling all requests will not be correct in a
|
| - // multi-login environment. We should cancel only the requests related
|
| - // to the token being replaced (old token for the same account_id).
|
| - // Previous refresh token is not available at this point, but since
|
| - // there are no other refresh tokens, we cancel all active requests.
|
| - CancelAllRequests();
|
| - ClearCache();
|
| - UpdateAuthError(GoogleServiceAuthError::AuthErrorNone());
|
| - FireRefreshTokenAvailable(GetAccountId(profile_));
|
| + // TODO(fgorski): Work on removing this code altogether in favor of the
|
| + // upgrade steps invoked by Initialize.
|
| + // TODO(fgorski): Refresh token received that way is not persisted in
|
| + // the token DB.
|
| + CancelRequestsForAccount(account_id);
|
| + ClearCacheForAccount(account_id);
|
| + refresh_tokens_[account_id] = tok_details->token();
|
| + UpdateAuthError(account_id, GoogleServiceAuthError::AuthErrorNone());
|
| + FireRefreshTokenAvailable(account_id);
|
| }
|
| break;
|
| }
|
| case chrome::NOTIFICATION_TOKENS_CLEARED: {
|
| CancelAllRequests();
|
| ClearCache();
|
| - UpdateAuthError(GoogleServiceAuthError::AuthErrorNone());
|
| - FireRefreshTokensCleared();
|
| + UpdateAuthError(account_id, GoogleServiceAuthError::AuthErrorNone());
|
| break;
|
| }
|
| case chrome::NOTIFICATION_TOKEN_LOADING_FINISHED:
|
| @@ -160,8 +156,8 @@ void ProfileOAuth2TokenService::Observe(
|
| // user goes on to set up sync, they will have to make two attempts:
|
| // One to surface the OAuth2 error, and a second one after signing in.
|
| // See crbug.com/276650.
|
| - if (!GetAccountId(profile_).empty() && GetRefreshToken().empty()) {
|
| - UpdateAuthError(GoogleServiceAuthError(
|
| + if (!account_id.empty() && GetRefreshToken(account_id).empty()) {
|
| + UpdateAuthError(account_id, GoogleServiceAuthError(
|
| GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS));
|
| }
|
| FireRefreshTokensLoaded();
|
| @@ -176,33 +172,22 @@ GoogleServiceAuthError ProfileOAuth2TokenService::GetAuthStatus() const {
|
| return last_auth_error_;
|
| }
|
|
|
| -void ProfileOAuth2TokenService::RegisterCacheEntry(
|
| - const std::string& client_id,
|
| - const std::string& refresh_token,
|
| - const ScopeSet& scopes,
|
| - const std::string& access_token,
|
| - const base::Time& expiration_date) {
|
| - if (ShouldCacheForRefreshToken(TokenServiceFactory::GetForProfile(profile_),
|
| - refresh_token)) {
|
| - OAuth2TokenService::RegisterCacheEntry(client_id,
|
| - refresh_token,
|
| - scopes,
|
| - access_token,
|
| - expiration_date);
|
| - }
|
| +std::string ProfileOAuth2TokenService::GetPrimaryAccountId() {
|
| + SigninManagerBase* signin_manager =
|
| + SigninManagerFactory::GetForProfileIfExists(profile_);
|
| + // TODO(fgorski): DCHECK(signin_manager) here - it may require update to test
|
| + // code and the line above (SigninManager might not exist yet).
|
| + return signin_manager ? signin_manager->GetAuthenticatedUsername()
|
| + : std::string();
|
| }
|
|
|
| -bool ProfileOAuth2TokenService::ShouldCacheForRefreshToken(
|
| - TokenService *token_service,
|
| - const std::string& refresh_token) {
|
| - if (!token_service ||
|
| - !token_service->HasOAuthLoginToken() ||
|
| - token_service->GetOAuth2LoginRefreshToken().compare(refresh_token) != 0) {
|
| - DLOG(INFO) <<
|
| - "Received a token with a refresh token not maintained by TokenService.";
|
| - return false;
|
| +std::vector<std::string> ProfileOAuth2TokenService::GetAccounts() {
|
| + std::vector<std::string> account_ids;
|
| + for (std::map<std::string, std::string>::const_iterator iter =
|
| + refresh_tokens_.begin(); iter != refresh_tokens_.end(); ++iter) {
|
| + account_ids.push_back(iter->first);
|
| }
|
| - return true;
|
| + return account_ids;
|
| }
|
|
|
| void ProfileOAuth2TokenService::UpdateCredentials(
|
| @@ -214,18 +199,18 @@ void ProfileOAuth2TokenService::UpdateCredentials(
|
| bool refresh_token_present = refresh_tokens_.count(account_id) > 0;
|
| if (!refresh_token_present ||
|
| refresh_tokens_[account_id] != refresh_token) {
|
| - // If token present, and different from the new one, cancel its requests.
|
| - if (refresh_token_present)
|
| - CancelRequestsForToken(refresh_tokens_[account_id]);
|
| + // If token present, and different from the new one, cancel its requests,
|
| + // and clear the entries in cache related to that account.
|
| + if (refresh_token_present) {
|
| + CancelRequestsForAccount(account_id);
|
| + ClearCacheForAccount(account_id);
|
| + }
|
|
|
| // Save the token in memory and in persistent store.
|
| refresh_tokens_[account_id] = refresh_token;
|
| - scoped_refptr<TokenWebData> token_web_data =
|
| - TokenWebData::FromBrowserContext(profile_);
|
| - if (token_web_data.get())
|
| - token_web_data->SetTokenForService(ApplyAccountIdPrefix(account_id),
|
| - refresh_token);
|
| + PersistCredentials(account_id, refresh_token);
|
|
|
| + UpdateAuthError(account_id, GoogleServiceAuthError::AuthErrorNone());
|
| FireRefreshTokenAvailable(account_id);
|
| // TODO(fgorski): Notify diagnostic observers.
|
| }
|
| @@ -236,18 +221,35 @@ void ProfileOAuth2TokenService::RevokeCredentials(
|
| DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
|
|
|
| if (refresh_tokens_.count(account_id) > 0) {
|
| - CancelRequestsForToken(refresh_tokens_[account_id]);
|
| + CancelRequestsForAccount(account_id);
|
| + ClearCacheForAccount(account_id);
|
| refresh_tokens_.erase(account_id);
|
| - scoped_refptr<TokenWebData> token_web_data =
|
| - TokenWebData::FromBrowserContext(profile_);
|
| - if (token_web_data.get())
|
| - token_web_data->RemoveTokenForService(ApplyAccountIdPrefix(account_id));
|
| + ClearPersistedCredentials(account_id);
|
| FireRefreshTokenRevoked(account_id);
|
|
|
| // TODO(fgorski): Notify diagnostic observers.
|
| }
|
| }
|
|
|
| +void ProfileOAuth2TokenService::PersistCredentials(
|
| + const std::string& account_id,
|
| + const std::string& refresh_token) {
|
| + scoped_refptr<TokenWebData> token_web_data =
|
| + TokenWebData::FromBrowserContext(profile_);
|
| + if (token_web_data.get()) {
|
| + token_web_data->SetTokenForService(ApplyAccountIdPrefix(account_id),
|
| + refresh_token);
|
| + }
|
| +}
|
| +
|
| +void ProfileOAuth2TokenService::ClearPersistedCredentials(
|
| + const std::string& account_id) {
|
| + scoped_refptr<TokenWebData> token_web_data =
|
| + TokenWebData::FromBrowserContext(profile_);
|
| + if (token_web_data.get())
|
| + token_web_data->RemoveTokenForService(ApplyAccountIdPrefix(account_id));
|
| +}
|
| +
|
| void ProfileOAuth2TokenService::RevokeAllCredentials() {
|
| DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
|
|
|
| @@ -264,7 +266,6 @@ void ProfileOAuth2TokenService::RevokeAllCredentials() {
|
| TokenWebData::FromBrowserContext(profile_);
|
| if (token_web_data.get())
|
| token_web_data->RemoveAllTokens();
|
| - FireRefreshTokensCleared();
|
|
|
| // TODO(fgorski): Notify diagnostic observers.
|
| }
|
| @@ -326,8 +327,8 @@ void ProfileOAuth2TokenService::LoadAllCredentialsIntoMemory(
|
| }
|
|
|
| if (!old_login_token.empty() &&
|
| - refresh_tokens_.count(GetAccountId(profile_)) == 0) {
|
| - UpdateCredentials(GetAccountId(profile_), old_login_token);
|
| + refresh_tokens_.count(GetPrimaryAccountId()) == 0) {
|
| + UpdateCredentials(GetPrimaryAccountId(), old_login_token);
|
| }
|
|
|
| FireRefreshTokensLoaded();
|
|
|
Chromium Code Reviews
Issue 23382008:
Making OAuth2TokenService multi-login aware, updating callers, minor fixes (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master