| Index: chrome/common/net/gaia/oauth2_mint_token_fetcher.cc
|
| ===================================================================
|
| --- chrome/common/net/gaia/oauth2_mint_token_fetcher.cc (revision 0)
|
| +++ chrome/common/net/gaia/oauth2_mint_token_fetcher.cc (revision 0)
|
| @@ -0,0 +1,189 @@
|
| +// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "chrome/common/net/gaia/oauth2_mint_token_fetcher.h"
|
| +
|
| +#include <algorithm>
|
| +#include <string>
|
| +
|
| +#include "base/json/json_reader.h"
|
| +#include "base/string_util.h"
|
| +#include "base/stringprintf.h"
|
| +#include "base/values.h"
|
| +#include "chrome/common/net/gaia/gaia_urls.h"
|
| +#include "chrome/common/net/gaia/google_service_auth_error.h"
|
| +#include "net/base/escape.h"
|
| +#include "net/base/load_flags.h"
|
| +#include "net/http/http_status_code.h"
|
| +#include "net/url_request/url_request_context_getter.h"
|
| +#include "net/url_request/url_request_status.h"
|
| +
|
| +using content::URLFetcher;
|
| +using content::URLFetcherDelegate;
|
| +using net::ResponseCookies;
|
| +using net::URLRequestContextGetter;
|
| +using net::URLRequestStatus;
|
| +
|
| +namespace {
|
| +static const char kAuthorizationHeaderFormat[] =
|
| + "Authorization: Bearer %s";
|
| +static const char kOAuth2IssueTokenBodyFormat[] =
|
| + "force=true"
|
| + "&response_type=token"
|
| + "&scope=%s"
|
| + "&client_id=%s"
|
| + "&origin=%s";
|
| +static const char kAccessTokenKey[] = "token";
|
| +
|
| +static GoogleServiceAuthError CreateAuthError(URLRequestStatus status) {
|
| + CHECK(!status.is_success());
|
| + if (status.status() == URLRequestStatus::CANCELED) {
|
| + return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED);
|
| + } else {
|
| + DLOG(WARNING) << "Could not reach Google Accounts servers: errno "
|
| + << status.error();
|
| + return GoogleServiceAuthError::FromConnectionError(status.error());
|
| + }
|
| +}
|
| +
|
| +static URLFetcher* CreateFetcher(URLRequestContextGetter* getter,
|
| + const GURL& url,
|
| + const std::string& headers,
|
| + const std::string& body,
|
| + URLFetcherDelegate* delegate) {
|
| + bool empty_body = body.empty();
|
| + URLFetcher* result = URLFetcher::Create(
|
| + 0, url,
|
| + empty_body ? URLFetcher::GET : URLFetcher::POST,
|
| + delegate);
|
| +
|
| + result->SetRequestContext(getter);
|
| + result->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
|
| + net::LOAD_DO_NOT_SAVE_COOKIES);
|
| +
|
| + if (!empty_body)
|
| + result->SetUploadData("application/x-www-form-urlencoded", body);
|
| + if (!headers.empty())
|
| + result->SetExtraRequestHeaders(headers);
|
| +
|
| + return result;
|
| +}
|
| +} // namespace
|
| +
|
| +OAuth2MintTokenFetcher::OAuth2MintTokenFetcher(
|
| + OAuth2MintTokenConsumer* consumer,
|
| + URLRequestContextGetter* getter,
|
| + const std::string& source)
|
| + : consumer_(consumer),
|
| + getter_(getter),
|
| + source_(source),
|
| + state_(INITIAL) { }
|
| +
|
| +OAuth2MintTokenFetcher::~OAuth2MintTokenFetcher() { }
|
| +
|
| +void OAuth2MintTokenFetcher::CancelRequest() {
|
| + fetcher_.reset();
|
| +}
|
| +
|
| +void OAuth2MintTokenFetcher::Start(const std::string& oauth_login_access_token,
|
| + const std::string& client_id,
|
| + const std::vector<std::string>& scopes,
|
| + const std::string& origin) {
|
| + oauth_login_access_token_ = oauth_login_access_token;
|
| + client_id_ = client_id;
|
| + scopes_ = scopes;
|
| + origin_ = origin;
|
| + StartMintToken();
|
| +}
|
| +
|
| +void OAuth2MintTokenFetcher::StartMintToken() {
|
| + CHECK_EQ(INITIAL, state_);
|
| + state_ = MINT_TOKEN_STARTED;
|
| + fetcher_.reset(CreateFetcher(
|
| + getter_,
|
| + MakeMintTokenUrl(),
|
| + MakeMintTokenHeader(oauth_login_access_token_),
|
| + MakeMintTokenBody(client_id_, scopes_, origin_),
|
| + this));
|
| + fetcher_->Start(); // OnURLFetchComplete will be called.
|
| +}
|
| +
|
| +void OAuth2MintTokenFetcher::EndMintToken(const URLFetcher* source) {
|
| + CHECK_EQ(MINT_TOKEN_STARTED, state_);
|
| + state_ = MINT_TOKEN_DONE;
|
| +
|
| + URLRequestStatus status = source->GetStatus();
|
| + if (!status.is_success()) {
|
| + OnMintTokenFailure(CreateAuthError(status));
|
| + return;
|
| + }
|
| +
|
| + if (source->GetResponseCode() != net::HTTP_OK) {
|
| + OnMintTokenFailure(GoogleServiceAuthError(
|
| + GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS));
|
| + return;
|
| + }
|
| +
|
| + // The request was successfully fetched and it returned OK.
|
| + // Parse out the access token.
|
| + std::string access_token;
|
| + ParseMintTokenResponse(source, &access_token);
|
| + OnMintTokenSuccess(access_token);
|
| +}
|
| +
|
| +void OAuth2MintTokenFetcher::OnMintTokenSuccess(
|
| + const std::string& access_token) {
|
| + consumer_->OnMintTokenSuccess(access_token);
|
| +}
|
| +
|
| +void OAuth2MintTokenFetcher::OnMintTokenFailure(GoogleServiceAuthError error) {
|
| + state_ = ERROR_STATE;
|
| + consumer_->OnMintTokenFailure(error);
|
| +}
|
| +
|
| +void OAuth2MintTokenFetcher::OnURLFetchComplete(const URLFetcher* source) {
|
| + CHECK(source);
|
| + CHECK_EQ(MINT_TOKEN_STARTED, state_);
|
| + EndMintToken(source);
|
| +}
|
| +
|
| +// static
|
| +GURL OAuth2MintTokenFetcher::MakeMintTokenUrl() {
|
| + return GURL(GaiaUrls::GetInstance()->oauth2_issue_token_url());
|
| +}
|
| +
|
| +// static
|
| +std::string OAuth2MintTokenFetcher::MakeMintTokenHeader(
|
| + const std::string& access_token) {
|
| + return StringPrintf(kAuthorizationHeaderFormat, access_token.c_str());
|
| +}
|
| +
|
| +// static
|
| +std::string OAuth2MintTokenFetcher::MakeMintTokenBody(
|
| + const std::string& client_id,
|
| + const std::vector<std::string>& scopes,
|
| + const std::string& origin) {
|
| + return StringPrintf(
|
| + kOAuth2IssueTokenBodyFormat,
|
| + net::EscapeUrlEncodedData(JoinString(scopes, ','), true).c_str(),
|
| + net::EscapeUrlEncodedData(client_id, true).c_str(),
|
| + net::EscapeUrlEncodedData(origin, true).c_str());
|
| +}
|
| +
|
| +// static
|
| +bool OAuth2MintTokenFetcher::ParseMintTokenResponse(
|
| + const URLFetcher* source,
|
| + std::string* access_token) {
|
| + CHECK(source);
|
| + CHECK(access_token);
|
| + std::string data;
|
| + source->GetResponseAsString(&data);
|
| + base::JSONReader reader;
|
| + scoped_ptr<base::Value> value(reader.Read(data, false));
|
| + if (!value.get() || value->GetType() != base::Value::TYPE_DICTIONARY)
|
| + return false;
|
| +
|
| + DictionaryValue* dict = static_cast<DictionaryValue*>(value.get());
|
| + return dict->GetString(kAccessTokenKey, access_token);
|
| +}
|
|
|
Chromium Code Reviews
Issue 9549013:
Add code to mint OAuth tokens from login-scoped OAuth token. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/