Pre- and Auto-login should not log the user out of an already signed in

chrome/common/net/gaia/gaia_auth_fetcher.cc

Index: chrome/common/net/gaia/gaia_auth_fetcher.cc
===================================================================
--- chrome/common/net/gaia/gaia_auth_fetcher.cc	(revision 95804)
+++ chrome/common/net/gaia/gaia_auth_fetcher.cc	(working copy)
@@ -54,6 +54,11 @@
     "auth=%s&"
     "continue=%s&"
     "source=%s";
+// static
+const char GaiaAuthFetcher::kMergeSessionFormat[] =
+    "uberauth=%s&"
+    "continue=%s&"
+    "source=%s";
 
 // static
 const char GaiaAuthFetcher::kAccountDeletedError[] = "AccountDeleted";
@@ -104,6 +109,7 @@
       issue_auth_token_gurl_(GaiaUrls::GetInstance()->issue_auth_token_url()),
       get_user_info_gurl_(GaiaUrls::GetInstance()->get_user_info_url()),
       token_auth_gurl_(GaiaUrls::GetInstance()->token_auth_url()),
+      merge_session_gurl_(GaiaUrls::GetInstance()->merge_session_url()),
       fetch_pending_(false) {}
 
 GaiaAuthFetcher::~GaiaAuthFetcher() {}
@@ -123,14 +129,25 @@
     const std::string& body,
     const GURL& gaia_gurl,
     URLFetcher::Delegate* delegate) {
+  return CreateGaiaFetcherWithFlags(getter, body, gaia_gurl,
+                                    net::LOAD_DO_NOT_SEND_COOKIES, delegate);
+}
 
+// static
+URLFetcher* GaiaAuthFetcher::CreateGaiaFetcherWithFlags(
+    net::URLRequestContextGetter* getter,
+    const std::string& body,
+    const GURL& gaia_gurl,
+    int flags,
+    URLFetcher::Delegate* delegate) {
+
   URLFetcher* to_return =
       URLFetcher::Create(0,
                          gaia_gurl,
                          URLFetcher::POST,
                          delegate);
   to_return->set_request_context(getter);
-  to_return->set_load_flags(net::LOAD_DO_NOT_SEND_COOKIES);
+  to_return->set_load_flags(flags);
   to_return->set_upload_data("application/x-www-form-urlencoded", body);
   return to_return;
 }
@@ -213,6 +230,20 @@
                             encoded_source.c_str());
 }
 
+// static
+std::string GaiaAuthFetcher::MakeMergeSessionBody(
+    const std::string& auth_token,
+    const std::string& continue_url,
+    const std::string& source) {
+  std::string encoded_auth_token = EscapeUrlEncodedData(auth_token, true);
+  std::string encoded_continue_url = EscapeUrlEncodedData(continue_url, true);
+  std::string encoded_source = EscapeUrlEncodedData(source, true);
+  return base::StringPrintf(kMergeSessionFormat,
+                            encoded_auth_token.c_str(),
+                            encoded_continue_url.c_str(),
+                            encoded_source.c_str());
+}
+
 // Helper method that extracts tokens from a successful reply.
 // static
 void GaiaAuthFetcher::ParseClientLoginResponse(const std::string& data,
@@ -342,6 +373,30 @@
   fetcher_->Start();
 }
 
+void GaiaAuthFetcher::StartMergeSession(const std::string& auth_token) {
+  DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";
+
+  VLOG(1) << "Starting MergeSession with auth_token=" << auth_token;
+
+  // The continue URL is a required parameter of the MergeSession API, but in
+  // this case we don't actually need or want to navigate to it.  Setting it to
+  // an arbitrary Google URL.
+  //
+  // In order for the new session to be merged correctly, the server needs to
+  // know what sessions already exist in the browser.  The fecther needs to be

[Rick Campbell, 2011/08/08 21:24:51]

TYPO: fetcher

[Roger Tawa OOO till Jul 10th, 2011/08/09 20:50:49]

Done.

+  // created such that it sends the cookies with the request, which is
+  // different from all other requests the fetcher can make.
+  std::string continue_url("http://www.google.com");
+  request_body_ = MakeMergeSessionBody(auth_token, continue_url, source_);
+  fetcher_.reset(CreateGaiaFetcherWithFlags(getter_,
+                                            request_body_,
+                                            merge_session_gurl_,
+                                            net::LOAD_NORMAL,

[Rick Campbell, 2011/08/08 21:24:51]

Just looping back to my comment about preferring a boolean "send_cookies" rather
than the more generic flags, I note in passing the use of net::LOAD_NORMAL here.
 This highlights that what is normal for most URL fetchers is abnormal in
auth-related use, and might even warrant a comment calling this out to avoid
reader confusion.

The similar mechanism in GaiaOAuthFetcher tests send_cookies to determine
whether to call set_load_flags.  This has the nice side-effect that it never
uses net::LOAD_NORMAL for that abnormal case and highlights that the cookies are
the only reason that flags are set.

[Roger Tawa OOO till Jul 10th, 2011/08/09 20:50:49]

Done.

+                                            this));
+  fetch_pending_ = true;
+  fetcher_->Start();
+}
+
 // static
 GoogleServiceAuthError GaiaAuthFetcher::GenerateAuthError(
     const std::string& data,
@@ -512,6 +567,16 @@
   }
 }
 
+void GaiaAuthFetcher::OnMergeSessionFetched(const std::string& data,
+                                            const net::URLRequestStatus& status,
+                                            int response_code) {
+  if (status.is_success() && response_code == RC_REQUEST_OK) {
+    consumer_->OnMergeSessionSuccess(data);
+  } else {
+    consumer_->OnMergeSessionFailure(GenerateAuthError(data, status));
+  }
+}
+
 void GaiaAuthFetcher::OnURLFetchComplete(const URLFetcher* source,
                                          const GURL& url,
                                          const net::URLRequestStatus& status,
@@ -527,6 +592,10 @@
     OnGetUserInfoFetched(data, status, response_code);
   } else if (url == token_auth_gurl_) {
     OnTokenAuthFetched(data, status, response_code);
+  } else if (url == merge_session_gurl_ ||
+      (source && source->original_url() == merge_session_gurl_)) {
+    // MergeSession may redirect, so check the original URL of the fetcher.
+    OnMergeSessionFetched(data, status, response_code);
   } else {
     NOTREACHED();
   }