| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/gaia/gaia_oauth_fetcher.h" | 5 #include "chrome/browser/net/gaia/gaia_oauth_fetcher.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 | 42 |
| 43 static const char kOAuthWrapBridgeUserInfoScope[] = | 43 static const char kOAuthWrapBridgeUserInfoScope[] = |
| 44 "https://www.googleapis.com/auth/userinfo.email"; | 44 "https://www.googleapis.com/auth/userinfo.email"; |
| 45 | 45 |
| 46 static const char kOAuth1LoginScope[] = | 46 static const char kOAuth1LoginScope[] = |
| 47 "https://www.google.com/accounts/OAuthLogin"; | 47 "https://www.google.com/accounts/OAuthLogin"; |
| 48 | 48 |
| 49 static const char kUserInfoUrl[] = | 49 static const char kUserInfoUrl[] = |
| 50 "https://www.googleapis.com/oauth2/v1/userinfo"; | 50 "https://www.googleapis.com/oauth2/v1/userinfo"; |
| 51 | 51 |
| 52 static const char kRevokeTokenUrl[] = |
| 53 "https://www.google.com/accounts/AuthSubRevokeToken"; |
| 54 |
| 52 static const char kOAuthTokenCookie[] = "oauth_token"; | 55 static const char kOAuthTokenCookie[] = "oauth_token"; |
| 53 | 56 |
| 54 GaiaOAuthFetcher::GaiaOAuthFetcher(GaiaOAuthConsumer* consumer, | 57 GaiaOAuthFetcher::GaiaOAuthFetcher(GaiaOAuthConsumer* consumer, |
| 55 net::URLRequestContextGetter* getter, | 58 net::URLRequestContextGetter* getter, |
| 56 Profile* profile, | 59 Profile* profile, |
| 57 const std::string& service_scope) | 60 const std::string& service_scope) |
| 58 : consumer_(consumer), | 61 : consumer_(consumer), |
| 59 getter_(getter), | 62 getter_(getter), |
| 60 profile_(profile), | 63 profile_(profile), |
| 61 popup_(NULL), | 64 popup_(NULL), |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 119 // static | 122 // static |
| 120 std::string GaiaOAuthFetcher::MakeOAuthLoginBody( | 123 std::string GaiaOAuthFetcher::MakeOAuthLoginBody( |
| 121 const char* source, | 124 const char* source, |
| 122 const char* service, | 125 const char* service, |
| 123 const std::string& oauth1_access_token, | 126 const std::string& oauth1_access_token, |
| 124 const std::string& oauth1_access_token_secret) { | 127 const std::string& oauth1_access_token_secret) { |
| 125 OAuthRequestSigner::Parameters parameters; | 128 OAuthRequestSigner::Parameters parameters; |
| 126 parameters["service"] = service; | 129 parameters["service"] = service; |
| 127 parameters["source"] = source; | 130 parameters["source"] = source; |
| 128 std::string signed_request; | 131 std::string signed_request; |
| 129 bool is_signed = OAuthRequestSigner::Sign( | 132 bool is_signed = OAuthRequestSigner::SignURL( |
| 130 GURL(kOAuth1LoginScope), | 133 GURL(kOAuth1LoginScope), |
| 131 parameters, | 134 parameters, |
| 132 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, | 135 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, |
| 133 OAuthRequestSigner::POST_METHOD, | 136 OAuthRequestSigner::POST_METHOD, |
| 134 "anonymous", // oauth_consumer_key | 137 "anonymous", // oauth_consumer_key |
| 135 "anonymous", // consumer secret | 138 "anonymous", // consumer secret |
| 136 oauth1_access_token, // oauth_token | 139 oauth1_access_token, // oauth_token |
| 137 oauth1_access_token_secret, // token secret | 140 oauth1_access_token_secret, // token secret |
| 138 &signed_request); | 141 &signed_request); |
| 139 DCHECK(is_signed); | 142 DCHECK(is_signed); |
| 140 return signed_request; | 143 return signed_request; |
| 141 } | 144 } |
| 142 | 145 |
| 143 // static | 146 // static |
| 144 std::string GaiaOAuthFetcher::MakeOAuthGetAccessTokenBody( | 147 std::string GaiaOAuthFetcher::MakeOAuthGetAccessTokenBody( |
| 145 const std::string& oauth1_request_token) { | 148 const std::string& oauth1_request_token) { |
| 146 OAuthRequestSigner::Parameters empty_parameters; | 149 OAuthRequestSigner::Parameters empty_parameters; |
| 147 std::string signed_request; | 150 std::string signed_request; |
| 148 bool is_signed = OAuthRequestSigner::Sign( | 151 bool is_signed = OAuthRequestSigner::SignURL( |
| 149 GURL(kOAuthGetAccessTokenUrl), | 152 GURL(kOAuthGetAccessTokenUrl), |
| 150 empty_parameters, | 153 empty_parameters, |
| 151 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, | 154 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, |
| 152 OAuthRequestSigner::POST_METHOD, | 155 OAuthRequestSigner::POST_METHOD, |
| 153 "anonymous", // oauth_consumer_key | 156 "anonymous", // oauth_consumer_key |
| 154 "anonymous", // consumer secret | 157 "anonymous", // consumer secret |
| 155 oauth1_request_token, // oauth_token | 158 oauth1_request_token, // oauth_token |
| 156 "", // token secret | 159 "", // token secret |
| 157 &signed_request); | 160 &signed_request); |
| 158 DCHECK(is_signed); | 161 DCHECK(is_signed); |
| 159 return signed_request; | 162 return signed_request; |
| 160 } | 163 } |
| 161 | 164 |
| 162 // static | 165 // static |
| 163 std::string GaiaOAuthFetcher::MakeOAuthWrapBridgeBody( | 166 std::string GaiaOAuthFetcher::MakeOAuthWrapBridgeBody( |
| 164 const std::string& oauth1_access_token, | 167 const std::string& oauth1_access_token, |
| 165 const std::string& oauth1_access_token_secret, | 168 const std::string& oauth1_access_token_secret, |
| 166 const std::string& wrap_token_duration, | 169 const std::string& wrap_token_duration, |
| 167 const std::string& oauth2_scope) { | 170 const std::string& oauth2_scope) { |
| 168 OAuthRequestSigner::Parameters parameters; | 171 OAuthRequestSigner::Parameters parameters; |
| 169 parameters["wrap_token_duration"] = wrap_token_duration; | 172 parameters["wrap_token_duration"] = wrap_token_duration; |
| 170 parameters["wrap_scope"] = oauth2_scope; | 173 parameters["wrap_scope"] = oauth2_scope; |
| 171 std::string signed_request; | 174 std::string signed_request; |
| 172 bool is_signed = OAuthRequestSigner::Sign( | 175 bool is_signed = OAuthRequestSigner::SignURL( |
| 173 GURL(kOAuthWrapBridgeUrl), | 176 GURL(kOAuthWrapBridgeUrl), |
| 174 parameters, | 177 parameters, |
| 175 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, | 178 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, |
| 176 OAuthRequestSigner::POST_METHOD, | 179 OAuthRequestSigner::POST_METHOD, |
| 177 "anonymous", // oauth_consumer_key | 180 "anonymous", // oauth_consumer_key |
| 178 "anonymous", // consumer secret | 181 "anonymous", // consumer secret |
| 179 oauth1_access_token, // oauth_token | 182 oauth1_access_token, // oauth_token |
| 180 oauth1_access_token_secret, // token secret | 183 oauth1_access_token_secret, // token secret |
| 181 &signed_request); | 184 &signed_request); |
| 182 DCHECK(is_signed); | 185 DCHECK(is_signed); |
| (...skipping 257 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 440 fetcher_.reset(CreateGaiaFetcher(getter_, | 443 fetcher_.reset(CreateGaiaFetcher(getter_, |
| 441 GURL(kUserInfoUrl), | 444 GURL(kUserInfoUrl), |
| 442 request_body_, | 445 request_body_, |
| 443 request_headers_, | 446 request_headers_, |
| 444 false, | 447 false, |
| 445 this)); | 448 this)); |
| 446 fetch_pending_ = true; | 449 fetch_pending_ = true; |
| 447 fetcher_->Start(); | 450 fetcher_->Start(); |
| 448 } | 451 } |
| 449 | 452 |
| 453 void GaiaOAuthFetcher::StartOAuthRevokeAccessToken(const std::string& token, |
| 454 const std::string& secret) { |
| 455 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!"; |
| 456 |
| 457 // Must outlive fetcher_. |
| 458 request_body_ = ""; |
| 459 |
| 460 OAuthRequestSigner::Parameters empty_parameters; |
| 461 std::string auth_header; |
| 462 GURL url(kRevokeTokenUrl); |
| 463 bool is_signed = OAuthRequestSigner::SignAuthHeader( |
| 464 url, |
| 465 empty_parameters, |
| 466 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, |
| 467 OAuthRequestSigner::GET_METHOD, |
| 468 "anonymous", |
| 469 "anonymous", |
| 470 token, |
| 471 secret, |
| 472 &auth_header); |
| 473 DCHECK(is_signed); |
| 474 request_headers_ = "Authorization: " + auth_header; |
| 475 fetcher_.reset(CreateGaiaFetcher(getter_, url, request_body_, |
| 476 request_headers_, false, this)); |
| 477 fetch_pending_ = true; |
| 478 fetcher_->Start(); |
| 479 } |
| 480 |
| 481 void GaiaOAuthFetcher::StartOAuthRevokeWrapToken(const std::string& token) { |
| 482 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!"; |
| 483 |
| 484 // Must outlive fetcher_. |
| 485 request_body_ = ""; |
| 486 |
| 487 request_headers_ = "Authorization: Bearer " + token; |
| 488 GURL url(kRevokeTokenUrl); |
| 489 fetcher_.reset(CreateGaiaFetcher(getter_, url, request_body_, |
| 490 request_headers_, false, this)); |
| 491 fetch_pending_ = true; |
| 492 fetcher_->Start(); |
| 493 } |
| 494 |
| 450 // static | 495 // static |
| 451 GoogleServiceAuthError GaiaOAuthFetcher::GenerateAuthError( | 496 GoogleServiceAuthError GaiaOAuthFetcher::GenerateAuthError( |
| 452 const std::string& data, | 497 const std::string& data, |
| 453 const net::URLRequestStatus& status) { | 498 const net::URLRequestStatus& status) { |
| 454 if (!status.is_success()) { | 499 if (!status.is_success()) { |
| 455 if (status.status() == net::URLRequestStatus::CANCELED) { | 500 if (status.status() == net::URLRequestStatus::CANCELED) { |
| 456 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED); | 501 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED); |
| 457 } else { | 502 } else { |
| 458 LOG(WARNING) << "Could not reach Google Accounts servers: errno " | 503 LOG(WARNING) << "Could not reach Google Accounts servers: errno " |
| 459 << status.os_error(); | 504 << status.os_error(); |
| (...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 610 ParseOAuthWrapBridgeResponse(data, &token, &expires_in); | 655 ParseOAuthWrapBridgeResponse(data, &token, &expires_in); |
| 611 consumer_->OnOAuthWrapBridgeSuccess(service_scope_, token, expires_in); | 656 consumer_->OnOAuthWrapBridgeSuccess(service_scope_, token, expires_in); |
| 612 if (ShouldAutoFetch(USER_INFO)) | 657 if (ShouldAutoFetch(USER_INFO)) |
| 613 StartUserInfo(token); | 658 StartUserInfo(token); |
| 614 } else { | 659 } else { |
| 615 consumer_->OnOAuthWrapBridgeFailure(service_scope_, | 660 consumer_->OnOAuthWrapBridgeFailure(service_scope_, |
| 616 GenerateAuthError(data, status)); | 661 GenerateAuthError(data, status)); |
| 617 } | 662 } |
| 618 } | 663 } |
| 619 | 664 |
| 665 void GaiaOAuthFetcher::OnOAuthRevokeTokenFetched( |
| 666 const std::string& data, |
| 667 const net::URLRequestStatus& status, |
| 668 int response_code) { |
| 669 if (status.is_success() && response_code == RC_REQUEST_OK) { |
| 670 consumer_->OnOAuthRevokeTokenSuccess(); |
| 671 } else { |
| 672 LOG(ERROR) << "Token revocation failure " << response_code << ": " << data; |
| 673 consumer_->OnOAuthRevokeTokenFailure(GenerateAuthError(data, status)); |
| 674 } |
| 675 } |
| 676 |
| 620 void GaiaOAuthFetcher::OnUserInfoFetched( | 677 void GaiaOAuthFetcher::OnUserInfoFetched( |
| 621 const std::string& data, | 678 const std::string& data, |
| 622 const net::URLRequestStatus& status, | 679 const net::URLRequestStatus& status, |
| 623 int response_code) { | 680 int response_code) { |
| 624 if (status.is_success() && response_code == RC_REQUEST_OK) { | 681 if (status.is_success() && response_code == RC_REQUEST_OK) { |
| 625 std::string email; | 682 std::string email; |
| 626 ParseUserInfoResponse(data, &email); | 683 ParseUserInfoResponse(data, &email); |
| 627 VLOG(1) << "GAIA user info fetched for " << email << "."; | 684 VLOG(1) << "GAIA user info fetched for " << email << "."; |
| 628 consumer_->OnUserInfoSuccess(email); | 685 consumer_->OnUserInfoSuccess(email); |
| 629 } else { | 686 } else { |
| (...skipping 13 matching lines...) Expand all Loading... |
| 643 if (StartsWithASCII(url.spec(), kGetOAuthTokenUrl, true)) { | 700 if (StartsWithASCII(url.spec(), kGetOAuthTokenUrl, true)) { |
| 644 OnGetOAuthTokenUrlFetched(cookies, status, response_code); | 701 OnGetOAuthTokenUrlFetched(cookies, status, response_code); |
| 645 } else if (url.spec() == kOAuth1LoginScope) { | 702 } else if (url.spec() == kOAuth1LoginScope) { |
| 646 OnOAuthLoginFetched(data, status, response_code); | 703 OnOAuthLoginFetched(data, status, response_code); |
| 647 } else if (url.spec() == kOAuthGetAccessTokenUrl) { | 704 } else if (url.spec() == kOAuthGetAccessTokenUrl) { |
| 648 OnOAuthGetAccessTokenFetched(data, status, response_code); | 705 OnOAuthGetAccessTokenFetched(data, status, response_code); |
| 649 } else if (url.spec() == kOAuthWrapBridgeUrl) { | 706 } else if (url.spec() == kOAuthWrapBridgeUrl) { |
| 650 OnOAuthWrapBridgeFetched(data, status, response_code); | 707 OnOAuthWrapBridgeFetched(data, status, response_code); |
| 651 } else if (url.spec() == kUserInfoUrl) { | 708 } else if (url.spec() == kUserInfoUrl) { |
| 652 OnUserInfoFetched(data, status, response_code); | 709 OnUserInfoFetched(data, status, response_code); |
| 710 } else if (StartsWithASCII(url.spec(), kRevokeTokenUrl, true)) { |
| 711 OnOAuthRevokeTokenFetched(data, status, response_code); |
| 653 } else { | 712 } else { |
| 654 NOTREACHED(); | 713 NOTREACHED(); |
| 655 } | 714 } |
| 656 } | 715 } |
| 657 | 716 |
| 658 bool GaiaOAuthFetcher::ShouldAutoFetch(AutoFetchLimit fetch_step) { | 717 bool GaiaOAuthFetcher::ShouldAutoFetch(AutoFetchLimit fetch_step) { |
| 659 return fetch_step <= auto_fetch_limit_; | 718 return fetch_step <= auto_fetch_limit_; |
| 660 } | 719 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8248002:
Merge 103908 - Extend GaiaOAuthFetcher with support for revoking tokens. (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/874/src/