OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_ | 5 #ifndef CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_ |
6 #define CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_ | 6 #define CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <vector> | |
10 | 11 |
11 #include "base/gtest_prod_util.h" | 12 #include "base/gtest_prod_util.h" |
12 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
13 #include "chrome/common/net/gaia/gaia_auth_consumer.h" | 14 #include "chrome/common/net/gaia/gaia_auth_consumer.h" |
14 #include "content/public/common/url_fetcher_delegate.h" | 15 #include "content/public/common/url_fetcher_delegate.h" |
15 #include "googleurl/src/gurl.h" | 16 #include "googleurl/src/gurl.h" |
16 | 17 |
17 // Authenticate a user against the Google Accounts ClientLogin API | 18 // Authenticate a user against the Google Accounts ClientLogin API |
18 // with various capabilities and return results to a GaiaAuthConsumer. | 19 // with various capabilities and return results to a GaiaAuthConsumer. |
19 // | 20 // |
20 // In the future, we will also issue auth tokens from this class. | 21 // In the future, we will also issue auth tokens from this class. |
21 // This class should be used on a single thread, but it can be whichever thread | 22 // This class should be used on a single thread, but it can be whichever thread |
22 // that you like. | 23 // that you like. |
23 // | 24 // |
24 // This class can handle one request at a time. To parallelize requests, | 25 // This class can handle one request at a time. To parallelize requests, |
25 // create multiple GaiaAuthFetcher's. | 26 // create multiple GaiaAuthFetcher's. |
26 | 27 |
27 class GaiaAuthFetcherTest; | 28 class GaiaAuthFetcherTest; |
28 | 29 |
29 namespace net { | 30 namespace net { |
30 class URLRequestContextGetter; | 31 class URLRequestContextGetter; |
31 class URLRequestStatus; | 32 class URLRequestStatus; |
33 typedef std::vector<std::string> ResponseCookies; | |
32 } | 34 } |
33 | 35 |
34 class GaiaAuthFetcher : public content::URLFetcherDelegate { | 36 class GaiaAuthFetcher : public content::URLFetcherDelegate { |
35 public: | 37 public: |
36 enum HostedAccountsSetting { | 38 enum HostedAccountsSetting { |
37 HostedAccountsAllowed, | 39 HostedAccountsAllowed, |
38 HostedAccountsNotAllowed | 40 HostedAccountsNotAllowed |
39 }; | 41 }; |
40 | 42 |
41 // Magic string indicating that, while a second factor is still | 43 // Magic string indicating that, while a second factor is still |
(...skipping 17 matching lines...) Expand all Loading... | |
59 const std::string& login_captcha, | 61 const std::string& login_captcha, |
60 HostedAccountsSetting allow_hosted_accounts); | 62 HostedAccountsSetting allow_hosted_accounts); |
61 | 63 |
62 // GaiaAuthConsumer will be called on the original thread | 64 // GaiaAuthConsumer will be called on the original thread |
63 // after results come back. This class is thread agnostic. | 65 // after results come back. This class is thread agnostic. |
64 // You can't make more than one request at a time. | 66 // You can't make more than one request at a time. |
65 void StartIssueAuthToken(const std::string& sid, | 67 void StartIssueAuthToken(const std::string& sid, |
66 const std::string& lsid, | 68 const std::string& lsid, |
67 const char* const service); | 69 const char* const service); |
68 | 70 |
71 // Start fetching OAuth login scoped token from the given ClientLogin token | |
72 // for "lso" service. | |
73 // Either OnOAuthLoginTokenSuccess or OnOAuthLoginTokenFailure method will be | |
74 // called on the consumer with results. | |
75 void StartOAuthLoginTokenFetch(const std::string& auth_token); | |
76 | |
69 // Start a request to get a particular key from user info. | 77 // Start a request to get a particular key from user info. |
70 // GaiaAuthConsumer will be called back on the same thread when | 78 // GaiaAuthConsumer will be called back on the same thread when |
71 // results come back. | 79 // results come back. |
72 // You can't make more than one request at a time. | 80 // You can't make more than one request at a time. |
73 void StartGetUserInfo(const std::string& lsid, | 81 void StartGetUserInfo(const std::string& lsid, |
74 const std::string& info_key); | 82 const std::string& info_key); |
75 | 83 |
76 // Start a TokenAuth request to pre-login the user with the given credentials. | 84 // Start a TokenAuth request to pre-login the user with the given credentials. |
77 void StartTokenAuth(const std::string& auth_token); | 85 void StartTokenAuth(const std::string& auth_token); |
78 | 86 |
(...skipping 23 matching lines...) Expand all Loading... | |
102 static const char kCookiePersistence[]; | 110 static const char kCookiePersistence[]; |
103 static const char kAccountTypeHostedOrGoogle[]; | 111 static const char kAccountTypeHostedOrGoogle[]; |
104 static const char kAccountTypeGoogle[]; | 112 static const char kAccountTypeGoogle[]; |
105 | 113 |
106 // The format of the POST body for ClientLogin. | 114 // The format of the POST body for ClientLogin. |
107 static const char kClientLoginFormat[]; | 115 static const char kClientLoginFormat[]; |
108 // The format of said POST body when CAPTCHA token & answer are specified. | 116 // The format of said POST body when CAPTCHA token & answer are specified. |
109 static const char kClientLoginCaptchaFormat[]; | 117 static const char kClientLoginCaptchaFormat[]; |
110 // The format of the POST body for IssueAuthToken. | 118 // The format of the POST body for IssueAuthToken. |
111 static const char kIssueAuthTokenFormat[]; | 119 static const char kIssueAuthTokenFormat[]; |
120 // The format of the POST body to get OAuth2 auth code from auth token. | |
Rick Campbell
2011/11/22 21:32:57
Just because there are so many similar names and o
Munjal (Google)
2011/11/22 22:05:58
Done.
| |
121 static const char kGetAuthCodeBodyFormat[]; | |
122 // The format of the POST body to get OAuth2 token pair from auth code. | |
123 static const char kGetTokenPairBodyFormat[]; | |
112 // The format of the POST body for GetUserInfo. | 124 // The format of the POST body for GetUserInfo. |
113 static const char kGetUserInfoFormat[]; | 125 static const char kGetUserInfoFormat[]; |
114 // The format of the POST body for TokenAuth. | 126 // The format of the POST body for TokenAuth. |
115 static const char kTokenAuthFormat[]; | 127 static const char kTokenAuthFormat[]; |
116 // The format of the POST body for MergeSession. | 128 // The format of the POST body for MergeSession. |
117 static const char kMergeSessionFormat[]; | 129 static const char kMergeSessionFormat[]; |
118 | 130 |
119 // Constants for parsing ClientLogin errors. | 131 // Constants for parsing ClientLogin errors. |
120 static const char kAccountDeletedError[]; | 132 static const char kAccountDeletedError[]; |
121 static const char kAccountDeletedErrorCode[]; | 133 static const char kAccountDeletedErrorCode[]; |
122 static const char kAccountDisabledError[]; | 134 static const char kAccountDisabledError[]; |
123 static const char kAccountDisabledErrorCode[]; | 135 static const char kAccountDisabledErrorCode[]; |
124 static const char kBadAuthenticationError[]; | 136 static const char kBadAuthenticationError[]; |
125 static const char kBadAuthenticationErrorCode[]; | 137 static const char kBadAuthenticationErrorCode[]; |
126 static const char kCaptchaError[]; | 138 static const char kCaptchaError[]; |
127 static const char kCaptchaErrorCode[]; | 139 static const char kCaptchaErrorCode[]; |
128 static const char kServiceUnavailableError[]; | 140 static const char kServiceUnavailableError[]; |
129 static const char kServiceUnavailableErrorCode[]; | 141 static const char kServiceUnavailableErrorCode[]; |
130 static const char kErrorParam[]; | 142 static const char kErrorParam[]; |
131 static const char kErrorUrlParam[]; | 143 static const char kErrorUrlParam[]; |
132 static const char kCaptchaUrlParam[]; | 144 static const char kCaptchaUrlParam[]; |
133 static const char kCaptchaTokenParam[]; | 145 static const char kCaptchaTokenParam[]; |
134 | 146 |
147 // Constants for request/response for OAtuh2 requests. | |
Rick Campbell
2011/11/22 21:32:57
Similarly here, I'd like to see OAuth2 in the name
Munjal (Google)
2011/11/22 22:05:58
Done.
Note that I did not rename kAuthHeaderForma
| |
148 static const char kAuthHeaderFormat[]; | |
149 static const char kAuthCodeCookiePartSecure[]; | |
150 static const char kAuthCodeCookiePartHttpOnly[]; | |
151 static const char kAuthCodeCookiePartCodePrefix[]; | |
152 static const int kAuthCodeCookiePartCodePrefixLength; | |
153 static const char kRefreshTokenKey[]; | |
154 static const char kAccessTokenKey[]; | |
155 static const char kExpiresInKey[]; | |
156 | |
135 // Process the results of a ClientLogin fetch. | 157 // Process the results of a ClientLogin fetch. |
136 void OnClientLoginFetched(const std::string& data, | 158 void OnClientLoginFetched(const std::string& data, |
137 const net::URLRequestStatus& status, | 159 const net::URLRequestStatus& status, |
138 int response_code); | 160 int response_code); |
139 | 161 |
140 void OnIssueAuthTokenFetched(const std::string& data, | 162 void OnIssueAuthTokenFetched(const std::string& data, |
141 const net::URLRequestStatus& status, | 163 const net::URLRequestStatus& status, |
142 int response_code); | 164 int response_code); |
143 | 165 |
166 void OnGetAuthCodeFetched(const std::string& data, | |
Rick Campbell
2011/11/22 21:32:57
Maybe OnGetOAuth2CodeFetched?
Munjal (Google)
2011/11/22 22:05:58
Done.
| |
167 const net::ResponseCookies& cookies, | |
168 const net::URLRequestStatus& status, | |
169 int response_code); | |
170 | |
171 void OnGetTokenPairFetched(const std::string& data, | |
172 const net::URLRequestStatus& status, | |
173 int response_code); | |
174 | |
144 void OnGetUserInfoFetched(const std::string& data, | 175 void OnGetUserInfoFetched(const std::string& data, |
145 const net::URLRequestStatus& status, | 176 const net::URLRequestStatus& status, |
146 int response_code); | 177 int response_code); |
147 | 178 |
148 void OnTokenAuthFetched(const std::string& data, | 179 void OnTokenAuthFetched(const std::string& data, |
149 const net::URLRequestStatus& status, | 180 const net::URLRequestStatus& status, |
150 int response_code); | 181 int response_code); |
151 | 182 |
152 void OnMergeSessionFetched(const std::string& data, | 183 void OnMergeSessionFetched(const std::string& data, |
153 const net::URLRequestStatus& status, | 184 const net::URLRequestStatus& status, |
154 int response_code); | 185 int response_code); |
155 | 186 |
156 // Tokenize the results of a ClientLogin fetch. | 187 // Tokenize the results of a ClientLogin fetch. |
157 static void ParseClientLoginResponse(const std::string& data, | 188 static void ParseClientLoginResponse(const std::string& data, |
158 std::string* sid, | 189 std::string* sid, |
159 std::string* lsid, | 190 std::string* lsid, |
160 std::string* token); | 191 std::string* token); |
161 | 192 |
162 static void ParseClientLoginFailure(const std::string& data, | 193 static void ParseClientLoginFailure(const std::string& data, |
163 std::string* error, | 194 std::string* error, |
164 std::string* error_url, | 195 std::string* error_url, |
165 std::string* captcha_url, | 196 std::string* captcha_url, |
166 std::string* captcha_token); | 197 std::string* captcha_token); |
167 | 198 |
199 // Parse GetAuthCode response. | |
200 static bool ParseGetAuthCodeResponse(const net::ResponseCookies& cookies, | |
201 std::string* auth_code); | |
202 | |
203 // Parse GetTokenPair response. | |
204 static bool ParseGetTokenPairResponse(const std::string& data, | |
205 std::string* refresh_token, | |
206 std::string* access_token, | |
207 int* expires_in_secs); | |
208 | |
209 static bool ParseCookieToAuthCode(const std::string& cookie, | |
210 std::string* auth_code); | |
211 | |
168 // Is this a special case Gaia error for TwoFactor auth? | 212 // Is this a special case Gaia error for TwoFactor auth? |
169 static bool IsSecondFactorSuccess(const std::string& alleged_error); | 213 static bool IsSecondFactorSuccess(const std::string& alleged_error); |
170 | 214 |
171 // Given parameters, create a ClientLogin request body. | 215 // Given parameters, create a ClientLogin request body. |
172 static std::string MakeClientLoginBody( | 216 static std::string MakeClientLoginBody( |
173 const std::string& username, | 217 const std::string& username, |
174 const std::string& password, | 218 const std::string& password, |
175 const std::string& source, | 219 const std::string& source, |
176 const char* const service, | 220 const char* const service, |
177 const std::string& login_token, | 221 const std::string& login_token, |
178 const std::string& login_captcha, | 222 const std::string& login_captcha, |
179 HostedAccountsSetting allow_hosted_accounts); | 223 HostedAccountsSetting allow_hosted_accounts); |
180 // Supply the sid / lsid returned from ClientLogin in order to | 224 // Supply the sid / lsid returned from ClientLogin in order to |
181 // request a long lived auth token for a service. | 225 // request a long lived auth token for a service. |
182 static std::string MakeIssueAuthTokenBody(const std::string& sid, | 226 static std::string MakeIssueAuthTokenBody(const std::string& sid, |
183 const std::string& lsid, | 227 const std::string& lsid, |
184 const char* const service); | 228 const char* const service); |
229 // Create body to get OAuth2 auth code. | |
230 static std::string MakeGetAuthCodeBody(); | |
231 // Given auth code, create body to get OAuth2 token pair. | |
232 static std::string MakeGetTokenPairBody(const std::string& auth_code); | |
185 // Supply the lsid returned from ClientLogin in order to fetch | 233 // Supply the lsid returned from ClientLogin in order to fetch |
186 // user information. | 234 // user information. |
187 static std::string MakeGetUserInfoBody(const std::string& lsid); | 235 static std::string MakeGetUserInfoBody(const std::string& lsid); |
188 | 236 |
189 // Supply the authentication token returned from StartIssueAuthToken. | 237 // Supply the authentication token returned from StartIssueAuthToken. |
190 static std::string MakeTokenAuthBody(const std::string& auth_token, | 238 static std::string MakeTokenAuthBody(const std::string& auth_token, |
191 const std::string& continue_url, | 239 const std::string& continue_url, |
192 const std::string& source); | 240 const std::string& source); |
193 | 241 |
194 // Supply the authentication token returned from StartIssueAuthToken. | 242 // Supply the authentication token returned from StartIssueAuthToken. |
195 static std::string MakeMergeSessionBody(const std::string& auth_token, | 243 static std::string MakeMergeSessionBody(const std::string& auth_token, |
196 const std::string& continue_url, | 244 const std::string& continue_url, |
197 const std::string& source); | 245 const std::string& source); |
198 | 246 |
247 static std::string MakeGetAuthCodeHeader(const std::string& auth_token); | |
248 | |
249 void StartGetTokenPair(const std::string& auth_code); | |
250 | |
199 // Create a fetcher useable for making any Gaia request. | 251 // Create a fetcher useable for making any Gaia request. |
200 static content::URLFetcher* CreateGaiaFetcher( | 252 static content::URLFetcher* CreateGaiaFetcher( |
201 net::URLRequestContextGetter* getter, | 253 net::URLRequestContextGetter* getter, |
202 const std::string& body, | 254 const std::string& body, |
255 const std::string& headers, | |
203 const GURL& gaia_gurl, | 256 const GURL& gaia_gurl, |
204 bool send_cookies, | 257 bool use_cookies, |
205 content::URLFetcherDelegate* delegate); | 258 content::URLFetcherDelegate* delegate); |
206 | 259 |
207 // From a URLFetcher result, generate an appropriate error. | 260 // From a URLFetcher result, generate an appropriate error. |
208 // From the API documentation, both IssueAuthToken and ClientLogin have | 261 // From the API documentation, both IssueAuthToken and ClientLogin have |
209 // the same error returns. | 262 // the same error returns. |
210 static GoogleServiceAuthError GenerateAuthError( | 263 static GoogleServiceAuthError GenerateAuthError( |
211 const std::string& data, | 264 const std::string& data, |
212 const net::URLRequestStatus& status); | 265 const net::URLRequestStatus& status); |
213 | 266 |
214 // These fields are common to GaiaAuthFetcher, same every request | 267 // These fields are common to GaiaAuthFetcher, same every request |
215 GaiaAuthConsumer* const consumer_; | 268 GaiaAuthConsumer* const consumer_; |
216 net::URLRequestContextGetter* const getter_; | 269 net::URLRequestContextGetter* const getter_; |
217 std::string source_; | 270 std::string source_; |
218 const GURL client_login_gurl_; | 271 const GURL client_login_gurl_; |
219 const GURL issue_auth_token_gurl_; | 272 const GURL issue_auth_token_gurl_; |
273 const GURL get_auth_code_gurl_; | |
Rick Campbell
2011/11/22 21:32:57
Even here, I'd say maybe get_oauth2_code_gurl.
Munjal (Google)
2011/11/22 22:05:58
Done.
| |
274 const GURL get_token_pair_gurl_; | |
220 const GURL get_user_info_gurl_; | 275 const GURL get_user_info_gurl_; |
221 const GURL token_auth_gurl_; | 276 const GURL token_auth_gurl_; |
222 const GURL merge_session_gurl_; | 277 const GURL merge_session_gurl_; |
223 | 278 |
224 // While a fetch is going on: | 279 // While a fetch is going on: |
225 scoped_ptr<content::URLFetcher> fetcher_; | 280 scoped_ptr<content::URLFetcher> fetcher_; |
226 std::string request_body_; | 281 std::string request_body_; |
227 std::string requested_service_; // Currently tracked for IssueAuthToken only | 282 std::string requested_service_; // Currently tracked for IssueAuthToken only |
228 std::string requested_info_key_; // Currently tracked for GetUserInfo only | 283 std::string requested_info_key_; // Currently tracked for GetUserInfo only |
229 bool fetch_pending_; | 284 bool fetch_pending_; |
230 | 285 |
231 friend class GaiaAuthFetcherTest; | 286 friend class GaiaAuthFetcherTest; |
232 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CaptchaParse); | 287 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CaptchaParse); |
233 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, AccountDeletedError); | 288 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, AccountDeletedError); |
234 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, AccountDisabledError); | 289 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, AccountDisabledError); |
235 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, BadAuthenticationError); | 290 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, BadAuthenticationError); |
236 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, IncomprehensibleError); | 291 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, IncomprehensibleError); |
237 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, ServiceUnavailableError); | 292 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, ServiceUnavailableError); |
238 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckNormalErrorCode); | 293 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckNormalErrorCode); |
239 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckTwoFactorResponse); | 294 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckTwoFactorResponse); |
240 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, LoginNetFailure); | 295 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, LoginNetFailure); |
296 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, ParseGetAuthCodeResponse); | |
297 FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, ParseGetTokenPairResponse); | |
241 | 298 |
242 DISALLOW_COPY_AND_ASSIGN(GaiaAuthFetcher); | 299 DISALLOW_COPY_AND_ASSIGN(GaiaAuthFetcher); |
243 }; | 300 }; |
244 | 301 |
245 #endif // CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_ | 302 #endif // CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_ |
OLD | NEW |