Part 1 of work to do user sign in based on OAuth2:

chrome/common/net/gaia/gaia_auth_fetcher.h

Index: chrome/common/net/gaia/gaia_auth_fetcher.h
===================================================================
--- chrome/common/net/gaia/gaia_auth_fetcher.h	(revision 110361)
+++ chrome/common/net/gaia/gaia_auth_fetcher.h	(working copy)
@@ -7,6 +7,7 @@
 #pragma once
 
 #include <string>
+#include <vector>
 
 #include "base/gtest_prod_util.h"
 #include "base/memory/scoped_ptr.h"
@@ -29,6 +30,7 @@
 namespace net {
 class URLRequestContextGetter;
 class URLRequestStatus;
+typedef std::vector<std::string> ResponseCookies;
 }
 
 class GaiaAuthFetcher : public content::URLFetcherDelegate {
@@ -66,6 +68,12 @@
                            const std::string& lsid,
                            const char* const service);
 
+  // Start fetching OAuth login scoped token from the given ClientLogin token
+  // for "lso" service.
+  // Either OnOAuthLoginTokenSuccess or OnOAuthLoginTokenFailure method will be
+  // called on the consumer with results.
+  void StartOAuthLoginTokenFetch(const std::string& auth_token);
+
   // Start a request to get a particular key from user info.
   // GaiaAuthConsumer will be called back on the same thread when
   // results come back.
@@ -109,6 +117,10 @@
   static const char kClientLoginCaptchaFormat[];
   // The format of the POST body for IssueAuthToken.
   static const char kIssueAuthTokenFormat[];
+  // The format of the POST body to get OAuth2 auth code from auth token.

[Rick Campbell, 2011/11/22 21:32:57]

Just because there are so many similar names and overlapping name-parts, I'd be
inclined to explicitly bake OAuth2 into this name ... perhaps
kGetOAuth2CodeBodyFormat, etc.?

[Munjal (Google), 2011/11/22 22:05:58]

Done.

+  static const char kGetAuthCodeBodyFormat[];
+  // The format of the POST body to get OAuth2 token pair from auth code.
+  static const char kGetTokenPairBodyFormat[];
   // The format of the POST body for GetUserInfo.
   static const char kGetUserInfoFormat[];
   // The format of the POST body for TokenAuth.
@@ -132,6 +144,16 @@
   static const char kCaptchaUrlParam[];
   static const char kCaptchaTokenParam[];
 
+  // Constants for request/response for OAtuh2 requests.

[Rick Campbell, 2011/11/22 21:32:57]

Similarly here, I'd like to see OAuth2 in the name just to help future
developers who may need to slice and dice this a bit.

[Munjal (Google), 2011/11/22 22:05:58]

Done.

Note that I did not rename kAuthHeaderFormat on purpose since that is not OAuth2
specific.

+  static const char kAuthHeaderFormat[];
+  static const char kAuthCodeCookiePartSecure[];
+  static const char kAuthCodeCookiePartHttpOnly[];
+  static const char kAuthCodeCookiePartCodePrefix[];
+  static const int kAuthCodeCookiePartCodePrefixLength;
+  static const char kRefreshTokenKey[];
+  static const char kAccessTokenKey[];
+  static const char kExpiresInKey[];
+
   // Process the results of a ClientLogin fetch.
   void OnClientLoginFetched(const std::string& data,
                             const net::URLRequestStatus& status,
@@ -141,6 +163,15 @@
                                const net::URLRequestStatus& status,
                                int response_code);
 
+  void OnGetAuthCodeFetched(const std::string& data,

[Rick Campbell, 2011/11/22 21:32:57]

Maybe OnGetOAuth2CodeFetched?

[Munjal (Google), 2011/11/22 22:05:58]

Done.

+                            const net::ResponseCookies& cookies,
+                            const net::URLRequestStatus& status,
+                            int response_code);
+
+  void OnGetTokenPairFetched(const std::string& data,
+                             const net::URLRequestStatus& status,
+                             int response_code);
+
   void OnGetUserInfoFetched(const std::string& data,
                             const net::URLRequestStatus& status,
                             int response_code);
@@ -165,6 +196,19 @@
                                       std::string* captcha_url,
                                       std::string* captcha_token);
 
+  // Parse GetAuthCode response.
+  static bool ParseGetAuthCodeResponse(const net::ResponseCookies& cookies,
+                                       std::string* auth_code);
+
+  // Parse GetTokenPair response.
+  static bool ParseGetTokenPairResponse(const std::string& data,
+                                        std::string* refresh_token,
+                                        std::string* access_token,
+                                        int* expires_in_secs);
+
+  static bool ParseCookieToAuthCode(const std::string& cookie,
+                                    std::string* auth_code);
+
   // Is this a special case Gaia error for TwoFactor auth?
   static bool IsSecondFactorSuccess(const std::string& alleged_error);
 
@@ -182,6 +226,10 @@
   static std::string MakeIssueAuthTokenBody(const std::string& sid,
                                             const std::string& lsid,
                                             const char* const service);
+  // Create body to get OAuth2 auth code.
+  static std::string MakeGetAuthCodeBody();
+  // Given auth code, create body to get OAuth2 token pair.
+  static std::string MakeGetTokenPairBody(const std::string& auth_code);
   // Supply the lsid returned from ClientLogin in order to fetch
   // user information.
   static std::string MakeGetUserInfoBody(const std::string& lsid);
@@ -196,12 +244,17 @@
                                        const std::string& continue_url,
                                        const std::string& source);
 
+  static std::string MakeGetAuthCodeHeader(const std::string& auth_token);
+
+  void StartGetTokenPair(const std::string& auth_code);
+
   // Create a fetcher useable for making any Gaia request.
   static content::URLFetcher* CreateGaiaFetcher(
       net::URLRequestContextGetter* getter,
       const std::string& body,
+      const std::string& headers,
       const GURL& gaia_gurl,
-      bool send_cookies,
+      bool use_cookies,
       content::URLFetcherDelegate* delegate);
 
   // From a URLFetcher result, generate an appropriate error.
@@ -217,6 +270,8 @@
   std::string source_;
   const GURL client_login_gurl_;
   const GURL issue_auth_token_gurl_;
+  const GURL get_auth_code_gurl_;

[Rick Campbell, 2011/11/22 21:32:57]

Even here, I'd say maybe get_oauth2_code_gurl.

[Munjal (Google), 2011/11/22 22:05:58]

Done.

+  const GURL get_token_pair_gurl_;
   const GURL get_user_info_gurl_;
   const GURL token_auth_gurl_;
   const GURL merge_session_gurl_;
@@ -238,6 +293,8 @@
   FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckNormalErrorCode);
   FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckTwoFactorResponse);
   FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, LoginNetFailure);
+  FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, ParseGetAuthCodeResponse);
+  FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, ParseGetTokenPairResponse);
 
   DISALLOW_COPY_AND_ASSIGN(GaiaAuthFetcher);
 };