Use OAuth2 refresh token to download GAIA info

chrome/browser/profiles/profile_downloader.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/profiles/profile_downloader.h"
 
 #include <string>
 #include <vector>
 
 #include "base/json/json_reader.h"
 #include "base/logging.h"
 #include "base/message_loop.h"
 #include "base/string_split.h"
 #include "base/string_util.h"
 #include "base/stringprintf.h"
 #include "chrome/browser/net/gaia/token_service.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/profiles/profile_downloader_delegate.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/net/gaia/gaia_constants.h"
+#include "chrome/common/net/gaia/gaia_urls.h"
+#include "chrome/common/net/gaia/oauth2_access_token_fetcher.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_details.h"
 #include "content/public/browser/notification_observer.h"
 #include "content/public/browser/notification_registrar.h"
 #include "content/public/browser/notification_source.h"
 #include "content/public/browser/notification_types.h"
 #include "content/public/common/url_fetcher.h"
 #include "googleurl/src/gurl.h"
 #include "skia/ext/image_operations.h"
 
 using content::BrowserThread;
 
 namespace {
 
-// Template for optional authorization header.
-const char kAuthorizationHeader[] = "Authorization: GoogleLogin auth=%s";
+// Template for optional authorization header when using the ClientLogin access
+// token.
+const char kClientAccessAuthorizationHeader[] =
+    "Authorization: GoogleLogin auth=%s";
+
+// Template for optional authorization header when using an OAuth access token.
+const char kOAuthAccessAuthorizationHeader[] =
+    "Authorization: Bearer %s";
 
 // URL requesting Picasa API for user info.
 const char kUserEntryURL[] =
     "http://picasaweb.google.com/data/entry/api/user/default?alt=json";
+
+// OAuth scope for the Picasa API.
+const char kPicasaScope[] = "http://picasaweb.google.com/data/";
+
 // Path in JSON dictionary to user's photo thumbnail URL.
 const char kPhotoThumbnailURLPath[] = "entry.gphoto$thumbnail.$t";
 
 const char kNickNamePath[] = "entry.gphoto$nickname.$t";
 
 // Path format for specifying thumbnail's size.
 const char kThumbnailSizeFormat[] = "s%d-c";
 // Default Picasa thumbnail size.
 const int kDefaultThumbnailSize = 64;
 
@@ skipping 129 matching lines @@
   VLOG(1) << "Starting profile downloader...";
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
 
   TokenService* service = delegate_->GetBrowserProfile()->GetTokenService();
   if (!service) {
     // This can happen in some test paths.
     LOG(WARNING) << "User has no token service";
     delegate_->OnDownloadComplete(this, false);
     return;
   }
-  if (service->HasTokenForService(GaiaConstants::kPicasaService)) {
+
+  if (delegate_->ShouldUseOAuthRefreshToken() &&
+      service->HasOAuthLoginToken()) {
+    StartFetchingOAuth2AccessToken();
+  } else if (!delegate_->ShouldUseOAuthRefreshToken() &&
+      service->HasTokenForService(GaiaConstants::kPicasaService)) {
     auth_token_ =
         service->GetTokenForService(GaiaConstants::kPicasaService);
     StartFetchingImage();
   } else {
     registrar_.Add(this,
                    chrome::NOTIFICATION_TOKEN_AVAILABLE,
                    content::Source<TokenService>(service));
     registrar_.Add(this,
                    chrome::NOTIFICATION_TOKEN_REQUEST_FAILED,
                    content::Source<TokenService>(service));
   }
 }
 
 string16 ProfileDownloader::GetProfileFullName() const {
   return profile_full_name_;
 }
 
 SkBitmap ProfileDownloader::GetProfilePicture() const {
   return profile_picture_;
 }
 
 void ProfileDownloader::StartFetchingImage() {
   VLOG(1) << "Fetching user entry with token: " << auth_token_;
   user_entry_fetcher_.reset(content::URLFetcher::Create(
       GURL(kUserEntryURL), content::URLFetcher::GET, this));
   user_entry_fetcher_->SetRequestContext(
       delegate_->GetBrowserProfile()->GetRequestContext());
   if (!auth_token_.empty()) {
     user_entry_fetcher_->SetExtraRequestHeaders(
-        base::StringPrintf(kAuthorizationHeader, auth_token_.c_str()));
+        base::StringPrintf(GetAuthorizationHeader(), auth_token_.c_str()));
   }
   user_entry_fetcher_->Start();
 }
 
+const char* ProfileDownloader::GetAuthorizationHeader() const {
+  return delegate_->ShouldUseOAuthRefreshToken() ?
+      kOAuthAccessAuthorizationHeader : kClientAccessAuthorizationHeader;
+}
+
+void ProfileDownloader::StartFetchingOAuth2AccessToken() {
+  TokenService* service = delegate_->GetBrowserProfile()->GetTokenService();
+  DCHECK(!service->GetOAuth2LoginRefreshToken().empty());
+
+  std::vector<std::string> scopes;
+  scopes.push_back(kPicasaScope);
+  oauth2_access_token_fetcher_.reset(new OAuth2AccessTokenFetcher(
+      this, delegate_->GetBrowserProfile()->GetRequestContext()));
+  oauth2_access_token_fetcher_->Start(
+      GaiaUrls::GetInstance()->oauth2_chrome_client_id(),
+      GaiaUrls::GetInstance()->oauth2_chrome_client_secret(),
+      service->GetOAuth2LoginRefreshToken(),
+      scopes);
+}
+
 ProfileDownloader::~ProfileDownloader() {}
 
 void ProfileDownloader::OnURLFetchComplete(const content::URLFetcher* source) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   std::string data;
   source->GetResponseAsString(&data);
   if (source->GetResponseCode() != 200) {
     LOG(ERROR) << "Response code is " << source->GetResponseCode();
     LOG(ERROR) << "Url is " << source->GetURL().spec();
     LOG(ERROR) << "Data is " << data;
@@ skipping 11 matching lines @@
       delegate_->OnDownloadComplete(this, true);
       return;
     }
     VLOG(1) << "Fetching profile image from " << image_url;
     profile_image_fetcher_.reset(content::URLFetcher::Create(
         GURL(image_url), content::URLFetcher::GET, this));
     profile_image_fetcher_->SetRequestContext(
         delegate_->GetBrowserProfile()->GetRequestContext());
     if (!auth_token_.empty()) {
       profile_image_fetcher_->SetExtraRequestHeaders(
-          base::StringPrintf(kAuthorizationHeader, auth_token_.c_str()));
+          base::StringPrintf(GetAuthorizationHeader(), auth_token_.c_str()));
     }
     profile_image_fetcher_->Start();
   } else if (source == profile_image_fetcher_.get()) {
     VLOG(1) << "Decoding the image...";
     scoped_refptr<ImageDecoder> image_decoder = new ImageDecoder(
         this, data);
     image_decoder->Start();
   }
 }
 
@@ skipping 16 matching lines @@
 
 void ProfileDownloader::Observe(
     int type,
     const content::NotificationSource& source,
     const content::NotificationDetails& details) {
   DCHECK(type == chrome::NOTIFICATION_TOKEN_AVAILABLE ||
          type == chrome::NOTIFICATION_TOKEN_REQUEST_FAILED);
 
   TokenService::TokenAvailableDetails* token_details =
       content::Details<TokenService::TokenAvailableDetails>(details).ptr();
+  std::string service = delegate_->ShouldUseOAuthRefreshToken() ?
+      GaiaConstants::kGaiaOAuth2LoginRefreshToken :
+      GaiaConstants::kPicasaService;
+
   if (type == chrome::NOTIFICATION_TOKEN_AVAILABLE) {
-    if (token_details->service() == GaiaConstants::kPicasaService) {
+    if (token_details->service() == service) {
       registrar_.RemoveAll();
-      auth_token_ = token_details->token();
-      StartFetchingImage();
+      if (delegate_->ShouldUseOAuthRefreshToken()) {
+        StartFetchingOAuth2AccessToken();
+      } else {
+        auth_token_ = token_details->token();
+        StartFetchingImage();
+      }
     }
   } else {
-    if (token_details->service() == GaiaConstants::kPicasaService) {
+    if (token_details->service() == service) {
       LOG(WARNING) << "ProfileDownloader: token request failed";
       delegate_->OnDownloadComplete(this, false);
     }
   }
 }
+
+// Callback for OAuth2AccessTokenFetcher on success. |access_token| is the token
+// used to start fetching user data.
+void ProfileDownloader::OnGetTokenSuccess(const std::string& access_token) {
+  auth_token_ = access_token;
+  StartFetchingImage();
+}
+
+// Callback for OAuth2AccessTokenFetcher on failure.
+void ProfileDownloader::OnGetTokenFailure(const GoogleServiceAuthError& error) {
+  LOG(WARNING) << "ProfileDownloader: token request using refresh token failed";
+  delegate_->OnDownloadComplete(this, false);
+}