Chromium Code Reviews Chromium Code Reviews
Issue 9549013:
Add code to mint OAuth tokens from login-scoped OAuth token. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/common/net/gaia/oauth2_token_mint_fetcher.h" | |
| 6 | |
| 7 #include <algorithm> | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/json/json_reader.h" | |
| 11 #include "base/string_util.h" | |
| 12 #include "base/stringprintf.h" | |
| 13 #include "base/values.h" | |
| 14 #include "chrome/common/net/gaia/gaia_urls.h" | |
| 15 #include "chrome/common/net/gaia/google_service_auth_error.h" | |
| 16 #include "net/base/escape.h" | |
| 17 #include "net/base/load_flags.h" | |
| 18 #include "net/http/http_status_code.h" | |
| 19 #include "net/url_request/url_request_context_getter.h" | |
| 20 #include "net/url_request/url_request_status.h" | |
| 21 | |
| 22 using content::URLFetcher; | |
| 23 using content::URLFetcherDelegate; | |
| 24 using net::ResponseCookies; | |
| 25 using net::URLRequestContextGetter; | |
| 26 using net::URLRequestStatus; | |
| 27 | |
| 28 namespace { | |
| 29 static const char kAuthorizationHeaderFormat[] = | |
| 30 "Authorization: Bearer %s"; | |
| 31 static const char kOAuth2IssueTokenBodyFormat[] = | |
| 32 "force=true" | |
| 33 "&response_type=token" | |
| 34 "&scope=%s" | |
| 35 "&client_id=%s" | |
| 36 "&origin=%s"; | |
| 37 static const char kAccessTokenKey[] = "token"; | |
| 38 | |
| 39 static bool GetStringFromDictionary(const DictionaryValue* dict, | |
|
asargent_no_longer_on_chrome
2012/03/01 00:53:36
nit: I think you can get rid of this function and
Munjal (Google)
2012/03/01 18:38:52
Done.
| |
| 40 const std::string& key, | |
| 41 std::string* value) { | |
| 42 Value* json_value; | |
| 43 if (!dict->Get(key, &json_value)) | |
| 44 return false; | |
| 45 if (json_value->GetType() != base::Value::TYPE_STRING) | |
| 46 return false; | |
| 47 | |
| 48 StringValue* json_str_value = static_cast<StringValue*>(json_value); | |
| 49 json_str_value->GetAsString(value); | |
| 50 return true; | |
| 51 } | |
| 52 | |
| 53 static GoogleServiceAuthError CreateAuthError(URLRequestStatus status) { | |
| 54 CHECK(!status.is_success()); | |
| 55 if (status.status() == URLRequestStatus::CANCELED) { | |
| 56 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED); | |
| 57 } else { | |
| 58 DLOG(WARNING) << "Could not reach Google Accounts servers: errno " | |
| 59 << status.error(); | |
| 60 return GoogleServiceAuthError::FromConnectionError(status.error()); | |
| 61 } | |
| 62 } | |
| 63 | |
| 64 static URLFetcher* CreateFetcher(URLRequestContextGetter* getter, | |
| 65 const GURL& url, | |
| 66 const std::string& headers, | |
| 67 const std::string& body, | |
| 68 URLFetcherDelegate* delegate) { | |
| 69 bool empty_body = body.empty(); | |
| 70 URLFetcher* result = URLFetcher::Create( | |
| 71 0, url, | |
| 72 empty_body ? URLFetcher::GET : URLFetcher::POST, | |
| 73 delegate); | |
| 74 | |
| 75 result->SetRequestContext(getter); | |
| 76 result->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | |
| 77 net::LOAD_DO_NOT_SAVE_COOKIES); | |
| 78 | |
| 79 if (!empty_body) | |
| 80 result->SetUploadData("application/x-www-form-urlencoded", body); | |
| 81 if (!headers.empty()) | |
| 82 result->SetExtraRequestHeaders(headers); | |
| 83 | |
| 84 return result; | |
| 85 } | |
| 86 } // namespace | |
| 87 | |
| 88 OAuth2TokenMintFetcher::OAuth2TokenMintFetcher( | |
| 89 OAuth2TokenMintConsumer* consumer, | |
| 90 URLRequestContextGetter* getter, | |
| 91 const std::string& source) | |
| 92 : consumer_(consumer), | |
| 93 getter_(getter), | |
| 94 source_(source), | |
| 95 state_(INITIAL) { } | |
| 96 | |
| 97 OAuth2TokenMintFetcher::~OAuth2TokenMintFetcher() { } | |
| 98 | |
| 99 void OAuth2TokenMintFetcher::CancelRequest() { | |
| 100 fetcher_.reset(); | |
| 101 } | |
| 102 | |
| 103 void OAuth2TokenMintFetcher::Start(const std::string& oauth_login_access_token, | |
| 104 const std::string& client_id, | |
| 105 const std::vector<std::string>& scopes, | |
| 106 const std::string& origin) { | |
| 107 oauth_login_access_token_ = oauth_login_access_token; | |
| 108 client_id_ = client_id; | |
| 109 scopes_ = scopes; | |
| 110 origin_ = origin; | |
| 111 StartMintToken(); | |
| 112 } | |
| 113 | |
| 114 void OAuth2TokenMintFetcher::StartMintToken() { | |
| 115 CHECK_EQ(INITIAL, state_); | |
| 116 state_ = MINT_TOKEN_STARTED; | |
| 117 fetcher_.reset(CreateFetcher( | |
| 118 getter_, | |
| 119 MakeMintTokenUrl(), | |
| 120 MakeMintTokenHeader(oauth_login_access_token_), | |
| 121 MakeMintTokenBody(client_id_, scopes_, origin_), | |
| 122 this)); | |
| 123 fetcher_->Start(); // OnURLFetchComplete will be called. | |
| 124 } | |
| 125 | |
| 126 void OAuth2TokenMintFetcher::EndMintToken(const URLFetcher* source) { | |
| 127 CHECK_EQ(MINT_TOKEN_STARTED, state_); | |
| 128 state_ = MINT_TOKEN_DONE; | |
| 129 | |
| 130 URLRequestStatus status = source->GetStatus(); | |
| 131 if (!status.is_success()) { | |
| 132 OnMintTokenFailure(CreateAuthError(status)); | |
| 133 return; | |
| 134 } | |
| 135 | |
| 136 if (source->GetResponseCode() != net::HTTP_OK) { | |
| 137 OnMintTokenFailure(GoogleServiceAuthError( | |
| 138 GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS)); | |
| 139 return; | |
| 140 } | |
| 141 | |
| 142 // The request was successfully fetched and it returned OK. | |
| 143 // Parse out the access token. | |
| 144 std::string access_token; | |
| 145 ParseMintTokenResponse(source, &access_token); | |
| 146 OnMintTokenSuccess(access_token); | |
| 147 } | |
| 148 | |
| 149 void OAuth2TokenMintFetcher::OnMintTokenSuccess( | |
| 150 const std::string& access_token) { | |
| 151 consumer_->OnMintTokenSuccess(access_token); | |
| 152 } | |
| 153 | |
| 154 void OAuth2TokenMintFetcher::OnMintTokenFailure(GoogleServiceAuthError error) { | |
| 155 state_ = ERROR_STATE; | |
| 156 consumer_->OnMintTokenFailure(error); | |
| 157 } | |
| 158 | |
| 159 void OAuth2TokenMintFetcher::OnURLFetchComplete(const URLFetcher* source) { | |
| 160 CHECK(source); | |
| 161 CHECK_EQ(MINT_TOKEN_STARTED, state_); | |
| 162 EndMintToken(source); | |
| 163 } | |
| 164 | |
| 165 // static | |
| 166 GURL OAuth2TokenMintFetcher::MakeMintTokenUrl() { | |
| 167 return GURL(GaiaUrls::GetInstance()->oauth2_issue_token_url()); | |
| 168 } | |
| 169 | |
| 170 // static | |
| 171 std::string OAuth2TokenMintFetcher::MakeMintTokenHeader( | |
| 172 const std::string& access_token) { | |
| 173 return StringPrintf(kAuthorizationHeaderFormat, access_token); | |
| 174 } | |
| 175 | |
| 176 // static | |
| 177 std::string OAuth2TokenMintFetcher::MakeMintTokenBody( | |
| 178 const std::string& client_id, | |
| 179 const std::vector<std::string>& scopes, | |
| 180 const std::string& origin) { | |
| 181 return StringPrintf( | |
| 182 kOAuth2IssueTokenBodyFormat, | |
| 183 net::EscapeUrlEncodedData(JoinString(scopes, ','), true).c_str(), | |
| 184 net::EscapeUrlEncodedData(client_id, true).c_str(), | |
| 185 net::EscapeUrlEncodedData(origin, true).c_str()); | |
| 186 } | |
| 187 | |
| 188 // static | |
| 189 bool OAuth2TokenMintFetcher::ParseMintTokenResponse( | |
| 190 const URLFetcher* source, | |
| 191 std::string* access_token) { | |
| 192 CHECK(source); | |
| 193 CHECK(access_token); | |
| 194 std::string data; | |
| 195 source->GetResponseAsString(&data); | |
| 196 base::JSONReader reader; | |
| 197 scoped_ptr<base::Value> value(reader.Read(data, false)); | |
| 198 if (!value.get() || value->GetType() != base::Value::TYPE_DICTIONARY) | |
| 199 return false; | |
| 200 | |
| 201 DictionaryValue* dict = static_cast<DictionaryValue*>(value.get()); | |
| 202 return GetStringFromDictionary(dict, kAccessTokenKey, access_token); | |
| 203 } | |
| OLD | NEW |
