| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| 6 #define COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/threading/thread_checker.h" | |
| 11 #include "components/signin/core/browser/profile_oauth2_token_service.h" | |
| 12 #include "components/signin/core/browser/signin_error_controller.h" | |
| 13 | |
| 14 class OAuth2AccessTokenFetcher; | |
| 15 | |
| 16 namespace ios{ | |
| 17 class ProfileOAuth2TokenServiceIOSProvider; | |
| 18 } | |
| 19 | |
| 20 // A specialization of ProfileOAuth2TokenService that will be returned by | |
| 21 // ProfileOAuth2TokenServiceFactory for OS_IOS when iOS authentication service | |
| 22 // is used to lookup OAuth2 tokens. | |
| 23 // | |
| 24 // See |ProfileOAuth2TokenService| for usage details. | |
| 25 // | |
| 26 // Note: Requests should be started from the UI thread. To start a | |
| 27 // request from aother thread, please use OAuth2TokenServiceRequest. | |
| 28 class ProfileOAuth2TokenServiceIOS : public ProfileOAuth2TokenService { | |
| 29 public: | |
| 30 // KeyedService | |
| 31 void Shutdown() override; | |
| 32 | |
| 33 // OAuth2TokenService | |
| 34 bool RefreshTokenIsAvailable(const std::string& account_id) const override; | |
| 35 | |
| 36 void InvalidateOAuth2Token(const std::string& account_id, | |
| 37 const std::string& client_id, | |
| 38 const ScopeSet& scopes, | |
| 39 const std::string& access_token) override; | |
| 40 | |
| 41 // ProfileOAuth2TokenService | |
| 42 void Initialize(SigninClient* client, | |
| 43 SigninErrorController* signin_error_controller) override; | |
| 44 void LoadCredentials(const std::string& primary_account_id) override; | |
| 45 std::vector<std::string> GetAccounts() override; | |
| 46 void UpdateAuthError(const std::string& account_id, | |
| 47 const GoogleServiceAuthError& error) override; | |
| 48 | |
| 49 // This method should not be called when using shared authentication. | |
| 50 void UpdateCredentials(const std::string& account_id, | |
| 51 const std::string& refresh_token) override; | |
| 52 | |
| 53 // Removes all credentials from this instance of |ProfileOAuth2TokenService|, | |
| 54 // however, it does not revoke the identities from the device. | |
| 55 // Subsequent calls to |RefreshTokenIsAvailable| will return |false|. | |
| 56 void RevokeAllCredentials() override; | |
| 57 | |
| 58 // Reloads accounts from the provider. Fires |OnRefreshTokenAvailable| for | |
| 59 // each new account. Fires |OnRefreshTokenRevoked| for each account that was | |
| 60 // removed. | |
| 61 // It expects that there is already a primary account id. | |
| 62 void ReloadCredentials(); | |
| 63 | |
| 64 // Sets the primary account and then reloads the accounts from the provider. | |
| 65 // Should be called when the user signs in to a new account. | |
| 66 // |primary_account_id| must not be an empty string. | |
| 67 void ReloadCredentials(const std::string& primary_account_id); | |
| 68 | |
| 69 // Sets the account that should be ignored by this token service. | |
| 70 // |ReloadCredentials| needs to be called for this change to be effective. | |
| 71 void ExcludeSecondaryAccount(const std::string& account_id); | |
| 72 void IncludeSecondaryAccount(const std::string& account_id); | |
| 73 void ExcludeSecondaryAccounts(const std::vector<std::string>& account_ids); | |
| 74 | |
| 75 // Excludes all secondary accounts. |ReloadCredentials| needs to be called for | |
| 76 // this change to be effective. | |
| 77 void ExcludeAllSecondaryAccounts(); | |
| 78 | |
| 79 protected: | |
| 80 friend class ProfileOAuth2TokenServiceFactory; | |
| 81 friend class ProfileOAuth2TokenServiceIOSTest; | |
| 82 FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceIOSTest, | |
| 83 ExcludeSecondaryAccounts); | |
| 84 FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceIOSTest, | |
| 85 LoadRevokeCredentialsClearsExcludedAccounts); | |
| 86 | |
| 87 ProfileOAuth2TokenServiceIOS(); | |
| 88 ~ProfileOAuth2TokenServiceIOS() override; | |
| 89 | |
| 90 OAuth2AccessTokenFetcher* CreateAccessTokenFetcher( | |
| 91 const std::string& account_id, | |
| 92 net::URLRequestContextGetter* getter, | |
| 93 OAuth2AccessTokenConsumer* consumer) override; | |
| 94 | |
| 95 // Protected and virtual to be overriden by fake for testing. | |
| 96 | |
| 97 // Adds |account_id| to |accounts_| if it does not exist or udpates | |
| 98 // the auth error state of |account_id| if it exists. Fires | |
| 99 // |OnRefreshTokenAvailable| if the account info is updated. | |
| 100 virtual void AddOrUpdateAccount(const std::string& account_id); | |
| 101 | |
| 102 // Removes |account_id| from |accounts_|. Fires |OnRefreshTokenRevoked| | |
| 103 // if the account info is removed. | |
| 104 virtual void RemoveAccount(const std::string& account_id); | |
| 105 | |
| 106 private: | |
| 107 class AccountInfo : public SigninErrorController::AuthStatusProvider { | |
| 108 public: | |
| 109 AccountInfo(SigninErrorController* signin_error_controller, | |
| 110 const std::string& account_id); | |
| 111 ~AccountInfo() override; | |
| 112 | |
| 113 void SetLastAuthError(const GoogleServiceAuthError& error); | |
| 114 | |
| 115 // SigninErrorController::AuthStatusProvider implementation. | |
| 116 std::string GetAccountId() const override; | |
| 117 GoogleServiceAuthError GetAuthStatus() const override; | |
| 118 | |
| 119 bool marked_for_removal() const { return marked_for_removal_; } | |
| 120 void set_marked_for_removal(bool marked_for_removal) { | |
| 121 marked_for_removal_ = marked_for_removal; | |
| 122 } | |
| 123 | |
| 124 private: | |
| 125 SigninErrorController* signin_error_controller_; | |
| 126 std::string account_id_; | |
| 127 GoogleServiceAuthError last_auth_error_; | |
| 128 bool marked_for_removal_; | |
| 129 | |
| 130 DISALLOW_COPY_AND_ASSIGN(AccountInfo); | |
| 131 }; | |
| 132 | |
| 133 // Maps the |account_id| of accounts known to ProfileOAuth2TokenService | |
| 134 // to information about the account. | |
| 135 typedef std::map<std::string, linked_ptr<AccountInfo> > AccountInfoMap; | |
| 136 | |
| 137 // Returns the iOS provider; | |
| 138 ios::ProfileOAuth2TokenServiceIOSProvider* GetProvider(); | |
| 139 | |
| 140 // Returns the account ids that should be ignored by this token service. | |
| 141 std::set<std::string> GetExcludedSecondaryAccounts(); | |
| 142 | |
| 143 // Returns true if this token service should exclude all secondary accounts. | |
| 144 bool GetExcludeAllSecondaryAccounts(); | |
| 145 | |
| 146 // Clears exclude secondary accounts preferences. | |
| 147 void ClearExcludedSecondaryAccounts(); | |
| 148 | |
| 149 // The primary account id. | |
| 150 std::string primary_account_id_; | |
| 151 | |
| 152 // Info about the existing accounts. | |
| 153 AccountInfoMap accounts_; | |
| 154 | |
| 155 // Calls to this class are expected to be made from the browser UI thread. | |
| 156 // The purpose of this checker is to detect access to | |
| 157 // ProfileOAuth2TokenService from multiple threads in upstream code. | |
| 158 base::ThreadChecker thread_checker_; | |
| 159 | |
| 160 DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenServiceIOS); | |
| 161 }; | |
| 162 | |
| 163 #endif // COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1143323005:
Refactor AO2TS to make it easier to componentize. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master