OAuth2 sign-in flow for ChromeOS

chrome/browser/chromeos/login/oauth2_login_verifier.cc

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/login/oauth2_login_verifier.h"
+
+#include "base/logging.h"
+#include "base/metrics/histogram.h"
+#include "base/stringprintf.h"
+#include "chrome/browser/chromeos/cros/cros_library.h"
+#include "chrome/browser/chromeos/cros/network_library.h"
+#include "chrome/browser/profiles/profile.h"
+#include "content/public/browser/browser_thread.h"
+#include "google_apis/gaia/gaia_constants.h"
+#include "google_apis/gaia/gaia_urls.h"
+#include "google_apis/gaia/oauth2_access_token_fetcher.h"
+
+using content::BrowserThread;
+
+namespace {
+
+// OAuth token request max retry count.
+const int kMaxRequestAttemptCount = 5;
+// OAuth token request retry delay in milliseconds.
+const int kRequestRestartDelay = 3000;
+
+// The service scope of the OAuth v2 token that ChromeOS login will be
+// requesting.
+const char kServiceScopeChromeOS[] =
+    "https://www.googleapis.com/auth/chromesync";
+
+const char kOAuthLoginServiceScope[] =
+    "https://www.google.com/accounts/OAuthLogin";
+
+}  // namespace
+
+namespace chromeos {
+
+OAuth2LoginVerifier::OAuth2LoginVerifier(
+        OAuth2LoginVerifier::Delegate* delegate,
+        net::URLRequestContextGetter* system_request_context,
+        Profile* user_profile)

[xiyuan, 2013/01/07 23:07:55]

nit: 4-space indent for above three lines

[zel, 2013/01/08 02:05:41]

Done.

+    : delegate_(delegate),
+      token_fetcher_(this, system_request_context),
+      gaia_fetcher_(this, std::string(GaiaConstants::kChromeOSSource),
+                    user_profile->GetRequestContext()),
+      retry_count_(0) {
+  DCHECK(delegate);
+}
+
+OAuth2LoginVerifier::~OAuth2LoginVerifier() {
+}
+
+void OAuth2LoginVerifier::VerifyRefreshToken(const std::string& refresh_token) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+  if (CrosLibrary::Get()->libcros_loaded()) {
+    // Delay the verification if the network is not connected or on a captive
+    // portal.
+    const Network* network =
+        CrosLibrary::Get()->GetNetworkLibrary()->active_network();
+    if (!network || !network->connected() || network->restricted_pool()) {
+      // If network is offline, defer the token fetching until online.
+      VLOG(1) << "Network is offline.  Deferring OAuth2 access token fetch.";
+      BrowserThread::PostDelayedTask(
+          BrowserThread::UI, FROM_HERE,
+          base::Bind(&OAuth2LoginVerifier::VerifyRefreshToken,
+                     AsWeakPtr(),
+                     refresh_token),
+          base::TimeDelta::FromMilliseconds(kRequestRestartDelay));
+      return;
+    }
+  }
+
+  access_token_.clear();
+  refresh_token_ = refresh_token;
+  std::vector<std::string> scopes;
+  scopes.push_back(kOAuthLoginServiceScope);
+  token_fetcher_.Start(GaiaUrls::GetInstance()->oauth2_chrome_client_id(),
+                       GaiaUrls::GetInstance()->oauth2_chrome_client_secret(),
+                       refresh_token,
+                       scopes);
+}
+
+void OAuth2LoginVerifier::OnGetTokenSuccess(
+    const std::string& access_token, const base::Time& expiration_time) {
+  VLOG(1) << "Got OAuth2 access token!";
+  retry_count_ = 0;
+  access_token_ = access_token;
+  StartOAuthLogin();
+}
+
+void OAuth2LoginVerifier::StartOAuthLogin() {
+  gaia_fetcher_.StartOAuthLogin(access_token_,
+                                GaiaConstants::kSyncService);
+}
+
+void OAuth2LoginVerifier::OnGetTokenFailure(
+    const GoogleServiceAuthError& error) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+  LOG(WARNING) << "Failed to hget OAuth2 access token, "
+               << " error: " << error.state();
+  RetryOnError("GetToken", error,
+               base::Bind(&OAuth2LoginVerifier::VerifyRefreshToken,
+                          AsWeakPtr(),
+                          refresh_token_));
+}
+
+void OAuth2LoginVerifier::OnClientLoginSuccess(
+    const ClientLoginResult& result) {
+  LOG(WARNING) << "OAuthLogin successful!";
+  sid_ = result.sid;
+  lsid_ = result.lsid;
+  token_ = result.token;
+  retry_count_ = 0;
+  StartCookiesRetrieval();
+}
+
+void OAuth2LoginVerifier::OnClientLoginFailure(
+    const GoogleServiceAuthError& error) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+  LOG(WARNING) << "Failed to log in with OAuth1 access tokens,"
+               << " error: " << error.state();
+  RetryOnError("OAuthLogin", error,
+               base::Bind(&OAuth2LoginVerifier::StartOAuthLogin,
+                          AsWeakPtr()));
+}
+
+void OAuth2LoginVerifier::StartCookiesRetrieval() {
+  DCHECK(!sid_.empty());
+  DCHECK(!lsid_.empty());
+  gaia_fetcher_.StartIssueAuthToken(sid_, lsid_, GaiaConstants::kGaiaService);
+}
+
+void OAuth2LoginVerifier::OnIssueAuthTokenSuccess(
+    const std::string& service,
+    const std::string& token_token) {
+  LOG(WARNING) << "Got auth token!";
+  retry_count_ = 0;
+  gaia_fetcher_.StartMergeSession(token_token);
+}
+
+void OAuth2LoginVerifier::OnIssueAuthTokenFailure(
+    const std::string& service,
+      const GoogleServiceAuthError& error) {
+  LOG(WARNING) << "Failed IssueAuthToken request,"
+               << " error:" << error.state();
+  RetryOnError("IssueAuthToken", error,
+               base::Bind(&OAuth2LoginVerifier::StartCookiesRetrieval,
+                          AsWeakPtr()));
+}
+
+void OAuth2LoginVerifier::OnMergeSessionSuccess(const std::string& data) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+  LOG(WARNING) << "MergeSession successful.";
+  delegate_->OnOAuth2LoginVerifierSuccess(sid_, lsid_, token_);
+}
+
+void OAuth2LoginVerifier::OnMergeSessionFailure(
+    const GoogleServiceAuthError& error) {
+  LOG(WARNING) << "Failed MergeSession request,"
+               << " error: " << error.state();
+  RetryOnError("MergeSession", error,
+               base::Bind(&OAuth2LoginVerifier::StartCookiesRetrieval,
+                          AsWeakPtr()));
+}
+
+void OAuth2LoginVerifier::RetryOnError(const char* operation_id,
+                                       const GoogleServiceAuthError& error,
+                                       const base::Closure& task) {
+  if ((error.state() == GoogleServiceAuthError::CONNECTION_FAILED ||
+       error.state() == GoogleServiceAuthError::SERVICE_UNAVAILABLE ||
+       error.state() == GoogleServiceAuthError::REQUEST_CANCELED) &&
+      retry_count_++ < kMaxRequestAttemptCount) {

[xiyuan, 2013/01/07 23:07:55]

Get rid of '++' here since we are doing it in the next line. And fix alignment.

[zel, 2013/01/08 02:05:41]

Done.

+    retry_count_++;
+    UMA_HISTOGRAM_ENUMERATION(
+        base::StringPrintf("OAuth2LoginVerifier.%sWithRetry", operation_id),
+        error.state(),
+        GoogleServiceAuthError::NUM_STATES);
+    BrowserThread::PostDelayedTask(
+        BrowserThread::UI, FROM_HERE, task,
+        base::TimeDelta::FromMilliseconds(kRequestRestartDelay));
+  } else {
+    LOG(WARNING) << "Unrecoverable error or retry count max reached for "
+                 << operation_id;
+    UMA_HISTOGRAM_ENUMERATION(
+        base::StringPrintf("OAuth2LoginVerifier.%sWithNoRetry", operation_id),
+        error.state(),
+        GoogleServiceAuthError::NUM_STATES);
+    delegate_->OnOAuth2LoginVerifierFaulure();
+  }
+}
+
+}  // namespace chromeos