Chromium Code Reviews Chromium Code Reviews
Issue 11649055:
OAuth2 sign-in flow for ChromeOS (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/chromeos/login/oauth2_login_verifier.h" | |
| 6 | |
| 7 #include "base/logging.h" | |
| 8 #include "base/metrics/histogram.h" | |
| 9 #include "base/stringprintf.h" | |
| 10 #include "chrome/browser/chromeos/cros/cros_library.h" | |
| 11 #include "chrome/browser/chromeos/cros/network_library.h" | |
| 12 #include "content/public/browser/browser_thread.h" | |
| 13 #include "google_apis/gaia/gaia_constants.h" | |
| 14 #include "google_apis/gaia/gaia_urls.h" | |
| 15 #include "google_apis/gaia/oauth2_access_token_fetcher.h" | |
|
Joao da Silva
2013/01/11 16:45:07
Already in .h
zel
2013/01/11 19:51:16
Done.
| |
| 16 | |
| 17 using content::BrowserThread; | |
| 18 | |
| 19 namespace { | |
| 20 | |
| 21 // OAuth token request max retry count. | |
| 22 const int kMaxRequestAttemptCount = 5; | |
| 23 // OAuth token request retry delay in milliseconds. | |
| 24 const int kRequestRestartDelay = 3000; | |
| 25 | |
| 26 // The service scope of the OAuth v2 token that ChromeOS login will be | |
| 27 // requesting. | |
| 28 const char kServiceScopeChromeOS[] = | |
|
Joao da Silva
2013/01/11 16:45:07
Not used, did you mean to include in |scopes| belo
zel
2013/01/11 19:51:16
Done.
| |
| 29 "https://www.googleapis.com/auth/chromesync"; | |
| 30 | |
| 31 const char kOAuthLoginServiceScope[] = | |
|
Joao da Silva
2013/01/11 16:45:07
GaiaUrls::oauth1_login_scope()?
zel
2013/01/11 19:51:16
Done.
| |
| 32 "https://www.google.com/accounts/OAuthLogin"; | |
| 33 | |
| 34 } // namespace | |
| 35 | |
| 36 namespace chromeos { | |
| 37 | |
| 38 OAuth2LoginVerifier::OAuth2LoginVerifier( | |
| 39 OAuth2LoginVerifier::Delegate* delegate, | |
| 40 net::URLRequestContextGetter* system_request_context, | |
| 41 net::URLRequestContextGetter* user_request_context) | |
| 42 : delegate_(delegate), | |
| 43 token_fetcher_(this, system_request_context), | |
|
Joao da Silva
2013/01/11 16:45:07
ALLOW_THIS_IN_INITIALIZER_LIST (also below)
zel
2013/01/11 19:51:16
Done.
| |
| 44 gaia_fetcher_(this, std::string(GaiaConstants::kChromeOSSource), | |
| 45 user_request_context), | |
| 46 retry_count_(0) { | |
| 47 DCHECK(delegate); | |
| 48 } | |
| 49 | |
| 50 OAuth2LoginVerifier::~OAuth2LoginVerifier() { | |
| 51 } | |
| 52 | |
| 53 void OAuth2LoginVerifier::VerifyRefreshToken(const std::string& refresh_token) { | |
| 54 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 55 if (CrosLibrary::Get()->libcros_loaded()) { | |
| 56 // Delay the verification if the network is not connected or on a captive | |
| 57 // portal. | |
| 58 const Network* network = | |
| 59 CrosLibrary::Get()->GetNetworkLibrary()->active_network(); | |
| 60 if (!network || !network->connected() || network->restricted_pool()) { | |
| 61 // If network is offline, defer the token fetching until online. | |
| 62 VLOG(1) << "Network is offline. Deferring OAuth2 access token fetch."; | |
| 63 BrowserThread::PostDelayedTask( | |
| 64 BrowserThread::UI, FROM_HERE, | |
| 65 base::Bind(&OAuth2LoginVerifier::VerifyRefreshToken, | |
| 66 AsWeakPtr(), | |
| 67 refresh_token), | |
| 68 base::TimeDelta::FromMilliseconds(kRequestRestartDelay)); | |
|
Joao da Silva
2013/01/11 16:45:07
#include "base/time.h"
zel
2013/01/11 19:51:16
Done.
| |
| 69 return; | |
| 70 } | |
| 71 } | |
| 72 | |
| 73 access_token_.clear(); | |
| 74 refresh_token_ = refresh_token; | |
| 75 std::vector<std::string> scopes; | |
|
Joao da Silva
2013/01/11 16:45:07
#include <vector>
zel
2013/01/11 19:51:16
Done.
| |
| 76 scopes.push_back(kOAuthLoginServiceScope); | |
| 77 token_fetcher_.Start(GaiaUrls::GetInstance()->oauth2_chrome_client_id(), | |
| 78 GaiaUrls::GetInstance()->oauth2_chrome_client_secret(), | |
| 79 refresh_token, | |
| 80 scopes); | |
| 81 } | |
| 82 | |
| 83 void OAuth2LoginVerifier::OnGetTokenSuccess( | |
| 84 const std::string& access_token, const base::Time& expiration_time) { | |
| 85 VLOG(1) << "Got OAuth2 access token!"; | |
| 86 retry_count_ = 0; | |
| 87 access_token_ = access_token; | |
| 88 StartOAuthLogin(); | |
| 89 } | |
| 90 | |
| 91 void OAuth2LoginVerifier::StartOAuthLogin() { | |
| 92 gaia_fetcher_.StartOAuthLogin(access_token_, | |
| 93 GaiaConstants::kSyncService); | |
| 94 } | |
| 95 | |
| 96 void OAuth2LoginVerifier::OnGetTokenFailure( | |
| 97 const GoogleServiceAuthError& error) { | |
| 98 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 99 LOG(WARNING) << "Failed to hget OAuth2 access token, " | |
|
Joao da Silva
2013/01/11 16:45:07
*get
zel
2013/01/11 19:51:16
Done.
| |
| 100 << " error: " << error.state(); | |
| 101 RetryOnError("GetToken", error, | |
| 102 base::Bind(&OAuth2LoginVerifier::VerifyRefreshToken, | |
| 103 AsWeakPtr(), | |
| 104 refresh_token_)); | |
| 105 } | |
| 106 | |
| 107 void OAuth2LoginVerifier::OnClientLoginSuccess( | |
| 108 const ClientLoginResult& result) { | |
| 109 LOG(WARNING) << "OAuthLogin successful!"; | |
|
Joao da Silva
2013/01/11 16:45:07
warning or vlog(1)?
zel
2013/01/11 19:51:16
Nope, I really want this in user feedback logs as
| |
| 110 sid_ = result.sid; | |
| 111 lsid_ = result.lsid; | |
| 112 token_ = result.token; | |
| 113 retry_count_ = 0; | |
| 114 StartCookiesRetrieval(); | |
| 115 } | |
| 116 | |
| 117 void OAuth2LoginVerifier::OnClientLoginFailure( | |
| 118 const GoogleServiceAuthError& error) { | |
| 119 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 120 LOG(WARNING) << "Failed to log in with OAuth1 access tokens," | |
|
Joao da Silva
2013/01/11 16:45:07
OAuth2
zel
2013/01/11 19:51:16
Done.
| |
| 121 << " error: " << error.state(); | |
| 122 RetryOnError("OAuthLogin", error, | |
| 123 base::Bind(&OAuth2LoginVerifier::StartOAuthLogin, | |
| 124 AsWeakPtr())); | |
| 125 } | |
| 126 | |
| 127 void OAuth2LoginVerifier::StartCookiesRetrieval() { | |
| 128 DCHECK(!sid_.empty()); | |
| 129 DCHECK(!lsid_.empty()); | |
| 130 gaia_fetcher_.StartIssueAuthToken(sid_, lsid_, GaiaConstants::kGaiaService); | |
| 131 } | |
| 132 | |
| 133 void OAuth2LoginVerifier::OnIssueAuthTokenSuccess( | |
| 134 const std::string& service, | |
| 135 const std::string& token_token) { | |
| 136 LOG(WARNING) << "Got auth token!"; | |
|
Joao da Silva
2013/01/11 16:45:07
warning or vlog(1)?
zel
2013/01/11 19:51:16
Same as above.
| |
| 137 retry_count_ = 0; | |
| 138 gaia_fetcher_.StartMergeSession(token_token); | |
| 139 } | |
| 140 | |
| 141 void OAuth2LoginVerifier::OnIssueAuthTokenFailure( | |
| 142 const std::string& service, | |
| 143 const GoogleServiceAuthError& error) { | |
| 144 LOG(WARNING) << "Failed IssueAuthToken request," | |
| 145 << " error:" << error.state(); | |
| 146 RetryOnError("IssueAuthToken", error, | |
| 147 base::Bind(&OAuth2LoginVerifier::StartCookiesRetrieval, | |
| 148 AsWeakPtr())); | |
| 149 } | |
| 150 | |
| 151 void OAuth2LoginVerifier::OnMergeSessionSuccess(const std::string& data) { | |
| 152 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 153 LOG(WARNING) << "MergeSession successful."; | |
|
Joao da Silva
2013/01/11 16:45:07
warning or vlog?
zel
2013/01/11 19:51:16
Same as above.
| |
| 154 delegate_->OnOAuth2LoginVerifierSuccess(sid_, lsid_, token_); | |
| 155 } | |
| 156 | |
| 157 void OAuth2LoginVerifier::OnMergeSessionFailure( | |
| 158 const GoogleServiceAuthError& error) { | |
| 159 LOG(WARNING) << "Failed MergeSession request," | |
| 160 << " error: " << error.state(); | |
| 161 RetryOnError("MergeSession", error, | |
| 162 base::Bind(&OAuth2LoginVerifier::StartCookiesRetrieval, | |
|
Joao da Silva
2013/01/11 16:45:07
Is the retry callback StartCookiesRetrieval, or sh
zel
2013/01/11 19:51:16
Well, the token that we fetched with /IssueAuthTok
| |
| 163 AsWeakPtr())); | |
| 164 } | |
| 165 | |
| 166 void OAuth2LoginVerifier::RetryOnError(const char* operation_id, | |
| 167 const GoogleServiceAuthError& error, | |
| 168 const base::Closure& task) { | |
| 169 if ((error.state() == GoogleServiceAuthError::CONNECTION_FAILED || | |
| 170 error.state() == GoogleServiceAuthError::SERVICE_UNAVAILABLE || | |
| 171 error.state() == GoogleServiceAuthError::REQUEST_CANCELED) && | |
| 172 retry_count_ < kMaxRequestAttemptCount) { | |
| 173 retry_count_++; | |
| 174 UMA_HISTOGRAM_ENUMERATION( | |
| 175 base::StringPrintf("OAuth2LoginVerifier.%sWithRetry", operation_id), | |
| 176 error.state(), | |
| 177 GoogleServiceAuthError::NUM_STATES); | |
| 178 BrowserThread::PostDelayedTask( | |
| 179 BrowserThread::UI, FROM_HERE, task, | |
| 180 base::TimeDelta::FromMilliseconds(kRequestRestartDelay)); | |
| 181 } else { | |
| 182 LOG(WARNING) << "Unrecoverable error or retry count max reached for " | |
| 183 << operation_id; | |
| 184 UMA_HISTOGRAM_ENUMERATION( | |
| 185 base::StringPrintf("OAuth2LoginVerifier.%sWithNoRetry", operation_id), | |
| 186 error.state(), | |
| 187 GoogleServiceAuthError::NUM_STATES); | |
| 188 delegate_->OnOAuth2LoginVerifierFaulure(); | |
|
Joao da Silva
2013/01/11 16:45:07
*Failure
zel
2013/01/11 19:51:16
Done.
| |
| 189 } | |
| 190 } | |
| 191 | |
| 192 } // namespace chromeos | |
| OLD | NEW |
