| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OAUTH_LOGIN_MANAGER_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_OAUTH_LOGIN_MANAGER_H_ |
| 7 |
| 8 #include <string> |
| 9 |
| 10 #include "base/memory/ref_counted.h" |
| 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "chrome/browser/chromeos/cros/cert_library.h" |
| 13 #include "chrome/browser/chromeos/cros/cros_library.h" |
| 14 #include "chrome/browser/chromeos/login/oauth1_login_verifier.h" |
| 15 #include "chrome/browser/chromeos/login/oauth1_token_fetcher.h" |
| 16 #include "chrome/browser/chromeos/login/oauth2_login_verifier.h" |
| 17 #include "chrome/browser/chromeos/login/oauth2_policy_fetcher.h" |
| 18 #include "chrome/browser/chromeos/login/oauth2_token_fetcher.h" |
| 19 #include "chrome/browser/chromeos/login/policy_oauth_fetcher.h" |
| 20 #include "content/public/browser/notification_observer.h" |
| 21 #include "content/public/browser/notification_registrar.h" |
| 22 #include "net/url_request/url_request_context_getter.h" |
| 23 |
| 24 class GoogleServiceAuthError; |
| 25 class Profile; |
| 26 class TokenService; |
| 27 |
| 28 namespace chromeos { |
| 29 |
| 30 // This class is responsible for restoring authenticated web sessions out of |
| 31 // OAuth tokens or vice versa. |
| 32 class OAuthLoginManager { |
| 33 public: |
| 34 enum SessionRestoreState { |
| 35 // Session restore is not started. |
| 36 SESSION_RESTORE_NOT_STARTED, |
| 37 // Session restore is in progress. We are currently issuing calls to verify |
| 38 // stored OAuth tokens and populate cookie jar with GAIA credentials. |
| 39 SESSION_RESTORE_IN_PROGRESS, |
| 40 // Session restore is completed. |
| 41 SESSION_RESTORE_DONE, |
| 42 }; |
| 43 |
| 44 class Delegate { |
| 45 public: |
| 46 virtual ~Delegate() {} |
| 47 // Raised when cookie jar authentication is successfully completed. |
| 48 virtual void OnCompletedAuthentication(Profile* user_profile) = 0; |
| 49 // Raised when stored OAuth(1|2) tokens are found and authentication |
| 50 // profile is no longer needed. |
| 51 virtual void OnFoundStoredTokens() = 0; |
| 52 // Raised when policy tokens are retrieved. |
| 53 virtual void OnRestoredPolicyTokens() {} |
| 54 }; |
| 55 |
| 56 // Factory method. |
| 57 static OAuthLoginManager* Create(OAuthLoginManager::Delegate* delegate); |
| 58 |
| 59 explicit OAuthLoginManager(OAuthLoginManager::Delegate* delegate); |
| 60 virtual ~OAuthLoginManager() {} |
| 61 // Starts the process of retrieving policy tokens. |
| 62 virtual void RestorePolicyTokens( |
| 63 net::URLRequestContextGetter* auth_request_context) = 0; |
| 64 // Restores and verifies OAuth tokens either from TokenService or previously |
| 65 // authenticated cookie jar. |
| 66 virtual void RestoreSession( |
| 67 Profile* user_profile, |
| 68 net::URLRequestContextGetter* auth_request_context, |
| 69 bool restore_from_auth_cookies) = 0; |
| 70 // Continues session restore after transient network errors. |
| 71 virtual void ContinueSessionRestore() = 0; |
| 72 // Stops all background authentication requests. |
| 73 virtual void Stop() = 0; |
| 74 |
| 75 // Returns session restore state. |
| 76 SessionRestoreState state() { return state_; } |
| 77 |
| 78 protected: |
| 79 // Signals delegate that authentication is completed, kicks off token fetching |
| 80 // process in TokenService. |
| 81 void CompleteAuthentication(); |
| 82 |
| 83 OAuthLoginManager::Delegate* delegate_; |
| 84 Profile* user_profile_; |
| 85 scoped_refptr<net::URLRequestContextGetter> auth_request_context_; |
| 86 bool restore_from_auth_cookies_; |
| 87 SessionRestoreState state_; |
| 88 |
| 89 DISALLOW_COPY_AND_ASSIGN(OAuthLoginManager); |
| 90 }; |
| 91 |
| 92 // OAuth2 specialization of OAuthLoginManager. |
| 93 class OAuth2LoginManager : public OAuthLoginManager, |
| 94 public content::NotificationObserver, |
| 95 public OAuth2LoginVerifier::Delegate, |
| 96 public OAuth2TokenFetcher::Delegate { |
| 97 public: |
| 98 explicit OAuth2LoginManager(OAuthLoginManager::Delegate* delegate); |
| 99 |
| 100 // OAuthLoginManager overrides. |
| 101 virtual void RestorePolicyTokens( |
| 102 net::URLRequestContextGetter* auth_request_context) OVERRIDE; |
| 103 virtual void RestoreSession( |
| 104 Profile* user_profile, |
| 105 net::URLRequestContextGetter* auth_request_context, |
| 106 bool restore_from_auth_cookies) OVERRIDE; |
| 107 virtual void ContinueSessionRestore() OVERRIDE; |
| 108 virtual void Stop() OVERRIDE; |
| 109 |
| 110 private: |
| 111 // content::NotificationObserver overrides. |
| 112 void Observe(int type, |
| 113 const content::NotificationSource& source, |
| 114 const content::NotificationDetails& details) OVERRIDE; |
| 115 |
| 116 // OAuth2LoginVerifier::Delegate overrides. |
| 117 virtual void OnOAuth2LoginVerifierSuccess(const std::string& sid, |
| 118 const std::string& lsid, |
| 119 const std::string& auth) OVERRIDE; |
| 120 virtual void OnOAuth2LoginVerifierFailure() OVERRIDE; |
| 121 |
| 122 // OAuth2TokenFetcher::Delegate overrides. |
| 123 virtual void OnOAuth2TokenAvailable( |
| 124 const GaiaAuthConsumer::ClientLoginResult& gaia_credentials, |
| 125 const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens) OVERRIDE; |
| 126 virtual void OnOAuth2TokenFetchFailed() OVERRIDE; |
| 127 |
| 128 // Retrieves TokenService for |user_profile_| and sets up notification |
| 129 // observer events. |
| 130 TokenService* SetupTokenService(); |
| 131 // Removes legacy tokens form OAuth1 flow. |
| 132 void RemoveLegacyTokens(); |
| 133 // Loads previously stored OAuth2 tokens and kicks off its validation. |
| 134 void LoadAndVerifyOAuth2Tokens(); |
| 135 // Attempts to fetch OAuth2 tokens by using pre-authenticated cookie jar from |
| 136 // provided |auth_profile|. |
| 137 void FetchOAuth2Tokens(); |
| 138 // Reports when all tokens are loaded. |
| 139 void ReportOAuth2TokensLoaded(); |
| 140 // Issue GAIA cookie recovery (MergeSession) from |refresh_token_|. |
| 141 void RestoreSessionCookies(); |
| 142 // Fetches device policy OAuth2 access tokens if have not attempted or |
| 143 // failed that step previously. |
| 144 void FetchPolicyTokens(); |
| 145 // Checks GAIA error and figures out whether the request should be |
| 146 // re-attempted. |
| 147 bool RetryOnError(const GoogleServiceAuthError& error); |
| 148 |
| 149 // Keeps the track if we have already reported OAuth2 token being loaded |
| 150 // by TokenService. |
| 151 bool loading_reported_; |
| 152 content::NotificationRegistrar registrar_; |
| 153 scoped_ptr<OAuth2TokenFetcher> oauth2_token_fetcher_; |
| 154 scoped_ptr<OAuth2LoginVerifier> login_verifier_; |
| 155 scoped_ptr<OAuth2PolicyFetcher> oauth2_policy_fetcher_; |
| 156 std::string refresh_token_; |
| 157 |
| 158 DISALLOW_COPY_AND_ASSIGN(OAuth2LoginManager); |
| 159 }; |
| 160 |
| 161 |
| 162 // OAuth1 specialization of OAuthLoginManager. |
| 163 // TODO(zelidrag): Get rid of this one once we move everything to OAuth2. |
| 164 class OAuth1LoginManager : public OAuthLoginManager, |
| 165 public OAuth1TokenFetcher::Delegate, |
| 166 public OAuth1LoginVerifier::Delegate { |
| 167 public: |
| 168 explicit OAuth1LoginManager(OAuthLoginManager::Delegate* delegate); |
| 169 |
| 170 // OAuthLoginManager overrides. |
| 171 virtual void RestorePolicyTokens( |
| 172 net::URLRequestContextGetter* auth_request_context) OVERRIDE; |
| 173 virtual void RestoreSession( |
| 174 Profile* user_profile, |
| 175 net::URLRequestContextGetter* auth_request_context, |
| 176 bool restore_from_auth_cookies) OVERRIDE; |
| 177 virtual void ContinueSessionRestore() OVERRIDE; |
| 178 virtual void Stop() OVERRIDE; |
| 179 |
| 180 private: |
| 181 // OAuth1TokenFetcher::Delegate overrides. |
| 182 void OnOAuth1AccessTokenAvailable(const std::string& token, |
| 183 const std::string& secret) OVERRIDE; |
| 184 void OnOAuth1AccessTokenFetchFailed() OVERRIDE; |
| 185 |
| 186 // OAuth1LoginVerifier::Delegate overrides. |
| 187 virtual void OnOAuth1VerificationSucceeded(const std::string& user_name, |
| 188 const std::string& sid, |
| 189 const std::string& lsid, |
| 190 const std::string& auth) OVERRIDE; |
| 191 virtual void OnOAuth1VerificationFailed( |
| 192 const std::string& user_name) OVERRIDE; |
| 193 |
| 194 // Reads OAuth1 token from user profile's prefs. |
| 195 bool ReadOAuth1Tokens(); |
| 196 // Stores OAuth1 token + secret in profile's prefs. |
| 197 void StoreOAuth1Tokens(); |
| 198 // Fetch user credentials (sid/lsid) from |oauth1_token_| and |
| 199 // |oauth1_secret_|. |
| 200 void FetchCredentialsWithOAuth1(); |
| 201 // Verifies OAuth1 token by performing OAuthLogin and fetching credentials. |
| 202 void VerifyOAuth1AccessToken(); |
| 203 // Starts fetching device policy tokens. |
| 204 void FetchPolicyTokens(); |
| 205 |
| 206 scoped_ptr<OAuth1TokenFetcher> oauth1_token_fetcher_; |
| 207 scoped_ptr<OAuth1LoginVerifier> oauth1_login_verifier_; |
| 208 scoped_ptr<PolicyOAuthFetcher> policy_oauth_fetcher_; |
| 209 std::string oauth1_token_; |
| 210 std::string oauth1_secret_; |
| 211 |
| 212 DISALLOW_COPY_AND_ASSIGN(OAuth1LoginManager); |
| 213 }; |
| 214 |
| 215 } // namespace chromeos |
| 216 |
| 217 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_OAUTH_LOGIN_MANAGER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11649055:
OAuth2 sign-in flow for ChromeOS (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src