| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/signin/token_service.h" | 5 #include "chrome/browser/signin/token_service.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/string_util.h" | 9 #include "base/string_util.h" |
| 10 #include "chrome/browser/prefs/pref_service.h" | 10 #include "chrome/browser/prefs/pref_service.h" |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 106 // store tokens and fetch them. Move the key-value storage out of | 106 // store tokens and fetch them. Move the key-value storage out of |
| 107 // token_service, and leave the token fetching in token_service. | 107 // token_service, and leave the token fetching in token_service. |
| 108 | 108 |
| 109 void TokenService::AddAuthTokenManually(const std::string& service, | 109 void TokenService::AddAuthTokenManually(const std::string& service, |
| 110 const std::string& auth_token) { | 110 const std::string& auth_token) { |
| 111 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 111 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 112 VLOG(1) << "Got an authorization token for " << service; | 112 VLOG(1) << "Got an authorization token for " << service; |
| 113 token_map_[service] = auth_token; | 113 token_map_[service] = auth_token; |
| 114 FireTokenAvailableNotification(service, auth_token); | 114 FireTokenAvailableNotification(service, auth_token); |
| 115 SaveAuthTokenToDB(service, auth_token); | 115 SaveAuthTokenToDB(service, auth_token); |
| 116 |
| 117 #if defined(OS_CHROMEOS) |
| 118 // We don't want to fetch OAuth2 tokens from LSO service token in case when |
| 119 // ChromeOS is in exclusive OAuth2 useage mode. OAuth2 token should only |
| 120 // arrive into token service through UpdateCredentialsWithOAuth2(). |
| 121 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceOAuth2)) |
| 122 return; |
| 123 #endif |
| 124 |
| 116 // If we got ClientLogin token for "lso" service, and we don't already have | 125 // If we got ClientLogin token for "lso" service, and we don't already have |
| 117 // OAuth2 tokens, start fetching OAuth2 login scoped token pair. | 126 // OAuth2 tokens, start fetching OAuth2 login scoped token pair. |
| 118 if (service == GaiaConstants::kLSOService && !HasOAuthLoginToken()) { | 127 if (service == GaiaConstants::kLSOService && !HasOAuthLoginToken()) { |
| 119 int index = GetServiceIndex(service); | 128 int index = GetServiceIndex(service); |
| 120 CHECK_GE(index, 0); | 129 CHECK_GE(index, 0); |
| 121 fetchers_[index]->StartLsoForOAuthLoginTokenExchange(auth_token); | 130 fetchers_[index]->StartLsoForOAuthLoginTokenExchange(auth_token); |
| 122 } | 131 } |
| 123 } | 132 } |
| 124 | 133 |
| 125 | 134 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 138 } | 147 } |
| 139 | 148 |
| 140 tokens_loaded_ = false; | 149 tokens_loaded_ = false; |
| 141 token_map_.clear(); | 150 token_map_.clear(); |
| 142 credentials_ = GaiaAuthConsumer::ClientLoginResult(); | 151 credentials_ = GaiaAuthConsumer::ClientLoginResult(); |
| 143 } | 152 } |
| 144 | 153 |
| 145 void TokenService::UpdateCredentials( | 154 void TokenService::UpdateCredentials( |
| 146 const GaiaAuthConsumer::ClientLoginResult& credentials) { | 155 const GaiaAuthConsumer::ClientLoginResult& credentials) { |
| 147 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 156 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 157 #if defined(OS_CHROMEOS) |
| 158 // Prevent this method from ever bing used on ChromeOS if we use OAuth2. |
| 159 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceOAuth2)) { |
| 160 NOTREACHED(); |
| 161 return; |
| 162 } |
| 163 #endif |
| 148 credentials_ = credentials; | 164 credentials_ = credentials; |
| 149 | 165 |
| 150 SaveAuthTokenToDB(GaiaConstants::kGaiaLsid, credentials.lsid); | 166 SaveAuthTokenToDB(GaiaConstants::kGaiaLsid, credentials.lsid); |
| 151 SaveAuthTokenToDB(GaiaConstants::kGaiaSid, credentials.sid); | 167 SaveAuthTokenToDB(GaiaConstants::kGaiaSid, credentials.sid); |
| 152 | 168 |
| 153 // Cancel any currently running requests. | 169 // Cancel any currently running requests. |
| 154 for (size_t i = 0; i < arraysize(kServices); i++) { | 170 for (size_t i = 0; i < arraysize(kServices); i++) { |
| 155 fetchers_[i].reset(); | 171 fetchers_[i].reset(); |
| 156 } | 172 } |
| 157 | 173 |
| 158 // Notify AboutSigninInternals that a new lsid and sid are available. | 174 // Notify AboutSigninInternals that a new lsid and sid are available. |
| 159 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( | 175 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged( |
| 160 signin_internals_util::SID, credentials.sid)); | 176 signin_internals_util::SID, credentials.sid)); |
| 161 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged(LSID, credentials.lsid)); | 177 FOR_DIAGNOSTICS_OBSERVERS(NotifySigninValueChanged(LSID, credentials.lsid)); |
| 162 } | 178 } |
| 163 | 179 |
| 164 void TokenService::UpdateCredentialsWithOAuth2( | 180 void TokenService::UpdateCredentialsWithOAuth2( |
| 165 const GaiaAuthConsumer::ClientOAuthResult& credentials) { | 181 const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens) { |
| 166 // Will be implemented once the ClientOAuth signin is complete. Not called | 182 SaveOAuth2Credentials(oauth2_tokens); |
| 167 // yet by any code. | |
| 168 NOTREACHED(); | |
| 169 } | 183 } |
| 170 | 184 |
| 171 void TokenService::LoadTokensFromDB() { | 185 void TokenService::LoadTokensFromDB() { |
| 172 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 186 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 173 if (web_data_service_.get()) | 187 if (web_data_service_.get()) |
| 174 token_loading_query_ = web_data_service_->GetAllTokens(this); | 188 token_loading_query_ = web_data_service_->GetAllTokens(this); |
| 175 } | 189 } |
| 176 | 190 |
| 177 void TokenService::SaveAuthTokenToDB(const std::string& service, | 191 void TokenService::SaveAuthTokenToDB(const std::string& service, |
| 178 const std::string& auth_token) { | 192 const std::string& auth_token) { |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 215 // static | 229 // static |
| 216 int TokenService::GetServiceIndex(const std::string& service) { | 230 int TokenService::GetServiceIndex(const std::string& service) { |
| 217 for (size_t i = 0; i < arraysize(kServices); ++i) { | 231 for (size_t i = 0; i < arraysize(kServices); ++i) { |
| 218 if (kServices[i] == service) | 232 if (kServices[i] == service) |
| 219 return i; | 233 return i; |
| 220 } | 234 } |
| 221 return -1; | 235 return -1; |
| 222 } | 236 } |
| 223 | 237 |
| 224 bool TokenService::AreCredentialsValid() const { | 238 bool TokenService::AreCredentialsValid() const { |
| 225 return !credentials_.lsid.empty() && !credentials_.sid.empty(); | 239 #if defined(OS_CHROMEOS) |
| 240 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceOAuth2)) |
| 241 return HasOAuthLoginAccessToken() && HasOAuthLoginToken(); |
| 242 #endif |
| 243 |
| 244 return credentials_.lsid.empty() && !credentials_.sid.empty(); |
| 226 } | 245 } |
| 227 | 246 |
| 228 void TokenService::StartFetchingTokens() { | 247 void TokenService::StartFetchingTokens() { |
| 229 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 248 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 230 DCHECK(AreCredentialsValid()); | 249 DCHECK(AreCredentialsValid()); |
| 250 bool uses_oauth2 = false; |
| 251 #if defined(OS_CHROMEOS) |
| 252 uses_oauth2 = CommandLine::ForCurrentProcess()->HasSwitch( |
| 253 switches::kForceOAuth2); |
| 254 #endif |
| 255 |
| 231 for (size_t i = 0; i < arraysize(kServices); i++) { | 256 for (size_t i = 0; i < arraysize(kServices); i++) { |
| 232 fetchers_[i].reset(new GaiaAuthFetcher(this, source_, getter_)); | 257 fetchers_[i].reset(new GaiaAuthFetcher(this, source_, getter_)); |
| 233 fetchers_[i]->StartIssueAuthToken(credentials_.sid, | 258 if (uses_oauth2) { |
| 234 credentials_.lsid, | 259 fetchers_[i]->StartIssueAuthTokenForOAuth2(GetOAuth2LoginAccessToken(), |
| 235 kServices[i]); | 260 kServices[i]); |
| 261 } else { |
| 262 fetchers_[i]->StartIssueAuthToken(credentials_.sid, |
| 263 credentials_.lsid, |
| 264 kServices[i]); |
| 265 } |
| 236 } | 266 } |
| 237 } | 267 } |
| 238 | 268 |
| 239 // Services dependent on a token will check if a token is available. | 269 // Services dependent on a token will check if a token is available. |
| 240 // If it isn't, they'll go to sleep until they get a token event. | 270 // If it isn't, they'll go to sleep until they get a token event. |
| 241 bool TokenService::HasTokenForService(const char* service) const { | 271 bool TokenService::HasTokenForService(const char* service) const { |
| 242 return token_map_.count(service) > 0; | 272 return token_map_.count(service) > 0; |
| 243 } | 273 } |
| 244 | 274 |
| 245 const std::string& TokenService::GetTokenForService( | 275 const std::string& TokenService::GetTokenForService( |
| 246 const char* const service) const { | 276 const char* const service) const { |
| 247 | 277 |
| 248 if (token_map_.count(service) > 0) { | 278 if (token_map_.count(service) > 0) { |
| 249 // Note map[key] is not const. | 279 // Note map[key] is not const. |
| 250 return (*token_map_.find(service)).second; | 280 return (*token_map_.find(service)).second; |
| 251 } | 281 } |
| 252 return EmptyString(); | 282 return EmptyString(); |
| 253 } | 283 } |
| 254 | 284 |
| 255 bool TokenService::HasOAuthLoginToken() const { | 285 bool TokenService::HasOAuthLoginToken() const { |
| 256 return HasTokenForService(GaiaConstants::kGaiaOAuth2LoginRefreshToken); | 286 return HasTokenForService(GaiaConstants::kGaiaOAuth2LoginRefreshToken); |
| 257 } | 287 } |
| 258 | 288 |
| 289 bool TokenService::HasOAuthLoginAccessToken() const { |
| 290 return HasTokenForService(GaiaConstants::kGaiaOAuth2LoginAccessToken); |
| 291 } |
| 292 |
| 259 const std::string& TokenService::GetOAuth2LoginRefreshToken() const { | 293 const std::string& TokenService::GetOAuth2LoginRefreshToken() const { |
| 260 return GetTokenForService(GaiaConstants::kGaiaOAuth2LoginRefreshToken); | 294 return GetTokenForService(GaiaConstants::kGaiaOAuth2LoginRefreshToken); |
| 261 } | 295 } |
| 262 | 296 |
| 263 const std::string& TokenService::GetOAuth2LoginAccessToken() const { | 297 const std::string& TokenService::GetOAuth2LoginAccessToken() const { |
| 264 return GetTokenForService(GaiaConstants::kGaiaOAuth2LoginAccessToken); | 298 return GetTokenForService(GaiaConstants::kGaiaOAuth2LoginAccessToken); |
| 265 } | 299 } |
| 266 | 300 |
| 267 // static | 301 // static |
| 268 void TokenService::GetServiceNamesForTesting(std::vector<std::string>* names) { | 302 void TokenService::GetServiceNamesForTesting(std::vector<std::string>* names) { |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 336 LOG(WARNING) << "Auth token issuing failed for service:" << service | 370 LOG(WARNING) << "Auth token issuing failed for service:" << service |
| 337 << ", error: " << error.ToString(); | 371 << ", error: " << error.ToString(); |
| 338 FOR_DIAGNOSTICS_OBSERVERS( | 372 FOR_DIAGNOSTICS_OBSERVERS( |
| 339 NotifyTokenReceivedFailure(service, error.ToString())); | 373 NotifyTokenReceivedFailure(service, error.ToString())); |
| 340 FireTokenRequestFailedNotification(service, error); | 374 FireTokenRequestFailedNotification(service, error); |
| 341 } | 375 } |
| 342 | 376 |
| 343 void TokenService::OnClientOAuthSuccess(const ClientOAuthResult& result) { | 377 void TokenService::OnClientOAuthSuccess(const ClientOAuthResult& result) { |
| 344 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 378 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 345 VLOG(1) << "Got OAuth2 login token pair"; | 379 VLOG(1) << "Got OAuth2 login token pair"; |
| 380 SaveOAuth2Credentials(result); |
| 381 } |
| 382 |
| 383 void TokenService::SaveOAuth2Credentials(const ClientOAuthResult& result) { |
| 346 token_map_[GaiaConstants::kGaiaOAuth2LoginRefreshToken] = | 384 token_map_[GaiaConstants::kGaiaOAuth2LoginRefreshToken] = |
| 347 result.refresh_token; | 385 result.refresh_token; |
| 348 token_map_[GaiaConstants::kGaiaOAuth2LoginAccessToken] = result.access_token; | 386 token_map_[GaiaConstants::kGaiaOAuth2LoginAccessToken] = result.access_token; |
| 387 // Save refresh token only since access token is transient anyway. |
| 349 SaveAuthTokenToDB(GaiaConstants::kGaiaOAuth2LoginRefreshToken, | 388 SaveAuthTokenToDB(GaiaConstants::kGaiaOAuth2LoginRefreshToken, |
| 350 result.refresh_token); | 389 result.refresh_token); |
| 351 SaveAuthTokenToDB(GaiaConstants::kGaiaOAuth2LoginAccessToken, | |
| 352 result.access_token); | |
| 353 // We don't save expiration information for now. | 390 // We don't save expiration information for now. |
| 354 | 391 |
| 355 FOR_DIAGNOSTICS_OBSERVERS( | 392 FOR_DIAGNOSTICS_OBSERVERS( |
| 356 NotifyTokenReceivedSuccess(GaiaConstants::kGaiaOAuth2LoginAccessToken, | 393 NotifyTokenReceivedSuccess(GaiaConstants::kGaiaOAuth2LoginAccessToken, |
| 357 result.access_token, true)); | 394 result.access_token, true)); |
| 358 FOR_DIAGNOSTICS_OBSERVERS( | 395 FOR_DIAGNOSTICS_OBSERVERS( |
| 359 NotifyTokenReceivedSuccess(GaiaConstants::kGaiaOAuth2LoginRefreshToken, | 396 NotifyTokenReceivedSuccess(GaiaConstants::kGaiaOAuth2LoginRefreshToken, |
| 360 result.refresh_token, true)); | 397 result.refresh_token, true)); |
| 361 | 398 |
| 362 FireTokenAvailableNotification(GaiaConstants::kGaiaOAuth2LoginRefreshToken, | 399 FireTokenAvailableNotification(GaiaConstants::kGaiaOAuth2LoginRefreshToken, |
| 363 result.refresh_token); | 400 result.refresh_token); |
| 401 FireTokenAvailableNotification(GaiaConstants::kGaiaOAuth2LoginAccessToken, |
| 402 result.access_token); |
| 364 } | 403 } |
| 365 | 404 |
| 366 void TokenService::OnClientOAuthFailure( | 405 void TokenService::OnClientOAuthFailure( |
| 367 const GoogleServiceAuthError& error) { | 406 const GoogleServiceAuthError& error) { |
| 368 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 407 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 369 LOG(WARNING) << "OAuth2 login token pair fetch failed: " << error.ToString(); | 408 LOG(WARNING) << "OAuth2 login token pair fetch failed: " << error.ToString(); |
| 370 FireTokenRequestFailedNotification( | 409 FireTokenRequestFailedNotification( |
| 371 GaiaConstants::kGaiaOAuth2LoginRefreshToken, error); | 410 GaiaConstants::kGaiaOAuth2LoginRefreshToken, error); |
| 372 } | 411 } |
| 373 | 412 |
| (...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 471 | 510 |
| 472 void TokenService::AddSigninDiagnosticsObserver( | 511 void TokenService::AddSigninDiagnosticsObserver( |
| 473 SigninDiagnosticsObserver* observer) { | 512 SigninDiagnosticsObserver* observer) { |
| 474 signin_diagnostics_observers_.AddObserver(observer); | 513 signin_diagnostics_observers_.AddObserver(observer); |
| 475 } | 514 } |
| 476 | 515 |
| 477 void TokenService::RemoveSigninDiagnosticsObserver( | 516 void TokenService::RemoveSigninDiagnosticsObserver( |
| 478 SigninDiagnosticsObserver* observer) { | 517 SigninDiagnosticsObserver* observer) { |
| 479 signin_diagnostics_observers_.RemoveObserver(observer); | 518 signin_diagnostics_observers_.RemoveObserver(observer); |
| 480 } | 519 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11649055:
OAuth2 sign-in flow for ChromeOS (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src