OAuth2 sign-in flow for ChromeOS

google_apis/gaia/gaia_auth_fetcher.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "google_apis/gaia/gaia_auth_fetcher.h"
 
 #include <algorithm>
 #include <string>
 #include <utility>
 #include <vector>
@@ skipping 62 matching lines @@
     "service=%s&"
     "logintoken=%s&"
     "logincaptcha=%s";
 // static
 const char GaiaAuthFetcher::kIssueAuthTokenFormat[] =
     "SID=%s&"
     "LSID=%s&"
     "service=%s&"
     "Session=%s";
 // static
+const char GaiaAuthFetcher::kIssueAuthTokenFormatForOAuth2[] =
+    "service=%s&"
+    "Session=%s";
+// static
 const char GaiaAuthFetcher::kClientLoginToOAuth2BodyFormat[] =
     "scope=%s&client_id=%s";
 // static
 const char GaiaAuthFetcher::kOAuth2CodeToTokenPairBodyFormat[] =
     "scope=%s&"
     "grant_type=authorization_code&"
     "client_id=%s&"
     "client_secret=%s&"
     "code=%s";
 // static
@@ skipping 56 matching lines @@
 
 // static
 const char GaiaAuthFetcher::kSecondFactor[] = "Info=InvalidSecondFactor";
 
 // static
 const char GaiaAuthFetcher::kAuthHeaderFormat[] =
     "Authorization: GoogleLogin auth=%s";
 // static
 const char GaiaAuthFetcher::kOAuthHeaderFormat[] = "Authorization: OAuth %s";
 // static
+const char GaiaAuthFetcher::kOAuth2BearerHeaderFormat[] =
+    "Authorization: Bearer %s";
+// static
 const char GaiaAuthFetcher::kClientLoginToOAuth2CookiePartSecure[] = "Secure";
 // static
 const char GaiaAuthFetcher::kClientLoginToOAuth2CookiePartHttpOnly[] =
     "HttpOnly";
 // static
 const char GaiaAuthFetcher::kClientLoginToOAuth2CookiePartCodePrefix[] =
     "oauth_code=";
 // static
 const int GaiaAuthFetcher::kClientLoginToOAuth2CookiePartCodePrefixLength =
     arraysize(GaiaAuthFetcher::kClientLoginToOAuth2CookiePartCodePrefix) - 1;
@@ skipping 115 matching lines @@
     session = false;
 
   return base::StringPrintf(kIssueAuthTokenFormat,
                             encoded_sid.c_str(),
                             encoded_lsid.c_str(),
                             service,
                             session ? "true" : "false");
 }
 
 // static
+std::string GaiaAuthFetcher::MakeIssueAuthTokenBodyForOAuth2(
+    const char* const service) {
+  // All tokens should be session tokens except the gaia auth token.
+  bool session = true;
+  if (!strcmp(service, GaiaConstants::kGaiaService))
+    session = false;
+
+  return base::StringPrintf(kIssueAuthTokenFormatForOAuth2,
+                            service,
+                            session ? "true" : "false");
+}
+
+// static
 std::string GaiaAuthFetcher::MakeGetAuthCodeBody() {
   std::string encoded_scope = net::EscapeUrlEncodedData(
       GaiaUrls::GetInstance()->oauth1_login_scope(), true);
   std::string encoded_client_id = net::EscapeUrlEncodedData(
       GaiaUrls::GetInstance()->oauth2_chrome_client_id(), true);
   return StringPrintf(kClientLoginToOAuth2BodyFormat,
                       encoded_scope.c_str(),
                       encoded_client_id.c_str());
 }
 
@@ skipping 305 matching lines @@
   fetcher_.reset(CreateGaiaFetcher(getter_,
                                    request_body_,
                                    "",
                                    issue_auth_token_gurl_,
                                    kLoadFlagsIgnoreCookies,
                                    this));
   fetch_pending_ = true;
   fetcher_->Start();
 }
 
+void GaiaAuthFetcher::StartIssueAuthTokenForOAuth2(
+    const std::string& oauth2_access_token,
+    const char* const service) {
+  DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";
+
+  DVLOG(1) << "Starting IssueAuthToken for: " << service;
+  requested_service_ = service;
+  request_body_ = MakeIssueAuthTokenBodyForOAuth2(service);
+  std::string authentication_header =
+      base::StringPrintf(kOAuth2BearerHeaderFormat,
+                         oauth2_access_token.c_str());
+  fetcher_.reset(CreateGaiaFetcher(getter_,
+                                   request_body_,
+                                   authentication_header,
+                                   issue_auth_token_gurl_,
+                                   kLoadFlagsIgnoreCookies,
+                                   this));
+  fetch_pending_ = true;
+  fetcher_->Start();
+}
+
 void GaiaAuthFetcher::StartLsoForOAuthLoginTokenExchange(
     const std::string& auth_token) {
   DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";
 
   DVLOG(1) << "Starting OAuth login token exchange with auth_token";
   request_body_ = MakeGetAuthCodeBody();
   client_login_to_oauth2_gurl_ =
       GURL(GaiaUrls::GetInstance()->client_login_to_oauth2_url());
 
   fetcher_.reset(CreateGaiaFetcher(getter_,
@@ skipping 134 matching lines @@
   fetch_pending_ = true;
   fetcher_->Start();
 }
 
 void GaiaAuthFetcher::StartOAuthLogin(const std::string& access_token,
                                       const std::string& service) {
   DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";
 
   request_body_ = MakeOAuthLoginBody(service, source_);
   std::string authentication_header =
-      base::StringPrintf("Authorization: Bearer %s", access_token.c_str());
+      base::StringPrintf(kOAuth2BearerHeaderFormat, access_token.c_str());
   fetcher_.reset(CreateGaiaFetcher(getter_,
                                    request_body_,
                                    authentication_header,
                                    oauth_login_gurl_,
                                    kLoadFlagsIgnoreCookies,
                                    this));
   fetch_pending_ = true;
   fetcher_->Start();
 }
 
@@ skipping 313 matching lines @@
     NOTREACHED();
   }
 }
 
 // static
 bool GaiaAuthFetcher::IsSecondFactorSuccess(
     const std::string& alleged_error) {
   return alleged_error.find(kSecondFactor) !=
       std::string::npos;
 }