| Index: chrome/browser/signin/token_service.cc
|
| diff --git a/chrome/browser/signin/token_service.cc b/chrome/browser/signin/token_service.cc
|
| index 0e6e601ff77ca2c8deb261b8d443c966cd6763f7..726303be1e1e0d51cb13f9e2319df4c5b46e4e6a 100644
|
| --- a/chrome/browser/signin/token_service.cc
|
| +++ b/chrome/browser/signin/token_service.cc
|
| @@ -113,6 +113,15 @@ void TokenService::AddAuthTokenManually(const std::string& service,
|
| token_map_[service] = auth_token;
|
| FireTokenAvailableNotification(service, auth_token);
|
| SaveAuthTokenToDB(service, auth_token);
|
| +
|
| +#if defined(OS_CHROMEOS)
|
| + // We don't want to fetch OAuth2 tokens from LSO service token in case when
|
| + // ChromeOS is in exclusive OAuth2 useage mode. OAuth2 token should only
|
| + // arrive into token service through UpdateCredentialsWithOAuth2().
|
| + if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceOAuth2))
|
| + return;
|
| +#endif
|
| +
|
| // If we got ClientLogin token for "lso" service, and we don't already have
|
| // OAuth2 tokens, start fetching OAuth2 login scoped token pair.
|
| if (service == GaiaConstants::kLSOService && !HasOAuthLoginToken()) {
|
| @@ -145,6 +154,13 @@ void TokenService::ResetCredentialsInMemory() {
|
| void TokenService::UpdateCredentials(
|
| const GaiaAuthConsumer::ClientLoginResult& credentials) {
|
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| +#if defined(OS_CHROMEOS)
|
| + // Prevent this method from ever bing used on ChromeOS if we use OAuth2.
|
| + if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceOAuth2)) {
|
| + NOTREACHED();
|
| + return;
|
| + }
|
| +#endif
|
| credentials_ = credentials;
|
|
|
| SaveAuthTokenToDB(GaiaConstants::kGaiaLsid, credentials.lsid);
|
| @@ -162,10 +178,8 @@ void TokenService::UpdateCredentials(
|
| }
|
|
|
| void TokenService::UpdateCredentialsWithOAuth2(
|
| - const GaiaAuthConsumer::ClientOAuthResult& credentials) {
|
| - // Will be implemented once the ClientOAuth signin is complete. Not called
|
| - // yet by any code.
|
| - NOTREACHED();
|
| + const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens) {
|
| + SaveOAuth2Credentials(oauth2_tokens);
|
| }
|
|
|
| void TokenService::LoadTokensFromDB() {
|
| @@ -222,17 +236,33 @@ int TokenService::GetServiceIndex(const std::string& service) {
|
| }
|
|
|
| bool TokenService::AreCredentialsValid() const {
|
| - return !credentials_.lsid.empty() && !credentials_.sid.empty();
|
| +#if defined(OS_CHROMEOS)
|
| + if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceOAuth2))
|
| + return HasOAuthLoginAccessToken() && HasOAuthLoginToken();
|
| +#endif
|
| +
|
| + return credentials_.lsid.empty() && !credentials_.sid.empty();
|
| }
|
|
|
| void TokenService::StartFetchingTokens() {
|
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| DCHECK(AreCredentialsValid());
|
| + bool uses_oauth2 = false;
|
| +#if defined(OS_CHROMEOS)
|
| + uses_oauth2 = CommandLine::ForCurrentProcess()->HasSwitch(
|
| + switches::kForceOAuth2);
|
| +#endif
|
| +
|
| for (size_t i = 0; i < arraysize(kServices); i++) {
|
| fetchers_[i].reset(new GaiaAuthFetcher(this, source_, getter_));
|
| - fetchers_[i]->StartIssueAuthToken(credentials_.sid,
|
| - credentials_.lsid,
|
| - kServices[i]);
|
| + if (uses_oauth2) {
|
| + fetchers_[i]->StartIssueAuthTokenForOAuth2(GetOAuth2LoginAccessToken(),
|
| + kServices[i]);
|
| + } else {
|
| + fetchers_[i]->StartIssueAuthToken(credentials_.sid,
|
| + credentials_.lsid,
|
| + kServices[i]);
|
| + }
|
| }
|
| }
|
|
|
| @@ -256,6 +286,10 @@ bool TokenService::HasOAuthLoginToken() const {
|
| return HasTokenForService(GaiaConstants::kGaiaOAuth2LoginRefreshToken);
|
| }
|
|
|
| +bool TokenService::HasOAuthLoginAccessToken() const {
|
| + return HasTokenForService(GaiaConstants::kGaiaOAuth2LoginAccessToken);
|
| +}
|
| +
|
| const std::string& TokenService::GetOAuth2LoginRefreshToken() const {
|
| return GetTokenForService(GaiaConstants::kGaiaOAuth2LoginRefreshToken);
|
| }
|
| @@ -343,13 +377,16 @@ void TokenService::OnIssueAuthTokenFailure(const std::string& service,
|
| void TokenService::OnClientOAuthSuccess(const ClientOAuthResult& result) {
|
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| VLOG(1) << "Got OAuth2 login token pair";
|
| + SaveOAuth2Credentials(result);
|
| +}
|
| +
|
| +void TokenService::SaveOAuth2Credentials(const ClientOAuthResult& result) {
|
| token_map_[GaiaConstants::kGaiaOAuth2LoginRefreshToken] =
|
| result.refresh_token;
|
| token_map_[GaiaConstants::kGaiaOAuth2LoginAccessToken] = result.access_token;
|
| + // Save refresh token only since access token is transient anyway.
|
| SaveAuthTokenToDB(GaiaConstants::kGaiaOAuth2LoginRefreshToken,
|
| result.refresh_token);
|
| - SaveAuthTokenToDB(GaiaConstants::kGaiaOAuth2LoginAccessToken,
|
| - result.access_token);
|
| // We don't save expiration information for now.
|
|
|
| FOR_DIAGNOSTICS_OBSERVERS(
|
| @@ -361,6 +398,8 @@ void TokenService::OnClientOAuthSuccess(const ClientOAuthResult& result) {
|
|
|
| FireTokenAvailableNotification(GaiaConstants::kGaiaOAuth2LoginRefreshToken,
|
| result.refresh_token);
|
| + FireTokenAvailableNotification(GaiaConstants::kGaiaOAuth2LoginAccessToken,
|
| + result.access_token);
|
| }
|
|
|
| void TokenService::OnClientOAuthFailure(
|
|
|
Chromium Code Reviews
Issue 11649055:
OAuth2 sign-in flow for ChromeOS (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src