Apps v2 identity integration.

remoting/webapp/remoting.js

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 'use strict';
 
 /** @suppress {duplicate} */
 var remoting = remoting || {};
 
 /** @type {remoting.HostSession} */ remoting.hostSession = null;
@@ skipping 21 matching lines @@
  * Entry point for app initialization.
  */
 remoting.init = function() {
   // TODO(jamiewalch): Remove this when we migrate to apps v2.
   remoting.initMockStorage();
 
   remoting.logExtensionInfoAsync_();
   l10n.localize();
   // Create global objects.
   remoting.oauth2 = new remoting.OAuth2();
+  // TODO(jamiewalch): Reinstate this when we migrate to apps v2.
+  //  remoting.identity = new remoting.Identity(
+  //      document.getElementById('auth-dialog'),
+  //      document.getElementById('auth-button'));
+  remoting.identity = remoting.oauth2;
   remoting.stats = new remoting.ConnectionStats(
       document.getElementById('statistics'));
   remoting.formatIq = new remoting.FormatIq();
   remoting.hostList = new remoting.HostList(
       document.getElementById('host-list'),
       document.getElementById('host-list-empty'),
       document.getElementById('host-list-error-message'),
       document.getElementById('host-list-refresh-failed-button'));
   remoting.toolbar = new remoting.Toolbar(
       document.getElementById('session-toolbar'));
   remoting.clipboard = new remoting.Clipboard();
   remoting.suspendMonitor = new remoting.SuspendMonitor(
       function() {
         if (remoting.clientSession) {
           remoting.clientSession.logErrors(false);
         }
       }
   );
 
-  remoting.oauth2.getEmail(remoting.onEmail, remoting.showErrorMessage);
+  remoting.identity.getEmail(remoting.onEmail, remoting.showErrorMessage);
 
   remoting.showOrHideIt2MeUi();
   remoting.showOrHideMe2MeUi();
 
   // The plugin's onFocus handler sends a paste command to |window|, because
   // it can't send one to the plugin element itself.
   window.addEventListener('paste', pluginGotPaste_, false);
   window.addEventListener('copy', pluginGotCopy_, false);
 
   remoting.initModalDialogs();
@@ skipping 34 matching lines @@
   document.getElementById('get-started-it2me').disabled = false;
   document.getElementById('get-started-me2me').disabled = false;
 };
 
 // initDaemonUi is called if the app is not starting up in session mode, and
 // also if the user cancels pin entry or the connection in session mode.
 remoting.initDaemonUi = function () {
   remoting.hostController = new remoting.HostController();
   document.getElementById('share-button').disabled =
       !remoting.hostController.isPluginSupported();
-  remoting.setMode(getAppStartupMode_());
+  remoting.setMode(remoting.AppMode.HOME);
+  if (!remoting.oauth2.isAuthenticated()) {

[Wez, 2013/01/05 00:04:24]

Is there an equivalent to isAuthenticated() for the identity API?

You're making the authentication dialog orthogonal to whatever content the app
is currently displaying, rather than a separate state.  Is that a safe thing to
do wrt what the rest of the page may be up to?  Does it matter that the OAuth2
flow currently navigates away from the current page, potentially losing state?

[Jamie, 2013/01/05 01:32:54]

I don't think so.
I think that making it orthogonal makes more sense because requesting a token
may change the UI, and showing a dialog is more easily undoable than switching
to a new UI mode.

There's no way to avoid losing state if the page changes, so I don't think
that's a concern.

[rmsousa, 2013/01/05 05:21:11]

I'm not sure we need to do this here at all. For appsv2, we call several APIs on
startup (getEmail on init(), hostlist refresh here) - any one of them will cause
a callWithToken flow to run (which will eventually will show the auth dialog
with the correct button callback if it needs to be shown).

For non-appsv2, now that we don't have a separate unauthenticated mode, we don't
need to do this isAuthenticated check here, oauth2 could take the same
constructor parameter as identity (consentRequired), and, while it's being
initialized, check if it's authenticated and call
consentRequired(doAuthRedirect) if not. That should have the same effect as this
code (show the auth dialog if needed), but make the two implementations more
similar.

[Jamie, 2013/01/07 23:52:20]

The problem with that approach is that the apps v2 flow happens entirely within
the app, so callWithToken will always invoke one or other of the callbacks. For
apps v1, it might redirect to another page. I think an explicit doAuthRedirect
call is more appropriate in that case.

[Wez, 2013/01/07 23:52:44]

The one distinction between the identity and OAuth2 flows is that the OAuth2
authorization flow navigates the tab away to the OAuth pages, so we lose any
application state.  I don't think that should be a problem so long as we
getEmail() early on in the startup process.

+    document.getElementById('auth-dialog').hidden = false;
+  }
   remoting.hostSetupDialog =
       new remoting.HostSetupDialog(remoting.hostController);
   // Display the cached host list, then asynchronously update and re-display it.
   remoting.updateLocalHostState();
   remoting.hostList.refresh(remoting.updateLocalHostState);
 };
 
 /**
  * Fetches local host state and updates host list accordingly.
  */
@@ skipping 56 matching lines @@
 
 /**
  * Sign the user out of Chromoting by clearing (and revoking, if possible) the
  * OAuth refresh token.
  *
  * Also clear all local storage, to avoid leaking information.
  */
 remoting.signOut = function() {
   remoting.oauth2.clear();
   chrome.storage.local.clear();
-  remoting.setMode(remoting.AppMode.UNAUTHENTICATED);
+  remoting.setMode(remoting.AppMode.HOME);
+  document.getElementById('auth-dialog').hidden = false;
 };
 
 /**
  * Returns whether the app is running on ChromeOS.
  *
  * @return {boolean} True if the app is running on ChromeOS.
  */
 remoting.runningOnChromeOS = function() {
   return !!navigator.userAgent.match(/\bCrOS\b/);
 }
@@ skipping 21 matching lines @@
   var event = /** @type {remoting.ClipboardEvent} */ eventUncast;
   if (event && event.clipboardData) {
     if (remoting.clipboard.toOs(event.clipboardData)) {
       // The default action may overwrite items that we added to clipboardData.
       event.preventDefault();
     }
   }
 }
 
 /**
- * Gets the major-mode that this application should start up in.
- *
- * @return {remoting.AppMode} The mode to start in.
- */
-function getAppStartupMode_() {
-  if (!remoting.oauth2.isAuthenticated()) {
-    return remoting.AppMode.UNAUTHENTICATED;
-  }
-  return remoting.AppMode.HOME;
-}
-
-/**
  * Returns whether Host mode is supported on this platform.
  *
  * @return {boolean} True if Host mode is supported.
  */
 function isHostModeSupported_() {
   // Currently, sharing on Chromebooks is not supported.
   return !remoting.runningOnChromeOS();
 }
 
 /**
@@ skipping 56 matching lines @@
  */
 remoting.showErrorMessage = function(error) {
   l10n.localizeElementFromTag(
       document.getElementById('token-refresh-error-message'),
       error);
   var auth_failed = (error == remoting.Error.AUTHENTICATION_FAILED);
   document.getElementById('token-refresh-auth-failed').hidden = !auth_failed;
   document.getElementById('token-refresh-other-error').hidden = auth_failed;
   remoting.setMode(remoting.AppMode.TOKEN_REFRESH_FAILED);
 };