Public Sessions: fetch device robot api token during enterprise enrollment.

chrome/browser/policy/cloud/cloud_policy_client.h

Index: chrome/browser/policy/cloud/cloud_policy_client.h
diff --git a/chrome/browser/policy/cloud/cloud_policy_client.h b/chrome/browser/policy/cloud/cloud_policy_client.h
index 242672f838a2ce510fceec0dfd61955334679961..51c331f025053c454dd3f6ac48883e2ddebde8c1 100644
--- a/chrome/browser/policy/cloud/cloud_policy_client.h
+++ b/chrome/browser/policy/cloud/cloud_policy_client.h
@@ -53,6 +53,11 @@ class CloudPolicyClient {
     // successful completion of registration and unregistration requests.
     virtual void OnRegistrationStateChanged(CloudPolicyClient* client) = 0;
 
+    // Called when a request for device robot OAuth2 authorization tokens
+    // returns successfully.  Only occurs during enrollment.  Optional

[Mattias Nissler (ping if slow), 2013/04/22 10:59:00]

nit: no 2 spaces after period in this file.

[David Roche, 2013/04/23 01:36:08]

That's not entirely true.  UploadCertificate() and StatusCallback use
double-space.  So, I was being consistently inconsistent, with a preference to
spacing The Right Way (tm) when in doubt.

[Mattias Nissler (ping if slow), 2013/04/23 13:15:12]

Ha, so you're saying I should have payed more attention in the other review due
to which these slipped in recently? ;)

Regarding "The Right Way", note that the style guide doesn't seem to cover this
and authorities don't provide conclusive guidance either:
http://en.wikipedia.org/wiki/Sentence_spacing. Anyhow, I'll not spend too much
time arguing this :)

+    // (default implementation is a noop).
+    virtual void OnRobotAuthCodesFetched(CloudPolicyClient* client);

[Mattias Nissler (ping if slow), 2013/04/22 10:59:00]

"auth codes" here vs. "auth tokens" below - please consolidate.

[David Roche, 2013/04/23 01:36:08]

Ah, thanks for noticing this.  Per the OAuth2 docs, the sequence should be

auth code
refresh token
access token

I definitely want to be precise in the naming throughout.

+
     // Indicates there's been an error in a previously-issued request.
     virtual void OnClientError(CloudPolicyClient* client) = 0;
   };
@@ -107,6 +112,11 @@ class CloudPolicyClient {
   // requests and the latest request will eventually trigger notifications.
   virtual void FetchPolicy();
 
+  // Requests OAuth2 auth tokens for the device robot account. The client being
+  // registered is a prerequisite to this operation and this call will CHECK if
+  // the client is not in registered state.
+  virtual void FetchRobotAuthTokens(const std::string& auth_token);
+
   // Sends an unregistration request to the server.
   virtual void Unregister();
 
@@ -171,6 +181,10 @@ class CloudPolicyClient {
     return status_;
   }
 
+  const std::string& robot_api_auth_code() const {
+    return robot_api_auth_code_;
+  }
+
  protected:
   // A set of PolicyNamespaceKeys to fetch.
   typedef std::set<PolicyNamespaceKey> NamespaceSet;
@@ -188,6 +202,11 @@ class CloudPolicyClient {
       DeviceManagementStatus status,
       const enterprise_management::DeviceManagementResponse& response);
 
+  // Callback for robot account api authorization requests.
+  void OnFetchRobotAuthTokensCompleted(
+      DeviceManagementStatus status,
+      const enterprise_management::DeviceManagementResponse& response);
+
   // Callback for unregistration requests.
   void OnUnregisterCompleted(
       DeviceManagementStatus status,
@@ -202,6 +221,7 @@ class CloudPolicyClient {
   // Observer notification helpers.
   void NotifyPolicyFetched();
   void NotifyRegistrationStateChanged();
+  void NotifyRobotAuthCodesFetched();
   void NotifyClientError();
 
   // Data necessary for constructing policy requests.
@@ -217,6 +237,7 @@ class CloudPolicyClient {
   base::Time last_policy_timestamp_;
   int public_key_version_;
   bool public_key_version_valid_;
+  std::string robot_api_auth_code_;
 
   // Used for issuing requests to the cloud.
   DeviceManagementService* service_;