Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2012 The Chromium Authors. All rights reserved. | 1 // Copyright 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_H_ | 5 #ifndef CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_H_ |
| 6 #define CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_H_ | 6 #define CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <set> | 9 #include <set> |
| 10 #include <string> | 10 #include <string> |
| 11 | 11 |
| 12 #include "base/memory/ref_counted.h" | 12 #include "base/basictypes.h" |
| 13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/memory/weak_ptr.h" | 14 #include "base/memory/weak_ptr.h" |
| 15 #include "base/time.h" | 15 |
| 16 #include "chrome/browser/profiles/profile_keyed_service.h" | 16 namespace base { |
| 17 #include "chrome/browser/signin/signin_global_error.h" | 17 class Time; |
| 18 #include "content/public/browser/notification_observer.h" | 18 } |
| 19 #include "content/public/browser/notification_registrar.h" | 19 |
| 20 #include "net/url_request/url_request_context_getter.h" | 20 namespace net { |
| 21 class URLRequestContextGetter; | |
| 22 } | |
| 21 | 23 |
| 22 class GoogleServiceAuthError; | 24 class GoogleServiceAuthError; |
| 23 class OAuth2AccessTokenConsumer; | |
| 24 class Profile; | |
| 25 | 25 |
| 26 // OAuth2TokenService is a ProfileKeyedService that retrieves OAuth2 access | 26 // Abstract base class for a service that fetches and caches OAuth2 access |
| 27 // tokens for a given set of scopes using the OAuth2 refresh token maintained by | 27 // tokens. Concrete subclasses should implement GetRefreshToken to return |
| 28 // TokenService. All calls are expected from the UI thread. | 28 // the appropriate refresh token. |
| 29 // | |
| 30 // All calls are expected from the UI thread. | |
| 29 // | 31 // |
| 30 // To use this service, call StartRequest() with a given set of scopes and a | 32 // To use this service, call StartRequest() with a given set of scopes and a |
| 31 // consumer of the request results. The consumer is required to outlive the | 33 // consumer of the request results. The consumer is required to outlive the |
| 32 // request. The request can be deleted. The consumer may be called back | 34 // request. The request can be deleted. The consumer may be called back |
| 33 // asynchronously with the fetch results. | 35 // asynchronously with the fetch results. |
| 34 // | 36 // |
| 35 // - If the consumer is not called back before the request is deleted, it will | 37 // - If the consumer is not called back before the request is deleted, it will |
| 36 // never be called back. | 38 // never be called back. |
| 37 // Note in this case, the actual network requests are not canceled and the | 39 // Note in this case, the actual network requests are not canceled and the |
| 38 // cache will be populated with the fetched results; it is just the consumer | 40 // cache will be populated with the fetched results; it is just the consumer |
| 39 // callback that is aborted. | 41 // callback that is aborted. |
| 40 // | 42 // |
| 41 // - Otherwise the consumer will be called back with the request and the fetch | 43 // - Otherwise the consumer will be called back with the request and the fetch |
| 42 // results. | 44 // results. |
| 43 // | 45 // |
| 44 // The caller of StartRequest() owns the returned request and is responsible to | 46 // The caller of StartRequest() owns the returned request and is responsible to |
| 45 // delete the request even once the callback has been invoked. | 47 // delete the request even once the callback has been invoked. |
| 46 // | 48 class OAuth2TokenService { |
| 47 // Note the request should be started from the UI thread. To start a request | |
| 48 // from other thread, please use OAuth2TokenServiceRequest. | |
| 49 class OAuth2TokenService : public content::NotificationObserver, | |
| 50 public SigninGlobalError::AuthStatusProvider, | |
| 51 public ProfileKeyedService { | |
| 52 public: | 49 public: |
| 53 // Class representing a request that fetches an OAuth2 access token. | 50 // Class representing a request that fetches an OAuth2 access token. |
| 54 class Request { | 51 class Request { |
| 55 public: | 52 public: |
| 56 virtual ~Request(); | 53 virtual ~Request(); |
| 57 protected: | 54 protected: |
| 58 Request(); | 55 Request(); |
| 59 }; | 56 }; |
| 60 | 57 |
| 61 // Class representing the consumer of a Request passed to |StartRequest|, | 58 // Class representing the consumer of a Request passed to |StartRequest|, |
| 62 // which will be called back when the request completes. | 59 // which will be called back when the request completes. |
| 63 class Consumer { | 60 class Consumer { |
| 64 public: | 61 public: |
| 65 Consumer(); | 62 Consumer(); |
| 66 virtual ~Consumer(); | 63 virtual ~Consumer(); |
| 67 // |request| is a Request that is started by this consumer and has | 64 // |request| is a Request that is started by this consumer and has |
| 68 // completed. | 65 // completed. |
| 69 virtual void OnGetTokenSuccess(const Request* request, | 66 virtual void OnGetTokenSuccess(const Request* request, |
| 70 const std::string& access_token, | 67 const std::string& access_token, |
| 71 const base::Time& expiration_time) = 0; | 68 const base::Time& expiration_time) = 0; |
| 72 virtual void OnGetTokenFailure(const Request* request, | 69 virtual void OnGetTokenFailure(const Request* request, |
| 73 const GoogleServiceAuthError& error) = 0; | 70 const GoogleServiceAuthError& error) = 0; |
| 74 }; | 71 }; |
| 75 | 72 |
| 76 // A set of scopes in OAuth2 authentication. | 73 // A set of scopes in OAuth2 authentication. |
| 77 typedef std::set<std::string> ScopeSet; | 74 typedef std::set<std::string> ScopeSet; |
| 78 | 75 |
| 79 OAuth2TokenService(); | 76 explicit OAuth2TokenService(net::URLRequestContextGetter* getter); |
| 80 virtual ~OAuth2TokenService(); | 77 virtual ~OAuth2TokenService(); |
| 81 | 78 |
| 82 // Initializes this token service with the profile. | 79 // Checks in the cache for a valid access token, and if not found starts |
| 83 void Initialize(Profile* profile); | 80 // a request for an OAuth2 access token using the OAuth2 refresh token |
| 81 // maintained by this instance. The caller owns the returned Request. | |
| 82 // |scopes| is the set of scopes to get an access token for, |consumer| is | |
| 83 // the object that will be called back with results if the returned request | |
| 84 // is not deleted. The allowed scopes may vary -- see subclass comments. | |
|
Andrew T Wilson (Slow)
2013/03/19 19:58:44
I think this comment is stale - the allowed scopes
David Roche
2013/03/21 00:12:02
Removed, thx.
| |
| 85 virtual scoped_ptr<Request> StartRequest(const ScopeSet& scopes, | |
| 86 Consumer* consumer); | |
| 84 | 87 |
| 85 // ProfileKeyedService implementation. | 88 // Returns true if a refresh token exists. If false, calls to |
| 86 virtual void Shutdown() OVERRIDE; | 89 // |StartRequest| will result in a Consumer::OnGetTokenFailure callback. |
| 90 bool RefreshTokenIsAvailable(); | |
| 87 | 91 |
| 88 // Starts a request for an OAuth2 access token using the OAuth2 refresh token | 92 // For tests |
|
Andrew T Wilson (Slow)
2013/03/19 19:58:44
Remove "For tests" and instead describe what this
David Roche
2013/03/21 00:12:02
Done.
| |
| 89 // maintained by TokenService. The caller owns the returned Request. |scopes| | 93 int cache_size(); |
|
Andrew T Wilson (Slow)
2013/03/19 19:58:44
nit: rename "cache_size_for_testing()"
David Roche
2013/03/21 00:12:02
Done.
| |
| 90 // is the set of scopes to get an access token for, |consumer| is the object | |
| 91 // that will be called back with results if the returned request is not | |
| 92 // deleted. | |
| 93 // Note the refresh token has been collected from TokenService when this | |
| 94 // method returns, and the request can continue even if TokenService clears | |
| 95 // its tokens after this method returns. This means that outstanding | |
| 96 // StartRequest actions will still complete even if the user signs out in the | |
| 97 // meantime. | |
| 98 virtual scoped_ptr<Request> StartRequest( | |
| 99 const ScopeSet& scopes, | |
| 100 OAuth2TokenService::Consumer* consumer); | |
| 101 | 94 |
| 102 // content::NotificationObserver | 95 protected: |
| 103 virtual void Observe(int type, | 96 // Subclasses should return the refresh token maintained. |
| 104 const content::NotificationSource& source, | 97 // If no token is available, return an empty string. |
| 105 const content::NotificationDetails& details) OVERRIDE; | 98 virtual std::string GetRefreshToken() = 0; |
| 106 | 99 |
| 107 // SigninGlobalError::AuthStatusProvider implementation. | 100 // Subclasses can override if they want to report errors to the user. |
| 108 virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE; | 101 virtual void UpdateAuthError(const GoogleServiceAuthError& error); |
| 102 | |
| 103 // Add a new entry to the cache. | |
| 104 // Subclasses can override if there are implementation-specific reasons | |
| 105 // that an access token should ever not be cached. | |
| 106 virtual void RegisterCacheEntry(const std::string& refresh_token, | |
| 107 const ScopeSet& scopes, | |
| 108 const std::string& access_token, | |
| 109 const base::Time& expiration_date); | |
| 110 | |
| 111 // Clears the internal token cache. | |
| 112 void ClearCache(); | |
| 109 | 113 |
| 110 private: | 114 private: |
| 111 // Class that fetches an OAuth2 access token for a given set of scopes and | 115 // Class that fetches an OAuth2 access token for a given set of scopes and |
| 112 // OAuth2 refresh token. | 116 // OAuth2 refresh token. |
| 113 class Fetcher; | 117 class Fetcher; |
| 114 friend class Fetcher; | 118 friend class Fetcher; |
| 115 // Implementation of Request. | 119 // Implementation of Request. |
| 116 class RequestImpl; | 120 class RequestImpl; |
| 117 | 121 |
| 118 // Informs the consumer of |request| fetch results. | 122 // Informs the consumer of |request| fetch results. |
| 119 static void InformConsumer( | 123 static void InformConsumer( |
| 120 base::WeakPtr<OAuth2TokenService::RequestImpl> request, | 124 base::WeakPtr<OAuth2TokenService::RequestImpl> request, |
| 121 GoogleServiceAuthError error, | 125 GoogleServiceAuthError error, |
| 122 std::string access_token, | 126 std::string access_token, |
| 123 base::Time expiration_date); | 127 base::Time expiration_date); |
| 124 | 128 |
| 125 // Struct that contains the information of an OAuth2 access token. | 129 // Struct that contains the information of an OAuth2 access token. |
| 126 struct CacheEntry { | 130 struct CacheEntry { |
| 127 std::string access_token; | 131 std::string access_token; |
| 128 base::Time expiration_date; | 132 base::Time expiration_date; |
| 129 }; | 133 }; |
| 130 | 134 |
| 131 // Returns a currently valid OAuth2 access token for the given set of scopes, | 135 // Returns a currently valid OAuth2 access token for the given set of scopes, |
| 132 // or NULL if none have been cached. Note the user of this method should | 136 // or NULL if none have been cached. Note the user of this method should |
| 133 // ensure no entry with the same |scopes| is added before the usage of the | 137 // ensure no entry with the same |scopes| is added before the usage of the |
| 134 // returned entry is done. | 138 // returned entry is done. |
| 135 const CacheEntry* GetCacheEntry(const ScopeSet& scopes); | 139 const CacheEntry* GetCacheEntry(const ScopeSet& scopes); |
| 136 // Registers a new access token in the cache if |refresh_token| is the one | |
| 137 // currently held by TokenService. | |
| 138 void RegisterCacheEntry(const std::string& refresh_token, | |
| 139 const ScopeSet& scopes, | |
| 140 const std::string& access_token, | |
| 141 const base::Time& expiration_date); | |
| 142 | 140 |
| 143 // Called when |fetcher| finishes fetching. | 141 // Called when |fetcher| finishes fetching. |
| 144 void OnFetchComplete(Fetcher* fetcher); | 142 void OnFetchComplete(Fetcher* fetcher); |
| 145 | 143 |
| 146 // Updates the internal cache of the result from the most-recently-completed | |
| 147 // auth request (used for reporting errors to the user). | |
| 148 void UpdateAuthError(const GoogleServiceAuthError& error); | |
| 149 | |
| 150 // The profile with which this instance was initialized, or NULL. | |
| 151 Profile* profile_; | |
| 152 | |
| 153 // The auth status from the most-recently-completed request. | |
| 154 GoogleServiceAuthError last_auth_error_; | |
| 155 | |
| 156 // Getter to use for fetchers. | 144 // Getter to use for fetchers. |
| 157 scoped_refptr<net::URLRequestContextGetter> getter_; | 145 scoped_refptr<net::URLRequestContextGetter> request_context_getter_; |
| 158 | 146 |
| 159 // The cache of currently valid tokens. | 147 // The cache of currently valid tokens. |
| 160 typedef std::map<ScopeSet, CacheEntry> TokenCache; | 148 typedef std::map<ScopeSet, CacheEntry> TokenCache; |
| 161 TokenCache token_cache_; | 149 TokenCache token_cache_; |
| 162 | 150 |
| 163 // The parameters (refresh token and scope set) used to fetch an OAuth2 access | 151 // The parameters (refresh token and scope set) used to fetch an OAuth2 access |
| 164 // token. | 152 // token. |
| 165 typedef std::pair<std::string, ScopeSet> FetchParameters; | 153 typedef std::pair<std::string, ScopeSet> FetchParameters; |
| 166 // A map from fetch parameters to a fetcher that is fetching an OAuth2 access | 154 // A map from fetch parameters to a fetcher that is fetching an OAuth2 access |
| 167 // token using these parameters. | 155 // token using these parameters. |
| 168 std::map<FetchParameters, Fetcher*> pending_fetchers_; | 156 std::map<FetchParameters, Fetcher*> pending_fetchers_; |
| 169 | 157 |
| 170 // Registrar for notifications from the TokenService. | |
| 171 content::NotificationRegistrar registrar_; | |
| 172 | |
| 173 DISALLOW_COPY_AND_ASSIGN(OAuth2TokenService); | 158 DISALLOW_COPY_AND_ASSIGN(OAuth2TokenService); |
| 174 }; | 159 }; |
| 175 | 160 |
| 176 #endif // CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_H_ | 161 #endif // CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_H_ |
| OLD | NEW |