Identity API: getAuthToken request queues (token cache prelude)

chrome/browser/extensions/api/identity/identity_api.h

Index: chrome/browser/extensions/api/identity/identity_api.h
diff --git a/chrome/browser/extensions/api/identity/identity_api.h b/chrome/browser/extensions/api/identity/identity_api.h
index de9ecf662c179d6ef1ad9b552b665ceb75ab3340..1ba898a74fa141b059d8369d4cc5ff861c0c7d6a 100644
--- a/chrome/browser/extensions/api/identity/identity_api.h
+++ b/chrome/browser/extensions/api/identity/identity_api.h
@@ -5,11 +5,13 @@
 #ifndef CHROME_BROWSER_EXTENSIONS_API_IDENTITY_IDENTITY_API_H_
 #define CHROME_BROWSER_EXTENSIONS_API_IDENTITY_IDENTITY_API_H_
 
+#include <map>
 #include <string>
 #include <vector>
 
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
+#include "chrome/browser/extensions/api/identity/identity_mint_queue.h"
 #include "chrome/browser/extensions/api/identity/identity_signin_flow.h"
 #include "chrome/browser/extensions/api/identity/web_auth_flow.h"
 #include "chrome/browser/extensions/api/profile_keyed_api_factory.h"
@@ -36,9 +38,27 @@ extern const char kInteractionRequired[];
 extern const char kInvalidRedirect[];
 }  // namespace identity_constants
 
+// identity.getAuthToken fetches an OAuth 2 function for the
+// caller. The request has three sub-flows: non-interactive,
+// interactive, and sign-in.
+//
+// In the non-interactive flow, getAuthToken requests a token from
+// GAIA. GAIA may respond with a token, an error, or "consent
+// required". In the consent required cases, getAuthToken proceeds to
+// the second, interactive phase.
+//
+// The interactive flow presents a scope approval dialog to the
+// user. If the user approves the request, a grant will be recorded on
+// the server, and an access token will be returned to the caller.
+//
+// In some cases we need to display a sign-in dialog. Normally the
+// profile will be signed in already, but if it turns out we need a
+// new login token, there is a sign-in flow. If that flow completes
+// successfully, getAuthToken proceeds to the non-interactive flow.
 class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
-                                     public OAuth2MintTokenFlow::Delegate,
                                      public ExtensionInstallPrompt::Delegate,
+                                     public IdentityMintRequestQueue::Request,
+                                     public OAuth2MintTokenFlow::Delegate,
                                      public IdentitySigninFlow::Delegate {
  public:
   DECLARE_EXTENSION_FUNCTION("experimental.identity.getAuthToken",
@@ -55,6 +75,16 @@ class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
 
   // ExtensionFunction:
   virtual bool RunImpl() OVERRIDE;
+  void CompleteFunctionWithResult(const std::string& access_token);

[miket_OOO, 2013/04/16 20:42:56]

Should these two have OVERRIDE? If not, they don't belong under this header.

[Michael Courage, 2013/04/16 22:04:23]

Done.

+  void CompleteFunctionWithError(const std::string& error);
+
+  // Initiate/complete the sub-flows.
+  void StartSigninFlow();
+  void StartMintTokenFlow(IdentityMintRequestQueue::MintType type);
+  void CompleteMintTokenFlow();
+
+  // IdentityMintRequestQueue::Request implementation:
+  virtual void StartMintToken(IdentityMintRequestQueue::MintType type) OVERRIDE;
 
   // OAuth2MintTokenFlow::Delegate implementation:
   virtual void OnMintTokenSuccess(const std::string& access_token) OVERRIDE;
@@ -71,9 +101,10 @@ class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
   virtual void InstallUIProceed() OVERRIDE;
   virtual void InstallUIAbort(bool user_initiated) OVERRIDE;
 
-  // Starts a MintTokenFlow with the given mode.
-  void StartFlow(OAuth2MintTokenFlow::Mode mode);
+  // Starts a mint token request to GAIA.
+  void StartGaiaRequest(OAuth2MintTokenFlow::Mode mode);
 
+  // Methods for invoking UI. Overridable for testing.
   virtual void ShowLoginPopup();
   virtual void ShowOAuthApprovalDialog(const IssueAdviceInfo& issue_advice);
   // Caller owns the returned instance.
@@ -84,12 +115,14 @@ class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
   virtual bool HasLoginToken() const;
 
   bool should_prompt_for_scopes_;
+  IdentityMintRequestQueue::MintType mint_token_flow_type_;
   scoped_ptr<OAuth2MintTokenFlow> mint_token_flow_;
   std::string refresh_token_;
   bool should_prompt_for_signin_;
 
   // When launched in interactive mode, and if there is no existing grant,
   // a permissions prompt will be popped up to the user.
+  IssueAdviceInfo issue_advice_;
   scoped_ptr<ExtensionInstallPrompt> install_ui_;
   scoped_ptr<IdentitySigninFlow> signin_flow_;
 };
@@ -132,6 +165,9 @@ class IdentityAPI : public ProfileKeyedAPI,
   virtual ~IdentityAPI();
   void Initialize();
 
+  // Request serialization queue for getAuthToken.
+  IdentityMintRequestQueue* mint_queue();
+
   void ReportAuthError(const GoogleServiceAuthError& error);
 
   // ProfileKeyedAPI implementation.
@@ -160,6 +196,7 @@ class IdentityAPI : public ProfileKeyedAPI,
   GoogleServiceAuthError error_;
   // Used to listen to notifications from the TokenService.
   content::NotificationRegistrar registrar_;
+  IdentityMintRequestQueue mint_queue_;
 };
 
 template <>