| Index: chrome/browser/extensions/api/identity/identity_api.h
|
| diff --git a/chrome/browser/extensions/api/identity/identity_api.h b/chrome/browser/extensions/api/identity/identity_api.h
|
| index de9ecf662c179d6ef1ad9b552b665ceb75ab3340..be90e32438b5514cfec1eb494274d2f9eb60477c 100644
|
| --- a/chrome/browser/extensions/api/identity/identity_api.h
|
| +++ b/chrome/browser/extensions/api/identity/identity_api.h
|
| @@ -5,11 +5,13 @@
|
| #ifndef CHROME_BROWSER_EXTENSIONS_API_IDENTITY_IDENTITY_API_H_
|
| #define CHROME_BROWSER_EXTENSIONS_API_IDENTITY_IDENTITY_API_H_
|
|
|
| +#include <map>
|
| #include <string>
|
| #include <vector>
|
|
|
| #include "base/memory/ref_counted.h"
|
| #include "base/memory/weak_ptr.h"
|
| +#include "chrome/browser/extensions/api/identity/identity_mint_queue.h"
|
| #include "chrome/browser/extensions/api/identity/identity_signin_flow.h"
|
| #include "chrome/browser/extensions/api/identity/web_auth_flow.h"
|
| #include "chrome/browser/extensions/api/profile_keyed_api_factory.h"
|
| @@ -36,9 +38,27 @@ extern const char kInteractionRequired[];
|
| extern const char kInvalidRedirect[];
|
| } // namespace identity_constants
|
|
|
| +// identity.getAuthToken fetches an OAuth 2 function for the
|
| +// caller. The request has three sub-flows: non-interactive,
|
| +// interactive, and sign-in.
|
| +//
|
| +// In the non-interactive flow, getAuthToken requests a token from
|
| +// GAIA. GAIA may respond with a token, an error, or "consent
|
| +// required". In the consent required cases, getAuthToken proceeds to
|
| +// the second, interactive phase.
|
| +//
|
| +// The interactive flow presents a scope approval dialog to the
|
| +// user. If the user approves the request, a grant will be recorded on
|
| +// the server, and an access token will be returned to the caller.
|
| +//
|
| +// In some cases we need to display a sign-in dialog. Normally the
|
| +// profile will be signed in already, but if it turns out we need a
|
| +// new login token, there is a sign-in flow. If that flow completes
|
| +// successfully, getAuthToken proceeds to the non-interactive flow.
|
| class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
|
| - public OAuth2MintTokenFlow::Delegate,
|
| public ExtensionInstallPrompt::Delegate,
|
| + public IdentityMintRequestQueue::Request,
|
| + public OAuth2MintTokenFlow::Delegate,
|
| public IdentitySigninFlow::Delegate {
|
| public:
|
| DECLARE_EXTENSION_FUNCTION("experimental.identity.getAuthToken",
|
| @@ -56,6 +76,18 @@ class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
|
| // ExtensionFunction:
|
| virtual bool RunImpl() OVERRIDE;
|
|
|
| + // Helpers to report async function results to the caller.
|
| + void CompleteFunctionWithResult(const std::string& access_token);
|
| + void CompleteFunctionWithError(const std::string& error);
|
| +
|
| + // Initiate/complete the sub-flows.
|
| + void StartSigninFlow();
|
| + void StartMintTokenFlow(IdentityMintRequestQueue::MintType type);
|
| + void CompleteMintTokenFlow();
|
| +
|
| + // IdentityMintRequestQueue::Request implementation:
|
| + virtual void StartMintToken(IdentityMintRequestQueue::MintType type) OVERRIDE;
|
| +
|
| // OAuth2MintTokenFlow::Delegate implementation:
|
| virtual void OnMintTokenSuccess(const std::string& access_token) OVERRIDE;
|
| virtual void OnMintTokenFailure(
|
| @@ -71,9 +103,10 @@ class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
|
| virtual void InstallUIProceed() OVERRIDE;
|
| virtual void InstallUIAbort(bool user_initiated) OVERRIDE;
|
|
|
| - // Starts a MintTokenFlow with the given mode.
|
| - void StartFlow(OAuth2MintTokenFlow::Mode mode);
|
| + // Starts a mint token request to GAIA.
|
| + void StartGaiaRequest(OAuth2MintTokenFlow::Mode mode);
|
|
|
| + // Methods for invoking UI. Overridable for testing.
|
| virtual void ShowLoginPopup();
|
| virtual void ShowOAuthApprovalDialog(const IssueAdviceInfo& issue_advice);
|
| // Caller owns the returned instance.
|
| @@ -84,12 +117,14 @@ class IdentityGetAuthTokenFunction : public AsyncExtensionFunction,
|
| virtual bool HasLoginToken() const;
|
|
|
| bool should_prompt_for_scopes_;
|
| + IdentityMintRequestQueue::MintType mint_token_flow_type_;
|
| scoped_ptr<OAuth2MintTokenFlow> mint_token_flow_;
|
| std::string refresh_token_;
|
| bool should_prompt_for_signin_;
|
|
|
| // When launched in interactive mode, and if there is no existing grant,
|
| // a permissions prompt will be popped up to the user.
|
| + IssueAdviceInfo issue_advice_;
|
| scoped_ptr<ExtensionInstallPrompt> install_ui_;
|
| scoped_ptr<IdentitySigninFlow> signin_flow_;
|
| };
|
| @@ -132,6 +167,9 @@ class IdentityAPI : public ProfileKeyedAPI,
|
| virtual ~IdentityAPI();
|
| void Initialize();
|
|
|
| + // Request serialization queue for getAuthToken.
|
| + IdentityMintRequestQueue* mint_queue();
|
| +
|
| void ReportAuthError(const GoogleServiceAuthError& error);
|
|
|
| // ProfileKeyedAPI implementation.
|
| @@ -160,6 +198,7 @@ class IdentityAPI : public ProfileKeyedAPI,
|
| GoogleServiceAuthError error_;
|
| // Used to listen to notifications from the TokenService.
|
| content::NotificationRegistrar registrar_;
|
| + IdentityMintRequestQueue mint_queue_;
|
| };
|
|
|
| template <>
|
|
|
Chromium Code Reviews
Issue 14270007:
Identity API: getAuthToken request queues (token cache prelude) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@lkgr