Identity API: Add token cache and identity.invalidateAuthToken.

chrome/common/extensions/api/experimental_identity.idl

Index: chrome/common/extensions/api/experimental_identity.idl
diff --git a/chrome/common/extensions/api/experimental_identity.idl b/chrome/common/extensions/api/experimental_identity.idl
index 625b0cd645cbaf60b738f585654bddb260579c52..247af454e931f31d431e3e96bdc6a7d17d8e3b29 100644
--- a/chrome/common/extensions/api/experimental_identity.idl
+++ b/chrome/common/extensions/api/experimental_identity.idl
@@ -10,6 +10,11 @@ namespace experimental.identity {
     boolean? interactive;
   };
 
+  [inline_doc] dictionary InvalidTokenDetails {
+    // The specific token that should be removed from the cache.
+    DOMString token;
+  };
+
   [inline_doc] dictionary WebAuthFlowDetails {
     // The URL that initiates the auth flow.
     DOMString url;
@@ -31,6 +36,7 @@ namespace experimental.identity {
   };
 
   callback GetAuthTokenCallback = void (optional DOMString token);
+  callback InvalidateAuthTokenCallback = void ();
   callback LaunchWebAuthFlowCallback = void (optional DOMString responseUrl);
 
   interface Functions {
@@ -42,6 +48,16 @@ namespace experimental.identity {
     static void getAuthToken(optional TokenDetails details,
                              GetAuthTokenCallback callback);
 
+    // Removes an OAuth2 access token from the Identity API's token cache.
+    // When an access token is discovered to be invalid, it should be
+    // passed to removeCachedAuthToken to remove it from the cache. The
+    // app may then retrieve a fresh token with getAuthToken.
+    //
+    // |details| : Token information.
+    // |callback| : Called when the token has been removed from the cache.
+    static void removeCachedAuthToken(InvalidTokenDetails details,
+                                      InvalidateAuthTokenCallback callback);
+
     // Starts an auth flow at the specified URL.
     //
     // |details| : WebAuth flow options.