Chromium Code Reviews Chromium Code Reviews
Issue 1466733002:
Google OAuth Device Flow support for FNL (Closed)
Base URL: https://github.com/domokit/mojo.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef SERVICES_AUTHENTICATION_ACCOUNTS_DB_MANAGER_H_ | |
| 6 #define SERVICES_AUTHENTICATION_ACCOUNTS_DB_MANAGER_H_ | |
| 7 | |
| 8 #include <type_traits> | |
| 9 | |
| 10 #include "base/macros.h" | |
| 11 #include "mojo/services/files/interfaces/files.mojom.h" | |
| 12 #include "services/authentication/authentication_impl_db.mojom.h" | |
| 13 #include "services/authentication/credentials_impl_db.mojom.h" | |
| 14 | |
| 15 namespace authentication { | |
| 16 | |
| 17 // Implementation of user account management service on systems like FNL. This | |
| 18 // uses native mojo files service as the underlying mechanism to store user | |
| 19 // credentials and supports operations such as to add a new user account, update | |
| 20 // existing user credentials and fetching current credentials for a given user. | |
| 21 class AccountsDbManager { | |
| 22 public: | |
| 23 // Constructor that takes a directory handle to create or open existing auth | |
| 24 // and credentials db files. It also initializes the in-memory cache with the | |
| 25 // file contents from the disk. | |
| 26 AccountsDbManager(const mojo::files::DirectoryPtr directory); | |
| 27 ~AccountsDbManager(); | |
| 28 // Returns true, if there are no errors during Db initialization or commits. | |
| 29 bool Validate(); | |
|
qsr
2016/03/18 10:52:22
Maybe called this isValid() instead? Validate seem
ukode
2016/03/18 18:25:23
Done.
| |
| 30 // Fetches auth credentials for a given user account. | |
| 31 authentication::CredentialsPtr GetCredentials(const mojo::String& username); | |
| 32 // Returns a list of all users registered on the device. | |
| 33 mojo::Array<mojo::String> GetAllUsers(); | |
| 34 // Updates or adds new auth credentials for a given user account. | |
| 35 void UpdateCredentials(const mojo::String& username, | |
| 36 const authentication::CredentialsPtr creds); | |
| 37 // Returns previously used account name for the given application or null if | |
| 38 // not found. | |
| 39 mojo::String GetAuthorizedUserForApp(mojo::String app_url); | |
| 40 // Updates the grants database for the given application and username. | |
| 41 void UpdateAuthorization(mojo::String app_url, mojo::String username); | |
| 42 | |
| 43 private: | |
| 44 // DB Init Options for tracking the init state of in-memory contents. | |
| 45 enum DBInitOptions { | |
| 46 // Default init state. | |
| 47 START_INIT = 0x01, | |
| 48 // Credentials db in-memory content is populated successfully. | |
| 49 CREDENTIALS_DB_INIT_SUCCESS = 0x02, | |
| 50 // Authorizations db in-memory content is populated successfully. | |
| 51 AUTHORIZATIONS_DB_INIT_SUCCESS = 0x04 | |
| 52 }; | |
| 53 | |
| 54 // Errors for tracking the lifecycle of AccountsDbManager object. | |
| 55 enum Error { | |
| 56 NONE = 1, | |
| 57 // File read error on credentials db. | |
| 58 CREDENTIALS_DB_READ_ERROR, | |
| 59 // File write error on credentials db. | |
| 60 CREDENTIALS_DB_WRITE_ERROR, | |
| 61 // File validate error on credentials db. | |
| 62 CREDENTIALS_DB_VALIDATE_ERROR, | |
| 63 // File read error on authorizations db. | |
| 64 AUTHORIZATIONS_DB_READ_ERROR, | |
| 65 // File write error on authorizations db. | |
| 66 AUTHORIZATIONS_DB_WRITE_ERROR, | |
| 67 // File validate error on authorizations db. | |
| 68 AUTHORIZATIONS_DB_VALIDATE_ERROR | |
| 69 }; | |
| 70 | |
| 71 // Populates contents with existing user credentials. | |
| 72 void Initialize(); | |
| 73 // Reads from credentials file and populates in-memory contents cache. | |
| 74 void OnCredentialsFileReadResponse(const mojo::files::Error error, | |
| 75 const mojo::Array<uint8_t> bytes_read); | |
| 76 // Parses response from credentials file write operation | |
| 77 void OnCredentialsFileWriteResponse(const mojo::files::Error error, | |
| 78 const uint32_t num_bytes_written); | |
| 79 // Reads from auth file and populates in-memory grants cache. | |
| 80 void OnAuthorizationsFileReadResponse(const mojo::files::Error error, | |
| 81 const mojo::Array<uint8_t> bytes_read); | |
| 82 // Parses response from auth file write operation | |
| 83 void OnAuthorizationsFileWriteResponse(const mojo::files::Error error, | |
| 84 const uint32_t num_bytes_written); | |
| 85 // Waits for the credentials db file handle to finish the blocking read | |
| 86 // operation as part of initialization, before proceeding further. | |
| 87 void ensureCredentialsDbInit(); | |
| 88 // Waits for the authorizations db file handle to finish the blocking read | |
| 89 // operation as part of initialization, before proceeding further. | |
| 90 void ensureAuthorizationsDbInit(); | |
| 91 | |
| 92 // File pointer to the stored account credentials db file. | |
| 93 mojo::files::FilePtr creds_db_file_; | |
| 94 // File pointer to the list of authorized modules. | |
| 95 mojo::files::FilePtr auth_db_file_; | |
| 96 // In-memory store for credential data for all users. | |
| 97 authentication::CredentialStore creds_store_; | |
| 98 // In-memory store for list of authorized apps. | |
| 99 authentication::Db auth_grants_; | |
| 100 // Flag to track in-memory contents init state. | |
| 101 unsigned char db_init_option_ = START_INIT; | |
| 102 // Flag to track the current error status. | |
| 103 Error error_ = NONE; | |
| 104 | |
| 105 DISALLOW_COPY_AND_ASSIGN(AccountsDbManager); | |
| 106 }; | |
| 107 | |
| 108 } // namespace authentication | |
| 109 | |
| 110 #endif // SERVICES_AUTHENTICATION_ACCOUNTS_DB_MANAGER_H_ | |
| OLD | NEW |
