Google OAuth Device Flow support for FNL

examples/authentication_demo/google_authentication_demo.cc

Index: examples/authentication_demo/google_authentication_demo.cc
diff --git a/examples/authentication_demo/google_authentication_demo.cc b/examples/authentication_demo/google_authentication_demo.cc
new file mode 100644
index 0000000000000000000000000000000000000000..4343e92580c7699f0b8de52e34e689ddd90a6bf8
--- /dev/null
+++ b/examples/authentication_demo/google_authentication_demo.cc
@@ -0,0 +1,122 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/bind.h"
+#include "base/logging.h"
+#include "base/synchronization/waitable_event.h"
+#include "base/threading/platform_thread.h"
+#include "mojo/public/c/system/main.h"
+#include "mojo/public/cpp/application/application_connection.h"
+#include "mojo/public/cpp/application/application_delegate.h"
+#include "mojo/public/cpp/application/application_impl.h"
+#include "mojo/public/cpp/application/application_runner.h"
+#include "mojo/public/cpp/utility/run_loop.h"
+#include "mojo/services/authentication/interfaces/authentication.mojom.h"
+
+namespace mojo {
+namespace examples {
+namespace authentication {
+
+class GoogleAuthApp : public mojo::ApplicationDelegate {

[viettrungluu, 2016/01/11 21:23:44]

nit: Here and below: You probably don't need "mojo::" in most places.

That said, I'm not sure this should be in the mojo namespace at all. (Also, feel
free to use |using| statements at the file level.)

[ukode, 2016/02/09 00:20:17]

Acknowledged. Removed it from mojo namespace. mojo:: is still needed here,
otherwise get this compiler error:
error: unknown class name 'ApplicationDelegate'; did you mean
'mojo::ApplicationDelegate'?

+ public:
+  GoogleAuthApp() {}
+

[viettrungluu, 2016/01/11 21:23:44]

nit: Probably you should also explicitly declare a destructor.

[ukode, 2016/02/09 00:20:17]

Done.

+  void Initialize(mojo::ApplicationImpl* app) override {
+    LOG(INFO) << "Connecting to authentication service...";

[viettrungluu, 2016/01/11 21:23:44]

You may want to consider using DLOG(INFO), VLOG, or DVLOG (rather than
unconditionally logging stuff even for Release builds).

[ukode, 2016/02/09 00:20:17]

Acknowledged.

+    app->ConnectToService("mojo:authentication", &auth_service_);
+
+    mojo::Array<mojo::String> scopes;
+    scopes.push_back("profile");
+    scopes.push_back("email");
+
+    LOG(INFO) << "Starting the device flow handshake...";
+    auth_service_->GetOAuth2DeviceCode(
+        scopes.Pass(),
+        base::Bind(&GoogleAuthApp::OnDeviceCode, base::Unretained(this)));
+  }
+
+ private:
+  void OnDeviceCode(const mojo::String& url,
+                    const mojo::String& device_code,
+                    const mojo::String& user_code,
+                    const mojo::String& error) {
+    if (!error.is_null()) {
+      LOG(INFO) << "Error: " << error;
+      mojo::RunLoop::current()->Quit();  // All done!
+      return;
+    }
+    // Display the verification url and user code in system UI and ask the
+    // user to authorize in a companion device
+    LOG(INFO) << "Verification Url: " << url;
+    LOG(INFO) << "Device Code: " << device_code;
+    LOG(INFO) << "User Code: " << user_code;
+
+    // TODO: Replace this with polling logic or show some spinner in System UI

[viettrungluu, 2016/01/11 21:23:44]

nit: "TODO(ukode)" :)

[qsr, 2016/01/13 12:01:00]

Should the polling part be handled in the authentication service somehow? All
user of this API will need this, no?

[ukode, 2016/02/09 00:20:17]

Moved the polling logic under AddAccount interface. I did this recursively. PTAl
and confirm if this convention is ok with mojo codebase.

[ukode, 2016/02/09 00:20:17]

Done.

+    LOG(INFO) << "Waiting for user autorization on a secondary device...";
+    base::PlatformThread::Sleep(base::TimeDelta::FromMilliseconds(45000));
+
+    // Exchange the authorization to a long lived token
+    LOG(INFO) << "Check for user authorization...";
+    AddAccount(device_code);
+  }
+
+  // Exchange device code to a refresh token, and persist the grant.
+  void AddAccount(const std::string device_code) {
+    auth_service_->AddAccount(
+        device_code,
+        base::Bind(&GoogleAuthApp::OnAddAccount, base::Unretained(this)));
+  }
+
+  void OnAddAccount(const mojo::String& username, const mojo::String& error) {
+    if (!error.is_null() || username.is_null()) {
+      LOG(INFO) << "Missing username or Error: " << error;
+      mojo::RunLoop::current()->Quit();  // All done!
+      return;
+    }
+
+    LOG(INFO) << "Successfully registered user: " << username;
+    LOG(INFO) << "Fetching access token for user [" << username << "]...";
+    FetchOAuth2AccessToken(username);
+  }
+
+  // Fetch a new access token for an existing user grant.
+  void FetchOAuth2AccessToken(const mojo::String& username) {
+    mojo::Array<mojo::String> scopes;
+    scopes.push_back("profile");
+
+    auth_service_->GetOAuth2Token(
+        username, scopes.Pass(),
+        base::Bind(&GoogleAuthApp::OnGetOAuth2Token, base::Unretained(this)));
+  }
+
+  void OnGetOAuth2Token(const mojo::String& access_token,
+                        const mojo::String& error) {
+    if (!error.is_null()) {
+      LOG(INFO) << "Error: " << error;
+      mojo::RunLoop::current()->Quit();  // All done!
+      return;
+    }
+
+    if (access_token.is_null()) {
+      LOG(INFO) << "Unable to fetch access token, exiting!";
+    } else {
+      LOG(INFO) << "Access Token: " << access_token;
+    }
+    mojo::RunLoop::current()->Quit();  // All done!
+    return;
+  }
+
+  ::authentication::AuthenticationServicePtr auth_service_;
+};
+
+}  // namespace authentication
+}  // namespace examples
+}  // namespace mojo
+
+MojoResult MojoMain(MojoHandle application_request) {
+  mojo::ApplicationRunner runner(
+      std::unique_ptr<mojo::examples::authentication::GoogleAuthApp>(
+          new mojo::examples::authentication::GoogleAuthApp()));
+  return runner.Run(application_request);
+}