Perform /ListAccounts check before session merge to see if there is a need for session merge at all.

chrome/browser/chromeos/login/oauth2_login_manager.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/oauth2_login_manager.h"
 
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/metrics/histogram.h"
@@ skipping 81 matching lines @@
 
   DCHECK(restore_strategy_ == RESTORE_FROM_SAVED_OAUTH2_REFRESH_TOKEN);
   RestoreSessionFromSavedTokens();
 }
 
 void OAuth2LoginManager::RestoreSessionFromSavedTokens() {
   ProfileOAuth2TokenService* token_service = GetTokenService();
   const std::string& primary_account_id = GetPrimaryAccountId();
   if (token_service->RefreshTokenIsAvailable(primary_account_id)) {
     LOG(WARNING) << "OAuth2 refresh token is already loaded.";
-    RestoreSessionCookies();
+    VerifySessionCookies();
   } else {
     LOG(WARNING) << "Loading OAuth2 refresh token from database.";
 
     // Flag user with unknown token status in case there are no saved tokens
     // and OnRefreshTokenAvailable is not called. Flagging it here would
     // cause user to go through Gaia in next login to obtain a new refresh
     // token.
     UserManager::Get()->SaveUserOAuthStatus(primary_account_id,
                                             User::OAUTH_TOKEN_STATUS_UNKNOWN);
 
@@ skipping 25 matching lines @@
   // oauth2 token.
   if (UserManager::Get()->IsLoggedInAsLocallyManagedUser()) {
     LOG(WARNING) << "Logged in as managed user, skip token validation.";
     return;
   }
   // Only restore session cookies for the primary account in the profile.
   if (GetPrimaryAccountId() == account_id) {
     // Token is loaded. Undo the flagging before token loading.
     UserManager::Get()->SaveUserOAuthStatus(account_id,
                                             User::OAUTH2_TOKEN_STATUS_VALID);
-    RestoreSessionCookies();
+    VerifySessionCookies();
   }
 }
 
 ProfileOAuth2TokenService* OAuth2LoginManager::GetTokenService() {
   return ProfileOAuth2TokenServiceFactory::GetForProfile(user_profile_);
 }
 
 const std::string& OAuth2LoginManager::GetPrimaryAccountId() {
   SigninManagerBase* signin_manager =
       SigninManagerFactory::GetForProfile(user_profile_);
@@ skipping 77 matching lines @@
     const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens) {
   VLOG(1) << "OAuth2 tokens fetched";
   DCHECK(refresh_token_.empty());
   refresh_token_.assign(oauth2_tokens.refresh_token);
   oauthlogin_access_token_ = oauth2_tokens.access_token;
   StoreOAuth2Token();
 }
 
 void OAuth2LoginManager::OnOAuth2TokensFetchFailed() {
   LOG(ERROR) << "OAuth2 tokens fetch failed!";
-  UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore",
-                            SESSION_RESTORE_TOKEN_FETCH_FAILED,
-                            SESSION_RESTORE_COUNT);
-  SetSessionRestoreState(OAuth2LoginManager::SESSION_RESTORE_FAILED);
+  RecordSessionRestoreOutcome(SESSION_RESTORE_TOKEN_FETCH_FAILED,
+                              SESSION_RESTORE_FAILED);
 }
 
-void OAuth2LoginManager::RestoreSessionCookies() {
+void OAuth2LoginManager::VerifySessionCookies() {
   DCHECK(!login_verifier_.get());
-  SetSessionRestoreState(SESSION_RESTORE_IN_PROGRESS);
   login_verifier_.reset(
       new OAuth2LoginVerifier(this,
                               g_browser_process->system_request_context(),
                               user_profile_->GetRequestContext(),
                               oauthlogin_access_token_));
+
+  if (restore_strategy_ == RESTORE_FROM_SAVED_OAUTH2_REFRESH_TOKEN) {
+    login_verifier_->VerifyUserCookies(user_profile_);
+    return;
+  }
+
+  RestoreSessionCookies();
+}
+
+void OAuth2LoginManager::RestoreSessionCookies() {
+  SetSessionRestoreState(SESSION_RESTORE_IN_PROGRESS);
   login_verifier_->VerifyProfileTokens(user_profile_);
 }
 
 void OAuth2LoginManager::Shutdown() {
   GetTokenService()->RemoveObserver(this);
   login_verifier_.reset();
   oauth2_token_fetcher_.reset();
 }
 
 void OAuth2LoginManager::OnSessionMergeSuccess() {
   VLOG(1) << "OAuth2 refresh and/or GAIA token verification succeeded.";
-  UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore",
-                            SESSION_RESTORE_SUCCESS,
-                            SESSION_RESTORE_COUNT);
-  SetSessionRestoreState(OAuth2LoginManager::SESSION_RESTORE_DONE);
+  RecordSessionRestoreOutcome(SESSION_RESTORE_SUCCESS,
+                              SESSION_RESTORE_DONE);
 }
 
 void OAuth2LoginManager::OnSessionMergeFailure(bool connection_error) {
   LOG(ERROR) << "OAuth2 refresh and GAIA token verification failed!"
              << " connection_error: " << connection_error;
-  UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore",
-                            SESSION_RESTORE_MERGE_SESSION_FAILED,
-                            SESSION_RESTORE_COUNT);
-  SetSessionRestoreState(connection_error ?
-      OAuth2LoginManager::SESSION_RESTORE_CONNECTION_FAILED :
-      OAuth2LoginManager::SESSION_RESTORE_FAILED);
+  RecordSessionRestoreOutcome(SESSION_RESTORE_MERGE_SESSION_FAILED,
+                              connection_error ?
+                                  SESSION_RESTORE_CONNECTION_FAILED :
+                                  SESSION_RESTORE_FAILED);
 }
 
 void OAuth2LoginManager::OnListAccountsSuccess(const std::string& data) {
-  PostMergeVerificationOutcome outcome = POST_MERGE_SUCCESS;
+  MergeVerificationOutcome outcome = POST_MERGE_SUCCESS;
   // Let's analyze which accounts we see logged in here:
   std::vector<std::string> accounts = gaia::ParseListAccountsData(data);
   std::string user_email = gaia::CanonicalizeEmail(GetPrimaryAccountId());
   if (!accounts.empty()) {
     bool found = false;
     bool first = true;
     for (std::vector<std::string>::const_iterator iter = accounts.begin();
          iter != accounts.end(); ++iter) {
       if (gaia::CanonicalizeEmail(*iter) == user_email) {
         found = true;
         break;
       }
 
       first = false;
     }
 
     if (!found)
       outcome = POST_MERGE_MISSING_PRIMARY_ACCOUNT;
     else if (!first)
       outcome = POST_MERGE_PRIMARY_NOT_FIRST_ACCOUNT;
 
   } else {
     outcome = POST_MERGE_NO_ACCOUNTS;
   }
 
-  RecordPostMergeOutcome(outcome);
+  bool is_pre_merge = (state_ == SESSION_RESTORE_PREPARING);
+  RecordCookiesCheckOutcome(is_pre_merge, outcome);
+  // If the primary account is missing during the initial cookie freshness
+  // check, try to restore GAIA session cookies form the OAuth2 tokens.
+  if (is_pre_merge) {
+    if (outcome != POST_MERGE_SUCCESS &&
+        outcome != POST_MERGE_PRIMARY_NOT_FIRST_ACCOUNT) {
+      RestoreSessionCookies();
+    } else {
+      // We are done with this account, it's GAIA cookies are legit.
+      RecordSessionRestoreOutcome(SESSION_RESTORE_NOT_NEEDED,
+                                  SESSION_RESTORE_DONE);
+    }
+  }
 }
 
 void OAuth2LoginManager::OnListAccountsFailure(bool connection_error) {
-  RecordPostMergeOutcome(connection_error ? POST_MERGE_CONNECTION_FAILED :
-                                            POST_MERGE_VERIFICATION_FAILED);
+  bool is_pre_merge = (state_ == SESSION_RESTORE_PREPARING);
+  RecordCookiesCheckOutcome(
+      is_pre_merge,
+      connection_error ? POST_MERGE_CONNECTION_FAILED :
+                         POST_MERGE_VERIFICATION_FAILED);
+  if (is_pre_merge) {
+    if (!connection_error) {
+      // If we failed to get account list, our cookies might be stale so we
+      // need to attempt to restore them.
+      RestoreSessionCookies();
+    } else {
+      RecordSessionRestoreOutcome(SESSION_RESTORE_LISTACCOUNTS_FAILED,
+                                  SESSION_RESTORE_CONNECTION_FAILED);
+    }
+  }
+}
+
+void OAuth2LoginManager::RecordSessionRestoreOutcome(
+    SessionRestoreOutcome outcome,
+    OAuth2LoginManager::SessionRestoreState state) {
+  UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore",
+                            outcome,
+                            SESSION_RESTORE_COUNT);
+  SetSessionRestoreState(state);
 }
 
 // static
-void OAuth2LoginManager::RecordPostMergeOutcome(
-    PostMergeVerificationOutcome outcome) {
-  UMA_HISTOGRAM_ENUMERATION("OAuth2Login.PostMergeVerification",
-                            outcome,
-                            POST_MERGE_COUNT);
+void OAuth2LoginManager::RecordCookiesCheckOutcome(
+    bool is_pre_merge,
+    MergeVerificationOutcome outcome) {
+  if (is_pre_merge) {
+    UMA_HISTOGRAM_ENUMERATION(
+        "OAuth2Login.PreMergeVerification",

[Alexei Svitkine (slow), 2014/01/29 17:41:22]

Nit: Move this on the line above and align the other args. Same below.

[zel, 2014/01/29 17:51:46]

Done.

+        outcome,
+        POST_MERGE_COUNT);
+  } else {
+    UMA_HISTOGRAM_ENUMERATION(
+        "OAuth2Login.PostMergeVerification",
+        outcome,
+        POST_MERGE_COUNT);
+  }
 }
 
-
 void OAuth2LoginManager::SetSessionRestoreState(
     OAuth2LoginManager::SessionRestoreState state) {
   if (state_ == state)
     return;
 
   state_ = state;
   if (state == OAuth2LoginManager::SESSION_RESTORE_FAILED) {
     UMA_HISTOGRAM_TIMES("OAuth2Login.SessionRestoreTimeToFailure",
                         base::Time::Now() - session_restore_start_);
   } else if (state == OAuth2LoginManager::SESSION_RESTORE_DONE) {
     UMA_HISTOGRAM_TIMES("OAuth2Login.SessionRestoreTimeToSuccess",
                         base::Time::Now() - session_restore_start_);
   }
 
   FOR_EACH_OBSERVER(Observer, observer_list_,
                     OnSessionRestoreStateChanged(user_profile_, state_));
 }
 
 void OAuth2LoginManager::SetSessionRestoreStartForTesting(
     const base::Time& time) {
   session_restore_start_ = time;
 }
 
 }  // namespace chromeos