Use OAuth2 token for sync

chrome/browser/sync/profile_sync_service.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/sync/profile_sync_service.h"
 
 #include <cstddef>
 #include <map>
 #include <set>
 #include <utility>
@@ skipping 12 matching lines @@
 #include "base/threading/thread_restrictions.h"
 #include "build/build_config.h"
 #include "chrome/browser/about_flags.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/defaults.h"
 #include "chrome/browser/net/chrome_cookie_notification_details.h"
 #include "chrome/browser/prefs/pref_service_syncable.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/signin/about_signin_internals.h"
 #include "chrome/browser/signin/about_signin_internals_factory.h"
+#include "chrome/browser/signin/profile_oauth2_token_service.h"
+#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
 #include "chrome/browser/signin/signin_manager.h"
 #include "chrome/browser/signin/signin_manager_factory.h"
 #include "chrome/browser/signin/token_service.h"
 #include "chrome/browser/signin/token_service_factory.h"
 #include "chrome/browser/sync/backend_migrator.h"
 #include "chrome/browser/sync/glue/change_processor.h"
 #include "chrome/browser/sync/glue/chrome_encryptor.h"
 #include "chrome/browser/sync/glue/chrome_report_unrecoverable_error.h"
 #include "chrome/browser/sync/glue/data_type_controller.h"
 #include "chrome/browser/sync/glue/device_info.h"
@@ skipping 60 matching lines @@
 typedef GoogleServiceAuthError AuthError;
 
 const char* ProfileSyncService::kSyncServerUrl =
     "https://clients4.google.com/chrome-sync";
 
 const char* ProfileSyncService::kDevServerUrl =
     "https://clients4.google.com/chrome-sync/dev";
 
 static const int kSyncClearDataTimeoutInSeconds = 60;  // 1 minute.
 
-static const char* kRelevantTokenServices[] = {
-    GaiaConstants::kSyncService
+static const char* kOAuth2Scopes[] = {
+  GaiaConstants::kChromeSyncOAuth2Scope,
+  // GoogleTalk scope is needed for notifications

[Andrew T Wilson (Slow), 2013/05/31 12:57:28]

nit: add period at the end for sentence punctuation.

[pavely, 2013/06/04 00:49:59]

Done.

+  GaiaConstants::kGoogleTalkOAuth2Scope
 };
-static const int kRelevantTokenServicesCount =
-    arraysize(kRelevantTokenServices);
+
 
 static const char* kSyncUnrecoverableErrorHistogram =
     "Sync.UnrecoverableErrors";
 
-// Helper to check if the given token service is relevant for sync.
-static bool IsTokenServiceRelevant(const std::string& service) {
-  for (int i = 0; i < kRelevantTokenServicesCount; ++i) {
-    if (service == kRelevantTokenServices[i])
-      return true;
-  }
-  return false;
-}
-
 bool ShouldShowActionOnUI(
     const syncer::SyncProtocolError& error) {
   return (error.action != syncer::UNKNOWN_ACTION &&
           error.action != syncer::DISABLE_SYNC_ON_CLIENT);
 }
 
 ProfileSyncService::ProfileSyncService(ProfileSyncComponentsFactory* factory,
                                        Profile* profile,
                                        SigninManagerBase* signin_manager,
                                        StartBehavior start_behavior)
@@ skipping 45 matching lines @@
 
 bool ProfileSyncService::IsSyncEnabledAndLoggedIn() {
   // Exit if sync is disabled.
   if (IsManaged() || sync_prefs_.IsStartSuppressed())
     return false;
 
   // Sync is logged in if there is a non-empty effective username.
   return !GetEffectiveUsername().empty();
 }
 
-bool ProfileSyncService::IsSyncTokenAvailable() {
-  TokenService* token_service = TokenServiceFactory::GetForProfile(profile_);
+bool ProfileSyncService::IsOAuthRefreshTokenAvailable() {
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
   if (!token_service)
     return false;
-  return token_service->HasTokenForService(GaiaConstants::kSyncService);
+  return token_service->RefreshTokenIsAvailable();
 }
 #if defined(OS_ANDROID)
 bool ProfileSyncService::ShouldEnablePasswordSyncForAndroid() const {
   const syncer::ModelTypeSet registered_types = GetRegisteredDataTypes();
   const syncer::ModelTypeSet preferred_types =
       sync_prefs_.GetPreferredDataTypes(registered_types);
   if (!preferred_types.Has(syncer::PASSWORDS))
     return false;
   // If backend has not completed initializing we cannot check if the
   // cryptographer is ready.
@@ skipping 27 matching lines @@
 
   RegisterAuthNotifications();
 
   if (!HasSyncSetupCompleted() || GetEffectiveUsername().empty()) {
     // Clean up in case of previous crash / setup abort / signout.
     DisableForUser();
   }
 
   TrySyncDatatypePrefRecovery();
 
+  if (IsOAuthRefreshTokenAvailable()) {
+    // Tell token service to pre-request access token. We likely don't need it
+    // right away but it will be available when we decide to initialize backend.
+    RequestAccessToken(false, false);
+  }
+
   TryStart();
 }
 
 void ProfileSyncService::TrySyncDatatypePrefRecovery() {
   DCHECK(!sync_initialized());
   if (!HasSyncSetupCompleted())
     return;
 
   // There was a bug where OnUserChoseDatatypes was not properly called on
   // configuration (see crbug.com/154940). We detect this by checking whether
@@ skipping 27 matching lines @@
     return;
   TokenService* token_service = TokenServiceFactory::GetForProfile(profile_);
   if (!token_service)
     return;
   // Don't start the backend if the token service hasn't finished loading tokens
   // yet. Note if the backend is started before the sync token has been loaded,
   // GetCredentials() will return bogus credentials. On auto_start platforms
   // (like ChromeOS) we don't start sync until tokens are loaded, because the
   // user can be "signed in" on those platforms long before the tokens get
   // loaded, and we don't want to generate spurious auth errors.
-  if (!IsSyncTokenAvailable() &&
+  if (!IsOAuthRefreshTokenAvailable() &&
       !(!auto_start_enabled_ && token_service->TokensLoadedFromDB())) {
     return;
   }
 
   // If sync setup has completed we always start the backend. If the user is in
   // the process of setting up now, we should start the backend to download
   // account control state / encryption information). If autostart is enabled,
   // but we haven't completed sync setup, we try to start sync anyway, since
   // it's possible we crashed/shutdown after logging in but before the backend
   // finished initializing the last time.
@@ skipping 113 matching lines @@
                      << "is invalid: " << value;
       }
     }
   }
 }
 
 SyncCredentials ProfileSyncService::GetCredentials() {
   SyncCredentials credentials;
   credentials.email = GetEffectiveUsername();
   DCHECK(!credentials.email.empty());
-  TokenService* service = TokenServiceFactory::GetForProfile(profile_);
-  if (service->HasTokenForService(GaiaConstants::kSyncService)) {
-    credentials.sync_token = service->GetTokenForService(
-        GaiaConstants::kSyncService);
+  if (!access_token_.empty()) {
+    credentials.sync_token = access_token_;
     credentials.sync_token_time =
         AboutSigninInternalsFactory::GetForProfile(profile_)->
-            GetTokenTime(GaiaConstants::kSyncService);
+            GetTokenTime(GaiaConstants::kGaiaOAuth2LoginRefreshToken);
     UMA_HISTOGRAM_BOOLEAN("Sync.CredentialsLost", false);
   } else {
     // We've lost our sync credentials (crbug.com/121755), so just make up some
     // invalid credentials so the backend will generate an auth error.
     UMA_HISTOGRAM_BOOLEAN("Sync.CredentialsLost", true);
     credentials.sync_token = "credentials_lost";
   }
   return credentials;
 }
 
@@ skipping 61 matching lines @@
 
 void ProfileSyncService::StartUp(StartUpDeferredOption deferred_option) {
   // Don't start up multiple times.
   if (backend_) {
     DVLOG(1) << "Skipping bringing up backend host.";
     return;
   }
 
   DCHECK(IsSyncEnabledAndLoggedIn());
 
+  if (access_token_.empty()) {
+    RequestAccessToken(false, true);
+    return;
+  }
+
   if (start_up_time_.is_null()) {
     start_up_time_ = base::Time::Now();
     last_synced_time_ = sync_prefs_.GetLastSyncedTime();
 
 #if defined(OS_CHROMEOS)
     std::string bootstrap_token = sync_prefs_.GetEncryptionBootstrapToken();
     if (bootstrap_token.empty()) {
       sync_prefs_.SetEncryptionBootstrapToken(
           sync_prefs_.GetSpareBootstrapToken());
     }
@@ skipping 127 matching lines @@
     // If |backend_| is NULL, save the acknowledgements to replay when
     // it's created and initialized.
     ack_replay_queue_.push_back(std::make_pair(id, ack_handle));
   }
 }
 
 syncer::InvalidatorState ProfileSyncService::GetInvalidatorState() const {
   return invalidator_registrar_->GetInvalidatorState();
 }
 
+void ProfileSyncService::OnGetTokenSuccess(
+    const OAuth2TokenService::Request* request,
+    const std::string& access_token,
+    const base::Time& expiration_time) {
+  DCHECK_EQ(access_token_request_, request);
+  access_token_request_.reset();
+  access_token_ = access_token;
+  if (backend_)
+    backend_->UpdateCredentials(GetCredentials());
+  else
+    TryStart();
+}
+
+void ProfileSyncService::OnGetTokenFailure(
+    const OAuth2TokenService::Request* request,
+    const GoogleServiceAuthError& error) {
+  DCHECK_EQ(access_token_request_, request);
+  access_token_request_.reset();
+  UpdateAuthErrorState(error);
+}
+
 void ProfileSyncService::EmitInvalidationForTest(
     const invalidation::ObjectId& id,
     const std::string& payload) {
   syncer::ObjectIdSet notify_ids;
   notify_ids.insert(id);
 
   const syncer::ObjectIdInvalidationMap& invalidation_map =
       ObjectIdSetToInvalidationMap(notify_ids, payload);
   OnIncomingInvalidation(invalidation_map);
 }
@@ skipping 406 matching lines @@
     default:
       NOTREACHED();
       return AuthError(AuthError::CONNECTION_FAILED);
   }
 }
 
 }  // namespace
 
 void ProfileSyncService::OnConnectionStatusChange(
     syncer::ConnectionStatus status) {
-  const GoogleServiceAuthError auth_error =
-      ConnectionStatusToAuthError(status);
-  DVLOG(1) << "Connection status change: " << auth_error.ToString();
-  UpdateAuthErrorState(auth_error);
+  if (status == syncer::CONNECTION_AUTH_ERROR) {
+    // Sync or Tango server returned error indicating that access token is
+    // invalid. It could be either expired or access is revoked. Let's request
+    // another access token and if access is revoked then request for token will
+    // fail with corresponding error.
+    RequestAccessToken(true, true);
+  } else {
+    const GoogleServiceAuthError auth_error =
+        ConnectionStatusToAuthError(status);
+    DVLOG(1) << "Connection status change: " << auth_error.ToString();
+    UpdateAuthErrorState(auth_error);
+  }
 }
 
 void ProfileSyncService::OnStopSyncingPermanently() {
   sync_prefs_.SetStartSuppressed(true);
   DisableForUser();
 }
 
 void ProfileSyncService::OnPassphraseRequired(
     syncer::PassphraseRequiredReason reason,
     const sync_pb::EncryptedData& pending_keys) {
@@ skipping 722 matching lines @@
     }
   }
 
   // If we get here, we don't have pending keys (or at least, the passphrase
   // doesn't decrypt them) - just try to re-encrypt using the encryption
   // passphrase.
   if (!IsUsingSecondaryPassphrase())
     SetEncryptionPassphrase(passphrase, IMPLICIT);
 }
 
+void ProfileSyncService::RequestAccessToken(
+    bool invalidate_previous_token,
+    bool invoke_callback) {
+  // Only one active request at a time.
+  if (access_token_request_ != NULL)
+    return;
+  OAuth2TokenService::ScopeSet oauth2_scopes;
+  for (size_t i = 0; i < arraysize(kOAuth2Scopes); i++)
+    oauth2_scopes.insert(kOAuth2Scopes[i]);
+  OAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
+  if (invalidate_previous_token) {
+    // Invalidate previous token, othervise token service will return the same

[Andrew T Wilson (Slow), 2013/05/31 12:57:28]

nit:othervise->otherwise. Also add a period at the end of the sentence.

[pavely, 2013/06/04 00:49:59]

Done.

+    // token again
+    token_service->InvalidateToken(oauth2_scopes, access_token_);
+    access_token_.clear();
+  }
+  access_token_request_ = token_service->StartRequest(oauth2_scopes, this);
+  if (!invoke_callback) {
+    // Deleting request will not cancel RPC but callbacks won't be invoked.
+    access_token_request_.reset();
+  }
+}
+
 void ProfileSyncService::SetEncryptionPassphrase(const std::string& passphrase,
                                                  PassphraseType type) {
   // This should only be called when the backend has been initialized.
   DCHECK(sync_initialized());
   DCHECK(!(type == IMPLICIT && IsUsingSecondaryPassphrase())) <<
       "Data is already encrypted using an explicit passphrase";
   DCHECK(!(type == EXPLICIT &&
            passphrase_required_reason_ == syncer::REASON_DECRYPTION)) <<
          "Can not set explicit passphrase when decryption is needed.";
 
@@ skipping 83 matching lines @@
       RefreshSpareBootstrapToken(successful->password);
 #endif
       if (!sync_initialized() ||
           GetAuthError().state() != AuthError::NONE) {
         // Track the fact that we're still waiting for auth to complete.
         is_auth_in_progress_ = true;
       }
       break;
     }
     case chrome::NOTIFICATION_TOKEN_REQUEST_FAILED: {
+      // TODO(atwilson): sync shouldn't report refresh token request failures.
+      // TokenService should do that instead.
       const TokenService::TokenRequestFailedDetails& token_details =
           *(content::Details<const TokenService::TokenRequestFailedDetails>(
               details).ptr());
-      if (IsTokenServiceRelevant(token_details.service()) &&
-          !IsSyncTokenAvailable()) {
-        // The additional check around IsSyncTokenAvailable() above prevents us
-        // sounding the alarm if we actually have a valid token but a refresh
-        // attempt by TokenService failed for any variety of reasons (e.g. flaky
-        // network). It's possible the token we do have is also invalid, but in
-        // that case we should already have (or can expect) an auth error sent
-        // from the sync backend.
+      if (token_details.service() ==
+          GaiaConstants::kGaiaOAuth2LoginRefreshToken &&
+          !IsOAuthRefreshTokenAvailable()) {
+        // The additional check around IsOAuthRefreshTokenAvailable() above
+        // prevents us sounding the alarm if we actually have a valid token but
+        // a refresh attempt by TokenService failed for any variety of reasons
+        // (e.g. flaky network). It's possible the token we do have is also
+        // invalid, but in that case we should already have (or can expect) an
+        // auth error sent from the sync backend.
         AuthError error(AuthError::INVALID_GAIA_CREDENTIALS);
         UpdateAuthErrorState(error);
       }
       break;
     }
     case chrome::NOTIFICATION_TOKEN_AVAILABLE: {
+      // TODO(atwilson): Listen for notifications on OAuth2TokenService
+      // (crbug.com/243737)
       const TokenService::TokenAvailableDetails& token_details =
           *(content::Details<const TokenService::TokenAvailableDetails>(
               details).ptr());
-      if (!IsTokenServiceRelevant(token_details.service()))
+      if (token_details.service() !=
+          GaiaConstants::kGaiaOAuth2LoginRefreshToken)
         break;
     } // Fall through.
     case chrome::NOTIFICATION_TOKEN_LOADING_FINISHED: {
       // This notification gets fired when TokenService loads the tokens
       // from storage.
       // Initialize the backend if sync is enabled. If the sync token was
       // not loaded, GetCredentials() will generate invalid credentials to
       // cause the backend to generate an auth error (crbug.com/121755).
       if (backend_)
-        backend_->UpdateCredentials(GetCredentials());
+        RequestAccessToken(true, true);
       else
+        RequestAccessToken(true, false);

[Andrew T Wilson (Slow), 2013/05/31 12:57:28]

Doesn't this fetch a token on every startup even if sync is disabled? That seems
bad. Also, note that this else statement is broken (there are no brackets where
there should be).

Have I mentioned that I think doing this token prefetch is unnecessarily complex
and will lead to maintenance headaches? ;-P

         TryStart();
       break;
     }
     case chrome::NOTIFICATION_TOKENS_CLEARED: {
       // GetCredentials() will generate invalid credentials to cause the backend
       // to generate an auth error.
+      access_token_.clear();
       if (backend_)
         backend_->UpdateCredentials(GetCredentials());
       break;
     }
     case chrome::NOTIFICATION_GOOGLE_SIGNED_OUT:
       // Disable sync if the user is signed out.
       DisableForUser();
       break;
     default: {
       NOTREACHED();
@@ skipping 116 matching lines @@
 std::string ProfileSyncService::GetEffectiveUsername() {
 #if defined(ENABLE_MANAGED_USERS)
   if (ManagedUserService::ProfileIsManaged(profile_)) {
     DCHECK_EQ(std::string(), signin_->GetAuthenticatedUsername());
     return ManagedUserService::GetManagedUserPseudoEmail();
   }
 #endif
 
   return signin_->GetAuthenticatedUsername();
 }
-