arc: Pass auth token from Chrome to ARC instance.

chrome/browser/chromeos/arc/arc_auth_service.h

Index: chrome/browser/chromeos/arc/arc_auth_service.h
diff --git a/chrome/browser/chromeos/arc/arc_auth_service.h b/chrome/browser/chromeos/arc/arc_auth_service.h
index d14d2b1a60d867ff858923466c29a0c62fad1b2a..be8800099d4856457d4726009965496daeb00473 100644
--- a/chrome/browser/chromeos/arc/arc_auth_service.h
+++ b/chrome/browser/chromeos/arc/arc_auth_service.h
@@ -6,10 +6,20 @@
 #define CHROME_BROWSER_CHROMEOS_ARC_ARC_AUTH_SERVICE_H_
 
 #include "base/macros.h"
+#include "base/observer_list.h"
+#include "base/threading/thread_checker.h"
 #include "components/arc/arc_bridge_service.h"
 #include "components/arc/arc_service.h"
 #include "components/arc/common/auth.mojom.h"
 #include "mojo/public/cpp/bindings/binding.h"
+#include "net/url_request/url_fetcher_delegate.h"
+
+class GURL;
+class Profile;
+
+namespace net {
+class URLFetcher;
+}  // namespace net
 
 namespace arc {
 
@@ -17,19 +27,67 @@ namespace arc {
 // LSO.
 class ArcAuthService : public ArcService,
                        public AuthHost,
-                       public ArcBridgeService::Observer {
+                       public ArcBridgeService::Observer,
+                       public net::URLFetcherDelegate {
  public:
+  enum class State {
+    DISABLE,         // ARC is not allowed to run (default).
+    FETCHING_TOKEN,  // ARC is allowed, receiving  auth_2 token.
+    NO_TOKEN,        // ARC is allowed, auth_2 token was not received.
+    ENABLE,          // ARC is allowed, auth_2 token was received.
+  };
+
+  class Observer {
+   public:
+    // Called whenever Opt-In state of the ARC has been changed.
+    virtual void OnOptInChanged(State state) = 0;
+  };
+
   explicit ArcAuthService(ArcBridgeService* bridge_service);
   ~ArcAuthService() override;
 
- private:
+  static ArcAuthService* Get();
+
+  void SetProfile(Profile* profile);
+  State state() const { return state_; }
+
+  // Sets the auth token. Can be set from internally or from external component
+  // that accepts user's credentials. This actually starts ARC bridge service.
+  void SetAuthTokenAndStartArc(const std::string auth_token);
+
+  std::string GetAuthToken();
+
+  // Adds or removes observers.
+  void AddObserver(Observer* observer);
+  void RemoveObserver(Observer* observer);
+
+  // net::URLFetcherDelegate overrides.
+  void OnURLFetchComplete(const net::URLFetcher* source) override;
+
+  // Helper function to compose target URL, also is used in test.
+  static GURL CreateURL(Profile* profile);
+
   // Overrides ArcBridgeService::Observer.
   void OnAuthInstanceReady() override;
 
-  // Overrides AuthHost.
+  // Overrides AuthHost.  For security reason this token can be used only

[elijahtaylor1, 2016/01/26 01:02:14]

I'm confused by the token/code terminology.  IIUC we are only getting Auth codes
to pass to ARC.  If that's the case, I think mixing "Token" here confuses
things.  Can you clarify the difference in comments or fix the code?

+  // once and exists for specific period of time.
   void GetAuthCode(const GetAuthCodeCallback& callback) override;
 
+ private:
+  void FetchToken();
+  // Finds auth token in cookies.
+  static bool ParseAuthToken(const net::URLFetcher* source, std::string* token);
+
+  // Unowned pointer. Keeps current profile.
+  Profile* profile_ = nullptr;
+
   mojo::Binding<AuthHost> binding_;
+  base::ThreadChecker thread_checker_;
+  State state_ = State::DISABLE;
+  base::ObserverList<Observer> observer_list_;
+  scoped_ptr<net::URLFetcher> auth_fetcher_;
+  std::string auth_token_;
 
   DISALLOW_COPY_AND_ASSIGN(ArcAuthService);
 };