arc: Use incognito profile for OptIn and cookie fetcher

chrome/browser/chromeos/arc/arc_auth_service.cc

Index: chrome/browser/chromeos/arc/arc_auth_service.cc
diff --git a/chrome/browser/chromeos/arc/arc_auth_service.cc b/chrome/browser/chromeos/arc/arc_auth_service.cc
index 5755999c4e3467be926a25b7f62c11da1a602091..32b4f76c1341ca8ca33df090208912b77ed997fb 100644
--- a/chrome/browser/chromeos/arc/arc_auth_service.cc
+++ b/chrome/browser/chromeos/arc/arc_auth_service.cc
@@ -7,13 +7,26 @@
 #include <utility>
 
 #include "base/command_line.h"
-#include "chrome/browser/chromeos/arc/arc_auth_ui.h"
+#include "base/strings/stringprintf.h"
+#include "chrome/browser/chromeos/profiles/profile_helper.h"

[xiyuan, 2016/02/11 17:57:20]

remove?

[khmel, 2016/02/12 02:45:23]

Done.

+#include "chrome/browser/extensions/extension_util.h"
 #include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
+#include "chrome/browser/signin/signin_manager_factory.h"
+#include "chrome/browser/ui/app_list/app_list_controller_delegate.h"
+#include "chrome/browser/ui/app_list/app_list_service.h"
 #include "chrome/common/pref_names.h"
 #include "chromeos/chromeos_switches.h"
 #include "components/arc/arc_bridge_service.h"
 #include "components/pref_registry/pref_registry_syncable.h"
 #include "components/prefs/pref_service.h"
+#include "components/signin/core/browser/profile_oauth2_token_service.h"
+#include "components/signin/core/browser/signin_manager_base.h"
+#include "content/public/browser/storage_partition.h"
+#include "content/public/common/url_constants.h"
+#include "extensions/browser/extension_registry.h"
+#include "extensions/common/extension.h"
+#include "google_apis/gaia/gaia_constants.h"
 
 namespace arc {
 
@@ -22,6 +35,9 @@ namespace {
 // Weak pointer.  This class is owned by ArcServiceManager.
 ArcAuthService* arc_auth_service = nullptr;
 
+const char kArcOptInExtensionId[] = "cnbgggchhmkkdmeppjobngjoejnihlei";
+const char kArcOptStorageId[] = "arc_opt_in";
+
 // Skip creating UI in unit tests
 bool disable_ui_for_testing = false;
 
@@ -40,7 +56,7 @@ ArcAuthService::ArcAuthService(ArcBridgeService* bridge_service)
 }
 
 ArcAuthService::~ArcAuthService() {
-  DCHECK(!auth_ui_ && !profile_);
+  DCHECK(!profile_);
   arc_bridge_service()->RemoveObserver(this);
 
   DCHECK(arc_auth_service == this);
@@ -112,6 +128,13 @@ void ArcAuthService::OnPrimaryUserProfilePrepared(Profile* profile) {
   Shutdown();
 
   profile_ = profile;
+  // Reuse storage used in ARC OptIn platform app.
+  const std::string site_url =
+      base::StringPrintf("%s://%s/persist?%s", content::kGuestScheme,
+                         kArcOptInExtensionId, kArcOptStorageId);
+  storage_partition_ = content::BrowserContext::GetStoragePartitionForSite(
+      profile_, GURL(site_url));
+  CHECK(storage_partition_);
 
   // In case UI is disabled we assume that ARC is opted-in.
   if (!IsOptInVerificationDisabled()) {
@@ -122,7 +145,9 @@ void ArcAuthService::OnPrimaryUserProfilePrepared(Profile* profile) {
                    base::Unretained(this)));
     OnOptInPreferenceChanged();
   } else {
-    SetAuthCodeAndStartArc(std::string());
+    auth_code_ = std::string();

[xiyuan, 2016/02/11 17:57:20]

nit: auth_code_.clear();

[khmel, 2016/02/12 02:45:23]

Done.

+    ArcBridgeService::Get()->HandleStartup();
+    SetState(State::ENABLE);
   }
 }
 
@@ -132,6 +157,42 @@ void ArcAuthService::Shutdown() {
   pref_change_registrar_.RemoveAll();
 }
 
+void ArcAuthService::OnMergeSessionSuccess(const std::string& data) {
+  DCHECK(thread_checker_.CalledOnValidThread());
+
+  const extensions::Extension* extension =
+      extensions::ExtensionRegistry::Get(profile_)->GetInstalledExtension(
+          kArcOptInExtensionId);
+  CHECK(extension &&
+        extensions::util::IsAppLaunchable(kArcOptInExtensionId, profile_));
+
+  AppListControllerDelegate* controller =
+      AppListService::Get(chrome::GetActiveDesktop())->GetControllerDelegate();
+  controller->ActivateApp(profile_, extension,

[xiyuan, 2016/02/11 17:57:20]

Think we can just call OpenApplication() instead of doing this.

[khmel, 2016/02/12 02:45:23]

Yes, more convenient

+                          AppListControllerDelegate::LAUNCH_FROM_UNKNOWN, 0);
+}
+
+void ArcAuthService::OnMergeSessionFailure(
+    const GoogleServiceAuthError& error) {
+  DCHECK(thread_checker_.CalledOnValidThread());
+  VLOG(2) << "Failed to merge gaia session " << error.ToString() << ".";
+  OnAuthCodeFailed();
+}
+
+void ArcAuthService::OnUbertokenSuccess(const std::string& token) {
+  DCHECK(thread_checker_.CalledOnValidThread());
+  merger_fetcher_.reset(
+      new GaiaAuthFetcher(this, GaiaConstants::kChromeOSSource,
+                          storage_partition_->GetURLRequestContext()));
+  merger_fetcher_->StartMergeSession(token, std::string());
+}
+
+void ArcAuthService::OnUbertokenFailure(const GoogleServiceAuthError& error) {
+  DCHECK(thread_checker_.CalledOnValidThread());
+  VLOG(2) << "Failed to get ubertoken " << error.ToString() << ".";
+  OnAuthCodeFailed();
+}
+
 void ArcAuthService::OnOptInPreferenceChanged() {
   DCHECK(thread_checker_.CalledOnValidThread());
   DCHECK(profile_);
@@ -155,6 +216,8 @@ void ArcAuthService::OnOptInPreferenceChanged() {
 void ArcAuthService::ShutdownBridgeAndCloseUI() {
   CloseUI();
   auth_fetcher_.reset();
+  ubertoken_fethcher_.reset();
+  merger_fetcher_.reset();
   ArcBridgeService::Get()->Shutdown();
   SetState(State::DISABLE);
 }
@@ -170,25 +233,34 @@ void ArcAuthService::RemoveObserver(Observer* observer) {
 }
 
 void ArcAuthService::CloseUI() {
-  if (auth_ui_) {
-    auth_ui_->Close();
-    DCHECK(!auth_ui_);
-  }
+  FOR_EACH_OBSERVER(Observer, observer_list_, OnOptInUINeedToClose());
 }
 
 void ArcAuthService::SetAuthCodeAndStartArc(const std::string& auth_code) {
   DCHECK(thread_checker_.CalledOnValidThread());
-  DCHECK(!auth_code.empty() || IsOptInVerificationDisabled());
-  DCHECK_NE(state_, State::ENABLE);
+  DCHECK(!auth_code.empty());
+
+  State state = state_;
 
   ShutdownBridgeAndCloseUI();
 
+  if (state != State::FETCHING_CODE)
+    return;
+
   auth_code_ = auth_code;
   ArcBridgeService::Get()->HandleStartup();
-
   SetState(State::ENABLE);
 }
 
+void ArcAuthService::CheckAuthCode() {

[xiyuan, 2016/02/11 17:57:20]

Can we merge this with FetchAuthCode? It seems to be that this can be done if we
move SetState(State::FETCHING_CODE); to OnOptInPreferenceChanged() where
FetchAuthCode() is called. And this this would make the state change more
explicit.

[khmel, 2016/02/12 02:45:23]

Was also thinking about this, Thanks for confirmation.

+  DCHECK(thread_checker_.CalledOnValidThread());
+  if (state_ != State::FETCHING_CODE)
+    return;
+
+  auth_fetcher_.reset(
+      new ArcAuthFetcher(storage_partition_->GetURLRequestContext(), this));
+}
+
 void ArcAuthService::FetchAuthCode() {
   DCHECK(thread_checker_.CalledOnValidThread());
   DCHECK(state_ == State::DISABLE || state_ == State::NO_CODE);
@@ -198,7 +270,8 @@ void ArcAuthService::FetchAuthCode() {
 
   SetState(State::FETCHING_CODE);
 
-  auth_fetcher_.reset(new ArcAuthFetcher(profile_->GetRequestContext(), this));
+  auth_fetcher_.reset(
+      new ArcAuthFetcher(storage_partition_->GetURLRequestContext(), this));
 }
 
 void ArcAuthService::OnAuthCodeFetched(const std::string& auth_code) {
@@ -206,10 +279,30 @@ void ArcAuthService::OnAuthCodeFetched(const std::string& auth_code) {
   SetAuthCodeAndStartArc(auth_code);
 }
 
+void ArcAuthService::ShowUI() {
+  DCHECK(thread_checker_.CalledOnValidThread());
+
+  // Get auth token to continue.
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
+  SigninManagerBase* signin_manager =
+      SigninManagerFactory::GetForProfile(profile_);
+  CHECK(token_service && signin_manager);
+  const std::string& account_id = signin_manager->GetAuthenticatedAccountId();
+  ubertoken_fethcher_.reset(
+      new UbertokenFetcher(token_service, this, GaiaConstants::kChromeOSSource,
+                           storage_partition_->GetURLRequestContext()));
+  ubertoken_fethcher_->StartFetchingToken(account_id);
+}
+
 void ArcAuthService::OnAuthCodeNeedUI() {
+  DCHECK(thread_checker_.CalledOnValidThread());
   CloseUI();
-  if (!disable_ui_for_testing && !IsOptInVerificationDisabled())
-    auth_ui_ = new ArcAuthUI(profile_, this);
+
+  if (disable_ui_for_testing || IsOptInVerificationDisabled())
+    return;
+
+  ShowUI();
 }
 
 void ArcAuthService::OnAuthCodeFailed() {
@@ -219,11 +312,6 @@ void ArcAuthService::OnAuthCodeFailed() {
   SetState(State::NO_CODE);
 }
 
-void ArcAuthService::OnAuthUIClosed() {
-  DCHECK(auth_ui_);
-  auth_ui_ = nullptr;
-}
-
 std::ostream& operator<<(std::ostream& os, const ArcAuthService::State& state) {
   switch (state) {
     case ArcAuthService::State::DISABLE: