Wire up the identity API for enterprise Kiosk Apps.

chrome/browser/extensions/api/identity/experimental_identity_api.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_EXTENSIONS_API_IDENTITY_EXPERIMENTAL_IDENTITY_API_H_
 #define CHROME_BROWSER_EXTENSIONS_API_IDENTITY_EXPERIMENTAL_IDENTITY_API_H_
 
 #include <string>
 #include <vector>
 
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
 #include "chrome/browser/extensions/api/identity/experimental_web_auth_flow.h"
 #include "chrome/browser/extensions/api/identity/identity_mint_queue.h"
 #include "chrome/browser/extensions/api/identity/identity_signin_flow.h"
 #include "chrome/browser/extensions/extension_function.h"
 #include "chrome/browser/extensions/extension_install_prompt.h"
+#include "chrome/browser/signin/oauth2_token_service.h"
 #include "google_apis/gaia/oauth2_mint_token_flow.h"
 
 namespace extensions {
 
 // TODO(courage): These functions exist to support some apps that were
 // whitelisted to use the experimental API. Remove them once those
 // apps have migrated.
 
 // experimental.identity.getAuthToken fetches an OAuth 2 function for
 // the caller. The request has three sub-flows: non-interactive,
 // interactive, and sign-in.
 //
 // In the non-interactive flow, getAuthToken requests a token from
 // GAIA. GAIA may respond with a token, an error, or "consent
 // required". In the consent required cases, getAuthToken proceeds to
 // the second, interactive phase.
 //
 // The interactive flow presents a scope approval dialog to the
 // user. If the user approves the request, a grant will be recorded on
 // the server, and an access token will be returned to the caller.
 //
 // In some cases we need to display a sign-in dialog. Normally the
 // profile will be signed in already, but if it turns out we need a
 // new login token, there is a sign-in flow. If that flow completes
 // successfully, getAuthToken proceeds to the non-interactive flow.
 class ExperimentalIdentityGetAuthTokenFunction
     : public AsyncExtensionFunction,
       public ExtensionInstallPrompt::Delegate,
       public OAuth2MintTokenFlow::Delegate,
-      public IdentitySigninFlow::Delegate {
+      public IdentitySigninFlow::Delegate,
+      public OAuth2TokenService::Consumer {

[Michael Courage, 2013/06/20 00:19:42]

chrome.experimental.identity is only around for a couple of apps that got
permission to use the API in order to launch before chrome.identity.

Unless there's some reason, we should be doing everything for Kiosk on
chrome.identity, and leave the experimental API as is.

[Mattias Nissler (ping if slow), 2013/06/21 02:44:46]

OK, reverted the experimental changes.

  public:
   DECLARE_EXTENSION_FUNCTION("experimental.identity.getAuthToken",
                              EXPERIMENTAL_IDENTITY_GETAUTHTOKEN);
 
   ExperimentalIdentityGetAuthTokenFunction();
   virtual bool RunImpl() OVERRIDE;
 
  protected:
   virtual ~ExperimentalIdentityGetAuthTokenFunction();
 
@@ skipping 18 matching lines @@
       const IssueAdviceInfo& issue_advice) OVERRIDE;
 
   // IdentitySigninFlow::Delegate implementation:
   virtual void SigninSuccess(const std::string& token) OVERRIDE;
   virtual void SigninFailed() OVERRIDE;
 
   // ExtensionInstallPrompt::Delegate implementation:
   virtual void InstallUIProceed() OVERRIDE;
   virtual void InstallUIAbort(bool user_initiated) OVERRIDE;
 
+  // OAuth2TokenService::Consumer implementation:
+  virtual void OnGetTokenSuccess(const OAuth2TokenService::Request* request,
+                                 const std::string& access_token,
+                                 const base::Time& expiration_time) OVERRIDE;
+  virtual void OnGetTokenFailure(const OAuth2TokenService::Request* request,
+                                 const GoogleServiceAuthError& error) OVERRIDE;
+
   // Starts a mint token request to GAIA.
   void StartGaiaRequest(OAuth2MintTokenFlow::Mode mode);
 
   // Methods for invoking UI. Overridable for testing.
   virtual void ShowLoginPopup();
   virtual void ShowOAuthApprovalDialog(const IssueAdviceInfo& issue_advice);
   // Caller owns the returned instance.
   virtual OAuth2MintTokenFlow* CreateMintTokenFlow(
       OAuth2MintTokenFlow::Mode mode);
 
   // Checks if there is a master login token to mint tokens for the extension.
   virtual bool HasLoginToken() const;
 
   bool should_prompt_for_scopes_;
   scoped_ptr<OAuth2MintTokenFlow> mint_token_flow_;
   std::string refresh_token_;
   bool should_prompt_for_signin_;
 
   // When launched in interactive mode, and if there is no existing grant,
   // a permissions prompt will be popped up to the user.
   IssueAdviceInfo issue_advice_;
   scoped_ptr<ExtensionInstallPrompt> install_ui_;
   scoped_ptr<IdentitySigninFlow> signin_flow_;
+  scoped_ptr<OAuth2TokenService::Request> device_token_request_;
 };
 
 class ExperimentalIdentityLaunchWebAuthFlowFunction
     : public AsyncExtensionFunction,
       public ExperimentalWebAuthFlow::Delegate {
  public:
   DECLARE_EXTENSION_FUNCTION("experimental.identity.launchWebAuthFlow",
                              EXPERIMENTAL_IDENTITY_LAUNCHWEBAUTHFLOW);
   ExperimentalIdentityLaunchWebAuthFlowFunction();
 
@@ skipping 17 matching lines @@
  private:
   // ExperimentalWebAuthFlow::Delegate implementation.
   virtual void OnAuthFlowFailure(ExperimentalWebAuthFlow::Failure failure)
       OVERRIDE;
   virtual void OnAuthFlowURLChange(const GURL& redirect_url) OVERRIDE;
 };
 
 }  // namespace extensions
 
 #endif  // CHROME_BROWSER_EXTENSIONS_API_IDENTITY_EXPERIMENTAL_IDENTITY_API_H_