Chromium Code Reviews Chromium Code Reviews
Issue 17009016:
Wire up the identity API for enterprise Kiosk Apps. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/extensions/api/identity/identity_api.cc |
| diff --git a/chrome/browser/extensions/api/identity/identity_api.cc b/chrome/browser/extensions/api/identity/identity_api.cc |
| index 8df916f6d7f8bfd65799fde02c29068681200c92..aa7687e67ca00d68b1dba64ed9378057b00ac196 100644 |
| --- a/chrome/browser/extensions/api/identity/identity_api.cc |
| +++ b/chrome/browser/extensions/api/identity/identity_api.cc |
| @@ -18,6 +18,7 @@ |
| #include "chrome/browser/browser_process.h" |
| #include "chrome/browser/extensions/extension_function_dispatcher.h" |
| #include "chrome/browser/extensions/extension_service.h" |
| +#include "chrome/browser/policy/browser_policy_connector.h" |
| #include "chrome/browser/profiles/profile.h" |
| #include "chrome/browser/signin/signin_manager.h" |
| #include "chrome/browser/signin/signin_manager_factory.h" |
| @@ -34,6 +35,8 @@ |
| #if defined(OS_CHROMEOS) |
| #include "chrome/browser/chromeos/login/user_manager.h" |
| +#include "chrome/browser/chromeos/settings/device_oauth2_token_service.h" |
| +#include "chrome/browser/chromeos/settings/device_oauth2_token_service_factory.h" |
| #endif |
| namespace extensions { |
| @@ -100,6 +103,18 @@ bool IdentityGetAuthTokenFunction::RunImpl() { |
| // Balanced in CompleteFunctionWithResult|CompleteFunctionWithError |
| AddRef(); |
| +#if defined(OS_CHROMEOS) |
| + if (chromeos::UserManager::Get()->IsLoggedInAsKioskApp() && |
| + g_browser_process->browser_policy_connector()->IsEnterpriseManaged()) { |
| + OAuth2TokenService::ScopeSet scope_set(oauth2_info.scopes.begin(), |
| + oauth2_info.scopes.end()); |
| + device_token_request_ = |
| + chromeos::DeviceOAuth2TokenServiceFactory::Get()->StartRequest( |
|
Michael Courage
2013/06/20 00:19:42
The OAuth2TokenService will request tokens using C
Mattias Nissler (ping if slow)
2013/06/21 02:44:46
I'm aware of that. The any-api refresh token we ha
|
| + scope_set, this); |
| + return true; |
| + } |
| +#endif |
| + |
| if (!HasLoginToken()) { |
| if (!should_prompt_for_signin_) { |
| error_ = identity_constants::kUserNotSignedIn; |
| @@ -355,6 +370,31 @@ void IdentityGetAuthTokenFunction::OnGaiaFlowCompleted( |
| CompleteFunctionWithResult(access_token); |
| } |
| +void IdentityGetAuthTokenFunction::OnGetTokenSuccess( |
| + const OAuth2TokenService::Request* request, |
| + const std::string& access_token, |
| + const base::Time& expiration_time) { |
| + DCHECK_EQ(device_token_request_.get(), request); |
| + device_token_request_.reset(); |
| + |
| + const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension()); |
| + IdentityTokenCacheValue token(access_token, |
| + expiration_time - base::Time::Now()); |
| + IdentityAPI::GetFactoryInstance()->GetForProfile(profile())->SetCachedToken( |
|
Michael Courage
2013/06/20 00:19:42
The Kiosk flow in RunImpl diverges before reading
Mattias Nissler (ping if slow)
2013/06/21 02:44:46
Moved token minting to the right place.
|
| + GetExtension()->id(), oauth2_info.scopes, token); |
| + |
| + CompleteFunctionWithResult(access_token); |
| +} |
| + |
| +void IdentityGetAuthTokenFunction::OnGetTokenFailure( |
| + const OAuth2TokenService::Request* request, |
| + const GoogleServiceAuthError& error) { |
| + DCHECK_EQ(device_token_request_.get(), request); |
| + device_token_request_.reset(); |
| + |
| + CompleteFunctionWithError(error.ToString()); |
|
Michael Courage
2013/06/20 00:19:42
There's no way to get all error messages in sync g
Mattias Nissler (ping if slow)
2013/06/21 02:44:46
Done.
|
| +} |
| + |
| void IdentityGetAuthTokenFunction::StartGaiaRequest( |
| OAuth2MintTokenFlow::Mode mode) { |
| mint_token_flow_.reset(CreateMintTokenFlow(mode)); |
