Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(305)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/api/identity/identity_api.cc

Issue 17009016: Wire up the identity API for enterprise Kiosk Apps. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase. Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/extensions/api/identity/identity_api.h ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/api/identity/identity_api.cc
diff --git a/chrome/browser/extensions/api/identity/identity_api.cc b/chrome/browser/extensions/api/identity/identity_api.cc
index 33bda113d246f602870b802c96965b55c247da4a..12986dc6c0a9268ec08ccf9082c871e937d054bc 100644
--- a/chrome/browser/extensions/api/identity/identity_api.cc
+++ b/chrome/browser/extensions/api/identity/identity_api.cc
@@ -18,6 +18,7 @@
#include "chrome/browser/browser_process.h"
#include "chrome/browser/extensions/extension_function_dispatcher.h"
#include "chrome/browser/extensions/extension_service.h"
+#include "chrome/browser/policy/browser_policy_connector.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/signin/signin_manager.h"
#include "chrome/browser/signin/signin_manager_factory.h"
@@ -36,6 +37,8 @@
#if defined(OS_CHROMEOS)
#include "chrome/browser/chromeos/login/user_manager.h"
+#include "chrome/browser/chromeos/settings/device_oauth2_token_service.h"
+#include "chrome/browser/chromeos/settings/device_oauth2_token_service_factory.h"
#endif
namespace extensions {
@@ -103,6 +106,14 @@ bool IdentityGetAuthTokenFunction::RunImpl() {
// Balanced in CompleteFunctionWithResult|CompleteFunctionWithError
AddRef();
+#if defined(OS_CHROMEOS)
+ if (chromeos::UserManager::Get()->IsLoggedInAsKioskApp() &&
+ g_browser_process->browser_policy_connector()->IsEnterpriseManaged()) {
+ StartMintTokenFlow(IdentityMintRequestQueue::MINT_TYPE_NONINTERACTIVE);
+ return true;
+ }
+#endif
+
if (!HasLoginToken()) {
if (!should_prompt_for_signin_) {
error_ = identity_constants::kUserNotSignedIn;
@@ -208,11 +219,21 @@ void IdentityGetAuthTokenFunction::StartMintToken(
case IdentityTokenCacheValue::CACHE_STATUS_NOTFOUND:
#if defined(OS_CHROMEOS)
// Always force minting token for ChromeOS kiosk app.
- if (chrome::IsRunningInForcedAppMode()) {
- StartGaiaRequest(OAuth2MintTokenFlow::MODE_MINT_TOKEN_FORCE);
+ if (chromeos::UserManager::Get()->IsLoggedInAsKioskApp()) {
+ if (g_browser_process->browser_policy_connector()->
+ IsEnterpriseManaged()) {
+ OAuth2TokenService::ScopeSet scope_set(oauth2_info.scopes.begin(),
+ oauth2_info.scopes.end());
+ device_token_request_ =
+ chromeos::DeviceOAuth2TokenServiceFactory::Get()->StartRequest(
+ scope_set, this);
+ } else {
+ StartGaiaRequest(OAuth2MintTokenFlow::MODE_MINT_TOKEN_FORCE);
+ }
return;
}
#endif
+
if (oauth2_info.auto_approve)
// oauth2_info.auto_approve is protected by a whitelist in
// _manifest_features.json hence only selected extensions take
@@ -362,6 +383,31 @@ void IdentityGetAuthTokenFunction::OnGaiaFlowCompleted(
CompleteFunctionWithResult(access_token);
}
+void IdentityGetAuthTokenFunction::OnGetTokenSuccess(
+ const OAuth2TokenService::Request* request,
+ const std::string& access_token,
+ const base::Time& expiration_time) {
+ DCHECK_EQ(device_token_request_.get(), request);
+ device_token_request_.reset();
+
+ const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension());
+ IdentityTokenCacheValue token(access_token,
+ expiration_time - base::Time::Now());
+ IdentityAPI::GetFactoryInstance()->GetForProfile(profile())->SetCachedToken(
+ GetExtension()->id(), oauth2_info.scopes, token);
+
Michael Courage 2013/06/21 06:13:39 You need to CompleteMintTokenFlow() here to releas
Mattias Nissler (ping if slow) 2013/06/21 06:46:44 Done.
+ CompleteFunctionWithResult(access_token);
+}
+
+void IdentityGetAuthTokenFunction::OnGetTokenFailure(
+ const OAuth2TokenService::Request* request,
+ const GoogleServiceAuthError& error) {
+ DCHECK_EQ(device_token_request_.get(), request);
+ device_token_request_.reset();
+
+ OnGaiaFlowFailure(GaiaWebAuthFlow::SERVICE_AUTH_ERROR, error, std::string());
+}
+
void IdentityGetAuthTokenFunction::StartGaiaRequest(
OAuth2MintTokenFlow::Mode mode) {
mint_token_flow_.reset(CreateMintTokenFlow(mode));
« no previous file with comments | « chrome/browser/extensions/api/identity/identity_api.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698