Chromium Code Reviews Chromium Code Reviews
Issue 17109006:
Device robot refresh token integrity validation. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| Index: chrome/browser/signin/oauth2_token_service.h |
| diff --git a/chrome/browser/signin/oauth2_token_service.h b/chrome/browser/signin/oauth2_token_service.h |
| index e96b9c17c3d84c16f364b707b646de6ef06fcb87..aea4ea88fb0556b5064eb0787b742c067eccbb56 100644 |
| --- a/chrome/browser/signin/oauth2_token_service.h |
| +++ b/chrome/browser/signin/oauth2_token_service.h |
| @@ -26,7 +26,7 @@ class URLRequestContextGetter; |
| class GoogleServiceAuthError; |
| // Abstract base class for a service that fetches and caches OAuth2 access |
| -// tokens. Concrete subclasses should implement GetRefreshToken to return |
| +// tokens. Concrete subclasses should implement StartGetRefreshToken to provide |
| // the appropriate refresh token. |
| // |
| // All calls are expected from the UI thread. |
| @@ -87,10 +87,6 @@ class OAuth2TokenService { |
| virtual scoped_ptr<Request> StartRequest(const ScopeSet& scopes, |
| Consumer* consumer); |
| - // Returns true if a refresh token exists. If false, calls to |
| - // |StartRequest| will result in a Consumer::OnGetTokenFailure callback. |
| - bool RefreshTokenIsAvailable(); |
| - |
| // Mark an OAuth2 access token as invalid. This should be done if the token |
| // was received from this class, but was not accepted by the server (e.g., |
| // the server returned 401 Unauthorized). The token will be removed from the |
| @@ -100,12 +96,49 @@ class OAuth2TokenService { |
| // Return the current number of entries in the cache. |
| int cache_size_for_testing() const; |
| + void set_max_authorization_token_fetch_retries_for_testing(int max_retries); |
| protected: |
| + // Interface that StartGetRefreshToken calls back into. |
| + class RefreshTokenValidationConsumer { |
| + public: |
| + virtual void OnRefreshTokenValidationComplete( |
|
Mattias Nissler (ping if slow)
2013/06/19 17:53:17
this should just be a base::Callback
David Roche
2013/06/20 17:49:29
Removed completely.
|
| + const std::string& refresh_token, |
| + bool is_valid) = 0; |
| + }; |
| + |
| + // Implements a cancelable |OAuth2TokenService::Request|, which should be |
| + // operated on the UI thread. |
| + class RequestImpl : public base::SupportsWeakPtr<RequestImpl>, |
| + public Request { |
| + public: |
| + // |consumer| is required to outlive this. |
| + explicit RequestImpl(Consumer* consumer); |
| + virtual ~RequestImpl(); |
| + |
| + // Informs |consumer_| that this request is completed. |
| + void InformConsumer(const GoogleServiceAuthError& error, |
| + const std::string& access_token, |
| + const base::Time& expiration_date); |
| + |
| + private: |
| + // |consumer_| to call back when this request completes. |
| + Consumer* const consumer_; |
| + }; |
| + |
| // Subclasses should return the refresh token maintained. |
| // If no token is available, return an empty string. |
| virtual std::string GetRefreshToken() = 0; |
| + // Subclasses can optionally implement this method to validate the given |
| + // refresh token. Return true if the validation is started and the |
| + // callback should be expected, or false if validation is skipped and the |
| + // token should be used directly. This method may be invoked in parallel; |
| + // subclasses must ensure that all consumers are notified of the results. |
| + virtual bool StartRefreshTokenValidation( |
| + const std::string refresh_token, |
| + RefreshTokenValidationConsumer* consumer); |
| + |
| // Subclasses can override if they want to report errors to the user. |
| virtual void UpdateAuthError(const GoogleServiceAuthError& error); |
| @@ -121,33 +154,14 @@ class OAuth2TokenService { |
| // given scopes. |
| bool HasCacheEntry(const ScopeSet& scopes); |
| - // Posts a task to fire the Consumer callback with the cached token. Must |
| - // only be called if HasCacheEntry() returns true. |
| + // Posts a task to fetch the cached token for the given in-flight Request. |
| + // Must only be called if HasCacheEntry() returns true. |
| scoped_ptr<Request> StartCacheLookupRequest(const ScopeSet& scopes, |
| - Consumer* consumer); |
| + scoped_ptr<RequestImpl> request); |
| // Clears the internal token cache. |
| void ClearCache(); |
| - // Implements a cancelable |OAuth2TokenService::Request|, which should be |
| - // operated on the UI thread. |
| - class RequestImpl : public base::SupportsWeakPtr<RequestImpl>, |
| - public Request { |
| - public: |
| - // |consumer| is required to outlive this. |
| - explicit RequestImpl(Consumer* consumer); |
| - virtual ~RequestImpl(); |
| - |
| - // Informs |consumer_| that this request is completed. |
| - void InformConsumer(const GoogleServiceAuthError& error, |
| - const std::string& access_token, |
| - const base::Time& expiration_date); |
| - |
| - private: |
| - // |consumer_| to call back when this request completes. |
| - Consumer* const consumer_; |
| - }; |
| - |
| private: |
| // Class that fetches an OAuth2 access token for a given set of scopes and |
| // OAuth2 refresh token. |
| @@ -189,6 +203,8 @@ class OAuth2TokenService { |
| // A map from fetch parameters to a fetcher that is fetching an OAuth2 access |
| // token using these parameters. |
| std::map<FetchParameters, Fetcher*> pending_fetchers_; |
| + // Maximum number of retries in fetching an OAuth2 access token. |
| + static int max_fetch_retry_num_; |
| DISALLOW_COPY_AND_ASSIGN(OAuth2TokenService); |
| }; |
