Device robot refresh token integrity validation.

chrome/browser/signin/oauth2_token_service.h

Index: chrome/browser/signin/oauth2_token_service.h
diff --git a/chrome/browser/signin/oauth2_token_service.h b/chrome/browser/signin/oauth2_token_service.h
index e96b9c17c3d84c16f364b707b646de6ef06fcb87..db44f3b1917d28df36409e2c0ad2b142586fbba8 100644
--- a/chrome/browser/signin/oauth2_token_service.h
+++ b/chrome/browser/signin/oauth2_token_service.h
@@ -87,10 +87,6 @@ class OAuth2TokenService {
   virtual scoped_ptr<Request> StartRequest(const ScopeSet& scopes,
                                            Consumer* consumer);
 
-  // Returns true if a refresh token exists. If false, calls to
-  // |StartRequest| will result in a Consumer::OnGetTokenFailure callback.
-  bool RefreshTokenIsAvailable();
-
   // Mark an OAuth2 access token as invalid. This should be done if the token
   // was received from this class, but was not accepted by the server (e.g.,
   // the server returned 401 Unauthorized). The token will be removed from the
@@ -100,8 +96,28 @@ class OAuth2TokenService {
 
   // Return the current number of entries in the cache.
   int cache_size_for_testing() const;
+  void set_max_authorization_token_fetch_retries_for_testing(int max_retries);

[Andrew T Wilson (Slow), 2013/06/20 17:47:28]

can we inject this in the constructor instead and pass that along to the
Fetcher?

[David Roche, 2013/06/20 18:17:18]

Passing this to the constructor would require plumbing it through to all the
subclass implementations and the factories that create them:

DeviceOAuth2TokenService
DeviceOAuth2TokenServiceFactory
ProfileOAuth2TokenService
ProfileOAuth2TokenServiceFactory
AndroidProfileOAuth2TokenService

Since this was only for test purposes, I was inclined to keep this as a simple
*_for_testing method rather that impacting all those classes.  WDYT?

 
  protected:
+  // Implements a cancelable |OAuth2TokenService::Request|, which should be
+  // operated on the UI thread.
+  class RequestImpl : public base::SupportsWeakPtr<RequestImpl>,

[Andrew T Wilson (Slow), 2013/06/20 17:47:28]

This is fine, but I wonder now if it's time to move this into a separate header
file rather than in this public file.

[David Roche, 2013/06/20 18:17:18]

Ideally this would just be hidden, since it's an impl detail of this class.  I
could do that now, but I need to work cancellable requests into
DeviceOAuth2TokenService, which may call for this to be exposed to subclasses. 
I'll take a note to resolve this one way or the other when I'm making that
change.

+                      public Request {
+   public:
+    // |consumer| is required to outlive this.
+    explicit RequestImpl(Consumer* consumer);
+    virtual ~RequestImpl();
+
+    // Informs |consumer_| that this request is completed.
+    void InformConsumer(const GoogleServiceAuthError& error,
+                        const std::string& access_token,
+                        const base::Time& expiration_date);
+
+   private:
+    // |consumer_| to call back when this request completes.
+    Consumer* const consumer_;
+  };
+
   // Subclasses should return the refresh token maintained.
   // If no token is available, return an empty string.
   virtual std::string GetRefreshToken() = 0;
@@ -121,33 +137,14 @@ class OAuth2TokenService {
   // given scopes.
   bool HasCacheEntry(const ScopeSet& scopes);
 
-  // Posts a task to fire the Consumer callback with the cached token.  Must
-  // only be called if HasCacheEntry() returns true.
+  // Posts a task to fetch the cached token for the given in-flight Request.
+  // Must only be called if HasCacheEntry() returns true.
   scoped_ptr<Request> StartCacheLookupRequest(const ScopeSet& scopes,
-                                              Consumer* consumer);
+                                              scoped_ptr<RequestImpl> request);
 
   // Clears the internal token cache.
   void ClearCache();
 
-  // Implements a cancelable |OAuth2TokenService::Request|, which should be
-  // operated on the UI thread.
-  class RequestImpl : public base::SupportsWeakPtr<RequestImpl>,
-                      public Request {
-   public:
-    // |consumer| is required to outlive this.
-    explicit RequestImpl(Consumer* consumer);
-    virtual ~RequestImpl();
-
-    // Informs |consumer_| that this request is completed.
-    void InformConsumer(const GoogleServiceAuthError& error,
-                        const std::string& access_token,
-                        const base::Time& expiration_date);
-
-   private:
-    // |consumer_| to call back when this request completes.
-    Consumer* const consumer_;
-  };
-
  private:
   // Class that fetches an OAuth2 access token for a given set of scopes and
   // OAuth2 refresh token.
@@ -189,6 +186,8 @@ class OAuth2TokenService {
   // A map from fetch parameters to a fetcher that is fetching an OAuth2 access
   // token using these parameters.
   std::map<FetchParameters, Fetcher*> pending_fetchers_;
+  // Maximum number of retries in fetching an OAuth2 access token.
+  static int max_fetch_retry_num_;
 
   DISALLOW_COPY_AND_ASSIGN(OAuth2TokenService);
 };