Identification via OAuth tokens

chrome/browser/resources/google_now/background.js

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 'use strict';
 
 /**
  * @fileoverview The event page for Google Now for Chrome implementation.
  * The Google Now event page gets Google Now cards from the server and shows
  * them as Chrome notifications.
@@ skipping 14 matching lines @@
 // TODO(vadimt): Remove 'console' calls.
 // TODO(vadimt): Consider sending JS stacks for chrome.* API errors and
 // malformed server responses.
 
 /**
  * Standard response code for successful HTTP requests. This is the only success
  * code the server will send.
  */
 var HTTP_OK = 200;
 
+var HTTP_FORBIDDEN = 403;
+
 /**
  * Initial period for polling for Google Now Notifications cards to use when the
  * period from the server is not available.
  */
 var INITIAL_POLLING_PERIOD_SECONDS = 5 * 60;  // 5 minutes
 
 /**
  * Maximal period for polling for Google Now Notifications cards to use when the
  * period from the server is not available.
  */
@@ skipping 46 matching lines @@
     // send dismissals is scheduled.
     return true;
   }
 
   return false;
 }
 
 var tasks = buildTaskManager(areTasksConflicting);
 
 // Add error processing to API calls.
+tasks.instrumentApiFunction(chrome.identity, 'getAuthToken', 1);
+tasks.instrumentApiFunction(chrome.identity, 'removeCachedAuthToken', 1);
 tasks.instrumentApiFunction(chrome.location.onLocationUpdate, 'addListener', 0);
 tasks.instrumentApiFunction(chrome.notifications, 'create', 2);
 tasks.instrumentApiFunction(chrome.notifications, 'update', 2);
 tasks.instrumentApiFunction(chrome.notifications, 'getAll', 0);
 tasks.instrumentApiFunction(
     chrome.notifications.onButtonClicked, 'addListener', 0);
 tasks.instrumentApiFunction(chrome.notifications.onClicked, 'addListener', 0);
 tasks.instrumentApiFunction(chrome.notifications.onClosed, 'addListener', 0);
 tasks.instrumentApiFunction(chrome.runtime.onInstalled, 'addListener', 0);
 tasks.instrumentApiFunction(chrome.runtime.onStartup, 'addListener', 0);
@@ skipping 37 matching lines @@
     type: 'histogram-linear',
     min: 1,
     max: DiagnosticEvent.EVENTS_TOTAL,
     buckets: DiagnosticEvent.EVENTS_TOTAL + 1
   };
 
   chrome.metricsPrivate.recordValue(metricDescription, event);
 }
 
 /**
+ * Adds authorization behavior to the request.
+ * @param {XMLHttpRequest} request Server request.
+ * @param {function(boolean)} callbackBoolean Completion callback with 'success'
+ *     parameter.
+ */
+function setAuthorization(request, callbackBoolean) {
+  tasks.debugSetStepName('setAuthorization-getAuthToken');
+  chrome.identity.getAuthToken({interactive: false}, function(token) {
+    var errorMessage =
+        chrome.runtime.lastError && chrome.runtime.lastError.message;
+    console.log('setAuthorization: error=' + errorMessage + ', token=' + token);

[rgustafson, 2013/06/19 00:56:51]

Does adding the token onto this log really help? It seems a bit sketchy since
that is someone's authentication... "copy your log" now turned into "give me
your credentials" :/

[vadimt, 2013/06/19 01:38:07]

Done.

+    if (chrome.runtime.lastError || !token) {
+      callbackBoolean(false);
+      return;
+    }
+
+    request.setRequestHeader('Authorization', 'Bearer ' + token);
+
+    // Instrument onloadend to remove stale auth tokens.
+    var originalOnLoadEnd = request.onloadend;
+    request.onloadend = tasks.wrapCallback(function(event) {
+      if (request.status == HTTP_FORBIDDEN) {

[rgustafson, 2013/06/19 00:56:51]

Could we also handle 401 unauthorized here? It would make me feel much safer
against unexpected changes for the small amount of code it adds.

[vadimt, 2013/06/19 01:38:07]

Done.

[skare_, 2013/06/19 05:21:23]

half-curiosity -- have you seen "forbidden" in practice?
I'm not up to speed with the project-level oauth stuff but IIRC 401 unauthorized
is bad creds that could be fixed by refreshing them, whereas 403 can mean the
authentication itself was successful but the user isn't allowed to perform the
operation in question.

[rgustafson, 2013/06/19 18:39:10]

The server should only be involved in the revoked access cases. The actual 401
unauthorized cases (ie not signed into Chrome) should be covered by failures in
getAuthToken.

+        tasks.debugSetStepName('setAuthorization-removeCachedAuthToken');
+        chrome.identity.removeCachedAuthToken({token: token}, function() {
+          // After purging the token cache, call getAuthToken() again to let
+          // Chrome know about the problem with the token.
+          chrome.identity.getAuthToken({interactive: false}, function() {});
+          originalOnLoadEnd(event);
+        });
+      } else {
+        originalOnLoadEnd(event);
+      }
+    });
+
+    callbackBoolean(true);
+  });
+}
+
+/**
  * Shows a notification and remembers information associated with it.
  * @param {Object} card Google Now card represented as a set of parameters for
  *     showing a Chrome notification.
  * @param {Object} notificationsData Map from notification id to the data
  *     associated with a notification.
  * @param {number=} opt_previousVersion The version of the shown card with this
  *     id, if it exists, undefined otherwise.
  */
 function showNotification(card, notificationsData, opt_previousVersion) {
   console.log('showNotification ' + JSON.stringify(card) + ' ' +
@@ skipping 168 matching lines @@
   }
 
   recordEvent(DiagnosticEvent.REQUEST_FOR_CARDS_TOTAL);
 
   // TODO(vadimt): Should we use 'q' as the parameter name?
   var requestParameters =
       'q=' + position.coords.latitude +
       ',' + position.coords.longitude +
       ',' + position.coords.accuracy;
 
-  // TODO(vadimt): Figure out how to send user's identity to the server.
   var request = buildServerRequest('notifications');
 
-  request.onloadend = tasks.wrapCallback(function(event) {
+  request.onloadend = function(event) {
     console.log('requestNotificationCards-onloadend ' + request.status);
     if (request.status == HTTP_OK) {
       recordEvent(DiagnosticEvent.REQUEST_FOR_CARDS_SUCCESS);
       parseAndShowNotificationCards(request.response, callback);
     } else {
       callback();
     }
+  };
+
+  setAuthorization(request, function(success) {
+    if (success) {
+      tasks.debugSetStepName('requestNotificationCards-send-request');
+      request.send(requestParameters);
+    } else {
+      callback();
+    }
   });
-
-  tasks.debugSetStepName('requestNotificationCards-send-request');
-  request.send(requestParameters);
 }
 
 /**
  * Starts getting location for a cards update.
  */
 function requestLocation() {
   console.log('requestLocation');
   recordEvent(DiagnosticEvent.LOCATION_REQUEST);
   // TODO(vadimt): Figure out location request options.
   chrome.location.watchLocation(LOCATION_WATCH_NAME, {});
@@ skipping 33 matching lines @@
  */
 function requestCardDismissal(
     notificationId, dismissalTimeMs, callbackBoolean) {
   console.log('requestDismissingCard ' + notificationId + ' from ' +
       NOTIFICATION_CARDS_URL);
   recordEvent(DiagnosticEvent.DISMISS_REQUEST_TOTAL);
   // Send a dismiss request to the server.
   var requestParameters = 'id=' + notificationId +
                           '&dismissalAge=' + (Date.now() - dismissalTimeMs);
   var request = buildServerRequest('dismiss');
-  request.onloadend = tasks.wrapCallback(function(event) {
+  request.onloadend = function(event) {
     console.log('requestDismissingCard-onloadend ' + request.status);
     if (request.status == HTTP_OK)
       recordEvent(DiagnosticEvent.DISMISS_REQUEST_SUCCESS);
 
     callbackBoolean(request.status == HTTP_OK);
+  };
+
+  setAuthorization(request, function(success) {
+    if (success) {
+      tasks.debugSetStepName('requestCardDismissal-send-request');
+      request.send(requestParameters);
+    } else {
+      callbackBoolean(false);
+    }
   });
-
-  tasks.debugSetStepName('requestCardDismissal-send-request');
-  request.send(requestParameters);
 }
 
 /**
  * Tries to send dismiss requests for all pending dismissals.
  * @param {function(boolean)} callbackBoolean Completion callback with 'success'
  *     parameter. Success means that no pending dismissals are left.
  */
 function processPendingDismissals(callbackBoolean) {
   tasks.debugSetStepName('processPendingDismissals-storage-get');
   storage.get(['pendingDismissals', 'recentDismissals'], function(items) {
@@ skipping 169 matching lines @@
 
 chrome.location.onLocationUpdate.addListener(function(position) {
   recordEvent(DiagnosticEvent.LOCATION_UPDATE);
   updateNotificationsCards(position);
 });
 
 chrome.omnibox.onInputEntered.addListener(function(text) {
   localStorage['server_url'] = NOTIFICATION_CARDS_URL = text;
   initialize();
 });