Add enterprise enrollment support for fake users.

chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/policy/policy_oauth2_token_fetcher.h"
 
 #include <vector>
 
 #include "base/bind.h"
 #include "base/logging.h"
@@ skipping 11 matching lines @@
 namespace policy {
 
 namespace {
 
 // Max retry count for token fetching requests.
 const int kMaxRequestAttemptCount = 5;
 
 // OAuth token request retry delay in milliseconds.
 const int kRequestRestartDelay = 3000;
 
-}  // namespace
+class PolicyOAuth2TokenFetcherImpl
+    : public PolicyOAuth2TokenFetcher,
+      public base::SupportsWeakPtr<PolicyOAuth2TokenFetcherImpl>,

[achuithb, 2016/03/08 08:11:44]

switch to using WeakPtrFactory instead.

[jdufault, 2016/03/08 21:37:08]

Done.

+      public GaiaAuthConsumer,
+      public OAuth2AccessTokenConsumer {
+ public:
+  PolicyOAuth2TokenFetcherImpl();
+  ~PolicyOAuth2TokenFetcherImpl() override;

[achuithb, 2016/03/08 08:11:44]

protected ctor + dtor?

[jdufault, 2016/03/08 21:37:08]

ctor needs to be public so the base class can instantiate the instance
(alternatively, we can make PolicyOAuth2TokenFetcher a friend class). The dtor
can be private, but I kept it public for consistency.

[achuithb, 2016/03/08 22:13:26]

Acknowledged.

 
-PolicyOAuth2TokenFetcher::PolicyOAuth2TokenFetcher() {
-}
+  // Fetches the device management service's oauth2 token. This may be fetched

[achuithb, 2016/03/08 08:11:44]

don't need this comment, but you need
// PolicyOauth2TokenFetcher overrides.

[jdufault, 2016/03/08 21:37:08]

Done.

+  // via signin context, auth code, or oauth2 refresh token.
+  void StartWithSigninContext(

[achuithb, 2016/03/08 08:11:44]

make the overriden methods private?

[jdufault, 2016/03/08 21:37:08]

Done.

+      net::URLRequestContextGetter* auth_context_getter,
+      net::URLRequestContextGetter* system_context_getter,
+      const TokenCallback& callback) override;
+  void StartWithAuthCode(const std::string& auth_code,
+                         net::URLRequestContextGetter* system_context_getter,
+                         const TokenCallback& callback) override;
+  void StartWithRefreshToken(
+      const std::string& oauth2_refresh_token,
+      net::URLRequestContextGetter* system_context_getter,
+      const TokenCallback& callback) override;
 
-PolicyOAuth2TokenFetcher::~PolicyOAuth2TokenFetcher() {
-}
+  // Returns true if we have previously attempted to fetch tokens with this
+  // class and failed.
+  bool failed() const override { return failed_; }
 
-void PolicyOAuth2TokenFetcher::StartWithSigninContext(
+  const std::string& oauth2_refresh_token() const override {
+    return oauth2_refresh_token_;
+  }
+  const std::string& oauth2_access_token() const override {
+    return oauth2_access_token_;
+  }
+
+ private:
+  // GaiaAuthConsumer overrides.
+  void OnClientOAuthSuccess(
+      const GaiaAuthConsumer::ClientOAuthResult& oauth_tokens) override;
+  void OnClientOAuthFailure(const GoogleServiceAuthError& error) override;
+
+  // OAuth2AccessTokenConsumer overrides.
+  void OnGetTokenSuccess(const std::string& access_token,
+                         const base::Time& expiration_time) override;
+  void OnGetTokenFailure(const GoogleServiceAuthError& error) override;
+
+  // Starts fetching OAuth2 refresh token.
+  void StartFetchingRefreshToken();
+
+  // Starts fetching OAuth2 access token for the device management service.
+  void StartFetchingAccessToken();
+
+  // Decides how to proceed on GAIA |error|. If the error looks temporary,
+  // retries |task| until max retry count is reached.
+  // If retry count runs out, or error condition is unrecoverable, it calls
+  // Delegate::OnOAuth2TokenFetchFailed().
+  void RetryOnError(const GoogleServiceAuthError& error,
+                    const base::Closure& task);
+
+  // Passes |token| and |error| to the |callback_|.
+  void ForwardPolicyToken(const std::string& token,
+                          const GoogleServiceAuthError& error);
+
+  // Auth code which is used to retreive a refresh token.
+  std::string auth_code_;
+
+  scoped_refptr<net::URLRequestContextGetter> auth_context_getter_;
+  scoped_refptr<net::URLRequestContextGetter> system_context_getter_;
+  scoped_ptr<GaiaAuthFetcher> refresh_token_fetcher_;
+  scoped_ptr<OAuth2AccessTokenFetcher> access_token_fetcher_;
+
+  // OAuth2 refresh token. Could come either from the outside or through
+  // refresh token fetching flow within this class.
+  std::string oauth2_refresh_token_;
+
+  // OAuth2 access token.
+  std::string oauth2_access_token_;
+
+  // The retry counter. Increment this only when failure happened.
+  int retry_count_ = 0;
+
+  // True if we have already failed to fetch the policy.
+  bool failed_ = false;
+
+  // The callback to invoke when done.
+  TokenCallback callback_;
+
+  DISALLOW_COPY_AND_ASSIGN(PolicyOAuth2TokenFetcherImpl);
+};
+
+PolicyOAuth2TokenFetcherImpl::PolicyOAuth2TokenFetcherImpl() {}
+
+PolicyOAuth2TokenFetcherImpl::~PolicyOAuth2TokenFetcherImpl() {}
+
+void PolicyOAuth2TokenFetcherImpl::StartWithSigninContext(
     net::URLRequestContextGetter* auth_context_getter,
     net::URLRequestContextGetter* system_context_getter,
     const TokenCallback& callback) {
   DCHECK(!refresh_token_fetcher_ && !access_token_fetcher_);
 
   auth_context_getter_ = auth_context_getter;
   system_context_getter_ = system_context_getter;
   callback_ = callback;
+
   StartFetchingRefreshToken();
 }
 
-void PolicyOAuth2TokenFetcher::StartWithAuthCode(
+void PolicyOAuth2TokenFetcherImpl::StartWithAuthCode(
     const std::string& auth_code,
     net::URLRequestContextGetter* system_context_getter,
     const TokenCallback& callback) {
   DCHECK(!refresh_token_fetcher_ && !access_token_fetcher_);
 
   auth_code_ = auth_code;
   system_context_getter_ = system_context_getter;
   callback_ = callback;
+
   StartFetchingRefreshToken();
 }
 
-void PolicyOAuth2TokenFetcher::StartWithRefreshToken(
+void PolicyOAuth2TokenFetcherImpl::StartWithRefreshToken(
     const std::string& oauth2_refresh_token,
     net::URLRequestContextGetter* system_context_getter,
     const TokenCallback& callback) {
   DCHECK(!refresh_token_fetcher_ && !access_token_fetcher_);
 
   oauth2_refresh_token_ = oauth2_refresh_token;
   system_context_getter_ = system_context_getter;
   callback_ = callback;
+
   StartFetchingAccessToken();
 }
 
-void PolicyOAuth2TokenFetcher::StartFetchingRefreshToken() {
+void PolicyOAuth2TokenFetcherImpl::StartFetchingRefreshToken() {
   if (auth_code_.empty()) {
     refresh_token_fetcher_.reset(new GaiaAuthFetcher(
         this, GaiaConstants::kChromeSource, auth_context_getter_.get()));
     refresh_token_fetcher_->StartCookieForOAuthLoginTokenExchange(
         std::string());
   } else {
     refresh_token_fetcher_.reset(new GaiaAuthFetcher(
         this, GaiaConstants::kChromeSource, system_context_getter_.get()));
     refresh_token_fetcher_->StartAuthCodeForOAuth2TokenExchange(auth_code_);
   }
 }
 
-void PolicyOAuth2TokenFetcher::StartFetchingAccessToken() {
+void PolicyOAuth2TokenFetcherImpl::StartFetchingAccessToken() {
   std::vector<std::string> scopes;
   scopes.push_back(GaiaConstants::kDeviceManagementServiceOAuth);
   scopes.push_back(GaiaConstants::kOAuthWrapBridgeUserInfoScope);
   access_token_fetcher_.reset(
       new OAuth2AccessTokenFetcherImpl(this,
                                        system_context_getter_.get(),
                                        oauth2_refresh_token_));
   access_token_fetcher_->Start(
       GaiaUrls::GetInstance()->oauth2_chrome_client_id(),
       GaiaUrls::GetInstance()->oauth2_chrome_client_secret(),
       scopes);
 }
 
-void PolicyOAuth2TokenFetcher::OnClientOAuthSuccess(
+void PolicyOAuth2TokenFetcherImpl::OnClientOAuthSuccess(
     const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens) {
   VLOG(1) << "OAuth2 tokens for policy fetching succeeded.";
   oauth2_refresh_token_ = oauth2_tokens.refresh_token;
   retry_count_ = 0;
   StartFetchingAccessToken();
 }
 
-void PolicyOAuth2TokenFetcher::OnClientOAuthFailure(
+void PolicyOAuth2TokenFetcherImpl::OnClientOAuthFailure(
     const GoogleServiceAuthError& error) {
   VLOG(1) << "OAuth2 tokens fetch for policy fetch failed! (error = "
           << error.state() << ")";
-  RetryOnError(error,
-               base::Bind(&PolicyOAuth2TokenFetcher::StartFetchingRefreshToken,
-                          AsWeakPtr()));
+  RetryOnError(
+      error,
+      base::Bind(&PolicyOAuth2TokenFetcherImpl::StartFetchingRefreshToken,
+                 AsWeakPtr()));
 }
 
-void PolicyOAuth2TokenFetcher::OnGetTokenSuccess(
+void PolicyOAuth2TokenFetcherImpl::OnGetTokenSuccess(
     const std::string& access_token,
     const base::Time& expiration_time) {
   VLOG(1) << "OAuth2 access token (device management) fetching succeeded.";
   oauth2_access_token_ = access_token;
   ForwardPolicyToken(access_token,
                      GoogleServiceAuthError(GoogleServiceAuthError::NONE));
 }
 
-void PolicyOAuth2TokenFetcher::OnGetTokenFailure(
+void PolicyOAuth2TokenFetcherImpl::OnGetTokenFailure(
     const GoogleServiceAuthError& error) {
   LOG(ERROR) << "OAuth2 access token (device management) fetching failed!";
-  RetryOnError(error,
-               base::Bind(&PolicyOAuth2TokenFetcher::StartFetchingAccessToken,
-                          AsWeakPtr()));
+  RetryOnError(
+      error, base::Bind(&PolicyOAuth2TokenFetcherImpl::StartFetchingAccessToken,
+                        AsWeakPtr()));
 }
 
-void PolicyOAuth2TokenFetcher::RetryOnError(const GoogleServiceAuthError& error,
-                                            const base::Closure& task) {
+void PolicyOAuth2TokenFetcherImpl::RetryOnError(
+    const GoogleServiceAuthError& error,
+    const base::Closure& task) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
   if (error.IsTransientError() && retry_count_ < kMaxRequestAttemptCount) {
     retry_count_++;
     BrowserThread::PostDelayedTask(
         BrowserThread::UI, FROM_HERE, task,
         base::TimeDelta::FromMilliseconds(kRequestRestartDelay));
     return;
   }
   LOG(ERROR) << "Unrecoverable error or retry count max reached.";
   failed_ = true;
   // Invoking the |callback_| signals to the owner of this object that it has
   // completed, and the owner may delete this object on the callback method.
   // So don't rely on |this| still being valid after ForwardPolicyToken()
   // returns i.e. don't write to |failed_| or other fields.
   ForwardPolicyToken(std::string(), error);
 }
 
-void PolicyOAuth2TokenFetcher::ForwardPolicyToken(
+void PolicyOAuth2TokenFetcherImpl::ForwardPolicyToken(
     const std::string& token,
     const GoogleServiceAuthError& error) {
   if (!callback_.is_null())
     callback_.Run(token, error);
 }
 
+// Fake token fetcher that immediately returns tokens without making network
+// requests.
+class PolicyOAuth2TokenFetcherFake : public PolicyOAuth2TokenFetcher {
+ public:
+  PolicyOAuth2TokenFetcherFake() {}
+  ~PolicyOAuth2TokenFetcherFake() override {}

[achuithb, 2016/03/08 08:11:44]

make ctor/dtor protected

[jdufault, 2016/03/08 21:37:08]

See previous comment.

[achuithb, 2016/03/08 22:13:26]

Acknowledged.

+
+  void StartWithSigninContext(

[achuithb, 2016/03/08 08:11:44]

Make all the rest private

[jdufault, 2016/03/08 21:37:08]

Done.

+      net::URLRequestContextGetter* auth_context_getter,
+      net::URLRequestContextGetter* system_context_getter,
+      const TokenCallback& callback) override {
+    ForwardPolicyToken(callback);
+  }
+
+  void StartWithAuthCode(const std::string& auth_code,
+                         net::URLRequestContextGetter* system_context_getter,
+                         const TokenCallback& callback) override {
+    ForwardPolicyToken(callback);
+  }
+
+  void StartWithRefreshToken(
+      const std::string& oauth2_refresh_token,
+      net::URLRequestContextGetter* system_context_getter,
+      const TokenCallback& callback) override {
+    ForwardPolicyToken(callback);
+  }
+
+  bool failed() const override { return false; }
+  const std::string& oauth2_refresh_token() const override {
+    return refresh_token_;
+  }
+  const std::string& oauth2_access_token() const override {
+    return access_token_;
+  }
+
+ private:
+  std::string refresh_token_ = "fake_refresh_token";
+  std::string access_token_ = "fake_access_token";
+
+  void ForwardPolicyToken(const TokenCallback& callback) {

[achuithb, 2016/03/08 08:11:44]

methods should precede data members, so this should move up in the private
section

[jdufault, 2016/03/08 21:37:08]

Done.

+    if (!callback.is_null())
+      callback.Run(access_token_, GoogleServiceAuthError::AuthErrorNone());
+  }
+};

[achuithb, 2016/03/08 08:11:44]

DISABLE_COPY_AND_ASSIGN

[jdufault, 2016/03/08 21:37:08]

Done.

+
+}  // namespace
+
+// static
+bool PolicyOAuth2TokenFetcher::use_fake_tokens_for_testing_ = false;

[achuithb, 2016/03/08 08:11:44]

move this to anon namespace?

[jdufault, 2016/03/08 21:37:08]

Done.

+
+// static
+void PolicyOAuth2TokenFetcher::UseFakeTokensForTesting() {
+  use_fake_tokens_for_testing_ = true;
+}
+
+// static
+PolicyOAuth2TokenFetcher* PolicyOAuth2TokenFetcher::CreateInstance() {
+  if (use_fake_tokens_for_testing_)
+    return new PolicyOAuth2TokenFetcherFake();
+  return new PolicyOAuth2TokenFetcherImpl();
+}
+
+PolicyOAuth2TokenFetcher::PolicyOAuth2TokenFetcher() {}
+
+PolicyOAuth2TokenFetcher::~PolicyOAuth2TokenFetcher() {}
+
 }  // namespace policy