Convert SigninTracker to use OAuth2TokenService notifications

chrome/browser/signin/profile_oauth2_token_service.cc

Index: chrome/browser/signin/profile_oauth2_token_service.cc
diff --git a/chrome/browser/signin/profile_oauth2_token_service.cc b/chrome/browser/signin/profile_oauth2_token_service.cc
index 1687b33ef6c8e637b13d75deb8c981d0331e215b..ecdba8bf008b694dafeaed44dcc2240b2a2326ee 100644
--- a/chrome/browser/signin/profile_oauth2_token_service.cc
+++ b/chrome/browser/signin/profile_oauth2_token_service.cc
@@ -122,6 +122,11 @@ void ProfileOAuth2TokenService::UpdateAuthError(
   if (error.state() != last_auth_error_.state()) {
     last_auth_error_ = error;
     signin_global_error_->AuthStatusChanged();
+
+    if (last_auth_error_.state() ==
+        GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS) {
+      RevokeCredentials(GetAccountId(profile_));

[Andrew T Wilson (Slow), 2013/08/30 09:03:33]

Still extremely nervous about this. Are you sure we want to do this? I'm
officially not participating in any code reds from 100% of our users getting
their oauth tokens revoked due to some buggy server push :-P

[Roger Tawa OOO till Jul 10th, 2013/08/30 15:55:40]

Yeah, me too.  Changed to no longe revoke and check last error in
RefreshTokenIsAvailable().

+    }
   }
 }
 
@@ -244,6 +249,15 @@ void ProfileOAuth2TokenService::RevokeCredentials(
 
     // TODO(fgorski): Notify diagnostic observers.
   }
+
+  // Remove the token from TokenService if this corresponds to the connected
+  // account.
+  if (account_id == GetAccountId(profile_)) {
+    TokenService* token_service =
+        TokenServiceFactory::GetForProfile(profile_);
+    token_service->ClearOAuth2Credentials();
+    DCHECK(!token_service->HasOAuthLoginToken());
+  }
 }
 
 void ProfileOAuth2TokenService::RevokeAllCredentials() {