Chromium Code Reviews Chromium Code Reviews
Issue 2121083004:
Upstream ProfileOAuth2TokenServiceProviderImpl. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "ios/chrome/browser/signin/profile_oauth2_token_service_ios_provider_im pl.h" | |
| 6 | |
| 7 #include "base/logging.h" | |
| 8 #include "base/strings/sys_string_conversions.h" | |
| 9 #include "ios/chrome/browser/signin/constants.h" | |
| 10 #include "ios/chrome/browser/signin/signin_util.h" | |
| 11 #import "ios/public/provider/chrome/browser/chrome_browser_provider.h" | |
| 12 #import "ios/public/provider/chrome/browser/signin/chrome_identity.h" | |
| 13 #include "ios/public/provider/chrome/browser/signin/chrome_identity_service.h" | |
| 14 #include "ios/public/provider/chrome/browser/signin/signin_error_provider.h" | |
| 15 | |
| 16 namespace { | |
| 17 // Returns the account info for |identity|. | |
| 18 // Returns an empty account info if |identity| is nil. | |
| 19 ProfileOAuth2TokenServiceIOSProvider::AccountInfo GetAccountInfo( | |
| 20 ChromeIdentity* identity) { | |
| 21 ProfileOAuth2TokenServiceIOSProvider::AccountInfo account_info; | |
| 22 if (identity) { | |
| 23 account_info.gaia = base::SysNSStringToUTF8([identity gaiaID]); | |
| 24 account_info.email = GetCanonicalizedEmailForIdentity(identity); | |
| 25 } | |
| 26 return account_info; | |
| 27 } | |
| 28 } | |
| 29 | |
| 30 ProfileOAuth2TokenServiceIOSProviderImpl:: | |
| 31 ProfileOAuth2TokenServiceIOSProviderImpl() {} | |
| 32 | |
| 33 ProfileOAuth2TokenServiceIOSProviderImpl:: | |
| 34 ~ProfileOAuth2TokenServiceIOSProviderImpl() {} | |
| 35 | |
| 36 void ProfileOAuth2TokenServiceIOSProviderImpl::GetAccessToken( | |
| 37 const std::string& gaia_id, | |
| 38 const std::string& client_id, | |
| 39 const std::string& client_secret, | |
| 40 const std::set<std::string>& scopes, | |
| 41 const AccessTokenCallback& callback) { | |
| 42 AccessTokenCallback scoped_callback = callback; | |
| 43 ios::ChromeIdentityService* identity_service = | |
| 44 ios::GetChromeBrowserProvider()->GetChromeIdentityService(); | |
| 45 identity_service->GetAccessToken( | |
| 46 identity_service->GetIdentityWithGaiaID(gaia_id), client_id, | |
| 47 client_secret, scopes, | |
| 48 ^(NSString* token, NSDate* expiration, NSError* error) { | |
| 49 if (!scoped_callback.is_null()) | |
| 50 scoped_callback.Run(token, expiration, error); | |
| 51 }); | |
| 52 } | |
| 53 | |
| 54 std::vector<ProfileOAuth2TokenServiceIOSProvider::AccountInfo> | |
| 55 ProfileOAuth2TokenServiceIOSProviderImpl::GetAllAccounts() const { | |
| 56 std::vector<AccountInfo> accounts; | |
| 57 NSArray* identities = ios::GetChromeBrowserProvider() | |
| 58 ->GetChromeIdentityService() | |
| 59 ->GetAllIdentities(); | |
| 60 for (ChromeIdentity* identity in identities) { | |
|
sdefresne
2016/07/06 08:43:28
nit: {} are optional here
bzanotti
2016/07/06 11:02:21
Acknowledged.
| |
| 61 accounts.push_back(GetAccountInfo(identity)); | |
| 62 } | |
| 63 return accounts; | |
| 64 } | |
| 65 | |
| 66 AuthenticationErrorCategory | |
| 67 ProfileOAuth2TokenServiceIOSProviderImpl::GetAuthenticationErrorCategory( | |
| 68 const std::string& gaia_id, | |
| 69 NSError* error) const { | |
| 70 DCHECK(error); | |
| 71 if ([error.domain isEqualToString:kAuthenticationErrorDomain] && | |
| 72 error.code == NO_AUTHENTICATED_USER) { | |
| 73 return kAuthenticationErrorCategoryUnknownIdentityErrors; | |
| 74 } | |
| 75 | |
| 76 ios::ChromeIdentityService* identity_service = | |
| 77 ios::GetChromeBrowserProvider()->GetChromeIdentityService(); | |
| 78 if (identity_service->IsMDMError( | |
| 79 identity_service->GetIdentityWithGaiaID(gaia_id), error)) { | |
| 80 return kAuthenticationErrorCategoryAuthorizationErrors; | |
| 81 } | |
| 82 | |
| 83 ios::SigninErrorCategory error_category = | |
| 84 ios::GetSigninErrorProvider()->GetErrorCategory(error); | |
| 85 switch (error_category) { | |
| 86 case ios::SigninErrorCategory::UNKNOWN_ERROR: { | |
| 87 // Google's OAuth 2 implementation returns a 400 with JSON body | |
| 88 // containing error key "invalid_grant" to indicate the refresh token | |
| 89 // is invalid or has been revoked by the user. | |
| 90 // Check that the underlying library does not categorize these errors as | |
| 91 // unknown. | |
| 92 NSString* json_error_key = | |
| 93 ios::GetSigninErrorProvider()->GetInvalidGrantJsonErrorKey(); | |
| 94 DCHECK(!ios::GetSigninErrorProvider()->IsBadRequest(error) || | |
| 95 ![[[error userInfo] valueForKeyPath:@"json.error"] | |
| 96 isEqual:json_error_key]); | |
| 97 return kAuthenticationErrorCategoryUnknownErrors; | |
| 98 } | |
| 99 case ios::SigninErrorCategory::AUTHORIZATION_ERROR: | |
| 100 if (ios::GetSigninErrorProvider()->IsForbidden(error)) { | |
|
sdefresne
2016/07/06 08:43:29
nit: {} are optional here
bzanotti
2016/07/06 11:02:21
Acknowledged.
| |
| 101 return kAuthenticationErrorCategoryAuthorizationForbiddenErrors; | |
| 102 } else { | |
|
sdefresne
2016/07/06 08:43:28
style: no "else" after "return"
bzanotti
2016/07/06 11:02:21
Done.
| |
| 103 return kAuthenticationErrorCategoryAuthorizationErrors; | |
| 104 } | |
| 105 case ios::SigninErrorCategory::NETWORK_ERROR: | |
| 106 return kAuthenticationErrorCategoryNetworkServerErrors; | |
| 107 case ios::SigninErrorCategory::USER_CANCELLATION_ERROR: | |
| 108 return kAuthenticationErrorCategoryUserCancellationErrors; | |
| 109 } | |
| 110 } | |
| OLD | NEW |
