Chromium Code Reviews Chromium Code Reviews
Issue 226643012:
Upstream iOS implementation of ProfileOAuth2TokenService (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| 6 #define COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/threading/thread_checker.h" | |
| 11 #include "components/signin/core/browser/mutable_profile_oauth2_token_service.h" | |
| 12 | |
| 13 class OAuth2AccessTokenFetcher; | |
| 14 | |
| 15 namespace ios{ | |
| 16 class ProfileOAuth2TokenServiceIOSProvider; | |
| 17 } | |
| 18 | |
| 19 // A specialization of ProfileOAuth2TokenService that will be returned by | |
| 20 // ProfileOAuth2TokenServiceFactory for OS_IOS when iOS authentication service | |
|
blundell
2014/04/10 13:47:43
nit: Change this comment to avoid mentioning the f
msarda
2014/04/10 13:57:22
Done.
| |
| 21 // is used to lookup OAuth2 tokens. | |
| 22 // | |
| 23 // See |ProfileOAuth2TokenService| for usage details. | |
| 24 // | |
| 25 // Note: Requests should be started from the UI thread. To start a | |
| 26 // request from aother thread, please use ProfileOAuth2TokenServiceRequest. | |
| 27 class ProfileOAuth2TokenServiceIOS : public MutableProfileOAuth2TokenService { | |
| 28 public: | |
| 29 virtual ~ProfileOAuth2TokenServiceIOS(); | |
| 30 | |
| 31 // KeyedService | |
| 32 virtual void Shutdown() OVERRIDE; | |
| 33 | |
| 34 // OAuth2TokenService | |
| 35 virtual bool RefreshTokenIsAvailable( | |
| 36 const std::string& account_id) const OVERRIDE; | |
| 37 | |
| 38 virtual void InvalidateOAuth2Token(const std::string& account_id, | |
| 39 const std::string& client_id, | |
| 40 const ScopeSet& scopes, | |
| 41 const std::string& access_token) OVERRIDE; | |
| 42 | |
| 43 // ProfileOAuth2TokenService | |
| 44 virtual void Initialize(SigninClient* client) OVERRIDE; | |
| 45 virtual void LoadCredentials(const std::string& primary_account_id) OVERRIDE; | |
| 46 virtual std::vector<std::string> GetAccounts() OVERRIDE; | |
| 47 virtual void UpdateAuthError(const std::string& account_id, | |
| 48 const GoogleServiceAuthError& error) OVERRIDE; | |
| 49 | |
| 50 // This method should not be called when using shared authentication. | |
| 51 virtual void UpdateCredentials(const std::string& account_id, | |
| 52 const std::string& refresh_token) OVERRIDE; | |
| 53 | |
| 54 // Removes all credentials from this instance of |ProfileOAuth2TokenService|, | |
| 55 // however, it does not revoke the identities from the device. | |
| 56 // Subsequent calls to |RefreshTokenIsAvailable| will return |false|. | |
| 57 virtual void RevokeAllCredentials() OVERRIDE; | |
| 58 | |
| 59 // Returns the refresh token for |account_id| . | |
| 60 // Must only be called when |ShouldUseIOSSharedAuthentication| returns false. | |
| 61 std::string GetRefreshTokenWhenNotUsingSharedAuthentication( | |
| 62 const std::string& account_id); | |
| 63 | |
| 64 // Reloads accounts from the provider. Fires |OnRefreshTokenAvailable| for | |
| 65 // each new account. Fires |OnRefreshTokenRevoked| for each account that was | |
| 66 // removed. | |
| 67 void ReloadCredentials(); | |
| 68 | |
| 69 // Upgrades to using shared authentication token service. | |
| 70 // | |
| 71 // Note: If this |ProfileOAuth2TokenServiceIOS| was using the legacy token | |
| 72 // service, then this call also revokes all tokens from the parent | |
| 73 // |MutableProfileOAuth2TokenService|. | |
| 74 void StartUsingSharedAuthentication(); | |
| 75 | |
| 76 // Sets |use_legacy_token_service_| to |use_legacy_token_service|. | |
| 77 // | |
| 78 // Should only be called for testing. | |
| 79 void SetUseLegacyTokenServiceForTesting(bool use_legacy_token_service); | |
| 80 | |
| 81 // Revokes the OAuth2 refresh tokens for all accounts from the parent | |
| 82 // |MutableProfileOAuth2TokenService|. | |
| 83 // | |
| 84 // Note: This method should only be called if the legacy pre-SSOAuth token | |
| 85 // service is used. | |
| 86 void ForceInvalidGrantResponses(); | |
| 87 | |
| 88 protected: | |
| 89 friend class ProfileOAuth2TokenServiceFactory; | |
| 90 | |
| 91 ProfileOAuth2TokenServiceIOS(); | |
| 92 | |
| 93 virtual OAuth2AccessTokenFetcher* CreateAccessTokenFetcher( | |
| 94 const std::string& account_id, | |
| 95 net::URLRequestContextGetter* getter, | |
| 96 OAuth2AccessTokenConsumer* consumer) OVERRIDE; | |
| 97 | |
| 98 // Protected and virtual to be overriden by fake for testing. | |
| 99 | |
| 100 // Adds |account_id| to |accounts_| if it does not exist or udpates | |
| 101 // the auth error state of |account_id| if it exists. Fires | |
| 102 // |OnRefreshTokenAvailable| if the account info is updated. | |
| 103 virtual void AddOrUpdateAccount(const std::string& account_id); | |
| 104 | |
| 105 // Removes |account_id| from |accounts_|. Fires |OnRefreshTokenRevoked| | |
| 106 // if the account info is removed. | |
| 107 virtual void RemoveAccount(const std::string& account_id); | |
| 108 | |
| 109 private: | |
| 110 class AccountInfo : public SigninErrorController::AuthStatusProvider { | |
| 111 public: | |
| 112 AccountInfo(ProfileOAuth2TokenService* token_service, | |
| 113 const std::string& account_id); | |
| 114 virtual ~AccountInfo(); | |
| 115 | |
| 116 void SetLastAuthError(const GoogleServiceAuthError& error); | |
| 117 | |
| 118 // SigninErrorController::AuthStatusProvider implementation. | |
| 119 virtual std::string GetAccountId() const OVERRIDE; | |
| 120 virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE; | |
| 121 | |
| 122 private: | |
| 123 ProfileOAuth2TokenService* token_service_; | |
| 124 std::string account_id_; | |
| 125 GoogleServiceAuthError last_auth_error_; | |
| 126 | |
| 127 DISALLOW_COPY_AND_ASSIGN(AccountInfo); | |
| 128 }; | |
| 129 | |
| 130 // Maps the |account_id| of accounts known to ProfileOAuth2TokenService | |
| 131 // to information about the account. | |
| 132 typedef std::map<std::string, linked_ptr<AccountInfo> > AccountInfoMap; | |
| 133 | |
| 134 // MutableProfileOAuth2TokenService | |
| 135 virtual std::string GetRefreshToken( | |
| 136 const std::string& account_id) const OVERRIDE; | |
| 137 | |
| 138 // Returns the iOS provider; | |
| 139 ios::ProfileOAuth2TokenServiceIOSProvider* GetProvider(); | |
| 140 | |
| 141 // Info about the existing accounts. | |
| 142 AccountInfoMap accounts_; | |
| 143 | |
| 144 // Calls to this class are expected to be made from the browser UI thread. | |
| 145 // The purpose of this this checker is to warn us if the upstream usage of | |
| 146 // ProfileOAuth2TokenService ever gets changed to have it be used across | |
| 147 // multiple threads. | |
| 148 base::ThreadChecker thread_checker_; | |
| 149 | |
| 150 // Whether to use the legacy pre-SSOAuth token service. | |
| 151 // | |
| 152 // |use_legacy_token_service_| is true iff the provider is not using shared | |
| 153 // authentication during |LoadCredentials|. Note that |LoadCredentials| is | |
| 154 // called exactly once after the PO2TS initialization iff the user is signed | |
| 155 // in. | |
| 156 // | |
| 157 // If |use_legacy_token_service_| is true, then this | |
| 158 // |ProfileOAuth2TokenServiceIOS| delegates all calls to the parent | |
| 159 // |MutableProfileOAuth2TokenService|. | |
| 160 bool use_legacy_token_service_; | |
| 161 | |
| 162 DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenServiceIOS); | |
| 163 }; | |
| 164 | |
| 165 #endif // COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| OLD | NEW |
