Chromium Code Reviews Chromium Code Reviews
Issue 226643012:
Upstream iOS implementation of ProfileOAuth2TokenService (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| 6 #define COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/threading/thread_checker.h" | |
| 11 #include "components/signin/core/browser/mutable_profile_oauth2_token_service.h" | |
| 12 | |
| 13 class OAuth2AccessTokenFetcher; | |
| 14 | |
| 15 namespace ios{ | |
| 16 class ProfileOAuth2TokenServiceIOSProvider; | |
| 17 } | |
| 18 | |
| 19 // A specialization of ProfileOAuth2TokenService for OS_IOS. It fetches access | |
| 20 // tokens from the SSOAuth library if the user is signed in using shared | |
| 21 // authentication or defaults to the parent class | |
| 22 // |MutableProfileOAuth2TokenService| for pre-SSO signed in users. | |
| 23 // | |
| 24 // See |ProfileOAuth2TokenService| for usage details. | |
| 25 class ProfileOAuth2TokenServiceIOS : public MutableProfileOAuth2TokenService { | |
| 26 public: | |
| 27 virtual ~ProfileOAuth2TokenServiceIOS(); | |
| 28 | |
| 29 // KeyedService | |
| 30 virtual void Shutdown() OVERRIDE; | |
| 31 | |
| 32 // OAuth2TokenService | |
| 33 virtual bool RefreshTokenIsAvailable( | |
| 34 const std::string& account_id) const OVERRIDE; | |
| 35 | |
| 36 virtual void InvalidateOAuth2Token(const std::string& account_id, | |
| 37 const std::string& client_id, | |
| 38 const ScopeSet& scopes, | |
| 39 const std::string& access_token) OVERRIDE; | |
| 40 | |
| 41 // ProfileOAuth2TokenService | |
| 42 virtual void Initialize(SigninClient* client) OVERRIDE; | |
| 43 virtual void LoadCredentials(const std::string& primary_account_id) OVERRIDE; | |
| 44 virtual std::vector<std::string> GetAccounts() OVERRIDE; | |
| 45 virtual void UpdateAuthError(const std::string& account_id, | |
| 46 const GoogleServiceAuthError& error) OVERRIDE; | |
| 47 | |
| 48 // This method should not be called when using shared authentication. | |
| 49 virtual void UpdateCredentials(const std::string& account_id, | |
| 50 const std::string& refresh_token) OVERRIDE; | |
| 51 | |
| 52 // Removes all credentials from this instance of |ProfileOAuth2TokenService|, | |
| 53 // however, it does not revoke the identities from the device. | |
| 54 // Subsequent calls to |RefreshTokenIsAvailable| will return |false|. | |
| 55 virtual void RevokeAllCredentials() OVERRIDE; | |
| 56 | |
| 57 // Returns the refresh token for |account_id| . | |
| 58 // Must only be called when |ShouldUseIOSSharedAuthentication| returns false. | |
| 59 std::string GetRefreshTokenWhenNotUsingSharedAuthentication( | |
| 60 const std::string& account_id); | |
| 61 | |
| 62 // Reloads accounts from the provider. Fires |OnRefreshTokenAvailable| for | |
| 63 // each new account. Fires |OnRefreshTokenRevoked| for each account that was | |
| 64 // removed. | |
| 65 void ReloadCredentials(); | |
| 66 | |
| 67 // Upgrades to using shared authentication token service. | |
| 68 // | |
| 69 // Note: If this |ProfileOAuth2TokenServiceIOS| was using the legacy token | |
| 70 // service, then this call also revokes all tokens from the parent | |
| 71 // |MutableProfileOAuth2TokenService|. | |
| 72 void StartUsingSharedAuthentication(); | |
| 73 | |
| 74 // Sets |use_legacy_token_service_| to |use_legacy_token_service|. | |
| 75 // | |
| 76 // Should only be called for testing. | |
| 77 void SetUseLegacyTokenServiceForTesting(bool use_legacy_token_service); | |
| 78 | |
| 79 // Revokes the OAuth2 refresh tokens for all accounts from the parent | |
| 80 // |MutableProfileOAuth2TokenService|. | |
| 81 // | |
| 82 // Note: This method should only be called if the legacy pre-SSOAuth token | |
| 83 // service is used. | |
| 84 void ForceInvalidGrantResponses(); | |
| 85 | |
| 86 protected: | |
| 87 friend class ProfileOAuth2TokenServiceFactory; | |
| 88 | |
| 89 ProfileOAuth2TokenServiceIOS(); | |
| 90 | |
| 91 virtual OAuth2AccessTokenFetcher* CreateAccessTokenFetcher( | |
| 92 const std::string& account_id, | |
| 93 net::URLRequestContextGetter* getter, | |
| 94 OAuth2AccessTokenConsumer* consumer) OVERRIDE; | |
| 95 | |
| 96 // Protected and virtual to be overriden by fake for testing. | |
| 97 | |
| 98 // Adds |account_id| to |accounts_| if it does not exist or udpates | |
| 99 // the auth error state of |account_id| if it exists. Fires | |
| 100 // |OnRefreshTokenAvailable| if the account info is updated. | |
| 101 virtual void AddOrUpdateAccount(const std::string& account_id); | |
| 102 | |
| 103 // Removes |account_id| from |accounts_|. Fires |OnRefreshTokenRevoked| | |
| 104 // if the account info is removed. | |
| 105 virtual void RemoveAccount(const std::string& account_id); | |
| 106 | |
| 107 private: | |
| 108 class AccountInfo : public SigninErrorController::AuthStatusProvider { | |
| 109 public: | |
| 110 AccountInfo(ProfileOAuth2TokenService* token_service, | |
| 111 const std::string& account_id); | |
| 112 virtual ~AccountInfo(); | |
| 113 | |
| 114 void SetLastAuthError(const GoogleServiceAuthError& error); | |
| 115 | |
| 116 // SigninErrorController::AuthStatusProvider implementation. | |
| 117 virtual std::string GetAccountId() const OVERRIDE; | |
| 118 virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE; | |
| 119 | |
| 120 private: | |
| 121 ProfileOAuth2TokenService* token_service_; | |
| 122 std::string account_id_; | |
| 123 GoogleServiceAuthError last_auth_error_; | |
| 124 | |
| 125 DISALLOW_COPY_AND_ASSIGN(AccountInfo); | |
| 126 }; | |
|
Roger Tawa OOO till Jul 10th
2014/04/10 15:04:08
Is the only reason to duplicate this class here is
msarda
2014/04/10 15:13:36
You are pretty much true, but I think this is just
| |
| 127 | |
| 128 // Maps the |account_id| of accounts known to ProfileOAuth2TokenService | |
| 129 // to information about the account. | |
| 130 typedef std::map<std::string, linked_ptr<AccountInfo> > AccountInfoMap; | |
| 131 | |
| 132 // MutableProfileOAuth2TokenService | |
| 133 virtual std::string GetRefreshToken( | |
| 134 const std::string& account_id) const OVERRIDE; | |
| 135 | |
| 136 // Returns the iOS provider; | |
| 137 ios::ProfileOAuth2TokenServiceIOSProvider* GetProvider(); | |
| 138 | |
| 139 // Info about the existing accounts. | |
| 140 AccountInfoMap accounts_; | |
|
Roger Tawa OOO till Jul 10th
2014/04/10 15:04:08
Are all the following true?
|accounts_| is only us
msarda
2014/04/10 15:13:36
True.
| |
| 141 | |
| 142 // Calls to this class are expected to be made from the browser UI thread. | |
| 143 // The purpose of this this checker is to warn us if the upstream usage of | |
| 144 // ProfileOAuth2TokenService ever gets changed to have it be used across | |
| 145 // multiple threads. | |
| 146 base::ThreadChecker thread_checker_; | |
| 147 | |
| 148 // Whether to use the legacy pre-SSOAuth token service. | |
| 149 // | |
| 150 // |use_legacy_token_service_| is true iff the provider is not using shared | |
| 151 // authentication during |LoadCredentials|. Note that |LoadCredentials| is | |
| 152 // called exactly once after the PO2TS initialization iff the user is signed | |
| 153 // in. | |
| 154 // | |
| 155 // If |use_legacy_token_service_| is true, then this | |
| 156 // |ProfileOAuth2TokenServiceIOS| delegates all calls to the parent | |
| 157 // |MutableProfileOAuth2TokenService|. | |
| 158 bool use_legacy_token_service_; | |
| 159 | |
| 160 DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenServiceIOS); | |
| 161 }; | |
| 162 | |
| 163 #endif // COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_ | |
| OLD | NEW |
