Making OAuth2TokenService multi-login aware, updating callers, minor fixes

google_apis/gaia/oauth2_token_service.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "google_apis/gaia/oauth2_token_service.h"
 
 #include <vector>
 
 #include "base/bind.h"
 #include "base/memory/weak_ptr.h"
 #include "base/message_loop/message_loop.h"
 #include "base/rand_util.h"
 #include "base/stl_util.h"
 #include "base/time/time.h"
 #include "base/timer/timer.h"
 #include "google_apis/gaia/gaia_urls.h"
 #include "google_apis/gaia/google_service_auth_error.h"
 #include "net/url_request/url_request_context_getter.h"
 
 int OAuth2TokenService::max_fetch_retry_num_ = 5;
 
-OAuth2TokenService::ClientScopeSet::ClientScopeSet(
-    const std::string& client_id,
-    const ScopeSet& scopes)
-    : client_id(client_id),
-      scopes(scopes) {
-}
-
-OAuth2TokenService::ClientScopeSet::~ClientScopeSet() {
-}
-
-bool OAuth2TokenService::ClientScopeSet::operator<(
-    const ClientScopeSet& s) const {
-  if (client_id < s.client_id)
-    return true;
-  else if (s.client_id < client_id)
-    return false;
-
-  return scopes < s.scopes;
-}
-
-OAuth2TokenService::FetchParameters::FetchParameters(
+OAuth2TokenService::RequestParameters::RequestParameters(
     const std::string& client_id,
     const std::string& refresh_token,
     const ScopeSet& scopes)
     : client_id(client_id),
       refresh_token(refresh_token),
       scopes(scopes) {
 }
 
-OAuth2TokenService::FetchParameters::~FetchParameters() {
+OAuth2TokenService::RequestParameters::~RequestParameters() {
 }
 
-bool OAuth2TokenService::FetchParameters::operator<(
-    const FetchParameters& p) const {
+bool OAuth2TokenService::RequestParameters::operator<(
+    const RequestParameters& p) const {
   if (client_id < p.client_id)
     return true;
   else if (p.client_id < client_id)
     return false;
 
   if (refresh_token < p.refresh_token)
     return true;
   else if (p.refresh_token < refresh_token)
     return false;
 
@@ skipping 49 matching lines @@
 //   before it completes fetching, or
 // - when the Fetcher is destructed if the Fetcher is destructed before it
 //   completes fetching (in this case, the waiting requests will be called
 //   back with error).
 class OAuth2TokenService::Fetcher : public OAuth2AccessTokenConsumer {
  public:
   // Creates a Fetcher and starts fetching an OAuth2 access token for
   // |refresh_token| and |scopes| in the request context obtained by |getter|.
   // The given |oauth2_token_service| will be informed when fetching is done.
   static Fetcher* CreateAndStart(OAuth2TokenService* oauth2_token_service,
+                                 const std::string& account_id,
                                  net::URLRequestContextGetter* getter,
                                  const std::string& client_id,
                                  const std::string& client_secret,
                                  const std::string& refresh_token,
                                  const ScopeSet& scopes,
                                  base::WeakPtr<RequestImpl> waiting_request);
   virtual ~Fetcher();
 
   // Add a request that is waiting for the result of this Fetcher.
   void AddWaitingRequest(base::WeakPtr<RequestImpl> waiting_request);
 
   // Returns count of waiting requests.
   size_t GetWaitingRequestCount() const;
 
   void Cancel();
 
   const ScopeSet& GetScopeSet() const;
   const std::string& GetRefreshToken() const;
   const std::string& GetClientId() const;
+  const std::string& GetAccountId() const;
 
   // The error result from this fetcher.
   const GoogleServiceAuthError& error() const { return error_; }
 
  protected:
    // OAuth2AccessTokenConsumer
   virtual void OnGetTokenSuccess(const std::string& access_token,
                                  const base::Time& expiration_date) OVERRIDE;
   virtual void OnGetTokenFailure(
       const GoogleServiceAuthError& error) OVERRIDE;
 
  private:
   Fetcher(OAuth2TokenService* oauth2_token_service,
+          const std::string& account_id,
           net::URLRequestContextGetter* getter,
           const std::string& client_id,
           const std::string& client_secret,
           const std::string& refresh_token,
           const OAuth2TokenService::ScopeSet& scopes,
           base::WeakPtr<RequestImpl> waiting_request);
   void Start();
   void InformWaitingRequests();
   void InformWaitingRequestsAndDelete();
   static bool ShouldRetry(const GoogleServiceAuthError& error);
   int64 ComputeExponentialBackOffMilliseconds(int retry_num);
 
   // |oauth2_token_service_| remains valid for the life of this Fetcher, since
   // this Fetcher is destructed in the dtor of the OAuth2TokenService or is
   // scheduled for deletion at the end of OnGetTokenFailure/OnGetTokenSuccess
   // (whichever comes first).
   OAuth2TokenService* const oauth2_token_service_;
   scoped_refptr<net::URLRequestContextGetter> getter_;
+  const std::string account_id_;
   const std::string refresh_token_;
   const ScopeSet scopes_;
   std::vector<base::WeakPtr<RequestImpl> > waiting_requests_;
 
   int retry_number_;
   base::OneShotTimer<Fetcher> retry_timer_;
   scoped_ptr<OAuth2AccessTokenFetcher> fetcher_;
 
   // Variables that store fetch results.
   // Initialized to be GoogleServiceAuthError::SERVICE_UNAVAILABLE to handle
   // destruction.
   GoogleServiceAuthError error_;
   std::string access_token_;
   base::Time expiration_date_;
 
   // OAuth2 client id and secret.
   std::string client_id_;
   std::string client_secret_;
 
   DISALLOW_COPY_AND_ASSIGN(Fetcher);
 };
 
 // static
 OAuth2TokenService::Fetcher* OAuth2TokenService::Fetcher::CreateAndStart(
     OAuth2TokenService* oauth2_token_service,
+    const std::string& account_id,
     net::URLRequestContextGetter* getter,
     const std::string& client_id,
     const std::string& client_secret,
     const std::string& refresh_token,
     const OAuth2TokenService::ScopeSet& scopes,
     base::WeakPtr<RequestImpl> waiting_request) {
   OAuth2TokenService::Fetcher* fetcher = new Fetcher(
       oauth2_token_service,
+      account_id,
       getter,
       client_id,
       client_secret,
       refresh_token,
       scopes,
       waiting_request);
   fetcher->Start();
   return fetcher;
 }
 
 OAuth2TokenService::Fetcher::Fetcher(
     OAuth2TokenService* oauth2_token_service,
+    const std::string& account_id,
     net::URLRequestContextGetter* getter,
     const std::string& client_id,
     const std::string& client_secret,
     const std::string& refresh_token,
     const OAuth2TokenService::ScopeSet& scopes,
     base::WeakPtr<RequestImpl> waiting_request)
     : oauth2_token_service_(oauth2_token_service),
       getter_(getter),
+      account_id_(account_id),
       refresh_token_(refresh_token),
       scopes_(scopes),
       retry_number_(0),
       error_(GoogleServiceAuthError::SERVICE_UNAVAILABLE),
       client_id_(client_id),
       client_secret_(client_secret) {
   DCHECK(oauth2_token_service_);
   DCHECK(getter_.get());
   DCHECK(refresh_token_.length());
   waiting_requests_.push_back(waiting_request);
@@ skipping 115 matching lines @@
 }
 
 const std::string& OAuth2TokenService::Fetcher::GetRefreshToken() const {
   return refresh_token_;
 }
 
 const std::string& OAuth2TokenService::Fetcher::GetClientId() const {
   return client_id_;
 }
 
+const std::string& OAuth2TokenService::Fetcher::GetAccountId() const {
+  return account_id_;
+}
+
 OAuth2TokenService::Request::Request() {
 }
 
 OAuth2TokenService::Request::~Request() {
 }
 
 OAuth2TokenService::Consumer::Consumer() {
 }
 
 OAuth2TokenService::Consumer::~Consumer() {
 }
 
 OAuth2TokenService::OAuth2TokenService() {
 }
 
 OAuth2TokenService::~OAuth2TokenService() {
   // Release all the pending fetchers.
   STLDeleteContainerPairSecondPointers(
       pending_fetchers_.begin(), pending_fetchers_.end());
 }
 
 void OAuth2TokenService::AddObserver(Observer* observer) {
   observer_list_.AddObserver(observer);
 }
 
 void OAuth2TokenService::RemoveObserver(Observer* observer) {
   observer_list_.RemoveObserver(observer);
 }
 
-bool OAuth2TokenService::RefreshTokenIsAvailable() {
-  return !GetRefreshToken().empty();
+bool OAuth2TokenService::RefreshTokenIsAvailable(
+    const std::string& account_id) {
+  DCHECK(CalledOnValidThread());
+  return !GetRefreshToken(account_id).empty();
+}
+
+std::vector<std::string> OAuth2TokenService::GetAccounts() {
+  return std::vector<std::string>();
 }
 
 scoped_ptr<OAuth2TokenService::Request> OAuth2TokenService::StartRequest(
+    const std::string& account_id,
     const OAuth2TokenService::ScopeSet& scopes,
     OAuth2TokenService::Consumer* consumer) {
   return StartRequestForClientWithContext(
+      account_id,
       GetRequestContext(),
       GaiaUrls::GetInstance()->oauth2_chrome_client_id(),
       GaiaUrls::GetInstance()->oauth2_chrome_client_secret(),
       scopes,
       consumer);
 }
 
 scoped_ptr<OAuth2TokenService::Request>
 OAuth2TokenService::StartRequestForClient(
+    const std::string& account_id,
     const std::string& client_id,
     const std::string& client_secret,
     const OAuth2TokenService::ScopeSet& scopes,
     OAuth2TokenService::Consumer* consumer) {
   return StartRequestForClientWithContext(
+      account_id,
       GetRequestContext(),
       client_id,
       client_secret,
       scopes,
       consumer);
 }
 
 scoped_ptr<OAuth2TokenService::Request>
 OAuth2TokenService::StartRequestWithContext(
+    const std::string& account_id,
     net::URLRequestContextGetter* getter,
     const ScopeSet& scopes,
     Consumer* consumer) {
   return StartRequestForClientWithContext(
+      account_id,
       getter,
       GaiaUrls::GetInstance()->oauth2_chrome_client_id(),
       GaiaUrls::GetInstance()->oauth2_chrome_client_secret(),
       scopes,
       consumer);
 }
 
 scoped_ptr<OAuth2TokenService::Request>
 OAuth2TokenService::StartRequestForClientWithContext(
+    const std::string& account_id,
     net::URLRequestContextGetter* getter,
     const std::string& client_id,
     const std::string& client_secret,
     const ScopeSet& scopes,
     Consumer* consumer) {
   DCHECK(CalledOnValidThread());
 
   scoped_ptr<RequestImpl> request(new RequestImpl(consumer));
 
-  if (!RefreshTokenIsAvailable()) {
+  if (!RefreshTokenIsAvailable(account_id)) {
     base::MessageLoop::current()->PostTask(FROM_HERE, base::Bind(
         &RequestImpl::InformConsumer,
         request->AsWeakPtr(),
         GoogleServiceAuthError(GoogleServiceAuthError::USER_NOT_SIGNED_UP),
         std::string(),
         base::Time()));
     return request.PassAs<Request>();
   }
 
-  ClientScopeSet client_scopes(client_id, scopes);
-  if (HasCacheEntry(client_scopes)) {
-    StartCacheLookupRequest(request.get(), client_scopes, consumer);
+  RequestParameters request_parameters(client_id,
+                                       GetRefreshToken(account_id),

[Roger Tawa OOO till Jul 10th, 2013/09/13 14:53:56]

GetRefreshToken() won't work on mobile platforms.  It will return an empty
string.  I wonder if it would be better to replace the |refresh_token| member of
RequestParameters with |account_id| instead, since there is a 1-to-1 mapping
between the two.

[fgorski, 2013/09/13 22:06:46]

Done. But using only account id breaks the in flight fetchers in a sense. We can
either get back to 2 different structures or remove the call to cancel fetchers
in PO2TS. Also without a refresh token as part of the structure, we are risking
hooking up new consumers to an in progress call with an old token.

[Roger Tawa OOO till Jul 10th, 2013/09/16 17:31:51]

What scenario are you thinking of?  Something like:

1/ StartRequest("foo@gmail.com", "scope1 scope2");
2/ UpdateCredentials("foo@gmail.com", "new_refresh_token");
3/ StartRequest("foo@gmail.com", "scope1 scope2");

where 2 and 3 happen before the first StartRequest() completes?

Since UpdateCredentials() cancels all pending fetchers, any subsequent call for
a new access token will use a new fetcher.  Also, OnFetchComplete() will never
be called for the original request, so it can't overwrite the cache with bad
data.

+                                       scopes);
+  if (HasCacheEntry(request_parameters)) {
+    StartCacheLookupRequest(request.get(), request_parameters, consumer);
   } else {
     FetchOAuth2Token(request.get(),
+                     account_id,
                      getter,
                      client_id,
                      client_secret,
                      scopes);
   }
   return request.PassAs<Request>();
 }
 
 void OAuth2TokenService::FetchOAuth2Token(RequestImpl* request,
+                                          const std::string& account_id,
                                           net::URLRequestContextGetter* getter,
                                           const std::string& client_id,
                                           const std::string& client_secret,
                                           const ScopeSet& scopes) {
-  std::string refresh_token = GetRefreshToken();
+  std::string refresh_token = GetRefreshToken(account_id);
 
   // If there is already a pending fetcher for |scopes| and |refresh_token|,
   // simply register this |request| for those results rather than starting
   // a new fetcher.
-  FetchParameters fetch_parameters = FetchParameters(client_id,
-                                                     refresh_token,
-                                                     scopes);
-  std::map<FetchParameters, Fetcher*>::iterator iter =
-      pending_fetchers_.find(fetch_parameters);
+  RequestParameters request_parameters = RequestParameters(client_id,
+                                                           refresh_token,
+                                                           scopes);
+  std::map<RequestParameters, Fetcher*>::iterator iter =
+      pending_fetchers_.find(request_parameters);
   if (iter != pending_fetchers_.end()) {
     iter->second->AddWaitingRequest(request->AsWeakPtr());
     return;
   }
 
-  pending_fetchers_[fetch_parameters] =
+  pending_fetchers_[request_parameters] =
       Fetcher::CreateAndStart(this,
+                              account_id,
                               getter,
                               client_id,
                               client_secret,
                               refresh_token,
                               scopes,
                               request->AsWeakPtr());
 }
 
 void OAuth2TokenService::StartCacheLookupRequest(
     RequestImpl* request,
-    const OAuth2TokenService::ClientScopeSet& client_scopes,
+    const OAuth2TokenService::RequestParameters& request_parameters,
     OAuth2TokenService::Consumer* consumer) {
-  CHECK(HasCacheEntry(client_scopes));
-  const CacheEntry* cache_entry = GetCacheEntry(client_scopes);
+  CHECK(HasCacheEntry(request_parameters));
+  const CacheEntry* cache_entry = GetCacheEntry(request_parameters);
   base::MessageLoop::current()->PostTask(FROM_HERE, base::Bind(
       &RequestImpl::InformConsumer,
       request->AsWeakPtr(),
       GoogleServiceAuthError(GoogleServiceAuthError::NONE),
       cache_entry->access_token,
       cache_entry->expiration_date));
 }
 
-void OAuth2TokenService::InvalidateToken(const ScopeSet& scopes,
+void OAuth2TokenService::InvalidateToken(const std::string& account_id,
+                                         const ScopeSet& scopes,
                                          const std::string& invalid_token) {
+  InvalidateOAuth2Token(account_id,
+                        GaiaUrls::GetInstance()->oauth2_chrome_client_id(),
+                        scopes,
+                        invalid_token);
+}
+
+void OAuth2TokenService::InvalidateTokenForClient(
+    const std::string& account_id,
+    const std::string& client_id,
+    const ScopeSet& scopes,
+    const std::string& invalid_token) {
+  InvalidateOAuth2Token(account_id, client_id, scopes, invalid_token);
+}
+
+void OAuth2TokenService::InvalidateOAuth2Token(
+    const std::string& account_id,
+    const std::string& client_id,
+    const ScopeSet& scopes,
+    const std::string& invalid_token) {
   DCHECK(CalledOnValidThread());
   RemoveCacheEntry(
-      ClientScopeSet(GaiaUrls::GetInstance()->oauth2_chrome_client_id(),
-                     scopes),
+      RequestParameters(client_id,
+                        GetRefreshToken(account_id),
+                        scopes),
       invalid_token);
 }
 
 void OAuth2TokenService::OnFetchComplete(Fetcher* fetcher) {
   DCHECK(CalledOnValidThread());
 
   // Update the auth error state so auth errors are appropriately communicated
   // to the user.
-  UpdateAuthError(fetcher->error());
+  UpdateAuthError(fetcher->GetAccountId(), fetcher->error());
 
   // Note |fetcher| is recorded in |pending_fetcher_| mapped to its refresh
   // token and scope set. This is guaranteed as follows; here a Fetcher is said
   // to be uncompleted if it has not finished calling back
   // OAuth2TokenService::OnFetchComplete().
   //
   // (1) All the live Fetchers are created by this service.
   //     This is because (1) all the live Fetchers are created by a live
   //     service, as all the fetchers created by a service are destructed in the
   //     service's dtor.
   //
   // (2) All the uncompleted Fetchers created by this service are recorded in
   //     |pending_fetchers_|.
   //     This is because (1) all the created Fetchers are added to
   //     |pending_fetchers_| (in method StartRequest()) and (2) method
   //     OnFetchComplete() is the only place where a Fetcher is erased from
   //     |pending_fetchers_|. Note no Fetcher is erased in method
   //     StartRequest().
   //
   // (3) Each of the Fetchers recorded in |pending_fetchers_| is mapped to its
   //     refresh token and ScopeSet. This is guaranteed by Fetcher creation in
   //     method StartRequest().
   //
   // When this method is called, |fetcher| is alive and uncompleted.
   // By (1), |fetcher| is created by this service.
   // Then by (2), |fetcher| is recorded in |pending_fetchers_|.
   // Then by (3), |fetcher_| is mapped to its refresh token and ScopeSet.
-  std::map<FetchParameters, Fetcher*>::iterator iter =
-    pending_fetchers_.find(FetchParameters(
+  std::map<RequestParameters, Fetcher*>::iterator iter =
+    pending_fetchers_.find(RequestParameters(
         fetcher->GetClientId(),
         fetcher->GetRefreshToken(),
         fetcher->GetScopeSet()));
   DCHECK(iter != pending_fetchers_.end());
   DCHECK_EQ(fetcher, iter->second);
   pending_fetchers_.erase(iter);
 }
 
 bool OAuth2TokenService::HasCacheEntry(
-    const ClientScopeSet& client_scopes) {
-  const CacheEntry* cache_entry = GetCacheEntry(client_scopes);
+    const RequestParameters& request_parameters) {
+  const CacheEntry* cache_entry = GetCacheEntry(request_parameters);
   return cache_entry && cache_entry->access_token.length();
 }
 
 const OAuth2TokenService::CacheEntry* OAuth2TokenService::GetCacheEntry(
-    const ClientScopeSet& client_scopes) {
+    const RequestParameters& request_parameters) {
   DCHECK(CalledOnValidThread());
-  TokenCache::iterator token_iterator = token_cache_.find(client_scopes);
+  TokenCache::iterator token_iterator = token_cache_.find(request_parameters);
   if (token_iterator == token_cache_.end())
     return NULL;
   if (token_iterator->second.expiration_date <= base::Time::Now()) {
     token_cache_.erase(token_iterator);
     return NULL;
   }
   return &token_iterator->second;
 }
 
 bool OAuth2TokenService::RemoveCacheEntry(
-    const ClientScopeSet& client_scopes,
+    const RequestParameters& request_parameters,
     const std::string& token_to_remove) {
   DCHECK(CalledOnValidThread());
-  TokenCache::iterator token_iterator = token_cache_.find(client_scopes);
+  TokenCache::iterator token_iterator = token_cache_.find(request_parameters);
   if (token_iterator != token_cache_.end() &&
       token_iterator->second.access_token == token_to_remove) {
     token_cache_.erase(token_iterator);
     return true;
   }
   return false;
 }
 
 void OAuth2TokenService::RegisterCacheEntry(
     const std::string& client_id,
     const std::string& refresh_token,
     const OAuth2TokenService::ScopeSet& scopes,
     const std::string& access_token,
     const base::Time& expiration_date) {
   DCHECK(CalledOnValidThread());
 
-  CacheEntry& token = token_cache_[ClientScopeSet(client_id,
-                                                  scopes)];
+  CacheEntry& token = token_cache_[RequestParameters(client_id,
+                                                     refresh_token,
+                                                     scopes)];
   token.access_token = access_token;
   token.expiration_date = expiration_date;
 }
 
-void OAuth2TokenService::UpdateAuthError(const GoogleServiceAuthError& error) {
+void OAuth2TokenService::UpdateAuthError(
+    const std::string& account_id,
+    const GoogleServiceAuthError& error) {
   // Default implementation does nothing.
 }
 
 void OAuth2TokenService::ClearCache() {
   DCHECK(CalledOnValidThread());
   token_cache_.clear();
 }
 
+void OAuth2TokenService::ClearCacheForAccount(const std::string& account_id) {
+  DCHECK(CalledOnValidThread());
+  const std::string refresh_token = GetRefreshToken(account_id);
+  for (TokenCache::iterator iter = token_cache_.begin();
+       iter != token_cache_.end();
+       /* iter incremented in body */) {
+    if (iter->first.refresh_token == refresh_token) {
+      token_cache_.erase(iter++);
+    } else {
+      ++iter;
+    }
+  }
+
+  token_cache_.clear();
+}
+
 void OAuth2TokenService::CancelAllRequests() {
   std::vector<Fetcher*> fetchers_to_cancel;
-  for (std::map<FetchParameters, Fetcher*>::iterator iter =
+  for (std::map<RequestParameters, Fetcher*>::iterator iter =
            pending_fetchers_.begin();
        iter != pending_fetchers_.end();
        ++iter) {
     fetchers_to_cancel.push_back(iter->second);
   }
   CancelFetchers(fetchers_to_cancel);
 }
 
 void OAuth2TokenService::CancelRequestsForToken(
     const std::string& refresh_token) {
   std::vector<Fetcher*> fetchers_to_cancel;
-  for (std::map<FetchParameters, Fetcher*>::iterator iter =
+  for (std::map<RequestParameters, Fetcher*>::iterator iter =
            pending_fetchers_.begin();
        iter != pending_fetchers_.end();
        ++iter) {
     if (iter->first.refresh_token == refresh_token)
       fetchers_to_cancel.push_back(iter->second);
   }
   CancelFetchers(fetchers_to_cancel);
 }
 
 void OAuth2TokenService::CancelFetchers(
@@ skipping 15 matching lines @@
 void OAuth2TokenService::FireRefreshTokenRevoked(
     const std::string& account_id) {
   FOR_EACH_OBSERVER(Observer, observer_list_,
                     OnRefreshTokenRevoked(account_id));
 }
 
 void OAuth2TokenService::FireRefreshTokensLoaded() {
   FOR_EACH_OBSERVER(Observer, observer_list_, OnRefreshTokensLoaded());
 }
 
-void OAuth2TokenService::FireRefreshTokensCleared() {
-  FOR_EACH_OBSERVER(Observer, observer_list_, OnRefreshTokensCleared());
-}
-
 int OAuth2TokenService::cache_size_for_testing() const {
   return token_cache_.size();
 }
 
 void OAuth2TokenService::set_max_authorization_token_fetch_retries_for_testing(
     int max_retries) {
   DCHECK(CalledOnValidThread());
   max_fetch_retry_num_ = max_retries;
 }
 
 size_t OAuth2TokenService::GetNumPendingRequestsForTesting(
     const std::string& client_id,
     const std::string& refresh_token,
     const ScopeSet& scopes) const {
   PendingFetcherMap::const_iterator iter = pending_fetchers_.find(
-      OAuth2TokenService::FetchParameters(
+      OAuth2TokenService::RequestParameters(
           client_id,
           refresh_token,
           scopes));
   return iter == pending_fetchers_.end() ?
              0 : iter->second->GetWaitingRequestCount();
 }