| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/oauth2_login_manager.h" | 5 #include "chrome/browser/chromeos/login/oauth2_login_manager.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/metrics/histogram.h" | 8 #include "base/metrics/histogram.h" |
| 9 #include "base/prefs/pref_service.h" | 9 #include "base/prefs/pref_service.h" |
| 10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| 11 #include "chrome/browser/browser_process.h" | 11 #include "chrome/browser/browser_process.h" |
| 12 #include "chrome/browser/chromeos/login/user_manager.h" | 12 #include "chrome/browser/chromeos/login/user_manager.h" |
| 13 #include "chrome/browser/profiles/profile.h" | 13 #include "chrome/browser/profiles/profile.h" |
| 14 #include "chrome/browser/signin/profile_oauth2_token_service.h" | 14 #include "chrome/browser/signin/profile_oauth2_token_service.h" |
| 15 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" | 15 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
| 16 #include "chrome/browser/signin/token_service.h" | 16 #include "chrome/browser/signin/token_service.h" |
| 17 #include "chrome/browser/signin/token_service_factory.h" | 17 #include "chrome/browser/signin/token_service_factory.h" |
| 18 #include "chrome/common/chrome_switches.h" | 18 #include "chrome/common/chrome_switches.h" |
| 19 #include "google_apis/gaia/gaia_constants.h" | 19 #include "google_apis/gaia/gaia_constants.h" |
| 20 #include "net/url_request/url_request_context_getter.h" | 20 #include "net/url_request/url_request_context_getter.h" |
| 21 | 21 |
| 22 namespace chromeos { | 22 namespace chromeos { |
| 23 | 23 |
| 24 OAuth2LoginManager::OAuth2LoginManager(OAuthLoginManager::Delegate* delegate) | 24 OAuth2LoginManager::OAuth2LoginManager(Profile* user_profile) |
| 25 : OAuthLoginManager(delegate), | 25 : user_profile_(user_profile), |
| 26 restore_strategy_(RESTORE_FROM_COOKIE_JAR), |
| 27 state_(SESSION_RESTORE_NOT_STARTED), |
| 26 loading_reported_(false) { | 28 loading_reported_(false) { |
| 29 ProfileOAuth2TokenServiceFactory::GetForProfile(user_profile_)-> |
| 30 AddObserver(this); |
| 27 } | 31 } |
| 28 | 32 |
| 29 OAuth2LoginManager::~OAuth2LoginManager() { | 33 OAuth2LoginManager::~OAuth2LoginManager() { |
| 30 StopObservingRefreshToken(); | 34 } |
| 35 |
| 36 void OAuth2LoginManager::AddObserver(OAuth2LoginManager::Observer* observer) { |
| 37 observer_list_.AddObserver(observer); |
| 38 } |
| 39 |
| 40 void OAuth2LoginManager::RemoveObserver(OAuth2LoginManager::Observer* observer)
{ |
| 41 observer_list_.RemoveObserver(observer); |
| 31 } | 42 } |
| 32 | 43 |
| 33 void OAuth2LoginManager::RestoreSession( | 44 void OAuth2LoginManager::RestoreSession( |
| 34 Profile* user_profile, | |
| 35 net::URLRequestContextGetter* auth_request_context, | 45 net::URLRequestContextGetter* auth_request_context, |
| 36 SessionRestoreStrategy restore_strategy, | 46 SessionRestoreStrategy restore_strategy, |
| 37 const std::string& oauth2_refresh_token, | 47 const std::string& oauth2_refresh_token, |
| 38 const std::string& auth_code) { | 48 const std::string& auth_code) { |
| 39 StopObservingRefreshToken(); | 49 DCHECK(user_profile_); |
| 40 user_profile_ = user_profile; | |
| 41 auth_request_context_ = auth_request_context; | 50 auth_request_context_ = auth_request_context; |
| 42 state_ = OAuthLoginManager::SESSION_RESTORE_IN_PROGRESS; | 51 state_ = OAuth2LoginManager::SESSION_RESTORE_IN_PROGRESS; |
| 43 restore_strategy_ = restore_strategy; | 52 restore_strategy_ = restore_strategy; |
| 44 refresh_token_ = oauth2_refresh_token; | 53 refresh_token_ = oauth2_refresh_token; |
| 45 auth_code_ = auth_code; | 54 auth_code_ = auth_code; |
| 46 | 55 |
| 47 // TODO(nkostylev): drop the previous fetchers if RestoreSession() is invoked | 56 // TODO(nkostylev): drop the previous fetchers if RestoreSession() is invoked |
| 48 // for a second Profile, when using multi-profiles. This avoids the DCHECKs | 57 // for a second Profile, when using multi-profiles. This avoids the DCHECKs |
| 49 // below until OAuthLoginManager fully supports multi-profiles. | 58 // below until OAuthLoginManager fully supports multi-profiles. |
| 50 Stop(); | 59 Stop(); |
| 51 | 60 |
| 52 ProfileOAuth2TokenServiceFactory::GetForProfile(user_profile_)-> | |
| 53 AddObserver(this); | |
| 54 | |
| 55 ContinueSessionRestore(); | 61 ContinueSessionRestore(); |
| 56 } | 62 } |
| 57 | 63 |
| 58 void OAuth2LoginManager::ContinueSessionRestore() { | 64 void OAuth2LoginManager::ContinueSessionRestore() { |
| 59 if (restore_strategy_ == RESTORE_FROM_COOKIE_JAR || | 65 if (restore_strategy_ == RESTORE_FROM_COOKIE_JAR || |
| 60 restore_strategy_ == RESTORE_FROM_AUTH_CODE) { | 66 restore_strategy_ == RESTORE_FROM_AUTH_CODE) { |
| 61 FetchOAuth2Tokens(); | 67 FetchOAuth2Tokens(); |
| 62 return; | 68 return; |
| 63 } | 69 } |
| 64 | 70 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 76 LoadAndVerifyOAuth2Tokens(); | 82 LoadAndVerifyOAuth2Tokens(); |
| 77 } | 83 } |
| 78 | 84 |
| 79 void OAuth2LoginManager::Stop() { | 85 void OAuth2LoginManager::Stop() { |
| 80 oauth2_token_fetcher_.reset(); | 86 oauth2_token_fetcher_.reset(); |
| 81 login_verifier_.reset(); | 87 login_verifier_.reset(); |
| 82 } | 88 } |
| 83 | 89 |
| 84 void OAuth2LoginManager::OnRefreshTokenAvailable( | 90 void OAuth2LoginManager::OnRefreshTokenAvailable( |
| 85 const std::string& account_id) { | 91 const std::string& account_id) { |
| 92 if (state_ == SESSION_RESTORE_NOT_STARTED) |
| 93 return; |
| 94 |
| 86 // TODO(fgorski): Once ProfileOAuth2TokenService supports multi-login, make | 95 // TODO(fgorski): Once ProfileOAuth2TokenService supports multi-login, make |
| 87 // sure to restore session cookies in the context of the correct account_id. | 96 // sure to restore session cookies in the context of the correct account_id. |
| 97 LOG(INFO) << "OnRefreshTokenAvailable"; |
| 88 RestoreSessionCookies(); | 98 RestoreSessionCookies(); |
| 89 } | 99 } |
| 90 | 100 |
| 91 TokenService* OAuth2LoginManager::SetupTokenService() { | 101 TokenService* OAuth2LoginManager::SetupTokenService() { |
| 92 TokenService* token_service = | 102 TokenService* token_service = |
| 93 TokenServiceFactory::GetForProfile(user_profile_); | 103 TokenServiceFactory::GetForProfile(user_profile_); |
| 94 return token_service; | 104 return token_service; |
| 95 } | 105 } |
| 96 | 106 |
| 97 void OAuth2LoginManager::StoreOAuth2Tokens( | 107 void OAuth2LoginManager::StoreOAuth2Tokens( |
| (...skipping 18 matching lines...) Expand all Loading... |
| 116 new OAuth2TokenFetcher(this, auth_request_context_.get())); | 126 new OAuth2TokenFetcher(this, auth_request_context_.get())); |
| 117 oauth2_token_fetcher_->StartExchangeFromCookies(); | 127 oauth2_token_fetcher_->StartExchangeFromCookies(); |
| 118 } else if (restore_strategy_ == RESTORE_FROM_AUTH_CODE) { | 128 } else if (restore_strategy_ == RESTORE_FROM_AUTH_CODE) { |
| 119 DCHECK(!auth_code_.empty()); | 129 DCHECK(!auth_code_.empty()); |
| 120 oauth2_token_fetcher_.reset( | 130 oauth2_token_fetcher_.reset( |
| 121 new OAuth2TokenFetcher(this, | 131 new OAuth2TokenFetcher(this, |
| 122 g_browser_process->system_request_context())); | 132 g_browser_process->system_request_context())); |
| 123 oauth2_token_fetcher_->StartExchangeFromAuthCode(auth_code_); | 133 oauth2_token_fetcher_->StartExchangeFromAuthCode(auth_code_); |
| 124 } else { | 134 } else { |
| 125 NOTREACHED(); | 135 NOTREACHED(); |
| 136 FOR_EACH_OBSERVER(Observer, observer_list_, |
| 137 OnCompletedMergeSession(user_profile_)); |
| 126 } | 138 } |
| 127 } | 139 } |
| 128 | 140 |
| 129 void OAuth2LoginManager::OnOAuth2TokensAvailable( | 141 void OAuth2LoginManager::OnOAuth2TokensAvailable( |
| 130 const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens) { | 142 const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens) { |
| 131 LOG(INFO) << "OAuth2 tokens fetched"; | 143 LOG(INFO) << "OAuth2 tokens fetched"; |
| 132 StoreOAuth2Tokens(oauth2_tokens); | 144 StoreOAuth2Tokens(oauth2_tokens); |
| 133 } | 145 } |
| 134 | 146 |
| 135 void OAuth2LoginManager::OnOAuth2TokensFetchFailed() { | 147 void OAuth2LoginManager::OnOAuth2TokensFetchFailed() { |
| 136 LOG(ERROR) << "OAuth2 tokens fetch failed!"; | 148 LOG(ERROR) << "OAuth2 tokens fetch failed!"; |
| 137 state_ = OAuthLoginManager::SESSION_RESTORE_DONE; | 149 state_ = OAuth2LoginManager::SESSION_RESTORE_DONE; |
| 138 UserManager::Get()->SaveUserOAuthStatus( | 150 UserManager::Get()->SaveUserOAuthStatus( |
| 139 UserManager::Get()->GetLoggedInUser()->email(), | 151 UserManager::Get()->GetLoggedInUser()->email(), |
| 140 User::OAUTH2_TOKEN_STATUS_INVALID); | 152 User::OAUTH2_TOKEN_STATUS_INVALID); |
| 141 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", | 153 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", |
| 142 SESSION_RESTORE_TOKEN_FETCH_FAILED, | 154 SESSION_RESTORE_TOKEN_FETCH_FAILED, |
| 143 SESSION_RESTORE_COUNT); | 155 SESSION_RESTORE_COUNT); |
| 144 } | 156 } |
| 145 | 157 |
| 146 void OAuth2LoginManager::RestoreSessionCookies() { | 158 void OAuth2LoginManager::RestoreSessionCookies() { |
| 147 DCHECK(!login_verifier_.get()); | 159 DCHECK(!login_verifier_.get()); |
| 160 FOR_EACH_OBSERVER(Observer, observer_list_, |
| 161 OnStartMergeSession(user_profile_)); |
| 148 login_verifier_.reset( | 162 login_verifier_.reset( |
| 149 new OAuth2LoginVerifier(this, | 163 new OAuth2LoginVerifier(this, |
| 150 g_browser_process->system_request_context(), | 164 g_browser_process->system_request_context(), |
| 151 user_profile_->GetRequestContext())); | 165 user_profile_->GetRequestContext())); |
| 152 login_verifier_->VerifyProfileTokens(user_profile_); | 166 login_verifier_->VerifyProfileTokens(user_profile_); |
| 153 } | 167 } |
| 154 | 168 |
| 169 void OAuth2LoginManager::Shutdown() { |
| 170 ProfileOAuth2TokenServiceFactory::GetForProfile(user_profile_)-> |
| 171 RemoveObserver(this); |
| 172 login_verifier_.reset(); |
| 173 oauth2_token_fetcher_.reset(); |
| 174 } |
| 175 |
| 155 void OAuth2LoginManager::OnOAuthLoginSuccess( | 176 void OAuth2LoginManager::OnOAuthLoginSuccess( |
| 156 const GaiaAuthConsumer::ClientLoginResult& gaia_credentials) { | 177 const GaiaAuthConsumer::ClientLoginResult& gaia_credentials) { |
| 157 LOG(INFO) << "OAuth2 refresh token successfully exchanged for GAIA token."; | 178 LOG(INFO) << "OAuth2 refresh token successfully exchanged for GAIA token."; |
| 158 StartTokenService(gaia_credentials); | 179 StartTokenService(gaia_credentials); |
| 159 } | 180 } |
| 160 | 181 |
| 161 void OAuth2LoginManager::OnOAuthLoginFailure() { | 182 void OAuth2LoginManager::OnOAuthLoginFailure() { |
| 162 LOG(ERROR) << "OAuth2 refresh token verification failed!"; | 183 LOG(ERROR) << "OAuth2 refresh token verification failed!"; |
| 163 state_ = OAuthLoginManager::SESSION_RESTORE_DONE; | 184 state_ = OAuth2LoginManager::SESSION_RESTORE_DONE; |
| 164 UserManager::Get()->SaveUserOAuthStatus( | 185 UserManager::Get()->SaveUserOAuthStatus( |
| 165 UserManager::Get()->GetLoggedInUser()->email(), | 186 UserManager::Get()->GetLoggedInUser()->email(), |
| 166 User::OAUTH2_TOKEN_STATUS_INVALID); | 187 User::OAUTH2_TOKEN_STATUS_INVALID); |
| 167 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", | 188 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", |
| 168 SESSION_RESTORE_OAUTHLOGIN_FAILED, | 189 SESSION_RESTORE_OAUTHLOGIN_FAILED, |
| 169 SESSION_RESTORE_COUNT); | 190 SESSION_RESTORE_COUNT); |
| 170 delegate_->OnCompletedMergeSession(); | 191 FOR_EACH_OBSERVER(Observer, observer_list_, |
| 192 OnCompletedMergeSession(user_profile_)); |
| 171 } | 193 } |
| 172 | 194 |
| 173 void OAuth2LoginManager::OnSessionMergeSuccess() { | 195 void OAuth2LoginManager::OnSessionMergeSuccess() { |
| 174 LOG(INFO) << "OAuth2 refresh and/or GAIA token verification succeeded."; | 196 LOG(INFO) << "OAuth2 refresh and/or GAIA token verification succeeded."; |
| 175 state_ = OAuthLoginManager::SESSION_RESTORE_DONE; | 197 state_ = OAuth2LoginManager::SESSION_RESTORE_DONE; |
| 176 UserManager::Get()->SaveUserOAuthStatus( | 198 UserManager::Get()->SaveUserOAuthStatus( |
| 177 UserManager::Get()->GetLoggedInUser()->email(), | 199 UserManager::Get()->GetLoggedInUser()->email(), |
| 178 User::OAUTH2_TOKEN_STATUS_VALID); | 200 User::OAUTH2_TOKEN_STATUS_VALID); |
| 179 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", | 201 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", |
| 180 SESSION_RESTORE_SUCCESS, | 202 SESSION_RESTORE_SUCCESS, |
| 181 SESSION_RESTORE_COUNT); | 203 SESSION_RESTORE_COUNT); |
| 182 delegate_->OnCompletedMergeSession(); | 204 FOR_EACH_OBSERVER(Observer, observer_list_, |
| 205 OnCompletedMergeSession(user_profile_)); |
| 183 } | 206 } |
| 184 | 207 |
| 185 void OAuth2LoginManager::OnSessionMergeFailure() { | 208 void OAuth2LoginManager::OnSessionMergeFailure() { |
| 186 LOG(ERROR) << "OAuth2 refresh and GAIA token verification failed!"; | 209 LOG(ERROR) << "OAuth2 refresh and GAIA token verification failed!"; |
| 187 state_ = OAuthLoginManager::SESSION_RESTORE_DONE; | 210 state_ = OAuth2LoginManager::SESSION_RESTORE_DONE; |
| 188 UserManager::Get()->SaveUserOAuthStatus( | 211 UserManager::Get()->SaveUserOAuthStatus( |
| 189 UserManager::Get()->GetLoggedInUser()->email(), | 212 UserManager::Get()->GetLoggedInUser()->email(), |
| 190 User::OAUTH2_TOKEN_STATUS_INVALID); | 213 User::OAUTH2_TOKEN_STATUS_INVALID); |
| 191 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", | 214 UMA_HISTOGRAM_ENUMERATION("OAuth2Login.SessionRestore", |
| 192 SESSION_RESTORE_MERGE_SESSION_FAILED, | 215 SESSION_RESTORE_MERGE_SESSION_FAILED, |
| 193 SESSION_RESTORE_COUNT); | 216 SESSION_RESTORE_COUNT); |
| 194 delegate_->OnCompletedMergeSession(); | 217 FOR_EACH_OBSERVER(Observer, observer_list_, |
| 218 OnCompletedMergeSession(user_profile_)); |
| 195 } | 219 } |
| 196 | 220 |
| 197 void OAuth2LoginManager::StartTokenService( | 221 void OAuth2LoginManager::StartTokenService( |
| 198 const GaiaAuthConsumer::ClientLoginResult& gaia_credentials) { | 222 const GaiaAuthConsumer::ClientLoginResult& gaia_credentials) { |
| 199 TokenService* token_service = SetupTokenService(); | 223 TokenService* token_service = SetupTokenService(); |
| 200 token_service->UpdateCredentials(gaia_credentials); | 224 token_service->UpdateCredentials(gaia_credentials); |
| 201 CompleteAuthentication(); | |
| 202 } | |
| 203 | 225 |
| 204 void OAuth2LoginManager::StopObservingRefreshToken() { | 226 FOR_EACH_OBSERVER(Observer, observer_list_, |
| 205 if (user_profile_) { | 227 OnCompletedAuthentication(user_profile_)); |
| 206 ProfileOAuth2TokenServiceFactory::GetForProfile(user_profile_)-> | 228 |
| 207 RemoveObserver(this); | 229 if (token_service->AreCredentialsValid()) |
| 208 } | 230 token_service->StartFetchingTokens(); |
| 209 } | 231 } |
| 210 | 232 |
| 211 } // namespace chromeos | 233 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23678007:
OAuth2LoginManager+MergeSessionThrottle hardening, multi-profle support (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src