OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/supervised_user/legacy/supervised_user_refresh_token_fe tcher.h" | 5 #include "chrome/browser/supervised_user/legacy/supervised_user_refresh_token_fe tcher.h" |
6 | 6 |
7 #include "base/callback.h" | 7 #include "base/callback.h" |
8 #include "base/json/json_reader.h" | 8 #include "base/json/json_reader.h" |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
11 #include "base/values.h" | 11 #include "base/values.h" |
12 #include "components/data_use_measurement/core/data_use_user_data.h" | 12 #include "components/data_use_measurement/core/data_use_user_data.h" |
13 #include "google_apis/gaia/gaia_constants.h" | 13 #include "google_apis/gaia/gaia_constants.h" |
14 #include "google_apis/gaia/gaia_oauth_client.h" | 14 #include "google_apis/gaia/gaia_oauth_client.h" |
15 #include "google_apis/gaia/gaia_urls.h" | 15 #include "google_apis/gaia/gaia_urls.h" |
16 #include "google_apis/gaia/google_service_auth_error.h" | 16 #include "google_apis/gaia/google_service_auth_error.h" |
17 #include "google_apis/gaia/oauth2_api_call_flow.h" | 17 #include "google_apis/gaia/oauth2_api_call_flow.h" |
18 #include "google_apis/gaia/oauth2_token_service.h" | 18 #include "google_apis/gaia/oauth2_token_service.h" |
19 #include "net/base/escape.h" | 19 #include "net/base/escape.h" |
20 #include "net/base/load_flags.h" | 20 #include "net/base/load_flags.h" |
21 #include "net/base/net_errors.h" | 21 #include "net/base/net_errors.h" |
22 #include "net/http/http_status_code.h" | 22 #include "net/http/http_status_code.h" |
23 #include "net/traffic_annotation/network_traffic_annotation.h" | |
23 #include "net/url_request/url_fetcher.h" | 24 #include "net/url_request/url_fetcher.h" |
24 #include "net/url_request/url_request_status.h" | 25 #include "net/url_request/url_request_status.h" |
25 | 26 |
26 using GaiaConstants::kChromeSyncSupervisedOAuth2Scope; | 27 using GaiaConstants::kChromeSyncSupervisedOAuth2Scope; |
27 using base::Time; | 28 using base::Time; |
28 using gaia::GaiaOAuthClient; | 29 using gaia::GaiaOAuthClient; |
29 using net::URLFetcher; | 30 using net::URLFetcher; |
30 using net::URLFetcherDelegate; | 31 using net::URLFetcherDelegate; |
31 using net::URLRequestContextGetter; | 32 using net::URLRequestContextGetter; |
32 | 33 |
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
154 const std::string& access_token, | 155 const std::string& access_token, |
155 const Time& expiration_time) { | 156 const Time& expiration_time) { |
156 DCHECK_EQ(access_token_request_.get(), request); | 157 DCHECK_EQ(access_token_request_.get(), request); |
157 access_token_ = access_token; | 158 access_token_ = access_token; |
158 | 159 |
159 GURL url(GaiaUrls::GetInstance()->oauth2_issue_token_url()); | 160 GURL url(GaiaUrls::GetInstance()->oauth2_issue_token_url()); |
160 // GaiaOAuthClient uses id 0, so we use 1 to distinguish the requests in | 161 // GaiaOAuthClient uses id 0, so we use 1 to distinguish the requests in |
161 // unit tests. | 162 // unit tests. |
162 const int id = 1; | 163 const int id = 1; |
163 | 164 |
164 url_fetcher_ = URLFetcher::Create(id, url, URLFetcher::POST, this); | 165 net::NetworkTrafficAnnotationTag traffic_annotation = |
166 net::DefineNetworkTrafficAnnotation( | |
167 "supervised_user_refresh_token_fetcher", R"( | |
168 semantics { | |
169 sender: "Supervised Users" | |
170 description: | |
171 "Fetches an OAuth2 refresh token scoped down to the supervised " | |
Marc Treib
2017/03/14 11:52:46
nit: Capitalize "Supervised User" (for consistency
Ramin Halavati
2017/03/14 11:58:36
Done.
| |
172 "user Sync scope and tied to the given Supervised User ID, " | |
173 "identifying the Supervised User Profile to be created." | |
174 trigger: | |
175 "Called when creating a new Supervised User profile in Chrome to " | |
176 "fetch OAuth credentials for using Sync with new profile." | |
Marc Treib
2017/03/14 11:52:46
s/with new/with the new/
Ramin Halavati
2017/03/14 11:58:36
Done.
| |
177 data: | |
178 "The request is authenticated with an OAuth2 access token " | |
179 "identifying the Google account and contains the following " | |
180 "information:\n* The Supervised User ID, a randomly generated " | |
181 "64-bit identifier for the profile.\n* The device name, to " | |
182 "identify the refresh token in account management." | |
183 destination: GOOGLE_OWNED_SERVICE | |
184 } | |
185 policy { | |
186 cookies_allowed: false | |
187 setting: | |
188 "Users can disable this feature by toggling 'Let anyone add a " | |
189 "person to Chrome' in Chromium settings, under People." | |
190 chrome_policy { | |
191 SupervisedUserCreationEnabled { | |
192 policy_options {mode: MANDATORY} | |
193 RestrictSigninToPattern: false | |
Marc Treib
2017/03/14 11:52:46
I think this should be
SupervisedUserCreationEnabl
Ramin Halavati
2017/03/14 11:58:36
Done.
| |
194 } | |
195 } | |
196 })"); | |
197 url_fetcher_ = | |
198 URLFetcher::Create(id, url, URLFetcher::POST, this, traffic_annotation); | |
165 | 199 |
166 data_use_measurement::DataUseUserData::AttachToFetcher( | 200 data_use_measurement::DataUseUserData::AttachToFetcher( |
167 url_fetcher_.get(), | 201 url_fetcher_.get(), |
168 data_use_measurement::DataUseUserData::SUPERVISED_USER); | 202 data_use_measurement::DataUseUserData::SUPERVISED_USER); |
169 url_fetcher_->SetRequestContext(context_); | 203 url_fetcher_->SetRequestContext(context_); |
170 url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | 204 url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | |
171 net::LOAD_DO_NOT_SAVE_COOKIES); | 205 net::LOAD_DO_NOT_SAVE_COOKIES); |
172 url_fetcher_->SetAutomaticallyRetryOnNetworkChanges(kNumRetries); | 206 url_fetcher_->SetAutomaticallyRetryOnNetworkChanges(kNumRetries); |
173 url_fetcher_->AddExtraRequestHeader( | 207 url_fetcher_->AddExtraRequestHeader( |
174 base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str())); | 208 base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str())); |
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
299 const std::string& account_id, | 333 const std::string& account_id, |
300 const std::string& device_id, | 334 const std::string& device_id, |
301 URLRequestContextGetter* context) { | 335 URLRequestContextGetter* context) { |
302 std::unique_ptr<SupervisedUserRefreshTokenFetcher> fetcher( | 336 std::unique_ptr<SupervisedUserRefreshTokenFetcher> fetcher( |
303 new SupervisedUserRefreshTokenFetcherImpl( | 337 new SupervisedUserRefreshTokenFetcherImpl( |
304 oauth2_token_service, account_id, device_id, context)); | 338 oauth2_token_service, account_id, device_id, context)); |
305 return fetcher; | 339 return fetcher; |
306 } | 340 } |
307 | 341 |
308 SupervisedUserRefreshTokenFetcher::~SupervisedUserRefreshTokenFetcher() {} | 342 SupervisedUserRefreshTokenFetcher::~SupervisedUserRefreshTokenFetcher() {} |
OLD | NEW |