chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc - Issue 2742743004: Network traffic annotation added to supervised users.

Side by Side Diff: chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc

Issue 2742743004: Network traffic annotation added to supervised users. (Closed)

Patch Set: Comments addressed. Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« no previous file with comments | « chrome/browser/supervised_user/child_accounts/family_info_fetcher.cc ('k') | chrome/browser/supervised_user/experimental/safe_search_url_reporter.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/supervised_user/child_accounts/permission_request_creat or_apiary.h"	5 #include "chrome/browser/supervised_user/child_accounts/permission_request_creat or_apiary.h"

6	6

7 #include "base/callback.h"	7 #include "base/callback.h"

8 #include "base/command_line.h"	8 #include "base/command_line.h"

9 #include "base/json/json_reader.h"	9 #include "base/json/json_reader.h"

10 #include "base/json/json_writer.h"	10 #include "base/json/json_writer.h"

11 #include "base/logging.h"	11 #include "base/logging.h"

12 #include "base/memory/ptr_util.h"	12 #include "base/memory/ptr_util.h"

13 #include "base/strings/stringprintf.h"	13 #include "base/strings/stringprintf.h"

14 #include "base/values.h"	14 #include "base/values.h"

15 #include "chrome/browser/profiles/profile.h"	15 #include "chrome/browser/profiles/profile.h"

16 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"	16 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"

17 #include "chrome/browser/signin/signin_manager_factory.h"	17 #include "chrome/browser/signin/signin_manager_factory.h"

18 #include "chrome/browser/supervised_user/child_accounts/kids_management_api.h"	18 #include "chrome/browser/supervised_user/child_accounts/kids_management_api.h"

19 #include "chrome/common/chrome_switches.h"	19 #include "chrome/common/chrome_switches.h"

20 #include "components/data_use_measurement/core/data_use_user_data.h"	20 #include "components/data_use_measurement/core/data_use_user_data.h"

21 #include "components/signin/core/browser/profile_oauth2_token_service.h"	21 #include "components/signin/core/browser/profile_oauth2_token_service.h"

22 #include "components/signin/core/browser/signin_manager.h"	22 #include "components/signin/core/browser/signin_manager.h"

23 #include "components/signin/core/browser/signin_manager_base.h"	23 #include "components/signin/core/browser/signin_manager_base.h"

24 #include "google_apis/gaia/google_service_auth_error.h"	24 #include "google_apis/gaia/google_service_auth_error.h"

25 #include "net/base/load_flags.h"	25 #include "net/base/load_flags.h"

26 #include "net/base/net_errors.h"	26 #include "net/base/net_errors.h"

27 #include "net/http/http_status_code.h"	27 #include "net/http/http_status_code.h"

	28 #include "net/traffic_annotation/network_traffic_annotation.h"

28 #include "net/url_request/url_fetcher.h"	29 #include "net/url_request/url_fetcher.h"

29 #include "net/url_request/url_request_status.h"	30 #include "net/url_request/url_request_status.h"

30 #include "url/gurl.h"	31 #include "url/gurl.h"

31	32

32 using net::URLFetcher;	33 using net::URLFetcher;

33	34

34 const char kApiPath[] = "people/me/permissionRequests";	35 const char kApiPath[] = "people/me/permissionRequests";

35 const char kApiScope[] = "https://www.googleapis.com/auth/kid.permission";	36 const char kApiScope[] = "https://www.googleapis.com/auth/kid.permission";

36	37

37 const int kNumRetries = 1;	38 const int kNumRetries = 1;

(...skipping 137 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
175 const base::Time& expiration_time) {	176 const base::Time& expiration_time) {

176 RequestIterator it = requests_.begin();	177 RequestIterator it = requests_.begin();

177 while (it != requests_.end()) {	178 while (it != requests_.end()) {

178 if (request == (*it)->access_token_request.get())	179 if (request == (*it)->access_token_request.get())

179 break;	180 break;

180 ++it;	181 ++it;

181 }	182 }

182 DCHECK(it != requests_.end());	183 DCHECK(it != requests_.end());

183 (*it)->access_token = access_token;	184 (*it)->access_token = access_token;

184	185

185 (it)->url_fetcher = URLFetcher::Create((it)->url_fetcher_id, GetApiUrl(),	186 net::NetworkTrafficAnnotationTag traffic_annotation =

186 URLFetcher::POST, this);	187 net::DefineNetworkTrafficAnnotation("permission_request_creator", R"(

	188 semantics {

	189 sender: "Supervised Users"

	190 description:

	191 "Requests permission for the user to access a blocked site."

	192 trigger: "Initiated by the user."

	193 data:

	194 "The request is authenticated with an OAuth2 access token "

	195 "identifying the Google account and contains the URL that the user "

	196 "requests access to."

	197 destination: GOOGLE_OWNED_SERVICE

	198 }

	199 policy {

	200 cookies_allowed: false

	201 setting:

	202 "This feature cannot be disabled in settings and is only enabled "

	203 "for child accounts. If sign-in is restricted to accounts from a "

	204 "managed domain, those accounts are not going to be child accounts."

	205 chrome_policy {

	206 RestrictSigninToPattern {

	207 policy_options {mode: MANDATORY}

	208 RestrictSigninToPattern: "*@manageddomain.com"

	209 }

	210 }

	211 })");

	212 (*it)->url_fetcher =

	213 URLFetcher::Create((*it)->url_fetcher_id, GetApiUrl(), URLFetcher::POST,

	214 this, traffic_annotation);

187	215

188 data_use_measurement::DataUseUserData::AttachToFetcher(	216 data_use_measurement::DataUseUserData::AttachToFetcher(

189 (*it)->url_fetcher.get(),	217 (*it)->url_fetcher.get(),

190 data_use_measurement::DataUseUserData::SUPERVISED_USER);	218 data_use_measurement::DataUseUserData::SUPERVISED_USER);

191 (*it)->url_fetcher->SetRequestContext(context_);	219 (*it)->url_fetcher->SetRequestContext(context_);

192 (*it)->url_fetcher->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES \|	220 (*it)->url_fetcher->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES \|

193 net::LOAD_DO_NOT_SAVE_COOKIES);	221 net::LOAD_DO_NOT_SAVE_COOKIES);

194 (*it)->url_fetcher->SetAutomaticallyRetryOnNetworkChanges(kNumRetries);	222 (*it)->url_fetcher->SetAutomaticallyRetryOnNetworkChanges(kNumRetries);

195 (*it)->url_fetcher->AddExtraRequestHeader(	223 (*it)->url_fetcher->AddExtraRequestHeader(

196 base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str()));	224 base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str()));

(...skipping 80 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
277 return;	305 return;

278 }	306 }

279 DispatchResult(it, true);	307 DispatchResult(it, true);

280 }	308 }

281	309

282 void PermissionRequestCreatorApiary::DispatchResult(RequestIterator it,	310 void PermissionRequestCreatorApiary::DispatchResult(RequestIterator it,

283 bool success) {	311 bool success) {

284 (*it)->callback.Run(success);	312 (*it)->callback.Run(success);

285 requests_.erase(it);	313 requests_.erase(it);

286 }	314 }

OLD	NEW