Support multiple sign-in for extension updates.

chrome/browser/extensions/updater/extension_downloader.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/updater/extension_downloader.h"
 
 #include <utility>
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/files/file_path.h"
 #include "base/location.h"
 #include "base/logging.h"
 #include "base/memory/scoped_handle.h"
 #include "base/metrics/histogram.h"
 #include "base/metrics/sparse_histogram.h"
 #include "base/platform_file.h"
 #include "base/stl_util.h"
+#include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
+#include "base/strings/stringprintf.h"
 #include "base/time/time.h"
 #include "base/version.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/extensions/updater/extension_cache.h"
 #include "chrome/browser/extensions/updater/request_queue_impl.h"
 #include "chrome/browser/extensions/updater/safe_manifest_parser.h"
 #include "chrome/browser/metrics/metrics_service.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/chrome_version_info.h"
 #include "chrome/common/extensions/extension_constants.h"
@@ skipping 37 matching lines @@
   -1,
 
   // Time to keep an entry from being discarded even when it
   // has no significant state, -1 to never discard.
   -1,
 
   // Don't use initial delay unless the last request was an error.
   false,
 };
 
+const char kAuthUserQueryKey[] = "authuser";
+
+const int kMaxAuthUserValue = 10;
+
 const char kNotFromWebstoreInstallSource[] = "notfromwebstore";
 const char kDefaultInstallSource[] = "";
 
 #define RETRY_HISTOGRAM(name, retry_count, url) \
     if ((url).DomainIs("google.com")) { \
       UMA_HISTOGRAM_CUSTOM_COUNTS( \
           "Extensions." name "RetryCountGoogleUrl", retry_count, 1, \
           kMaxRetries, kMaxRetries+1); \
     } else { \
       UMA_HISTOGRAM_CUSTOM_COUNTS( \
           "Extensions." name "RetryCountOtherUrl", retry_count, 1, \
           kMaxRetries, kMaxRetries+1); \
     }
 
 bool ShouldRetryRequest(const net::URLRequestStatus& status,
                         int response_code) {
   // Retry if the response code is a server error, or the request failed because
   // of network errors as opposed to file errors.
   return (response_code >= 500 && status.is_success()) ||
          status.status() == net::URLRequestStatus::FAILED;
 }
 
+bool ShouldRetryRequestWithCookies(
+    const net::URLRequestStatus& status,
+    int response_code,
+    bool included_cookies) {
+  if (included_cookies)
+    return false;
+
+  if (status.status() == net::URLRequestStatus::CANCELED)
+    return true;
+
+  // Retry if a 401 or 403 is received.
+  return status.status() == net::URLRequestStatus::SUCCESS &&
+      (response_code == 401 || response_code == 403);

[asargent_no_longer_on_chrome, 2014/05/08 04:27:11]

optional: if you add parentheses around the entire expression, the wrapping will
look nicer and makes the code easier to read IMHO:

 return (status.status() == net::URLRequestStatus::SUCCESS &&
         (response_code == 401 || response_code == 403));

[Ken Rockot(use gerrit already), 2014/05/08 05:23:09]

Done.

+}
+
+bool ShouldRetryRequestWithNextUser(
+    const net::URLRequestStatus& status,
+    int response_code,
+    bool included_cookies) {
+  // Retry if a 403 is received in response to a request including cookies.
+  // Note that receiving a 401 in response to a request which included cookies
+  // should indicate that the |authuser| index was out of bounds for the profile
+  // and therefore Chrome should NOT retry with another index.
+  return status.status() == net::URLRequestStatus::SUCCESS &&
+      response_code == 403 && included_cookies;

[asargent_no_longer_on_chrome, 2014/05/08 04:27:11]

same here

[Ken Rockot(use gerrit already), 2014/05/08 05:23:09]

Done.

+}
+
+// This parses and updates a URL query such that the value of the |authuser|
+// query parameter is incremented by 1. If parameter was not present in the URL,
+// it will be added with a value of 1. All other query keys and values are
+// preserved as-is. Returns |false| if the user index exceeds a hard-coded
+// maximum.
+bool IncrementAuthUserIndex(GURL* url) {
+  int user_index = 0;
+  std::string old_query = url->query();
+  std::vector<std::string> new_query_parts;
+  url::Component query(0, old_query.length());
+  url::Component key, value;
+  while (url::ExtractQueryKeyValue(
+            old_query.c_str(), &query, &key, &value)) {
+    std::string key_string = old_query.substr(key.begin, key.len);
+    std::string value_string = old_query.substr(value.begin, value.len);
+    if (key_string == kAuthUserQueryKey) {
+      base::StringToInt(value_string, &user_index);
+    } else {
+      new_query_parts.push_back(
+          base::StringPrintf("%s=%s",
+                             key_string.c_str(),
+                             value_string.c_str()));
+    }
+  }
+  if (user_index >= kMaxAuthUserValue)
+    return false;
+  new_query_parts.push_back(
+      base::StringPrintf("%s=%d", kAuthUserQueryKey, user_index + 1));
+  std::string new_query = "?" + JoinString(new_query_parts, '&');
+  *url = url->Resolve(new_query);

[asargent_no_longer_on_chrome, 2014/05/08 04:27:11]

Hmm, I assume you've actually run this and it works? I just read the comments on
the GURL::Resolve declaration and it sounded to me like this might not be the
kind of purpose it was meant for; rather it sounds like it is more intended for
coming up with new urls for relative paths based on the url of the current page
(e.g. "http://example.com/foo/bar.html has a <img src="baz.jpg"> tag where we
want to come up with "http://example.com/foo/baz.jpg" for resource loading
purposes).

Did you consider using url::ReplaceComponents with a url::Replacements value?
(defined in url/url_util.h and url/url_canon.h respectively) I think that's the
more typical way I've seen url modification done in areas of the code I've
worked in. 

(BTW, I've never been a big fan of our GURL library because it makes many simple
things so hard to do. I guess some of it is architected the way it is for
extreme performance in doing manipulations on really big urls and/or lots of
operations in latency sensitive areas; it may have even been opened sourced
based partly on google's closed source library used for a web crawler or
something, I'm not sure). 

[Ken Rockot(use gerrit already), 2014/05/08 05:23:09]

Yeah, using Resolve is OK in this case, but I actually like ReplaceComponents
(at least, I like it more than Resolve), so I've switched to that. I didn't
realize until trying to write this CL just how useless GURL is.

+  return true;
+}
+
 }  // namespace
 
 UpdateDetails::UpdateDetails(const std::string& id, const Version& version)
     : id(id), version(version) {}
 
 UpdateDetails::~UpdateDetails() {}
 
 ExtensionDownloader::ExtensionFetch::ExtensionFetch()
     : url(), is_protected(false) {}
 
@@ skipping 591 matching lines @@
         extensions_queue_.reset_active_request();
     if (extension_cache_) {
       const std::string& version = fetch_data->version;
       extension_cache_->PutExtension(id, crx_path, version,
           base::Bind(&ExtensionDownloader::NotifyDelegateDownloadFinished,
                      weak_ptr_factory_.GetWeakPtr(),
                      base::Passed(&fetch_data)));
     } else {
       NotifyDelegateDownloadFinished(fetch_data.Pass(), crx_path, true);
     }
-  } else if (status.status() == net::URLRequestStatus::SUCCESS &&
-             (response_code == 401 || response_code == 403) &&
-             !extensions_queue_.active_request()->is_protected) {
-    // On 401 or 403, requeue this fetch with cookies enabled.
+  } else if (ShouldRetryRequestWithCookies(
+                status,
+                response_code,
+                extensions_queue_.active_request()->is_protected)) {
+    // Requeue the fetch with |is_protected| set, enabling cookies.
     extensions_queue_.active_request()->is_protected = true;
     extensions_queue_.RetryRequest(backoff_delay);
+  } else if (ShouldRetryRequestWithNextUser(
+                status,
+                response_code,
+                extensions_queue_.active_request()->is_protected) &&
+             IncrementAuthUserIndex(&extensions_queue_.active_request()->url)) {
+    extensions_queue_.RetryRequest(backoff_delay);
   } else {
     const std::set<int>& request_ids =
         extensions_queue_.active_request()->request_ids;
     const ExtensionDownloaderDelegate::PingResult& ping = ping_results_[id];
-
     VLOG(1) << "Failed to fetch extension '" << url.possibly_invalid_spec()
             << "' response code:" << response_code;
     if (ShouldRetryRequest(status, response_code) &&
         extensions_queue_.active_request_failure_count() < kMaxRetries) {
       extensions_queue_.RetryRequest(backoff_delay);
     } else {
       RETRY_HISTOGRAM("CrxFetchFailure",
                       extensions_queue_.active_request_failure_count(), url);
       // status.error() is 0 (net::OK) or negative. (See net/base/net_errors.h)
       UMA_HISTOGRAM_SPARSE_SLOWLY("Extensions.CrxFetchError", -status.error());
@@ skipping 25 matching lines @@
 void ExtensionDownloader::NotifyUpdateFound(const std::string& id,
                                             const std::string& version) {
   UpdateDetails updateInfo(id, Version(version));
   content::NotificationService::current()->Notify(
       chrome::NOTIFICATION_EXTENSION_UPDATE_FOUND,
       content::NotificationService::AllBrowserContextsAndSources(),
       content::Details<UpdateDetails>(&updateInfo));
 }
 
 }  // namespace extensions