Chromium Code Reviews Chromium Code Reviews
Issue 2796293003:
Network traffic annotation added to google_apis/gaia. (Closed)
| Index: google_apis/gaia/gaia_oauth_client.cc |
| diff --git a/google_apis/gaia/gaia_oauth_client.cc b/google_apis/gaia/gaia_oauth_client.cc |
| index 8947febbc4dc270bed73f7d7ed2bf00e2be9bfd1..a5f6b6111780391f000cbaca0f16ff69d77018e4 100644 |
| --- a/google_apis/gaia/gaia_oauth_client.cc |
| +++ b/google_apis/gaia/gaia_oauth_client.cc |
| @@ -16,6 +16,7 @@ |
| #include "net/base/escape.h" |
| #include "net/base/load_flags.h" |
| #include "net/http/http_status_code.h" |
| +#include "net/traffic_annotation/network_traffic_annotation.h" |
| #include "net/url_request/url_fetcher.h" |
| #include "net/url_request/url_fetcher_delegate.h" |
| #include "net/url_request/url_request_context_getter.h" |
| @@ -89,10 +90,12 @@ class GaiaOAuthClient::Core |
| const std::string& oauth_access_token, |
| int max_retries, |
| Delegate* delegate); |
| - void MakeGaiaRequest(const GURL& url, |
| - const std::string& post_body, |
| - int max_retries, |
| - GaiaOAuthClient::Delegate* delegate); |
| + void MakeGaiaRequest( |
| + const GURL& url, |
| + const std::string& post_body, |
| + int max_retries, |
| + GaiaOAuthClient::Delegate* delegate, |
| + const net::NetworkTrafficAnnotationTag& traffic_annotation); |
| void HandleResponse(const net::URLFetcher* source, |
| bool* should_retry_request); |
| @@ -119,8 +122,38 @@ void GaiaOAuthClient::Core::GetTokensFromAuthCode( |
| "&redirect_uri=" + |
| net::EscapeUrlEncodedData(oauth_client_info.redirect_uri, true) + |
| "&grant_type=authorization_code"; |
| - MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_url()), |
| - post_body, max_retries, delegate); |
| + net::NetworkTrafficAnnotationTag traffic_annotation = |
| + net::DefineNetworkTrafficAnnotation("gaia_oauth_client_get_tokens", R"( |
| + semantics { |
| + sender: "OAuth 2.0 calls" |
| + description: |
| + "This request exchanges an authorization code for an OAuth 2.0 " |
| + "refresh token and an OAuth 2.0 access token." |
| + trigger: |
| + "This request is triggered when a Chrome service requires an " |
| + "access token and a refresh token (e.g. Cloud Print, Chrome Remote " |
| + "Desktop etc.) See https://developers.google.com/identity/protocols" |
| + "/OAuth2 for more information about the Google implementation of " |
| + "the OAuth 2.0 protocol." |
| + data: |
| + "The Google console client ID and client secret of the caller, the " |
| + "OAuth authorization code and the redirect URI." |
| + destination: GOOGLE_OWNED_SERVICE |
| + } |
| + policy { |
| + cookies_allowed: false |
| + setting: |
| + "This feature cannot be disabled in settings, but if user signs " |
|
msramek
2017/05/26 13:44:20
nit: the user (as in the other CL)
Ramin Halavati
2017/05/29 05:36:53
Done.
|
| + "out of Chrome, this request would not be made." |
| + chrome_policy { |
| + SigninAllowed { |
| + policy_options {mode: MANDATORY} |
| + SigninAllowed: false |
| + } |
| + } |
| + })"); |
| + MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_url()), post_body, |
| + max_retries, delegate, traffic_annotation); |
| } |
| void GaiaOAuthClient::Core::RefreshToken( |
| @@ -144,8 +177,36 @@ void GaiaOAuthClient::Core::RefreshToken( |
| post_body += "&scope=" + net::EscapeUrlEncodedData(scopes_string, true); |
| } |
| - MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_url()), |
| - post_body, max_retries, delegate); |
| + net::NetworkTrafficAnnotationTag traffic_annotation = |
| + net::DefineNetworkTrafficAnnotation("gaia_oauth_client_refresh_token", R"( |
| + semantics { |
| + sender: "OAuth 2.0 calls" |
| + description: |
| + "This request fetches a fresh access token that can be used to " |
| + "authenticate an API call to a Google web endpoint." |
| + trigger: |
| + "This is called whenever the caller needs a fresh OAuth 2.0 access " |
| + "token." |
| + data: |
| + "The OAuth 2.0 refresh token, the Google console client ID and " |
| + "client secret of the caller, and optionally the scopes of the API " |
| + "for which the access token should be authorized." |
| + destination: GOOGLE_OWNED_SERVICE |
| + } |
| + policy { |
| + cookies_allowed: false |
| + setting: |
| + "This feature cannot be disabled in settings, but if user signs " |
| + "out of Chrome, this request would not be made." |
| + chrome_policy { |
| + SigninAllowed { |
| + policy_options {mode: MANDATORY} |
| + SigninAllowed: false |
| + } |
| + } |
| + })"); |
| + MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_url()), post_body, |
| + max_retries, delegate, traffic_annotation); |
| } |
| void GaiaOAuthClient::Core::GetUserEmail(const std::string& oauth_access_token, |
| @@ -176,9 +237,33 @@ void GaiaOAuthClient::Core::GetUserInfoImpl( |
| request_type_ = type; |
| delegate_ = delegate; |
| num_retries_ = 0; |
| + net::NetworkTrafficAnnotationTag traffic_annotation = |
| + net::DefineNetworkTrafficAnnotation("gaia_core_get_user_info", R"( |
| + semantics { |
| + sender: "OAuth 2.0 calls" |
| + description: "This request is used to fetch user information." |
|
msramek
2017/05/26 13:44:20
What kind of information?
Some basic information
msarda
2017/05/31 07:44:25
Let's rephrase this to something like:
"This reque
Ramin Halavati
2017/05/31 07:50:53
By "e.g." you mean other items may also be fetched
msarda
2017/05/31 08:32:14
The data we get is a dictionary. I do not know the
Ramin Halavati
2017/05/31 09:09:43
Thank you. I think as here we mostly care about wh
|
| + trigger: |
| + "The main trigger for this request in the AccountTrackerService " |
|
msramek
2017/05/26 13:44:20
typo: is in
Ramin Halavati
2017/05/29 05:36:53
Done.
|
| + "that fetches the user info soon after the user signs in." |
| + data: |
| + "The OAuth 2.0 access token of the account." |
| + destination: GOOGLE_OWNED_SERVICE |
| + } |
| + policy { |
| + cookies_allowed: false |
| + setting: |
| + "This feature cannot be disabled in settings, but if user signs " |
| + "out of Chrome, this request would not be made." |
| + chrome_policy { |
| + SigninAllowed { |
| + policy_options {mode: MANDATORY} |
| + SigninAllowed: false |
| + } |
| + } |
| + })"); |
| request_ = net::URLFetcher::Create( |
| kUrlFetcherId, GURL(GaiaUrls::GetInstance()->oauth_user_info_url()), |
| - net::URLFetcher::GET, this); |
| + net::URLFetcher::GET, this, traffic_annotation); |
| request_->SetRequestContext(request_context_getter_.get()); |
| request_->AddExtraRequestHeader("Authorization: OAuth " + oauth_access_token); |
| request_->SetMaxRetriesOn5xx(max_retries); |
| @@ -203,22 +288,53 @@ void GaiaOAuthClient::Core::GetTokenInfo(const std::string& qualifier, |
| request_type_ = TOKEN_INFO; |
| std::string post_body = |
| qualifier + "=" + net::EscapeUrlEncodedData(query, true); |
| + net::NetworkTrafficAnnotationTag traffic_annotation = |
| + net::DefineNetworkTrafficAnnotation("...", R"( |
| + semantics { |
| + sender: "OAuth 2.0 calls" |
| + description: |
| + "This request fetches information about an OAuth 2.0 access token. " |
| + "The response is a dictionary of response values. The provided " |
| + "access token may have any scope, and basic results will be " |
| + "returned: issued_to, audience, scope, expires_in, access_type. In " |
| + "addition, if the https://www.googleapis.com/auth/userinfo.email " |
| + "scope is present, the email and verified_email fields will be " |
| + "returned. If the https://www.googleapis.com/auth/userinfo.profile " |
| + "scope is present, the user_id field will be returned." |
| + trigger: |
| + "This is triggered after a Google account is added to the browser. " |
| + "It it also triggered after each successful fetch of an OAuth 2.0 " |
| + "access token." |
| + data: "The OAuth 2.0 access token." |
| + destination: GOOGLE_OWNED_SERVICE |
| + } |
| + policy { |
| + cookies_allowed: false |
| + setting: |
| + "This feature cannot be disabled in settings, but if user signs " |
| + "out of Chrome, this request would not be made." |
| + chrome_policy { |
| + SigninAllowed { |
| + policy_options {mode: MANDATORY} |
| + SigninAllowed: false |
| + } |
| + } |
| + })"); |
| MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_info_url()), |
| - post_body, |
| - max_retries, |
| - delegate); |
| + post_body, max_retries, delegate, traffic_annotation); |
| } |
| void GaiaOAuthClient::Core::MakeGaiaRequest( |
| const GURL& url, |
| const std::string& post_body, |
| int max_retries, |
| - GaiaOAuthClient::Delegate* delegate) { |
| + GaiaOAuthClient::Delegate* delegate, |
| + const net::NetworkTrafficAnnotationTag& traffic_annotation) { |
| DCHECK(!request_.get()) << "Tried to fetch two things at once!"; |
| delegate_ = delegate; |
| num_retries_ = 0; |
| - request_ = |
| - net::URLFetcher::Create(kUrlFetcherId, url, net::URLFetcher::POST, this); |
| + request_ = net::URLFetcher::Create(kUrlFetcherId, url, net::URLFetcher::POST, |
| + this, traffic_annotation); |
| request_->SetRequestContext(request_context_getter_.get()); |
| request_->SetUploadData("application/x-www-form-urlencoded", post_body); |
| request_->SetMaxRetriesOn5xx(max_retries); |
