Network traffic annotation added to common/cloud.

components/policy/core/common/cloud/user_info_fetcher.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/policy/core/common/cloud/user_info_fetcher.h"
 
 #include "base/json/json_reader.h"
 #include "base/logging.h"
 #include "base/strings/stringprintf.h"
 #include "base/values.h"
 #include "components/data_use_measurement/core/data_use_user_data.h"
 #include "google_apis/gaia/gaia_urls.h"
 #include "google_apis/gaia/google_service_auth_error.h"
 #include "net/base/load_flags.h"
 #include "net/http/http_status_code.h"
+#include "net/traffic_annotation/network_traffic_annotation.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_request_status.h"
 #include "url/gurl.h"
 
 namespace {
 
 static const char kAuthorizationHeaderFormat[] =
     "Authorization: Bearer %s";
 
 static std::string MakeAuthorizationHeader(const std::string& auth_token) {
   return base::StringPrintf(kAuthorizationHeaderFormat, auth_token.c_str());
 }
 
 }  // namespace
 
 namespace policy {
 
 UserInfoFetcher::UserInfoFetcher(Delegate* delegate,
                                  net::URLRequestContextGetter* context)
     : delegate_(delegate),
       context_(context) {
   DCHECK(delegate);
 }
 
 UserInfoFetcher::~UserInfoFetcher() {
 }
 
 void UserInfoFetcher::Start(const std::string& access_token) {
+  net::NetworkTrafficAnnotationTag traffic_annotation =
+      net::DefineNetworkTrafficAnnotation("user_info_fetcher", R"(
+        semantics {
+          sender: "Cloud Policy"
+          description:
+            "Calls to the Google Account service to check if the signed-in "
+            "user is managed."
+          trigger: "User signing in to Chrome."
+          data:
+            "Information about the user (specifically whether they are "
+            "managed, along with basic profile information from their Google "

[Andrew T Wilson (Slow), 2017/04/27 12:15:31]

Sorry, this is incorrect. The information we send up is auth information (i.e.
oauth token). The information returned is basic profile information and whether
the user is managed. When I wrote the original text i didn't realize that |data|
just was *sent* data.

[Ramin Halavati, 2017/04/27 12:25:36]

Thank you, Done.

+            "Account)."
+          destination: GOOGLE_OWNED_SERVICE
+        }
+        policy {
+          cookies_allowed: false
+          setting:
+            "This feature cannot be controlled by Chrome settings, but users "
+            "can sign out of Chrome to disable it."
+          chrome_policy {
+            SigninAllowed {
+              policy_options {mode: MANDATORY}
+              SigninAllowed: false
+            }
+          }
+        })");
   // Create a URLFetcher and start it.
   url_fetcher_ =
       net::URLFetcher::Create(0, GaiaUrls::GetInstance()->oauth_user_info_url(),
-                              net::URLFetcher::GET, this);
+                              net::URLFetcher::GET, this, traffic_annotation);
   data_use_measurement::DataUseUserData::AttachToFetcher(
       url_fetcher_.get(), data_use_measurement::DataUseUserData::POLICY);
   url_fetcher_->SetRequestContext(context_);
   url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
                              net::LOAD_DO_NOT_SAVE_COOKIES);
   url_fetcher_->AddExtraRequestHeader(MakeAuthorizationHeader(access_token));
   url_fetcher_->Start();  // Results in a call to OnURLFetchComplete().
 }
 
 void UserInfoFetcher::OnURLFetchComplete(const net::URLFetcher* source) {
@@ skipping 26 matching lines @@
   if (parsed_value.get() && parsed_value->GetAsDictionary(&dict)) {
     delegate_->OnGetUserInfoSuccess(dict);
   } else {
     NOTREACHED() << "Could not parse userinfo response from server";
     delegate_->OnGetUserInfoFailure(GoogleServiceAuthError(
         GoogleServiceAuthError::CONNECTION_FAILED));
   }
 }
 
 };  // namespace policy