google_apis/gaia/gaia_auth_fetcher.cc - Issue 2872253002: Network traffic annotation added to gaia_auth_fetcher.

Side by Side Diff: google_apis/gaia/gaia_auth_fetcher.cc

Issue 2872253002: Network traffic annotation added to gaia_auth_fetcher. (Closed)

Patch Set: iOS files added. Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "google_apis/gaia/gaia_auth_fetcher.h"	5 #include "google_apis/gaia/gaia_auth_fetcher.h"

6	6

7 #include <string>	7 #include <string>

8 #include <utility>	8 #include <utility>

9 #include <vector>	9 #include <vector>

10	10

(...skipping 201 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
212	212

213 void GaiaAuthFetcher::SetLogoutHeaders(const std::string& headers) {	213 void GaiaAuthFetcher::SetLogoutHeaders(const std::string& headers) {

214 logout_headers_ = headers;	214 logout_headers_ = headers;

215 }	215 }

216	216

217 void GaiaAuthFetcher::CancelRequest() {	217 void GaiaAuthFetcher::CancelRequest() {

218 fetcher_.reset();	218 fetcher_.reset();

219 fetch_pending_ = false;	219 fetch_pending_ = false;

220 }	220 }

221	221

222 void GaiaAuthFetcher::CreateAndStartGaiaFetcher(const std::string& body,	222 void GaiaAuthFetcher::CreateAndStartGaiaFetcher(

223 const std::string& headers,	223 const std::string& body,

224 const GURL& gaia_gurl,	224 const std::string& headers,

225 int load_flags) {	225 const GURL& gaia_gurl,

	226 int load_flags,

	227 const net::NetworkTrafficAnnotationTag& traffic_annotation) {

226 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	228 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

227 fetcher_ = net::URLFetcher::Create(	229 fetcher_ = net::URLFetcher::Create(

228 0, gaia_gurl, body.empty() ? net::URLFetcher::GET : net::URLFetcher::POST,	230 0, gaia_gurl, body.empty() ? net::URLFetcher::GET : net::URLFetcher::POST,

229 this);	231 this, traffic_annotation);

230 fetcher_->SetRequestContext(getter_);	232 fetcher_->SetRequestContext(getter_);

231 fetcher_->SetUploadData("application/x-www-form-urlencoded", body);	233 fetcher_->SetUploadData("application/x-www-form-urlencoded", body);

232 gaia::MarkURLFetcherAsGaia(fetcher_.get());	234 gaia::MarkURLFetcherAsGaia(fetcher_.get());

233	235

234 VLOG(2) << "Gaia fetcher URL: " << gaia_gurl.spec();	236 VLOG(2) << "Gaia fetcher URL: " << gaia_gurl.spec();

235 VLOG(2) << "Gaia fetcher headers: " << headers;	237 VLOG(2) << "Gaia fetcher headers: " << headers;

236 VLOG(2) << "Gaia fetcher body: " << body;	238 VLOG(2) << "Gaia fetcher body: " << body;

237	239

238 // The Gaia token exchange requests do not require any cookie-based	240 // The Gaia token exchange requests do not require any cookie-based

239 // identification as part of requests. We suppress sending any cookies to	241 // identification as part of requests. We suppress sending any cookies to

(...skipping 264 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
504	506

505 if (sessionDictionary->GetString("login_hint", login_hint))	507 if (sessionDictionary->GetString("login_hint", login_hint))

506 break;	508 break;

507 }	509 }

508	510

509 if (login_hint->empty())	511 if (login_hint->empty())

510 return false;	512 return false;

511 return true;	513 return true;

512 }	514 }

513	515

514 void GaiaAuthFetcher::StartIssueAuthToken(const std::string& sid,	516 void GaiaAuthFetcher::StartIssueAuthToken(const std::string& sid,
	msarda 2017/05/15 12:23:49 I think this method is no longer used. I think it I think this method is no longer used. I think it is fine for us to remove it instead of annotating it. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > I think this method is no longer used. I think it is fine for us to remove it > instead of annotating it. Done.
515 const std::string& lsid,	517 const std::string& lsid,

516 const char* const service) {	518 const char* const service) {

517 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	519 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

518	520

519 VLOG(1) << "Starting IssueAuthToken for: " << service;	521 VLOG(1) << "Starting IssueAuthToken for: " << service;

520 requested_service_ = service;	522 requested_service_ = service;

521 request_body_ = MakeIssueAuthTokenBody(sid, lsid, service);	523 request_body_ = MakeIssueAuthTokenBody(sid, lsid, service);

	524 net::NetworkTrafficAnnotationTag traffic_annotation =

	525 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	526 semantics {

	527 sender: "Gaia Auth API"
	msarda 2017/05/15 12:23:49 Here and everywhere else: Chrome - Google authenti Here and everywhere else: Chrome - Google authentication API. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > Here and everywhere else: Chrome - Google authentication API. Done.
	528 description: "..."

	529 trigger: "..."

	530 data: "..."

	531 destination: GOOGLE_OWNED_SERVICE

	532 }

	533 policy {

	534 cookies_allowed: false/true

	535 cookies_store: "..."

	536 setting:

	537 "This feature cannot be disabled in settings, but if user signs "

	538 "out of Chrome, this request would not be made."

	539 chrome_policy {

	540 SigninAllowed {

	541 policy_options {mode: MANDATORY}

	542 SigninAllowed: false

	543 }

	544 }

	545 })");

522 CreateAndStartGaiaFetcher(request_body_, std::string(),	546 CreateAndStartGaiaFetcher(request_body_, std::string(),

523 issue_auth_token_gurl_, kLoadFlagsIgnoreCookies);	547 issue_auth_token_gurl_, kLoadFlagsIgnoreCookies,

	548 traffic_annotation);

524 }	549 }

525	550

526 void GaiaAuthFetcher::StartRevokeOAuth2Token(const std::string& auth_token) {	551 void GaiaAuthFetcher::StartRevokeOAuth2Token(const std::string& auth_token) {

527 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	552 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

528	553

529 VLOG(1) << "Starting OAuth2 token revocation";	554 VLOG(1) << "Starting OAuth2 token revocation";

530 request_body_ = MakeRevokeTokenBody(auth_token);	555 request_body_ = MakeRevokeTokenBody(auth_token);

	556 net::NetworkTrafficAnnotationTag traffic_annotation =

	557 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	558 semantics {

	559 sender: "Gaia Auth API"

	560 description: "..."
	msarda 2017/05/15 12:23:50 This request revokes an OAuth2 refresh token. This request revokes an OAuth2 refresh token. Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This request revokes an OAuth2 refresh token. Done.
	561 trigger: "..."
	msarda 2017/05/15 12:23:48 Here and everywhere else: Same as the comment belo Here and everywhere else: Same as the comment below at StartGetCheckConnectionInfo Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > Here and everywhere else: Same as the comment below at > StartGetCheckConnectionInfo Done.
	562 data: "..."
	msarda 2017/05/15 12:23:48 The OAuth2 refresh token that should be revoked. The OAuth2 refresh token that should be revoked. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > The OAuth2 refresh token that should be revoked. Done.
	563 destination: GOOGLE_OWNED_SERVICE

	564 }

	565 policy {

	566 cookies_allowed: false/true
	msarda 2017/05/15 12:23:50 false false Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > false Done.
	567 cookies_store: "..."
	msarda 2017/05/15 12:23:48 Remove. Remove. Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > Remove. Done.
	568 setting:

	569 "This feature cannot be disabled in settings, but if user signs "

	570 "out of Chrome, this request would not be made."

	571 chrome_policy {

	572 SigninAllowed {

	573 policy_options {mode: MANDATORY}

	574 SigninAllowed: false

	575 }

	576 }

	577 })");

531 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_revoke_gurl_,	578 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_revoke_gurl_,

532 kLoadFlagsIgnoreCookies);	579 kLoadFlagsIgnoreCookies, traffic_annotation);

533 }	580 }

534	581

535 void GaiaAuthFetcher::StartCookieForOAuthLoginTokenExchange(	582 void GaiaAuthFetcher::StartCookieForOAuthLoginTokenExchange(

536 const std::string& session_index) {	583 const std::string& session_index) {

537 StartCookieForOAuthLoginTokenExchangeWithDeviceId(session_index,	584 StartCookieForOAuthLoginTokenExchangeWithDeviceId(session_index,

538 std::string());	585 std::string());

539 }	586 }

540	587

541 void GaiaAuthFetcher::StartCookieForOAuthLoginTokenExchangeWithDeviceId(	588 void GaiaAuthFetcher::StartCookieForOAuthLoginTokenExchangeWithDeviceId(

542 const std::string& session_index,	589 const std::string& session_index,

(...skipping 25 matching lines...) Expand all Loading...
568 if (!session_index.empty())	615 if (!session_index.empty())

569 query_string += "&authuser=" + session_index;	616 query_string += "&authuser=" + session_index;

570	617

571 std::string device_id_header;	618 std::string device_id_header;

572 if (!device_id.empty()) {	619 if (!device_id.empty()) {

573 device_id_header =	620 device_id_header =

574 base::StringPrintf(kDeviceIdHeaderFormat, device_id.c_str());	621 base::StringPrintf(kDeviceIdHeaderFormat, device_id.c_str());

575 }	622 }

576	623

577 fetch_token_from_auth_code_ = fetch_token_from_auth_code;	624 fetch_token_from_auth_code_ = fetch_token_from_auth_code;

	625 net::NetworkTrafficAnnotationTag traffic_annotation =

	626 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(
	msarda 2017/05/15 12:23:49 What is "gaia_auth_" used for? What is "gaia_auth_" used for? Ramin Halavati 2017/05/15 13:27:48 It's the unique_id of this request, it can be used Show quoted text On 2017/05/15 12:23:49, msarda wrote: > What is "gaia_auth_" used for? It's the unique_id of this request, it can be used to collect stats on different requests, debug network errors, etc.
	627 semantics {

	628 sender: "Gaia Auth API"

	629 description: "..."
	msarda 2017/05/15 12:23:50 This request exchanges exchange the cookies of a G This request exchanges exchange the cookies of a Google signed-in user session for an OAuth2 refresh token. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This request exchanges exchange the cookies of a Google signed-in user session > for an OAuth2 refresh token. Done.
	630 trigger: "..."

	631 data: "..."
	msarda 2017/05/15 12:23:50 This request includes the following data: the Goog This request includes the following data: the Google console client ID of the Chrome application, the ID of the device, the index of the session in the Google authentication cookies. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This request includes the following data: the Google console client ID of the > Chrome application, the ID of the device, the index of the session in the Google > authentication cookies. Done.
	632 destination: GOOGLE_OWNED_SERVICE

	633 }

	634 policy {

	635 cookies_allowed: false/true
	msarda 2017/05/15 12:23:49 true true Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > true Done.
	636 cookies_store: "..."

	637 setting:

	638 "This feature cannot be disabled in settings, but if user signs "

	639 "out of Chrome, this request would not be made."

	640 chrome_policy {

	641 SigninAllowed {

	642 policy_options {mode: MANDATORY}

	643 SigninAllowed: false

	644 }

	645 }

	646 })");

578 CreateAndStartGaiaFetcher(std::string(), device_id_header,	647 CreateAndStartGaiaFetcher(std::string(), device_id_header,

579 client_login_to_oauth2_gurl_.Resolve(query_string),	648 client_login_to_oauth2_gurl_.Resolve(query_string),

580 net::LOAD_NORMAL);	649 net::LOAD_NORMAL, traffic_annotation);

581 }	650 }

582	651

583 void GaiaAuthFetcher::StartAuthCodeForOAuth2TokenExchange(	652 void GaiaAuthFetcher::StartAuthCodeForOAuth2TokenExchange(

584 const std::string& auth_code) {	653 const std::string& auth_code) {

585 StartAuthCodeForOAuth2TokenExchangeWithDeviceId(auth_code, std::string());	654 StartAuthCodeForOAuth2TokenExchangeWithDeviceId(auth_code, std::string());

586 }	655 }

587	656

588 void GaiaAuthFetcher::StartAuthCodeForOAuth2TokenExchangeWithDeviceId(	657 void GaiaAuthFetcher::StartAuthCodeForOAuth2TokenExchangeWithDeviceId(

589 const std::string& auth_code,	658 const std::string& auth_code,

590 const std::string& device_id) {	659 const std::string& device_id) {

591 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	660 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

592	661

593 VLOG(1) << "Starting OAuth token pair fetch";	662 VLOG(1) << "Starting OAuth token pair fetch";

594 request_body_ = MakeGetTokenPairBody(auth_code, device_id);	663 request_body_ = MakeGetTokenPairBody(auth_code, device_id);

	664 net::NetworkTrafficAnnotationTag traffic_annotation =

	665 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	666 semantics {

	667 sender: "Gaia Auth API"

	668 description: "..."
	msarda 2017/05/15 12:23:49 This request exchanges an authorization code for a This request exchanges an authorization code for an Oauth 2.0 refresh token. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > This request exchanges an authorization code for an Oauth 2.0 refresh token. Done.
	669 trigger: "..."

	670 data: "..."
	msarda 2017/05/15 12:23:50 This request includes the following data: * the Go This request includes the following data: * the Google console client ID and client secret of the Chrome application * the OAuth 2.0 authorization code * the ID of the device Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This request includes the following data: > * the Google console client ID and client secret of the Chrome application > * the OAuth 2.0 authorization code > * the ID of the device Done.
	671 destination: GOOGLE_OWNED_SERVICE

	672 }

	673 policy {

	674 cookies_allowed: false/true
	msarda 2017/05/15 12:23:49 false false Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > false Done.
	675 cookies_store: "..."

	676 setting:

	677 "This feature cannot be disabled in settings, but if user signs "

	678 "out of Chrome, this request would not be made."

	679 chrome_policy {

	680 SigninAllowed {

	681 policy_options {mode: MANDATORY}

	682 SigninAllowed: false

	683 }

	684 }

	685 })");

595 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_token_gurl_,	686 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_token_gurl_,

596 kLoadFlagsIgnoreCookies);	687 kLoadFlagsIgnoreCookies, traffic_annotation);

597 }	688 }

598	689

599 void GaiaAuthFetcher::StartGetUserInfo(const std::string& lsid) {	690 void GaiaAuthFetcher::StartGetUserInfo(const std::string& lsid) {

600 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	691 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

601	692

602 VLOG(1) << "Starting GetUserInfo for lsid=" << lsid;	693 VLOG(1) << "Starting GetUserInfo for lsid=" << lsid;

603 request_body_ = MakeGetUserInfoBody(lsid);	694 request_body_ = MakeGetUserInfoBody(lsid);

	695 net::NetworkTrafficAnnotationTag traffic_annotation =

	696 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	697 semantics {

	698 sender: "Gaia Auth API"

	699 description: "..."
	msarda 2017/05/15 12:23:50 This request fetches user information of a Google This request fetches user information of a Google account. Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This request fetches user information of a Google account. Done.
	700 trigger: "..."
	msarda 2017/05/15 12:23:50 This fetcher is only used after signing in with a This fetcher is only used after signing in with a child account. Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This fetcher is only used after signing in with a child account. Done.
	701 data: "..."
	msarda 2017/05/15 12:23:48 The value of the Google authentication LSID cookie The value of the Google authentication LSID cookie. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > The value of the Google authentication LSID cookie. Done.
	702 destination: GOOGLE_OWNED_SERVICE

	703 }

	704 policy {

	705 cookies_allowed: false/true
	msarda 2017/05/15 12:23:49 false false Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > false Done.
	706 cookies_store: "..."
	msarda 2017/05/15 12:23:50 ? ? Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > ? Done.
	707 setting:

	708 "This feature cannot be disabled in settings, but if user signs "

	709 "out of Chrome, this request would not be made."

	710 chrome_policy {

	711 SigninAllowed {

	712 policy_options {mode: MANDATORY}

	713 SigninAllowed: false

	714 }

	715 }

	716 })");

604 CreateAndStartGaiaFetcher(request_body_, std::string(), get_user_info_gurl_,	717 CreateAndStartGaiaFetcher(request_body_, std::string(), get_user_info_gurl_,

605 kLoadFlagsIgnoreCookies);	718 kLoadFlagsIgnoreCookies, traffic_annotation);

606 }	719 }

607	720

608 void GaiaAuthFetcher::StartMergeSession(const std::string& uber_token,	721 void GaiaAuthFetcher::StartMergeSession(const std::string& uber_token,

609 const std::string& external_cc_result) {	722 const std::string& external_cc_result) {

610 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	723 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

611	724

612 VLOG(1) << "Starting MergeSession with uber_token=" << uber_token;	725 VLOG(1) << "Starting MergeSession with uber_token=" << uber_token;

613	726

614 // The continue URL is a required parameter of the MergeSession API, but in	727 // The continue URL is a required parameter of the MergeSession API, but in

615 // this case we don't actually need or want to navigate to it. Setting it to	728 // this case we don't actually need or want to navigate to it. Setting it to

616 // an arbitrary Google URL.	729 // an arbitrary Google URL.

617 //	730 //

618 // In order for the new session to be merged correctly, the server needs to	731 // In order for the new session to be merged correctly, the server needs to

619 // know what sessions already exist in the browser. The fetcher needs to be	732 // know what sessions already exist in the browser. The fetcher needs to be

620 // created such that it sends the cookies with the request, which is	733 // created such that it sends the cookies with the request, which is

621 // different from all other requests the fetcher can make.	734 // different from all other requests the fetcher can make.

622 std::string continue_url("http://www.google.com");	735 std::string continue_url("http://www.google.com");

623 std::string query = MakeMergeSessionQuery(uber_token, external_cc_result,	736 std::string query = MakeMergeSessionQuery(uber_token, external_cc_result,

624 continue_url, source_);	737 continue_url, source_);

	738 net::NetworkTrafficAnnotationTag traffic_annotation =

	739 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	740 semantics {

	741 sender: "Gaia Auth API"

	742 description: "..."
	msarda 2017/05/15 12:23:49 This request adds an account to the Google authent This request adds an account to the Google authentication cookies. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > This request adds an account to the Google authentication cookies. Done.
	743 trigger: "..."

	744 data: "..."
	msarda 2017/05/15 12:23:50 This request includes the following data: * the us This request includes the following data: * the user-auth token * a string containing the result of connection checks for various Google web properties (optional) Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This request includes the following data: > * the user-auth token > * a string containing the result of connection checks for various Google web > properties (optional) Done.
	745 destination: GOOGLE_OWNED_SERVICE

	746 }

	747 policy {

	748 cookies_allowed: false/true
	msarda 2017/05/15 12:23:48 true true Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > true Done.
	749 cookies_store: "..."
	msarda 2017/05/15 12:23:48 ? ? Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > ? Done.
	750 setting:

	751 "This feature cannot be disabled in settings, but if user signs "

	752 "out of Chrome, this request would not be made."

	753 chrome_policy {

	754 SigninAllowed {

	755 policy_options {mode: MANDATORY}

	756 SigninAllowed: false

	757 }

	758 }

	759 })");

625 CreateAndStartGaiaFetcher(std::string(), std::string(),	760 CreateAndStartGaiaFetcher(std::string(), std::string(),

626 merge_session_gurl_.Resolve(query),	761 merge_session_gurl_.Resolve(query),

627 net::LOAD_NORMAL);	762 net::LOAD_NORMAL, traffic_annotation);

628 }	763 }

629	764

630 void GaiaAuthFetcher::StartTokenFetchForUberAuthExchange(	765 void GaiaAuthFetcher::StartTokenFetchForUberAuthExchange(

631 const std::string& access_token,	766 const std::string& access_token,

632 bool is_bound_to_channel_id) {	767 bool is_bound_to_channel_id) {

633 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	768 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

634	769

635 VLOG(1) << "Starting StartTokenFetchForUberAuthExchange with access_token="	770 VLOG(1) << "Starting StartTokenFetchForUberAuthExchange with access_token="

636 << access_token;	771 << access_token;

637 std::string authentication_header =	772 std::string authentication_header =

638 base::StringPrintf(kOAuthHeaderFormat, access_token.c_str());	773 base::StringPrintf(kOAuthHeaderFormat, access_token.c_str());

639 int load_flags =	774 int load_flags =

640 is_bound_to_channel_id ? net::LOAD_NORMAL : kLoadFlagsIgnoreCookies;	775 is_bound_to_channel_id ? net::LOAD_NORMAL : kLoadFlagsIgnoreCookies;

	776 net::NetworkTrafficAnnotationTag traffic_annotation =

	777 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	778 semantics {

	779 sender: "Gaia Auth API"
	msarda 2017/05/15 12:23:48 Here and everywhere else: Chrome - Google authenti Here and everywhere else: Chrome - Google authentication API. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > Here and everywhere else: Chrome - Google authentication API. Done.
	780 description: "..."
	msarda 2017/05/15 12:23:49 This request exchanges an Oauth2 access token for This request exchanges an Oauth2 access token for an uber-auth token that. This token may be used to add an account to the Google authentication cookies. Ramin Halavati 2017/05/15 13:27:48 Please elaborate more for a non-technical reader. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > This request exchanges an Oauth2 access token for an uber-auth token that. This > token may be used to add an account to the Google authentication cookies. Please elaborate more for a non-technical reader.
	781 trigger: "..."
	msarda 2017/05/15 12:23:49 Same as the comment below at StartGetCheckConnecti Same as the comment below at StartGetCheckConnectionInfo Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > Same as the comment below at StartGetCheckConnectionInfo Done.
	782 data: "..."
	msarda 2017/05/15 12:23:49 This request contains an OAuth2 access token. This request contains an OAuth2 access token. Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > This request contains an OAuth2 access token. Done.
	783 destination: GOOGLE_OWNED_SERVICE

	784 }

	785 policy {

	786 cookies_allowed: false/true
	msarda 2017/05/15 12:23:49 true or false true or false Ramin Halavati 2017/05/15 13:27:49 Done, let's write 'True' is it's the privacy conce Show quoted text On 2017/05/15 12:23:49, msarda wrote: > true or false Done, let's write 'True' is it's the privacy concerning case.
	787 cookies_store: "..."
	msarda 2017/05/15 12:23:49 What should this be? What should this be? Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > What should this be? Done.
	788 setting:

	789 "This feature cannot be disabled in settings, but if user signs "

	790 "out of Chrome, this request would not be made."

	791 chrome_policy {

	792 SigninAllowed {

	793 policy_options {mode: MANDATORY}

	794 SigninAllowed: false

	795 }

	796 }

	797 })");

641 CreateAndStartGaiaFetcher(std::string(), authentication_header,	798 CreateAndStartGaiaFetcher(std::string(), authentication_header,

642 uberauth_token_gurl_, load_flags);	799 uberauth_token_gurl_, load_flags,

	800 traffic_annotation);

643 }	801 }

644	802

645 void GaiaAuthFetcher::StartOAuthLogin(const std::string& access_token,	803 void GaiaAuthFetcher::StartOAuthLogin(const std::string& access_token,

646 const std::string& service) {	804 const std::string& service) {

647 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	805 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

648	806

649 request_body_ = MakeOAuthLoginBody(service, source_);	807 request_body_ = MakeOAuthLoginBody(service, source_);

650 std::string authentication_header =	808 std::string authentication_header =

651 base::StringPrintf(kOAuth2BearerHeaderFormat, access_token.c_str());	809 base::StringPrintf(kOAuth2BearerHeaderFormat, access_token.c_str());

	810 net::NetworkTrafficAnnotationTag traffic_annotation =

	811 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	812 semantics {

	813 sender: "Gaia Auth API"
	msarda 2017/05/15 12:23:48 Chrome - Google authentication API. Chrome - Google authentication API. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > Chrome - Google authentication API. Done.
	814 description: "..."
	msarda 2017/05/15 12:23:50 This request exchanges an OAuthLogin-scoped oauth2 This request exchanges an OAuthLogin-scoped oauth2 access token for a ClientLogin-style service tokens. The response to this request is the same as the response to a ClientLogin request, except that captcha challenges are never issued. Ramin Halavati 2017/05/15 13:27:50 Please elaborate for a less technical reader. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > This request exchanges an OAuthLogin-scoped oauth2 access token for a > ClientLogin-style service tokens. The response to this request is the same as > the response to a ClientLogin request, except that captcha challenges are never > issued. Please elaborate for a less technical reader.
	815 trigger: "..."
	msarda 2017/05/15 12:23:50 Same as the comment below at StartGetCheckConnecti Same as the comment below at StartGetCheckConnectionInfo Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > Same as the comment below at StartGetCheckConnectionInfo Done.
	816 data: "..."
	msarda 2017/05/15 12:23:48 This request contains an OAuth2 access token and t This request contains an OAuth2 access token and the service for which a ClientLogin-style should be delivered. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > This request contains an OAuth2 access token and the service for which a > ClientLogin-style should be delivered. Done.
	817 destination: GOOGLE_OWNED_SERVICE

	818 }

	819 policy {

	820 cookies_allowed: false/true

	821 cookies_store: "..."
	msarda 2017/05/15 12:23:50 Here and everywhere else: What should this be? Here and everywhere else: What should this be? Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > Here and everywhere else: What should this be? Done.
	822 setting:

	823 "This feature cannot be disabled in settings, but if user signs "

	824 "out of Chrome, this request would not be made."

	825 chrome_policy {

	826 SigninAllowed {

	827 policy_options {mode: MANDATORY}

	828 SigninAllowed: false

	829 }

	830 }

	831 })");

652 CreateAndStartGaiaFetcher(request_body_, authentication_header,	832 CreateAndStartGaiaFetcher(request_body_, authentication_header,

653 oauth_login_gurl_, net::LOAD_NORMAL);	833 oauth_login_gurl_, net::LOAD_NORMAL,

	834 traffic_annotation);

654 }	835 }

655	836

656 void GaiaAuthFetcher::StartListAccounts() {	837 void GaiaAuthFetcher::StartListAccounts() {

657 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	838 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

658	839

	840 net::NetworkTrafficAnnotationTag traffic_annotation =

	841 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	842 semantics {

	843 sender: "Gaia Auth API"
	msarda 2017/05/15 12:23:48 Chrome - Google authentication API. Chrome - Google authentication API. Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > Chrome - Google authentication API. Done.
	844 description: "..."
	msarda 2017/05/15 12:23:48 This request is used to list the accounts in the G This request is used to list the accounts in the Google authentication cookies. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > This request is used to list the accounts in the Google authentication cookies. Done.
	845 trigger: "..."
	msarda 2017/05/15 12:23:49 Same as the comment below at StartGetCheckConnecti Same as the comment below at StartGetCheckConnectionInfo Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > Same as the comment below at StartGetCheckConnectionInfo Done.
	846 data: "..."
	msarda 2017/05/15 12:23:50 None. None. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > None. Done.
	847 destination: GOOGLE_OWNED_SERVICE

	848 }

	849 policy {

	850 cookies_allowed: false/true
	msarda 2017/05/15 12:23:49 true true Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > true Done.
	851 cookies_store: "..."
	msarda 2017/05/15 12:23:50 What should this be? What should this be? Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > What should this be? Done.
	852 setting:

	853 "This feature cannot be disabled in settings, but if user signs "

	854 "out of Chrome, this request would not be made."

	855 chrome_policy {

	856 SigninAllowed {

	857 policy_options {mode: MANDATORY}

	858 SigninAllowed: false

	859 }

	860 }

	861 })");

659 CreateAndStartGaiaFetcher(" ", // To force an HTTP POST.	862 CreateAndStartGaiaFetcher(" ", // To force an HTTP POST.

660 "Origin: https://www.google.com",	863 "Origin: https://www.google.com",

661 list_accounts_gurl_, net::LOAD_NORMAL);	864 list_accounts_gurl_, net::LOAD_NORMAL,

	865 traffic_annotation);

662 }	866 }

663	867

664 void GaiaAuthFetcher::StartLogOut() {	868 void GaiaAuthFetcher::StartLogOut() {

665 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	869 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

666	870

	871 net::NetworkTrafficAnnotationTag traffic_annotation =

	872 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	873 semantics {

	874 sender: "Gaia Auth API"
	msarda 2017/05/15 12:23:50 Chrome - Google authentication API. Chrome - Google authentication API. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > Chrome - Google authentication API. Done.
	875 description: "..."
	msarda 2017/05/15 12:23:49 This request is part of the Chrome - Google authen This request is part of the Chrome - Google authentication API and allows its callers to sign out all Google accounts from the content area. Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > This request is part of the Chrome - Google authentication API and allows its > callers to sign out all Google accounts from the content area. Done.
	876 trigger: "..."
	msarda 2017/05/15 12:23:48 Same as the comment below at StartGetCheckConnecti Same as the comment below at StartGetCheckConnectionInfo Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > Same as the comment below at StartGetCheckConnectionInfo Done.
	877 data: "..."
	msarda 2017/05/15 12:23:50 None. None. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > None. Done.
	878 destination: GOOGLE_OWNED_SERVICE

	879 }

	880 policy {

	881 cookies_allowed: false/true
	msarda 2017/05/15 12:23:49 true true Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > true Done.
	882 cookies_store: "..."
	msarda 2017/05/15 12:23:50 What should this be? What should this be? Ramin Halavati 2017/05/15 13:27:50 If you don't modify it, the default is 'user'. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > What should this be? If you don't modify it, the default is 'user'.
	883 setting:

	884 "This feature cannot be disabled in settings, but if user signs "

	885 "out of Chrome, this request would not be made."

	886 chrome_policy {

	887 SigninAllowed {

	888 policy_options {mode: MANDATORY}

	889 SigninAllowed: false

	890 }

	891 }

	892 })");

667 CreateAndStartGaiaFetcher(std::string(), logout_headers_, logout_gurl_,	893 CreateAndStartGaiaFetcher(std::string(), logout_headers_, logout_gurl_,

668 net::LOAD_NORMAL);	894 net::LOAD_NORMAL, traffic_annotation);

669 }	895 }

670	896

671 void GaiaAuthFetcher::StartGetCheckConnectionInfo() {	897 void GaiaAuthFetcher::StartGetCheckConnectionInfo() {

672 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	898 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

673	899

	900 net::NetworkTrafficAnnotationTag traffic_annotation =

	901 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	902 semantics {

	903 sender: "Gaia Auth API"
	msarda 2017/05/15 12:23:48 Chrome - Google authentication API. Chrome - Google authentication API. Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:48, msarda wrote: > Chrome - Google authentication API. Done.
	904 description: "..."
	msarda 2017/05/15 12:23:49 This request is used to fetch from the Google auth This request is used to fetch from the Google authentication server the the list of URLs to check its connection info. Ramin Halavati 2017/05/15 13:27:49 Could you please elaborate on the description? Show quoted text On 2017/05/15 12:23:49, msarda wrote: > This request is used to fetch from the Google authentication server the the list > of URLs to check its connection info. Could you please elaborate on the description?
	905 trigger: "..."
	msarda 2017/05/15 12:23:48 It is not clear to me what to say here: 1. This is It is not clear to me what to say here: 1. This is part of an API, so it may be called by any user, so we may leave this as "Undefined - this is part of an API, so any caller may decide to call this method." 2. Today, this method is called from https://cs.chromium.org/chromium/src/components/signin/core/browser/gaia_cook... So it is not clear to me if we want this to be specific about this call. Ramin Halavati 2017/05/15 13:27:48 I didn't get the description clearly, let's contin Show quoted text On 2017/05/15 12:23:48, msarda wrote: > It is not clear to me what to say here: > 1. This is part of an API, so it may be called by any user, so we may leave this > as "Undefined - this is part of an API, so any caller may decide to call this > method." > 2. Today, this method is called from > https://cs.chromium.org/chromium/src/components/signin/core/browser/gaia_cook... > > So it is not clear to me if we want this to be specific about this call. I didn't get the description clearly, let's continue with trigger when that's done.
	906 data: "..."
	msarda 2017/05/15 12:23:50 None None Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > None Done.
	907 destination: GOOGLE_OWNED_SERVICE

	908 }

	909 policy {

	910 cookies_allowed: false/true
	msarda 2017/05/15 12:23:49 false false Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > false Done.
	911 cookies_store: "..."
	msarda 2017/05/15 12:23:50 Remove line Remove line Ramin Halavati 2017/05/15 13:27:50 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > Remove line Done.
	912 setting:

	913 "This feature cannot be disabled in settings, but if user signs "

	914 "out of Chrome, this request would not be made."

	915 chrome_policy {

	916 SigninAllowed {

	917 policy_options {mode: MANDATORY}

	918 SigninAllowed: false

	919 }

	920 }

	921 })");

674 CreateAndStartGaiaFetcher(std::string(), std::string(),	922 CreateAndStartGaiaFetcher(std::string(), std::string(),

675 get_check_connection_info_url_,	923 get_check_connection_info_url_,

676 kLoadFlagsIgnoreCookies);	924 kLoadFlagsIgnoreCookies, traffic_annotation);

677 }	925 }

678	926

679 void GaiaAuthFetcher::StartListIDPSessions(const std::string& scopes,	927 void GaiaAuthFetcher::StartListIDPSessions(const std::string& scopes,
	msarda 2017/05/15 12:23:49 It looks like this method is never used - I would It looks like this method is never used - I would say we should probably remove it instead of annotating it: https://cs.chromium.org/chromium/src/google_apis/gaia/gaia_auth_fetcher.h?typ... Ramin Halavati 2017/05/15 13:27:48 Done. Show quoted text On 2017/05/15 12:23:49, msarda wrote: > It looks like this method is never used - I would say we should probably remove > it instead of annotating it: > https://cs.chromium.org/chromium/src/google_apis/gaia/gaia_auth_fetcher.h?typ... Done.
680 const std::string& domain) {	928 const std::string& domain) {

681 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	929 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

682	930

683 request_body_ = MakeListIDPSessionsBody(scopes, domain);	931 request_body_ = MakeListIDPSessionsBody(scopes, domain);

684 requested_service_ = kListIdpServiceRequested;	932 requested_service_ = kListIdpServiceRequested;

	933 net::NetworkTrafficAnnotationTag traffic_annotation =

	934 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	935 semantics {

	936 sender: "Gaia Auth API"

	937 description: "..."

	938 trigger: "..."

	939 data: "..."

	940 destination: GOOGLE_OWNED_SERVICE

	941 }

	942 policy {

	943 cookies_allowed: false/true

	944 cookies_store: "..."

	945 setting:

	946 "This feature cannot be disabled in settings, but if user signs "

	947 "out of Chrome, this request would not be made."

	948 chrome_policy {

	949 SigninAllowed {

	950 policy_options {mode: MANDATORY}

	951 SigninAllowed: false

	952 }

	953 }

	954 })");

685 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_iframe_url_,	955 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_iframe_url_,

686 net::LOAD_NORMAL);	956 net::LOAD_NORMAL, traffic_annotation);

687 }	957 }

688	958

689 void GaiaAuthFetcher::StartGetTokenResponse(const std::string& scopes,	959 void GaiaAuthFetcher::StartGetTokenResponse(const std::string& scopes,
	msarda 2017/05/15 12:23:50 It looks like this method is never used - I would It looks like this method is never used - I would say we should probably remove it instead of annotating it: https://cs.chromium.org/chromium/src/google_apis/gaia/gaia_auth_fetcher.h?typ... Ramin Halavati 2017/05/15 13:27:49 Done. Show quoted text On 2017/05/15 12:23:50, msarda wrote: > It looks like this method is never used - I would say we should probably remove > it instead of annotating it: > https://cs.chromium.org/chromium/src/google_apis/gaia/gaia_auth_fetcher.h?typ... Done.
690 const std::string& domain,	960 const std::string& domain,

691 const std::string& login_hint) {	961 const std::string& login_hint) {

692 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";	962 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";

693	963

694 request_body_ = MakeGetTokenResponseBody(scopes, domain, login_hint);	964 request_body_ = MakeGetTokenResponseBody(scopes, domain, login_hint);

695 requested_service_ = kGetTokenResponseRequested;	965 requested_service_ = kGetTokenResponseRequested;

	966 net::NetworkTrafficAnnotationTag traffic_annotation =

	967 net::DefineNetworkTrafficAnnotation("gaia_auth_", R"(

	968 semantics {

	969 sender: "Gaia Auth API"

	970 description: "..."

	971 trigger: "..."

	972 data: "..."

	973 destination: GOOGLE_OWNED_SERVICE

	974 }

	975 policy {

	976 cookies_allowed: false/true

	977 cookies_store: "..."

	978 setting:

	979 "This feature cannot be disabled in settings, but if user signs "

	980 "out of Chrome, this request would not be made."

	981 chrome_policy {

	982 SigninAllowed {

	983 policy_options {mode: MANDATORY}

	984 SigninAllowed: false

	985 }

	986 }

	987 })");

696 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_iframe_url_,	988 CreateAndStartGaiaFetcher(request_body_, std::string(), oauth2_iframe_url_,

697 net::LOAD_NORMAL);	989 net::LOAD_NORMAL, traffic_annotation);

698 }	990 }

699	991

700 // static	992 // static

701 GoogleServiceAuthError GaiaAuthFetcher::GenerateAuthError(	993 GoogleServiceAuthError GaiaAuthFetcher::GenerateAuthError(

702 const std::string& data,	994 const std::string& data,

703 const net::URLRequestStatus& status) {	995 const net::URLRequestStatus& status) {

704 if (!status.is_success()) {	996 if (!status.is_success()) {

705 if (status.status() == net::URLRequestStatus::CANCELED) {	997 if (status.status() == net::URLRequestStatus::CANCELED) {

706 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED);	998 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED);

707 }	999 }

(...skipping 310 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1018 return alleged_error.find(kSecondFactor) !=	1310 return alleged_error.find(kSecondFactor) !=

1019 std::string::npos;	1311 std::string::npos;

1020 }	1312 }

1021	1313

1022 // static	1314 // static

1023 bool GaiaAuthFetcher::IsWebLoginRequiredSuccess(	1315 bool GaiaAuthFetcher::IsWebLoginRequiredSuccess(

1024 const std::string& alleged_error) {	1316 const std::string& alleged_error) {

1025 return alleged_error.find(kWebLoginRequired) !=	1317 return alleged_error.find(kWebLoginRequired) !=

1026 std::string::npos;	1318 std::string::npos;

1027 }	1319 }

OLD	NEW

« no previous file with comments | « google_apis/gaia/gaia_auth_fetcher.h ('k') | ios/chrome/browser/signin/gaia_auth_fetcher_ios.h » ('j') | no next file with comments »