| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/managed_mode/permission_request_creator_apiary.h" |
| 6 |
| 7 #include "base/callback.h" |
| 8 #include "base/command_line.h" |
| 9 #include "base/json/json_reader.h" |
| 10 #include "base/json/json_writer.h" |
| 11 #include "base/logging.h" |
| 12 #include "base/strings/stringprintf.h" |
| 13 #include "base/values.h" |
| 14 #include "chrome/browser/profiles/profile.h" |
| 15 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
| 16 #include "chrome/browser/signin/signin_manager_factory.h" |
| 17 #include "chrome/browser/sync/managed_user_signin_manager_wrapper.h" |
| 18 #include "chrome/common/chrome_switches.h" |
| 19 #include "components/signin/core/browser/profile_oauth2_token_service.h" |
| 20 #include "components/signin/core/browser/signin_manager.h" |
| 21 #include "components/signin/core/browser/signin_manager_base.h" |
| 22 #include "google_apis/gaia/google_service_auth_error.h" |
| 23 #include "net/base/load_flags.h" |
| 24 #include "net/base/net_errors.h" |
| 25 #include "net/http/http_status_code.h" |
| 26 #include "net/url_request/url_fetcher.h" |
| 27 #include "net/url_request/url_request_status.h" |
| 28 |
| 29 using net::URLFetcher; |
| 30 |
| 31 const int kNumRetries = 1; |
| 32 const char kIdKey[] = "id"; |
| 33 const char kNamespace[] = "CHROME"; |
| 34 const char kState[] = "PENDING"; |
| 35 |
| 36 static const char kAuthorizationHeaderFormat[] = "Authorization: Bearer %s"; |
| 37 |
| 38 PermissionRequestCreatorApiary::PermissionRequestCreatorApiary( |
| 39 OAuth2TokenService* oauth2_token_service, |
| 40 scoped_ptr<ManagedUserSigninManagerWrapper> signin_wrapper, |
| 41 net::URLRequestContextGetter* context) |
| 42 : OAuth2TokenService::Consumer("permissions_creator"), |
| 43 oauth2_token_service_(oauth2_token_service), |
| 44 signin_wrapper_(signin_wrapper.Pass()), |
| 45 context_(context), |
| 46 access_token_expired_(false) {} |
| 47 |
| 48 PermissionRequestCreatorApiary::~PermissionRequestCreatorApiary() {} |
| 49 |
| 50 void PermissionRequestCreatorApiary::CreatePermissionRequest( |
| 51 const std::string& url_requested, |
| 52 const PermissionRequestCallback& callback) { |
| 53 url_requested_ = url_requested; |
| 54 callback_ = callback; |
| 55 StartFetching(); |
| 56 } |
| 57 |
| 58 void PermissionRequestCreatorApiary::StartFetching() { |
| 59 OAuth2TokenService::ScopeSet scopes; |
| 60 scopes.insert(signin_wrapper_->GetSyncScopeToUse()); |
| 61 access_token_request_ = oauth2_token_service_->StartRequest( |
| 62 signin_wrapper_->GetAccountIdToUse(), scopes, this); |
| 63 } |
| 64 |
| 65 void PermissionRequestCreatorApiary::OnGetTokenSuccess( |
| 66 const OAuth2TokenService::Request* request, |
| 67 const std::string& access_token, |
| 68 const base::Time& expiration_time) { |
| 69 DCHECK_EQ(access_token_request_.get(), request); |
| 70 access_token_ = access_token; |
| 71 GURL url(CommandLine::ForCurrentProcess()->GetSwitchValueASCII( |
| 72 switches::kPermissionRequestApiUrl)); |
| 73 const int id = 0; |
| 74 |
| 75 url_fetcher_.reset(URLFetcher::Create(id, url, URLFetcher::POST, this)); |
| 76 |
| 77 url_fetcher_->SetRequestContext(context_); |
| 78 url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | |
| 79 net::LOAD_DO_NOT_SAVE_COOKIES); |
| 80 url_fetcher_->SetAutomaticallyRetryOnNetworkChanges(kNumRetries); |
| 81 url_fetcher_->AddExtraRequestHeader( |
| 82 base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str())); |
| 83 |
| 84 base::DictionaryValue dict; |
| 85 dict.SetStringWithoutPathExpansion("namespace", kNamespace); |
| 86 dict.SetStringWithoutPathExpansion("objectRef", url_requested_); |
| 87 dict.SetStringWithoutPathExpansion("state", kState); |
| 88 std::string body; |
| 89 base::JSONWriter::Write(&dict, &body); |
| 90 url_fetcher_->SetUploadData("application/json", body); |
| 91 |
| 92 url_fetcher_->Start(); |
| 93 } |
| 94 |
| 95 void PermissionRequestCreatorApiary::OnGetTokenFailure( |
| 96 const OAuth2TokenService::Request* request, |
| 97 const GoogleServiceAuthError& error) { |
| 98 DCHECK_EQ(access_token_request_.get(), request); |
| 99 callback_.Run(error); |
| 100 callback_.Reset(); |
| 101 } |
| 102 |
| 103 void PermissionRequestCreatorApiary::OnURLFetchComplete( |
| 104 const URLFetcher* source) { |
| 105 const net::URLRequestStatus& status = source->GetStatus(); |
| 106 if (!status.is_success()) { |
| 107 DispatchNetworkError(status.error()); |
| 108 return; |
| 109 } |
| 110 |
| 111 int response_code = source->GetResponseCode(); |
| 112 if (response_code == net::HTTP_UNAUTHORIZED && !access_token_expired_) { |
| 113 access_token_expired_ = true; |
| 114 OAuth2TokenService::ScopeSet scopes; |
| 115 scopes.insert(signin_wrapper_->GetSyncScopeToUse()); |
| 116 oauth2_token_service_->InvalidateToken( |
| 117 signin_wrapper_->GetAccountIdToUse(), scopes, access_token_); |
| 118 StartFetching(); |
| 119 return; |
| 120 } |
| 121 |
| 122 if (response_code != net::HTTP_OK) { |
| 123 DLOG(WARNING) << "HTTP error " << response_code; |
| 124 DispatchGoogleServiceAuthError( |
| 125 GoogleServiceAuthError(GoogleServiceAuthError::CONNECTION_FAILED)); |
| 126 return; |
| 127 } |
| 128 |
| 129 std::string response_body; |
| 130 source->GetResponseAsString(&response_body); |
| 131 scoped_ptr<base::Value> value(base::JSONReader::Read(response_body)); |
| 132 base::DictionaryValue* dict = NULL; |
| 133 if (!value || !value->GetAsDictionary(&dict)) { |
| 134 DispatchNetworkError(net::ERR_INVALID_RESPONSE); |
| 135 return; |
| 136 } |
| 137 std::string id; |
| 138 if (!dict->GetString(kIdKey, &id)) { |
| 139 DispatchNetworkError(net::ERR_INVALID_RESPONSE); |
| 140 return; |
| 141 } |
| 142 callback_.Run(GoogleServiceAuthError(GoogleServiceAuthError::NONE)); |
| 143 callback_.Reset(); |
| 144 } |
| 145 |
| 146 void PermissionRequestCreatorApiary::DispatchNetworkError(int error_code) { |
| 147 DispatchGoogleServiceAuthError( |
| 148 GoogleServiceAuthError::FromConnectionError(error_code)); |
| 149 } |
| 150 |
| 151 void PermissionRequestCreatorApiary::DispatchGoogleServiceAuthError( |
| 152 const GoogleServiceAuthError& error) { |
| 153 callback_.Run(error); |
| 154 callback_.Reset(); |
| 155 } |
| 156 |
| 157 // static |
| 158 scoped_ptr<PermissionRequestCreator> PermissionRequestCreatorApiary::Create( |
| 159 OAuth2TokenService* oauth2_token_service, |
| 160 scoped_ptr<ManagedUserSigninManagerWrapper> signin_wrapper, |
| 161 net::URLRequestContextGetter* context) { |
| 162 scoped_ptr<PermissionRequestCreator> creator( |
| 163 new PermissionRequestCreatorApiary(oauth2_token_service, |
| 164 signin_wrapper.Pass(), |
| 165 context)); |
| 166 return creator.Pass(); |
| 167 } |
| 168 |
| 169 // static |
| 170 scoped_ptr<PermissionRequestCreator> |
| 171 PermissionRequestCreatorApiary::CreateWithProfile(Profile* profile) { |
| 172 ProfileOAuth2TokenService* token_service = |
| 173 ProfileOAuth2TokenServiceFactory::GetForProfile(profile); |
| 174 SigninManagerBase* signin = SigninManagerFactory::GetForProfile(profile); |
| 175 scoped_ptr<ManagedUserSigninManagerWrapper> signin_wrapper( |
| 176 new ManagedUserSigninManagerWrapper(profile, signin)); |
| 177 scoped_ptr<PermissionRequestCreator> creator( |
| 178 new PermissionRequestCreatorApiary(token_service, |
| 179 signin_wrapper.Pass(), |
| 180 profile->GetRequestContext())); |
| 181 return creator.Pass(); |
| 182 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 288913003:
Add permission request creator class. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src