Chromium Code Reviews Chromium Code Reviews
Issue 288913003:
Add permission request creator class. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/managed_mode/permission_request_creator.cc |
| diff --git a/chrome/browser/managed_mode/permission_request_creator.cc b/chrome/browser/managed_mode/permission_request_creator.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..282b2589a27d9a4d8f6b17cf5ec76eeb4d00c215 |
| --- /dev/null |
| +++ b/chrome/browser/managed_mode/permission_request_creator.cc |
| @@ -0,0 +1,217 @@ |
| +// Copyright 2014 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/managed_mode/permission_request_creator.h" |
| + |
| +#include "base/callback.h" |
| +#include "base/command_line.h" |
| +#include "base/json/json_reader.h" |
| +#include "base/json/json_writer.h" |
| +#include "base/logging.h" |
| +#include "base/strings/stringprintf.h" |
| +#include "base/values.h" |
| +#include "chrome/common/chrome_switches.h" |
| +#include "google_apis/gaia/gaia_constants.h" |
| +#include "google_apis/gaia/google_service_auth_error.h" |
| +#include "google_apis/gaia/oauth2_api_call_flow.h" |
| +#include "google_apis/gaia/oauth2_token_service.h" |
| +#include "net/base/escape.h" |
| +#include "net/base/load_flags.h" |
| +#include "net/base/net_errors.h" |
| +#include "net/http/http_status_code.h" |
| +#include "net/url_request/url_fetcher.h" |
| +#include "net/url_request/url_request_status.h" |
| + |
| +using base::Time; |
| +using net::URLFetcher; |
| +using net::URLFetcherDelegate; |
| +using net::URLRequestContextGetter; |
| + |
| +namespace { |
| + |
| +const int kNumRetries = 1; |
| +const char kIdKey[] = "id"; |
| +const char kNamespace[] = "CHROME"; |
| +const char kState[] = "PENDING"; |
| + |
| +static const char kAuthorizationHeaderFormat[] = |
| + "Authorization: Bearer %s"; |
| + |
| +class PermissionRequestCreatorImpl |
| + : public PermissionRequestCreator, |
| + public OAuth2TokenService::Consumer, |
| + public URLFetcherDelegate { |
| + public: |
| + PermissionRequestCreatorImpl(OAuth2TokenService* oauth2_token_service, |
| + const std::string& account_id, |
|
Bernhard Bauer
2014/05/15 13:56:40
Nit: alignment
Adrian Kuegel
2014/05/15 14:35:32
Done.
|
| + URLRequestContextGetter* context); |
| + virtual ~PermissionRequestCreatorImpl(); |
| + |
| + // PermissionRequestCreator implementation: |
| + virtual void CreatePermissionRequest( |
| + const std::string& url_requested, |
| + const PermissionRequestCallback& callback) OVERRIDE; |
| + |
| + protected: |
| + // OAuth2TokenService::Consumer implementation: |
| + virtual void OnGetTokenSuccess(const OAuth2TokenService::Request* request, |
| + const std::string& access_token, |
| + const Time& expiration_time) OVERRIDE; |
| + virtual void OnGetTokenFailure(const OAuth2TokenService::Request* request, |
| + const GoogleServiceAuthError& error) OVERRIDE; |
| + |
| + // net::URLFetcherDelegate implementation. |
| + virtual void OnURLFetchComplete(const URLFetcher* source) OVERRIDE; |
| + |
| + private: |
| + // Requests an access token, which is the first thing we need. This is where |
| + // we restart when the returned access token has expired. |
| + void StartFetching(); |
| + |
| + void DispatchNetworkError(int error_code); |
| + void DispatchGoogleServiceAuthError(const GoogleServiceAuthError& error, |
| + const std::string& token); |
| + OAuth2TokenService* oauth2_token_service_; |
| + std::string account_id_; |
| + PermissionRequestCallback callback_; |
| + URLRequestContextGetter* context_; |
| + std::string url_requested_; |
| + scoped_ptr<OAuth2TokenService::Request> access_token_request_; |
| + std::string access_token_; |
| + bool access_token_expired_; |
| + scoped_ptr<URLFetcher> url_fetcher_; |
| +}; |
| + |
| +PermissionRequestCreatorImpl::PermissionRequestCreatorImpl( |
| + OAuth2TokenService* oauth2_token_service, |
| + const std::string& account_id, |
| + URLRequestContextGetter* context) |
| + : OAuth2TokenService::Consumer("managed_user"), |
| + oauth2_token_service_(oauth2_token_service), |
| + account_id_(account_id), |
| + context_(context), |
| + access_token_expired_(false) {} |
| + |
| +PermissionRequestCreatorImpl::~PermissionRequestCreatorImpl() {} |
| + |
| +void PermissionRequestCreatorImpl::CreatePermissionRequest( |
| + const std::string& url_requested, |
| + const PermissionRequestCallback& callback) { |
| + url_requested_ = url_requested; |
| + callback_ = callback; |
| + StartFetching(); |
| +} |
| + |
| +void PermissionRequestCreatorImpl::StartFetching() { |
| + OAuth2TokenService::ScopeSet scopes; |
| + scopes.insert(GaiaConstants::kChromeSyncManagedOAuth2Scope); |
| + access_token_request_ = oauth2_token_service_->StartRequest( |
| + account_id_, scopes, this); |
| +} |
| + |
| +void PermissionRequestCreatorImpl::OnGetTokenSuccess( |
| + const OAuth2TokenService::Request* request, |
| + const std::string& access_token, |
| + const Time& expiration_time) { |
| + DCHECK_EQ(access_token_request_.get(), request); |
| + access_token_ = access_token; |
| + GURL url(CommandLine::ForCurrentProcess()->GetSwitchValueASCII( |
| + switches::kPermissionRequestAPI)); |
| + const int id = 0; |
| + |
| + url_fetcher_.reset(URLFetcher::Create(id, url, URLFetcher::POST, this)); |
| + |
| + url_fetcher_->SetRequestContext(context_); |
| + url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | |
| + net::LOAD_DO_NOT_SAVE_COOKIES); |
| + url_fetcher_->SetAutomaticallyRetryOnNetworkChanges(kNumRetries); |
| + url_fetcher_->AddExtraRequestHeader( |
| + base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str())); |
| + |
| + base::DictionaryValue dict; |
| + dict.SetStringWithoutPathExpansion("namespace", kNamespace); |
| + dict.SetStringWithoutPathExpansion("objectRef", url_requested_); |
| + dict.SetStringWithoutPathExpansion("state", kState); |
| + std::string body; |
| + base::JSONWriter::Write(&dict, &body); |
| + url_fetcher_->SetUploadData("application/json", body); |
| + |
| + url_fetcher_->Start(); |
| +} |
| + |
| +void PermissionRequestCreatorImpl::OnGetTokenFailure( |
| + const OAuth2TokenService::Request* request, |
| + const GoogleServiceAuthError& error) { |
| + DCHECK_EQ(access_token_request_.get(), request); |
| + callback_.Run(error); |
| + callback_.Reset(); |
| +} |
| + |
| +void PermissionRequestCreatorImpl::OnURLFetchComplete( |
| + const URLFetcher* source) { |
| + const net::URLRequestStatus& status = source->GetStatus(); |
| + if (!status.is_success()) { |
| + DispatchNetworkError(status.error()); |
| + return; |
| + } |
| + |
| + int response_code = source->GetResponseCode(); |
| + if (response_code == net::HTTP_UNAUTHORIZED && !access_token_expired_) { |
| + access_token_expired_ = true; |
| + OAuth2TokenService::ScopeSet scopes; |
| + scopes.insert(GaiaConstants::kChromeSyncManagedOAuth2Scope); |
| + oauth2_token_service_->InvalidateToken(account_id_, scopes, access_token_); |
| + StartFetching(); |
| + return; |
| + } |
| + |
| + if (response_code != net::HTTP_OK) { |
| + DLOG(WARNING) << "HTTP error " << response_code; |
| + DispatchGoogleServiceAuthError( |
| + GoogleServiceAuthError(GoogleServiceAuthError::CONNECTION_FAILED), |
| + std::string()); |
| + return; |
| + } |
| + |
| + std::string response_body; |
| + source->GetResponseAsString(&response_body); |
| + scoped_ptr<base::Value> value(base::JSONReader::Read(response_body)); |
| + base::DictionaryValue* dict = NULL; |
| + if (!value.get() || !value->GetAsDictionary(&dict)) { |
|
Bernhard Bauer
2014/05/15 13:56:40
scoped_ptr has an implicit conversion to boolean,
Adrian Kuegel
2014/05/15 14:35:32
Done.
|
| + DispatchNetworkError(net::ERR_INVALID_RESPONSE); |
| + return; |
| + } |
| + std::string id; |
| + if (!dict->GetString(kIdKey, &id)) { |
| + DispatchNetworkError(net::ERR_INVALID_RESPONSE); |
| + return; |
| + } |
| +} |
| + |
| +void PermissionRequestCreatorImpl::DispatchNetworkError(int error_code) { |
| + DispatchGoogleServiceAuthError( |
| + GoogleServiceAuthError::FromConnectionError(error_code), std::string()); |
| +} |
| + |
| +void PermissionRequestCreatorImpl::DispatchGoogleServiceAuthError( |
| + const GoogleServiceAuthError& error, |
| + const std::string& token) { |
| + callback_.Run(error); |
| + callback_.Reset(); |
| +} |
| + |
| +} // namespace |
| + |
| +// static |
| +scoped_ptr<PermissionRequestCreator> |
| +PermissionRequestCreator::Create(OAuth2TokenService* oauth2_token_service, |
| + const std::string& account_id, |
|
Bernhard Bauer
2014/05/15 13:56:40
Nit: alignment
Adrian Kuegel
2014/05/15 14:35:32
Done.
|
| + URLRequestContextGetter* context) { |
| + scoped_ptr<PermissionRequestCreator> creator( |
| + new PermissionRequestCreatorImpl(oauth2_token_service, account_id, |
| + context)); |
| + return creator.Pass(); |
| +} |
| + |
| +PermissionRequestCreator::~PermissionRequestCreator() {} |
