Add permission request creator class.

chrome/browser/managed_mode/permission_request_creator_apiary.cc

Index: chrome/browser/managed_mode/permission_request_creator_apiary.cc
diff --git a/chrome/browser/managed_mode/permission_request_creator_apiary.cc b/chrome/browser/managed_mode/permission_request_creator_apiary.cc
new file mode 100644
index 0000000000000000000000000000000000000000..15a23168ab1329d2c07afc61a6754bb6db034d07
--- /dev/null
+++ b/chrome/browser/managed_mode/permission_request_creator_apiary.cc
@@ -0,0 +1,170 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/managed_mode/permission_request_creator_apiary.h"
+
+#include "base/callback.h"
+#include "base/command_line.h"
+#include "base/json/json_reader.h"
+#include "base/json/json_writer.h"
+#include "base/logging.h"
+#include "base/strings/stringprintf.h"
+#include "base/values.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
+#include "chrome/browser/signin/signin_manager_factory.h"
+#include "chrome/browser/sync/managed_user_signin_manager_wrapper.h"
+#include "chrome/common/chrome_switches.h"
+#include "components/signin/core/browser/profile_oauth2_token_service.h"
+#include "components/signin/core/browser/signin_manager.h"
+#include "components/signin/core/browser/signin_manager_base.h"
+#include "google_apis/gaia/google_service_auth_error.h"
+#include "net/base/load_flags.h"
+#include "net/base/net_errors.h"
+#include "net/http/http_status_code.h"
+#include "net/url_request/url_fetcher.h"
+#include "net/url_request/url_request_status.h"
+
+using net::URLFetcher;
+
+const int kNumRetries = 1;
+const char kIdKey[] = "id";
+const char kNamespace[] = "CHROME";
+const char kState[] = "PENDING";
+
+static const char kAuthorizationHeaderFormat[] = "Authorization: Bearer %s";
+
+PermissionRequestCreatorApiary::PermissionRequestCreatorApiary(
+    OAuth2TokenService* oauth2_token_service,
+    scoped_ptr<ManagedUserSigninManagerWrapper> signin_wrapper,
+    net::URLRequestContextGetter* context)
+    : OAuth2TokenService::Consumer("permissions_creator"),
+      oauth2_token_service_(oauth2_token_service),
+      signin_wrapper_(signin_wrapper.Pass()),
+      context_(context),
+      access_token_expired_(false) {}
+
+PermissionRequestCreatorApiary::~PermissionRequestCreatorApiary() {}
+
+// static
+scoped_ptr<PermissionRequestCreator>
+PermissionRequestCreatorApiary::CreateWithProfile(Profile* profile) {
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile);
+  SigninManagerBase* signin = SigninManagerFactory::GetForProfile(profile);
+  scoped_ptr<ManagedUserSigninManagerWrapper> signin_wrapper(
+      new ManagedUserSigninManagerWrapper(profile, signin));
+  scoped_ptr<PermissionRequestCreator> creator(
+      new PermissionRequestCreatorApiary(token_service,
+                                       signin_wrapper.Pass(),

[Bernhard Bauer, 2014/05/20 09:04:04]

Nit: align

[Adrian Kuegel, 2014/05/20 09:15:44]

Thanks for catching. Just to be sure, I just ran git cl format, and kept almost
all of the changes it suggested (I didn't keep the suggested change to put the
closing brace of an empty method in a new line).

[Bernhard Bauer, 2014/05/20 09:21:41]

I am actively not going to have an opinion on this. :-)

+                                       profile->GetRequestContext()));
+  return creator.Pass();
+}
+
+void PermissionRequestCreatorApiary::CreatePermissionRequest(
+    const std::string& url_requested,
+    const base::Closure& callback) {
+  url_requested_ = url_requested;
+  callback_ = callback;
+  StartFetching();
+}
+
+void PermissionRequestCreatorApiary::StartFetching() {
+  OAuth2TokenService::ScopeSet scopes;
+  scopes.insert(signin_wrapper_->GetSyncScopeToUse());
+  access_token_request_ = oauth2_token_service_->StartRequest(
+      signin_wrapper_->GetAccountIdToUse(), scopes, this);
+}
+
+void PermissionRequestCreatorApiary::OnGetTokenSuccess(
+    const OAuth2TokenService::Request* request,
+    const std::string& access_token,
+    const base::Time& expiration_time) {
+  DCHECK_EQ(access_token_request_.get(), request);
+  access_token_ = access_token;
+  GURL url(CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
+      switches::kPermissionRequestApiUrl));
+  const int id = 0;
+
+  url_fetcher_.reset(URLFetcher::Create(id, url, URLFetcher::POST, this));
+
+  url_fetcher_->SetRequestContext(context_);
+  url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
+                             net::LOAD_DO_NOT_SAVE_COOKIES);
+  url_fetcher_->SetAutomaticallyRetryOnNetworkChanges(kNumRetries);
+  url_fetcher_->AddExtraRequestHeader(
+      base::StringPrintf(kAuthorizationHeaderFormat, access_token.c_str()));
+
+  base::DictionaryValue dict;
+  dict.SetStringWithoutPathExpansion("namespace", kNamespace);
+  dict.SetStringWithoutPathExpansion("objectRef", url_requested_);
+  dict.SetStringWithoutPathExpansion("state", kState);
+  std::string body;
+  base::JSONWriter::Write(&dict, &body);
+  url_fetcher_->SetUploadData("application/json", body);
+
+  url_fetcher_->Start();
+}
+
+void PermissionRequestCreatorApiary::OnGetTokenFailure(
+    const OAuth2TokenService::Request* request,
+    const GoogleServiceAuthError& error) {
+  DCHECK_EQ(access_token_request_.get(), request);
+  callback_.Run();
+  callback_.Reset();
+}
+
+void PermissionRequestCreatorApiary::OnURLFetchComplete(
+    const URLFetcher* source) {
+  const net::URLRequestStatus& status = source->GetStatus();
+  if (!status.is_success()) {
+    DispatchNetworkError(status.error());
+    return;
+  }
+
+  int response_code = source->GetResponseCode();
+  if (response_code == net::HTTP_UNAUTHORIZED && !access_token_expired_) {
+    access_token_expired_ = true;
+    OAuth2TokenService::ScopeSet scopes;
+    scopes.insert(signin_wrapper_->GetSyncScopeToUse());
+    oauth2_token_service_->InvalidateToken(
+        signin_wrapper_->GetAccountIdToUse(), scopes, access_token_);
+    StartFetching();
+    return;
+  }
+
+  if (response_code != net::HTTP_OK) {
+    DLOG(WARNING) << "HTTP error " << response_code;
+    DispatchGoogleServiceAuthError(
+        GoogleServiceAuthError(GoogleServiceAuthError::CONNECTION_FAILED));
+    return;
+  }
+
+  std::string response_body;
+  source->GetResponseAsString(&response_body);
+  scoped_ptr<base::Value> value(base::JSONReader::Read(response_body));
+  base::DictionaryValue* dict = NULL;
+  if (!value || !value->GetAsDictionary(&dict)) {
+    DispatchNetworkError(net::ERR_INVALID_RESPONSE);
+    return;
+  }
+  std::string id;
+  if (!dict->GetString(kIdKey, &id)) {
+    DispatchNetworkError(net::ERR_INVALID_RESPONSE);
+    return;
+  }
+  callback_.Run();
+  callback_.Reset();
+}
+
+void PermissionRequestCreatorApiary::DispatchNetworkError(int error_code) {
+  DispatchGoogleServiceAuthError(
+      GoogleServiceAuthError::FromConnectionError(error_code));
+}
+
+void PermissionRequestCreatorApiary::DispatchGoogleServiceAuthError(
+    const GoogleServiceAuthError& error) {
+  callback_.Run();
+  callback_.Reset();
+}