[Dice] Parse the Dice response header

components/signin/core/browser/signin_header_helper.h

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef COMPONENTS_SIGNIN_CORE_BROWSER_SIGNIN_HEADER_HELPER_H_
 #define COMPONENTS_SIGNIN_CORE_BROWSER_SIGNIN_HEADER_HELPER_H_
 
 #include <map>
 #include <string>
 
 #include "build/build_config.h"
+#include "url/gurl.h"
 
 namespace content_settings {
 class CookieSettings;
 }
 
 namespace net {
 class URLRequest;
 }
 
-class GURL;
-
 namespace signin {
 
 // Profile mode flags.
 enum ProfileMode {
   PROFILE_MODE_DEFAULT = 0,
   // Incognito mode disabled by enterprise policy or by parental controls.
   PROFILE_MODE_INCOGNITO_DISABLED = 1 << 0,
   // Adding account disabled in the Android-for-EDU mode.
   PROFILE_MODE_ADD_ACCOUNT_DISABLED = 1 << 1
 };
 
 extern const char kChromeConnectedHeader[];
 extern const char kDiceRequestHeader[];
 
 // The ServiceType specified by Gaia in the response header accompanying the 204
 // response. This indicates the action Chrome is supposed to lead the user to
 // perform.
 enum GAIAServiceType {
   GAIA_SERVICE_TYPE_NONE = 0,    // No Gaia response header.
   GAIA_SERVICE_TYPE_SIGNOUT,     // Logout all existing sessions.
   GAIA_SERVICE_TYPE_INCOGNITO,   // Open an incognito tab.
   GAIA_SERVICE_TYPE_ADDSESSION,  // Add a secondary account.
   GAIA_SERVICE_TYPE_REAUTH,      // Re-authenticate an account.
   GAIA_SERVICE_TYPE_SIGNUP,      // Create a new account.
   GAIA_SERVICE_TYPE_DEFAULT,     // All other cases.
 };
 
+enum class DiceAction {
+  NONE,
+  SIGNIN,                 // Sign in an account.
+  SIGNOUT,                // Sign out of all sessions.
+  SINGLE_SESSION_SIGNOUT  // Sign out of a single session.

[msarda, 2017/06/12 11:52:21]

I think I would not implement the single sign-out session yet (this does not
exist on the web). Let's only implement this once Gaia actually supports it.

Or do you want to fully support the API in the document?

[droger, 2017/06/12 12:39:14]

Currently, all I'm doing is parsing the header. None of the actions are
implemented.
I'm ok to wait for Gaia support before implementing the single session signout.

Were you thinking that we should not even try to parse it?

[msarda, 2017/06/12 14:03:42]

That's why I thought. But I do not have a strong preference.

+};
+
 // Struct describing the paramters received in the manage account header.
 struct ManageAccountsParams {
   // The requested service type such as "ADDSESSION".
   GAIAServiceType service_type;
   // The prefilled email.
   std::string email;
   // Whether |email| is a saml account.
   bool is_saml;
   // The continue URL after the requested service is completed successfully.
   // Defaults to the current URL if empty.
   std::string continue_url;
   // Whether the continue URL should be loaded in the same tab.
   bool is_same_tab;
 
 // iOS has no notion of route and child IDs.
 #if !defined(OS_IOS)
   // The child ID associated with the web content of the request.
   int child_id;
   // The route ID associated with the web content of the request.
   int route_id;
 #endif  // !defined(OS_IOS)
 
   ManageAccountsParams();
   ManageAccountsParams(const ManageAccountsParams& other);
 };
 
+// Struct describing the paramters received in the Dice response header.

[msarda, 2017/06/12 11:52:21]

s/paramters/parameters

[droger, 2017/06/12 12:39:14]

Done.

+struct DiceResponseParams {
+  DiceResponseParams();
+  ~DiceResponseParams();
+  DiceResponseParams(const DiceResponseParams& other);
+
+  DiceAction user_intention;
+
+  // ID of the account signed in or signed out. When |user_intention| is
+  // SIGNOUT, this is the ID of the primary account.

[msarda, 2017/06/12 11:52:21]

"this is the Gaia ID of the account that was signed in" (this may be a secondary
account).

[droger, 2017/06/12 12:39:14]

Added the clarifications.

FYI: My comments were copied from the server-side doc.

+  std::string obfuscated_gaia_id;
+
+  // Email of the account signed in or signed out. When |user_intention| is
+  // SIGNOUT, this is the email of the primary account.
+  std::string email;
+
+  // Session index for the account signed in or signed out. When
+  // |user_intention| is SIGNOUT, this is 0.
+  std::string session_index;

[droger, 2017/06/09 14:51:07]

I'm not quite sure what it is, but that should probably be an int?

[msarda, 2017/06/12 11:52:21]

This is the index of the account in the Gaia authentication cookies. It should
be an int.

[droger, 2017/06/12 12:39:16]

Done.

+
+  // Optional.
+  std::string authorization_code;

[msarda, 2017/06/12 11:52:21]

This should be set when action is SIGNIN (otherwise Dice cannot work).

[droger, 2017/06/12 12:39:15]

Done.

+
+  // Logout URL Chrome should call after revoking LSTs in sign out flow.
+  // Optional.
+  GURL logout_url;

[msarda, 2017/06/12 11:52:21]

Should be set when action is SIGNOUT.

[droger, 2017/06/12 12:39:15]

Done.

+};
+
 // Base class for managing the signin headers (Dice and Chrome-Connected).
 class SigninHeaderHelper {
  public:
   // Appends or remove the header to a network request if necessary.
   bool AppendOrRemoveRequestHeader(
       net::URLRequest* request,
       const char* header_name,
       const GURL& redirect_url,
       const std::string& account_id,
       const content_settings::CookieSettings* cookie_settings,
@@ skipping 53 matching lines @@
     net::URLRequest* request,
     const GURL& redirect_url,
     const std::string& account_id,
     const content_settings::CookieSettings* cookie_settings,
     int profile_mode_mask);
 
 // Returns the parameters contained in the X-Chrome-Manage-Accounts response
 // header.
 ManageAccountsParams BuildManageAccountsParams(const std::string& header_value);
 
+#if !defined(OS_IOS) && !defined(OS_ANDROID)
+// Returns the parameters contained in the X-Chrome-ID-Consistency-Response
+// response header.
+DiceResponseParams BuildDiceResponseParams(const std::string& header_value);
+#endif
+
 }  // namespace signin
 
 #endif  // COMPONENTS_SIGNIN_CORE_BROWSER_SIGNIN_HEADER_HELPER_H_