[Dice] Parse the Dice response header

chrome/browser/signin/chrome_signin_helper.cc

Index: chrome/browser/signin/chrome_signin_helper.cc
diff --git a/chrome/browser/signin/chrome_signin_helper.cc b/chrome/browser/signin/chrome_signin_helper.cc
index f7d08b67d319e34d330c25d438a1ac127db9d0e9..bf4431cbb779e0be7588b25532a936c760082342 100644
--- a/chrome/browser/signin/chrome_signin_helper.cc
+++ b/chrome/browser/signin/chrome_signin_helper.cc
@@ -5,7 +5,6 @@
 #include "chrome/browser/signin/chrome_signin_helper.h"
 
 #include "base/strings/string_util.h"
-#include "build/build_config.h"
 #include "chrome/browser/prefs/incognito_mode_prefs.h"
 #include "chrome/browser/profiles/profile_io_data.h"
 #include "chrome/browser/signin/account_reconcilor_factory.h"
@@ -37,6 +36,7 @@ namespace signin {
 namespace {
 
 const char kChromeManageAccountsHeader[] = "X-Chrome-Manage-Accounts";
+const char kDiceResponseHeader[] = "X-Chrome-ID-Consistency-Response";
 
 // Processes the mirror response header on the UI thread. Currently depending
 // on the value of |header_value|, it either shows the profile avatar menu, or
@@ -183,4 +183,45 @@ void ProcessMirrorResponseHeaderIfExists(net::URLRequest* request,
       base::Bind(ProcessMirrorHeaderUIThread, child_id, route_id, params));
 }
 
+#if !defined(OS_IOS) && !defined(OS_ANDROID)
+void ProcessDiceResponseHeaderIfExists(net::URLRequest* request,
+                                       ProfileIOData* io_data) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
+
+  if (io_data->IsOffTheRecord())
+    return;
+
+  const content::ResourceRequestInfo* info =
+      content::ResourceRequestInfo::ForRequest(request);
+  if (!(info && info->GetResourceType() == content::RESOURCE_TYPE_MAIN_FRAME))
+    return;
+
+  if (!gaia::IsGaiaSignonRealm(request->url().GetOrigin()))
+    return;
+
+  if (switches::GetAccountConsistencyMethod() !=
+      switches::AccountConsistencyMethod::kDice) {
+    return;
+  }
+
+  net::HttpResponseHeaders* response_headers = request->response_headers();
+  if (!response_headers)
+    return;
+
+  std::string header_value;
+  if (!response_headers->GetNormalizedHeader(kDiceResponseHeader,
+                                             &header_value)) {
+    return;
+  }
+
+  DiceResponseParams params = BuildDiceResponseParams(header_value);
+  // If the request does not have a response header or if the header contains
+  // garbage, then |user_intention| is set to |NONE|.
+  if (params.user_intention == DiceAction::NONE)
+    return;
+
+  // TODO(droger): Start the Chrome authentication flow.

[msarda, 2017/06/12 11:52:21]

This TODO is wrong as we do not plan to start an authentication flow here. I
would change this to TODO(droger): Process the Dice header: on sign-in, exchange
the authorization code for an refresh token, on sign-out just follow the
sign-out URL.

Note that we did not yet decide what to do for sign-out (the thought was to
leave all the UI on Gaia - then on Chrome we can simply revoke the token when an
account is signed out).

[droger, 2017/06/12 12:39:14]

Done.

+}
+#endif  // !defined(OS_IOS) && !defined(OS_ANDROID)
+
 }  // namespace signin