| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/signin/profile_oauth2_token_service.h" | 5 #include "chrome/browser/signin/profile_oauth2_token_service.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/message_loop/message_loop.h" | 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| 11 #include "chrome/browser/chrome_notification_types.h" | 11 #include "chrome/browser/chrome_notification_types.h" |
| 12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 13 #include "chrome/browser/signin/signin_global_error.h" | 13 #include "chrome/browser/signin/signin_global_error.h" |
| 14 #include "chrome/browser/signin/signin_manager.h" | 14 #include "chrome/browser/signin/signin_manager.h" |
| 15 #include "chrome/browser/signin/signin_manager_factory.h" | 15 #include "chrome/browser/signin/signin_manager_factory.h" |
| 16 #include "chrome/browser/signin/token_service.h" | 16 #include "chrome/browser/signin/token_service.h" |
| 17 #include "chrome/browser/signin/token_service_factory.h" | 17 #include "chrome/browser/signin/token_service_factory.h" |
| 18 #include "chrome/browser/ui/global_error/global_error_service.h" | 18 #include "chrome/browser/ui/global_error/global_error_service.h" |
| 19 #include "chrome/browser/ui/global_error/global_error_service_factory.h" | 19 #include "chrome/browser/ui/global_error/global_error_service_factory.h" |
| 20 #include "chrome/browser/webdata/token_web_data.h" | 20 #include "chrome/browser/webdata/token_web_data.h" |
| 21 #include "content/public/browser/browser_thread.h" | 21 #include "content/public/browser/browser_thread.h" |
| 22 #include "content/public/browser/notification_details.h" | 22 #include "content/public/browser/notification_details.h" |
| 23 #include "content/public/browser/notification_source.h" | 23 #include "content/public/browser/notification_source.h" |
| 24 #include "google_apis/gaia/gaia_constants.h" | 24 #include "google_apis/gaia/gaia_constants.h" |
| 25 #include "google_apis/gaia/google_service_auth_error.h" | 25 #include "google_apis/gaia/google_service_auth_error.h" |
| 26 #include "net/url_request/url_request_context_getter.h" | 26 #include "net/url_request/url_request_context_getter.h" |
| 27 | 27 |
| 28 #if defined(ENABLE_MANAGED_USERS) |
| 29 #include "chrome/browser/managed_mode/managed_user_constants.h" |
| 30 #endif |
| 31 |
| 28 namespace { | 32 namespace { |
| 29 | 33 |
| 30 const char kAccountIdPrefix[] = "AccountId-"; | 34 const char kAccountIdPrefix[] = "AccountId-"; |
| 31 const size_t kAccountIdPrefixLength = 10; | 35 const size_t kAccountIdPrefixLength = 10; |
| 32 | 36 |
| 33 bool IsLegacyServiceId(const std::string& account_id) { | 37 bool IsLegacyServiceId(const std::string& account_id) { |
| 34 return account_id.compare(0u, kAccountIdPrefixLength, kAccountIdPrefix) != 0; | 38 return account_id.compare(0u, kAccountIdPrefixLength, kAccountIdPrefix) != 0; |
| 35 } | 39 } |
| 36 | 40 |
| 37 bool IsLegacyRefreshTokenId(const std::string& service_id) { | 41 bool IsLegacyRefreshTokenId(const std::string& service_id) { |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 147 return; | 151 return; |
| 148 | 152 |
| 149 DCHECK_GT(refresh_tokens_.count(account_id), 0u); | 153 DCHECK_GT(refresh_tokens_.count(account_id), 0u); |
| 150 refresh_tokens_[account_id]->SetLastAuthError(error); | 154 refresh_tokens_[account_id]->SetLastAuthError(error); |
| 151 } | 155 } |
| 152 | 156 |
| 153 void ProfileOAuth2TokenService::Observe( | 157 void ProfileOAuth2TokenService::Observe( |
| 154 int type, | 158 int type, |
| 155 const content::NotificationSource& source, | 159 const content::NotificationSource& source, |
| 156 const content::NotificationDetails& details) { | 160 const content::NotificationDetails& details) { |
| 157 const std::string& account_id = GetPrimaryAccountId(); | 161 std::string account_id = GetPrimaryAccountId(); |
| 158 switch (type) { | 162 switch (type) { |
| 159 case chrome::NOTIFICATION_TOKEN_AVAILABLE: { | 163 case chrome::NOTIFICATION_TOKEN_AVAILABLE: { |
| 160 TokenService::TokenAvailableDetails* tok_details = | 164 TokenService::TokenAvailableDetails* tok_details = |
| 161 content::Details<TokenService::TokenAvailableDetails>(details).ptr(); | 165 content::Details<TokenService::TokenAvailableDetails>(details).ptr(); |
| 162 if (tok_details->service() == | 166 if (tok_details->service() == |
| 163 GaiaConstants::kGaiaOAuth2LoginRefreshToken) { | 167 GaiaConstants::kGaiaOAuth2LoginRefreshToken) { |
| 164 // TODO(fgorski): Work on removing this code altogether in favor of the | 168 // TODO(fgorski): Work on removing this code altogether in favor of the |
| 165 // upgrade steps invoked by Initialize. | 169 // upgrade steps invoked by Initialize. |
| 166 // TODO(fgorski): Refresh token received that way is not persisted in | 170 // TODO(fgorski): Refresh token received that way is not persisted in |
| 167 // the token DB. | 171 // the token DB. |
| 172 account_id = GetAccountIdForMigratingRefreshToken(); |
| 168 CancelRequestsForAccount(account_id); | 173 CancelRequestsForAccount(account_id); |
| 169 ClearCacheForAccount(account_id); | 174 ClearCacheForAccount(account_id); |
| 170 refresh_tokens_[account_id].reset( | 175 refresh_tokens_[account_id].reset( |
| 171 new AccountInfo(this, account_id, tok_details->token())); | 176 new AccountInfo(this, account_id, tok_details->token())); |
| 172 UpdateAuthError(account_id, GoogleServiceAuthError::AuthErrorNone()); | 177 UpdateAuthError(account_id, GoogleServiceAuthError::AuthErrorNone()); |
| 173 FireRefreshTokenAvailable(account_id); | 178 FireRefreshTokenAvailable(account_id); |
| 174 } | 179 } |
| 175 break; | 180 break; |
| 176 } | 181 } |
| 177 case chrome::NOTIFICATION_TOKENS_CLEARED: { | 182 case chrome::NOTIFICATION_TOKENS_CLEARED: { |
| (...skipping 24 matching lines...) Expand all Loading... |
| 202 } | 207 } |
| 203 FireRefreshTokensLoaded(); | 208 FireRefreshTokensLoaded(); |
| 204 break; | 209 break; |
| 205 default: | 210 default: |
| 206 NOTREACHED() << "Invalid notification type=" << type; | 211 NOTREACHED() << "Invalid notification type=" << type; |
| 207 break; | 212 break; |
| 208 } | 213 } |
| 209 } | 214 } |
| 210 | 215 |
| 211 std::string ProfileOAuth2TokenService::GetPrimaryAccountId() { | 216 std::string ProfileOAuth2TokenService::GetPrimaryAccountId() { |
| 212 if (profile_->IsManaged()) | |
| 213 return std::string("SupervisedUser"); | |
| 214 | |
| 215 SigninManagerBase* signin_manager = | 217 SigninManagerBase* signin_manager = |
| 216 SigninManagerFactory::GetForProfileIfExists(profile_); | 218 SigninManagerFactory::GetForProfileIfExists(profile_); |
| 217 // TODO(fgorski): DCHECK(signin_manager) here - it may require update to test | 219 // TODO(fgorski): DCHECK(signin_manager) here - it may require update to test |
| 218 // code and the line above (SigninManager might not exist yet). | 220 // code and the line above (SigninManager might not exist yet). |
| 219 return signin_manager ? signin_manager->GetAuthenticatedUsername() | 221 return signin_manager ? signin_manager->GetAuthenticatedUsername() |
| 220 : std::string(); | 222 : std::string(); |
| 221 } | 223 } |
| 222 | 224 |
| 223 std::vector<std::string> ProfileOAuth2TokenService::GetAccounts() { | 225 std::vector<std::string> ProfileOAuth2TokenService::GetAccounts() { |
| 224 std::vector<std::string> account_ids; | 226 std::vector<std::string> account_ids; |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 316 DCHECK_EQ(0, web_data_service_request_); | 318 DCHECK_EQ(0, web_data_service_request_); |
| 317 | 319 |
| 318 CancelAllRequests(); | 320 CancelAllRequests(); |
| 319 refresh_tokens_.clear(); | 321 refresh_tokens_.clear(); |
| 320 scoped_refptr<TokenWebData> token_web_data = | 322 scoped_refptr<TokenWebData> token_web_data = |
| 321 TokenWebData::FromBrowserContext(profile_); | 323 TokenWebData::FromBrowserContext(profile_); |
| 322 if (token_web_data.get()) | 324 if (token_web_data.get()) |
| 323 web_data_service_request_ = token_web_data->GetAllTokens(this); | 325 web_data_service_request_ = token_web_data->GetAllTokens(this); |
| 324 } | 326 } |
| 325 | 327 |
| 328 std::string ProfileOAuth2TokenService::GetAccountIdForMigratingRefreshToken() { |
| 329 #if defined(ENABLE_MANAGED_USERS) |
| 330 // TODO(bauerb): Make sure that only services that can deal with supervised |
| 331 // users see the supervised user token. |
| 332 if (profile_->IsManaged()) |
| 333 return managed_users::kManagedUserPseudoEmail; |
| 334 #endif |
| 335 |
| 336 return GetPrimaryAccountId(); |
| 337 } |
| 338 |
| 326 void ProfileOAuth2TokenService::OnWebDataServiceRequestDone( | 339 void ProfileOAuth2TokenService::OnWebDataServiceRequestDone( |
| 327 WebDataServiceBase::Handle handle, | 340 WebDataServiceBase::Handle handle, |
| 328 const WDTypedResult* result) { | 341 const WDTypedResult* result) { |
| 329 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); | 342 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); |
| 330 DCHECK_EQ(web_data_service_request_, handle); | 343 DCHECK_EQ(web_data_service_request_, handle); |
| 331 web_data_service_request_ = 0; | 344 web_data_service_request_ = 0; |
| 332 | 345 |
| 333 if (result) { | 346 if (result) { |
| 334 DCHECK(result->GetType() == TOKEN_RESULT); | 347 DCHECK(result->GetType() == TOKEN_RESULT); |
| 335 const WDResult<std::map<std::string, std::string> > * token_result = | 348 const WDResult<std::map<std::string, std::string> > * token_result = |
| (...skipping 25 matching lines...) Expand all Loading... |
| 361 } else { | 374 } else { |
| 362 DCHECK(!refresh_token.empty()); | 375 DCHECK(!refresh_token.empty()); |
| 363 std::string account_id = RemoveAccountIdPrefix(prefixed_account_id); | 376 std::string account_id = RemoveAccountIdPrefix(prefixed_account_id); |
| 364 refresh_tokens_[account_id].reset( | 377 refresh_tokens_[account_id].reset( |
| 365 new AccountInfo(this, account_id, refresh_token)); | 378 new AccountInfo(this, account_id, refresh_token)); |
| 366 FireRefreshTokenAvailable(account_id); | 379 FireRefreshTokenAvailable(account_id); |
| 367 // TODO(fgorski): Notify diagnostic observers. | 380 // TODO(fgorski): Notify diagnostic observers. |
| 368 } | 381 } |
| 369 } | 382 } |
| 370 | 383 |
| 371 if (!old_login_token.empty() && | 384 if (!old_login_token.empty()) { |
| 372 refresh_tokens_.count(GetPrimaryAccountId()) == 0) { | 385 std::string account_id = GetAccountIdForMigratingRefreshToken(); |
| 373 UpdateCredentials(GetPrimaryAccountId(), old_login_token); | 386 |
| 387 if (refresh_tokens_.count(account_id) == 0) |
| 388 UpdateCredentials(account_id, old_login_token); |
| 374 } | 389 } |
| 375 | 390 |
| 376 FireRefreshTokensLoaded(); | 391 FireRefreshTokensLoaded(); |
| 377 } | 392 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 33173005:
Correctly deal with tokens for supervised users in ProfileOAuth2TokenService. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src