Pass signin_scoped_device_id to refresh token request on ChromeOS

chrome/browser/chromeos/login/signin/oauth2_token_fetcher.h

Index: chrome/browser/chromeos/login/signin/oauth2_token_fetcher.h
diff --git a/chrome/browser/chromeos/login/signin/oauth2_token_fetcher.h b/chrome/browser/chromeos/login/signin/oauth2_token_fetcher.h
index 7f11d0cfcd5b6d364e661d8c3373a09768516e35..ceda7c1c092794dfc6adf5aff6472ec0fe12b1e0 100644
--- a/chrome/browser/chromeos/login/signin/oauth2_token_fetcher.h
+++ b/chrome/browser/chromeos/login/signin/oauth2_token_fetcher.h
@@ -38,7 +38,8 @@ class OAuth2TokenFetcher : public base::SupportsWeakPtr<OAuth2TokenFetcher>,
                      net::URLRequestContextGetter* context_getter);
   virtual ~OAuth2TokenFetcher();
 
-  void StartExchangeFromCookies(const std::string& session_index);
+  void StartExchangeFromCookies(const std::string& session_index,
+                                const std::string& signin_scoped_device_id);
   void StartExchangeFromAuthCode(const std::string& auth_code);

[dzhioev (left Google), 2014/07/18 13:31:52]

Don't we need device id for auth code authentication?

[pavely, 2014/07/18 22:30:04]

The way how (I think) exchange with gaia works is:
- Chrome shows user signin form where user enters credentials. This form sends
requests to gaia. Result of this interaction is cookie jar that can be exchanged
for auth_code.
- Cookie jar is exchanged for auth_code (one time short lived grant) by sending
request to programmatic_auth endpoint. This is the place where I can pass device
information (device_id, device_name, etc.)
- auth_code is exchanged for token pair (access_token/refresh_token) using
o/oauth2/token endpoint. I cannot pass device_id there today, api doesn't accept
it. 

StartExchangeFromCookies is 2 step exchange: cookies->auth_code->token pair.
StartEachangeFromAuthCode is shortcut into this flow skipping first exchange,
the one I use to pass device_id. That's the reason I don't pass device_id to
StartExchangeFromAuthCode.

The code that calls StartExchangeFromAuthCode should have obtained this code
from gaia in some way. I guess device_id should be injected into that process
somehow, but I don't know how to do it.

I tested two main scenarios: signing in for the first time and signing in after
token revocation (password change). In both cases code goes through
StartExchangeFromCookies. Do you know how I can trigger code to call
StartExchangeFromAuthCode instead? I'd love to understand it better.

 
  private:
@@ -63,6 +64,7 @@ class OAuth2TokenFetcher : public base::SupportsWeakPtr<OAuth2TokenFetcher>,
   // The retry counter. Increment this only when failure happened.
   int retry_count_;
   std::string session_index_;
+  std::string signin_scoped_device_id_;
   std::string auth_code_;
 
   DISALLOW_COPY_AND_ASSIGN(OAuth2TokenFetcher);