| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_REQUEST_H_ | 5 #ifndef GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_REQUEST_H_ |
| 6 #define GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_REQUEST_H_ | 6 #define GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_REQUEST_H_ |
| 7 | 7 |
| 8 #include <set> | 8 #include <set> |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| 11 #include "base/memory/ref_counted.h" |
| 11 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 12 #include "base/single_thread_task_runner.h" | 13 #include "base/single_thread_task_runner.h" |
| 13 #include "base/threading/non_thread_safe.h" | 14 #include "base/threading/non_thread_safe.h" |
| 14 #include "google_apis/gaia/oauth2_token_service.h" | 15 #include "google_apis/gaia/oauth2_token_service.h" |
| 15 | 16 |
| 16 // OAuth2TokenServiceRequest represents an asynchronous request to an | 17 // OAuth2TokenServiceRequest represents an asynchronous request to an |
| 17 // OAuth2TokenService that may live in another thread. | 18 // OAuth2TokenService that may live in another thread. |
| 18 // | 19 // |
| 19 // An OAuth2TokenServiceRequest can be created and started from any thread. | 20 // An OAuth2TokenServiceRequest can be created and started from any thread. |
| 20 class OAuth2TokenServiceRequest : public OAuth2TokenService::Request, | 21 class OAuth2TokenServiceRequest : public OAuth2TokenService::Request, |
| 21 public base::NonThreadSafe { | 22 public base::NonThreadSafe { |
| 22 public: | 23 public: |
| 23 class Core; | 24 class Core; |
| 24 | 25 |
| 25 // Interface for providing an OAuth2TokenService. | 26 // Interface for providing an OAuth2TokenService. |
| 26 class TokenServiceProvider { | 27 // |
| 28 // Ref-counted so that OAuth2TokenServiceRequest can ensure this object isn't |
| 29 // destroyed out from under the token service task runner thread. Because |
| 30 // OAuth2TokenServiceRequest has a reference, implementations of |
| 31 // TokenServiceProvider must be capable of being destroyed on the same thread |
| 32 // on which the OAuth2TokenServiceRequest was created. |
| 33 class TokenServiceProvider |
| 34 : public base::RefCountedThreadSafe<TokenServiceProvider> { |
| 27 public: | 35 public: |
| 28 TokenServiceProvider(); | 36 TokenServiceProvider(); |
| 29 virtual ~TokenServiceProvider(); | |
| 30 | 37 |
| 31 // Returns the task runner on which the token service lives. | 38 // Returns the task runner on which the token service lives. |
| 32 // | 39 // |
| 33 // This method may be called from any thread. | 40 // This method may be called from any thread. |
| 34 virtual scoped_refptr<base::SingleThreadTaskRunner> | 41 virtual scoped_refptr<base::SingleThreadTaskRunner> |
| 35 GetTokenServiceTaskRunner() = 0; | 42 GetTokenServiceTaskRunner() = 0; |
| 36 | 43 |
| 37 // Returns a pointer to a token service. | 44 // Returns a pointer to a token service. |
| 38 // | 45 // |
| 39 // Caller does not own the token service and must not delete it. The token | 46 // Caller does not own the token service and must not delete it. The token |
| 40 // service must outlive all instances of OAuth2TokenServiceRequest. | 47 // service must outlive all instances of OAuth2TokenServiceRequest. |
| 41 // | 48 // |
| 42 // This method may only be called from the task runner returned by | 49 // This method may only be called from the task runner returned by |
| 43 // |GetTokenServiceTaskRunner|. | 50 // |GetTokenServiceTaskRunner|. |
| 44 virtual OAuth2TokenService* GetTokenService() = 0; | 51 virtual OAuth2TokenService* GetTokenService() = 0; |
| 52 |
| 53 protected: |
| 54 friend class base::RefCountedThreadSafe<TokenServiceProvider>; |
| 55 virtual ~TokenServiceProvider(); |
| 45 }; | 56 }; |
| 46 | 57 |
| 47 // Creates and starts an access token request for |account_id| and |scopes|. | 58 // Creates and starts an access token request for |account_id| and |scopes|. |
| 48 // | 59 // |
| 49 // |provider| is used to get the OAuth2TokenService and must outlive the | 60 // |provider| is used to get the OAuth2TokenService. |
| 50 // returned request object. | |
| 51 // | 61 // |
| 52 // |account_id| must not be empty. | 62 // |account_id| must not be empty. |
| 53 // | 63 // |
| 54 // |scopes| must not be empty. | 64 // |scopes| must not be empty. |
| 55 // | 65 // |
| 56 // |consumer| will be invoked in the same thread that invoked CreateAndStart | 66 // |consumer| will be invoked in the same thread that invoked CreateAndStart |
| 57 // and must outlive the returned request object. Destroying the request | 67 // and must outlive the returned request object. Destroying the request |
| 58 // object ensure that |consumer| will not be called. However, the actual | 68 // object ensure that |consumer| will not be called. However, the actual |
| 59 // network activities may not be canceled and the cache in OAuth2TokenService | 69 // network activities may not be canceled and the cache in OAuth2TokenService |
| 60 // may be populated with the fetched results. | 70 // may be populated with the fetched results. |
| 61 static scoped_ptr<OAuth2TokenServiceRequest> CreateAndStart( | 71 static scoped_ptr<OAuth2TokenServiceRequest> CreateAndStart( |
| 62 TokenServiceProvider* provider, | 72 const scoped_refptr<TokenServiceProvider>& provider, |
| 63 const std::string& account_id, | 73 const std::string& account_id, |
| 64 const OAuth2TokenService::ScopeSet& scopes, | 74 const OAuth2TokenService::ScopeSet& scopes, |
| 65 OAuth2TokenService::Consumer* consumer); | 75 OAuth2TokenService::Consumer* consumer); |
| 66 | 76 |
| 67 // Invalidates |access_token| for |account_id| and |scopes|. | 77 // Invalidates |access_token| for |account_id| and |scopes|. |
| 68 // | 78 // |
| 69 // |provider| is used to get the OAuth2TokenService and must outlive the | 79 // |provider| is used to get the OAuth2TokenService. |
| 70 // returned request object. | |
| 71 // | 80 // |
| 72 // |account_id| must not be empty. | 81 // |account_id| must not be empty. |
| 73 // | 82 // |
| 74 // |scopes| must not be empty. | 83 // |scopes| must not be empty. |
| 75 static void InvalidateToken(TokenServiceProvider* provider, | 84 static void InvalidateToken( |
| 76 const std::string& account_id, | 85 const scoped_refptr<TokenServiceProvider>& provider, |
| 77 const OAuth2TokenService::ScopeSet& scopes, | 86 const std::string& account_id, |
| 78 const std::string& access_token); | 87 const OAuth2TokenService::ScopeSet& scopes, |
| 88 const std::string& access_token); |
| 79 | 89 |
| 80 virtual ~OAuth2TokenServiceRequest(); | 90 virtual ~OAuth2TokenServiceRequest(); |
| 81 | 91 |
| 82 // OAuth2TokenService::Request. | 92 // OAuth2TokenService::Request. |
| 83 virtual std::string GetAccountId() const OVERRIDE; | 93 virtual std::string GetAccountId() const OVERRIDE; |
| 84 | 94 |
| 85 private: | 95 private: |
| 86 OAuth2TokenServiceRequest(const std::string& account_id); | 96 OAuth2TokenServiceRequest(const std::string& account_id); |
| 87 | 97 |
| 88 void StartWithCore(const scoped_refptr<Core>& core); | 98 void StartWithCore(const scoped_refptr<Core>& core); |
| 89 | 99 |
| 90 const std::string account_id_; | 100 const std::string account_id_; |
| 91 scoped_refptr<Core> core_; | 101 scoped_refptr<Core> core_; |
| 92 | 102 |
| 93 DISALLOW_COPY_AND_ASSIGN(OAuth2TokenServiceRequest); | 103 DISALLOW_COPY_AND_ASSIGN(OAuth2TokenServiceRequest); |
| 94 }; | 104 }; |
| 95 | 105 |
| 96 #endif // GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_REQUEST_H_ | 106 #endif // GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_REQUEST_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 458753006:
Fix use after free bug by calling GetTokenService in Core's ctor. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src