Do not display lock for hosted domains

chrome/browser/profiles/profile_downloader.cc

Index: chrome/browser/profiles/profile_downloader.cc
diff --git a/chrome/browser/profiles/profile_downloader.cc b/chrome/browser/profiles/profile_downloader.cc
index 15e8ceef496f45cb3a092c4c16b27a61c899b0d7..b11e903735cef7f584d7582e02f40f81e9636198 100644
--- a/chrome/browser/profiles/profile_downloader.cc
+++ b/chrome/browser/profiles/profile_downloader.cc
@@ -21,6 +21,7 @@
 #include "chrome/browser/signin/signin_manager_factory.h"
 #include "components/signin/core/browser/profile_oauth2_token_service.h"
 #include "components/signin/core/browser/signin_manager.h"
+#include "components/signin/core/common/profile_management_switches.h"
 #include "content/public/browser/browser_thread.h"
 #include "google_apis/gaia/gaia_constants.h"
 #include "google_apis/gaia/gaia_urls.h"
@@ -44,11 +45,16 @@ const char kUserEntryURL[] =
 
 // OAuth scope for the user info API.
 // For more info, see https://developers.google.com/accounts/docs/OAuth2LoginV1.
-const char kAPIScope[] = "https://www.googleapis.com/auth/userinfo.profile";
+const char kAPIEmailScope[] = "https://www.googleapis.com/auth/userinfo.email";
+const char kAPIProfileScope[] =
+    "https://www.googleapis.com/auth/userinfo.profile";
 
 // Path in JSON dictionary to user's photo thumbnail URL.
 const char kPhotoThumbnailURLPath[] = "picture";
 
+// Path in JSON dictionary to user's hosted domain.
+const char kHostedDomainPath[] = "hd";
+
 // From the user info API, this field corresponds to the full name of the user.
 const char kFullNamePath[] = "name";
 
@@ -138,16 +144,19 @@ bool ProfileDownloader::ParseProfileJSON(const std::string& data,
                                          base::string16* given_name,
                                          std::string* url,
                                          int image_size,
-                                         std::string* profile_locale) {
+                                         std::string* profile_locale,
+                                         base::string16* hosted_domain) {
   DCHECK(full_name);
   DCHECK(given_name);
   DCHECK(url);
   DCHECK(profile_locale);
+  DCHECK(hosted_domain);
 
   *full_name = base::string16();
   *given_name = base::string16();
   *url = std::string();
   *profile_locale = std::string();
+  *hosted_domain = base::string16();
 
   int error_code = -1;
   std::string error_message;
@@ -169,6 +178,7 @@ bool ProfileDownloader::ParseProfileJSON(const std::string& data,
   root_dictionary->GetString(kFullNamePath, full_name);
   root_dictionary->GetString(kGivenNamePath, given_name);
   root_dictionary->GetString(kLocalePath, profile_locale);
+  root_dictionary->GetString(kHostedDomainPath, hosted_domain);
 
   std::string url_string;
   if (root_dictionary->GetString(kPhotoThumbnailURLPath, &url_string)) {
@@ -247,6 +257,10 @@ void ProfileDownloader::StartForAccount(const std::string& account_id) {
   }
 }
 
+base::string16 ProfileDownloader::GetProfileHostedDomain() const {
+  return profile_hosted_domain_;
+}
+
 base::string16 ProfileDownloader::GetProfileFullName() const {
   return profile_full_name_;
 }
@@ -290,7 +304,10 @@ void ProfileDownloader::StartFetchingImage() {
 void ProfileDownloader::StartFetchingOAuth2AccessToken() {
   Profile* profile = delegate_->GetBrowserProfile();
   OAuth2TokenService::ScopeSet scopes;
-  scopes.insert(kAPIScope);
+  scopes.insert(kAPIProfileScope);
+  // Increase scope to get hd attribute to determine if lock should be enabled.
+  if (switches::IsNewProfileManagement())
+    scopes.insert(kAPIEmailScope);
   ProfileOAuth2TokenService* token_service =
       ProfileOAuth2TokenServiceFactory::GetForProfile(profile);
   oauth2_access_token_request_ = token_service->StartRequest(
@@ -332,7 +349,8 @@ void ProfileDownloader::OnURLFetchComplete(const net::URLFetcher* source) {
                           &profile_given_name_,
                           &image_url,
                           delegate_->GetDesiredImageSideLength(),
-                          &profile_locale_)) {
+                          &profile_locale_,
+                          &profile_hosted_domain_)) {
       delegate_->OnProfileDownloadFailure(
           this, ProfileDownloaderDelegate::SERVICE_ERROR);
       return;