Add OAuth2 authentication for some voice transcription requests.

chrome/browser/ui/app_list/speech_auth_helper.cc

Index: chrome/browser/ui/app_list/speech_auth_helper.cc
diff --git a/chrome/browser/ui/app_list/speech_auth_helper.cc b/chrome/browser/ui/app_list/speech_auth_helper.cc
new file mode 100644
index 0000000000000000000000000000000000000000..073f781f0ad1e1c9d06b0e6f4681571d8a32d398
--- /dev/null
+++ b/chrome/browser/ui/app_list/speech_auth_helper.cc
@@ -0,0 +1,125 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ui/app_list/speech_auth_helper.h"
+
+#include <string>
+
+#include "base/bind.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
+#include "chrome/browser/signin/signin_manager_factory.h"
+#include "components/signin/core/browser/profile_oauth2_token_service.h"
+#include "components/signin/core/browser/signin_manager.h"
+#include "content/public/browser/browser_thread.h"
+
+namespace app_list {
+
+static const char* kAuthScope =
+    "https://www.googleapis.com/auth/webhistory";
+static const int kMinTokenRefreshDelaySeconds = 300;  // 5 minutes
+
+
+SpeechAuthHelper::SpeechAuthHelper(Profile* profile)
+    : OAuth2TokenService::Consumer(kAuthScope),
+      profile_(profile),
+      weak_factory_(this) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  SigninManagerBase* signin_manager =
+      SigninManagerFactory::GetForProfile(profile_);
+  std::string account_id = signin_manager->GetAuthenticatedAccountId();
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);

[calamity, 2014/12/09 02:21:16]

Hmm. Can we factor token_service into a member of the class so we don't have to
ask the factory every time you want to check its existence?

[Anand Mistry (off Chromium), 2014/12/10 02:13:25]

Done.

+  if (token_service && !token_service->RefreshTokenIsAvailable(account_id)) {

[calamity, 2014/12/09 02:21:16]

Split this into

if (token_service)
  return;

if (!token_service->Refresh...

[Anand Mistry (off Chromium), 2014/12/10 02:13:25]

Done.

+    // Wait for the OAuth2 refresh token to be available before trying to obtain
+    // a speech token.
+    token_service->AddObserver(this);

[calamity, 2014/12/09 02:21:16]

Does this mean this is only added as an observer sometimes?

[Anand Mistry (off Chromium), 2014/12/10 02:13:25]

Yes. It only needs to be when the oauth2 refresh token is not yet available.

+  } else {
+    FetchAuthToken();
+  }
+}
+
+SpeechAuthHelper::~SpeechAuthHelper() {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
+  if (token_service)
+    token_service->RemoveObserver(this);

[calamity, 2014/12/09 02:21:16]

It doesn't seem to match up with the RemoveObserver() policy here?

[Anand Mistry (off Chromium), 2014/12/10 02:13:25]

What policy?

+}
+
+void SpeechAuthHelper::OnGetTokenSuccess(
+    const OAuth2TokenService::Request* request,
+    const std::string& access_token,
+    const base::Time& expiration_time) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  auth_token_ = access_token;
+  auth_token_request_.reset();
+
+  base::Time now = base::Time::Now();

[calamity, 2014/12/09 02:21:16]

It's not great to use a base::Time::Now() in code.. But you _are_ using a
base::Time::Max(). I'll allow it.

[calamity, 2014/12/09 07:11:20]

Another option is to take a base::Clock() in your constructor and hold onto it
as a scoped_ptr field. You can then use DefaultClock and SimpleTestClock for
normal and test use respectively.

[Anand Mistry (off Chromium), 2014/12/10 02:13:25]

The problem is that this doesn't buy any extra testability since you can't
advance time on the MessageLoop.

[calamity, 2014/12/10 02:26:13]

The objective was to add more determinism since base::Time::Now() will return
different values across test runs.

[Anand Mistry (off Chromium), 2014/12/10 03:52:14]

Ok, gotcha. Done.

+  base::TimeDelta delay = expiration_time - now;
+  if (delay.InSeconds() < kMinTokenRefreshDelaySeconds)
+    delay = base::TimeDelta::FromSeconds(kMinTokenRefreshDelaySeconds);
+  ScheduleTokenFetch(delay);
+}
+
+void SpeechAuthHelper::OnGetTokenFailure(
+    const OAuth2TokenService::Request* request,
+    const GoogleServiceAuthError& error) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  auth_token_ = "";
+  auth_token_request_.reset();
+
+  // Try again later.
+  // TODO(amistry): Implement backoff.
+  ScheduleTokenFetch(
+      base::TimeDelta::FromSeconds(kMinTokenRefreshDelaySeconds));
+}
+
+void SpeechAuthHelper::OnRefreshTokenAvailable(const std::string& account_id) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  SigninManagerBase* signin_manager =
+      SigninManagerFactory::GetForProfile(profile_);
+  if (signin_manager &&
+      signin_manager->GetAuthenticatedAccountId() == account_id) {
+    FetchAuthToken();
+  }
+}
+
+void SpeechAuthHelper::ScheduleTokenFetch(const base::TimeDelta& fetch_delay) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  content::BrowserThread::PostDelayedTask(
+      content::BrowserThread::UI,
+      FROM_HERE,
+      base::Bind(&SpeechAuthHelper::FetchAuthToken,
+                 weak_factory_.GetWeakPtr()),
+      fetch_delay);
+}
+
+void SpeechAuthHelper::FetchAuthToken() {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
+  if (token_service) {

[calamity, 2014/12/09 02:21:16]

Is it possible for this to be null when called from ScheduleTokenFetch()? Should
the task be rescheduled in that case? If not, consider adding a comment in
ScheduleTokenFetch() about why we don't care about failure/failure can't happen.

[Anand Mistry (off Chromium), 2014/12/10 02:13:25]

Added comment here.

+    OAuth2TokenService::ScopeSet scopes;
+    scopes.insert(kAuthScope);
+    SigninManagerBase* signin_manager =
+        SigninManagerFactory::GetForProfile(profile_);
+    auth_token_request_ = token_service->StartRequest(
+        signin_manager->GetAuthenticatedAccountId(),
+        scopes,
+        this);
+  }
+}
+
+std::string SpeechAuthHelper::GetToken() {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  return auth_token_;
+}
+
+std::string SpeechAuthHelper::GetScope() {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+  return kAuthScope;
+}
+
+}  // namespace app_list