| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/gaia/gaia_oauth_fetcher.h" | 5 #include "chrome/browser/net/gaia/gaia_oauth_fetcher.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 | 42 |
| 43 static const char kOAuthWrapBridgeUserInfoScope[] = | 43 static const char kOAuthWrapBridgeUserInfoScope[] = |
| 44 "https://www.googleapis.com/auth/userinfo.email"; | 44 "https://www.googleapis.com/auth/userinfo.email"; |
| 45 | 45 |
| 46 static const char kOAuth1LoginScope[] = | 46 static const char kOAuth1LoginScope[] = |
| 47 "https://www.google.com/accounts/OAuthLogin"; | 47 "https://www.google.com/accounts/OAuthLogin"; |
| 48 | 48 |
| 49 static const char kUserInfoUrl[] = | 49 static const char kUserInfoUrl[] = |
| 50 "https://www.googleapis.com/oauth2/v1/userinfo"; | 50 "https://www.googleapis.com/oauth2/v1/userinfo"; |
| 51 | 51 |
| 52 static const char kRevokeTokenUrl[] = | |
| 53 "https://www.google.com/accounts/AuthSubRevokeToken"; | |
| 54 | |
| 55 static const char kOAuthTokenCookie[] = "oauth_token"; | 52 static const char kOAuthTokenCookie[] = "oauth_token"; |
| 56 | 53 |
| 57 GaiaOAuthFetcher::GaiaOAuthFetcher(GaiaOAuthConsumer* consumer, | 54 GaiaOAuthFetcher::GaiaOAuthFetcher(GaiaOAuthConsumer* consumer, |
| 58 net::URLRequestContextGetter* getter, | 55 net::URLRequestContextGetter* getter, |
| 59 Profile* profile, | 56 Profile* profile, |
| 60 const std::string& service_scope) | 57 const std::string& service_scope) |
| 61 : consumer_(consumer), | 58 : consumer_(consumer), |
| 62 getter_(getter), | 59 getter_(getter), |
| 63 profile_(profile), | 60 profile_(profile), |
| 64 popup_(NULL), | 61 popup_(NULL), |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 122 // static | 119 // static |
| 123 std::string GaiaOAuthFetcher::MakeOAuthLoginBody( | 120 std::string GaiaOAuthFetcher::MakeOAuthLoginBody( |
| 124 const char* source, | 121 const char* source, |
| 125 const char* service, | 122 const char* service, |
| 126 const std::string& oauth1_access_token, | 123 const std::string& oauth1_access_token, |
| 127 const std::string& oauth1_access_token_secret) { | 124 const std::string& oauth1_access_token_secret) { |
| 128 OAuthRequestSigner::Parameters parameters; | 125 OAuthRequestSigner::Parameters parameters; |
| 129 parameters["service"] = service; | 126 parameters["service"] = service; |
| 130 parameters["source"] = source; | 127 parameters["source"] = source; |
| 131 std::string signed_request; | 128 std::string signed_request; |
| 132 bool is_signed = OAuthRequestSigner::SignURL( | 129 bool is_signed = OAuthRequestSigner::Sign( |
| 133 GURL(kOAuth1LoginScope), | 130 GURL(kOAuth1LoginScope), |
| 134 parameters, | 131 parameters, |
| 135 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, | 132 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, |
| 136 OAuthRequestSigner::POST_METHOD, | 133 OAuthRequestSigner::POST_METHOD, |
| 137 "anonymous", // oauth_consumer_key | 134 "anonymous", // oauth_consumer_key |
| 138 "anonymous", // consumer secret | 135 "anonymous", // consumer secret |
| 139 oauth1_access_token, // oauth_token | 136 oauth1_access_token, // oauth_token |
| 140 oauth1_access_token_secret, // token secret | 137 oauth1_access_token_secret, // token secret |
| 141 &signed_request); | 138 &signed_request); |
| 142 DCHECK(is_signed); | 139 DCHECK(is_signed); |
| 143 return signed_request; | 140 return signed_request; |
| 144 } | 141 } |
| 145 | 142 |
| 146 // static | 143 // static |
| 147 std::string GaiaOAuthFetcher::MakeOAuthGetAccessTokenBody( | 144 std::string GaiaOAuthFetcher::MakeOAuthGetAccessTokenBody( |
| 148 const std::string& oauth1_request_token) { | 145 const std::string& oauth1_request_token) { |
| 149 OAuthRequestSigner::Parameters empty_parameters; | 146 OAuthRequestSigner::Parameters empty_parameters; |
| 150 std::string signed_request; | 147 std::string signed_request; |
| 151 bool is_signed = OAuthRequestSigner::SignURL( | 148 bool is_signed = OAuthRequestSigner::Sign( |
| 152 GURL(kOAuthGetAccessTokenUrl), | 149 GURL(kOAuthGetAccessTokenUrl), |
| 153 empty_parameters, | 150 empty_parameters, |
| 154 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, | 151 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, |
| 155 OAuthRequestSigner::POST_METHOD, | 152 OAuthRequestSigner::POST_METHOD, |
| 156 "anonymous", // oauth_consumer_key | 153 "anonymous", // oauth_consumer_key |
| 157 "anonymous", // consumer secret | 154 "anonymous", // consumer secret |
| 158 oauth1_request_token, // oauth_token | 155 oauth1_request_token, // oauth_token |
| 159 "", // token secret | 156 "", // token secret |
| 160 &signed_request); | 157 &signed_request); |
| 161 DCHECK(is_signed); | 158 DCHECK(is_signed); |
| 162 return signed_request; | 159 return signed_request; |
| 163 } | 160 } |
| 164 | 161 |
| 165 // static | 162 // static |
| 166 std::string GaiaOAuthFetcher::MakeOAuthWrapBridgeBody( | 163 std::string GaiaOAuthFetcher::MakeOAuthWrapBridgeBody( |
| 167 const std::string& oauth1_access_token, | 164 const std::string& oauth1_access_token, |
| 168 const std::string& oauth1_access_token_secret, | 165 const std::string& oauth1_access_token_secret, |
| 169 const std::string& wrap_token_duration, | 166 const std::string& wrap_token_duration, |
| 170 const std::string& oauth2_scope) { | 167 const std::string& oauth2_scope) { |
| 171 OAuthRequestSigner::Parameters parameters; | 168 OAuthRequestSigner::Parameters parameters; |
| 172 parameters["wrap_token_duration"] = wrap_token_duration; | 169 parameters["wrap_token_duration"] = wrap_token_duration; |
| 173 parameters["wrap_scope"] = oauth2_scope; | 170 parameters["wrap_scope"] = oauth2_scope; |
| 174 std::string signed_request; | 171 std::string signed_request; |
| 175 bool is_signed = OAuthRequestSigner::SignURL( | 172 bool is_signed = OAuthRequestSigner::Sign( |
| 176 GURL(kOAuthWrapBridgeUrl), | 173 GURL(kOAuthWrapBridgeUrl), |
| 177 parameters, | 174 parameters, |
| 178 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, | 175 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, |
| 179 OAuthRequestSigner::POST_METHOD, | 176 OAuthRequestSigner::POST_METHOD, |
| 180 "anonymous", // oauth_consumer_key | 177 "anonymous", // oauth_consumer_key |
| 181 "anonymous", // consumer secret | 178 "anonymous", // consumer secret |
| 182 oauth1_access_token, // oauth_token | 179 oauth1_access_token, // oauth_token |
| 183 oauth1_access_token_secret, // token secret | 180 oauth1_access_token_secret, // token secret |
| 184 &signed_request); | 181 &signed_request); |
| 185 DCHECK(is_signed); | 182 DCHECK(is_signed); |
| (...skipping 257 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 443 fetcher_.reset(CreateGaiaFetcher(getter_, | 440 fetcher_.reset(CreateGaiaFetcher(getter_, |
| 444 GURL(kUserInfoUrl), | 441 GURL(kUserInfoUrl), |
| 445 request_body_, | 442 request_body_, |
| 446 request_headers_, | 443 request_headers_, |
| 447 false, | 444 false, |
| 448 this)); | 445 this)); |
| 449 fetch_pending_ = true; | 446 fetch_pending_ = true; |
| 450 fetcher_->Start(); | 447 fetcher_->Start(); |
| 451 } | 448 } |
| 452 | 449 |
| 453 void GaiaOAuthFetcher::StartOAuthRevokeAccessToken(const std::string& token, | |
| 454 const std::string& secret) { | |
| 455 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!"; | |
| 456 | |
| 457 // Must outlive fetcher_. | |
| 458 request_body_ = ""; | |
| 459 | |
| 460 OAuthRequestSigner::Parameters empty_parameters; | |
| 461 std::string auth_header; | |
| 462 GURL url(kRevokeTokenUrl); | |
| 463 bool is_signed = OAuthRequestSigner::SignAuthHeader( | |
| 464 url, | |
| 465 empty_parameters, | |
| 466 OAuthRequestSigner::HMAC_SHA1_SIGNATURE, | |
| 467 OAuthRequestSigner::GET_METHOD, | |
| 468 "anonymous", | |
| 469 "anonymous", | |
| 470 token, | |
| 471 secret, | |
| 472 &auth_header); | |
| 473 DCHECK(is_signed); | |
| 474 request_headers_ = "Authorization: " + auth_header; | |
| 475 fetcher_.reset(CreateGaiaFetcher(getter_, url, request_body_, | |
| 476 request_headers_, false, this)); | |
| 477 fetch_pending_ = true; | |
| 478 fetcher_->Start(); | |
| 479 } | |
| 480 | |
| 481 void GaiaOAuthFetcher::StartOAuthRevokeWrapToken(const std::string& token) { | |
| 482 DCHECK(!fetch_pending_) << "Tried to fetch two things at once!"; | |
| 483 | |
| 484 // Must outlive fetcher_. | |
| 485 request_body_ = ""; | |
| 486 | |
| 487 request_headers_ = "Authorization: Bearer " + token; | |
| 488 GURL url(kRevokeTokenUrl); | |
| 489 fetcher_.reset(CreateGaiaFetcher(getter_, url, request_body_, | |
| 490 request_headers_, false, this)); | |
| 491 fetch_pending_ = true; | |
| 492 fetcher_->Start(); | |
| 493 } | |
| 494 | |
| 495 // static | 450 // static |
| 496 GoogleServiceAuthError GaiaOAuthFetcher::GenerateAuthError( | 451 GoogleServiceAuthError GaiaOAuthFetcher::GenerateAuthError( |
| 497 const std::string& data, | 452 const std::string& data, |
| 498 const net::URLRequestStatus& status) { | 453 const net::URLRequestStatus& status) { |
| 499 if (!status.is_success()) { | 454 if (!status.is_success()) { |
| 500 if (status.status() == net::URLRequestStatus::CANCELED) { | 455 if (status.status() == net::URLRequestStatus::CANCELED) { |
| 501 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED); | 456 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED); |
| 502 } else { | 457 } else { |
| 503 LOG(WARNING) << "Could not reach Google Accounts servers: errno " | 458 LOG(WARNING) << "Could not reach Google Accounts servers: errno " |
| 504 << status.os_error(); | 459 << status.os_error(); |
| (...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 655 ParseOAuthWrapBridgeResponse(data, &token, &expires_in); | 610 ParseOAuthWrapBridgeResponse(data, &token, &expires_in); |
| 656 consumer_->OnOAuthWrapBridgeSuccess(service_scope_, token, expires_in); | 611 consumer_->OnOAuthWrapBridgeSuccess(service_scope_, token, expires_in); |
| 657 if (ShouldAutoFetch(USER_INFO)) | 612 if (ShouldAutoFetch(USER_INFO)) |
| 658 StartUserInfo(token); | 613 StartUserInfo(token); |
| 659 } else { | 614 } else { |
| 660 consumer_->OnOAuthWrapBridgeFailure(service_scope_, | 615 consumer_->OnOAuthWrapBridgeFailure(service_scope_, |
| 661 GenerateAuthError(data, status)); | 616 GenerateAuthError(data, status)); |
| 662 } | 617 } |
| 663 } | 618 } |
| 664 | 619 |
| 665 void GaiaOAuthFetcher::OnOAuthRevokeTokenFetched( | |
| 666 const std::string& data, | |
| 667 const net::URLRequestStatus& status, | |
| 668 int response_code) { | |
| 669 if (status.is_success() && response_code == RC_REQUEST_OK) { | |
| 670 consumer_->OnOAuthRevokeTokenSuccess(); | |
| 671 } else { | |
| 672 LOG(ERROR) << "Token revocation failure " << response_code << ": " << data; | |
| 673 consumer_->OnOAuthRevokeTokenFailure(GenerateAuthError(data, status)); | |
| 674 } | |
| 675 } | |
| 676 | |
| 677 void GaiaOAuthFetcher::OnUserInfoFetched( | 620 void GaiaOAuthFetcher::OnUserInfoFetched( |
| 678 const std::string& data, | 621 const std::string& data, |
| 679 const net::URLRequestStatus& status, | 622 const net::URLRequestStatus& status, |
| 680 int response_code) { | 623 int response_code) { |
| 681 if (status.is_success() && response_code == RC_REQUEST_OK) { | 624 if (status.is_success() && response_code == RC_REQUEST_OK) { |
| 682 std::string email; | 625 std::string email; |
| 683 ParseUserInfoResponse(data, &email); | 626 ParseUserInfoResponse(data, &email); |
| 684 VLOG(1) << "GAIA user info fetched for " << email << "."; | 627 VLOG(1) << "GAIA user info fetched for " << email << "."; |
| 685 consumer_->OnUserInfoSuccess(email); | 628 consumer_->OnUserInfoSuccess(email); |
| 686 } else { | 629 } else { |
| (...skipping 13 matching lines...) Expand all Loading... |
| 700 if (StartsWithASCII(url.spec(), kGetOAuthTokenUrl, true)) { | 643 if (StartsWithASCII(url.spec(), kGetOAuthTokenUrl, true)) { |
| 701 OnGetOAuthTokenUrlFetched(cookies, status, response_code); | 644 OnGetOAuthTokenUrlFetched(cookies, status, response_code); |
| 702 } else if (url.spec() == kOAuth1LoginScope) { | 645 } else if (url.spec() == kOAuth1LoginScope) { |
| 703 OnOAuthLoginFetched(data, status, response_code); | 646 OnOAuthLoginFetched(data, status, response_code); |
| 704 } else if (url.spec() == kOAuthGetAccessTokenUrl) { | 647 } else if (url.spec() == kOAuthGetAccessTokenUrl) { |
| 705 OnOAuthGetAccessTokenFetched(data, status, response_code); | 648 OnOAuthGetAccessTokenFetched(data, status, response_code); |
| 706 } else if (url.spec() == kOAuthWrapBridgeUrl) { | 649 } else if (url.spec() == kOAuthWrapBridgeUrl) { |
| 707 OnOAuthWrapBridgeFetched(data, status, response_code); | 650 OnOAuthWrapBridgeFetched(data, status, response_code); |
| 708 } else if (url.spec() == kUserInfoUrl) { | 651 } else if (url.spec() == kUserInfoUrl) { |
| 709 OnUserInfoFetched(data, status, response_code); | 652 OnUserInfoFetched(data, status, response_code); |
| 710 } else if (StartsWithASCII(url.spec(), kRevokeTokenUrl, true)) { | |
| 711 OnOAuthRevokeTokenFetched(data, status, response_code); | |
| 712 } else { | 653 } else { |
| 713 NOTREACHED(); | 654 NOTREACHED(); |
| 714 } | 655 } |
| 715 } | 656 } |
| 716 | 657 |
| 717 bool GaiaOAuthFetcher::ShouldAutoFetch(AutoFetchLimit fetch_step) { | 658 bool GaiaOAuthFetcher::ShouldAutoFetch(AutoFetchLimit fetch_step) { |
| 718 return fetch_step <= auto_fetch_limit_; | 659 return fetch_step <= auto_fetch_limit_; |
| 719 } | 660 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8249003:
Revert 105151 - Merge 103908 - Extend GaiaOAuthFetcher with support for revoking tokens. (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/874/src/