Identity API: add multi-account support to token cache and request queues

chrome/browser/extensions/api/identity/identity_api.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/api/identity/identity_api.h"
 
 #include <set>
 #include <string>
 #include <utility>
 #include <vector>
@@ skipping 85 matching lines @@
   if (oauth2_client_id_.empty()) {
     error_ = identity_constants::kInvalidClientId;
     return false;
   }
 
   if (oauth2_info.scopes.size() == 0) {
     error_ = identity_constants::kInvalidScopes;
     return false;
   }
 
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(GetProfile());
+
+  std::set<std::string> scopes(oauth2_info.scopes.begin(),
+                               oauth2_info.scopes.end());
+  token_key_.reset(new ExtensionTokenKey(
+      GetExtension()->id(), token_service->GetPrimaryAccountId(), scopes));
+
   // Balanced in CompleteFunctionWithResult|CompleteFunctionWithError
   AddRef();
 
 #if defined(OS_CHROMEOS)
   if (chromeos::UserManager::Get()->IsLoggedInAsKioskApp() &&
       g_browser_process->browser_policy_connector()->IsEnterpriseManaged()) {
     StartMintTokenFlow(IdentityMintRequestQueue::MINT_TYPE_NONINTERACTIVE);
     return true;
   }
 #endif
@@ skipping 38 matching lines @@
   should_prompt_for_signin_ = false;
   ShowLoginPopup();
 }
 
 void IdentityGetAuthTokenFunction::StartMintTokenFlow(
     IdentityMintRequestQueue::MintType type) {
   mint_token_flow_type_ = type;
 
   // Flows are serialized to prevent excessive traffic to GAIA, and
   // to consolidate UI pop-ups.
-  const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension());
-  std::set<std::string> scopes(oauth2_info.scopes.begin(),
-                               oauth2_info.scopes.end());
   IdentityAPI* id_api =
       extensions::IdentityAPI::GetFactoryInstance()->GetForProfile(
           GetProfile());
 
   if (!should_prompt_for_scopes_) {
     // Caller requested no interaction.
 
     if (type == IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE) {
       // GAIA told us to do a consent UI.
       CompleteFunctionWithError(identity_constants::kNoGrant);
       return;
     }
     if (!id_api->mint_queue()->empty(
-            IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE,
-            GetExtension()->id(), scopes)) {
+            IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE, *token_key_)) {
       // Another call is going through a consent UI.
       CompleteFunctionWithError(identity_constants::kNoGrant);
       return;
     }
   }
-  id_api->mint_queue()->RequestStart(type,
-                                     GetExtension()->id(),
-                                     scopes,
-                                     this);
+  id_api->mint_queue()->RequestStart(type, *token_key_, this);
 }
 
 void IdentityGetAuthTokenFunction::CompleteMintTokenFlow() {
   IdentityMintRequestQueue::MintType type = mint_token_flow_type_;
 
   const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension());
   std::set<std::string> scopes(oauth2_info.scopes.begin(),
                                oauth2_info.scopes.end());
 
   extensions::IdentityAPI::GetFactoryInstance()
       ->GetForProfile(GetProfile())
       ->mint_queue()
-      ->RequestComplete(type, GetExtension()->id(), scopes, this);
+      ->RequestComplete(type, *token_key_, this);
 }
 
 void IdentityGetAuthTokenFunction::StartMintToken(
     IdentityMintRequestQueue::MintType type) {
   const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension());
   IdentityAPI* id_api =
       IdentityAPI::GetFactoryInstance()->GetForProfile(GetProfile());
-  IdentityTokenCacheValue cache_entry = id_api->GetCachedToken(
-      GetExtension()->id(), oauth2_info.scopes);
+  IdentityTokenCacheValue cache_entry = id_api->GetCachedToken(*token_key_);
   IdentityTokenCacheValue::CacheValueStatus cache_status =
       cache_entry.status();
 
   if (type == IdentityMintRequestQueue::MINT_TYPE_NONINTERACTIVE) {
     switch (cache_status) {
       case IdentityTokenCacheValue::CACHE_STATUS_NOTFOUND:
 #if defined(OS_CHROMEOS)
         // Always force minting token for ChromeOS kiosk app.
         if (chromeos::UserManager::Get()->IsLoggedInAsKioskApp()) {
           gaia_mint_token_mode_ = OAuth2MintTokenFlow::MODE_MINT_TOKEN_FORCE;
@@ skipping 36 matching lines @@
       CompleteMintTokenFlow();
       CompleteFunctionWithResult(cache_entry.token());
     } else {
       ShowOAuthApprovalDialog(issue_advice_);
     }
   }
 }
 
 void IdentityGetAuthTokenFunction::OnMintTokenSuccess(
     const std::string& access_token, int time_to_live) {
-  const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension());
   IdentityTokenCacheValue token(access_token,
                                 base::TimeDelta::FromSeconds(time_to_live));
   IdentityAPI::GetFactoryInstance()
       ->GetForProfile(GetProfile())
-      ->SetCachedToken(GetExtension()->id(), oauth2_info.scopes, token);
+      ->SetCachedToken(*token_key_, token);
 
   CompleteMintTokenFlow();
   CompleteFunctionWithResult(access_token);
 }
 
 void IdentityGetAuthTokenFunction::OnMintTokenFailure(
     const GoogleServiceAuthError& error) {
   CompleteMintTokenFlow();
 
   switch (error.state()) {
@@ skipping 14 matching lines @@
       // Return error to caller.
       break;
   }
 
   CompleteFunctionWithError(
       std::string(identity_constants::kAuthFailure) + error.ToString());
 }
 
 void IdentityGetAuthTokenFunction::OnIssueAdviceSuccess(
     const IssueAdviceInfo& issue_advice) {
-  const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension());
   IdentityAPI::GetFactoryInstance()
       ->GetForProfile(GetProfile())
-      ->SetCachedToken(GetExtension()->id(),
-                       oauth2_info.scopes,
+      ->SetCachedToken(*token_key_,
                        IdentityTokenCacheValue(issue_advice));
   CompleteMintTokenFlow();
 
   should_prompt_for_signin_ = false;
   // Existing grant was revoked and we used NO_FORCE, so we got info back
   // instead. Start a consent UI if we can.
   issue_advice_ = issue_advice;
   StartMintTokenFlow(IdentityMintRequestQueue::MINT_TYPE_INTERACTIVE);
 }
 
@@ skipping 42 matching lines @@
 
   CompleteFunctionWithError(error);
 }
 
 void IdentityGetAuthTokenFunction::OnGaiaFlowCompleted(
     const std::string& access_token,
     const std::string& expiration) {
 
   int time_to_live;
   if (!expiration.empty() && base::StringToInt(expiration, &time_to_live)) {
-    const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(GetExtension());
     IdentityTokenCacheValue token_value(
         access_token, base::TimeDelta::FromSeconds(time_to_live));
     IdentityAPI::GetFactoryInstance()
         ->GetForProfile(GetProfile())
-        ->SetCachedToken(GetExtension()->id(), oauth2_info.scopes, token_value);
+        ->SetCachedToken(*token_key_, token_value);
   }
 
   CompleteMintTokenFlow();
   CompleteFunctionWithResult(access_token);
 }
 
 void IdentityGetAuthTokenFunction::OnGetTokenSuccess(
     const OAuth2TokenService::Request* request,
     const std::string& access_token,
     const base::Time& expiration_time) {
@@ skipping 283 matching lines @@
       account_tracker_(profile) {
   account_tracker_.AddObserver(this);
 }
 
 IdentityAPI::~IdentityAPI() {}
 
 IdentityMintRequestQueue* IdentityAPI::mint_queue() {
     return &mint_queue_;
 }
 
-void IdentityAPI::SetCachedToken(const std::string& extension_id,
-                                 const std::vector<std::string> scopes,
+void IdentityAPI::SetCachedToken(const ExtensionTokenKey& key,
                                  const IdentityTokenCacheValue& token_data) {
-  std::set<std::string> scopeset(scopes.begin(), scopes.end());
-  TokenCacheKey key(extension_id, scopeset);
-
   CachedTokens::iterator it = token_cache_.find(key);
   if (it != token_cache_.end() && it->second.status() <= token_data.status())
     token_cache_.erase(it);
 
   token_cache_.insert(std::make_pair(key, token_data));
 }
 
 void IdentityAPI::EraseCachedToken(const std::string& extension_id,
                                    const std::string& token) {
   CachedTokens::iterator it;
   for (it = token_cache_.begin(); it != token_cache_.end(); ++it) {
     if (it->first.extension_id == extension_id &&
         it->second.status() == IdentityTokenCacheValue::CACHE_STATUS_TOKEN &&
         it->second.token() == token) {
       token_cache_.erase(it);
       break;
     }
   }
 }
 
 void IdentityAPI::EraseAllCachedTokens() {
   token_cache_.clear();
 }
 
 const IdentityTokenCacheValue& IdentityAPI::GetCachedToken(
-    const std::string& extension_id, const std::vector<std::string> scopes) {
-  std::set<std::string> scopeset(scopes.begin(), scopes.end());
-  TokenCacheKey key(extension_id, scopeset);
+    const ExtensionTokenKey& key) {
   return token_cache_[key];
 }
 
 const IdentityAPI::CachedTokens& IdentityAPI::GetAllCachedTokens() {
   return token_cache_;
 }
 
 void IdentityAPI::ReportAuthError(const GoogleServiceAuthError& error) {
   ProfileOAuth2TokenService* token_service =
       ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
@@ skipping 29 matching lines @@
 
   ExtensionSystem::Get(profile_)->event_router()->BroadcastEvent(event.Pass());
 }
 
 template <>
 void ProfileKeyedAPIFactory<IdentityAPI>::DeclareFactoryDependencies() {
   DependsOn(ExtensionSystemFactory::GetInstance());
   DependsOn(ProfileOAuth2TokenServiceFactory::GetInstance());
 }
 
-IdentityAPI::TokenCacheKey::TokenCacheKey(const std::string& extension_id,
-                                          const std::set<std::string> scopes)
-    : extension_id(extension_id),
-      scopes(scopes) {
-}
-
-IdentityAPI::TokenCacheKey::~TokenCacheKey() {
-}
-
-bool IdentityAPI::TokenCacheKey::operator<(
-    const IdentityAPI::TokenCacheKey& rhs) const {
-  if (extension_id < rhs.extension_id)
-    return true;
-  else if (rhs.extension_id < extension_id)
-    return false;
-
-  return scopes < rhs.scopes;
-}
-
 }  // namespace extensions