Merge 250980 "Attempt to recover sync token for managed user onc..."

> Attempt to recover sync token for managed user once we detected that sync auth fails.
> 
> BUG=332032
> R=nkostylev@chromium.org
> 
> Review URL: https://codereview.chromium.org/132803012

TBR=antrim@chromium.org

Review URL: https://codereview.chromium.org/171533008

git-svn-id: svn://svn.chromium.org/chrome/branches/1750/src@252013 0039d316-1c4b-4281-b951-d872f2087c98

8 files changed, 109 insertions, 40 deletions

diff --git a/chrome/browser/chromeos/login/auth_sync_observer.cc b/chrome/browser/chromeos/login/auth_sync_observer.cc
index 4c623c2..c5b80bf 100644
--- a/chrome/browser/chromeos/login/auth_sync_observer.cc
+++ b/chrome/browser/chromeos/login/auth_sync_observer.cc
@@ -10,6 +10,8 @@
 #include "chrome/browser/sync/profile_sync_service.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
 #include "chrome/common/pref_names.h"
+#include "content/public/browser/user_metrics.h"
+#include "content/public/common/user_metrics_action.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 
 class Profile;
@@ -43,6 +45,7 @@ void AuthSyncObserver::OnStateChanged() {
          UserManager::Get()->IsLoggedInAsLocallyManagedUser());
   ProfileSyncService* sync_service =
       ProfileSyncServiceFactory::GetForProfile(profile_);
+  User* user = UserManager::Get()->GetUserByProfile(profile_);
   GoogleServiceAuthError::State state =
       sync_service->GetAuthError().state();
   if (state != GoogleServiceAuthError::NONE &&
@@ -54,21 +57,40 @@ void AuthSyncObserver::OnStateChanged() {
     // TODO(nkostylev): Remove after crosbug.com/25978 is implemented.
     LOG(WARNING) << "Invalidate OAuth token because of a sync error: "
                  << sync_service->GetAuthError().ToString();
-    std::string email = profile_->GetProfileName();
-    if (email.empty() && UserManager::Get()->IsLoggedInAsLocallyManagedUser()) {
-      std::string sync_id =
-          profile_->GetPrefs()->GetString(prefs::kManagedUserId);
-      const User* user =
-          UserManager::Get()->GetSupervisedUserManager()->FindBySyncId(sync_id);
-      if (user)
-        email = user->email();
-    }
+    std::string email = user->email();
     DCHECK(!email.empty());
     // TODO(nkostyelv): Change observer after active user has changed.
-    UserManager::Get()->SaveUserOAuthStatus(
-        gaia::CanonicalizeEmail(email),
+    User::OAuthTokenStatus old_status = user->oauth_token_status();
+    UserManager::Get()->SaveUserOAuthStatus(email,
         User::OAUTH2_TOKEN_STATUS_INVALID);
+    if (user->GetType() == User::USER_TYPE_LOCALLY_MANAGED &&
+        old_status != User::OAUTH2_TOKEN_STATUS_INVALID) {
+       // Attempt to restore token from file.
+       UserManager::Get()->GetSupervisedUserManager()->LoadSupervisedUserToken(
+           profile_,
+           base::Bind(&AuthSyncObserver::OnSupervisedTokenLoaded,
+               base::Unretained(this)));
+       content::RecordAction(
+           content::UserMetricsAction(
+               "ManagedUsers_Chromeos_Sync_Invalidated"));
+    }
+  } else if (state == GoogleServiceAuthError::NONE) {
+    if (user->GetType() == User::USER_TYPE_LOCALLY_MANAGED &&
+        user->oauth_token_status() == User::OAUTH2_TOKEN_STATUS_INVALID) {
+      LOG(ERROR) <<
+          "Got an incorrectly invalidated token case, restoring token status.";
+      UserManager::Get()->SaveUserOAuthStatus(
+          user->email(),
+          User::OAUTH2_TOKEN_STATUS_VALID);
+       content::RecordAction(
+           content::UserMetricsAction("ManagedUsers_Chromeos_Sync_Recovered"));
+    }
   }
 }
 
+void AuthSyncObserver::OnSupervisedTokenLoaded(const std::string& token) {
+  UserManager::Get()->GetSupervisedUserManager()->ConfigureSyncWithToken(
+      profile_, token);
+}
+
 }  // namespace chromeos
diff --git a/chrome/browser/chromeos/login/auth_sync_observer.h b/chrome/browser/chromeos/login/auth_sync_observer.h
index acfa063..063736a 100644
--- a/chrome/browser/chromeos/login/auth_sync_observer.h
+++ b/chrome/browser/chromeos/login/auth_sync_observer.h
@@ -35,6 +35,9 @@ class AuthSyncObserver : public BrowserContextKeyedService,
   // ProfileSyncServiceObserver implementation.
   virtual void OnStateChanged() OVERRIDE;
 
+  // Called on attempt to restore supervised user token.
+  void OnSupervisedTokenLoaded(const std::string& token);
+
   Profile* profile_;
 
   DISALLOW_COPY_AND_ASSIGN(AuthSyncObserver);
diff --git a/chrome/browser/chromeos/login/fake_supervised_user_manager.cc b/chrome/browser/chromeos/login/fake_supervised_user_manager.cc
index af53e1a..d051917 100644
--- a/chrome/browser/chromeos/login/fake_supervised_user_manager.cc
+++ b/chrome/browser/chromeos/login/fake_supervised_user_manager.cc
@@ -55,4 +55,10 @@ std::string FakeSupervisedUserManager::GetManagerDisplayEmail(
   return std::string();
 }
 
+void FakeSupervisedUserManager::LoadSupervisedUserToken(
+    Profile * profile,
+    const LoadTokenCallback& callback) {
+  callback.Run("token");
+}
+
 }  // namespace chromeos
diff --git a/chrome/browser/chromeos/login/fake_supervised_user_manager.h b/chrome/browser/chromeos/login/fake_supervised_user_manager.h
index d68ead1..e23e525 100644
--- a/chrome/browser/chromeos/login/fake_supervised_user_manager.h
+++ b/chrome/browser/chromeos/login/fake_supervised_user_manager.h
@@ -38,6 +38,12 @@ class FakeSupervisedUserManager : public SupervisedUserManager {
   virtual void SetCreationTransactionUserId(const std::string& user_id)
       OVERRIDE {}
   virtual void CommitCreationTransaction() OVERRIDE {}
+  virtual void LoadSupervisedUserToken(
+      Profile * profile,
+      const LoadTokenCallback& callback) OVERRIDE;
+  virtual void ConfigureSyncWithToken(
+      Profile* profile,
+      const std::string& token) OVERRIDE {}
 
  private:
   DISALLOW_COPY_AND_ASSIGN(FakeSupervisedUserManager);
diff --git a/chrome/browser/chromeos/login/managed/locally_managed_user_login_flow.cc b/chrome/browser/chromeos/login/managed/locally_managed_user_login_flow.cc
index f4a4f25..e3a21ae 100644
--- a/chrome/browser/chromeos/login/managed/locally_managed_user_login_flow.cc
+++ b/chrome/browser/chromeos/login/managed/locally_managed_user_login_flow.cc
@@ -4,42 +4,22 @@
 
 #include "chrome/browser/chromeos/login/managed/locally_managed_user_login_flow.h"
 
-#include "base/file_util.h"
-#include "base/files/file_path.h"
 #include "base/logging.h"
 #include "base/prefs/pref_registry_simple.h"
 #include "base/prefs/pref_service.h"
-#include "base/threading/sequenced_worker_pool.h"
 #include "base/values.h"
 #include "chrome/browser/chromeos/login/login_display_host_impl.h"
 #include "chrome/browser/chromeos/login/login_utils.h"
 #include "chrome/browser/chromeos/login/managed/locally_managed_user_constants.h"
 #include "chrome/browser/chromeos/login/managed/locally_managed_user_creation_screen.h"
+#include "chrome/browser/chromeos/login/supervised_user_manager.h"
 #include "chrome/browser/chromeos/login/wizard_controller.h"
-#include "chrome/browser/chromeos/profiles/profile_helper.h"
-#include "chrome/browser/managed_mode/managed_user_service.h"
-#include "chrome/browser/managed_mode/managed_user_service_factory.h"
 #include "content/public/browser/browser_thread.h"
 
 using content::BrowserThread;
 
 namespace chromeos {
 
-namespace {
-
-std::string LoadSyncToken(base::FilePath profile_dir) {
-  std::string token;
-  base::FilePath token_file =
-      profile_dir.Append(kManagedUserTokenFilename);
-  LOG(INFO) << "Loading" << token_file.value();
-  if (!base::ReadFileToString(token_file, &token)) {
-    return std::string();
-  }
-  return token;
-}
-
-} // namespace
-
 LocallyManagedUserLoginFlow::LocallyManagedUserLoginFlow(
     const std::string& user_id)
     : ExtendedUserFlow(user_id),
@@ -78,10 +58,11 @@ void LocallyManagedUserLoginFlow::OnSyncSetupDataLoaded(
 
 void LocallyManagedUserLoginFlow::ConfigureSync(const std::string& token) {
   data_loaded_ = true;
+
   // TODO(antrim): add error handling (no token loaded).
   // See also: http://crbug.com/312751
-  if (!token.empty())
-    ManagedUserServiceFactory::GetForProfile(profile_)->InitSync(token);
+  UserManager::Get()->GetSupervisedUserManager()->ConfigureSyncWithToken(
+      profile_, token);
 
   LoginUtils::Get()->DoBrowserLaunch(profile_, host());
   profile_ = NULL;
@@ -91,12 +72,8 @@ void LocallyManagedUserLoginFlow::ConfigureSync(const std::string& token) {
 void LocallyManagedUserLoginFlow::LaunchExtraSteps(
     Profile* profile) {
   profile_ = profile;
-  base::FilePath profile_dir = ProfileHelper::GetProfilePathByUserIdHash(
-      UserManager::Get()->GetUserByProfile(profile)->username_hash());
-  PostTaskAndReplyWithResult(
-      content::BrowserThread::GetBlockingPool(),
-      FROM_HERE,
-      base::Bind(&LoadSyncToken, profile_dir),
+  UserManager::Get()->GetSupervisedUserManager()->LoadSupervisedUserToken(
+      profile,
       base::Bind(
            &LocallyManagedUserLoginFlow::OnSyncSetupDataLoaded,
            weak_factory_.GetWeakPtr()));
diff --git a/chrome/browser/chromeos/login/supervised_user_manager.h b/chrome/browser/chromeos/login/supervised_user_manager.h
index 4b116a8..254706a 100644
--- a/chrome/browser/chromeos/login/supervised_user_manager.h
+++ b/chrome/browser/chromeos/login/supervised_user_manager.h
@@ -8,7 +8,9 @@
 #include <string>
 
 #include "base/basictypes.h"
+#include "base/callback.h"
 #include "base/strings/string16.h"
+#include "chrome/browser/profiles/profile.h"
 
 class PrefRegistrySimple;
 
@@ -21,6 +23,9 @@ class User;
 // lookup methods that make sense only for supervised users.
 class SupervisedUserManager {
  public:
+  typedef base::Callback<void(const std::string& /* token */)>
+      LoadTokenCallback;
+
   // Registers user manager preferences.
   static void RegisterPrefs(PrefRegistrySimple* registry);
 
@@ -81,6 +86,14 @@ class SupervisedUserManager {
   // Remove locally managed user creation transaction record.
   virtual void CommitCreationTransaction() = 0;
 
+  // Loads a sync oauth token in background, and passes it to callback.
+  virtual void LoadSupervisedUserToken(Profile* profile,
+                                       const LoadTokenCallback& callback) = 0;
+
+  // Configures sync service with oauth token.
+  virtual void ConfigureSyncWithToken(Profile* profile,
+                                      const std::string& token) = 0;
+
  private:
   DISALLOW_COPY_AND_ASSIGN(SupervisedUserManager);
 };
diff --git a/chrome/browser/chromeos/login/supervised_user_manager_impl.cc b/chrome/browser/chromeos/login/supervised_user_manager_impl.cc
index 8b5bf98..cbd9966 100644
--- a/chrome/browser/chromeos/login/supervised_user_manager_impl.cc
+++ b/chrome/browser/chromeos/login/supervised_user_manager_impl.cc
@@ -4,15 +4,22 @@
 
 #include "chrome/browser/chromeos/login/supervised_user_manager_impl.h"
 
+#include "base/file_util.h"
+#include "base/files/file_path.h"
 #include "base/prefs/pref_registry_simple.h"
 #include "base/prefs/pref_service.h"
 #include "base/prefs/scoped_user_pref_update.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
+#include "base/threading/sequenced_worker_pool.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
+#include "chrome/browser/chromeos/login/managed/locally_managed_user_constants.h"
 #include "chrome/browser/chromeos/login/user_manager_impl.h"
+#include "chrome/browser/chromeos/profiles/profile_helper.h"
+#include "chrome/browser/managed_mode/managed_user_service.h"
+#include "chrome/browser/managed_mode/managed_user_service_factory.h"
 #include "chromeos/settings/cros_settings_names.h"
 #include "content/public/browser/browser_thread.h"
 #include "google_apis/gaia/gaia_auth_util.h"
@@ -53,6 +60,16 @@ const char kLocallyManagedUserCreationTransactionDisplayName[] =
 const char kLocallyManagedUserCreationTransactionUserId[] =
     "LocallyManagedUserCreationTransactionUserId";
 
+std::string LoadSyncToken(base::FilePath profile_dir) {
+  std::string token;
+  base::FilePath token_file =
+      profile_dir.Append(chromeos::kManagedUserTokenFilename);
+  VLOG(1) << "Loading" << token_file.value();
+  if (!base::ReadFileToString(token_file, &token))
+    return std::string();
+  return token;
+}
+
 } // namespace
 
 namespace chromeos {
@@ -332,5 +349,24 @@ void SupervisedUserManagerImpl::UpdateManagerName(const std::string& manager_id,
   }
 }
 
+void SupervisedUserManagerImpl::LoadSupervisedUserToken(
+    Profile* profile,
+    const LoadTokenCallback& callback) {
+  // TODO(antrim): use profile->GetPath() once we sure it is safe.
+  base::FilePath profile_dir = ProfileHelper::GetProfilePathByUserIdHash(
+      UserManager::Get()->GetUserByProfile(profile)->username_hash());
+  PostTaskAndReplyWithResult(
+      content::BrowserThread::GetBlockingPool(),
+      FROM_HERE,
+      base::Bind(&LoadSyncToken, profile_dir),
+      callback);
+}
+
+void SupervisedUserManagerImpl::ConfigureSyncWithToken(
+    Profile* profile,
+    const std::string& token) {
+  if (!token.empty())
+    ManagedUserServiceFactory::GetForProfile(profile)->InitSync(token);
+}
 
 }  // namespace chromeos
diff --git a/chrome/browser/chromeos/login/supervised_user_manager_impl.h b/chrome/browser/chromeos/login/supervised_user_manager_impl.h
index e31766ee..737c484 100644
--- a/chrome/browser/chromeos/login/supervised_user_manager_impl.h
+++ b/chrome/browser/chromeos/login/supervised_user_manager_impl.h
@@ -42,6 +42,12 @@ class SupervisedUserManagerImpl
   virtual void SetCreationTransactionUserId(const std::string& user_id)
       OVERRIDE;
   virtual void CommitCreationTransaction() OVERRIDE;
+  virtual void LoadSupervisedUserToken(
+      Profile * profile,
+      const LoadTokenCallback& callback) OVERRIDE;
+  virtual void ConfigureSyncWithToken(
+      Profile* profile,
+      const std::string& token) OVERRIDE;
 
  private:
   friend class UserManager;