When using the one-click sign in feature, re-use the oauth2 refesh token

retrieved by the sign in manager instead of having the token service create a
new one.

BUG=156964
TEST=Use the one-click sign in feature and make sure it works correctly.
Try with gmail.com account and with dasher account.  Try with accounts that
have 2-factor enabled and disabled.  There are no user visible changes from
this CL.


Review URL: https://chromiumcodereview.appspot.com/11290002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@164945 0039d316-1c4b-4281-b951-d872f2087c98

5 files changed, 28 insertions, 3 deletions

diff --git a/chrome/browser/signin/signin_manager.cc b/chrome/browser/signin/signin_manager.cc
index b6ac90f..cbf1cd9 100644
--- a/chrome/browser/signin/signin_manager.cc
+++ b/chrome/browser/signin/signin_manager.cc
@@ -328,6 +328,7 @@ void SigninManager::ClearTransientSigninData() {
   password_.clear();
   had_two_factor_error_ = false;
   type_ = SIGNIN_TYPE_NONE;
+  temp_oauth_login_tokens_ = ClientOAuthResult();
 }
 
 void SigninManager::HandleAuthError(const GoogleServiceAuthError& error,
@@ -409,6 +410,7 @@ void SigninManager::OnClientOAuthSuccess(const ClientOAuthResult& result) {
   switch (type_) {
     case SIGNIN_TYPE_CLIENT_OAUTH:
     case SIGNIN_TYPE_WITH_CREDENTIALS:
+      temp_oauth_login_tokens_ = result;
       client_login_->StartOAuthLogin(result.access_token,
                                      GaiaConstants::kGaiaService);
       break;
@@ -485,6 +487,13 @@ void SigninManager::OnGetUserInfoSuccess(const UserInfoMap& data) {
   token_service->UpdateCredentials(last_result_);
   DCHECK(token_service->AreCredentialsValid());
   token_service->StartFetchingTokens();
+
+  // If we have oauth2 tokens, tell token service about them so it does not
+  // need to fetch them again.
+  if (!temp_oauth_login_tokens_.refresh_token.empty()) {
+    token_service->OnClientOAuthSuccess(temp_oauth_login_tokens_);
+    temp_oauth_login_tokens_ = ClientOAuthResult();
+  }
 }
 
 void SigninManager::OnGetUserInfoFailure(const GoogleServiceAuthError& error) {
diff --git a/chrome/browser/signin/signin_manager.h b/chrome/browser/signin/signin_manager.h
index 2a38955..ce616eb 100644
--- a/chrome/browser/signin/signin_manager.h
+++ b/chrome/browser/signin/signin_manager.h
@@ -213,6 +213,11 @@ class SigninManager : public GaiaAuthConsumer,
   // successful or not.
   SigninType type_;
 
+  // Temporarily saves the oauth2 refresh and access tokens when signing in
+  // with credentials.  These will be passed to TokenService so that it does
+  // not need to mint new ones.
+  ClientOAuthResult temp_oauth_login_tokens_;
+
   DISALLOW_COPY_AND_ASSIGN(SigninManager);
 };
 
diff --git a/chrome/browser/signin/signin_manager_unittest.cc b/chrome/browser/signin/signin_manager_unittest.cc
index f873c25..695e2a2 100644
--- a/chrome/browser/signin/signin_manager_unittest.cc
+++ b/chrome/browser/signin/signin_manager_unittest.cc
@@ -266,6 +266,10 @@ TEST_F(SigninManagerTest, SignInWithCredentials) {
   SimulateValidResponseSignInWithCredentials();
   EXPECT_FALSE(manager_->GetAuthenticatedUsername().empty());
 
+  // This is flow, the oauth2 credentials should already be available in
+  // the token service.
+  EXPECT_TRUE(service_->HasOAuthLoginToken());
+
   // Should go into token service and stop.
   EXPECT_EQ(1U, google_login_success_.size());
   EXPECT_EQ(0U, google_login_failure_.size());
@@ -288,6 +292,10 @@ TEST_F(SigninManagerTest, SignInWithCredentialsWrongEmail) {
   SimulateValidResponseSignInWithCredentials();
   EXPECT_TRUE(manager_->GetAuthenticatedUsername().empty());
 
+  // The oauth2 credentials should not be available in the token service
+  // because the email was incorrect.
+  EXPECT_FALSE(service_->HasOAuthLoginToken());
+
   // Should go into token service and stop.
   EXPECT_EQ(0U, google_login_success_.size());
   EXPECT_EQ(1U, google_login_failure_.size());
diff --git a/chrome/browser/signin/token_service.cc b/chrome/browser/signin/token_service.cc
index 476381d..5eef15c 100644
--- a/chrome/browser/signin/token_service.cc
+++ b/chrome/browser/signin/token_service.cc
@@ -103,9 +103,9 @@ void TokenService::AddAuthTokenManually(const std::string& service,
   token_map_[service] = auth_token;
   FireTokenAvailableNotification(service, auth_token);
   SaveAuthTokenToDB(service, auth_token);
-  // If we got ClientLogin token for "lso" service, then start fetching OAuth2
-  // login scoped token pair.
-  if (service == GaiaConstants::kLSOService) {
+  // If we got ClientLogin token for "lso" service, and we don't already have
+  // OAuth2 tokens, start fetching OAuth2 login scoped token pair.
+  if (service == GaiaConstants::kLSOService && !HasOAuthLoginToken()) {
     int index = GetServiceIndex(service);
     CHECK_GE(index, 0);
     fetchers_[index]->StartLsoForOAuthLoginTokenExchange(auth_token);
diff --git a/google_apis/gaia/gaia_auth_consumer.cc b/google_apis/gaia/gaia_auth_consumer.cc
index d461bf8..860b66e 100644
--- a/google_apis/gaia/gaia_auth_consumer.cc
+++ b/google_apis/gaia/gaia_auth_consumer.cc
@@ -30,6 +30,9 @@ bool GaiaAuthConsumer::ClientLoginResult::operator==(
       two_factor == b.two_factor;
 }
 
+GaiaAuthConsumer::ClientOAuthResult::ClientOAuthResult()
+    : expires_in_secs(0) {}
+
 GaiaAuthConsumer::ClientOAuthResult::ClientOAuthResult(
     const std::string& new_refresh_token,
     const std::string& new_access_token,