Correctly deal with tokens for supervised users in ProfileOAuth2TokenService.

TBR=antrim@chromium.org
BUG=279307,312751

Review URL: https://codereview.chromium.org/33173005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@233393 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 19 insertions, 1 deletions

diff --git a/chrome/browser/extensions/api/identity/account_tracker.cc b/chrome/browser/extensions/api/identity/account_tracker.cc
index ea09479..f046ff5 100644
--- a/chrome/browser/extensions/api/identity/account_tracker.cc
+++ b/chrome/browser/extensions/api/identity/account_tracker.cc
@@ -51,6 +51,12 @@ void AccountTracker::RemoveObserver(Observer* observer) {
 }
 
 void AccountTracker::OnRefreshTokenAvailable(const std::string& account_id) {
+  // Ignore refresh tokens if there is no primary account ID at all.
+  ProfileOAuth2TokenService* token_service =
+      ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
+  if (token_service->GetPrimaryAccountId().empty())
+    return;
+
   DVLOG(1) << "AVAILABLE " << account_id;
   ClearAuthError(account_id);
   UpdateSignInState(account_id, true);
diff --git a/chrome/browser/extensions/api/identity/account_tracker_unittest.cc b/chrome/browser/extensions/api/identity/account_tracker_unittest.cc
index 2ac55ad..da41348 100644
--- a/chrome/browser/extensions/api/identity/account_tracker_unittest.cc
+++ b/chrome/browser/extensions/api/identity/account_tracker_unittest.cc
@@ -9,8 +9,10 @@
 #include "base/strings/stringprintf.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/signin/fake_profile_oauth2_token_service.h"
+#include "chrome/browser/signin/fake_signin_manager.h"
 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
 #include "chrome/browser/signin/signin_manager_base.h"
+#include "chrome/browser/signin/signin_manager_factory.h"
 #include "chrome/test/base/testing_profile.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/test/test_browser_thread_bundle.h"
@@ -210,12 +212,19 @@ class IdentityAccountTrackerTest : public testing::Test {
     TestingProfile::Builder builder;
     builder.AddTestingFactory(ProfileOAuth2TokenServiceFactory::GetInstance(),
                               FakeProfileOAuth2TokenService::Build);
+    builder.AddTestingFactory(SigninManagerFactory::GetInstance(),
+                              FakeSigninManagerBase::Build);
 
     test_profile_ = builder.Build();
 
     fake_oauth2_token_service_ = static_cast<FakeProfileOAuth2TokenService*>(
         ProfileOAuth2TokenServiceFactory::GetForProfile(test_profile_.get()));
 
+    SigninManagerBase* signin_manager =
+        SigninManagerFactory::GetForProfile(test_profile_.get());
+    signin_manager->Initialize(test_profile_.get(), NULL);
+    signin_manager->SetAuthenticatedUsername("foo@example.com");
+
     account_tracker_.reset(new AccountTracker(test_profile_.get()));
     account_tracker_->AddObserver(&observer_);
   }
diff --git a/chrome/browser/extensions/api/identity/identity_signin_flow.cc b/chrome/browser/extensions/api/identity/identity_signin_flow.cc
index 0367fc9..a0aa85e 100644
--- a/chrome/browser/extensions/api/identity/identity_signin_flow.cc
+++ b/chrome/browser/extensions/api/identity/identity_signin_flow.cc
@@ -43,7 +43,10 @@ void IdentitySigninFlow::Start() {
 
 void IdentitySigninFlow::OnRefreshTokenAvailable(
     const std::string& account_id) {
-  delegate_->SigninSuccess();
+  if (ProfileOAuth2TokenServiceFactory::GetForProfile(profile_)->
+          GetPrimaryAccountId() == account_id) {
+    delegate_->SigninSuccess();
+  }
 }
 
 }  // namespace extensions