New authorization framework for sync.

To quote chron's original patch (http://codereview.chromium.org/3148036/show)
<blockquote>
This patch removes: authenticator.cc, auth_watcher.cc 

removes calls to user_settings.cc, removes an authenticate PB request to the server, and moves token storage into the Chrome TokenService. This patch introduces the SigninManager, which is an interim solution for user management prior to moving the system into chrome. 

Other changes include removing the dependency on the sync backend to be running while the sync wizard is intially displayed. This means that the backend can be brought up in response to credentials becoming available. The backend now is always provided credentials on startup. If an auth error occurs, it propogates it up via a notification. Some event handlers were removed and streamlined for more straightforward sync system startup. 
</blockquote>

BUG=51001, 50293, 35158
TEST=Unit tests && Start up sync, log in, log out, run with expired credentials, run with new gaia credentials, run with gaia credentials updated while system is syncing. Try logging in with incorrect username. Trigger CAPTCHA. Try logging out and in repeatedly. Check about:sync works. Try going offline and back online again. Expire gaia credentials and try renewing it with the UI dialog.

Review URL: http://codereview.chromium.org/3305003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@58778 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 30 insertions, 23 deletions

diff --git a/chrome/browser/sync/profile_sync_service.h b/chrome/browser/sync/profile_sync_service.h
index c0f023f..efa2cb2 100644
--- a/chrome/browser/sync/profile_sync_service.h
+++ b/chrome/browser/sync/profile_sync_service.h
@@ -15,12 +15,14 @@
 #include "base/string16.h"
 #include "base/time.h"
 #include "chrome/browser/prefs/pref_member.h"
+#include "chrome/browser/sync/engine/syncapi.h"
 #include "chrome/browser/sync/glue/data_type_controller.h"
 #include "chrome/browser/sync/glue/data_type_manager.h"
 #include "chrome/browser/sync/glue/session_model_associator.h"
 #include "chrome/browser/sync/glue/sync_backend_host.h"
 #include "chrome/browser/sync/notification_method.h"
 #include "chrome/browser/sync/profile_sync_service_observer.h"
+#include "chrome/browser/sync/signin_manager.h"
 #include "chrome/browser/sync/sync_setup_wizard.h"
 #include "chrome/browser/sync/syncable/model_type.h"
 #include "chrome/browser/sync/unrecoverable_error_handler.h"
@@ -34,6 +36,7 @@ class NotificationSource;
 class NotificationType;
 class Profile;
 class ProfileSyncFactory;
+class TokenMigrator;
 
 // ProfileSyncService is the layer between browser subsystems like bookmarks,
 // and the sync backend.  Each subsystem is logically thought of as being
@@ -114,13 +117,23 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
 
   ProfileSyncService(ProfileSyncFactory* factory_,
                      Profile* profile,
-                     bool bootstrap_sync_authentication);
+                     const std::string& cros_user);
   virtual ~ProfileSyncService();
 
   // Initializes the object. This should be called every time an object of this
   // class is constructed.
   void Initialize();
 
+  void RegisterAuthNotifications();
+
+  // Return whether all sync tokens are loaded and
+  // available for the backend to start up.
+  bool AreCredentialsAvailable();
+
+  // Loads credentials migrated from the old user settings db.
+  void LoadMigratedCredentials(const std::string& username,
+                               const std::string& token);
+
   // Registers a data type controller with the sync service.  This
   // makes the data type controller available for use, it does not
   // enable or activate the synchronization of the data type (see
@@ -138,8 +151,7 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
   void GetDataTypeControllerStates(
     browser_sync::DataTypeController::StateMap* state_map) const;
 
-  // Enables/disables sync for user.
-  virtual void EnableForUser(gfx::NativeWindow parent_window);
+  // Disables sync for user. Use ShowLoginDialog to enable.
   virtual void DisableForUser();
 
   // Whether sync is enabled by user or not.
@@ -157,6 +169,9 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
                                    const std::string& password,
                                    const std::string& captcha);
 
+  // Update the last auth error and notify observers of error state.
+  void UpdateAuthErrorState(const GoogleServiceAuthError& error);
+
   // Called when a user chooses which data types to sync as part of the sync
   // setup wizard.  |sync_everything| represents whether they chose the
   // "keep everything synced" option; if true, |chosen_types| will be ignored
@@ -326,6 +341,9 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
   void RegisterPreferences();
   void ClearPreferences();
 
+  // Return SyncCredentials from the TokenService.
+  sync_api::SyncCredentials GetCredentials();
+
   // Test need to override this to create backends that allow setting up
   // initial conditions, such as populating sync nodes.
   virtual void CreateBackend();
@@ -334,10 +352,8 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
     return data_type_controllers_;
   }
 
-  // We keep track of the last auth error observed so we can cover up the first
-  // "expected" auth failure from observers.
-  // TODO(timsteele): Same as expecting_first_run_auth_needed_event_. Remove
-  // this!
+  // The wizard will try to read the auth state out of the profile sync
+  // service using this member. Captcha and error state are reflected.
   GoogleServiceAuthError last_auth_error_;
 
   // Our asynchronous backend to communicate with sync components living on
@@ -380,11 +396,8 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
   // The profile whose data we are synchronizing.
   Profile* profile_;
 
-  // True if the profile sync service should attempt to use an LSID
-  // cookie for authentication.  This is typically set to true in
-  // ChromiumOS since we want to use the system level authentication
-  // for sync.
-  bool bootstrap_sync_authentication_;
+  // Email for the ChromiumOS user, if we're running under ChromiumOS.
+  std::string cros_user_;
 
   // TODO(ncarter): Put this in a profile, once there is UI for it.
   // This specifies where to find the sync server.
@@ -400,17 +413,6 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
   // Whether the SyncBackendHost has been initialized.
   bool backend_initialized_;
 
-  // Set to true when the user first enables sync, and we are waiting for
-  // syncapi to give us the green light on providing credentials for the first
-  // time. It is set back to false as soon as we get this message, and is
-  // false all other times so we don't have to persist this value as it will
-  // get initialized to false.
-  // TODO(timsteele): Remove this by way of starting the wizard when enabling
-  // sync *before* initializing the backend. syncapi will need to change, but
-  // it means we don't have to wait for the first AuthError; if we ever get
-  // one, it is actually an error and this bool isn't needed.
-  bool expecting_first_run_auth_needed_event_;
-
   // Various pieces of UI query this value to determine if they should show
   // an "Authenticating.." type of message.  We are the only central place
   // all auth attempts funnel through, so it makes sense to provide this.
@@ -419,6 +421,9 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
 
   SyncSetupWizard wizard_;
 
+  // Encapsulates user signin with TokenService.
+  SigninManager signin_;
+
   // True if an unrecoverable error (e.g. violation of an assumed invariant)
   // occurred during syncer operation.  This value should be checked before
   // doing any work that might corrupt things further.
@@ -454,6 +459,8 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
   // desist syncing immediately.
   bool expect_sync_configuration_aborted_;
 
+  scoped_ptr<TokenMigrator> token_migrator_;
+
   DISALLOW_COPY_AND_ASSIGN(ProfileSyncService);
 };