Identity API: Add token cache and identity.invalidateAuthToken.

Identity.getAuthToken caches access tokens from GAIA. Tokens expirations
are handled automatically, but if an access token goes bad for some other
reason, the application can call identity.invalidateAuthToken to remove
a bad token from the cache.

BUG=228908
(step #1 of the bug description)

Review URL: https://chromiumcodereview.appspot.com/14329014

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195604 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 32 insertions, 14 deletions

diff --git a/google_apis/gaia/oauth2_mint_token_flow.cc b/google_apis/gaia/oauth2_mint_token_flow.cc
index 169d187..9c5d943 100644
--- a/google_apis/gaia/oauth2_mint_token_flow.cc
+++ b/google_apis/gaia/oauth2_mint_token_flow.cc
@@ -14,6 +14,7 @@
 #include "base/message_loop.h"
 #include "base/string_util.h"
 #include "base/stringprintf.h"
+#include "base/strings/string_number_conversions.h"
 #include "base/utf_string_conversions.h"
 #include "base/values.h"
 #include "google_apis/gaia/gaia_urls.h"
@@ -45,6 +46,7 @@ static const char kIssueAdviceValueAuto[] = "auto";
 static const char kIssueAdviceValueConsent[] = "consent";
 static const char kAccessTokenKey[] = "token";
 static const char kConsentKey[] = "consent";
+static const char kExpiresInKey[] = "expiresIn";
 static const char kScopesKey[] = "scopes";
 static const char kDescriptionKey[] = "description";
 static const char kDetailKey[] = "detail";
@@ -102,9 +104,10 @@ OAuth2MintTokenFlow::OAuth2MintTokenFlow(URLRequestContextGetter* context,
 
 OAuth2MintTokenFlow::~OAuth2MintTokenFlow() { }
 
-void OAuth2MintTokenFlow::ReportSuccess(const std::string& access_token) {
+void OAuth2MintTokenFlow::ReportSuccess(const std::string& access_token,
+                                        int time_to_live) {
   if (delegate_)
-    delegate_->OnMintTokenSuccess(access_token);
+    delegate_->OnMintTokenSuccess(access_token, time_to_live);
 
   // |this| may already be deleted.
 }
@@ -174,8 +177,9 @@ void OAuth2MintTokenFlow::ProcessApiCallSuccess(
       ReportFailure(GoogleServiceAuthError::FromConnectionError(101));
   } else {
     std::string access_token;
-    if (ParseMintTokenResponse(dict, &access_token))
-      ReportSuccess(access_token);
+    int time_to_live;
+    if (ParseMintTokenResponse(dict, &access_token, &time_to_live))
+      ReportSuccess(access_token, time_to_live);
     else
       ReportFailure(GoogleServiceAuthError::FromConnectionError(101));
   }
@@ -200,10 +204,15 @@ void OAuth2MintTokenFlow::ProcessMintAccessTokenFailure(
 
 // static
 bool OAuth2MintTokenFlow::ParseMintTokenResponse(
-    const base::DictionaryValue* dict, std::string* access_token) {
+    const base::DictionaryValue* dict, std::string* access_token,
+    int* time_to_live) {
   CHECK(dict);
   CHECK(access_token);
-  return dict->GetString(kAccessTokenKey, access_token);
+  CHECK(time_to_live);
+  std::string ttl_string;
+  return dict->GetString(kExpiresInKey, &ttl_string) &&
+      base::StringToInt(ttl_string, time_to_live) &&
+      dict->GetString(kAccessTokenKey, access_token);
 }
 
 // static
diff --git a/google_apis/gaia/oauth2_mint_token_flow.h b/google_apis/gaia/oauth2_mint_token_flow.h
index 40850b4..e2824e6 100644
--- a/google_apis/gaia/oauth2_mint_token_flow.h
+++ b/google_apis/gaia/oauth2_mint_token_flow.h
@@ -90,7 +90,8 @@ class OAuth2MintTokenFlow : public OAuth2ApiCallFlow {
 
   class Delegate {
    public:
-    virtual void OnMintTokenSuccess(const std::string& access_token) {}
+    virtual void OnMintTokenSuccess(const std::string& access_token,
+                                    int time_to_live) {}
     virtual void OnIssueAdviceSuccess(const IssueAdviceInfo& issue_advice)  {}
     virtual void OnMintTokenFailure(const GoogleServiceAuthError& error) {}
 
@@ -126,14 +127,15 @@ class OAuth2MintTokenFlow : public OAuth2ApiCallFlow {
   FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest,
       ProcessMintAccessTokenFailure);
 
-  void ReportSuccess(const std::string& access_token);
+  void ReportSuccess(const std::string& access_token, int time_to_live);
   void ReportIssueAdviceSuccess(const IssueAdviceInfo& issue_advice);
   void ReportFailure(const GoogleServiceAuthError& error);
 
   static bool ParseIssueAdviceResponse(
       const base::DictionaryValue* dict, IssueAdviceInfo* issue_advice);
   static bool ParseMintTokenResponse(
-      const base::DictionaryValue* dict, std::string* access_token);
+      const base::DictionaryValue* dict, std::string* access_token,
+      int* time_to_live);
 
   Delegate* delegate_;
   Parameters parameters_;
diff --git a/google_apis/gaia/oauth2_mint_token_flow_unittest.cc b/google_apis/gaia/oauth2_mint_token_flow_unittest.cc
index 3206601..48a9ff1 100644
--- a/google_apis/gaia/oauth2_mint_token_flow_unittest.cc
+++ b/google_apis/gaia/oauth2_mint_token_flow_unittest.cc
@@ -29,7 +29,8 @@ namespace {
 static const char kValidTokenResponse[] =
     "{"
     "  \"token\": \"at1\","
-    "  \"issueAdvice\": \"Auto\""
+    "  \"issueAdvice\": \"Auto\","
+    "  \"expiresIn\": \"3600\""
     "}";
 static const char kTokenResponseNoAccessToken[] =
     "{"
@@ -126,7 +127,8 @@ class MockDelegate : public OAuth2MintTokenFlow::Delegate {
   MockDelegate() {}
   ~MockDelegate() {}
 
-  MOCK_METHOD1(OnMintTokenSuccess, void(const std::string& access_token));
+  MOCK_METHOD2(OnMintTokenSuccess, void(const std::string& access_token,
+                                        int time_to_live));
   MOCK_METHOD1(OnIssueAdviceSuccess,
                void (const IssueAdviceInfo& issue_advice));
   MOCK_METHOD1(OnMintTokenFailure,
@@ -230,14 +232,19 @@ TEST_F(OAuth2MintTokenFlowTest, ParseMintTokenResponse) {
     scoped_ptr<base::DictionaryValue> json(
         ParseJson(kTokenResponseNoAccessToken));
     std::string at;
-    EXPECT_FALSE(OAuth2MintTokenFlow::ParseMintTokenResponse(json.get(), &at));
+    int ttl;
+    EXPECT_FALSE(OAuth2MintTokenFlow::ParseMintTokenResponse(json.get(), &at,
+                                                             &ttl));
     EXPECT_TRUE(at.empty());
   }
   {  // All good.
     scoped_ptr<base::DictionaryValue> json(ParseJson(kValidTokenResponse));
     std::string at;
-    EXPECT_TRUE(OAuth2MintTokenFlow::ParseMintTokenResponse(json.get(), &at));
+    int ttl;
+    EXPECT_TRUE(OAuth2MintTokenFlow::ParseMintTokenResponse(json.get(), &at,
+                                                            &ttl));
     EXPECT_EQ("at1", at);
+    EXPECT_EQ(3600, ttl);
   }
 }
 
@@ -295,7 +302,7 @@ TEST_F(OAuth2MintTokenFlowTest, ProcessApiCallSuccess) {
     TestURLFetcher url_fetcher(1, GURL("http://www.google.com"), NULL);
     url_fetcher.SetResponseString(kValidTokenResponse);
     CreateFlow(OAuth2MintTokenFlow::MODE_MINT_TOKEN_NO_FORCE);
-    EXPECT_CALL(delegate_, OnMintTokenSuccess("at1"));
+    EXPECT_CALL(delegate_, OnMintTokenSuccess("at1", 3600));
     flow_->ProcessApiCallSuccess(&url_fetcher);
   }
   {  // Valid json: no description.