summaryrefslogtreecommitdiffstats
path: root/sync
diff options
context:
space:
mode:
authorpavely@chromium.org <pavely@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-06-13 23:52:03 +0000
committerpavely@chromium.org <pavely@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-06-13 23:52:03 +0000
commitb67c18c667575649126831940f07e3c420d29cfc (patch)
tree9003b7db2b0aebc3ef7df5ecf221834ec1393fa6 /sync
parenteffc83ba229132cabfa86df3a396b564a573f38c (diff)
downloadchromium_src-b67c18c667575649126831940f07e3c420d29cfc.zip
chromium_src-b67c18c667575649126831940f07e3c420d29cfc.tar.gz
chromium_src-b67c18c667575649126831940f07e3c420d29cfc.tar.bz2
Use OAuth2 token for sync
ProfileSyncService requests access token from OAuth2TokenService and passes it to ServerConnectionManager through UpdateCredentials. When server returns AUTH_ERROR it gets propagated to ProfileSyncService through OnGetStatusChange call. At this point ProfileSyncService needs to invalidate old token with OAuth2TokenService and request a new one. Access token is requested in PSS::StartUp since this is the place where all preconditions are verified. There is a call to pre-request access token in Initialize and Observe after Login token is loaded. There are still two tests disabled, I'll fix them and update this CR. BUG=226464 TBR=jhawkins@chromium.org Review URL: https://chromiumcodereview.appspot.com/15421011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@206224 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sync')
-rw-r--r--sync/engine/net/server_connection_manager.cc34
-rw-r--r--sync/engine/net/server_connection_manager.h23
-rw-r--r--sync/engine/syncer_proto_util_unittest.cc2
-rw-r--r--sync/internal_api/public/sync_manager.h5
-rw-r--r--sync/internal_api/public/test/fake_sync_manager.h3
-rw-r--r--sync/internal_api/sync_manager_impl.cc10
-rw-r--r--sync/internal_api/sync_manager_impl.h3
-rw-r--r--sync/internal_api/sync_manager_impl_unittest.cc3
-rw-r--r--sync/internal_api/syncapi_server_connection_manager.cc13
-rw-r--r--sync/internal_api/syncapi_server_connection_manager.h1
-rw-r--r--sync/internal_api/syncapi_server_connection_manager_unittest.cc4
-rw-r--r--sync/internal_api/test/fake_sync_manager.cc3
-rw-r--r--sync/test/engine/mock_connection_manager.cc4
-rw-r--r--sync/tools/sync_client.cc2
-rw-r--r--sync/tools/testserver/xmppserver.py1
15 files changed, 48 insertions, 63 deletions
diff --git a/sync/engine/net/server_connection_manager.cc b/sync/engine/net/server_connection_manager.cc
index 2d1d6c8..5cac362 100644
--- a/sync/engine/net/server_connection_manager.cc
+++ b/sync/engine/net/server_connection_manager.cc
@@ -10,7 +10,6 @@
#include <string>
#include <vector>
-#include "base/command_line.h"
#include "base/metrics/histogram.h"
#include "build/build_config.h"
#include "googleurl/src/gurl.h"
@@ -177,10 +176,12 @@ ScopedServerStatusWatcher::~ScopedServerStatusWatcher() {
ServerConnectionManager::ServerConnectionManager(
const string& server,
int port,
- bool use_ssl)
+ bool use_ssl,
+ bool use_oauth2_token)
: sync_server_(server),
sync_server_port_(port),
use_ssl_(use_ssl),
+ use_oauth2_token_(use_oauth2_token),
proto_sync_path_(kSyncServerSyncPath),
server_status_(HttpResponse::NONE),
terminated_(false),
@@ -213,12 +214,10 @@ void ServerConnectionManager::OnConnectionDestroyed(Connection* connection) {
active_connection_ = NULL;
}
-bool ServerConnectionManager::SetAuthToken(const std::string& auth_token,
- const base::Time& auth_token_time) {
+bool ServerConnectionManager::SetAuthToken(const std::string& auth_token) {
DCHECK(thread_checker_.CalledOnValidThread());
if (previously_invalidated_token != auth_token) {
auth_token_.assign(auth_token);
- auth_token_time_ = auth_token_time;
previously_invalidated_token = std::string();
return true;
}
@@ -226,18 +225,6 @@ bool ServerConnectionManager::SetAuthToken(const std::string& auth_token,
}
void ServerConnectionManager::OnInvalidationCredentialsRejected() {
- if (!auth_token_time_.is_null()) {
- base::TimeDelta age = base::Time::Now() - auth_token_time_;
- if (age < base::TimeDelta::FromHours(1)) {
- UMA_HISTOGRAM_CUSTOM_TIMES("Sync.AuthInvalidationRejectedTokenAgeShort",
- age,
- base::TimeDelta::FromSeconds(1),
- base::TimeDelta::FromHours(1),
- 50);
- }
- UMA_HISTOGRAM_COUNTS("Sync.AuthInvalidationRejectedTokenAgeLong",
- age.InDays());
- }
InvalidateAndClearAuthToken();
SetServerStatus(HttpResponse::SYNC_AUTH_ERROR);
}
@@ -248,7 +235,6 @@ void ServerConnectionManager::InvalidateAndClearAuthToken() {
if (!auth_token_.empty()) {
previously_invalidated_token.assign(auth_token_);
auth_token_ = std::string();
- auth_token_time_ = base::Time();
}
}
@@ -300,18 +286,6 @@ bool ServerConnectionManager::PostBufferToPath(PostBufferParams* params,
path.c_str(), auth_token, params->buffer_in, &params->response);
if (params->response.server_status == HttpResponse::SYNC_AUTH_ERROR) {
- if (!auth_token_time_.is_null()) {
- base::TimeDelta age = base::Time::Now() - auth_token_time_;
- if (age < base::TimeDelta::FromHours(1)) {
- UMA_HISTOGRAM_CUSTOM_TIMES("Sync.AuthServerRejectedTokenAgeShort",
- age,
- base::TimeDelta::FromSeconds(1),
- base::TimeDelta::FromHours(1),
- 50);
- }
- UMA_HISTOGRAM_COUNTS("Sync.AuthServerRejectedTokenAgeLong",
- age.InDays());
- }
InvalidateAndClearAuthToken();
}
diff --git a/sync/engine/net/server_connection_manager.h b/sync/engine/net/server_connection_manager.h
index f46ee89..3bd533e 100644
--- a/sync/engine/net/server_connection_manager.h
+++ b/sync/engine/net/server_connection_manager.h
@@ -164,10 +164,12 @@ class SYNC_EXPORT_PRIVATE ServerConnectionManager {
void GetServerParams(std::string* server,
int* server_port,
- bool* use_ssl) const {
+ bool* use_ssl,
+ bool* use_oauth2_token) const {
server->assign(scm_->sync_server_);
*server_port = scm_->sync_server_port_;
*use_ssl = scm_->use_ssl_;
+ *use_oauth2_token = scm_->use_oauth2_token_;
}
std::string buffer_;
@@ -180,7 +182,8 @@ class SYNC_EXPORT_PRIVATE ServerConnectionManager {
ServerConnectionManager(const std::string& server,
int port,
- bool use_ssl);
+ bool use_ssl,
+ bool use_oauth2_token);
virtual ~ServerConnectionManager();
@@ -224,11 +227,8 @@ class SYNC_EXPORT_PRIVATE ServerConnectionManager {
client_id_.assign(client_id);
}
- // Sets a new auth token and time. |auth_token_time| is an optional parameter
- // that contains the date the auth token was fetched/refreshed, and is used
- // for histogramms/logging only.
- bool SetAuthToken(const std::string& auth_token,
- const base::Time& auth_token_time);
+ // Sets a new auth token and time.
+ bool SetAuthToken(const std::string& auth_token);
// Our out-of-band invalidations channel can encounter auth errors,
// and when it does so it tells us via this method to prevent making more
@@ -288,16 +288,17 @@ class SYNC_EXPORT_PRIVATE ServerConnectionManager {
// Indicates whether or not requests should be made using HTTPS.
bool use_ssl_;
+ // Indicates if token should be handled as OAuth2 token. Connection should set
+ // auth header appropriately.
+ // TODO(pavely): Remove once sync on android switches to oauth2 tokens.
+ bool use_oauth2_token_;
+
// The paths we post to.
std::string proto_sync_path_;
// The auth token to use in authenticated requests.
std::string auth_token_;
- // The time at which this auth token was last created/refreshed.
- // Used for histogramming.
- base::Time auth_token_time_;
-
// The previous auth token that is invalid now.
std::string previously_invalidated_token;
diff --git a/sync/engine/syncer_proto_util_unittest.cc b/sync/engine/syncer_proto_util_unittest.cc
index 098d975..bc2feb9 100644
--- a/sync/engine/syncer_proto_util_unittest.cc
+++ b/sync/engine/syncer_proto_util_unittest.cc
@@ -242,7 +242,7 @@ TEST_F(SyncerProtoUtilTest, AddRequestBirthday) {
class DummyConnectionManager : public ServerConnectionManager {
public:
DummyConnectionManager()
- : ServerConnectionManager("unused", 0, false),
+ : ServerConnectionManager("unused", 0, false, false),
send_error_(false),
access_denied_(false) {}
diff --git a/sync/internal_api/public/sync_manager.h b/sync/internal_api/public/sync_manager.h
index 3f961fb..361b022 100644
--- a/sync/internal_api/public/sync_manager.h
+++ b/sync/internal_api/public/sync_manager.h
@@ -65,8 +65,6 @@ struct SyncCredentials {
std::string email;
// The raw authentication token's bytes.
std::string sync_token;
- // (optional) The time at which the token was fetched/refreshed.
- base::Time sync_token_time;
};
// SyncManager encapsulates syncable::Directory and serves as the parent of all
@@ -324,7 +322,8 @@ class SYNC_EXPORT SyncManager {
scoped_ptr<InternalComponentsFactory> internal_components_factory,
Encryptor* encryptor,
UnrecoverableErrorHandler* unrecoverable_error_handler,
- ReportUnrecoverableErrorFunction report_unrecoverable_error_function) = 0;
+ ReportUnrecoverableErrorFunction report_unrecoverable_error_function,
+ bool use_oauth2_token) = 0;
// Throw an unrecoverable error from a transaction (mostly used for
// testing).
diff --git a/sync/internal_api/public/test/fake_sync_manager.h b/sync/internal_api/public/test/fake_sync_manager.h
index e4cb09f..f311b2f 100644
--- a/sync/internal_api/public/test/fake_sync_manager.h
+++ b/sync/internal_api/public/test/fake_sync_manager.h
@@ -92,7 +92,8 @@ class FakeSyncManager : public SyncManager {
Encryptor* encryptor,
UnrecoverableErrorHandler* unrecoverable_error_handler,
ReportUnrecoverableErrorFunction
- report_unrecoverable_error_function) OVERRIDE;
+ report_unrecoverable_error_function,
+ bool use_oauth2_token) OVERRIDE;
virtual void ThrowUnrecoverableError() OVERRIDE;
virtual ModelTypeSet InitialSyncEndedTypes() OVERRIDE;
virtual ModelTypeSet GetTypesWithEmptyProgressMarkerToken(
diff --git a/sync/internal_api/sync_manager_impl.cc b/sync/internal_api/sync_manager_impl.cc
index bfe87df..eff419a 100644
--- a/sync/internal_api/sync_manager_impl.cc
+++ b/sync/internal_api/sync_manager_impl.cc
@@ -9,7 +9,6 @@
#include "base/base64.h"
#include "base/bind.h"
#include "base/callback.h"
-#include "base/command_line.h"
#include "base/compiler_specific.h"
#include "base/json/json_writer.h"
#include "base/memory/ref_counted.h"
@@ -370,7 +369,8 @@ void SyncManagerImpl::Init(
scoped_ptr<InternalComponentsFactory> internal_components_factory,
Encryptor* encryptor,
UnrecoverableErrorHandler* unrecoverable_error_handler,
- ReportUnrecoverableErrorFunction report_unrecoverable_error_function) {
+ ReportUnrecoverableErrorFunction report_unrecoverable_error_function,
+ bool use_oauth2_token) {
CHECK(!initialized_);
DCHECK(thread_checker_.CalledOnValidThread());
DCHECK(post_factory.get());
@@ -437,7 +437,8 @@ void SyncManagerImpl::Init(
}
connection_manager_.reset(new SyncAPIServerConnectionManager(
- sync_server_and_path, port, use_ssl, post_factory.release()));
+ sync_server_and_path, port, use_ssl, use_oauth2_token,
+ post_factory.release()));
connection_manager_->set_client_id(directory()->cache_guid());
connection_manager_->AddListener(this);
@@ -625,8 +626,7 @@ void SyncManagerImpl::UpdateCredentials(const SyncCredentials& credentials) {
DCHECK(!credentials.sync_token.empty());
observing_network_connectivity_changes_ = true;
- if (!connection_manager_->SetAuthToken(credentials.sync_token,
- credentials.sync_token_time))
+ if (!connection_manager_->SetAuthToken(credentials.sync_token))
return; // Auth token is known to be invalid, so exit early.
invalidator_->UpdateCredentials(credentials.email, credentials.sync_token);
diff --git a/sync/internal_api/sync_manager_impl.h b/sync/internal_api/sync_manager_impl.h
index a21b6e8..a078e6a 100644
--- a/sync/internal_api/sync_manager_impl.h
+++ b/sync/internal_api/sync_manager_impl.h
@@ -82,7 +82,8 @@ class SYNC_EXPORT_PRIVATE SyncManagerImpl :
Encryptor* encryptor,
UnrecoverableErrorHandler* unrecoverable_error_handler,
ReportUnrecoverableErrorFunction
- report_unrecoverable_error_function) OVERRIDE;
+ report_unrecoverable_error_function,
+ bool use_oauth2_token) OVERRIDE;
virtual void ThrowUnrecoverableError() OVERRIDE;
virtual ModelTypeSet InitialSyncEndedTypes() OVERRIDE;
virtual ModelTypeSet GetTypesWithEmptyProgressMarkerToken(
diff --git a/sync/internal_api/sync_manager_impl_unittest.cc b/sync/internal_api/sync_manager_impl_unittest.cc
index 3022a00..d42c9376 100644
--- a/sync/internal_api/sync_manager_impl_unittest.cc
+++ b/sync/internal_api/sync_manager_impl_unittest.cc
@@ -838,7 +838,8 @@ class SyncManagerTest : public testing::Test,
scoped_ptr<InternalComponentsFactory>(GetFactory()),
&encryptor_,
&handler_,
- NULL);
+ NULL,
+ false);
sync_manager_.GetEncryptionHandler()->AddObserver(&encryption_observer_);
diff --git a/sync/internal_api/syncapi_server_connection_manager.cc b/sync/internal_api/syncapi_server_connection_manager.cc
index 6b99ed1..224d579 100644
--- a/sync/internal_api/syncapi_server_connection_manager.cc
+++ b/sync/internal_api/syncapi_server_connection_manager.cc
@@ -31,15 +31,19 @@ bool SyncAPIBridgedConnection::Init(const char* path,
std::string sync_server;
int sync_server_port = 0;
bool use_ssl = false;
- GetServerParams(&sync_server, &sync_server_port, &use_ssl);
+ bool use_oauth2_token = false;
+ GetServerParams(&sync_server, &sync_server_port, &use_ssl, &use_oauth2_token);
std::string connection_url = MakeConnectionURL(sync_server, path, use_ssl);
HttpPostProviderInterface* http = post_provider_;
http->SetURL(connection_url.c_str(), sync_server_port);
if (!auth_token.empty()) {
- const std::string& headers =
- "Authorization: GoogleLogin auth=" + auth_token;
+ std::string headers;
+ if (use_oauth2_token)
+ headers = "Authorization: Bearer " + auth_token;
+ else
+ headers = "Authorization: GoogleLogin auth=" + auth_token;
http->SetExtraRequestHeaders(headers.c_str());
}
@@ -87,8 +91,9 @@ SyncAPIServerConnectionManager::SyncAPIServerConnectionManager(
const std::string& server,
int port,
bool use_ssl,
+ bool use_oauth2_token,
HttpPostProviderFactory* factory)
- : ServerConnectionManager(server, port, use_ssl),
+ : ServerConnectionManager(server, port, use_ssl, use_oauth2_token),
post_provider_factory_(factory) {
DCHECK(post_provider_factory_.get());
}
diff --git a/sync/internal_api/syncapi_server_connection_manager.h b/sync/internal_api/syncapi_server_connection_manager.h
index 6f0fb3f..74312b3 100644
--- a/sync/internal_api/syncapi_server_connection_manager.h
+++ b/sync/internal_api/syncapi_server_connection_manager.h
@@ -54,6 +54,7 @@ class SYNC_EXPORT_PRIVATE SyncAPIServerConnectionManager
SyncAPIServerConnectionManager(const std::string& server,
int port,
bool use_ssl,
+ bool use_oauth2_token,
HttpPostProviderFactory* factory);
virtual ~SyncAPIServerConnectionManager();
diff --git a/sync/internal_api/syncapi_server_connection_manager_unittest.cc b/sync/internal_api/syncapi_server_connection_manager_unittest.cc
index a0fe420..282c5d3 100644
--- a/sync/internal_api/syncapi_server_connection_manager_unittest.cc
+++ b/sync/internal_api/syncapi_server_connection_manager_unittest.cc
@@ -69,7 +69,7 @@ class BlockingHttpPostFactory : public HttpPostProviderFactory {
TEST(SyncAPIServerConnectionManagerTest, EarlyAbortPost) {
SyncAPIServerConnectionManager server(
- "server", 0, true, new BlockingHttpPostFactory());
+ "server", 0, true, false, new BlockingHttpPostFactory());
ServerConnectionManager::PostBufferParams params;
ScopedServerStatusWatcher watcher(&server, &params.response);
@@ -85,7 +85,7 @@ TEST(SyncAPIServerConnectionManagerTest, EarlyAbortPost) {
TEST(SyncAPIServerConnectionManagerTest, AbortPost) {
SyncAPIServerConnectionManager server(
- "server", 0, true, new BlockingHttpPostFactory());
+ "server", 0, true, false, new BlockingHttpPostFactory());
ServerConnectionManager::PostBufferParams params;
ScopedServerStatusWatcher watcher(&server, &params.response);
diff --git a/sync/internal_api/test/fake_sync_manager.cc b/sync/internal_api/test/fake_sync_manager.cc
index 4769585..036376f 100644
--- a/sync/internal_api/test/fake_sync_manager.cc
+++ b/sync/internal_api/test/fake_sync_manager.cc
@@ -111,7 +111,8 @@ void FakeSyncManager::Init(
Encryptor* encryptor,
UnrecoverableErrorHandler* unrecoverable_error_handler,
ReportUnrecoverableErrorFunction
- report_unrecoverable_error_function) {
+ report_unrecoverable_error_function,
+ bool use_oauth2_token) {
sync_task_runner_ = base::ThreadTaskRunnerHandle::Get();
PurgePartiallySyncedTypes();
diff --git a/sync/test/engine/mock_connection_manager.cc b/sync/test/engine/mock_connection_manager.cc
index 199d568..073a3be 100644
--- a/sync/test/engine/mock_connection_manager.cc
+++ b/sync/test/engine/mock_connection_manager.cc
@@ -34,7 +34,7 @@ static char kValidAuthToken[] = "AuthToken";
static char kCacheGuid[] = "kqyg7097kro6GSUod+GSg==";
MockConnectionManager::MockConnectionManager(syncable::Directory* directory)
- : ServerConnectionManager("unused", 0, false),
+ : ServerConnectionManager("unused", 0, false, false),
server_reachable_(true),
conflict_all_commits_(false),
conflict_n_commits_(0),
@@ -52,7 +52,7 @@ MockConnectionManager::MockConnectionManager(syncable::Directory* directory)
use_legacy_bookmarks_protocol_(false),
num_get_updates_requests_(0) {
SetNewTimestamp(0);
- SetAuthToken(kValidAuthToken, base::Time());
+ SetAuthToken(kValidAuthToken);
}
MockConnectionManager::~MockConnectionManager() {
diff --git a/sync/tools/sync_client.cc b/sync/tools/sync_client.cc
index 1cc3640..c6a5e5b 100644
--- a/sync/tools/sync_client.cc
+++ b/sync/tools/sync_client.cc
@@ -345,7 +345,7 @@ int SyncClientMain(int argc, char* argv[]) {
new InternalComponentsFactoryImpl(factory_switches)),
&null_encryptor,
&unrecoverable_error_handler,
- &LogUnrecoverableErrorContext);
+ &LogUnrecoverableErrorContext, false);
// TODO(akalin): Avoid passing in model parameters multiple times by
// organizing handling of model types.
sync_manager->UpdateEnabledTypes(model_types);
diff --git a/sync/tools/testserver/xmppserver.py b/sync/tools/testserver/xmppserver.py
index f9599c0..0b32933 100644
--- a/sync/tools/testserver/xmppserver.py
+++ b/sync/tools/testserver/xmppserver.py
@@ -213,6 +213,7 @@ class HandshakeTask(object):
' <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">'
' <mechanism>PLAIN</mechanism>'
' <mechanism>X-GOOGLE-TOKEN</mechanism>'
+ ' <mechanism>X-OAUTH2</mechanism>'
' </mechanisms>'
'</stream:features>')
generated by cgit v1.1 at 2025-01-26 23:03:03 +0000