1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
|
// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_
#define CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_
#pragma once
#include <string>
#include <vector>
#include "base/memory/scoped_ptr.h"
#include "chrome/browser/net/chrome_cookie_notification_details.h"
#include "chrome/browser/net/gaia/gaia_oauth_consumer.h"
#include "content/public/browser/notification_observer.h"
#include "content/public/browser/notification_registrar.h"
#include "content/public/common/url_fetcher_delegate.h"
#include "googleurl/src/gurl.h"
struct ChromeCookieDetails;
class Browser;
class Profile;
namespace net {
class URLRequestContextGetter;
class URLRequestStatus;
typedef std::vector<std::string> ResponseCookies;
}
// Authenticate a user using Gaia's OAuth1 and OAuth2 support.
//
// Users of this class typically desire an OAuth2 Access token scoped for a
// specific service. This will typically start with either an interactive
// login, using StartGetOAuthToken, or with a long-lived OAuth1 all-scope
// token obtained through a previous login or other means, using
// StartOAuthGetAccessToken. In fact, one can start with any of these
// routines:
// StartGetOAuthToken()
// StartOAuthGetAccessToken()
// StartOAuthWrapBridge()
// StartUserInfo()
// with the expectation that each of these calls the next Start* routine in
// the sequence, except for StartUserInfo as it's the last one.
//
// This class can handle one request at a time, and all calls through an
// instance should be serialized.
class GaiaOAuthFetcher : public content::URLFetcherDelegate,
public content::NotificationObserver {
public:
// Defines steps of OAuth process performed by this class.
typedef enum {
OAUTH1_REQUEST_TOKEN,
OAUTH1_ALL_ACCESS_TOKEN,
OAUTH2_SERVICE_ACCESS_TOKEN,
USER_INFO,
ALL_OAUTH_STEPS,
} AutoFetchLimit;
GaiaOAuthFetcher(GaiaOAuthConsumer* consumer,
net::URLRequestContextGetter* getter,
Profile* profile,
const std::string& service_scope);
virtual ~GaiaOAuthFetcher();
// Sets the mask of which OAuth fetch steps should be automatically kicked
// of upon successful completition of the previous steps. By default,
// this class will chain all steps in OAuth proccess.
void SetAutoFetchLimit(AutoFetchLimit limit) { auto_fetch_limit_ = limit; }
// Obtains an OAuth 1 request token
//
// Pops up a window aimed at the Gaia OAuth URL for GetOAuthToken and then
// listens for COOKIE_CHANGED notifications
virtual void StartGetOAuthToken();
// Non-UI version of the method above. Initiates Gaia OAuth request token
// retrieval.
void StartGetOAuthTokenRequest();
// Performs account login based on OAuth1 access token and its secret.
void StartOAuthLogin(const char* source,
const char* service,
const std::string& oauth1_access_token,
const std::string& oauth1_access_token_secret);
// Obtains an OAuth1 access token and secret
//
// oauth1_request_token is from GetOAuthToken's result.
virtual void StartOAuthGetAccessToken(
const std::string& oauth1_request_token);
// Obtains an OAuth2 access token using Gaia's OAuth1-to-OAuth2 bridge.
//
// oauth1_access_token and oauth1_access_token_secret are from
// OAuthGetAccessToken's result.
//
// wrap_token_duration is typically one hour,
// which is also the max -- you can only decrease it.
//
// service_scope will be used as a service name. For example, Chromium Sync
// uses https://www.googleapis.com/auth/chromesync for its OAuth2 service
// scope here as well as for its service name in TokenService.
virtual void StartOAuthWrapBridge(
const std::string& oauth1_access_token,
const std::string& oauth1_access_token_secret,
const std::string& wrap_token_duration,
const std::string& service_scope);
// Obtains user information related to an OAuth2 access token
//
// oauth2_access_token is from OAuthWrapBridge's result.
virtual void StartUserInfo(const std::string& oauth2_access_token);
// Starts a request for revoking the given OAuth access token (as requested by
// StartOAuthGetAccessToken).
virtual void StartOAuthRevokeAccessToken(const std::string& token,
const std::string& secret);
// Starts a request for revoking the given OAuth Bearer token (as requested by
// StartOAuthWrapBridge).
virtual void StartOAuthRevokeWrapToken(const std::string& token);
// content::NotificationObserver implementation.
virtual void Observe(int type,
const content::NotificationSource& source,
const content::NotificationDetails& details) OVERRIDE;
// Called when a cookie, e. g. oauth_token, changes
virtual void OnCookieChanged(Profile* profile,
ChromeCookieDetails* cookie_details);
// Called when a cookie, e. g. oauth_token, changes
virtual void OnBrowserClosing(Browser* profile,
bool detail);
// Implementation of content::URLFetcherDelegate
virtual void OnURLFetchComplete(const content::URLFetcher* source) OVERRIDE;
// StartGetOAuthToken (or other Start* routine) been called, but results
// are not back yet.
virtual bool HasPendingFetch() const;
// Stop any URL fetches in progress.
virtual void CancelRequest();
private:
// Process the results of a GetOAuthToken fetch via UI.
virtual void OnGetOAuthTokenFetched(const std::string& token);
// Process the results of a GetOAuthToken fetch for non-UI driven path.
virtual void OnGetOAuthTokenUrlFetched(const net::ResponseCookies& cookies,
const net::URLRequestStatus& status,
int response_code);
// Process the results of a OAuthLogin fetch.
virtual void OnOAuthLoginFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
// Process the results of a OAuthGetAccessToken fetch.
virtual void OnOAuthGetAccessTokenFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
// Process the results of a OAuthWrapBridge fetch.
virtual void OnOAuthWrapBridgeFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
// Process the results of a token revocation fetch.
virtual void OnOAuthRevokeTokenFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
// Process the results of a userinfo fetch.
virtual void OnUserInfoFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
// Tokenize the results of a GetOAuthToken fetch.
static void ParseGetOAuthTokenResponse(const std::string& data,
std::string* token);
// Tokenize the results of a OAuthLogin fetch.
static void ParseOAuthLoginResponse(const std::string& data,
std::string* sid,
std::string* lsid,
std::string* auth);
// Tokenize the results of a OAuthGetAccessToken fetch.
static void ParseOAuthGetAccessTokenResponse(const std::string& data,
std::string* token,
std::string* secret);
// Tokenize the results of a OAuthWrapBridge fetch.
static void ParseOAuthWrapBridgeResponse(const std::string& data,
std::string* token,
std::string* expires_in);
// Tokenize the results of a userinfo fetch.
static void ParseUserInfoResponse(const std::string& data,
std::string* email);
// From a URLFetcher result, generate an appropriate error.
static GoogleServiceAuthError GenerateAuthError(
const std::string& data,
const net::URLRequestStatus& status,
int response_code);
// Given parameters, create a OAuth v1 request URL.
static GURL MakeGetOAuthTokenUrl(const std::string& oauth1_login_scope,
const std::string& product_name);
// Given parameters, create a OAuthGetAccessToken request body.
static std::string MakeOAuthGetAccessTokenBody(
const std::string& oauth1_request_token);
// Given parameters, create a OAuthLogin request body.
static std::string MakeOAuthLoginBody(
const char* source,
const char* service,
const std::string& oauth1_access_token,
const std::string& oauth1_access_token_secret);
// Given parameters, create a OAuthWrapBridge request body.
static std::string MakeOAuthWrapBridgeBody(
const std::string& oauth1_access_token,
const std::string& oauth1_access_token_secret,
const std::string& wrap_token_duration,
const std::string& oauth2_service_scope);
// Create a fetcher useable for making any Gaia OAuth request.
static content::URLFetcher* CreateGaiaFetcher(
net::URLRequestContextGetter* getter,
const GURL& gaia_gurl_,
const std::string& body,
const std::string& headers,
bool send_cookies,
content::URLFetcherDelegate* delegate);
bool ShouldAutoFetch(AutoFetchLimit fetch_step);
// These fields are common to GaiaOAuthFetcher, same every request
GaiaOAuthConsumer* const consumer_;
net::URLRequestContextGetter* const getter_;
Profile* profile_;
Browser* popup_;
content::NotificationRegistrar registrar_;
// While a fetch is going on:
scoped_ptr<content::URLFetcher> fetcher_;
std::string request_body_;
std::string request_headers_;
std::string service_scope_;
bool fetch_pending_;
AutoFetchLimit auto_fetch_limit_;
DISALLOW_COPY_AND_ASSIGN(GaiaOAuthFetcher);
};
#endif // CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_
|
