1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
|
// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_
#define CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_
#pragma once
#include <string>
#include "base/gtest_prod_util.h"
#include "base/memory/scoped_ptr.h"
#include "chrome/common/net/gaia/gaia_auth_consumer.h"
#include "content/common/url_fetcher.h"
#include "googleurl/src/gurl.h"
// Authenticate a user against the Google Accounts ClientLogin API
// with various capabilities and return results to a GaiaAuthConsumer.
//
// In the future, we will also issue auth tokens from this class.
// This class should be used on a single thread, but it can be whichever thread
// that you like.
//
// This class can handle one request at a time. To parallelize requests,
// create multiple GaiaAuthFetcher's.
class GaiaAuthFetcherTest;
class GaiaAuthFetcher : public URLFetcher::Delegate {
public:
enum HostedAccountsSetting {
HostedAccountsAllowed,
HostedAccountsNotAllowed
};
// Magic string indicating that, while a second factor is still
// needed to complete authentication, the user provided the right password.
static const char kSecondFactor[];
// This will later be hidden behind an auth service which caches
// tokens.
GaiaAuthFetcher(GaiaAuthConsumer* consumer,
const std::string& source,
net::URLRequestContextGetter* getter);
virtual ~GaiaAuthFetcher();
// GaiaAuthConsumer will be called on the original thread
// after results come back. This class is thread agnostic.
// You can't make more than request at a time.
void StartClientLogin(const std::string& username,
const std::string& password,
const char* const service,
const std::string& login_token,
const std::string& login_captcha,
HostedAccountsSetting allow_hosted_accounts);
// GaiaAuthConsumer will be called on the original thread
// after results come back. This class is thread agnostic.
// You can't make more than one request at a time.
void StartIssueAuthToken(const std::string& sid,
const std::string& lsid,
const char* const service);
// Start a request to get a particular key from user info.
// GaiaAuthConsumer will be called back on the same thread when
// results come back.
// You can't make more than one request at a time.
void StartGetUserInfo(const std::string& lsid,
const std::string& info_key);
// Start a TokenAuth request to pre-login the user with the given credentials.
void StartTokenAuth(const std::string& auth_token);
// Start a MergeSession request to pre-login the user with the given
// credentials. Unlike TokenAuth above, MergeSession will not sign out any
// existing accounts.
void StartMergeSession(const std::string& auth_token);
// Implementation of URLFetcher::Delegate
virtual void OnURLFetchComplete(const URLFetcher* source,
const GURL& url,
const net::URLRequestStatus& status,
int response_code,
const net::ResponseCookies& cookies,
const std::string& data);
// StartClientLogin been called && results not back yet?
bool HasPendingFetch();
// Stop any URL fetches in progress.
void CancelRequest();
// From a URLFetcher result, generate an appropriate error.
// From the API documentation, both IssueAuthToken and ClientLogin have
// the same error returns.
static GoogleServiceAuthError GenerateOAuthLoginError(
const std::string& data,
const net::URLRequestStatus& status);
private:
// ClientLogin body constants that don't change
static const char kCookiePersistence[];
static const char kAccountTypeHostedOrGoogle[];
static const char kAccountTypeGoogle[];
// The format of the POST body for ClientLogin.
static const char kClientLoginFormat[];
// The format of said POST body when CAPTCHA token & answer are specified.
static const char kClientLoginCaptchaFormat[];
// The format of the POST body for IssueAuthToken.
static const char kIssueAuthTokenFormat[];
// The format of the POST body for GetUserInfo.
static const char kGetUserInfoFormat[];
// The format of the POST body for TokenAuth.
static const char kTokenAuthFormat[];
// The format of the POST body for MergeSession.
static const char kMergeSessionFormat[];
// Constants for parsing ClientLogin errors.
static const char kAccountDeletedError[];
static const char kAccountDeletedErrorCode[];
static const char kAccountDisabledError[];
static const char kAccountDisabledErrorCode[];
static const char kBadAuthenticationError[];
static const char kBadAuthenticationErrorCode[];
static const char kCaptchaError[];
static const char kCaptchaErrorCode[];
static const char kServiceUnavailableError[];
static const char kServiceUnavailableErrorCode[];
static const char kErrorParam[];
static const char kErrorUrlParam[];
static const char kCaptchaUrlParam[];
static const char kCaptchaTokenParam[];
// Process the results of a ClientLogin fetch.
void OnClientLoginFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
void OnIssueAuthTokenFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
void OnGetUserInfoFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
void OnTokenAuthFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
void OnMergeSessionFetched(const std::string& data,
const net::URLRequestStatus& status,
int response_code);
// Tokenize the results of a ClientLogin fetch.
static void ParseClientLoginResponse(const std::string& data,
std::string* sid,
std::string* lsid,
std::string* token);
static void ParseClientLoginFailure(const std::string& data,
std::string* error,
std::string* error_url,
std::string* captcha_url,
std::string* captcha_token);
// Is this a special case Gaia error for TwoFactor auth?
static bool IsSecondFactorSuccess(const std::string& alleged_error);
// Given parameters, create a ClientLogin request body.
static std::string MakeClientLoginBody(
const std::string& username,
const std::string& password,
const std::string& source,
const char* const service,
const std::string& login_token,
const std::string& login_captcha,
HostedAccountsSetting allow_hosted_accounts);
// Supply the sid / lsid returned from ClientLogin in order to
// request a long lived auth token for a service.
static std::string MakeIssueAuthTokenBody(const std::string& sid,
const std::string& lsid,
const char* const service);
// Supply the lsid returned from ClientLogin in order to fetch
// user information.
static std::string MakeGetUserInfoBody(const std::string& lsid);
// Supply the authentication token returned from StartIssueAuthToken.
static std::string MakeTokenAuthBody(const std::string& auth_token,
const std::string& continue_url,
const std::string& source);
// Supply the authentication token returned from StartIssueAuthToken.
static std::string MakeMergeSessionBody(const std::string& auth_token,
const std::string& continue_url,
const std::string& source);
// Create a fetcher useable for making any Gaia request.
static URLFetcher* CreateGaiaFetcher(net::URLRequestContextGetter* getter,
const std::string& body,
const GURL& gaia_gurl,
bool send_cookies,
URLFetcher::Delegate* delegate);
// From a URLFetcher result, generate an appropriate error.
// From the API documentation, both IssueAuthToken and ClientLogin have
// the same error returns.
static GoogleServiceAuthError GenerateAuthError(
const std::string& data,
const net::URLRequestStatus& status);
// These fields are common to GaiaAuthFetcher, same every request
GaiaAuthConsumer* const consumer_;
net::URLRequestContextGetter* const getter_;
std::string source_;
const GURL client_login_gurl_;
const GURL issue_auth_token_gurl_;
const GURL get_user_info_gurl_;
const GURL token_auth_gurl_;
const GURL merge_session_gurl_;
// While a fetch is going on:
scoped_ptr<URLFetcher> fetcher_;
std::string request_body_;
std::string requested_service_; // Currently tracked for IssueAuthToken only
std::string requested_info_key_; // Currently tracked for GetUserInfo only
bool fetch_pending_;
friend class GaiaAuthFetcherTest;
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CaptchaParse);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, AccountDeletedError);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, AccountDisabledError);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, BadAuthenticationError);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, IncomprehensibleError);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, ServiceUnavailableError);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckNormalErrorCode);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CheckTwoFactorResponse);
FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, LoginNetFailure);
DISALLOW_COPY_AND_ASSIGN(GaiaAuthFetcher);
};
#endif // CHROME_COMMON_NET_GAIA_GAIA_AUTH_FETCHER_H_
|
