| // Copyright 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_REFRESH_TOKEN_FETCHER_H_ |
| #define CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_REFRESH_TOKEN_FETCHER_H_ |
| |
| #include <string> |
| |
| #include "base/callback_forward.h" |
| #include "base/compiler_specific.h" |
| #include "base/memory/scoped_ptr.h" |
| #include "base/strings/string16.h" |
| |
| class GoogleServiceAuthError; |
| class OAuth2TokenService; |
| |
| namespace net { |
| class URLRequestContextGetter; |
| } |
| |
| // This class fetches an OAuth2 refresh token that is tied to a supervised user |
| // ID and downscoped to a special scope for Chrome Sync for supervised users. |
| // Fetching the token consists of the following steps: |
| // 1. Get an access token for the custodian from OAuth2TokenService |
| // (either cached or fetched). |
| // 2. Call the IssueToken API to mint a scoped authorization code for a |
| // refresh token for the supervised user from the custodian's access token. |
| // 3. Exchange the authorization code for a refresh token for the supervised |
| // user and return it to the caller. The refresh token can only be used to |
| // mint tokens with the special supervised user Sync scope. |
| class SupervisedUserRefreshTokenFetcher { |
| public: |
| typedef base::Callback<void(const GoogleServiceAuthError& /* error */, |
| const std::string& /* refresh_token */)> |
| TokenCallback; |
| |
| static scoped_ptr<SupervisedUserRefreshTokenFetcher> Create( |
| OAuth2TokenService* oauth2_token_service, |
| const std::string& account_id, |
| const std::string& device_id, |
| net::URLRequestContextGetter* context); |
| |
| virtual ~SupervisedUserRefreshTokenFetcher(); |
| |
| virtual void Start(const std::string& supervised_user_id, |
| const std::string& device_name, |
| const TokenCallback& callback) = 0; |
| }; |
| |
| #endif // CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_REFRESH_TOKEN_FETCHER_H_ |