chrome/browser/signin/profile_oauth2_token_service.h - platform/external/chromium_org - Git at Google

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_
 #define CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_

 #include <string>

 #include "base/gtest_prod_util.h"
 #include "chrome/browser/signin/signin_global_error.h"
 #include "components/browser_context_keyed_service/browser_context_keyed_service.h"
 #include "components/webdata/common/web_data_service_consumer.h"
 #include "content/public/browser/notification_observer.h"
 #include "content/public/browser/notification_registrar.h"
 #include "google_apis/gaia/oauth2_token_service.h"

 namespace net {
 class URLRequestContextGetter;
 }

 class GoogleServiceAuthError;
 class Profile;
 class TokenService;
 class SigninGlobalError;

 // ProfileOAuth2TokenService is a BrowserContextKeyedService that retrieves
 // OAuth2 access tokens for a given set of scopes using the OAuth2 login
 // refresh token maintained by TokenService.
 //
 // See |OAuth2TokenService| for usage details.
 //
 // Note: after StartRequest returns, in-flight requests will continue
 // even if the TokenService refresh token that was used to initiate
 // the request changes or is cleared.  When the request completes,
 // Consumer::OnGetTokenSuccess will be invoked, but the access token
 // won't be cached.
 //
 // Note: requests should be started from the UI thread. To start a
 // request from other thread, please use ProfileOAuth2TokenServiceRequest.
 class ProfileOAuth2TokenService : public OAuth2TokenService,
                                   public content::NotificationObserver,
                                   public SigninGlobalError::AuthStatusProvider,
                                   public BrowserContextKeyedService,
                                   public WebDataServiceConsumer {
  public:
   // content::NotificationObserver listening for TokenService updates.
   virtual void Observe(int type,
                        const content::NotificationSource& source,
                        const content::NotificationDetails& details) OVERRIDE;

   // Initializes this token service with the profile.
   virtual void Initialize(Profile* profile);

   // BrowserContextKeyedService implementation.
   virtual void Shutdown() OVERRIDE;

   // SigninGlobalError::AuthStatusProvider implementation.
   virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE;

   // Takes injected TokenService for testing.
   bool ShouldCacheForRefreshToken(TokenService *token_service,
                                   const std::string& refresh_token);

   // Updates a |refresh_token| for an |account_id|. Credentials are persisted,
   // and avialable through |LoadCredentials| after service is restarted.
   void UpdateCredentials(const std::string& account_id,
                          const std::string& refresh_token);

   // Revokes credentials related to |account_id|.
   void RevokeCredentials(const std::string& account_id);

   // Revokes all credentials handled by the object.
   void RevokeAllCredentials();

   SigninGlobalError* signin_global_error() {
     return signin_global_error_.get();
   }

   const SigninGlobalError* signin_global_error() const {
     return signin_global_error_.get();
   }

   Profile* profile() const { return profile_; }

  protected:
   friend class ProfileOAuth2TokenServiceFactory;
   ProfileOAuth2TokenService();
   virtual ~ProfileOAuth2TokenService();

   // OAuth2TokenService overrides.
   virtual std::string GetRefreshToken() OVERRIDE;

   // OAuth2TokenService implementation.
   virtual net::URLRequestContextGetter* GetRequestContext() OVERRIDE;

   // Updates the internal cache of the result from the most-recently-completed
   // auth request (used for reporting errors to the user).
   virtual void UpdateAuthError(const GoogleServiceAuthError& error) OVERRIDE;

   // Overridden to not cache tokens if the TokenService refresh token
   // changes while a token fetch is in-flight.  If the user logs out and
   // logs back in with a different account, then any in-flight token
   // fetches will be for the old account's refresh token.  Therefore
   // when they come back, they shouldn't be cached.
   virtual void RegisterCacheEntry(const std::string& client_id,
                                   const std::string& refresh_token,
                                   const ScopeSet& scopes,
                                   const std::string& access_token,
                                   const base::Time& expiration_date) OVERRIDE;

  private:
   FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
                            StaleRefreshTokensNotCached);
   FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
                            TokenServiceUpdateClearsCache);
   FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
                            PersistenceDBUpgrade);
   FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
                            PersistenceLoadCredentials);

   // WebDataServiceConsumer implementation:
   virtual void OnWebDataServiceRequestDone(
       WebDataServiceBase::Handle handle,
       const WDTypedResult* result) OVERRIDE;

   // Loads credentials from a backing persistent store to make them available
   // after service is used between profile restarts.
   void LoadCredentials();

   // Loads credentials into in memory stucture.
   void LoadAllCredentialsIntoMemory(
       const std::map<std::string, std::string>& db_tokens);

   // Loads a single pair of |account_id|, |refresh_token| into memory.
   void LoadCredentialsIntoMemory(const std::string& account_id,
                                  const std::string& refresh_token);

   // The profile with which this instance was initialized, or NULL.
   Profile* profile_;

   // Handle to the request reading tokens from database.
   WebDataServiceBase::Handle web_data_service_request_;

   // In memory refresh token store mapping account_id to refresh_token.
   std::map<std::string, std::string> refresh_tokens_;

   // Used to show auth errors in the wrench menu. The SigninGlobalError is
   // different than most GlobalErrors in that its lifetime is controlled by
   // ProfileOAuth2TokenService (so we can expose a reference for use in the
   // wrench menu).
   scoped_ptr<SigninGlobalError> signin_global_error_;

   // The auth status from the most-recently-completed request.
   GoogleServiceAuthError last_auth_error_;

   // Registrar for notifications from the TokenService.
   content::NotificationRegistrar registrar_;

   DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenService);
 };

 #endif  // CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_
	// Copyright 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_
	#define CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_

	#include <string>

	#include "base/gtest_prod_util.h"
	#include "chrome/browser/signin/signin_global_error.h"
	#include "components/browser_context_keyed_service/browser_context_keyed_service.h"
	#include "components/webdata/common/web_data_service_consumer.h"
	#include "content/public/browser/notification_observer.h"
	#include "content/public/browser/notification_registrar.h"
	#include "google_apis/gaia/oauth2_token_service.h"

	namespace net {
	class URLRequestContextGetter;
	}

	class GoogleServiceAuthError;
	class Profile;
	class TokenService;
	class SigninGlobalError;

	// ProfileOAuth2TokenService is a BrowserContextKeyedService that retrieves
	// OAuth2 access tokens for a given set of scopes using the OAuth2 login
	// refresh token maintained by TokenService.
	//
	// See \|OAuth2TokenService\| for usage details.
	//
	// Note: after StartRequest returns, in-flight requests will continue
	// even if the TokenService refresh token that was used to initiate
	// the request changes or is cleared. When the request completes,
	// Consumer::OnGetTokenSuccess will be invoked, but the access token
	// won't be cached.
	//
	// Note: requests should be started from the UI thread. To start a
	// request from other thread, please use ProfileOAuth2TokenServiceRequest.
	class ProfileOAuth2TokenService : public OAuth2TokenService,
	public content::NotificationObserver,
	public SigninGlobalError::AuthStatusProvider,
	public BrowserContextKeyedService,
	public WebDataServiceConsumer {
	public:
	// content::NotificationObserver listening for TokenService updates.
	virtual void Observe(int type,
	const content::NotificationSource& source,
	const content::NotificationDetails& details) OVERRIDE;

	// Initializes this token service with the profile.
	virtual void Initialize(Profile* profile);

	// BrowserContextKeyedService implementation.
	virtual void Shutdown() OVERRIDE;

	// SigninGlobalError::AuthStatusProvider implementation.
	virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE;

	// Takes injected TokenService for testing.
	bool ShouldCacheForRefreshToken(TokenService *token_service,
	const std::string& refresh_token);

	// Updates a \|refresh_token\| for an \|account_id\|. Credentials are persisted,
	// and avialable through \|LoadCredentials\| after service is restarted.
	void UpdateCredentials(const std::string& account_id,
	const std::string& refresh_token);

	// Revokes credentials related to \|account_id\|.
	void RevokeCredentials(const std::string& account_id);

	// Revokes all credentials handled by the object.
	void RevokeAllCredentials();

	SigninGlobalError* signin_global_error() {
	return signin_global_error_.get();
	}

	const SigninGlobalError* signin_global_error() const {
	return signin_global_error_.get();
	}

	Profile* profile() const { return profile_; }

	protected:
	friend class ProfileOAuth2TokenServiceFactory;
	ProfileOAuth2TokenService();
	virtual ~ProfileOAuth2TokenService();

	// OAuth2TokenService overrides.
	virtual std::string GetRefreshToken() OVERRIDE;

	// OAuth2TokenService implementation.
	virtual net::URLRequestContextGetter* GetRequestContext() OVERRIDE;

	// Updates the internal cache of the result from the most-recently-completed
	// auth request (used for reporting errors to the user).
	virtual void UpdateAuthError(const GoogleServiceAuthError& error) OVERRIDE;

	// Overridden to not cache tokens if the TokenService refresh token
	// changes while a token fetch is in-flight. If the user logs out and
	// logs back in with a different account, then any in-flight token
	// fetches will be for the old account's refresh token. Therefore
	// when they come back, they shouldn't be cached.
	virtual void RegisterCacheEntry(const std::string& client_id,
	const std::string& refresh_token,
	const ScopeSet& scopes,
	const std::string& access_token,
	const base::Time& expiration_date) OVERRIDE;

	private:
	FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
	StaleRefreshTokensNotCached);
	FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
	TokenServiceUpdateClearsCache);
	FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
	PersistenceDBUpgrade);
	FRIEND_TEST_ALL_PREFIXES(ProfileOAuth2TokenServiceTest,
	PersistenceLoadCredentials);

	// WebDataServiceConsumer implementation:
	virtual void OnWebDataServiceRequestDone(
	WebDataServiceBase::Handle handle,
	const WDTypedResult* result) OVERRIDE;

	// Loads credentials from a backing persistent store to make them available
	// after service is used between profile restarts.
	void LoadCredentials();

	// Loads credentials into in memory stucture.
	void LoadAllCredentialsIntoMemory(
	const std::map<std::string, std::string>& db_tokens);

	// Loads a single pair of \|account_id\|, \|refresh_token\| into memory.
	void LoadCredentialsIntoMemory(const std::string& account_id,
	const std::string& refresh_token);

	// The profile with which this instance was initialized, or NULL.
	Profile* profile_;

	// Handle to the request reading tokens from database.
	WebDataServiceBase::Handle web_data_service_request_;

	// In memory refresh token store mapping account_id to refresh_token.
	std::map<std::string, std::string> refresh_tokens_;

	// Used to show auth errors in the wrench menu. The SigninGlobalError is
	// different than most GlobalErrors in that its lifetime is controlled by
	// ProfileOAuth2TokenService (so we can expose a reference for use in the
	// wrench menu).
	scoped_ptr<SigninGlobalError> signin_global_error_;

	// The auth status from the most-recently-completed request.
	GoogleServiceAuthError last_auth_error_;

	// Registrar for notifications from the TokenService.
	content::NotificationRegistrar registrar_;

	DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenService);
	};

	#endif // CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_