1cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 5cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_SIGNIN_OAUTH2_LOGIN_VERIFIER_H_ 6cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#define CHROME_BROWSER_CHROMEOS_LOGIN_SIGNIN_OAUTH2_LOGIN_VERIFIER_H_ 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <string> 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/basictypes.h" 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/callback_forward.h" 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/compiler_specific.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/memory/ref_counted.h" 142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/memory/weak_ptr.h" 16558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch#include "chrome/browser/profiles/profile.h" 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "google_apis/gaia/gaia_auth_consumer.h" 182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "google_apis/gaia/gaia_auth_fetcher.h" 19424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "google_apis/gaia/oauth2_token_service.h" 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "net/url_request/url_request_context_getter.h" 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace chromeos { 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Given the OAuth2 refresh token, this class will try to exchange it for GAIA 252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// credentials (SID+LSID) and populate current session's cookie jar. 262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class OAuth2LoginVerifier : public base::SupportsWeakPtr<OAuth2LoginVerifier>, 272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public GaiaAuthConsumer, 28558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch public OAuth2TokenService::Consumer { 292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 304e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) typedef base::Callback<void(bool connection_error)> ErrorHandler; 314e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) class Delegate { 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~Delegate() {} 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Invoked when cookie session is successfully merged. 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnSessionMergeSuccess() = 0; 37a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Invoked when cookie session can not be merged. 394e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) virtual void OnSessionMergeFailure(bool connection_error) = 0; 40a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 41a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // Invoked when account list is retrieved during post-merge session 42a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // verification. 43a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual void OnListAccountsSuccess(const std::string& data) = 0; 44a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 45a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // Invoked when post-merge session verification fails. 46a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual void OnListAccountsFailure(bool connection_error) = 0; 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) OAuth2LoginVerifier(OAuth2LoginVerifier::Delegate* delegate, 502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) net::URLRequestContextGetter* system_request_context, 515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) net::URLRequestContextGetter* user_request_context, 525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const std::string& oauthlogin_access_token); 532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~OAuth2LoginVerifier(); 542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Initiates verification of GAIA cookies in |profile|'s cookie jar. 565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void VerifyUserCookies(Profile* profile); 575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Attempts to restore session from OAuth2 refresh token minting all necesarry 592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // tokens along the way (OAuth2 access token, SID/LSID, GAIA service token). 60558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch void VerifyProfileTokens(Profile* profile); 612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) enum SessionRestoreType { 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) RESTORE_UNDEFINED = 0, 652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) RESTORE_FROM_GAIA_TOKEN = 1, 662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) RESTORE_FROM_OAUTH2_REFRESH_TOKEN = 2, 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // GaiaAuthConsumer overrides. 692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnUberAuthTokenSuccess(const std::string& token) OVERRIDE; 702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnUberAuthTokenFailure( 712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const GoogleServiceAuthError& error) OVERRIDE; 722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnMergeSessionSuccess(const std::string& data) OVERRIDE; 732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnMergeSessionFailure( 742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const GoogleServiceAuthError& error) OVERRIDE; 75a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual void OnListAccountsSuccess(const std::string& data) OVERRIDE; 76a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual void OnListAccountsFailure( 77a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const GoogleServiceAuthError& error) OVERRIDE; 782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 79558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch // OAuth2TokenService::Consumer overrides. 80558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch virtual void OnGetTokenSuccess(const OAuth2TokenService::Request* request, 81558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch const std::string& access_token, 822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const base::Time& expiration_time) OVERRIDE; 83558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch virtual void OnGetTokenFailure(const OAuth2TokenService::Request* request, 84558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch const GoogleServiceAuthError& error) OVERRIDE; 852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Starts fetching OAuth1 access token for OAuthLogin call. 87558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch void StartFetchingOAuthLoginAccessToken(Profile* profile); 882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Starts OAuthLogin request for GAIA uber-token. 902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void StartOAuthLoginForUberToken(); 912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Attempts to merge session from present |gaia_token_|. 932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void StartMergeSession(); 942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 95a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // Schedules post merge verification to ensure that browser session restore 96a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // hasn't stumped over SID/LSID. 97a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) void SchedulePostMergeVerification(); 98a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Starts GAIA auth cookies (SID/LSID) verification. 1005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void StartAuthCookiesVerification(); 101a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 1022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Decides how to proceed on GAIA |error|. If the error looks temporary, 1032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // retries |task| after certain delay until max retry count is reached. 1042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void RetryOnError(const char* operation_id, 1052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const GoogleServiceAuthError& error, 1062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const base::Closure& task_to_retry, 1074e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) const ErrorHandler& error_handler); 1082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 109effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch // Called when network is connected. 110effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch void VerifyProfileTokensImpl(Profile* profile); 1115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) OAuth2LoginVerifier::Delegate* delegate_; 1132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_refptr<net::URLRequestContextGetter> system_request_context_; 1142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_refptr<net::URLRequestContextGetter> user_request_context_; 1152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_ptr<GaiaAuthFetcher> gaia_fetcher_; 1162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string access_token_; 1172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string gaia_token_; 118558790d6acca3451cf3a6b497803a5f07d0bec58Ben Murdoch scoped_ptr<OAuth2TokenService::Request> login_token_request_; 1192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The retry counter. Increment this only when failure happened. 1202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) int retry_count_; 1212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(OAuth2LoginVerifier); 1232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)}; 1242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace chromeos 1262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 127cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#endif // CHROME_BROWSER_CHROMEOS_LOGIN_SIGNIN_OAUTH2_LOGIN_VERIFIER_H_ 128