1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_
6#define COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_
7
8#include <string>
9
10#include "base/threading/thread_checker.h"
11#include "components/signin/core/browser/profile_oauth2_token_service.h"
12
13class OAuth2AccessTokenFetcher;
14
15namespace ios{
16class ProfileOAuth2TokenServiceIOSProvider;
17}
18
19// A specialization of ProfileOAuth2TokenService that will be returned by
20// ProfileOAuth2TokenServiceFactory for OS_IOS when iOS authentication service
21// is used to lookup OAuth2 tokens.
22//
23// See |ProfileOAuth2TokenService| for usage details.
24//
25// Note: Requests should be started from the UI thread. To start a
26// request from aother thread, please use OAuth2TokenServiceRequest.
27class ProfileOAuth2TokenServiceIOS : public ProfileOAuth2TokenService {
28 public:
29  // KeyedService
30  virtual void Shutdown() OVERRIDE;
31
32  // OAuth2TokenService
33  virtual bool RefreshTokenIsAvailable(
34      const std::string& account_id) const OVERRIDE;
35
36  virtual void InvalidateOAuth2Token(const std::string& account_id,
37                                     const std::string& client_id,
38                                     const ScopeSet& scopes,
39                                     const std::string& access_token) OVERRIDE;
40
41  // ProfileOAuth2TokenService
42  virtual void Initialize(SigninClient* client) OVERRIDE;
43  virtual void LoadCredentials(const std::string& primary_account_id) OVERRIDE;
44  virtual std::vector<std::string> GetAccounts() OVERRIDE;
45  virtual void UpdateAuthError(const std::string& account_id,
46                               const GoogleServiceAuthError& error) OVERRIDE;
47
48  // This method should not be called when using shared authentication.
49  virtual void UpdateCredentials(const std::string& account_id,
50                                 const std::string& refresh_token) OVERRIDE;
51
52  // Removes all credentials from this instance of |ProfileOAuth2TokenService|,
53  // however, it does not revoke the identities from the device.
54  // Subsequent calls to |RefreshTokenIsAvailable| will return |false|.
55  virtual void RevokeAllCredentials() OVERRIDE;
56
57  // Reloads accounts from the provider. Fires |OnRefreshTokenAvailable| for
58  // each new account. Fires |OnRefreshTokenRevoked| for each account that was
59  // removed.
60  void ReloadCredentials();
61
62 protected:
63  friend class ProfileOAuth2TokenServiceFactory;
64  friend class ProfileOAuth2TokenServiceIOSTest;
65
66  ProfileOAuth2TokenServiceIOS();
67  virtual ~ProfileOAuth2TokenServiceIOS();
68
69  virtual OAuth2AccessTokenFetcher* CreateAccessTokenFetcher(
70      const std::string& account_id,
71      net::URLRequestContextGetter* getter,
72      OAuth2AccessTokenConsumer* consumer) OVERRIDE;
73
74  // Protected and virtual to be overriden by fake for testing.
75
76  // Adds |account_id| to |accounts_| if it does not exist or udpates
77  // the auth error state of |account_id| if it exists. Fires
78  // |OnRefreshTokenAvailable| if the account info is updated.
79  virtual void AddOrUpdateAccount(const std::string& account_id);
80
81  // Removes |account_id| from |accounts_|. Fires |OnRefreshTokenRevoked|
82  // if the account info is removed.
83  virtual void RemoveAccount(const std::string& account_id);
84
85 private:
86  class AccountInfo : public SigninErrorController::AuthStatusProvider {
87   public:
88    AccountInfo(ProfileOAuth2TokenService* token_service,
89                const std::string& account_id);
90    virtual ~AccountInfo();
91
92    void SetLastAuthError(const GoogleServiceAuthError& error);
93
94    // SigninErrorController::AuthStatusProvider implementation.
95    virtual std::string GetAccountId() const OVERRIDE;
96    virtual std::string GetUsername() const OVERRIDE;
97    virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE;
98
99   private:
100    ProfileOAuth2TokenService* token_service_;
101    std::string account_id_;
102    GoogleServiceAuthError last_auth_error_;
103
104    DISALLOW_COPY_AND_ASSIGN(AccountInfo);
105  };
106
107  // Maps the |account_id| of accounts known to ProfileOAuth2TokenService
108  // to information about the account.
109  typedef std::map<std::string, linked_ptr<AccountInfo> > AccountInfoMap;
110
111  // Returns the iOS provider;
112  ios::ProfileOAuth2TokenServiceIOSProvider* GetProvider();
113
114  // Info about the existing accounts.
115  AccountInfoMap accounts_;
116
117  // Calls to this class are expected to be made from the browser UI thread.
118  // The purpose of this checker is to detect access to
119  // ProfileOAuth2TokenService from multiple threads in upstream code.
120  base::ThreadChecker thread_checker_;
121
122  DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenServiceIOS);
123};
124
125#endif  // COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_
126