oauth2_mint_token_flow.h revision 7dbb3d5cf0c15f500944d211057644d6a2f37371 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_
6#define GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_
7
8#include <string>
9#include <vector>
10
11#include "base/memory/weak_ptr.h"
12#include "base/strings/string16.h"
13#include "google_apis/gaia/oauth2_api_call_flow.h"
14
15class GoogleServiceAuthError;
16class OAuth2MintTokenFlowTest;
17
18namespace base {
19class DictionaryValue;
20}
21
22namespace content {
23class URLFetcher;
24}
25
26namespace net {
27class URLRequestContextGetter;
28}
29
30// IssueAdvice: messages to show to the user to get a user's approval.
31// The structure is as follows:
32// * Description 1
33//   - Detail 1.1
34//   - Details 1.2
35// * Description 2
36//   - Detail 2.1
37//   - Detail 2.2
38//   - Detail 2.3
39// * Description 3
40//   - Detail 3.1
41struct IssueAdviceInfoEntry {
42 public:
43  IssueAdviceInfoEntry();
44  ~IssueAdviceInfoEntry();
45
46  string16 description;
47  std::vector<string16> details;
48
49  bool operator==(const IssueAdviceInfoEntry& rhs) const;
50};
51
52typedef std::vector<IssueAdviceInfoEntry> IssueAdviceInfo;
53
54// This class implements the OAuth2 flow to Google to mint an OAuth2
55// token for the given client and the given set of scopes from the
56// OAuthLogin scoped "master" OAuth2 token for the user logged in to
57// Chrome.
58class OAuth2MintTokenFlow : public OAuth2ApiCallFlow {
59 public:
60  // There are four differnt modes when minting a token to grant
61  // access to third-party app for a user.
62  enum Mode {
63    // Get the messages to display to the user without minting a token.
64    MODE_ISSUE_ADVICE,
65    // Record a grant but do not get a token back.
66    MODE_RECORD_GRANT,
67    // Mint a token for an existing grant.
68    MODE_MINT_TOKEN_NO_FORCE,
69    // Mint a token forcefully even if there is no existing grant.
70    MODE_MINT_TOKEN_FORCE,
71  };
72
73  // Parameters needed to mint a token.
74  struct Parameters {
75   public:
76    Parameters();
77    Parameters(const std::string& at,
78               const std::string& eid,
79               const std::string& cid,
80               const std::vector<std::string>& scopes_arg,
81               Mode mode_arg);
82    ~Parameters();
83
84    std::string access_token;
85    std::string extension_id;
86    std::string client_id;
87    std::vector<std::string> scopes;
88    Mode mode;
89  };
90
91  class Delegate {
92   public:
93    virtual void OnMintTokenSuccess(const std::string& access_token,
94                                    int time_to_live) {}
95    virtual void OnIssueAdviceSuccess(const IssueAdviceInfo& issue_advice)  {}
96    virtual void OnMintTokenFailure(const GoogleServiceAuthError& error) {}
97
98   protected:
99    virtual ~Delegate() {}
100  };
101
102  OAuth2MintTokenFlow(net::URLRequestContextGetter* context,
103                      Delegate* delegate,
104                      const Parameters& parameters);
105  virtual ~OAuth2MintTokenFlow();
106
107 protected:
108  // Implementation of template methods in OAuth2ApiCallFlow.
109  virtual GURL CreateApiCallUrl() OVERRIDE;
110  virtual std::string CreateApiCallBody() OVERRIDE;
111
112  virtual void ProcessApiCallSuccess(
113      const net::URLFetcher* source) OVERRIDE;
114  virtual void ProcessApiCallFailure(
115      const net::URLFetcher* source) OVERRIDE;
116  virtual void ProcessNewAccessToken(const std::string& access_token) OVERRIDE;
117  virtual void ProcessMintAccessTokenFailure(
118      const GoogleServiceAuthError& error) OVERRIDE;
119
120 private:
121  friend class OAuth2MintTokenFlowTest;
122  FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, CreateApiCallBody);
123  FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ParseIssueAdviceResponse);
124  FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ParseMintTokenResponse);
125  FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ProcessApiCallSuccess);
126  FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ProcessApiCallFailure);
127  FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest,
128      ProcessMintAccessTokenFailure);
129
130  void ReportSuccess(const std::string& access_token, int time_to_live);
131  void ReportIssueAdviceSuccess(const IssueAdviceInfo& issue_advice);
132  void ReportFailure(const GoogleServiceAuthError& error);
133
134  static bool ParseIssueAdviceResponse(
135      const base::DictionaryValue* dict, IssueAdviceInfo* issue_advice);
136  static bool ParseMintTokenResponse(
137      const base::DictionaryValue* dict, std::string* access_token,
138      int* time_to_live);
139
140  Delegate* delegate_;
141  Parameters parameters_;
142  base::WeakPtrFactory<OAuth2MintTokenFlow> weak_factory_;
143
144  DISALLOW_COPY_AND_ASSIGN(OAuth2MintTokenFlow);
145};
146
147#endif  // GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_
148