oauth2_mint_token_flow.h revision 868fa2fe829687343ffae624259930155e16dbd8
1762bb9d0ad20320b9f97a841dce57ba5e8e48b07Richard Smith// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl// Use of this source code is governed by a BSD-style license that can be 3f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl// found in the LICENSE file. 4f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl 5c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smith#ifndef GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_ 6f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl#define GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_ 7f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl 8f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl#include <string> 9f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl#include <vector> 10f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl 1107b0fdcee8d64222b274779d02851cc53d18e0dbRichard Smith#include "base/memory/weak_ptr.h" 1207b0fdcee8d64222b274779d02851cc53d18e0dbRichard Smith#include "base/strings/string16.h" 13f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl#include "google_apis/gaia/oauth2_api_call_flow.h" 14f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl 1507b0fdcee8d64222b274779d02851cc53d18e0dbRichard Smithclass GoogleServiceAuthError; 1607b0fdcee8d64222b274779d02851cc53d18e0dbRichard Smithclass OAuth2MintTokenFlowTest; 17f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redl 18f677ea3cc9598d9952ad7ffab5fb322ba4c5be31Sebastian Redlnamespace base { 19c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smithclass DictionaryValue; 20c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smith} 21c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smith 22c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smithnamespace content { 23c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smithclass URLFetcher; 24c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smith} 2507b0fdcee8d64222b274779d02851cc53d18e0dbRichard Smith 2607b0fdcee8d64222b274779d02851cc53d18e0dbRichard Smithnamespace net { 27c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smithclass URLRequestContextGetter; 28c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smith} 29c5a89a1cc2f168ad0a115c560b8de5f1c952d8c5Richard Smith 30// IssueAdvice: messages to show to the user to get a user's approval. 31// The structure is as follows: 32// * Description 1 33// - Detail 1.1 34// - Details 1.2 35// * Description 2 36// - Detail 2.1 37// - Detail 2.2 38// - Detail 2.3 39// * Description 3 40// - Detail 3.1 41struct IssueAdviceInfoEntry { 42 public: 43 IssueAdviceInfoEntry(); 44 ~IssueAdviceInfoEntry(); 45 46 string16 description; 47 std::vector<string16> details; 48 49 bool operator==(const IssueAdviceInfoEntry& rhs) const; 50}; 51 52typedef std::vector<IssueAdviceInfoEntry> IssueAdviceInfo; 53 54// This class implements the OAuth2 flow to Google to mint an OAuth2 55// token for the given client and the given set of scopes from the 56// OAuthLogin scoped "master" OAuth2 token for the user logged in to 57// Chrome. 58class OAuth2MintTokenFlow : public OAuth2ApiCallFlow { 59 public: 60 // There are four differnt modes when minting a token to grant 61 // access to third-party app for a user. 62 enum Mode { 63 // Get the messages to display to the user without minting a token. 64 MODE_ISSUE_ADVICE, 65 // Record a grant but do not get a token back. 66 MODE_RECORD_GRANT, 67 // Mint a token for an existing grant. 68 MODE_MINT_TOKEN_NO_FORCE, 69 // Mint a token forcefully even if there is no existing grant. 70 MODE_MINT_TOKEN_FORCE, 71 }; 72 73 // Parameters needed to mint a token. 74 struct Parameters { 75 public: 76 Parameters(); 77 Parameters(const std::string& rt, 78 const std::string& eid, 79 const std::string& cid, 80 const std::vector<std::string>& scopes_arg, 81 Mode mode_arg); 82 ~Parameters(); 83 84 std::string login_refresh_token; 85 std::string extension_id; 86 std::string client_id; 87 std::vector<std::string> scopes; 88 Mode mode; 89 }; 90 91 class Delegate { 92 public: 93 virtual void OnMintTokenSuccess(const std::string& access_token, 94 int time_to_live) {} 95 virtual void OnIssueAdviceSuccess(const IssueAdviceInfo& issue_advice) {} 96 virtual void OnMintTokenFailure(const GoogleServiceAuthError& error) {} 97 98 protected: 99 virtual ~Delegate() {} 100 }; 101 102 OAuth2MintTokenFlow(net::URLRequestContextGetter* context, 103 Delegate* delegate, 104 const Parameters& parameters); 105 virtual ~OAuth2MintTokenFlow(); 106 107 protected: 108 // Implementation of template methods in OAuth2ApiCallFlow. 109 virtual GURL CreateApiCallUrl() OVERRIDE; 110 virtual std::string CreateApiCallBody() OVERRIDE; 111 112 virtual void ProcessApiCallSuccess( 113 const net::URLFetcher* source) OVERRIDE; 114 virtual void ProcessApiCallFailure( 115 const net::URLFetcher* source) OVERRIDE; 116 virtual void ProcessNewAccessToken(const std::string& access_token) OVERRIDE; 117 virtual void ProcessMintAccessTokenFailure( 118 const GoogleServiceAuthError& error) OVERRIDE; 119 120 private: 121 friend class OAuth2MintTokenFlowTest; 122 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, CreateApiCallBody); 123 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ParseIssueAdviceResponse); 124 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ParseMintTokenResponse); 125 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ProcessApiCallSuccess); 126 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ProcessApiCallFailure); 127 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, 128 ProcessMintAccessTokenFailure); 129 130 void ReportSuccess(const std::string& access_token, int time_to_live); 131 void ReportIssueAdviceSuccess(const IssueAdviceInfo& issue_advice); 132 void ReportFailure(const GoogleServiceAuthError& error); 133 134 static bool ParseIssueAdviceResponse( 135 const base::DictionaryValue* dict, IssueAdviceInfo* issue_advice); 136 static bool ParseMintTokenResponse( 137 const base::DictionaryValue* dict, std::string* access_token, 138 int* time_to_live); 139 140 Delegate* delegate_; 141 Parameters parameters_; 142 base::WeakPtrFactory<OAuth2MintTokenFlow> weak_factory_; 143 144 DISALLOW_COPY_AND_ASSIGN(OAuth2MintTokenFlow); 145}; 146 147#endif // GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_ 148