1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_ 6 #define GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/memory/weak_ptr.h" 12 #include "base/strings/string16.h" 13 #include "google_apis/gaia/oauth2_api_call_flow.h" 14 15 class GoogleServiceAuthError; 16 class OAuth2MintTokenFlowTest; 17 18 namespace base { 19 class DictionaryValue; 20 } 21 22 namespace content { 23 class URLFetcher; 24 } 25 26 namespace net { 27 class URLRequestContextGetter; 28 } 29 30 // IssueAdvice: messages to show to the user to get a user's approval. 31 // The structure is as follows: 32 // * Description 1 33 // - Detail 1.1 34 // - Details 1.2 35 // * Description 2 36 // - Detail 2.1 37 // - Detail 2.2 38 // - Detail 2.3 39 // * Description 3 40 // - Detail 3.1 41 struct IssueAdviceInfoEntry { 42 public: 43 IssueAdviceInfoEntry(); 44 ~IssueAdviceInfoEntry(); 45 46 base::string16 description; 47 std::vector<base::string16> details; 48 49 bool operator==(const IssueAdviceInfoEntry& rhs) const; 50 }; 51 52 typedef std::vector<IssueAdviceInfoEntry> IssueAdviceInfo; 53 54 // This class implements the OAuth2 flow to Google to mint an OAuth2 55 // token for the given client and the given set of scopes from the 56 // OAuthLogin scoped "master" OAuth2 token for the user logged in to 57 // Chrome. 58 class OAuth2MintTokenFlow : public OAuth2ApiCallFlow { 59 public: 60 // There are four differnt modes when minting a token to grant 61 // access to third-party app for a user. 62 enum Mode { 63 // Get the messages to display to the user without minting a token. 64 MODE_ISSUE_ADVICE, 65 // Record a grant but do not get a token back. 66 MODE_RECORD_GRANT, 67 // Mint a token for an existing grant. 68 MODE_MINT_TOKEN_NO_FORCE, 69 // Mint a token forcefully even if there is no existing grant. 70 MODE_MINT_TOKEN_FORCE, 71 }; 72 73 // Parameters needed to mint a token. 74 struct Parameters { 75 public: 76 Parameters(); 77 Parameters(const std::string& at, 78 const std::string& eid, 79 const std::string& cid, 80 const std::vector<std::string>& scopes_arg, 81 Mode mode_arg); 82 ~Parameters(); 83 84 std::string access_token; 85 std::string extension_id; 86 std::string client_id; 87 std::vector<std::string> scopes; 88 Mode mode; 89 }; 90 91 class Delegate { 92 public: OnMintTokenSuccess(const std::string & access_token,int time_to_live)93 virtual void OnMintTokenSuccess(const std::string& access_token, 94 int time_to_live) {} OnIssueAdviceSuccess(const IssueAdviceInfo & issue_advice)95 virtual void OnIssueAdviceSuccess(const IssueAdviceInfo& issue_advice) {} OnMintTokenFailure(const GoogleServiceAuthError & error)96 virtual void OnMintTokenFailure(const GoogleServiceAuthError& error) {} 97 98 protected: ~Delegate()99 virtual ~Delegate() {} 100 }; 101 102 OAuth2MintTokenFlow(net::URLRequestContextGetter* context, 103 Delegate* delegate, 104 const Parameters& parameters); 105 virtual ~OAuth2MintTokenFlow(); 106 107 protected: 108 // Implementation of template methods in OAuth2ApiCallFlow. 109 virtual GURL CreateApiCallUrl() OVERRIDE; 110 virtual std::string CreateApiCallBody() OVERRIDE; 111 112 virtual void ProcessApiCallSuccess( 113 const net::URLFetcher* source) OVERRIDE; 114 virtual void ProcessApiCallFailure( 115 const net::URLFetcher* source) OVERRIDE; 116 virtual void ProcessNewAccessToken(const std::string& access_token) OVERRIDE; 117 virtual void ProcessMintAccessTokenFailure( 118 const GoogleServiceAuthError& error) OVERRIDE; 119 120 private: 121 friend class OAuth2MintTokenFlowTest; 122 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, CreateApiCallBody); 123 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ParseIssueAdviceResponse); 124 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ParseMintTokenResponse); 125 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ProcessApiCallSuccess); 126 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, ProcessApiCallFailure); 127 FRIEND_TEST_ALL_PREFIXES(OAuth2MintTokenFlowTest, 128 ProcessMintAccessTokenFailure); 129 130 void ReportSuccess(const std::string& access_token, int time_to_live); 131 void ReportIssueAdviceSuccess(const IssueAdviceInfo& issue_advice); 132 void ReportFailure(const GoogleServiceAuthError& error); 133 134 static bool ParseIssueAdviceResponse( 135 const base::DictionaryValue* dict, IssueAdviceInfo* issue_advice); 136 static bool ParseMintTokenResponse( 137 const base::DictionaryValue* dict, std::string* access_token, 138 int* time_to_live); 139 140 Delegate* delegate_; 141 Parameters parameters_; 142 base::WeakPtrFactory<OAuth2MintTokenFlow> weak_factory_; 143 144 DISALLOW_COPY_AND_ASSIGN(OAuth2MintTokenFlow); 145 }; 146 147 #endif // GOOGLE_APIS_GAIA_OAUTH2_MINT_TOKEN_FLOW_H_ 148