1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_REFRESH_TOKEN_FETCHER_H_ 6 #define CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_REFRESH_TOKEN_FETCHER_H_ 7 8 #include <string> 9 10 #include "base/callback_forward.h" 11 #include "base/compiler_specific.h" 12 #include "base/memory/scoped_ptr.h" 13 #include "base/strings/string16.h" 14 15 class GoogleServiceAuthError; 16 class OAuth2TokenService; 17 18 namespace net { 19 class URLRequestContextGetter; 20 } 21 22 // This class fetches an OAuth2 refresh token that is tied to a supervised user 23 // ID and downscoped to a special scope for Chrome Sync for supervised users. 24 // Fetching the token consists of the following steps: 25 // 1. Get an access token for the custodian from OAuth2TokenService 26 // (either cached or fetched). 27 // 2. Call the IssueToken API to mint a scoped authorization code for a 28 // refresh token for the supervised user from the custodian's access token. 29 // 3. Exchange the authorization code for a refresh token for the supervised 30 // user and return it to the caller. The refresh token can only be used to 31 // mint tokens with the special supervised user Sync scope. 32 class SupervisedUserRefreshTokenFetcher { 33 public: 34 typedef base::Callback<void(const GoogleServiceAuthError& /* error */, 35 const std::string& /* refresh_token */)> 36 TokenCallback; 37 38 static scoped_ptr<SupervisedUserRefreshTokenFetcher> Create( 39 OAuth2TokenService* oauth2_token_service, 40 const std::string& account_id, 41 net::URLRequestContextGetter* context); 42 43 virtual ~SupervisedUserRefreshTokenFetcher(); 44 45 virtual void Start(const std::string& supervised_user_id, 46 const std::string& device_name, 47 const TokenCallback& callback) = 0; 48 }; 49 50 #endif // CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_REFRESH_TOKEN_FETCHER_H_ 51