1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_ 6 #define CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/memory/scoped_ptr.h" 12 #include "google_apis/gaia/google_service_auth_error.h" 13 #include "net/url_request/url_fetcher_delegate.h" 14 #include "url/gurl.h" 15 16 class GaiaOAuthConsumer; 17 18 namespace net { 19 class URLFetcher; 20 class URLRequestContextGetter; 21 class URLRequestStatus; 22 typedef std::vector<std::string> ResponseCookies; 23 } 24 25 // Authenticate a user using Gaia's OAuth1 and OAuth2 support. 26 // 27 // Users of this class typically desire an OAuth2 Access token scoped for a 28 // specific service. This will typically start with either an interactive 29 // login, using StartOAuthLogin, or with a long-lived OAuth1 all-scope 30 // token obtained through a previous login or other means, using 31 // StartOAuthGetAccessToken. In fact, one can start with any of these 32 // routines: 33 // StartOAuthLogin() 34 // StartGetOAuthTokenRequest() 35 // StartOAuthGetAccessToken() 36 // StartOAuthWrapBridge() 37 // StartUserInfo() 38 // with the expectation that each of these calls the next Start* routine in 39 // the sequence, except for StartUserInfo as it's the last one. 40 // 41 // This class can handle one request at a time, and all calls through an 42 // instance should be serialized. 43 class GaiaOAuthFetcher : public net::URLFetcherDelegate { 44 public: 45 // Defines steps of OAuth process performed by this class. 46 typedef enum { 47 OAUTH1_LOGIN, 48 OAUTH1_REQUEST_TOKEN, 49 OAUTH1_ALL_ACCESS_TOKEN, 50 OAUTH2_SERVICE_ACCESS_TOKEN, 51 USER_INFO, 52 OAUTH2_REVOKE_TOKEN, 53 } RequestType; 54 55 GaiaOAuthFetcher(GaiaOAuthConsumer* consumer, 56 net::URLRequestContextGetter* getter, 57 const std::string& service_scope); 58 59 virtual ~GaiaOAuthFetcher(); 60 61 // Sets the mask of which OAuth fetch steps should be automatically kicked 62 // of upon successful completition of the previous steps. By default, 63 // this class will chain all steps in OAuth proccess. 64 void SetAutoFetchLimit(RequestType limit) { auto_fetch_limit_ = limit; } 65 66 // Non-UI version of the method above. Initiates Gaia OAuth request token 67 // retrieval. 68 void StartGetOAuthTokenRequest(); 69 70 // Performs account login based on OAuth1 access token and its secret. 71 void StartOAuthLogin(const char* source, 72 const char* service, 73 const std::string& oauth1_access_token, 74 const std::string& oauth1_access_token_secret); 75 76 // Obtains an OAuth1 access token and secret 77 // 78 // oauth1_request_token is from GetOAuthToken's result. 79 virtual void StartOAuthGetAccessToken( 80 const std::string& oauth1_request_token); 81 82 // Obtains an OAuth2 access token using Gaia's OAuth1-to-OAuth2 bridge. 83 // 84 // oauth1_access_token and oauth1_access_token_secret are from 85 // OAuthGetAccessToken's result. 86 // 87 // wrap_token_duration is typically one hour, 88 // which is also the max -- you can only decrease it. 89 // 90 // service_scope will be used as a service name. For example, Chromium Sync 91 // uses https://www.googleapis.com/auth/chromesync for its OAuth2 service 92 // scope here as well as for its service name in TokenService. 93 virtual void StartOAuthWrapBridge( 94 const std::string& oauth1_access_token, 95 const std::string& oauth1_access_token_secret, 96 const std::string& wrap_token_duration, 97 const std::string& service_scope); 98 99 // Obtains user information related to an OAuth2 access token 100 // 101 // oauth2_access_token is from OAuthWrapBridge's result. 102 virtual void StartUserInfo(const std::string& oauth2_access_token); 103 104 // Starts a request for revoking the given OAuth access token (as requested by 105 // StartOAuthGetAccessToken). 106 virtual void StartOAuthRevokeAccessToken(const std::string& token, 107 const std::string& secret); 108 109 // Starts a request for revoking the given OAuth Bearer token (as requested by 110 // StartOAuthWrapBridge). 111 virtual void StartOAuthRevokeWrapToken(const std::string& token); 112 113 // Implementation of net::URLFetcherDelegate 114 virtual void OnURLFetchComplete(const net::URLFetcher* source) OVERRIDE; 115 116 // StartGetOAuthToken (or other Start* routine) been called, but results 117 // are not back yet. 118 virtual bool HasPendingFetch() const; 119 120 // Stop any URL fetches in progress. 121 virtual void CancelRequest(); 122 123 protected: 124 // Stores the type of the current request in flight. 125 RequestType request_type_; 126 127 private: 128 // Process the results of a GetOAuthToken fetch for non-UI driven path. 129 virtual void OnGetOAuthTokenUrlFetched(const net::ResponseCookies& cookies, 130 const net::URLRequestStatus& status, 131 int response_code); 132 133 // Process the results of a OAuthLogin fetch. 134 virtual void OnOAuthLoginFetched(const std::string& data, 135 const net::URLRequestStatus& status, 136 int response_code); 137 138 // Process the results of a OAuthGetAccessToken fetch. 139 virtual void OnOAuthGetAccessTokenFetched(const std::string& data, 140 const net::URLRequestStatus& status, 141 int response_code); 142 143 // Process the results of a OAuthWrapBridge fetch. 144 virtual void OnOAuthWrapBridgeFetched(const std::string& data, 145 const net::URLRequestStatus& status, 146 int response_code); 147 148 // Process the results of a token revocation fetch. 149 virtual void OnOAuthRevokeTokenFetched(const std::string& data, 150 const net::URLRequestStatus& status, 151 int response_code); 152 153 // Process the results of a userinfo fetch. 154 virtual void OnUserInfoFetched(const std::string& data, 155 const net::URLRequestStatus& status, 156 int response_code); 157 158 // Tokenize the results of a OAuthLogin fetch. 159 static void ParseOAuthLoginResponse(const std::string& data, 160 std::string* sid, 161 std::string* lsid, 162 std::string* auth); 163 164 // Tokenize the results of a OAuthGetAccessToken fetch. 165 static void ParseOAuthGetAccessTokenResponse(const std::string& data, 166 std::string* token, 167 std::string* secret); 168 169 // Tokenize the results of a OAuthWrapBridge fetch. 170 static void ParseOAuthWrapBridgeResponse(const std::string& data, 171 std::string* token, 172 std::string* expires_in); 173 174 // Tokenize the results of a userinfo fetch. 175 static void ParseUserInfoResponse(const std::string& data, 176 std::string* email); 177 178 // From a URLFetcher result, generate an appropriate error. 179 static GoogleServiceAuthError GenerateAuthError( 180 const std::string& data, 181 const net::URLRequestStatus& status, 182 int response_code); 183 184 // Given parameters, create a OAuth v1 request URL. 185 static GURL MakeGetOAuthTokenUrl(const std::string& oauth1_login_scope, 186 const std::string& product_name); 187 188 // Given parameters, create a OAuthGetAccessToken request body. 189 static std::string MakeOAuthGetAccessTokenBody( 190 const std::string& oauth1_request_token); 191 192 // Given parameters, create a OAuthLogin request body. 193 static std::string MakeOAuthLoginBody( 194 const char* source, 195 const char* service, 196 const std::string& oauth1_access_token, 197 const std::string& oauth1_access_token_secret); 198 199 // Given parameters, create a OAuthWrapBridge request body. 200 static std::string MakeOAuthWrapBridgeBody( 201 const std::string& oauth1_access_token, 202 const std::string& oauth1_access_token_secret, 203 const std::string& wrap_token_duration, 204 const std::string& oauth2_service_scope); 205 206 // Create a fetcher useable for making any Gaia OAuth request. 207 static net::URLFetcher* CreateGaiaFetcher( 208 net::URLRequestContextGetter* getter, 209 const GURL& gaia_gurl_, 210 const std::string& body, 211 const std::string& headers, 212 bool send_cookies, 213 net::URLFetcherDelegate* delegate); 214 215 bool ShouldAutoFetch(RequestType fetch_step); 216 217 // These fields are common to GaiaOAuthFetcher, same every request 218 GaiaOAuthConsumer* const consumer_; 219 net::URLRequestContextGetter* const getter_; 220 221 // While a fetch is going on: 222 scoped_ptr<net::URLFetcher> fetcher_; 223 std::string request_body_; 224 std::string request_headers_; 225 std::string service_scope_; 226 bool fetch_pending_; 227 RequestType auto_fetch_limit_; 228 229 DISALLOW_COPY_AND_ASSIGN(GaiaOAuthFetcher); 230 }; 231 232 #endif // CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_ 233