Home | History | Annotate | Download | only in gaia 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_
      6 #define CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_
      7 
      8 #include <string>
      9 #include <vector>
     10 
     11 #include "base/memory/scoped_ptr.h"
     12 #include "google_apis/gaia/google_service_auth_error.h"
     13 #include "net/url_request/url_fetcher_delegate.h"
     14 #include "url/gurl.h"
     15 
     16 class GaiaOAuthConsumer;
     17 
     18 namespace net {
     19 class URLFetcher;
     20 class URLRequestContextGetter;
     21 class URLRequestStatus;
     22 typedef std::vector<std::string> ResponseCookies;
     23 }
     24 
     25 // Authenticate a user using Gaia's OAuth1 and OAuth2 support.
     26 //
     27 // Users of this class typically desire an OAuth2 Access token scoped for a
     28 // specific service.  This will typically start with either an interactive
     29 // login, using StartOAuthLogin, or with a long-lived OAuth1 all-scope
     30 // token obtained through a previous login or other means, using
     31 // StartOAuthGetAccessToken.  In fact, one can start with any of these
     32 // routines:
     33 //   StartOAuthLogin()
     34 //   StartGetOAuthTokenRequest()
     35 //   StartOAuthGetAccessToken()
     36 //   StartOAuthWrapBridge()
     37 //   StartUserInfo()
     38 // with the expectation that each of these calls the next Start* routine in
     39 // the sequence, except for StartUserInfo as it's the last one.
     40 //
     41 // This class can handle one request at a time, and all calls through an
     42 // instance should be serialized.
     43 class GaiaOAuthFetcher : public net::URLFetcherDelegate {
     44  public:
     45   // Defines steps of OAuth process performed by this class.
     46   typedef enum {
     47     OAUTH1_LOGIN,
     48     OAUTH1_REQUEST_TOKEN,
     49     OAUTH1_ALL_ACCESS_TOKEN,
     50     OAUTH2_SERVICE_ACCESS_TOKEN,
     51     USER_INFO,
     52     OAUTH2_REVOKE_TOKEN,
     53   } RequestType;
     54 
     55   GaiaOAuthFetcher(GaiaOAuthConsumer* consumer,
     56                    net::URLRequestContextGetter* getter,
     57                    const std::string& service_scope);
     58 
     59   virtual ~GaiaOAuthFetcher();
     60 
     61   // Sets the mask of which OAuth fetch steps should be automatically kicked
     62   // of upon successful completition of the previous steps. By default,
     63   // this class will chain all steps in OAuth proccess.
     64   void SetAutoFetchLimit(RequestType limit) { auto_fetch_limit_ = limit; }
     65 
     66   // Non-UI version of the method above. Initiates Gaia OAuth request token
     67   // retrieval.
     68   void StartGetOAuthTokenRequest();
     69 
     70   // Performs account login based on OAuth1 access token and its secret.
     71   void StartOAuthLogin(const char* source,
     72                        const char* service,
     73                        const std::string& oauth1_access_token,
     74                        const std::string& oauth1_access_token_secret);
     75 
     76   // Obtains an OAuth1 access token and secret
     77   //
     78   // oauth1_request_token is from GetOAuthToken's result.
     79   virtual void StartOAuthGetAccessToken(
     80       const std::string& oauth1_request_token);
     81 
     82   // Obtains an OAuth2 access token using Gaia's OAuth1-to-OAuth2 bridge.
     83   //
     84   // oauth1_access_token and oauth1_access_token_secret are from
     85   // OAuthGetAccessToken's result.
     86   //
     87   // wrap_token_duration is typically one hour,
     88   // which is also the max -- you can only decrease it.
     89   //
     90   // service_scope will be used as a service name.  For example, Chromium Sync
     91   // uses https://www.googleapis.com/auth/chromesync for its OAuth2 service
     92   // scope here as well as for its service name in TokenService.
     93   virtual void StartOAuthWrapBridge(
     94       const std::string& oauth1_access_token,
     95       const std::string& oauth1_access_token_secret,
     96       const std::string& wrap_token_duration,
     97       const std::string& service_scope);
     98 
     99   // Obtains user information related to an OAuth2 access token
    100   //
    101   // oauth2_access_token is from OAuthWrapBridge's result.
    102   virtual void StartUserInfo(const std::string& oauth2_access_token);
    103 
    104   // Starts a request for revoking the given OAuth access token (as requested by
    105   // StartOAuthGetAccessToken).
    106   virtual void StartOAuthRevokeAccessToken(const std::string& token,
    107                                            const std::string& secret);
    108 
    109   // Starts a request for revoking the given OAuth Bearer token (as requested by
    110   // StartOAuthWrapBridge).
    111   virtual void StartOAuthRevokeWrapToken(const std::string& token);
    112 
    113   // Implementation of net::URLFetcherDelegate
    114   virtual void OnURLFetchComplete(const net::URLFetcher* source) OVERRIDE;
    115 
    116   // StartGetOAuthToken (or other Start* routine) been called, but results
    117   // are not back yet.
    118   virtual bool HasPendingFetch() const;
    119 
    120   // Stop any URL fetches in progress.
    121   virtual void CancelRequest();
    122 
    123  protected:
    124   // Stores the type of the current request in flight.
    125   RequestType request_type_;
    126 
    127  private:
    128   // Process the results of a GetOAuthToken fetch for non-UI driven path.
    129   virtual void OnGetOAuthTokenUrlFetched(const net::ResponseCookies& cookies,
    130                                          const net::URLRequestStatus& status,
    131                                          int response_code);
    132 
    133   // Process the results of a OAuthLogin fetch.
    134   virtual void OnOAuthLoginFetched(const std::string& data,
    135                                    const net::URLRequestStatus& status,
    136                                    int response_code);
    137 
    138   // Process the results of a OAuthGetAccessToken fetch.
    139   virtual void OnOAuthGetAccessTokenFetched(const std::string& data,
    140                                             const net::URLRequestStatus& status,
    141                                             int response_code);
    142 
    143   // Process the results of a OAuthWrapBridge fetch.
    144   virtual void OnOAuthWrapBridgeFetched(const std::string& data,
    145                                         const net::URLRequestStatus& status,
    146                                         int response_code);
    147 
    148   // Process the results of a token revocation fetch.
    149   virtual void OnOAuthRevokeTokenFetched(const std::string& data,
    150                                          const net::URLRequestStatus& status,
    151                                          int response_code);
    152 
    153   // Process the results of a userinfo fetch.
    154   virtual void OnUserInfoFetched(const std::string& data,
    155                                  const net::URLRequestStatus& status,
    156                                  int response_code);
    157 
    158   // Tokenize the results of a OAuthLogin fetch.
    159   static void ParseOAuthLoginResponse(const std::string& data,
    160                                       std::string* sid,
    161                                       std::string* lsid,
    162                                       std::string* auth);
    163 
    164   // Tokenize the results of a OAuthGetAccessToken fetch.
    165   static void ParseOAuthGetAccessTokenResponse(const std::string& data,
    166                                                std::string* token,
    167                                                std::string* secret);
    168 
    169   // Tokenize the results of a OAuthWrapBridge fetch.
    170   static void ParseOAuthWrapBridgeResponse(const std::string& data,
    171                                            std::string* token,
    172                                            std::string* expires_in);
    173 
    174   // Tokenize the results of a userinfo fetch.
    175   static void ParseUserInfoResponse(const std::string& data,
    176                                     std::string* email);
    177 
    178   // From a URLFetcher result, generate an appropriate error.
    179   static GoogleServiceAuthError GenerateAuthError(
    180       const std::string& data,
    181       const net::URLRequestStatus& status,
    182       int response_code);
    183 
    184   // Given parameters, create a OAuth v1 request URL.
    185   static GURL MakeGetOAuthTokenUrl(const std::string& oauth1_login_scope,
    186                                    const std::string& product_name);
    187 
    188   // Given parameters, create a OAuthGetAccessToken request body.
    189   static std::string MakeOAuthGetAccessTokenBody(
    190       const std::string& oauth1_request_token);
    191 
    192   // Given parameters, create a OAuthLogin request body.
    193   static std::string MakeOAuthLoginBody(
    194       const char* source,
    195       const char* service,
    196       const std::string& oauth1_access_token,
    197       const std::string& oauth1_access_token_secret);
    198 
    199   // Given parameters, create a OAuthWrapBridge request body.
    200   static std::string MakeOAuthWrapBridgeBody(
    201       const std::string& oauth1_access_token,
    202       const std::string& oauth1_access_token_secret,
    203       const std::string& wrap_token_duration,
    204       const std::string& oauth2_service_scope);
    205 
    206   // Create a fetcher useable for making any Gaia OAuth request.
    207   static net::URLFetcher* CreateGaiaFetcher(
    208       net::URLRequestContextGetter* getter,
    209       const GURL& gaia_gurl_,
    210       const std::string& body,
    211       const std::string& headers,
    212       bool send_cookies,
    213       net::URLFetcherDelegate* delegate);
    214 
    215   bool ShouldAutoFetch(RequestType fetch_step);
    216 
    217   // These fields are common to GaiaOAuthFetcher, same every request
    218   GaiaOAuthConsumer* const consumer_;
    219   net::URLRequestContextGetter* const getter_;
    220 
    221   // While a fetch is going on:
    222   scoped_ptr<net::URLFetcher> fetcher_;
    223   std::string request_body_;
    224   std::string request_headers_;
    225   std::string service_scope_;
    226   bool fetch_pending_;
    227   RequestType auto_fetch_limit_;
    228 
    229   DISALLOW_COPY_AND_ASSIGN(GaiaOAuthFetcher);
    230 };
    231 
    232 #endif  // CHROME_BROWSER_NET_GAIA_GAIA_OAUTH_FETCHER_H_
    233