Home | History | Annotate | Download | only in policy 
      1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_POLICY_OAUTH2_TOKEN_FETCHER_H_
      6 #define CHROME_BROWSER_CHROMEOS_POLICY_POLICY_OAUTH2_TOKEN_FETCHER_H_
      7 
      8 #include <string>
      9 
     10 #include "base/basictypes.h"
     11 #include "base/callback.h"
     12 #include "base/compiler_specific.h"
     13 #include "base/memory/ref_counted.h"
     14 #include "base/memory/scoped_ptr.h"
     15 #include "base/memory/weak_ptr.h"
     16 #include "google_apis/gaia/gaia_auth_consumer.h"
     17 #include "google_apis/gaia/oauth2_access_token_consumer.h"
     18 
     19 class GaiaAuthFetcher;
     20 class OAuth2AccessTokenFetcher;
     21 
     22 namespace net {
     23 class URLRequestContextGetter;
     24 }
     25 
     26 namespace policy {
     27 
     28 // Fetches the OAuth2 token for the device management service. Since Profile
     29 // creation might be blocking on a user policy fetch, this fetcher must always
     30 // send a (possibly empty) token to the callback, which will then let the policy
     31 // subsystem proceed and resume Profile creation. Sending the token even when no
     32 // Profile is pending is also OK.
     33 class PolicyOAuth2TokenFetcher
     34     : public base::SupportsWeakPtr<PolicyOAuth2TokenFetcher>,
     35       public GaiaAuthConsumer,
     36       public OAuth2AccessTokenConsumer {
     37  public:
     38   typedef base::Callback<void(const std::string&,
     39                               const GoogleServiceAuthError&)> TokenCallback;
     40 
     41   // Fetches the device management service's oauth2 token, after also retrieving
     42   // the OAuth2 refresh tokens.
     43   PolicyOAuth2TokenFetcher(net::URLRequestContextGetter* auth_context_getter,
     44                            net::URLRequestContextGetter* system_context_getter,
     45                            const TokenCallback& callback);
     46 
     47   virtual ~PolicyOAuth2TokenFetcher();
     48 
     49   // Starts process of minting device management service OAuth2 access token.
     50   void Start();
     51 
     52   // Returns OAuth2 tokens fetched through an authenticated cookie jar.
     53   const GaiaAuthConsumer::ClientOAuthResult& oauth2_tokens() const {
     54     return oauth2_tokens_;
     55   }
     56 
     57   // True if we have OAuth2 tokens that were fetched through an authenticated
     58   // cookie jar.
     59   bool has_oauth2_tokens() const {
     60     return !oauth2_tokens_.refresh_token.empty();
     61   }
     62 
     63   // Returns true if we have previously attempted to fetch tokens with this
     64   // class and failed.
     65   bool failed() const {
     66     return failed_;
     67   }
     68 
     69   const std::string& oauth2_refresh_token() const {
     70     return oauth2_refresh_token_;
     71   }
     72   const std::string& oauth2_access_token() const {
     73     return oauth2_access_token_;
     74   }
     75 
     76  private:
     77   // GaiaAuthConsumer overrides.
     78   virtual void OnClientOAuthSuccess(
     79       const GaiaAuthConsumer::ClientOAuthResult& oauth_tokens) OVERRIDE;
     80   virtual void OnClientOAuthFailure(
     81       const GoogleServiceAuthError& error) OVERRIDE;
     82 
     83   // OAuth2AccessTokenConsumer overrides.
     84   virtual void OnGetTokenSuccess(const std::string& access_token,
     85                                  const base::Time& expiration_time) OVERRIDE;
     86   virtual void OnGetTokenFailure(const GoogleServiceAuthError& error) OVERRIDE;
     87 
     88   // Starts fetching OAuth2 refresh token.
     89   void StartFetchingRefreshToken();
     90 
     91   // Starts fetching OAuth2 access token for the device management service.
     92   void StartFetchingAccessToken();
     93 
     94   // Decides how to proceed on GAIA |error|. If the error looks temporary,
     95   // retries |task| until max retry count is reached.
     96   // If retry count runs out, or error condition is unrecoverable, it calls
     97   // Delegate::OnOAuth2TokenFetchFailed().
     98   void RetryOnError(const GoogleServiceAuthError& error,
     99                     const base::Closure& task);
    100 
    101   // Passes |token| and |error| to the |callback_|.
    102   void ForwardPolicyToken(const std::string& token,
    103                           const GoogleServiceAuthError& error);
    104 
    105   scoped_refptr<net::URLRequestContextGetter> auth_context_getter_;
    106   scoped_refptr<net::URLRequestContextGetter> system_context_getter_;
    107   scoped_ptr<GaiaAuthFetcher> refresh_token_fetcher_;
    108   scoped_ptr<OAuth2AccessTokenFetcher> access_token_fetcher_;
    109   GaiaAuthConsumer::ClientOAuthResult oauth2_tokens_;
    110 
    111   // OAuth2 refresh token. Could come either from the outside or through
    112   // refresh token fetching flow within this class.
    113   std::string oauth2_refresh_token_;
    114 
    115   // OAuth2 access token.
    116   std::string oauth2_access_token_;
    117 
    118   // The retry counter. Increment this only when failure happened.
    119   int retry_count_;
    120 
    121   // True if we have already failed to fetch the policy.
    122   bool failed_;
    123 
    124   // The callback to invoke when done.
    125   TokenCallback callback_;
    126 
    127   DISALLOW_COPY_AND_ASSIGN(PolicyOAuth2TokenFetcher);
    128 };
    129 
    130 }  // namespace policy
    131 
    132 #endif  // CHROME_BROWSER_CHROMEOS_POLICY_POLICY_OAUTH2_TOKEN_FETCHER_H_
    133