Home | History | Annotate | Download | only in settings 
      1 // Copyright 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_OAUTH2_TOKEN_SERVICE_H_
      6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_OAUTH2_TOKEN_SERVICE_H_
      7 
      8 #include <set>
      9 #include <string>
     10 
     11 #include "base/basictypes.h"
     12 #include "base/gtest_prod_util.h"
     13 #include "base/memory/scoped_ptr.h"
     14 #include "base/stl_util.h"
     15 #include "base/time/time.h"
     16 #include "chrome/browser/signin/oauth2_token_service.h"
     17 #include "google_apis/gaia/gaia_oauth_client.h"
     18 #include "net/url_request/url_request_context_getter.h"
     19 
     20 namespace net {
     21 class URLRequestContextGetter;
     22 }
     23 
     24 class GoogleServiceAuthError;
     25 class PrefRegistrySimple;
     26 class PrefService;
     27 class Profile;
     28 
     29 namespace chromeos {
     30 
     31 // DeviceOAuth2TokenService retrieves OAuth2 access tokens for a given
     32 // set of scopes using the device-level OAuth2 any-api refresh token
     33 // obtained during enterprise device enrollment.
     34 //
     35 // See |OAuth2TokenService| for usage details.
     36 //
     37 // Note that requests must be made from the UI thread.
     38 class DeviceOAuth2TokenService : public OAuth2TokenService {
     39  public:
     40   // Specialization of StartRequest that in parallel validates that the refresh
     41   // token stored on the device is owned by the device service account.
     42   virtual scoped_ptr<Request> StartRequest(const ScopeSet& scopes,
     43                                            Consumer* consumer) OVERRIDE;
     44 
     45   // Persist the given refresh token on the device.  Overwrites any previous
     46   // value.  Should only be called during initial device setup.
     47   void SetAndSaveRefreshToken(const std::string& refresh_token);
     48 
     49   static void RegisterPrefs(PrefRegistrySimple* registry);
     50 
     51   virtual std::string GetRefreshToken() OVERRIDE;
     52 
     53  protected:
     54   // Pull the robot account ID from device policy.
     55   virtual std::string GetRobotAccountId();
     56 
     57  private:
     58   class ValidatingConsumer;
     59   friend class ValidatingConsumer;
     60   friend class DeviceOAuth2TokenServiceFactory;
     61   friend class DeviceOAuth2TokenServiceTest;
     62   friend class TestDeviceOAuth2TokenService;
     63 
     64   // Use DeviceOAuth2TokenServiceFactory to get an instance of this class.
     65   explicit DeviceOAuth2TokenService(net::URLRequestContextGetter* getter,
     66                                     PrefService* local_state);
     67   virtual ~DeviceOAuth2TokenService();
     68 
     69   // Implementation of OAuth2TokenService.
     70   virtual net::URLRequestContextGetter* GetRequestContext() OVERRIDE;
     71 
     72   void OnValidationComplete(bool token_is_valid);
     73 
     74   bool refresh_token_is_valid_;
     75   int max_refresh_token_validation_retries_;
     76 
     77   scoped_refptr<net::URLRequestContextGetter> url_request_context_getter_;
     78 
     79   // Cache the decrypted refresh token, so we only decrypt once.
     80   std::string refresh_token_;
     81   PrefService* local_state_;
     82   DISALLOW_COPY_AND_ASSIGN(DeviceOAuth2TokenService);
     83 };
     84 
     85 }  // namespace chromeos
     86 
     87 #endif  // CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_OAUTH2_TOKEN_SERVICE_H_
     88