1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_SIGNIN_ANDROID_PROFILE_OAUTH2_TOKEN_SERVICE_H_ 6 #define CHROME_BROWSER_SIGNIN_ANDROID_PROFILE_OAUTH2_TOKEN_SERVICE_H_ 7 8 #include <jni.h> 9 #include <string> 10 11 #include "base/android/jni_weak_ref.h" 12 #include "base/callback.h" 13 #include "base/memory/scoped_ptr.h" 14 #include "base/time/time.h" 15 #include "components/signin/core/browser/profile_oauth2_token_service.h" 16 #include "google_apis/gaia/google_service_auth_error.h" 17 18 // A specialization of ProfileOAuth2TokenService that will be returned by 19 // ProfileOAuth2TokenServiceFactory for OS_ANDROID. This instance uses 20 // native Android features to lookup OAuth2 tokens. 21 // 22 // See |ProfileOAuth2TokenService| for usage details. 23 // 24 // Note: requests should be started from the UI thread. To start a 25 // request from other thread, please use OAuth2TokenServiceRequest. 26 class AndroidProfileOAuth2TokenService : public ProfileOAuth2TokenService { 27 public: 28 // Registers the AndroidProfileOAuth2TokenService's native methods through 29 // JNI. 30 static bool Register(JNIEnv* env); 31 32 // Creates a new instance of the AndroidProfileOAuth2TokenService. 33 static AndroidProfileOAuth2TokenService* Create(); 34 35 // Returns a reference to the Java instance of this service. 36 static jobject GetForProfile( 37 JNIEnv* env, jclass clazz, jobject j_profile_android); 38 39 // Called by the TestingProfile class to disable account validation in 40 // tests. This prevents the token service from trying to look up system 41 // accounts which requires special permission. 42 static void set_is_testing_profile() { 43 is_testing_profile_ = true; 44 } 45 46 // ProfileOAuth2TokenService overrides: 47 virtual void Initialize(SigninClient* client) OVERRIDE; 48 virtual bool RefreshTokenIsAvailable( 49 const std::string& account_id) const OVERRIDE; 50 virtual std::vector<std::string> GetAccounts() OVERRIDE; 51 52 // Lists account at the OS level. 53 std::vector<std::string> GetSystemAccounts(); 54 55 void ValidateAccounts(JNIEnv* env, 56 jobject obj, 57 jstring current_account, 58 jboolean force_notifications); 59 60 // Takes a the signed in sync account as well as all the other 61 // android account ids and check the token status of each. If 62 // |force_notifications| is true, TokenAvailable notifications will 63 // be sent anyway, even if the account was already known. 64 void ValidateAccounts(const std::string& signed_in_account, 65 bool force_notifications); 66 67 // Triggers a notification to all observers of the OAuth2TokenService that a 68 // refresh token is now available. This may cause observers to retry 69 // operations that require authentication. 70 virtual void FireRefreshTokenAvailableFromJava(JNIEnv* env, 71 jobject obj, 72 const jstring account_name); 73 // Triggers a notification to all observers of the OAuth2TokenService that a 74 // refresh token is now available. 75 virtual void FireRefreshTokenRevokedFromJava(JNIEnv* env, 76 jobject obj, 77 const jstring account_name); 78 // Triggers a notification to all observers of the OAuth2TokenService that all 79 // refresh tokens have now been loaded. 80 virtual void FireRefreshTokensLoadedFromJava(JNIEnv* env, jobject obj); 81 82 // Overridden from OAuth2TokenService to complete signout of all 83 // OA2TService aware accounts. 84 virtual void RevokeAllCredentials() OVERRIDE; 85 86 protected: 87 friend class ProfileOAuth2TokenServiceFactory; 88 AndroidProfileOAuth2TokenService(); 89 virtual ~AndroidProfileOAuth2TokenService(); 90 91 // Overridden from OAuth2TokenService to intercept token fetch requests and 92 // redirect them to the Account Manager. 93 virtual void FetchOAuth2Token(RequestImpl* request, 94 const std::string& account_id, 95 net::URLRequestContextGetter* getter, 96 const std::string& client_id, 97 const std::string& client_secret, 98 const ScopeSet& scopes) OVERRIDE; 99 100 // Overriden from OAuth2TokenService to avoid compile errors. Has NOTREACHED() 101 // implementation as |AndroidProfileOAuth2TokenService| overrides 102 // |FetchOAuth2Token| and thus bypasses this method entirely. 103 virtual OAuth2AccessTokenFetcher* CreateAccessTokenFetcher( 104 const std::string& account_id, 105 net::URLRequestContextGetter* getter, 106 OAuth2AccessTokenConsumer* consumer) OVERRIDE; 107 108 // Overridden from OAuth2TokenService to intercept token fetch requests and 109 // redirect them to the Account Manager. 110 virtual void InvalidateOAuth2Token(const std::string& account_id, 111 const std::string& client_id, 112 const ScopeSet& scopes, 113 const std::string& access_token) OVERRIDE; 114 115 // Called to notify observers when a refresh token is available. 116 virtual void FireRefreshTokenAvailable( 117 const std::string& account_id) OVERRIDE; 118 // Called to notify observers when a refresh token has been revoked. 119 virtual void FireRefreshTokenRevoked(const std::string& account_id) OVERRIDE; 120 // Called to notify observers when refresh tokans have been loaded. 121 virtual void FireRefreshTokensLoaded() OVERRIDE; 122 123 // Return whether |signed_in_account| is valid and we have access 124 // to all the tokens in |curr_account_ids|. If |force_notifications| is true, 125 // TokenAvailable notifications will be sent anyway, even if the account was 126 // already known. 127 bool ValidateAccounts(const std::string& signed_in_account, 128 const std::vector<std::string>& prev_account_ids, 129 const std::vector<std::string>& curr_account_ids, 130 std::vector<std::string>& refreshed_ids, 131 std::vector<std::string>& revoked_ids, 132 bool force_notifications); 133 134 private: 135 base::android::ScopedJavaGlobalRef<jobject> java_ref_; 136 137 static bool is_testing_profile_; 138 139 DISALLOW_COPY_AND_ASSIGN(AndroidProfileOAuth2TokenService); 140 }; 141 142 #endif // CHROME_BROWSER_SIGNIN_ANDROID_PROFILE_OAUTH2_TOKEN_SERVICE_H_ 143