Home | History | Annotate | Download | only in identity 
      1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "chrome/common/extensions/api/identity/oauth2_manifest_handler.h"
      6 
      7 #include "base/lazy_instance.h"
      8 #include "base/memory/scoped_ptr.h"
      9 #include "base/strings/utf_string_conversions.h"
     10 #include "base/values.h"
     11 #include "extensions/common/error_utils.h"
     12 #include "extensions/common/manifest_constants.h"
     13 
     14 namespace {
     15 
     16 // Manifest keys.
     17 const char kClientId[] = "client_id";
     18 const char kScopes[] = "scopes";
     19 const char kAutoApprove[] = "auto_approve";
     20 
     21 }  // namespace
     22 
     23 namespace extensions {
     24 
     25 namespace keys = manifest_keys;
     26 namespace errors = manifest_errors;
     27 
     28 OAuth2Info::OAuth2Info() : auto_approve(false) {}
     29 OAuth2Info::~OAuth2Info() {}
     30 
     31 static base::LazyInstance<OAuth2Info> g_empty_oauth2_info =
     32     LAZY_INSTANCE_INITIALIZER;
     33 
     34 // static
     35 const OAuth2Info& OAuth2Info::GetOAuth2Info(const Extension* extension) {
     36   OAuth2Info* info = static_cast<OAuth2Info*>(
     37       extension->GetManifestData(keys::kOAuth2));
     38   return info ? *info : g_empty_oauth2_info.Get();
     39 }
     40 
     41 OAuth2ManifestHandler::OAuth2ManifestHandler() {
     42 }
     43 
     44 OAuth2ManifestHandler::~OAuth2ManifestHandler() {
     45 }
     46 
     47 bool OAuth2ManifestHandler::Parse(Extension* extension,
     48                                   base::string16* error) {
     49   scoped_ptr<OAuth2Info> info(new OAuth2Info);
     50   const base::DictionaryValue* dict = NULL;
     51   if (!extension->manifest()->GetDictionary(keys::kOAuth2, &dict)) {
     52     *error = base::ASCIIToUTF16(errors::kInvalidOAuth2ClientId);
     53     return false;
     54   }
     55 
     56   // HasPath checks for whether the manifest is allowed to have
     57   // oauth2.auto_approve based on whitelist, and if it is present.
     58   // GetBoolean reads the value of auto_approve directly from dict to prevent
     59   // duplicate checking.
     60   if (extension->manifest()->HasPath(keys::kOAuth2AutoApprove) &&
     61       !dict->GetBoolean(kAutoApprove, &info->auto_approve)) {
     62     *error = base::ASCIIToUTF16(errors::kInvalidOAuth2AutoApprove);
     63     return false;
     64   }
     65 
     66   // Component apps using auto_approve may use Chrome's client ID by
     67   // omitting the field.
     68   if ((!dict->GetString(kClientId, &info->client_id) ||
     69        info->client_id.empty()) &&
     70       (extension->location() != Manifest::COMPONENT || !info->auto_approve)) {
     71     *error = base::ASCIIToUTF16(errors::kInvalidOAuth2ClientId);
     72     return false;
     73   }
     74 
     75   const base::ListValue* list = NULL;
     76   if (!dict->GetList(kScopes, &list)) {
     77     *error = base::ASCIIToUTF16(errors::kInvalidOAuth2Scopes);
     78     return false;
     79   }
     80 
     81   for (size_t i = 0; i < list->GetSize(); ++i) {
     82     std::string scope;
     83     if (!list->GetString(i, &scope)) {
     84       *error = base::ASCIIToUTF16(errors::kInvalidOAuth2Scopes);
     85       return false;
     86     }
     87     info->scopes.push_back(scope);
     88   }
     89 
     90   extension->SetManifestData(keys::kOAuth2, info.release());
     91   return true;
     92 }
     93 
     94 const std::vector<std::string> OAuth2ManifestHandler::Keys() const {
     95   return SingleKey(keys::kOAuth2);
     96 }
     97 
     98 }  // namespace extensions
     99