Upstream iOS implementation of ProfileOAuth2TokenService

This CL adds the iOS implementation of the ProfileOAuth2TokenService. BUG=NONE Review URL: https://codereview.chromium.org/226643012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@263008 0039d316-1c4b-4281-b951-d872f2087c98
Denger-Network · Apr 10, 2014 · e72a590 · e72a590
1 parent 1cf6ad9
commit e72a590
Show file tree

Hide file tree

Showing 10 changed files with 809 additions and 12 deletions.
diff --git a/components/signin.gypi b/components/signin.gypi
@@ -103,4 +103,25 @@
       ],
     },
   ],
+  'conditions': [
+    ['OS == "ios"', {
+      'targets': [
+        {
+          'target_name': 'signin_ios_browser',
+          'type': 'static_library',
+          'dependencies': [
+            'signin_core_browser',
+            '../ios/provider/ios_components.gyp:ios_components',
+          ],
+          'include_dirs': [
+            '..',
+          ],
+          'sources': [
+            'signin/ios/browser/profile_oauth2_token_service_ios.h',
+            'signin/ios/browser/profile_oauth2_token_service_ios.mm',
+          ],
+        },
+      ],
+    }],
+  ],
 }
diff --git a/components/signin/core/browser/signin_client.h b/components/signin/core/browser/signin_client.h
@@ -17,6 +17,14 @@ class CanonicalCookie;
 class URLRequestContextGetter;
 }
 
+#if defined(OS_IOS)
+namespace ios {
+// TODO(msarda): http://crbug.com/358544 Remove this iOS specific code from the
+// core SigninClient.
+class ProfileOAuth2TokenServiceIOSProvider;
+}
+#endif
+
 // An interface that needs to be supplied to the Signin component by its
 // embedder.
 class SigninClient {
@@ -57,6 +65,12 @@ class SigninClient {
   // Called when Google signin has succeeded.
   virtual void GoogleSigninSucceeded(const std::string& username,
                                      const std::string& password) {}
+
+#if defined(OS_IOS)
+  // TODO(msarda): http://crbug.com/358544 Remove this iOS specific code from
+  // the core SigninClient.
+  virtual ios::ProfileOAuth2TokenServiceIOSProvider* GetIOSProvider() = 0;
+#endif
 };
 
 #endif  // COMPONENTS_SIGNIN_CORE_BROWSER_SIGNIN_CLIENT_H_
diff --git a/components/signin/core/browser/test_signin_client.cc b/components/signin/core/browser/test_signin_client.cc
@@ -53,3 +53,11 @@ bool TestSigninClient::ShouldMergeSigninCredentialsIntoCookieJar() {
 
 void TestSigninClient::SetCookieChangedCallback(
     const CookieChangedCallback& callback) {}
+
+#if defined(OS_IOS)
+ios::ProfileOAuth2TokenServiceIOSProvider* TestSigninClient::GetIOSProvider() {
+  // Just returns NULL for now. It should be changed to return an
+  // |ios::FakeProfileOAuth2TokenServiceIOSProvider|.
+  return NULL;
+}
+#endif
diff --git a/components/signin/core/browser/test_signin_client.h b/components/signin/core/browser/test_signin_client.h
@@ -39,6 +39,10 @@ class TestSigninClient : public SigninClient {
   // Returns a TestURLRequestContextGetter.
   virtual net::URLRequestContextGetter* GetURLRequestContext() OVERRIDE;
 
+#if defined(OS_IOS)
+  virtual ios::ProfileOAuth2TokenServiceIOSProvider* GetIOSProvider() OVERRIDE;
+#endif
+
   // Returns true.
   virtual bool ShouldMergeSigninCredentialsIntoCookieJar() OVERRIDE;
 

diff --git a/components/signin/ios/DEPS b/components/signin/ios/DEPS
@@ -0,0 +1,3 @@
+include_rules = [
+  "+ios/public/provider/components/signin",
+]
diff --git a/components/signin/ios/browser/profile_oauth2_token_service_ios.h b/components/signin/ios/browser/profile_oauth2_token_service_ios.h
@@ -0,0 +1,163 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_
+#define COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_
+
+#include <string>
+
+#include "base/threading/thread_checker.h"
+#include "components/signin/core/browser/mutable_profile_oauth2_token_service.h"
+
+class OAuth2AccessTokenFetcher;
+
+namespace ios{
+class ProfileOAuth2TokenServiceIOSProvider;
+}
+
+// A specialization of ProfileOAuth2TokenService for OS_IOS. It fetches access
+// tokens from the SSOAuth library if the user is signed in using shared
+// authentication or defaults to the parent class
+// |MutableProfileOAuth2TokenService| for pre-SSO signed in users.
+//
+// See |ProfileOAuth2TokenService| for usage details.
+class ProfileOAuth2TokenServiceIOS : public MutableProfileOAuth2TokenService {
+ public:
+  virtual ~ProfileOAuth2TokenServiceIOS();
+
+  // KeyedService
+  virtual void Shutdown() OVERRIDE;
+
+  // OAuth2TokenService
+  virtual bool RefreshTokenIsAvailable(
+      const std::string& account_id) const OVERRIDE;
+
+  virtual void InvalidateOAuth2Token(const std::string& account_id,
+                                     const std::string& client_id,
+                                     const ScopeSet& scopes,
+                                     const std::string& access_token) OVERRIDE;
+
+  // ProfileOAuth2TokenService
+  virtual void Initialize(SigninClient* client) OVERRIDE;
+  virtual void LoadCredentials(const std::string& primary_account_id) OVERRIDE;
+  virtual std::vector<std::string> GetAccounts() OVERRIDE;
+  virtual void UpdateAuthError(const std::string& account_id,
+                               const GoogleServiceAuthError& error) OVERRIDE;
+
+  // This method should not be called when using shared authentication.
+  virtual void UpdateCredentials(const std::string& account_id,
+                                 const std::string& refresh_token) OVERRIDE;
+
+  // Removes all credentials from this instance of |ProfileOAuth2TokenService|,
+  // however, it does not revoke the identities from the device.
+  // Subsequent calls to |RefreshTokenIsAvailable| will return |false|.
+  virtual void RevokeAllCredentials() OVERRIDE;
+
+  // Returns the refresh token for |account_id| .
+  // Must only be called when |ShouldUseIOSSharedAuthentication| returns false.
+  std::string GetRefreshTokenWhenNotUsingSharedAuthentication(
+      const std::string& account_id);
+
+  // Reloads accounts from the provider. Fires |OnRefreshTokenAvailable| for
+  // each new account. Fires |OnRefreshTokenRevoked| for each account that was
+  // removed.
+  void ReloadCredentials();
+
+  // Upgrades to using shared authentication token service.
+  //
+  // Note: If this |ProfileOAuth2TokenServiceIOS| was using the legacy token
+  // service, then this call also revokes all tokens from the parent
+  // |MutableProfileOAuth2TokenService|.
+  void StartUsingSharedAuthentication();
+
+  // Sets |use_legacy_token_service_| to |use_legacy_token_service|.
+  //
+  // Should only be called for testing.
+  void SetUseLegacyTokenServiceForTesting(bool use_legacy_token_service);
+
+  // Revokes the OAuth2 refresh tokens for all accounts from the parent
+  // |MutableProfileOAuth2TokenService|.
+  //
+  // Note: This method should only be called if the legacy pre-SSOAuth token
+  // service is used.
+  void ForceInvalidGrantResponses();
+
+ protected:
+  friend class ProfileOAuth2TokenServiceFactory;
+
+  ProfileOAuth2TokenServiceIOS();
+
+  virtual OAuth2AccessTokenFetcher* CreateAccessTokenFetcher(
+      const std::string& account_id,
+      net::URLRequestContextGetter* getter,
+      OAuth2AccessTokenConsumer* consumer) OVERRIDE;
+
+  // Protected and virtual to be overriden by fake for testing.
+
+  // Adds |account_id| to |accounts_| if it does not exist or udpates
+  // the auth error state of |account_id| if it exists. Fires
+  // |OnRefreshTokenAvailable| if the account info is updated.
+  virtual void AddOrUpdateAccount(const std::string& account_id);
+
+  // Removes |account_id| from |accounts_|. Fires |OnRefreshTokenRevoked|
+  // if the account info is removed.
+  virtual void RemoveAccount(const std::string& account_id);
+
+ private:
+  class AccountInfo : public SigninErrorController::AuthStatusProvider {
+   public:
+    AccountInfo(ProfileOAuth2TokenService* token_service,
+                const std::string& account_id);
+    virtual ~AccountInfo();
+
+    void SetLastAuthError(const GoogleServiceAuthError& error);
+
+    // SigninErrorController::AuthStatusProvider implementation.
+    virtual std::string GetAccountId() const OVERRIDE;
+    virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE;
+
+   private:
+    ProfileOAuth2TokenService* token_service_;
+    std::string account_id_;
+    GoogleServiceAuthError last_auth_error_;
+
+    DISALLOW_COPY_AND_ASSIGN(AccountInfo);
+  };
+
+  // Maps the |account_id| of accounts known to ProfileOAuth2TokenService
+  // to information about the account.
+  typedef std::map<std::string, linked_ptr<AccountInfo> > AccountInfoMap;
+
+  // MutableProfileOAuth2TokenService
+  virtual std::string GetRefreshToken(
+      const std::string& account_id) const OVERRIDE;
+
+  // Returns the iOS provider;
+  ios::ProfileOAuth2TokenServiceIOSProvider* GetProvider();
+
+  // Info about the existing accounts.
+  AccountInfoMap accounts_;
+
+  // Calls to this class are expected to be made from the browser UI thread.
+  // The purpose of this  this checker is to warn us if the upstream usage of
+  // ProfileOAuth2TokenService ever gets changed to have it be used across
+  // multiple threads.
+  base::ThreadChecker thread_checker_;
+
+  // Whether to use the legacy pre-SSOAuth token service.
+  //
+  // |use_legacy_token_service_| is true iff the provider is not using shared
+  // authentication during |LoadCredentials|. Note that |LoadCredentials| is
+  // called exactly once after the PO2TS initialization iff the user is signed
+  // in.
+  //
+  // If |use_legacy_token_service_| is true, then this
+  // |ProfileOAuth2TokenServiceIOS| delegates all calls to the parent
+  // |MutableProfileOAuth2TokenService|.
+  bool use_legacy_token_service_;
+
+  DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenServiceIOS);
+};
+
+#endif  // COMPONENTS_SIGNIN_IOS_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_IOS_H_