google_apis/gaia/oauth2_mint_token_flow.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "google_apis/gaia/oauth2_mint_token_flow.h"
   6
   7 #include <string>
   8 #include <vector>
   9
  10 #include "base/basictypes.h"
  11 #include "base/bind.h"
  12 #include "base/command_line.h"
  13 #include "base/json/json_reader.h"
  14 #include "base/message_loop/message_loop.h"
  15 #include "base/strings/string_number_conversions.h"
  16 #include "base/strings/string_util.h"
  17 #include "base/strings/stringprintf.h"
  18 #include "base/strings/utf_string_conversions.h"
  19 #include "base/values.h"
  20 #include "google_apis/gaia/gaia_urls.h"
  21 #include "google_apis/gaia/google_service_auth_error.h"
  22 #include "net/base/escape.h"
  23 #include "net/url_request/url_fetcher.h"
  24 #include "net/url_request/url_request_context_getter.h"
  25 #include "net/url_request/url_request_status.h"
  26
  27 using net::URLFetcher;
  28 using net::URLRequestContextGetter;
  29 using net::URLRequestStatus;
  30
  31 namespace {
  32
  33 const char kForceValueFalse[] = "false";
  34 const char kForceValueTrue[] = "true";
  35 const char kResponseTypeValueNone[] = "none";
  36 const char kResponseTypeValueToken[] = "token";
  37
  38 const char kOAuth2IssueTokenBodyFormat[] =
  39     "force=%s"
  40     "&response_type=%s"
  41     "&scope=%s"
  42     "&client_id=%s"
  43     "&origin=%s";
  44 const char kOAuth2IssueTokenBodyFormatDeviceIdAddendum[] =
  45     "&device_id=%s&device_type=chrome";
  46 const char kIssueAdviceKey[] = "issueAdvice";
  47 const char kIssueAdviceValueConsent[] = "consent";
  48 const char kAccessTokenKey[] = "token";
  49 const char kConsentKey[] = "consent";
  50 const char kExpiresInKey[] = "expiresIn";
  51 const char kScopesKey[] = "scopes";
  52 const char kDescriptionKey[] = "description";
  53 const char kDetailKey[] = "detail";
  54 const char kDetailSeparators[] = "\n";
  55 const char kError[] = "error";
  56 const char kMessage[] = "message";
  57
  58 static GoogleServiceAuthError CreateAuthError(const net::URLFetcher* source) {
  59   URLRequestStatus status = source->GetStatus();
  60   if (status.status() == URLRequestStatus::CANCELED) {
  61     return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED);
  62   }
  63   if (status.status() == URLRequestStatus::FAILED) {
  64     DLOG(WARNING) << "Server returned error: errno " << status.error();
  65     return GoogleServiceAuthError::FromConnectionError(status.error());
  66   }
  67
  68   std::string response_body;
  69   source->GetResponseAsString(&response_body);
  70   scoped_ptr<base::Value> value = base::JSONReader::Read(response_body);
  71   base::DictionaryValue* response;
  72   if (!value.get() || !value->GetAsDictionary(&response)) {
  73     return GoogleServiceAuthError::FromUnexpectedServiceResponse(
  74         base::StringPrintf(
  75             "Not able to parse a JSON object from a service response. "
  76             "HTTP Status of the response is: %d", source->GetResponseCode()));
  77   }
  78   base::DictionaryValue* error;
  79   if (!response->GetDictionary(kError, &error)) {
  80     return GoogleServiceAuthError::FromUnexpectedServiceResponse(
  81         "Not able to find a detailed error in a service response.");
  82   }
  83   std::string message;
  84   if (!error->GetString(kMessage, &message)) {
  85     return GoogleServiceAuthError::FromUnexpectedServiceResponse(
  86         "Not able to find an error message within a service error.");
  87   }
  88   return GoogleServiceAuthError::FromServiceError(message);
  89 }
  90
  91 }  // namespace
  92
  93 IssueAdviceInfoEntry::IssueAdviceInfoEntry() {}
  94 IssueAdviceInfoEntry::~IssueAdviceInfoEntry() {}
  95
  96 bool IssueAdviceInfoEntry::operator ==(const IssueAdviceInfoEntry& rhs) const {
  97   return description == rhs.description && details == rhs.details;
  98 }
  99
 100 OAuth2MintTokenFlow::Parameters::Parameters() : mode(MODE_ISSUE_ADVICE) {}
 101
 102 OAuth2MintTokenFlow::Parameters::Parameters(
 103     const std::string& eid,
 104     const std::string& cid,
 105     const std::vector<std::string>& scopes_arg,
 106     const std::string& device_id,
 107     Mode mode_arg)
 108     : extension_id(eid),
 109       client_id(cid),
 110       scopes(scopes_arg),
 111       device_id(device_id),
 112       mode(mode_arg) {
 113 }
 114
 115 OAuth2MintTokenFlow::Parameters::~Parameters() {}
 116
 117 OAuth2MintTokenFlow::OAuth2MintTokenFlow(Delegate* delegate,
 118                                          const Parameters& parameters)
 119     : delegate_(delegate), parameters_(parameters), weak_factory_(this) {
 120 }
 121
 122 OAuth2MintTokenFlow::~OAuth2MintTokenFlow() { }
 123
 124 void OAuth2MintTokenFlow::ReportSuccess(const std::string& access_token,
 125                                         int time_to_live) {
 126   if (delegate_)
 127     delegate_->OnMintTokenSuccess(access_token, time_to_live);
 128
 129   // |this| may already be deleted.
 130 }
 131
 132 void OAuth2MintTokenFlow::ReportIssueAdviceSuccess(
 133     const IssueAdviceInfo& issue_advice) {
 134   if (delegate_)
 135     delegate_->OnIssueAdviceSuccess(issue_advice);
 136
 137   // |this| may already be deleted.
 138 }
 139
 140 void OAuth2MintTokenFlow::ReportFailure(
 141     const GoogleServiceAuthError& error) {
 142   if (delegate_)
 143     delegate_->OnMintTokenFailure(error);
 144
 145   // |this| may already be deleted.
 146 }
 147
 148 GURL OAuth2MintTokenFlow::CreateApiCallUrl() {
 149   return GaiaUrls::GetInstance()->oauth2_issue_token_url();
 150 }
 151
 152 std::string OAuth2MintTokenFlow::CreateApiCallBody() {
 153   const char* force_value =
 154       (parameters_.mode == MODE_MINT_TOKEN_FORCE ||
 155        parameters_.mode == MODE_RECORD_GRANT)
 156           ? kForceValueTrue : kForceValueFalse;
 157   const char* response_type_value =
 158       (parameters_.mode == MODE_MINT_TOKEN_NO_FORCE ||
 159        parameters_.mode == MODE_MINT_TOKEN_FORCE)
 160           ? kResponseTypeValueToken : kResponseTypeValueNone;
 161   std::string body = base::StringPrintf(
 162       kOAuth2IssueTokenBodyFormat,
 163       net::EscapeUrlEncodedData(force_value, true).c_str(),
 164       net::EscapeUrlEncodedData(response_type_value, true).c_str(),
 165       net::EscapeUrlEncodedData(
 166           JoinString(parameters_.scopes, ' '), true).c_str(),
 167       net::EscapeUrlEncodedData(parameters_.client_id, true).c_str(),
 168       net::EscapeUrlEncodedData(parameters_.extension_id, true).c_str());
 169   if (!parameters_.device_id.empty()) {
 170     body.append(base::StringPrintf(
 171         kOAuth2IssueTokenBodyFormatDeviceIdAddendum,
 172         net::EscapeUrlEncodedData(parameters_.device_id, true).c_str()));
 173   }
 174   return body;
 175 }
 176
 177 void OAuth2MintTokenFlow::ProcessApiCallSuccess(
 178     const net::URLFetcher* source) {
 179   std::string response_body;
 180   source->GetResponseAsString(&response_body);
 181   scoped_ptr<base::Value> value = base::JSONReader::Read(response_body);
 182   base::DictionaryValue* dict = NULL;
 183   if (!value.get() || !value->GetAsDictionary(&dict)) {
 184     ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
 185         "Not able to parse a JSON object from a service response."));
 186     return;
 187   }
 188
 189   std::string issue_advice_value;
 190   if (!dict->GetString(kIssueAdviceKey, &issue_advice_value)) {
 191     ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
 192         "Not able to find an issueAdvice in a service response."));
 193     return;
 194   }
 195   if (issue_advice_value == kIssueAdviceValueConsent) {
 196     IssueAdviceInfo issue_advice;
 197     if (ParseIssueAdviceResponse(dict, &issue_advice))
 198       ReportIssueAdviceSuccess(issue_advice);
 199     else
 200       ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
 201           "Not able to parse the contents of consent "
 202           "from a service response."));
 203   } else {
 204     std::string access_token;
 205     int time_to_live;
 206     if (ParseMintTokenResponse(dict, &access_token, &time_to_live))
 207       ReportSuccess(access_token, time_to_live);
 208     else
 209       ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
 210           "Not able to parse the contents of access token "
 211           "from a service response."));
 212   }
 213
 214   // |this| may be deleted!
 215 }
 216
 217 void OAuth2MintTokenFlow::ProcessApiCallFailure(
 218     const net::URLFetcher* source) {
 219   ReportFailure(CreateAuthError(source));
 220 }
 221
 222 // static
 223 bool OAuth2MintTokenFlow::ParseMintTokenResponse(
 224     const base::DictionaryValue* dict, std::string* access_token,
 225     int* time_to_live) {
 226   CHECK(dict);
 227   CHECK(access_token);
 228   CHECK(time_to_live);
 229   std::string ttl_string;
 230   return dict->GetString(kExpiresInKey, &ttl_string) &&
 231       base::StringToInt(ttl_string, time_to_live) &&
 232       dict->GetString(kAccessTokenKey, access_token);
 233 }
 234
 235 // static
 236 bool OAuth2MintTokenFlow::ParseIssueAdviceResponse(
 237     const base::DictionaryValue* dict, IssueAdviceInfo* issue_advice) {
 238   CHECK(dict);
 239   CHECK(issue_advice);
 240
 241   const base::DictionaryValue* consent_dict = NULL;
 242   if (!dict->GetDictionary(kConsentKey, &consent_dict))
 243     return false;
 244
 245   const base::ListValue* scopes_list = NULL;
 246   if (!consent_dict->GetList(kScopesKey, &scopes_list))
 247     return false;
 248
 249   bool success = true;
 250   for (size_t index = 0; index < scopes_list->GetSize(); ++index) {
 251     const base::DictionaryValue* scopes_entry = NULL;
 252     IssueAdviceInfoEntry entry;
 253     base::string16 detail;
 254     if (!scopes_list->GetDictionary(index, &scopes_entry) ||
 255         !scopes_entry->GetString(kDescriptionKey, &entry.description) ||
 256         !scopes_entry->GetString(kDetailKey, &detail)) {
 257       success = false;
 258       break;
 259     }
 260
 261     base::TrimWhitespace(entry.description, base::TRIM_ALL, &entry.description);
 262     static const base::string16 detail_separators =
 263         base::ASCIIToUTF16(kDetailSeparators);
 264     Tokenize(detail, detail_separators, &entry.details);
 265     for (size_t i = 0; i < entry.details.size(); i++)
 266       base::TrimWhitespace(entry.details[i], base::TRIM_ALL, &entry.details[i]);
 267     issue_advice->push_back(entry);
 268   }
 269
 270   if (!success)
 271     issue_advice->clear();
 272
 273   return success;
 274 }