| blob | ecef9e4530b209d0dbab5a274187d69e939a29f3 |
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_H_
6 #define GOOGLE_APIS_GAIA_OAUTH2_TOKEN_SERVICE_H_
8 #include <map>
9 #include <set>
10 #include <string>
26 }
31 // Abstract base class for a service that fetches and caches OAuth2 access
32 // tokens. Concrete subclasses should implement GetRefreshToken to return
33 // the appropriate refresh token. Derived services might maintain refresh tokens
34 // for multiple accounts.
35 //
36 // All calls are expected from the UI thread.
37 //
38 // To use this service, call StartRequest() with a given set of scopes and a
39 // consumer of the request results. The consumer is required to outlive the
40 // request. The request can be deleted. The consumer may be called back
41 // asynchronously with the fetch results.
42 //
43 // - If the consumer is not called back before the request is deleted, it will
44 // never be called back.
45 // Note in this case, the actual network requests are not canceled and the
46 // cache will be populated with the fetched results; it is just the consumer
47 // callback that is aborted.
48 //
49 // - Otherwise the consumer will be called back with the request and the fetch
50 // results.
51 //
52 // The caller of StartRequest() owns the returned request and is responsible to
53 // delete the request even once the callback has been invoked.
56 // A set of scopes in OAuth2 authentication.
59 // Class representing a request that fetches an OAuth2 access token.
66 };
68 // Class representing the consumer of a Request passed to |StartRequest|,
69 // which will be called back when the request completes.
77 // |request| is a Request that is started by this consumer and has
78 // completed.
86 };
88 // Classes that want to listen for refresh token availability should
89 // implement this interface and register with the AddObserver() call.
92 // Called whenever a new login-scoped refresh token is available for
93 // account |account_id|. Once available, access tokens can be retrieved for
94 // this account. This is called during initial startup for each token
95 // loaded.
97 // Called whenever the login-scoped refresh token becomes unavailable for
98 // account |account_id|.
100 // Called after all refresh tokens are loaded during OAuth2TokenService
101 // startup.
103 // Sent before starting a batch of refresh token changes.
105 // Sent after a batch of refresh token changes is done.
110 };
112 // Classes that want to monitor status of access token and access token
113 // request should implement this interface and register with the
114 // AddDiagnosticsObserver() call.
117 // Called when receiving request for access token.
121 // Called when access token fetching finished successfully or
122 // unsuccessfully. |expiration_time| are only valid with
123 // successful completion.
127 GoogleServiceAuthError error,
131 };
136 // Add or remove observers of this token service.
140 // Add or remove observers of this token service.
144 // Checks in the cache for a valid access token for a specified |account_id|
145 // and |scopes|, and if not found starts a request for an OAuth2 access token
146 // using the OAuth2 refresh token maintained by this instance for that
147 // |account_id|. The caller owns the returned Request.
148 // |scopes| is the set of scopes to get an access token for, |consumer| is
149 // the object that will be called back with results if the returned request
150 // is not deleted.
155 // This method does the same as |StartRequest| except it uses |client_id| and
156 // |client_secret| to identify OAuth client app instead of using
157 // Chrome's default values.
165 // This method does the same as |StartRequest| except it uses the request
166 // context given by |getter| instead of using the one returned by
167 // |GetRequestContext| implemented by derived classes.
174 // Lists account IDs of all accounts with a refresh token maintained by this
175 // instance.
178 // Returns true if a refresh token exists for |account_id|. If false, calls to
179 // |StartRequest| will result in a Consumer::OnGetTokenFailure callback.
182 // Mark an OAuth2 |access_token| issued for |account_id| and |scopes| as
183 // invalid. This should be done if the token was received from this class,
184 // but was not accepted by the server (e.g., the server returned
185 // 401 Unauthorized). The token will be removed from the cache for the given
186 // scopes.
191 // Like |InvalidateToken| except is uses |client_id| to identity OAuth2 client
192 // app that issued the request instead of Chrome's default values.
199 // Return the current number of entries in the cache.
202 // Returns the current number of pending fetchers matching given params.
209 // Implements a cancelable |OAuth2TokenService::Request|, which should be
210 // operated on the UI thread.
211 // TODO(davidroche): move this out of header file.
216 // |consumer| is required to outlive this.
220 // Overridden from Request:
225 // Informs |consumer_| that this request is completed.
231 // |consumer_| to call back when this request completes.
234 };
236 // Helper class to scope batch changes.
244 };
246 // Subclasses can override if they want to report errors to the user.
251 // Add a new entry to the cache.
252 // Subclasses can override if there are implementation-specific reasons
253 // that an access token should ever not be cached.
260 // Clears the internal token cache.
263 // Clears all of the tokens belonging to |account_id| from the internal token
264 // cache. It does not matter what other parameters, like |client_id| were
265 // used to request the tokens.
268 // Cancels all requests that are currently in progress.
271 // Cancels all requests related to a given |account_id|.
274 // Called by subclasses to notify observers.
282 // Fetches an OAuth token for the specified client/scopes. Virtual so it can
283 // be overridden for tests and for platform-specific behavior on Android.
291 // Creates an access token fetcher for the given account id.
292 //
293 // Subclasses should override to create an access token fetcher for the given
294 // |account_id|. This method is only called if subclasses use the default
295 // implementation of |FetchOAuth2Token|.
301 // Invalidates the |access_token| issued for |account_id|, |client_id| and
302 // |scopes|. Virtual so it can be overriden for tests and for platform-
303 // specifc behavior.
313 // The parameters used to fetch an OAuth2 access token.
321 // OAuth2 client id.
323 // Account id for which the request is made.
325 // URL scopes for the requested access token.
326 ScopeSet scopes;
327 };
331 // Derived classes must provide a request context used for fetching access
332 // tokens with the |StartRequest| method.
335 // Struct that contains the information of an OAuth2 access token.
339 };
341 // This method does the same as |StartRequestWithContext| except it
342 // uses |client_id| and |client_secret| to identify OAuth
343 // client app instead of using Chrome's default values.
352 // Returns true if GetCacheEntry would return a valid cache entry for the
353 // given scopes.
356 // Posts a task to fire the Consumer callback with the cached token. Must
357 // Must only be called if HasCacheEntry() returns true.
362 // Returns a currently valid OAuth2 access token for the given set of scopes,
363 // or NULL if none have been cached. Note the user of this method should
364 // ensure no entry with the same |client_scopes| is added before the usage of
365 // the returned entry is done.
368 // Removes an access token for the given set of scopes from the cache.
369 // Returns true if the entry was removed, otherwise false.
373 // Called when |fetcher| finishes fetching.
376 // Called when a number of fetchers need to be canceled.
379 // The cache of currently valid tokens.
381 TokenCache token_cache_;
383 // A map from fetch parameters to a fetcher that is fetching an OAuth2 access
384 // token using these parameters.
385 PendingFetcherMap pending_fetchers_;
387 // List of observers to notify when refresh token availability changes.
388 // Makes sure list is empty on destruction.
391 // List of observers to notify when access token status changes.
394 // The depth of batch changes.
397 // Maximum number of retries in fetching an OAuth2 access token.
402 SameScopesRequestedForDifferentClients);
405 };