| blob | 2aea05bc425168cf68b761967775d9b8db50279a |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef GOOGLE_APIS_GAIA_GAIA_AUTH_FETCHER_H_
6 #define GOOGLE_APIS_GAIA_GAIA_AUTH_FETCHER_H_
8 #include <string>
9 #include <vector>
18 // Authenticate a user against the Google Accounts ClientLogin API
19 // with various capabilities and return results to a GaiaAuthConsumer.
20 //
21 // In the future, we will also issue auth tokens from this class.
22 // This class should be used on a single thread, but it can be whichever thread
23 // that you like.
24 //
25 // This class can handle one request at a time on any thread. To parallelize
26 // requests, create multiple GaiaAuthFetcher's.
34 }
39 HostedAccountsAllowed,
40 HostedAccountsNotAllowed
41 };
43 // Magic string indicating that, while a second factor is still
44 // needed to complete authentication, the user provided the right password.
47 // This will later be hidden behind an auth service which caches
48 // tokens.
54 // Start a request to obtain the SID and LSID cookies for the the account
55 // identified by |username| and |password|. If |service| is not null or
56 // empty, then also obtains a service token for specified service.
57 //
58 // If this is a second call because of captcha challenge, then the
59 // |login_token| and |login_captcha| arugment should correspond to the
60 // solution of the challenge.
61 //
62 // Either OnClientLoginSuccess or OnClientLoginFailure will be
63 // called on the consumer on the original thread.
69 HostedAccountsSetting allow_hosted_accounts);
71 // Start a request to obtain service token for the the account identified by
72 // |sid| and |lsid| and the service|service|.
73 //
74 // Either OnIssueAuthTokenSuccess or OnIssueAuthTokenFailure will be
75 // called on the consumer on the original thread.
80 // Start a request to exchange an "lso" service token given by |auth_token|
81 // for an OAuthLogin-scoped oauth2 token.
82 //
83 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
84 // called on the consumer on the original thread.
87 // Start a request to exchange the cookies of a signed-in user session
88 // for an OAuthLogin-scoped oauth2 token. In the case of a session with
89 // multiple accounts signed in, |session_index| indicate the which of accounts
90 // within the session.
91 //
92 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
93 // called on the consumer on the original thread.
96 // Start a request to get user info for the account identified by |lsid|.
97 //
98 // Either OnGetUserInfoSuccess or OnGetUserInfoFailure will be
99 // called on the consumer on the original thread.
102 // Start a MergeSession request to pre-login the user with the given
103 // credentials.
104 //
105 // Start a MergeSession request to fill the browsing cookie jar with
106 // credentials represented by the account whose uber-auth token is
107 // |uber_token|. This method will modify the cookies of the current profile.
108 //
109 // Either OnMergeSessionSuccess or OnMergeSessionFailure will be
110 // called on the consumer on the original thread.
113 // Start a request to exchange an OAuthLogin-scoped oauth2 access token for an
114 // uber-auth token. The returned token can be used with the method
115 // StartMergeSession().
116 //
117 // Either OnUberAuthTokenSuccess or OnUberAuthTokenFailure will be
118 // called on the consumer on the original thread.
121 // Start a request to obtain an OAuth2 token for the account identified by
122 // |username| and |password|. |scopes| is a list of oauth scopes that
123 // indicate the access permerssions to assign to the returned token.
124 // |persistent_id| is an optional client identifier used to identify this
125 // particular chrome instances, which may reduce the chance of a challenge.
126 // |locale| will be used to format messages to be presented to the user in
127 // challenges, if needed.
128 //
129 // If the request cannot complete due to a challenge, the
130 // GoogleServiceAuthError will indicate the type of challenge required:
131 // either CAPTCHA_REQUIRED or TWO_FACTOR.
132 //
133 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
134 // called on the consumer on the original thread.
141 // Start a challenge response to obtain an OAuth2 token. This method is
142 // called after a challenge response is issued from a previous call to
143 // StartClientOAuth(). The |type| and |token| arguments come from the
144 // error response to StartClientOAuth(), while the |solution| argument
145 // represents the answer from the user for the partocular challenge.
146 //
147 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
148 // called on the consumer on the original thread.
153 // Start a request to exchange an OAuthLogin-scoped oauth2 access token for a
154 // ClientLogin-style service tokens. The response to this request is the
155 // same as the response to a ClientLogin request, except that captcha
156 // challenges are never issued.
157 //
158 // Either OnClientLoginSuccess or OnClientLoginFailure will be
159 // called on the consumer on the original thread.
163 // Implementation of net::URLFetcherDelegate
166 // StartClientLogin been called && results not back yet?
169 // Stop any URL fetches in progress.
172 // From a URLFetcher result, generate an appropriate error.
173 // From the API documentation, both IssueAuthToken and ClientLogin have
174 // the same error returns.
180 // ClientLogin body constants that don't change
185 // The format of the POST body for ClientLogin.
187 // The format of said POST body when CAPTCHA token & answer are specified.
189 // The format of the POST body for IssueAuthToken.
191 // The format of the POST body to get OAuth2 auth code from auth token.
193 // The format of the POST body to get OAuth2 token pair from auth code.
195 // The format of the POST body for GetUserInfo.
197 // The format of the POST body for MergeSession.
199 // The format of the URL for UberAuthToken.
201 // The format of the body for OAuthLogin.
204 // Constants for parsing ClientLogin errors.
220 // Constants for parsing ClientOAuth errors.
225 // Constants for request/response for OAuth2 requests.
233 // Process the results of a ClientLogin fetch.
271 // Tokenize the results of a ClientLogin fetch.
283 // Parse ClientLogin to OAuth2 response.
295 // Is this a special case Gaia error for TwoFactor auth?
298 // Given parameters, create a ClientLogin request body.
306 HostedAccountsSetting allow_hosted_accounts);
307 // Supply the sid / lsid returned from ClientLogin in order to
308 // request a long lived auth token for a service.
312 // Create body to get OAuth2 auth code.
314 // Given auth code, create body to get OAuth2 token pair.
316 // Supply the lsid returned from ClientLogin in order to fetch
317 // user information.
320 // Supply the authentication token returned from StartIssueAuthToken.
344 // Create a fetcher usable for making any Gaia request. |body| is used
345 // as the body of the POST request sent to GAIA. Any strings listed in
346 // |headers| are added as extra HTTP headers in the request.
347 //
348 // |load_flags| are passed to directly to net::URLFetcher::Create() when
349 // creating the URL fetcher.
358 // From a URLFetcher result, generate an appropriate error.
359 // From the API documentation, both IssueAuthToken and ClientLogin have
360 // the same error returns.
365 // These fields are common to GaiaAuthFetcher, same every request
378 // While a fetch is going on:
380 GURL client_login_to_oauth2_gurl_;
396 ParseClientLoginToOAuth2Response);
404 };