components/signin/core/browser/profile_oauth2_token_service.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef COMPONENTS_SIGNIN_CORE_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_H_
   6 #define COMPONENTS_SIGNIN_CORE_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_H_
   7
   8 #include <string>
   9
  10 #include "base/gtest_prod_util.h"
  11 #include "base/memory/linked_ptr.h"
  12 #include "components/keyed_service/core/keyed_service.h"
  13 #include "google_apis/gaia/oauth2_token_service.h"
  14
  15 namespace net {
  16 class URLRequestContextGetter;
  17 }
  18
  19 class GoogleServiceAuthError;
  20 class SigninClient;
  21 class SigninErrorController;
  22
  23 // ProfileOAuth2TokenService is a KeyedService that retrieves
  24 // OAuth2 access tokens for a given set of scopes using the OAuth2 login
  25 // refresh tokens.
  26 //
  27 // See |OAuth2TokenService| for usage details.
  28 //
  29 // Note: after StartRequest returns, in-flight requests will continue
  30 // even if the TokenService refresh token that was used to initiate
  31 // the request changes or is cleared.  When the request completes,
  32 // Consumer::OnGetTokenSuccess will be invoked, but the access token
  33 // won't be cached.
  34 //
  35 // Note: requests should be started from the UI thread. To start a
  36 // request from other thread, please use OAuth2TokenServiceRequest.
  37 class ProfileOAuth2TokenService : public OAuth2TokenService,
  38                                   public KeyedService {
  39  public:
  40   ~ProfileOAuth2TokenService() override;
  41
  42   // Initializes this token service with the SigninClient.
  43   virtual void Initialize(SigninClient* client,
  44                           SigninErrorController* signin_error_controller);
  45
  46   // KeyedService implementation.
  47   void Shutdown() override;
  48
  49   // Lists account IDs of all accounts with a refresh token.
  50   std::vector<std::string> GetAccounts() override;
  51
  52   // Loads credentials from a backing persistent store to make them available
  53   // after service is used between profile restarts.
  54   //
  55   // Only call this method if there is at least one account connected to the
  56   // profile, otherwise startup will cause unneeded work on the IO thread.  The
  57   // primary account is specified with the |primary_account_id| argument and
  58   // should not be empty.  For a regular profile, the primary account id comes
  59   // from SigninManager.  For a supervised user, the id comes from
  60   // SupervisedUserService.
  61   virtual void LoadCredentials(const std::string& primary_account_id);
  62
  63   // Updates a |refresh_token| for an |account_id|. Credentials are persisted,
  64   // and available through |LoadCredentials| after service is restarted.
  65   virtual void UpdateCredentials(const std::string& account_id,
  66                                  const std::string& refresh_token);
  67
  68   // Revokes all credentials handled by the object.
  69   virtual void RevokeAllCredentials();
  70
  71   SigninClient* client() const { return client_; }
  72
  73  protected:
  74   ProfileOAuth2TokenService();
  75
  76   // OAuth2TokenService overrides.
  77   // Note: These methods are overriden so that ProfileOAuth2TokenService is a
  78   // concrete class.
  79
  80   // Simply returns NULL and should be overriden by subsclasses.
  81   net::URLRequestContextGetter* GetRequestContext() override;
  82
  83   // Updates the internal cache of the result from the most-recently-completed
  84   // auth request (used for reporting errors to the user).
  85   void UpdateAuthError(const std::string& account_id,
  86                        const GoogleServiceAuthError& error) override;
  87
  88   // Validate that the account_id argument is valid.  This method DCHECKs
  89   // when invalid.
  90   void ValidateAccountId(const std::string& account_id) const;
  91
  92   SigninErrorController* signin_error_controller() {
  93     return signin_error_controller_;
  94   }
  95
  96  private:
  97   // The client with which this instance was initialized, or NULL.
  98   SigninClient* client_;
  99
 100   // The error controller with which this instance was initialized, or NULL.
 101   SigninErrorController* signin_error_controller_;
 102
 103   DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenService);
 104 };
 105
 106 #endif  // COMPONENTS_SIGNIN_CORE_BROWSER_PROFILE_OAUTH2_TOKEN_SERVICE_H_