| blob | 4a9838f54e58add413115d9a05b2849420872591 |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef GOOGLE_APIS_GAIA_GAIA_AUTH_FETCHER_H_
6 #define GOOGLE_APIS_GAIA_GAIA_AUTH_FETCHER_H_
8 #include <string>
9 #include <vector>
18 // Authenticate a user against the Google Accounts ClientLogin API
19 // with various capabilities and return results to a GaiaAuthConsumer.
20 //
21 // In the future, we will also issue auth tokens from this class.
22 // This class should be used on a single thread, but it can be whichever thread
23 // that you like.
24 //
25 // This class can handle one request at a time on any thread. To parallelize
26 // requests, create multiple GaiaAuthFetcher's.
34 }
39 HostedAccountsAllowed,
40 HostedAccountsNotAllowed
41 };
43 // Magic string indicating that, while a second factor is still
44 // needed to complete authentication, the user provided the right password.
47 // Magic string indicating that though the user does not have Less Secure
48 // Apps enabled, the user provided the right password.
51 // This will later be hidden behind an auth service which caches
52 // tokens.
58 // Start a request to obtain the SID and LSID cookies for the the account
59 // identified by |username| and |password|. If |service| is not null or
60 // empty, then also obtains a service token for specified service.
61 //
62 // If this is a second call because of captcha challenge, then the
63 // |login_token| and |login_captcha| arugment should correspond to the
64 // solution of the challenge.
65 //
66 // Either OnClientLoginSuccess or OnClientLoginFailure will be
67 // called on the consumer on the original thread.
73 HostedAccountsSetting allow_hosted_accounts);
75 // Start a request to obtain service token for the the account identified by
76 // |sid| and |lsid| and the |service|.
77 //
78 // Either OnIssueAuthTokenSuccess or OnIssueAuthTokenFailure will be
79 // called on the consumer on the original thread.
84 // Start a request to obtain |service| token for the the account identified by
85 // |uber_token|.
86 //
87 // Either OnIssueAuthTokenSuccess or OnIssueAuthTokenFailure will be
88 // called on the consumer on the original thread.
92 // Start a request to obtain service token for the the account identified by
93 // |oauth2_access_token| and the |service|.
94 //
95 // Either OnIssueAuthTokenSuccess or OnIssueAuthTokenFailure will be
96 // called on the consumer on the original thread.
100 // Start a request to revoke |auth_token|.
101 //
102 // OnOAuth2RevokeTokenCompleted will be called on the consumer on the original
103 // thread.
106 // Start a request to exchange the cookies of a signed-in user session
107 // for an OAuthLogin-scoped oauth2 token. In the case of a session with
108 // multiple accounts signed in, |session_index| indicate the which of accounts
109 // within the session.
110 //
111 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
112 // called on the consumer on the original thread.
115 // Start a request to exchange the cookies of a signed-in user session
116 // for an OAuthLogin-scoped oauth2 token. In the case of a session with
117 // multiple accounts signed in, |session_index| indicate the which of accounts
118 // within the session.
119 // Resulting refresh token is annotated on the server with |device_id|. Format
120 // of device_id on the server is at most 64 unicode characters.
121 //
122 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
123 // called on the consumer on the original thread.
128 // Start a request to exchange the authorization code for an OAuthLogin-scoped
129 // oauth2 token.
130 //
131 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
132 // called on the consumer on the original thread.
135 // Start a request to exchange the authorization code for an OAuthLogin-scoped
136 // oauth2 token.
137 // Resulting refresh token is annotated on the server with |device_id|. Format
138 // of device_id on the server is at most 64 unicode characters.
139 //
140 // Either OnClientOAuthSuccess or OnClientOAuthFailure will be
141 // called on the consumer on the original thread.
146 // Start a request to get user info for the account identified by |lsid|.
147 //
148 // Either OnGetUserInfoSuccess or OnGetUserInfoFailure will be
149 // called on the consumer on the original thread.
152 // Start a MergeSession request to pre-login the user with the given
153 // credentials.
154 //
155 // Start a MergeSession request to fill the browsing cookie jar with
156 // credentials represented by the account whose uber-auth token is
157 // |uber_token|. This method will modify the cookies of the current profile.
158 //
159 // The |external_cc_result| string can specify the result of connetion checks
160 // for various google properties, and MergeSession will set cookies on those
161 // properties too if appropriate. See StartGetCheckConnectionInfo() for
162 // details. The string is a comma separated list of token/result pairs, where
163 // token and result are separated by a colon. This string may be empty, in
164 // which case no specific handling is performed.
165 //
166 // Either OnMergeSessionSuccess or OnMergeSessionFailure will be
167 // called on the consumer on the original thread.
171 // Start a request to exchange an OAuthLogin-scoped oauth2 access token for an
172 // uber-auth token. The returned token can be used with the method
173 // StartMergeSession().
174 //
175 // Either OnUberAuthTokenSuccess or OnUberAuthTokenFailure will be
176 // called on the consumer on the original thread.
179 // Start a request to exchange an OAuthLogin-scoped oauth2 access token for a
180 // ClientLogin-style service tokens. The response to this request is the
181 // same as the response to a ClientLogin request, except that captcha
182 // challenges are never issued.
183 //
184 // Either OnClientLoginSuccess or OnClientLoginFailure will be
185 // called on the consumer on the original thread. If |service| is empty,
186 // the call will attempt to fetch uber auth token.
190 // Starts a request to list the accounts in the GAIA cookie.
193 // Starts a request to log out the accounts in the GAIA cookie.
196 // Starts a request to get the list of URLs to check for connection info.
197 // Returns token/URL pairs to check, and the resulting status can be given to
198 // /MergeSession requests.
201 // Starts listing any sessions that exist for the IDP. If all requested scopes
202 // have been approved by the session user, then a login hint is included in
203 // the response.
207 // Generates an access token for the session, specifying the scopes and
208 // |login_hint|.
213 // Implementation of net::URLFetcherDelegate
216 // StartClientLogin been called && results not back yet?
219 // Stop any URL fetches in progress.
222 // From a URLFetcher result, generate an appropriate error.
223 // From the API documentation, both IssueAuthToken and ClientLogin have
224 // the same error returns.
230 // Create and start |fetcher_|, used to make all Gaia request. |body| is
231 // used as the body of the POST request sent to GAIA. Any strings listed in
232 // |headers| are added as extra HTTP headers in the request.
233 //
234 // |load_flags| are passed to directly to net::URLFetcher::Create() when
235 // creating the URL fetcher.
236 //
237 // HasPendingFetch() should return false before calling this method, and will
238 // return true afterwards.
244 // Dispatch the results of a request.
254 // ClientLogin body constants that don't change
259 // The format of the POST body for ClientLogin.
261 // The format of said POST body when CAPTCHA token & answer are specified.
263 // The format of the POST body for IssueAuthToken.
265 // The format of the query string to get OAuth2 auth code from auth token.
267 // The format of the POST body to get OAuth2 token pair from auth code.
269 // Additional param for the POST body to get OAuth2 token pair from auth code.
271 // The format of the POST body to revoke an OAuth2 token.
273 // The format of the POST body for GetUserInfo.
275 // The format of the POST body for MergeSession.
277 // The format of the URL for UberAuthToken.
279 // The format of the body for OAuthLogin.
282 // Constants for parsing ClientLogin errors.
298 // Constants for parsing ClientOAuth errors.
303 // Constants for request/response for OAuth2 requests.
313 // Process the results of a ClientLogin fetch.
371 // Tokenize the results of a ClientLogin fetch.
383 // Parse ClientLogin to OAuth2 response.
394 // Is this a special case Gaia error for TwoFactor auth?
397 // Is this a special case Gaia error for Less Secure Apps?
400 // Given parameters, create a ClientLogin request body.
408 HostedAccountsSetting allow_hosted_accounts);
409 // Supply the sid / lsid returned from ClientLogin in order to
410 // request a long lived auth token for a service.
414 // Given auth code and device ID (optional), create body to get OAuth2 token
415 // pair.
418 // Given an OAuth2 token, create body to revoke the token.
420 // Supply the lsid returned from ClientLogin in order to fetch
421 // user information.
424 // Supply the authentication token returned from StartIssueAuthToken.
442 // From a URLFetcher result, generate an appropriate error.
443 // From the API documentation, both IssueAuthToken and ClientLogin have
444 // the same error returns.
449 // These fields are common to GaiaAuthFetcher, same every request.
466 // While a fetch is going on:
468 GURL client_login_to_oauth2_gurl_;
484 ParseClientLoginToOAuth2Response);
492 };