| blob | 5c96565bb902c4d9ba92aa5279ac66d8fa9855b1 |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // Use the <code>chrome.identity</code> API to get OAuth2 access tokens.
6 namespace identity {
8 dictionary AccountInfo {
9 // A unique identifier for the account. This ID will not change
10 // for the lifetime of the account.
12 };
14 dictionary ProfileUserInfo {
15 // An email address for the user account signed into the current
16 // profile. Empty if the user is not signed in.
17 DOMString email;
19 // A unique identifier for the account. This ID will not change
20 // for the lifetime of the account. Empty if the user is not
21 // signed in.
23 };
25 dictionary TokenDetails {
26 // Fetching a token may require the user to sign-in to Chrome, or
27 // approve the application's requested scopes. If the interactive
28 // flag is <code>true</code>, <code>getAuthToken</code> will
29 // prompt the user as necessary. When the flag is
30 // <code>false</code> or omitted, <code>getAuthToken</code> will
31 // return failure any time a prompt would be required.
34 // The account ID whose token should be returned. If not
35 // specified, the primary account for the profile will be used.
36 //
37 // <code>account</code> is only supported when the
38 // "enable-new-profile-management" flag is set.
39 AccountInfo? account;
41 // A list of OAuth2 scopes to request.
42 //
43 // When the <code>scopes</code> field is present, it overrides the
44 // list of scopes specified in manifest.json.
46 };
48 dictionary InvalidTokenDetails {
49 // The specific token that should be removed from the cache.
50 DOMString token;
51 };
53 dictionary WebAuthFlowDetails {
54 // The URL that initiates the auth flow.
55 DOMString url;
57 // Whether to launch auth flow in interactive mode.
58 //
59 // Since some auth flows may immediately redirect to a result URL,
60 // <code>launchWebAuthFlow</code> hides its web view until the
61 // first navigation either redirects to the final URL, or finishes
62 // loading a page meant to be displayed.
63 //
64 // If the interactive flag is <code>true</code>, the window will
65 // be displayed when a page load completes. If the flag is
66 // <code>false</code> or omitted, <code>launchWebAuthFlow</code>
67 // will return with an error if the initial navigation does not
68 // complete the flow.
70 };
79 // Retrieves a list of AccountInfo objects describing the accounts
80 // present on the profile.
81 //
82 // <code>getAccounts</code> is only supported on dev channel.
85 // Gets an OAuth2 access token using the client ID and scopes
86 // specified in the <a
87 // href="app_identity.html#update_manifest"><code>oauth2</code>
88 // section of manifest.json</a>.
89 //
90 // The Identity API caches access tokens in memory, so it's ok to
91 // call <code>getAuthToken</code> non-interactively any time a token is
92 // required. The token cache automatically handles expiration.
93 //
94 // For a good user experience it is important interactive token requests are
95 // initiated by UI in your app explaining what the authorization is for.
96 // Failing to do this will cause your users to get authorization requests,
97 // or Chrome sign in screens if they are not signed in, with with no
98 // context. In particular, do not use <code>getAuthToken</code>
99 // interactively when your app is first launched.
100 //
101 // |details| : Token options.
102 // |callback| : Called with an OAuth2 access token as specified by the
103 // manifest, or undefined if there was an error.
107 // Retrieves email address and obfuscated gaia id of the user
108 // signed into a profile.
109 //
110 // This API is different from identity.getAccounts in two
111 // ways. The information returned is available offline, and it
112 // only applies to the primary account for the profile.
115 // Removes an OAuth2 access token from the Identity API's token cache.
116 //
117 // If an access token is discovered to be invalid, it should be
118 // passed to removeCachedAuthToken to remove it from the
119 // cache. The app may then retrieve a fresh token with
120 // <code>getAuthToken</code>.
121 //
122 // |details| : Token information.
123 // |callback| : Called when the token has been removed from the cache.
127 // Starts an auth flow at the specified URL.
128 //
129 // This method enables auth flows with non-Google identity
130 // providers by launching a web view and navigating it to the
131 // first URL in the provider's auth flow. When the provider
132 // redirects to a URL matching the pattern
133 // <code>https://<app-id>.chromiumapp.org/*</code>, the
134 // window will close, and the final redirect URL will be passed to
135 // the <var>callback</var> function.
136 //
137 // For a good user experience it is important interactive auth flows are
138 // initiated by UI in your app explaining what the authorization is for.
139 // Failing to do this will cause your users to get authorization requests
140 // with no context. In particular, do not launch an interactive auth flow
141 // when your app is first launched.
142 //
143 // |details| : WebAuth flow options.
144 // |callback| : Called with the URL redirected back to your application.
148 // Generates a redirect URL to be used in |launchWebAuthFlow|.
149 //
150 // The generated URLs match the pattern
151 // <code>https://<app-id>.chromiumapp.org/*</code>.
152 //
153 // |path| : The path appended to the end of the generated URL.
155 };
158 // Fired when signin state changes for an account on the user's profile.
160 };
161 };