chrome/browser/signin/oauth2_token_service_delegate_android.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_DELEGATE_ANDROID_H_
   6 #define CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_DELEGATE_ANDROID_H_
   7
   8 #include <jni.h>
   9 #include <map>
  10 #include <string>
  11
  12 #include "base/android/jni_weak_ref.h"
  13 #include "base/android/scoped_java_ref.h"
  14 #include "base/callback.h"
  15 #include "base/memory/scoped_ptr.h"
  16 #include "base/time/time.h"
  17 #include "components/signin/core/browser/account_tracker_service.h"
  18 #include "components/signin/core/browser/profile_oauth2_token_service.h"
  19 #include "google_apis/gaia/google_service_auth_error.h"
  20 #include "google_apis/gaia/oauth2_token_service_delegate.h"
  21
  22 // A specialization of OAuth2TokenServiceDelegate that will be returned by
  23 // OAuth2TokenServiceDelegateFactory for OS_ANDROID.  This instance uses
  24 // native Android features to lookup OAuth2 tokens.
  25 //
  26 // See |OAuth2TokenServiceDelegate| for usage details.
  27 //
  28 // Note: requests should be started from the UI thread. To start a
  29 // request from other thread, please use OAuth2TokenServiceRequest.
  30 class OAuth2TokenServiceDelegateAndroid : public OAuth2TokenServiceDelegate {
  31  public:
  32   // Registers the OAuth2TokenServiceDelegateAndroid's native methods through
  33   // JNI.
  34   static bool Register(JNIEnv* env);
  35
  36   // Creates a new instance of the OAuth2TokenServiceDelegateAndroid.
  37   static OAuth2TokenServiceDelegateAndroid* Create();
  38
  39   // Returns a reference to the Java instance of this service.
  40   static base::android::ScopedJavaLocalRef<jobject>
  41   GetForProfile(JNIEnv* env, jclass clazz, jobject j_profile_android);
  42
  43   // Called by the TestingProfile class to disable account validation in
  44   // tests.  This prevents the token service from trying to look up system
  45   // accounts which requires special permission.
  46   static void set_is_testing_profile() { is_testing_profile_ = true; }
  47
  48   // OAuth2TokenServiceDelegate overrides:
  49   bool RefreshTokenIsAvailable(const std::string& account_id) const override;
  50   bool RefreshTokenHasError(const std::string& account_id) const override;
  51   void UpdateAuthError(const std::string& account_id,
  52                        const GoogleServiceAuthError& error) override;
  53   std::vector<std::string> GetAccounts() override;
  54
  55   // Lists account names at the OS level.
  56   std::vector<std::string> GetSystemAccountNames();
  57
  58   void ValidateAccounts(JNIEnv* env,
  59                         jobject obj,
  60                         jstring current_account,
  61                         jboolean force_notifications);
  62
  63   // Takes a the signed in sync account as well as all the other
  64   // android account ids and check the token status of each.  If
  65   // |force_notifications| is true, TokenAvailable notifications will
  66   // be sent anyway, even if the account was already known.
  67   void ValidateAccounts(const std::string& signed_in_account,
  68                         bool force_notifications);
  69
  70   // Triggers a notification to all observers of the OAuth2TokenService that a
  71   // refresh token is now available. This may cause observers to retry
  72   // operations that require authentication.
  73   virtual void FireRefreshTokenAvailableFromJava(JNIEnv* env,
  74                                                  jobject obj,
  75                                                  const jstring account_name);
  76   // Triggers a notification to all observers of the OAuth2TokenService that a
  77   // refresh token is now available.
  78   virtual void FireRefreshTokenRevokedFromJava(JNIEnv* env,
  79                                                jobject obj,
  80                                                const jstring account_name);
  81   // Triggers a notification to all observers of the OAuth2TokenService that all
  82   // refresh tokens have now been loaded.
  83   virtual void FireRefreshTokensLoadedFromJava(JNIEnv* env, jobject obj);
  84
  85   // Overridden from OAuth2TokenService to complete signout of all
  86   // OA2TService aware accounts.
  87   void RevokeAllCredentials() override;
  88
  89   void LoadCredentials(const std::string& primary_account_id) override;
  90
  91  protected:
  92   friend class ProfileOAuth2TokenServiceFactory;
  93   OAuth2TokenServiceDelegateAndroid(
  94       AccountTrackerService* account_tracker_service);
  95   ~OAuth2TokenServiceDelegateAndroid() override;
  96
  97   OAuth2AccessTokenFetcher* CreateAccessTokenFetcher(
  98       const std::string& account_id,
  99       net::URLRequestContextGetter* getter,
 100       OAuth2AccessTokenConsumer* consumer) override;
 101
 102   // Overridden from OAuth2TokenService to intercept token fetch requests and
 103   // redirect them to the Account Manager.
 104   void InvalidateAccessToken(const std::string& account_id,
 105                              const std::string& client_id,
 106                              const OAuth2TokenService::ScopeSet& scopes,
 107                              const std::string& access_token) override;
 108
 109   // Called to notify observers when a refresh token is available.
 110   void FireRefreshTokenAvailable(const std::string& account_id) override;
 111   // Called to notify observers when a refresh token has been revoked.
 112   void FireRefreshTokenRevoked(const std::string& account_id) override;
 113   // Called to notify observers when refresh tokans have been loaded.
 114   void FireRefreshTokensLoaded() override;
 115
 116  private:
 117   std::string MapAccountIdToAccountName(const std::string& account_id) const;
 118   std::string MapAccountNameToAccountId(const std::string& account_name) const;
 119
 120   struct ErrorInfo {
 121     ErrorInfo();
 122     explicit ErrorInfo(const GoogleServiceAuthError& error);
 123     GoogleServiceAuthError error;
 124   };
 125
 126   enum RefreshTokenLoadStatus {
 127     RT_LOAD_NOT_START,
 128     RT_WAIT_FOR_VALIDATION,
 129     RT_HAS_BEEN_VALIDATED,
 130     RT_LOADED
 131   };
 132
 133   // Return whether |signed_in_account| is valid and we have access
 134   // to all the tokens in |curr_account_ids|. If |force_notifications| is true,
 135   // TokenAvailable notifications will be sent anyway, even if the account was
 136   // already known.
 137   bool ValidateAccounts(const std::string& signed_in_account,
 138                         const std::vector<std::string>& prev_account_ids,
 139                         const std::vector<std::string>& curr_account_ids,
 140                         std::vector<std::string>& refreshed_ids,
 141                         std::vector<std::string>& revoked_ids,
 142                         bool force_notifications);
 143
 144   base::android::ScopedJavaGlobalRef<jobject> java_ref_;
 145
 146   // Maps account_id to the last error for that account.
 147   std::map<std::string, ErrorInfo> errors_;
 148
 149   AccountTrackerService* account_tracker_service_;
 150   RefreshTokenLoadStatus fire_refresh_token_loaded_;
 151
 152   static bool is_testing_profile_;
 153
 154   DISALLOW_COPY_AND_ASSIGN(OAuth2TokenServiceDelegateAndroid);
 155 };
 156
 157 #endif  // CHROME_BROWSER_SIGNIN_OAUTH2_TOKEN_SERVICE_DELEGATE_ANDROID_H_