Supervised user import: Listen for profile creation/deletion
[chromium-blink-merge.git] / google_apis / gaia / oauth2_mint_token_flow.cc
blob99562b0499a932b595064e5ce000156f2b573a45
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "google_apis/gaia/oauth2_mint_token_flow.h"
7 #include <string>
8 #include <vector>
10 #include "base/basictypes.h"
11 #include "base/bind.h"
12 #include "base/command_line.h"
13 #include "base/json/json_reader.h"
14 #include "base/message_loop/message_loop.h"
15 #include "base/strings/string_number_conversions.h"
16 #include "base/strings/string_util.h"
17 #include "base/strings/stringprintf.h"
18 #include "base/strings/utf_string_conversions.h"
19 #include "base/values.h"
20 #include "google_apis/gaia/gaia_urls.h"
21 #include "google_apis/gaia/google_service_auth_error.h"
22 #include "net/base/escape.h"
23 #include "net/url_request/url_fetcher.h"
24 #include "net/url_request/url_request_context_getter.h"
25 #include "net/url_request/url_request_status.h"
27 using net::URLFetcher;
28 using net::URLRequestContextGetter;
29 using net::URLRequestStatus;
31 namespace {
33 const char kForceValueFalse[] = "false";
34 const char kForceValueTrue[] = "true";
35 const char kResponseTypeValueNone[] = "none";
36 const char kResponseTypeValueToken[] = "token";
38 const char kOAuth2IssueTokenBodyFormat[] =
39 "force=%s"
40 "&response_type=%s"
41 "&scope=%s"
42 "&client_id=%s"
43 "&origin=%s";
44 const char kOAuth2IssueTokenBodyFormatDeviceIdAddendum[] =
45 "&device_id=%s&device_type=chrome";
46 const char kIssueAdviceKey[] = "issueAdvice";
47 const char kIssueAdviceValueConsent[] = "consent";
48 const char kAccessTokenKey[] = "token";
49 const char kConsentKey[] = "consent";
50 const char kExpiresInKey[] = "expiresIn";
51 const char kScopesKey[] = "scopes";
52 const char kDescriptionKey[] = "description";
53 const char kDetailKey[] = "detail";
54 const char kDetailSeparators[] = "\n";
55 const char kError[] = "error";
56 const char kMessage[] = "message";
58 static GoogleServiceAuthError CreateAuthError(const net::URLFetcher* source) {
59 URLRequestStatus status = source->GetStatus();
60 if (status.status() == URLRequestStatus::CANCELED) {
61 return GoogleServiceAuthError(GoogleServiceAuthError::REQUEST_CANCELED);
63 if (status.status() == URLRequestStatus::FAILED) {
64 DLOG(WARNING) << "Server returned error: errno " << status.error();
65 return GoogleServiceAuthError::FromConnectionError(status.error());
68 std::string response_body;
69 source->GetResponseAsString(&response_body);
70 scoped_ptr<base::Value> value(base::JSONReader::Read(response_body));
71 base::DictionaryValue* response;
72 if (!value.get() || !value->GetAsDictionary(&response)) {
73 return GoogleServiceAuthError::FromUnexpectedServiceResponse(
74 base::StringPrintf(
75 "Not able to parse a JSON object from a service response. "
76 "HTTP Status of the response is: %d", source->GetResponseCode()));
78 base::DictionaryValue* error;
79 if (!response->GetDictionary(kError, &error)) {
80 return GoogleServiceAuthError::FromUnexpectedServiceResponse(
81 "Not able to find a detailed error in a service response.");
83 std::string message;
84 if (!error->GetString(kMessage, &message)) {
85 return GoogleServiceAuthError::FromUnexpectedServiceResponse(
86 "Not able to find an error message within a service error.");
88 return GoogleServiceAuthError::FromServiceError(message);
91 } // namespace
93 IssueAdviceInfoEntry::IssueAdviceInfoEntry() {}
94 IssueAdviceInfoEntry::~IssueAdviceInfoEntry() {}
96 bool IssueAdviceInfoEntry::operator ==(const IssueAdviceInfoEntry& rhs) const {
97 return description == rhs.description && details == rhs.details;
100 OAuth2MintTokenFlow::Parameters::Parameters() : mode(MODE_ISSUE_ADVICE) {}
102 OAuth2MintTokenFlow::Parameters::Parameters(
103 const std::string& eid,
104 const std::string& cid,
105 const std::vector<std::string>& scopes_arg,
106 const std::string& device_id,
107 Mode mode_arg)
108 : extension_id(eid),
109 client_id(cid),
110 scopes(scopes_arg),
111 device_id(device_id),
112 mode(mode_arg) {
115 OAuth2MintTokenFlow::Parameters::~Parameters() {}
117 OAuth2MintTokenFlow::OAuth2MintTokenFlow(Delegate* delegate,
118 const Parameters& parameters)
119 : delegate_(delegate), parameters_(parameters), weak_factory_(this) {
122 OAuth2MintTokenFlow::~OAuth2MintTokenFlow() { }
124 void OAuth2MintTokenFlow::ReportSuccess(const std::string& access_token,
125 int time_to_live) {
126 if (delegate_)
127 delegate_->OnMintTokenSuccess(access_token, time_to_live);
129 // |this| may already be deleted.
132 void OAuth2MintTokenFlow::ReportIssueAdviceSuccess(
133 const IssueAdviceInfo& issue_advice) {
134 if (delegate_)
135 delegate_->OnIssueAdviceSuccess(issue_advice);
137 // |this| may already be deleted.
140 void OAuth2MintTokenFlow::ReportFailure(
141 const GoogleServiceAuthError& error) {
142 if (delegate_)
143 delegate_->OnMintTokenFailure(error);
145 // |this| may already be deleted.
148 GURL OAuth2MintTokenFlow::CreateApiCallUrl() {
149 return GaiaUrls::GetInstance()->oauth2_issue_token_url();
152 std::string OAuth2MintTokenFlow::CreateApiCallBody() {
153 const char* force_value =
154 (parameters_.mode == MODE_MINT_TOKEN_FORCE ||
155 parameters_.mode == MODE_RECORD_GRANT)
156 ? kForceValueTrue : kForceValueFalse;
157 const char* response_type_value =
158 (parameters_.mode == MODE_MINT_TOKEN_NO_FORCE ||
159 parameters_.mode == MODE_MINT_TOKEN_FORCE)
160 ? kResponseTypeValueToken : kResponseTypeValueNone;
161 std::string body = base::StringPrintf(
162 kOAuth2IssueTokenBodyFormat,
163 net::EscapeUrlEncodedData(force_value, true).c_str(),
164 net::EscapeUrlEncodedData(response_type_value, true).c_str(),
165 net::EscapeUrlEncodedData(
166 JoinString(parameters_.scopes, ' '), true).c_str(),
167 net::EscapeUrlEncodedData(parameters_.client_id, true).c_str(),
168 net::EscapeUrlEncodedData(parameters_.extension_id, true).c_str());
169 if (!parameters_.device_id.empty()) {
170 body.append(base::StringPrintf(
171 kOAuth2IssueTokenBodyFormatDeviceIdAddendum,
172 net::EscapeUrlEncodedData(parameters_.device_id, true).c_str()));
174 return body;
177 void OAuth2MintTokenFlow::ProcessApiCallSuccess(
178 const net::URLFetcher* source) {
179 std::string response_body;
180 source->GetResponseAsString(&response_body);
181 scoped_ptr<base::Value> value(base::JSONReader::Read(response_body));
182 base::DictionaryValue* dict = NULL;
183 if (!value.get() || !value->GetAsDictionary(&dict)) {
184 ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
185 "Not able to parse a JSON object from a service response."));
186 return;
189 std::string issue_advice_value;
190 if (!dict->GetString(kIssueAdviceKey, &issue_advice_value)) {
191 ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
192 "Not able to find an issueAdvice in a service response."));
193 return;
195 if (issue_advice_value == kIssueAdviceValueConsent) {
196 IssueAdviceInfo issue_advice;
197 if (ParseIssueAdviceResponse(dict, &issue_advice))
198 ReportIssueAdviceSuccess(issue_advice);
199 else
200 ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
201 "Not able to parse the contents of consent "
202 "from a service response."));
203 } else {
204 std::string access_token;
205 int time_to_live;
206 if (ParseMintTokenResponse(dict, &access_token, &time_to_live))
207 ReportSuccess(access_token, time_to_live);
208 else
209 ReportFailure(GoogleServiceAuthError::FromUnexpectedServiceResponse(
210 "Not able to parse the contents of access token "
211 "from a service response."));
214 // |this| may be deleted!
217 void OAuth2MintTokenFlow::ProcessApiCallFailure(
218 const net::URLFetcher* source) {
219 ReportFailure(CreateAuthError(source));
222 // static
223 bool OAuth2MintTokenFlow::ParseMintTokenResponse(
224 const base::DictionaryValue* dict, std::string* access_token,
225 int* time_to_live) {
226 CHECK(dict);
227 CHECK(access_token);
228 CHECK(time_to_live);
229 std::string ttl_string;
230 return dict->GetString(kExpiresInKey, &ttl_string) &&
231 base::StringToInt(ttl_string, time_to_live) &&
232 dict->GetString(kAccessTokenKey, access_token);
235 // static
236 bool OAuth2MintTokenFlow::ParseIssueAdviceResponse(
237 const base::DictionaryValue* dict, IssueAdviceInfo* issue_advice) {
238 CHECK(dict);
239 CHECK(issue_advice);
241 const base::DictionaryValue* consent_dict = NULL;
242 if (!dict->GetDictionary(kConsentKey, &consent_dict))
243 return false;
245 const base::ListValue* scopes_list = NULL;
246 if (!consent_dict->GetList(kScopesKey, &scopes_list))
247 return false;
249 bool success = true;
250 for (size_t index = 0; index < scopes_list->GetSize(); ++index) {
251 const base::DictionaryValue* scopes_entry = NULL;
252 IssueAdviceInfoEntry entry;
253 base::string16 detail;
254 if (!scopes_list->GetDictionary(index, &scopes_entry) ||
255 !scopes_entry->GetString(kDescriptionKey, &entry.description) ||
256 !scopes_entry->GetString(kDetailKey, &detail)) {
257 success = false;
258 break;
261 base::TrimWhitespace(entry.description, base::TRIM_ALL, &entry.description);
262 static const base::string16 detail_separators =
263 base::ASCIIToUTF16(kDetailSeparators);
264 Tokenize(detail, detail_separators, &entry.details);
265 for (size_t i = 0; i < entry.details.size(); i++)
266 base::TrimWhitespace(entry.details[i], base::TRIM_ALL, &entry.details[i]);
267 issue_advice->push_back(entry);
270 if (!success)
271 issue_advice->clear();
273 return success;