Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / chromeos / settings / device_oauth2_token_service.h
blobb763daf12d483305853f6e8297a90e6ea9df2e44
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_OAUTH2_TOKEN_SERVICE_H_
6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_OAUTH2_TOKEN_SERVICE_H_
8 #include <string>
9 #include <vector>
11 #include "base/callback.h"
12 #include "chrome/browser/chromeos/settings/device_oauth2_token_service_delegate.h"
13 #include "google_apis/gaia/oauth2_token_service.h"
14 #include "net/url_request/url_request_context_getter.h"
16 namespace net {
17 class URLRequestContextGetter;
20 class PrefRegistrySimple;
22 namespace chromeos {
24 // DeviceOAuth2TokenService retrieves OAuth2 access tokens for a given
25 // set of scopes using the device-level OAuth2 any-api refresh token
26 // obtained during enterprise device enrollment.
28 // See |OAuth2TokenService| for usage details.
30 // When using DeviceOAuth2TokenService, a value of |GetRobotAccountId| should
31 // be used in places where API expects |account_id|.
33 // Note that requests must be made from the UI thread.
34 class DeviceOAuth2TokenService
35 : public OAuth2TokenService,
36 public DeviceOAuth2TokenServiceDelegate::ValidationStatusDelegate {
37 public:
38 typedef base::Callback<void(bool)> StatusCallback;
40 // Persist the given refresh token on the device. Overwrites any previous
41 // value. Should only be called during initial device setup. Signals
42 // completion via the given callback, passing true if the operation succeeded.
43 void SetAndSaveRefreshToken(const std::string& refresh_token,
44 const StatusCallback& callback);
46 static void RegisterPrefs(PrefRegistrySimple* registry);
48 // Pull the robot account ID from device policy.
49 virtual std::string GetRobotAccountId() const;
51 protected:
52 // Implementation of OAuth2TokenService.
53 void FetchOAuth2Token(RequestImpl* request,
54 const std::string& account_id,
55 net::URLRequestContextGetter* getter,
56 const std::string& client_id,
57 const std::string& client_secret,
58 const ScopeSet& scopes) override;
59 private:
60 friend class DeviceOAuth2TokenServiceFactory;
61 friend class DeviceOAuth2TokenServiceTest;
62 struct PendingRequest;
64 // Implementation of
65 // DeviceOAuth2TokenServiceDelegate::ValidationStatusDelegate.
66 void OnValidationCompleted(GoogleServiceAuthError::State error) override;
68 // Use DeviceOAuth2TokenServiceFactory to get an instance of this class.
69 // Ownership of |token_encryptor| will be taken.
70 explicit DeviceOAuth2TokenService(DeviceOAuth2TokenServiceDelegate* delegate);
71 ~DeviceOAuth2TokenService() override;
73 // Flushes |pending_requests_|, indicating the specified result.
74 void FlushPendingRequests(bool token_is_valid,
75 GoogleServiceAuthError::State error);
77 // Signals failure on the specified request, passing |error| as the reason.
78 void FailRequest(RequestImpl* request, GoogleServiceAuthError::State error);
80 // Currently open requests that are waiting while loading the system salt or
81 // validating the token.
82 std::vector<PendingRequest*> pending_requests_;
84 DeviceOAuth2TokenServiceDelegate* delegate_;
86 DISALLOW_COPY_AND_ASSIGN(DeviceOAuth2TokenService);
89 } // namespace chromeos
91 #endif // CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_OAUTH2_TOKEN_SERVICE_H_