Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / signin / mutable_profile_oauth2_token_service_delegate.h
blob7bc84c0f64a45f39d05d5f93e087b5e2f5f7247a
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_SIGNIN_MUTABLE_PROFILE_OAUTH2_TOKEN_SERVICE_DELEGATE_H_
6 #define CHROME_BROWSER_SIGNIN_MUTABLE_PROFILE_OAUTH2_TOKEN_SERVICE_DELEGATE_H_
8 #include "base/memory/scoped_vector.h"
9 #include "base/threading/thread_checker.h"
10 #include "components/signin/core/browser/account_tracker_service.h"
11 #include "components/signin/core/browser/profile_oauth2_token_service.h"
12 #include "components/signin/core/browser/signin_error_controller.h"
13 #include "components/webdata/common/web_data_service_base.h"
14 #include "components/webdata/common/web_data_service_consumer.h"
15 #include "net/base/backoff_entry.h"
17 class MutableProfileOAuth2TokenServiceDelegate
18 : public OAuth2TokenServiceDelegate,
19 public WebDataServiceConsumer {
20 public:
21 MutableProfileOAuth2TokenServiceDelegate(
22 SigninClient* client,
23 SigninErrorController* signin_error_controller,
24 AccountTrackerService* account_tracker_service);
25 ~MutableProfileOAuth2TokenServiceDelegate() override;
27 // OAuth2TokenServiceDelegate overrides.
28 OAuth2AccessTokenFetcher* CreateAccessTokenFetcher(
29 const std::string& account_id,
30 net::URLRequestContextGetter* getter,
31 OAuth2AccessTokenConsumer* consumer) override;
33 // Updates the internal cache of the result from the most-recently-completed
34 // auth request (used for reporting errors to the user).
35 void UpdateAuthError(const std::string& account_id,
36 const GoogleServiceAuthError& error) override;
38 bool RefreshTokenIsAvailable(const std::string& account_id) const override;
39 bool RefreshTokenHasError(const std::string& account_id) const override;
40 std::vector<std::string> GetAccounts() override;
41 net::URLRequestContextGetter* GetRequestContext() const override;
43 void LoadCredentials(const std::string& primary_account_id) override;
44 void UpdateCredentials(const std::string& account_id,
45 const std::string& refresh_token) override;
46 void RevokeAllCredentials() override;
48 // Revokes credentials related to |account_id|.
49 void RevokeCredentials(const std::string& account_id) override;
51 // Overridden from OAuth2TokenServiceDelegate.
52 void Shutdown() override;
54 private:
55 friend class MutableProfileOAuth2TokenServiceDelegateTest;
57 class RevokeServerRefreshToken;
59 class AccountStatus : public SigninErrorController::AuthStatusProvider {
60 public:
61 AccountStatus(SigninErrorController* signin_error_controller,
62 const std::string& account_id,
63 const std::string& refresh_token);
64 ~AccountStatus() override;
66 const std::string& refresh_token() const { return refresh_token_; }
67 void set_refresh_token(const std::string& token) { refresh_token_ = token; }
69 void SetLastAuthError(const GoogleServiceAuthError& error);
71 // SigninErrorController::AuthStatusProvider implementation.
72 std::string GetAccountId() const override;
73 GoogleServiceAuthError GetAuthStatus() const override;
75 private:
76 SigninErrorController* signin_error_controller_;
77 std::string account_id_;
78 std::string refresh_token_;
79 GoogleServiceAuthError last_auth_error_;
81 DISALLOW_COPY_AND_ASSIGN(AccountStatus);
84 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
85 PersistenceDBUpgrade);
86 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
87 FetchPersistentError);
88 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
89 PersistenceLoadCredentials);
90 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
91 GetAccounts);
92 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
93 RetryBackoff);
94 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
95 CanonicalizeAccountId);
96 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
97 CanonAndNonCanonAccountId);
98 FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceDelegateTest,
99 ShutdownService);
101 // WebDataServiceConsumer implementation:
102 void OnWebDataServiceRequestDone(WebDataServiceBase::Handle handle,
103 const WDTypedResult* result) override;
105 // Loads credentials into in memory stucture.
106 void LoadAllCredentialsIntoMemory(
107 const std::map<std::string, std::string>& db_tokens);
109 // Persists credentials for |account_id|. Enables overriding for
110 // testing purposes, or other cases, when accessing the DB is not desired.
111 void PersistCredentials(const std::string& account_id,
112 const std::string& refresh_token);
114 // Clears credentials persisted for |account_id|. Enables overriding for
115 // testing purposes, or other cases, when accessing the DB is not desired.
116 void ClearPersistedCredentials(const std::string& account_id);
118 // Revokes the refresh token on the server.
119 void RevokeCredentialsOnServer(const std::string& refresh_token);
121 // Cancels any outstanding fetch for tokens from the web database.
122 void CancelWebTokenFetch();
124 std::string GetRefreshToken(const std::string& account_id) const;
126 // Maps the |account_id| of accounts known to ProfileOAuth2TokenService
127 // to information about the account.
128 typedef std::map<std::string, linked_ptr<AccountStatus>> AccountStatusMap;
129 // In memory refresh token store mapping account_id to refresh_token.
130 AccountStatusMap refresh_tokens_;
132 // Handle to the request reading tokens from database.
133 WebDataServiceBase::Handle web_data_service_request_;
135 // The primary account id of this service's profile during the loading of
136 // credentials. This member is empty otherwise.
137 std::string loading_primary_account_id_;
139 ScopedVector<RevokeServerRefreshToken> server_revokes_;
141 // Used to verify that certain methods are called only on the thread on which
142 // this instance was created.
143 base::ThreadChecker thread_checker_;
145 // Used to rate-limit network token requests so as to not overload the server.
146 net::BackoffEntry::Policy backoff_policy_;
147 net::BackoffEntry backoff_entry_;
148 GoogleServiceAuthError backoff_error_;
150 SigninClient* client_;
151 SigninErrorController* signin_error_controller_;
152 AccountTrackerService* account_tracker_service_;
154 DISALLOW_COPY_AND_ASSIGN(MutableProfileOAuth2TokenServiceDelegate);
157 #endif // CHROME_BROWSER_SIGNIN_MUTABLE_PROFILE_OAUTH2_TOKEN_SERVICE_DELEGATE_H_