blob: 9c8f1f21b6dd5ef9b01352c5a793adafcc39d063 [file] [log] [blame]
// Copyright 2019 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chromeos/components/drivefs/drivefs_auth.h"
#include "base/bind.h"
#include "components/account_id/account_id.h"
#include "components/signin/public/identity_manager/access_token_info.h"
#include "components/signin/public/identity_manager/consent_level.h"
#include "components/signin/public/identity_manager/identity_manager.h"
#include "components/signin/public/identity_manager/primary_account_access_token_fetcher.h"
#include "google_apis/gaia/google_service_auth_error.h"
#include "services/network/public/cpp/shared_url_loader_factory.h"
namespace drivefs {
namespace {
constexpr char kIdentityConsumerId[] = "drivefs";
} // namespace
DriveFsAuth::DriveFsAuth(const base::Clock* clock,
const base::FilePath& profile_path,
std::unique_ptr<base::OneShotTimer> timer,
Delegate* delegate)
: clock_(clock),
profile_path_(profile_path),
timer_(std::move(timer)),
delegate_(delegate) {}
DriveFsAuth::~DriveFsAuth() = default;
base::Optional<std::string> DriveFsAuth::GetCachedAccessToken() {
const auto& token = GetOrResetCachedToken(true);
if (token.empty()) {
return base::nullopt;
}
return token;
}
void DriveFsAuth::GetAccessToken(
bool use_cached,
mojom::DriveFsDelegate::GetAccessTokenCallback callback) {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
if (get_access_token_callback_) {
std::move(callback).Run(mojom::AccessTokenStatus::kTransientError, "");
return;
}
const std::string& token = GetOrResetCachedToken(use_cached);
if (!token.empty()) {
std::move(callback).Run(mojom::AccessTokenStatus::kSuccess, token);
return;
}
signin::IdentityManager* identity_manager = delegate_->GetIdentityManager();
if (!identity_manager) {
std::move(callback).Run(mojom::AccessTokenStatus::kAuthError, "");
return;
}
get_access_token_callback_ = std::move(callback);
// Timer is cancelled when it is destroyed, so use base::Unretained().
timer_->Start(
FROM_HERE, base::TimeDelta::FromSeconds(30),
base::BindOnce(&DriveFsAuth::AuthTimeout, base::Unretained(this)));
std::set<std::string> scopes({"https://www.googleapis.com/auth/drive"});
access_token_fetcher_ =
std::make_unique<signin::PrimaryAccountAccessTokenFetcher>(
kIdentityConsumerId, identity_manager, scopes,
base::BindOnce(&DriveFsAuth::GotChromeAccessToken,
base::Unretained(this)),
signin::PrimaryAccountAccessTokenFetcher::Mode::kWaitUntilAvailable,
signin::ConsentLevel::kNotRequired);
}
void DriveFsAuth::GotChromeAccessToken(
GoogleServiceAuthError error,
signin::AccessTokenInfo access_token_info) {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
timer_->Stop();
if (error.state() != GoogleServiceAuthError::NONE) {
std::move(get_access_token_callback_)
.Run(error.IsPersistentError()
? mojom::AccessTokenStatus::kAuthError
: mojom::AccessTokenStatus::kTransientError,
"");
return;
}
UpdateCachedToken(access_token_info.token, access_token_info.expiration_time);
std::move(get_access_token_callback_)
.Run(mojom::AccessTokenStatus::kSuccess, access_token_info.token);
}
const std::string& DriveFsAuth::GetOrResetCachedToken(bool use_cached) {
if (!use_cached || clock_->Now() >= last_token_expiry_) {
last_token_.clear();
}
return last_token_;
}
void DriveFsAuth::UpdateCachedToken(const std::string& token,
base::Time expiry) {
last_token_ = token;
last_token_expiry_ = expiry;
}
void DriveFsAuth::AuthTimeout() {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
access_token_fetcher_.reset();
std::move(get_access_token_callback_)
.Run(mojom::AccessTokenStatus::kAuthError, "");
}
} // namespace drivefs