Google Git
Sign in
chromium / chromium / src / 57d342625c / . / chrome / browser / ash / printing / oauth2
tree: cb40b2c3ce6f974ea1446bb07b757d8497952f4f [path history] [tgz]
  1. authorization_server_data.cc
  2. authorization_server_data.h
  3. authorization_server_data_unittest.cc
  4. authorization_server_session.cc
  5. authorization_server_session.h
  6. authorization_server_session_unittest.cc
  7. authorization_zone.h
  8. authorization_zone_impl.cc
  9. authorization_zone_impl.h
  10. authorization_zone_unittest.cc
  11. authorization_zones_manager.cc
  12. authorization_zones_manager.h
  13. authorization_zones_manager_factory.cc
  14. authorization_zones_manager_factory.h
  15. authorization_zones_manager_unittest.cc
  16. client_ids_database.cc
  17. client_ids_database.h
  18. client_ids_database_unittest.cc
  19. constants.h
  20. http_exchange.cc
  21. http_exchange.h
  22. http_exchange_unittest.cc
  23. ipp_endpoint_token_fetcher.cc
  24. ipp_endpoint_token_fetcher.h
  25. ipp_endpoint_token_fetcher_unittest.cc
  26. log_entry.cc
  27. log_entry.h
  28. log_entry_unittest.cc
  29. mock_authorization_zones_manager.cc
  30. mock_authorization_zones_manager.h
  31. mock_client_ids_database.cc
  32. mock_client_ids_database.h
  33. profile_auth_servers_sync_bridge.cc
  34. profile_auth_servers_sync_bridge.h
  35. profile_auth_servers_sync_bridge_unittest.cc
  36. README.md
  37. sequence_diagram.png
  38. signin_dialog.cc
  39. signin_dialog.h
  40. status_code.cc
  41. status_code.h
  42. test_authorization_server.cc
  43. test_authorization_server.h
  44. test_authorization_server_unittest.cc
chrome/browser/ash/printing/oauth2/README.md

OAuth 2 for IPP Printers

Some printers may require an access token to allow a user to use them. The access token is issued by the Authorization Server when the user successfully completes the required authorization procedure (e.g. enter credentials). Only the client side of the protocol is implemented here. See the following links for more context (internal only):

API

The API consists of the following entities:

  • class AuthorizationZonesManager
  • class AuthorizationZonesManagerFactory
  • enum StatusCode

The description of the API can be found in the corresponding header files:

The sequence diagram at the end of this document shows an example use of the API.

Internal classes

All the following classes are hidden behind the aforementioned API and should not be used directly:

  • AuthorizationServerData - implements Metadata Request and Registration Request
  • AuthorizationServerSession - implements First Token Request and Next Token Request
  • AuthorizationZone - manage all sessions with single Authorization Server
  • HttpExchange - low-level support for all OAuth 2 requests
  • IppEndpointTokenFetcher - implements Token Exchange Request
  • ProfileAuthServersSyncBridge - synchronize the list of trusted Authorization Servers with the user's profile
  • FakeAuthorizationServer - used only in unit tests.

Helper

The class PrinterAuthenticator provides a single method allowing to obtain an access token for a given printer. It uses the API from AuthorizationZonesManager and the SigninDialog UI. The class PrinterAuthenticator is described in printer_authenticator.h. The sequence diagram below shows example interactions between the instance of the class PrinterAuthenticator and the API defined in AuthorizationZonesManager.

The sequence diagram