blob: 361d01e9752a59f152b77af6ce62be7c80ba94b8 [file] [log] [blame]
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef REMOTING_BASE_OAUTH_TOKEN_GETTER_H_
#define REMOTING_BASE_OAUTH_TOKEN_GETTER_H_
#include <string>
#include "base/callback.h"
#include "base/macros.h"
namespace remoting {
// OAuthTokenGetter caches OAuth access tokens and refreshes them as needed.
class OAuthTokenGetter {
public:
// Status of the refresh token attempt.
enum Status {
// Success, credentials in user_email/access_token.
SUCCESS,
// Network failure (caller may retry).
NETWORK_ERROR,
// Authentication failure (permanent).
AUTH_ERROR,
};
typedef base::OnceCallback<void(Status status,
const std::string& user_email,
const std::string& access_token)>
TokenCallback;
typedef base::RepeatingCallback<void(const std::string& user_email,
const std::string& refresh_token)>
CredentialsUpdatedCallback;
// This structure contains information required to perform authorization
// with the authorization server.
struct OAuthAuthorizationCredentials {
// |login| is used to valdiate |refresh_token| match.
// |is_service_account| should be True if the OAuth refresh token is for a
// service account, False for a user account, to allow the correct client-ID
// to be used.
OAuthAuthorizationCredentials(const std::string& login,
const std::string& refresh_token,
bool is_service_account);
~OAuthAuthorizationCredentials();
// The user's account name (i.e. their email address).
std::string login;
// Token delegating authority to us to act as the user.
std::string refresh_token;
// Whether these credentials belong to a service account.
bool is_service_account;
};
// This structure contains information required to perform authentication
// with the authorization server.
struct OAuthIntermediateCredentials {
// |authorization_code| is a one time use code used to authenticate with
// the authorization server.
// |is_service_account| should be True if the OAuth refresh token is for a
// service account, False for a user account, to allow the correct client-ID
// to be used.
OAuthIntermediateCredentials(const std::string& authorization_code,
bool is_service_account);
~OAuthIntermediateCredentials();
// Code used to check out a access token from the authrozation service.
std::string authorization_code;
// Override uri for oauth redirect. This is used for client accounts only
// and is optionally set to override the default used for authentication.
std::string oauth_redirect_uri;
// Whether these credentials belong to a service account.
bool is_service_account;
};
OAuthTokenGetter() {}
virtual ~OAuthTokenGetter() {}
// Call |on_access_token| with an access token, or the failure status.
virtual void CallWithToken(
OAuthTokenGetter::TokenCallback on_access_token) = 0;
// Invalidates the cache, so the next CallWithToken() will get a fresh access
// token.
virtual void InvalidateCache() = 0;
DISALLOW_COPY_AND_ASSIGN(OAuthTokenGetter);
};
} // namespace remoting
#endif // REMOTING_BASE_OAUTH_TOKEN_GETTER_H_