blob: 46415c4651a47a922622db97511d5600840f5352 [file] [log] [blame]
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef GOOGLE_APIS_GAIA_GAIA_OAUTH_CLIENT_H_
#define GOOGLE_APIS_GAIA_GAIA_OAUTH_CLIENT_H_
#include <memory>
#include <string>
#include <vector>
#include "base/macros.h"
#include "base/memory/ref_counted.h"
#include "base/values.h"
namespace network {
class SharedURLLoaderFactory;
}
// A helper class to get and refresh OAuth2 refresh and access tokens.
// Also exposes utility methods for fetching user email and token information.
//
// Supports one request at a time; for parallel requests, create multiple
// instances.
namespace gaia {
struct OAuthClientInfo {
std::string client_id;
std::string client_secret;
std::string redirect_uri;
};
class GaiaOAuthClient {
public:
class Delegate {
public:
// Invoked on a successful response to the GetTokensFromAuthCode request.
virtual void OnGetTokensResponse(const std::string& refresh_token,
const std::string& access_token,
int expires_in_seconds) {}
// Invoked on a successful response to the RefreshToken request.
virtual void OnRefreshTokenResponse(const std::string& access_token,
int expires_in_seconds) {}
// Invoked on a successful response to the GetUserInfo request.
virtual void OnGetUserEmailResponse(const std::string& user_email) {}
// Invoked on a successful response to the GetUserId request.
virtual void OnGetUserIdResponse(const std::string& user_id) {}
// Invoked on a successful response to the GetUserInfo request.
virtual void OnGetUserInfoResponse(
std::unique_ptr<base::DictionaryValue> user_info) {}
// Invoked on a successful response to the GetTokenInfo request.
virtual void OnGetTokenInfoResponse(
std::unique_ptr<base::DictionaryValue> token_info) {}
// Invoked when there is an OAuth error with one of the requests.
virtual void OnOAuthError() = 0;
// Invoked when there is a network error or upon receiving an invalid
// response. This is invoked when the maximum number of retries have been
// exhausted. If max_retries is -1, this is never invoked.
virtual void OnNetworkError(int response_code) = 0;
protected:
virtual ~Delegate() {}
};
GaiaOAuthClient(
scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory);
~GaiaOAuthClient();
// In the below methods, |max_retries| specifies the maximum number of times
// we should retry on a network error in invalid response. This does not
// apply in the case of an OAuth error (i.e. there was something wrong with
// the input arguments). Setting |max_retries| to -1 implies infinite retries.
// Given an OAuth2 authorization code, fetch the long-lived refresh token
// and a valid access token. After the access token expires, RefreshToken()
// can be used to fetch a fresh access token. See |max_retries| docs above.
void GetTokensFromAuthCode(const OAuthClientInfo& oauth_client_info,
const std::string& auth_code,
int max_retries,
Delegate* delegate);
// Given a valid refresh token (usually fetched via
// |GetTokensFromAuthCode()|), fetch a fresh access token that can be used
// to authenticate an API call. If |scopes| is non-empty, then fetch an
// access token for those specific scopes (assuming the refresh token has the
// appropriate permissions). See |max_retries| docs above.
void RefreshToken(const OAuthClientInfo& oauth_client_info,
const std::string& refresh_token,
const std::vector<std::string>& scopes,
int max_retries,
Delegate* delegate);
// Call the userinfo API, returning the user email address associated
// with the given access token. The provided access token must have
// https://www.googleapis.com/auth/userinfo.email as one of its scopes.
// See |max_retries| docs above.
void GetUserEmail(const std::string& oauth_access_token,
int max_retries,
Delegate* delegate);
// Call the userinfo API, returning the user gaia ID associated
// with the given access token. The provided access token must have
// https://www.googleapis.com/auth/userinfo as one of its scopes.
// See |max_retries| docs above.
void GetUserId(const std::string& oauth_access_token,
int max_retries,
Delegate* delegate);
// Call the userinfo API, returning all the user info associated
// with the given access token. The provided access token must have
// https://www.googleapis.com/auth/userinfo.profile in its scopes. If
// email addresses are also to be retrieved, then
// https://www.googleapis.com/auth/userinfo.email must also be specified.
// See |max_retries| docs above.
void GetUserInfo(const std::string& oauth_access_token,
int max_retries,
Delegate* delegate);
// Call the tokeninfo API, returning a dictionary of response values. The
// provided access token may have any scope, and basic results will be
// returned: issued_to, audience, scope, expires_in, access_type. In
// addition, if the https://www.googleapis.com/auth/userinfo.email scope is
// present, the email and verified_email fields will be returned. If the
// https://www.googleapis.com/auth/userinfo.profile scope is present, the
// user_id field will be returned. See |max_retries| docs above.
void GetTokenInfo(const std::string& oauth_access_token,
int max_retries,
Delegate* delegate);
// Call the tokeninfo API for given |token_handle|, returning a dictionary of
// response values. Basic results will be returned via
// |OnGetTokenInfoResponse| call: audience, expires_in, user_id. See
// |max_retries| docs above.
void GetTokenHandleInfo(const std::string& token_handle,
int max_retries,
Delegate* delegate);
private:
// The guts of the implementation live in this class.
class Core;
scoped_refptr<Core> core_;
DISALLOW_COPY_AND_ASSIGN(GaiaOAuthClient);
};
}
#endif // GOOGLE_APIS_GAIA_GAIA_OAUTH_CLIENT_H_