| // Copyright 2022 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "chrome/browser/ash/printing/printer_authenticator.h" |
| |
| #include <memory> |
| #include <string> |
| #include <string_view> |
| #include <utility> |
| |
| #include "base/check.h" |
| #include "base/functional/bind.h" |
| #include "chrome/browser/ash/printing/cups_printers_manager.h" |
| #include "chrome/browser/ash/printing/oauth2/authorization_zones_manager.h" |
| #include "chrome/browser/ash/printing/oauth2/log_entry.h" |
| #include "chrome/browser/ash/printing/oauth2/signin_dialog.h" |
| #include "chrome/browser/ash/printing/oauth2/status_code.h" |
| #include "chrome/browser/profiles/profile_manager.h" |
| #include "chromeos/printing/cups_printer_status.h" |
| #include "chromeos/printing/printer_configuration.h" |
| #include "chromeos/printing/uri.h" |
| #include "components/device_event_log/device_event_log.h" |
| #include "ui/views/window/dialog_delegate.h" |
| #include "url/gurl.h" |
| |
| namespace ash::printing { |
| |
| namespace { |
| |
| // Logs results to device-log and calls `callback` with parameters `status` and |
| // `data`. |
| void LogAndCall(oauth2::StatusCallback callback, |
| std::string_view method, |
| const GURL& auth_server, |
| oauth2::StatusCode status, |
| std::string data) { |
| if (status == oauth2::StatusCode::kOK) { |
| PRINTER_LOG(EVENT) << oauth2::LogEntry("", method, auth_server, status); |
| } else { |
| PRINTER_LOG(ERROR) << oauth2::LogEntry(data, method, auth_server, status); |
| } |
| std::move(callback).Run(status, std::move(data)); |
| } |
| |
| } // namespace |
| |
| PrinterAuthenticator::PrinterAuthenticator( |
| CupsPrintersManager* printers_manager, |
| oauth2::AuthorizationZonesManager* auth_manager, |
| const chromeos::Printer& printer) |
| : cups_manager_(printers_manager), |
| auth_manager_(auth_manager), |
| printer_(printer) { |
| DCHECK(printers_manager); |
| DCHECK(auth_manager); |
| } |
| |
| PrinterAuthenticator::~PrinterAuthenticator() = default; |
| |
| void PrinterAuthenticator::ObtainAccessTokenIfNeeded( |
| oauth2::StatusCallback callback) { |
| DCHECK(!callback_); |
| callback_ = std::move(callback); |
| cups_manager_->FetchPrinterStatus( |
| printer_.id(), base::BindOnce(&PrinterAuthenticator::OnGetPrinterStatus, |
| weak_factory_.GetWeakPtr())); |
| } |
| |
| void PrinterAuthenticator::SetUIResponsesForTesting( |
| oauth2::StatusCode is_trusted_dialog_response, |
| oauth2::StatusCode signin_dialog_response) { |
| is_trusted_dialog_response_for_testing_ = is_trusted_dialog_response; |
| signin_dialog_response_for_testing_ = signin_dialog_response; |
| } |
| |
| void PrinterAuthenticator::OnGetPrinterStatus( |
| const chromeos::CupsPrinterStatus& printer_status) { |
| const chromeos::PrinterAuthenticationInfo& auth_mode = |
| printer_status.GetAuthenticationInfo(); |
| if (auth_mode.oauth_server.empty()) { |
| // A printer does not require authentication. |
| std::move(callback_).Run(oauth2::StatusCode::kOK, ""); |
| return; |
| } |
| |
| oauth_server_ = GURL(auth_mode.oauth_server); |
| if (!oauth_server_.is_valid()) { |
| std::move(callback_).Run(oauth2::StatusCode::kInvalidURL, ""); |
| return; |
| } |
| oauth_scope_ = auth_mode.oauth_scope; |
| |
| auth_manager_->GetEndpointAccessToken(oauth_server_, printer_.uri(), |
| oauth_scope_, |
| OnComplete(Step::kGetAccessToken)); |
| } |
| |
| oauth2::StatusCallback PrinterAuthenticator::OnComplete(Step step) { |
| return base::BindOnce(&PrinterAuthenticator::ToNextStep, |
| weak_factory_.GetWeakPtr(), step); |
| } |
| |
| void PrinterAuthenticator::ToNextStep(PrinterAuthenticator::Step current_step, |
| oauth2::StatusCode status, |
| std::string data) { |
| switch (current_step) { |
| case Step::kGetAccessToken: |
| if (status == oauth2::StatusCode::kOK) { |
| // Success, return the endpoint access token. |
| std::move(callback_).Run(status, std::move(data)); |
| return; |
| } |
| if (status == oauth2::StatusCode::kUntrustedAuthorizationServer) { |
| ShowIsTrustedDialog(oauth_server_, |
| OnComplete(Step::kShowIsTrustedDialog)); |
| return; |
| } |
| if (status == oauth2::StatusCode::kAuthorizationNeeded) { |
| auth_manager_->InitAuthorization(oauth_server_, oauth_scope_, |
| OnComplete(Step::kInitAuthorization)); |
| return; |
| } |
| break; |
| case Step::kShowIsTrustedDialog: |
| if (status == oauth2::StatusCode::kOK) { |
| status = auth_manager_->SaveAuthorizationServerAsTrusted(oauth_server_); |
| if (status == oauth2::StatusCode::kOK) { |
| auth_manager_->GetEndpointAccessToken( |
| oauth_server_, printer_.uri(), oauth_scope_, |
| OnComplete(Step::kGetAccessToken)); |
| return; |
| } |
| } |
| break; |
| case Step::kInitAuthorization: |
| if (status == oauth2::StatusCode::kOK) { |
| ShowSigninDialog(data, OnComplete(Step::kShowSigninDialog)); |
| return; |
| } |
| if (status == oauth2::StatusCode::kUntrustedAuthorizationServer) { |
| ShowIsTrustedDialog(oauth_server_, |
| OnComplete(Step::kShowIsTrustedDialog)); |
| return; |
| } |
| break; |
| case Step::kShowSigninDialog: |
| if (status == oauth2::StatusCode::kOK) { |
| auth_manager_->FinishAuthorization( |
| oauth_server_, GURL(data), OnComplete(Step::kFinishAuthorization)); |
| return; |
| } |
| break; |
| case Step::kFinishAuthorization: |
| if (status == oauth2::StatusCode::kOK) { |
| auth_manager_->GetEndpointAccessToken( |
| oauth_server_, printer_.uri(), oauth_scope_, |
| OnComplete(Step::kGetAccessToken)); |
| return; |
| } |
| break; |
| } |
| |
| // An error occurred. |
| std::move(callback_).Run(status, ""); |
| } |
| |
| void PrinterAuthenticator::ShowIsTrustedDialog( |
| const GURL& auth_url, |
| oauth2::StatusCallback callback) { |
| // Log the callback to device-log. |
| callback = |
| base::BindOnce(&LogAndCall, std::move(callback), __func__, oauth_server_); |
| |
| if (is_trusted_dialog_response_for_testing_) { |
| std::move(callback).Run(*is_trusted_dialog_response_for_testing_, |
| "response from mock"); |
| return; |
| } |
| // TODO(https://crbug.com/1223535): Add dialog asking the user if |
| // the server is trusted. For now, we just save the server as trusted. |
| std::move(callback).Run(oauth2::StatusCode::kOK, ""); |
| } |
| |
| void PrinterAuthenticator::ShowSigninDialog(const std::string& auth_url, |
| oauth2::StatusCallback callback) { |
| // Log the callback to device-log. |
| callback = |
| base::BindOnce(&LogAndCall, std::move(callback), __func__, oauth_server_); |
| |
| const GURL url(auth_url); |
| if (!url.is_valid()) { |
| std::move(callback).Run(oauth2::StatusCode::kInvalidURL, |
| "auth_url=" + url.possibly_invalid_spec()); |
| return; |
| } |
| |
| if (signin_dialog_response_for_testing_) { |
| std::move(callback).Run(*signin_dialog_response_for_testing_, |
| "response from mock"); |
| return; |
| } |
| |
| auto dialog = std::make_unique<oauth2::SigninDialog>( |
| ProfileManager::GetPrimaryUserProfile()); |
| oauth2::SigninDialog* dialog_ptr = dialog.get(); |
| views::DialogDelegate::CreateDialogWidget( |
| std::move(dialog), /*context=*/nullptr, /*parent=*/nullptr); |
| dialog_ptr->StartAuthorizationProcedure(url, std::move(callback)); |
| } |
| |
| } // namespace ash::printing |
