src/google_apis/gaia/gaia_oauth_client.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "google_apis/gaia/gaia_oauth_client.h"
   6
   7 #include "base/json/json_reader.h"
   8 #include "base/logging.h"
   9 #include "base/memory/scoped_ptr.h"
  10 #include "base/strings/string_util.h"
  11 #include "base/values.h"
  12 #include "google_apis/gaia/gaia_urls.h"
  13 #include "net/base/escape.h"
  14 #include "net/base/load_flags.h"
  15 #include "net/http/http_status_code.h"
  16 #include "net/url_request/url_fetcher.h"
  17 #include "net/url_request/url_fetcher_delegate.h"
  18 #include "net/url_request/url_request_context_getter.h"
  19 #include "url/gurl.h"
  20
  21 namespace {
  22 const char kAccessTokenValue[] = "access_token";
  23 const char kRefreshTokenValue[] = "refresh_token";
  24 const char kExpiresInValue[] = "expires_in";
  25 }
  26
  27 namespace gaia {
  28
  29 // Use a non-zero number, so unit tests can differentiate the URLFetcher used by
  30 // this class from other fetchers (most other code just hardcodes the ID to 0).
  31 const int GaiaOAuthClient::kUrlFetcherId = 17109006;
  32
  33 class GaiaOAuthClient::Core
  34     : public base::RefCountedThreadSafe<GaiaOAuthClient::Core>,
  35       public net::URLFetcherDelegate {
  36  public:
  37   Core(net::URLRequestContextGetter* request_context_getter)
  38       : num_retries_(0),
  39         request_context_getter_(request_context_getter),
  40         delegate_(NULL),
  41         request_type_(NO_PENDING_REQUEST) {
  42   }
  43
  44   void GetTokensFromAuthCode(const OAuthClientInfo& oauth_client_info,
  45                              const std::string& auth_code,
  46                              int max_retries,
  47                              GaiaOAuthClient::Delegate* delegate);
  48   void RefreshToken(const OAuthClientInfo& oauth_client_info,
  49                     const std::string& refresh_token,
  50                     const std::vector<std::string>& scopes,
  51                     int max_retries,
  52                     GaiaOAuthClient::Delegate* delegate);
  53   void GetUserEmail(const std::string& oauth_access_token,
  54                     int max_retries,
  55                     Delegate* delegate);
  56   void GetUserId(const std::string& oauth_access_token,
  57                  int max_retries,
  58                  Delegate* delegate);
  59   void GetUserInfo(const std::string& oauth_access_token,
  60                    int max_retries,
  61                    Delegate* delegate);
  62   void GetTokenInfo(const std::string& oauth_access_token,
  63                     int max_retries,
  64                     Delegate* delegate);
  65
  66   // net::URLFetcherDelegate implementation.
  67   virtual void OnURLFetchComplete(const net::URLFetcher* source) OVERRIDE;
  68
  69  private:
  70   friend class base::RefCountedThreadSafe<Core>;
  71
  72   enum RequestType {
  73     NO_PENDING_REQUEST,
  74     TOKENS_FROM_AUTH_CODE,
  75     REFRESH_TOKEN,
  76     TOKEN_INFO,
  77     USER_EMAIL,
  78     USER_ID,
  79     USER_INFO,
  80   };
  81
  82   virtual ~Core() {}
  83
  84   void PeopleGet(const std::string& oauth_access_token,
  85                  int max_retries,
  86                  Delegate* delegate);
  87   void MakeGaiaRequest(const GURL& url,
  88                        const std::string& post_body,
  89                        int max_retries,
  90                        GaiaOAuthClient::Delegate* delegate);
  91   void HandleResponse(const net::URLFetcher* source,
  92                       bool* should_retry_request);
  93
  94   int num_retries_;
  95   scoped_refptr<net::URLRequestContextGetter> request_context_getter_;
  96   GaiaOAuthClient::Delegate* delegate_;
  97   scoped_ptr<net::URLFetcher> request_;
  98   RequestType request_type_;
  99 };
 100
 101 void GaiaOAuthClient::Core::GetTokensFromAuthCode(
 102     const OAuthClientInfo& oauth_client_info,
 103     const std::string& auth_code,
 104     int max_retries,
 105     GaiaOAuthClient::Delegate* delegate) {
 106   DCHECK_EQ(request_type_, NO_PENDING_REQUEST);
 107   request_type_ = TOKENS_FROM_AUTH_CODE;
 108   std::string post_body =
 109       "code=" + net::EscapeUrlEncodedData(auth_code, true) +
 110       "&client_id=" + net::EscapeUrlEncodedData(oauth_client_info.client_id,
 111                                                 true) +
 112       "&client_secret=" +
 113       net::EscapeUrlEncodedData(oauth_client_info.client_secret, true) +
 114       "&redirect_uri=" +
 115       net::EscapeUrlEncodedData(oauth_client_info.redirect_uri, true) +
 116       "&grant_type=authorization_code";
 117   MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_url()),
 118                   post_body, max_retries, delegate);
 119 }
 120
 121 void GaiaOAuthClient::Core::RefreshToken(
 122     const OAuthClientInfo& oauth_client_info,
 123     const std::string& refresh_token,
 124     const std::vector<std::string>& scopes,
 125     int max_retries,
 126     GaiaOAuthClient::Delegate* delegate) {
 127   DCHECK_EQ(request_type_, NO_PENDING_REQUEST);
 128   request_type_ = REFRESH_TOKEN;
 129   std::string post_body =
 130       "refresh_token=" + net::EscapeUrlEncodedData(refresh_token, true) +
 131       "&client_id=" + net::EscapeUrlEncodedData(oauth_client_info.client_id,
 132                                                 true) +
 133       "&client_secret=" +
 134       net::EscapeUrlEncodedData(oauth_client_info.client_secret, true) +
 135       "&grant_type=refresh_token";
 136
 137   if (!scopes.empty()) {
 138     std::string scopes_string = JoinString(scopes, ' ');
 139     post_body += "&scope=" + net::EscapeUrlEncodedData(scopes_string, true);
 140   }
 141
 142   MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_url()),
 143                   post_body, max_retries, delegate);
 144 }
 145
 146 void GaiaOAuthClient::Core::GetUserEmail(const std::string& oauth_access_token,
 147                                          int max_retries,
 148                                          Delegate* delegate) {
 149   DCHECK_EQ(request_type_, NO_PENDING_REQUEST);
 150   DCHECK(!request_.get());
 151   request_type_ = USER_EMAIL;
 152   PeopleGet(oauth_access_token, max_retries, delegate);
 153 }
 154
 155 void GaiaOAuthClient::Core::GetUserId(const std::string& oauth_access_token,
 156                                       int max_retries,
 157                                       Delegate* delegate) {
 158   DCHECK_EQ(request_type_, NO_PENDING_REQUEST);
 159   DCHECK(!request_.get());
 160   request_type_ = USER_ID;
 161   PeopleGet(oauth_access_token, max_retries, delegate);
 162 }
 163
 164 void GaiaOAuthClient::Core::GetUserInfo(const std::string& oauth_access_token,
 165                                         int max_retries,
 166                                         Delegate* delegate) {
 167   DCHECK_EQ(request_type_, NO_PENDING_REQUEST);
 168   DCHECK(!request_.get());
 169   request_type_ = USER_INFO;
 170   PeopleGet(oauth_access_token, max_retries, delegate);
 171 }
 172
 173 void GaiaOAuthClient::Core::PeopleGet(const std::string& oauth_access_token,
 174                                       int max_retries,
 175                                       Delegate* delegate) {
 176   delegate_ = delegate;
 177   num_retries_ = 0;
 178   request_.reset(net::URLFetcher::Create(
 179       kUrlFetcherId, GURL(GaiaUrls::GetInstance()->people_get_url()),
 180       net::URLFetcher::GET, this));
 181   request_->SetRequestContext(request_context_getter_.get());
 182   request_->AddExtraRequestHeader("Authorization: OAuth " + oauth_access_token);
 183   request_->SetMaxRetriesOn5xx(max_retries);
 184   request_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
 185                          net::LOAD_DO_NOT_SAVE_COOKIES);
 186
 187   // Fetchers are sometimes cancelled because a network change was detected,
 188   // especially at startup and after sign-in on ChromeOS. Retrying once should
 189   // be enough in those cases; let the fetcher retry up to 3 times just in case.
 190   // http://crbug.com/163710
 191   request_->SetAutomaticallyRetryOnNetworkChanges(3);
 192   request_->Start();
 193 }
 194
 195 void GaiaOAuthClient::Core::GetTokenInfo(const std::string& oauth_access_token,
 196                                          int max_retries,
 197                                          Delegate* delegate) {
 198   DCHECK_EQ(request_type_, NO_PENDING_REQUEST);
 199   DCHECK(!request_.get());
 200   request_type_ = TOKEN_INFO;
 201   std::string post_body =
 202       "access_token=" + net::EscapeUrlEncodedData(oauth_access_token, true);
 203   MakeGaiaRequest(GURL(GaiaUrls::GetInstance()->oauth2_token_info_url()),
 204                   post_body,
 205                   max_retries,
 206                   delegate);
 207 }
 208
 209 void GaiaOAuthClient::Core::MakeGaiaRequest(
 210     const GURL& url,
 211     const std::string& post_body,
 212     int max_retries,
 213     GaiaOAuthClient::Delegate* delegate) {
 214   DCHECK(!request_.get()) << "Tried to fetch two things at once!";
 215   delegate_ = delegate;
 216   num_retries_ = 0;
 217   request_.reset(net::URLFetcher::Create(
 218       kUrlFetcherId, url, net::URLFetcher::POST, this));
 219   request_->SetRequestContext(request_context_getter_.get());
 220   request_->SetUploadData("application/x-www-form-urlencoded", post_body);
 221   request_->SetMaxRetriesOn5xx(max_retries);
 222   request_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
 223                          net::LOAD_DO_NOT_SAVE_COOKIES);
 224   // See comment on SetAutomaticallyRetryOnNetworkChanges() above.
 225   request_->SetAutomaticallyRetryOnNetworkChanges(3);
 226   request_->Start();
 227 }
 228
 229 // URLFetcher::Delegate implementation.
 230 void GaiaOAuthClient::Core::OnURLFetchComplete(
 231     const net::URLFetcher* source) {
 232   bool should_retry = false;
 233   HandleResponse(source, &should_retry);
 234   if (should_retry) {
 235     // Explicitly call ReceivedContentWasMalformed() to ensure the current
 236     // request gets counted as a failure for calculation of the back-off
 237     // period.  If it was already a failure by status code, this call will
 238     // be ignored.
 239     request_->ReceivedContentWasMalformed();
 240     num_retries_++;
 241     // We must set our request_context_getter_ again because
 242     // URLFetcher::Core::RetryOrCompleteUrlFetch resets it to NULL...
 243     request_->SetRequestContext(request_context_getter_.get());
 244     request_->Start();
 245   }
 246 }
 247
 248 void GaiaOAuthClient::Core::HandleResponse(
 249     const net::URLFetcher* source,
 250     bool* should_retry_request) {
 251   // Move ownership of the request fetcher into a local scoped_ptr which
 252   // will be nuked when we're done handling the request, unless we need
 253   // to retry, in which case ownership will be returned to request_.
 254   scoped_ptr<net::URLFetcher> old_request = request_.Pass();
 255   DCHECK_EQ(source, old_request.get());
 256
 257   // HTTP_BAD_REQUEST means the arguments are invalid.  HTTP_UNAUTHORIZED means
 258   // the access or refresh token is invalid. No point retrying. We are
 259   // done here.
 260   int response_code = source->GetResponseCode();
 261   if (response_code == net::HTTP_BAD_REQUEST ||
 262       response_code == net::HTTP_UNAUTHORIZED) {
 263     delegate_->OnOAuthError();
 264     return;
 265   }
 266
 267   scoped_ptr<base::DictionaryValue> response_dict;
 268   if (source->GetResponseCode() == net::HTTP_OK) {
 269     std::string data;
 270     source->GetResponseAsString(&data);
 271     scoped_ptr<base::Value> message_value(base::JSONReader::Read(data));
 272     if (message_value.get() &&
 273         message_value->IsType(base::Value::TYPE_DICTIONARY)) {
 274       response_dict.reset(
 275           static_cast<base::DictionaryValue*>(message_value.release()));
 276     }
 277   }
 278
 279   if (!response_dict.get()) {
 280     // If we don't have an access token yet and the the error was not
 281     // RC_BAD_REQUEST, we may need to retry.
 282     if ((source->GetMaxRetriesOn5xx() != -1) &&
 283         (num_retries_ >= source->GetMaxRetriesOn5xx())) {
 284       // Retry limit reached. Give up.
 285       delegate_->OnNetworkError(source->GetResponseCode());
 286     } else {
 287       request_ = old_request.Pass();
 288       *should_retry_request = true;
 289     }
 290     return;
 291   }
 292
 293   RequestType type = request_type_;
 294   request_type_ = NO_PENDING_REQUEST;
 295
 296   switch (type) {
 297     case USER_EMAIL: {
 298       // Use first email of type "account" as the user's email.
 299       const base::ListValue* emails_list;
 300       bool email_found = false;
 301       if (response_dict->GetList("emails", &emails_list)) {
 302         for (size_t i = 0; i < emails_list->GetSize(); ++i) {
 303           const base::DictionaryValue* email_dict;
 304           if (emails_list->GetDictionary(i, &email_dict)) {
 305             std::string email;
 306             std::string type;
 307             if (email_dict->GetString("type", &type) &&
 308                 type == "account" &&
 309                 email_dict->GetString("value", &email)) {
 310               delegate_->OnGetUserEmailResponse(email);
 311               email_found = true;
 312               break;
 313             }
 314           }
 315         }
 316       }
 317       if (!email_found)
 318         delegate_->OnNetworkError(net::URLFetcher::RESPONSE_CODE_INVALID);
 319       break;
 320     }
 321
 322     case USER_ID: {
 323       std::string id;
 324       response_dict->GetString("id", &id);
 325       delegate_->OnGetUserIdResponse(id);
 326       break;
 327     }
 328
 329     case USER_INFO: {
 330       delegate_->OnGetUserInfoResponse(response_dict.Pass());
 331       break;
 332     }
 333
 334     case TOKEN_INFO: {
 335       delegate_->OnGetTokenInfoResponse(response_dict.Pass());
 336       break;
 337     }
 338
 339     case TOKENS_FROM_AUTH_CODE:
 340     case REFRESH_TOKEN: {
 341       std::string access_token;
 342       std::string refresh_token;
 343       int expires_in_seconds = 0;
 344       response_dict->GetString(kAccessTokenValue, &access_token);
 345       response_dict->GetString(kRefreshTokenValue, &refresh_token);
 346       response_dict->GetInteger(kExpiresInValue, &expires_in_seconds);
 347
 348       if (access_token.empty()) {
 349         delegate_->OnOAuthError();
 350         return;
 351       }
 352
 353       if (type == REFRESH_TOKEN) {
 354         delegate_->OnRefreshTokenResponse(access_token, expires_in_seconds);
 355       } else {
 356         delegate_->OnGetTokensResponse(refresh_token,
 357                                        access_token,
 358                                        expires_in_seconds);
 359       }
 360       break;
 361     }
 362
 363     default:
 364       NOTREACHED();
 365   }
 366 }
 367
 368 GaiaOAuthClient::GaiaOAuthClient(net::URLRequestContextGetter* context_getter) {
 369   core_ = new Core(context_getter);
 370 }
 371
 372 GaiaOAuthClient::~GaiaOAuthClient() {
 373 }
 374
 375 void GaiaOAuthClient::GetTokensFromAuthCode(
 376     const OAuthClientInfo& oauth_client_info,
 377     const std::string& auth_code,
 378     int max_retries,
 379     Delegate* delegate) {
 380   return core_->GetTokensFromAuthCode(oauth_client_info,
 381                                       auth_code,
 382                                       max_retries,
 383                                       delegate);
 384 }
 385
 386 void GaiaOAuthClient::RefreshToken(
 387     const OAuthClientInfo& oauth_client_info,
 388     const std::string& refresh_token,
 389     const std::vector<std::string>& scopes,
 390     int max_retries,
 391     Delegate* delegate) {
 392   return core_->RefreshToken(oauth_client_info,
 393                              refresh_token,
 394                              scopes,
 395                              max_retries,
 396                              delegate);
 397 }
 398
 399 void GaiaOAuthClient::GetUserEmail(const std::string& access_token,
 400                                   int max_retries,
 401                                   Delegate* delegate) {
 402   return core_->GetUserEmail(access_token, max_retries, delegate);
 403 }
 404
 405 void GaiaOAuthClient::GetUserId(const std::string& access_token,
 406                                 int max_retries,
 407                                 Delegate* delegate) {
 408   return core_->GetUserId(access_token, max_retries, delegate);
 409 }
 410
 411 void GaiaOAuthClient::GetUserInfo(const std::string& access_token,
 412                                   int max_retries,
 413                                   Delegate* delegate) {
 414   return core_->GetUserInfo(access_token, max_retries, delegate);
 415 }
 416
 417 void GaiaOAuthClient::GetTokenInfo(const std::string& access_token,
 418                                    int max_retries,
 419                                    Delegate* delegate) {
 420   return core_->GetTokenInfo(access_token, max_retries, delegate);
 421 }
 422
 423 }  // namespace gaia