1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 package org.chromium.chrome.browser.signin;
7 import android.accounts.Account;
8 import android.app.Activity;
9 import android.content.Context;
10 import android.preference.PreferenceManager;
11 import android.util.Log;
13 import com.google.common.annotations.VisibleForTesting;
15 import org.chromium.base.CalledByNative;
16 import org.chromium.base.ObserverList;
17 import org.chromium.base.ThreadUtils;
18 import org.chromium.chrome.browser.profiles.Profile;
19 import org.chromium.sync.signin.AccountManagerHelper;
20 import org.chromium.sync.signin.ChromeSigninController;
22 import java.util.Arrays;
23 import java.util.concurrent.Semaphore;
24 import java.util.concurrent.TimeUnit;
25 import java.util.concurrent.atomic.AtomicReference;
26 import java.util.HashSet;
29 import javax.annotation.Nullable;
32 * Java instance for the native OAuth2TokenService.
34 * This class forwards calls to request or invalidate access tokens made by native code to
35 * AccountManagerHelper and forwards callbacks to native code.
38 public final class OAuth2TokenService {
40 private static final String TAG = "OAuth2TokenService";
43 public static final String STORED_ACCOUNTS_KEY = "google.services.stored_accounts";
45 public interface OAuth2TokenServiceObserver {
46 void onRefreshTokenAvailable(Account account);
47 void onRefreshTokenRevoked(Account account);
48 void onRefreshTokensLoaded();
51 private static final String OAUTH2_SCOPE_PREFIX = "oauth2:";
53 private final long mNativeProfileOAuth2TokenService;
54 private final ObserverList<OAuth2TokenServiceObserver> mObservers;
56 private OAuth2TokenService(long nativeOAuth2Service) {
57 mNativeProfileOAuth2TokenService = nativeOAuth2Service;
58 mObservers = new ObserverList<OAuth2TokenServiceObserver>();
61 public static OAuth2TokenService getForProfile(Profile profile) {
62 ThreadUtils.assertOnUiThread();
63 return (OAuth2TokenService) nativeGetForProfile(profile);
67 private static OAuth2TokenService create(long nativeOAuth2Service) {
68 ThreadUtils.assertOnUiThread();
69 return new OAuth2TokenService(nativeOAuth2Service);
72 public void addObserver(OAuth2TokenServiceObserver observer) {
73 ThreadUtils.assertOnUiThread();
74 mObservers.addObserver(observer);
77 public void removeObserver(OAuth2TokenServiceObserver observer) {
78 ThreadUtils.assertOnUiThread();
79 mObservers.removeObserver(observer);
82 private static Account getAccountOrNullFromUsername(Context context, String username) {
83 if (username == null) {
84 Log.e(TAG, "Username is null");
88 AccountManagerHelper accountManagerHelper = AccountManagerHelper.get(context);
89 Account account = accountManagerHelper.getAccountFromName(username);
90 if (account == null) {
91 Log.e(TAG, "Account not found for provided username.");
98 * Called by native to list the activite accounts in the OS.
102 public static String[] getSystemAccounts(Context context) {
103 AccountManagerHelper accountManagerHelper = AccountManagerHelper.get(context);
104 java.util.List<String> accountNames = accountManagerHelper.getGoogleAccountNames();
105 return accountNames.toArray(new String[accountNames.size()]);
109 * Called by native to list the accounts with OAuth2 refresh tokens.
110 * This can differ from getSystemAccounts as the user add/remove accounts
111 * from the OS. validateAccounts should be called to keep these two
115 public static String[] getAccounts(Context context) {
116 return getStoredAccounts(context);
120 * Called by native to retrieve OAuth2 tokens.
122 * @param username The native username (full address).
123 * @param scope The scope to get an auth token for (without Android-style 'oauth2:' prefix).
124 * @param nativeCallback The pointer to the native callback that should be run upon completion.
127 public static void getOAuth2AuthToken(
128 Context context, String username, String scope, final long nativeCallback) {
129 Account account = getAccountOrNullFromUsername(context, username);
130 if (account == null) {
131 nativeOAuth2TokenFetched(null, false, nativeCallback);
134 String oauth2Scope = OAUTH2_SCOPE_PREFIX + scope;
136 AccountManagerHelper accountManagerHelper = AccountManagerHelper.get(context);
137 accountManagerHelper.getAuthTokenFromForeground(
138 null, account, oauth2Scope, new AccountManagerHelper.GetAuthTokenCallback() {
140 public void tokenAvailable(String token) {
141 nativeOAuth2TokenFetched(
142 token, token != null, nativeCallback);
148 * Call this method to retrieve an OAuth2 access token for the given account and scope.
150 * @param activity the current activity. May be null.
151 * @param account the account to get the access token for.
152 * @param scope The scope to get an auth token for (without Android-style 'oauth2:' prefix).
153 * @param callback called on successful and unsuccessful fetching of auth token.
155 public static void getOAuth2AccessToken(Context context, @Nullable Activity activity,
156 Account account, String scope,
157 AccountManagerHelper.GetAuthTokenCallback callback) {
158 String oauth2Scope = OAUTH2_SCOPE_PREFIX + scope;
159 AccountManagerHelper.get(context).getAuthTokenFromForeground(
160 activity, account, oauth2Scope, callback);
164 * Call this method to retrieve an OAuth2 access token for the given account and scope. This
165 * method times out after the specified timeout, and will return null if that happens.
167 * Given that this is a blocking method call, this should never be called from the UI thread.
169 * @param activity the current activity. May be null.
170 * @param account the account to get the access token for.
171 * @param scope The scope to get an auth token for (without Android-style 'oauth2:' prefix).
172 * @param timeout the timeout.
173 * @param unit the unit for |timeout|.
175 public static String getOAuth2AccessTokenWithTimeout(
176 Context context, @Nullable Activity activity, Account account, String scope,
177 long timeout, TimeUnit unit) {
178 assert !ThreadUtils.runningOnUiThread();
179 final AtomicReference<String> result = new AtomicReference<String>();
180 final Semaphore semaphore = new Semaphore(0);
181 getOAuth2AccessToken(
182 context, activity, account, scope,
183 new AccountManagerHelper.GetAuthTokenCallback() {
185 public void tokenAvailable(String token) {
191 if (semaphore.tryAcquire(timeout, unit)) {
194 Log.d(TAG, "Failed to retrieve auth token within timeout (" +
195 timeout + " + " + unit.name() + ")");
198 } catch (InterruptedException e) {
199 Log.w(TAG, "Got interrupted while waiting for auth token");
205 * Called by native to check wether the account has an OAuth2 refresh token.
208 public static boolean hasOAuth2RefreshToken(Context context, String accountName) {
209 return AccountManagerHelper.get(context).hasAccountForName(accountName);
213 * Called by native to invalidate an OAuth2 token.
216 public static void invalidateOAuth2AuthToken(Context context, String accessToken) {
217 if (accessToken != null) {
218 AccountManagerHelper.get(context).invalidateAuthToken(accessToken);
222 public void validateAccounts(Context context) {
223 ThreadUtils.assertOnUiThread();
224 String currentlySignedInAccount =
225 ChromeSigninController.get(context).getSignedInAccountName();
226 nativeValidateAccounts(mNativeProfileOAuth2TokenService, currentlySignedInAccount);
230 * Triggers a notification to all observers of the native and Java instance of the
231 * OAuth2TokenService that a refresh token is now available. This may cause observers to retry
232 * operations that require authentication.
234 public void fireRefreshTokenAvailable(Account account) {
235 ThreadUtils.assertOnUiThread();
236 assert account != null;
237 nativeFireRefreshTokenAvailableFromJava(mNativeProfileOAuth2TokenService, account.name);
241 public void notifyRefreshTokenAvailable(String accountName) {
242 assert accountName != null;
243 Account account = AccountManagerHelper.createAccountFromName(accountName);
244 for (OAuth2TokenServiceObserver observer : mObservers) {
245 observer.onRefreshTokenAvailable(account);
250 * Triggers a notification to all observers of the native and Java instance of the
251 * OAuth2TokenService that a refresh token is now revoked.
253 public void fireRefreshTokenRevoked(Account account) {
254 ThreadUtils.assertOnUiThread();
255 assert account != null;
256 nativeFireRefreshTokenRevokedFromJava(mNativeProfileOAuth2TokenService, account.name);
260 public void notifyRefreshTokenRevoked(String accountName) {
261 assert accountName != null;
262 Account account = AccountManagerHelper.createAccountFromName(accountName);
263 for (OAuth2TokenServiceObserver observer : mObservers) {
264 observer.onRefreshTokenRevoked(account);
269 * Triggers a notification to all observers of the native and Java instance of the
270 * OAuth2TokenService that all refresh tokens now have been loaded.
272 public void fireRefreshTokensLoaded() {
273 ThreadUtils.assertOnUiThread();
274 nativeFireRefreshTokensLoadedFromJava(mNativeProfileOAuth2TokenService);
278 public void notifyRefreshTokensLoaded() {
279 for (OAuth2TokenServiceObserver observer : mObservers) {
280 observer.onRefreshTokensLoaded();
284 private static String[] getStoredAccounts(Context context) {
285 Set<String> accounts =
286 PreferenceManager.getDefaultSharedPreferences(context)
287 .getStringSet(STORED_ACCOUNTS_KEY, null);
288 return accounts == null ? new String[]{} : accounts.toArray(new String[accounts.size()]);
292 private static void saveStoredAccounts(Context context, String[] accounts) {
293 Set<String> set = new HashSet<String>(Arrays.asList(accounts));
294 PreferenceManager.getDefaultSharedPreferences(context).edit().
295 putStringSet(STORED_ACCOUNTS_KEY, set).apply();
298 private static native Object nativeGetForProfile(Profile profile);
299 private static native void nativeOAuth2TokenFetched(
300 String authToken, boolean result, long nativeCallback);
301 private native void nativeValidateAccounts(
302 long nativeAndroidProfileOAuth2TokenService,
303 String currentlySignedInAccount);
304 private native void nativeFireRefreshTokenAvailableFromJava(
305 long nativeAndroidProfileOAuth2TokenService, String accountName);
306 private native void nativeFireRefreshTokenRevokedFromJava(
307 long nativeAndroidProfileOAuth2TokenService, String accountName);
308 private native void nativeFireRefreshTokensLoadedFromJava(
309 long nativeAndroidProfileOAuth2TokenService);