1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_AUTOFILL_CONTENT_BROWSER_WALLET_WALLET_CLIENT_H_
6 #define COMPONENTS_AUTOFILL_CONTENT_BROWSER_WALLET_WALLET_CLIENT_H_
12 #include "base/callback.h" // For base::Closure.
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/weak_ptr.h"
15 #include "base/time/time.h"
16 #include "base/values.h"
17 #include "components/autofill/content/browser/wallet/full_wallet.h"
18 #include "components/autofill/content/browser/wallet/wallet_items.h"
19 #include "components/autofill/core/browser/autofill_manager_delegate.h"
20 #include "components/autofill/core/browser/autofill_metrics.h"
21 #include "net/url_request/url_fetcher_delegate.h"
22 #include "testing/gtest/include/gtest/gtest_prod.h"
27 class URLRequestContextGetter;
36 class WalletClientDelegate;
38 // WalletClient is responsible for making calls to the Online Wallet backend on
39 // the user's behalf. The normal flow for using this class is as follows:
40 // 1) GetWalletItems should be called to retrieve the user's Wallet.
41 // a) If the user does not have a Wallet, they must AcceptLegalDocuments and
42 // SaveToWallet to set up their account before continuing.
43 // b) If the user has not accepted the most recent legal documents for
44 // Wallet, they must AcceptLegalDocuments.
45 // 2) The user then chooses what instrument and shipping address to use for the
46 // current transaction.
47 // a) If they choose an instrument with a zip code only address, the billing
48 // address will need to be updated using SaveToWallet.
49 // b) The user may also choose to add a new instrument or address using
51 // 3) Once the user has selected the backing instrument and shipping address
52 // for this transaction, a FullWallet with the fronting card is generated
53 // using GetFullWallet.
54 // a) GetFullWallet may return a Risk challenge for the user. In that case,
55 // the user will need to verify who they are by authenticating their
56 // chosen backing instrument through AuthenticateInstrument
58 // WalletClient is designed so only one request to Online Wallet can be outgoing
59 // at any one time. If |HasRequestInProgress()| is true while calling e.g.
60 // GetWalletItems(), the request will be queued and started later. Queued
61 // requests start in the order they were received.
63 class WalletClient : public net::URLFetcherDelegate {
65 // The Risk challenges supported by users of WalletClient.
71 // The type of error returned by Online Wallet.
73 // Errors to display to users.
74 BUYER_ACCOUNT_ERROR, // Risk deny, unsupported country, or
76 BUYER_LEGAL_ADDRESS_NOT_SUPPORTED, // User's Buyer Legal Address is
77 // unsupported by Online Wallet.
78 UNVERIFIED_KNOW_YOUR_CUSTOMER_STATUS, // User's "know your customer" KYC
79 // state is not verified (either
80 // KYC_REFER or KYC_FAIL).
81 UNSUPPORTED_MERCHANT, // Merchant is blacklisted due to
82 // compliance violation.
85 BAD_REQUEST, // Request was very malformed or sent to the
87 INVALID_PARAMS, // API call had missing or invalid parameters.
88 UNSUPPORTED_API_VERSION, // The server API version of the request is no
92 INTERNAL_ERROR, // Unknown server side error.
93 SERVICE_UNAVAILABLE, // Online Wallet is down.
96 MALFORMED_RESPONSE, // The response from Wallet was malformed.
97 NETWORK_ERROR, // The response code of the server was something
98 // other than a 200 or 400.
100 UNKNOWN_ERROR, // Catch all error type.
103 struct FullWalletRequest {
105 FullWalletRequest(const std::string& instrument_id,
106 const std::string& address_id,
107 const std::string& google_transaction_id,
108 const std::vector<RiskCapability> risk_capabilities,
109 bool new_wallet_user);
110 ~FullWalletRequest();
112 // The ID of the backing instrument. Should have been selected by the user
114 std::string instrument_id;
116 // The ID of the shipping address. Should have been selected by the user
118 std::string address_id;
120 // The transaction ID from GetWalletItems.
121 std::string google_transaction_id;
123 // The Risk challenges supported by the user of WalletClient
124 std::vector<RiskCapability> risk_capabilities;
126 // True if the user does not have Wallet profile.
127 bool new_wallet_user;
130 DISALLOW_ASSIGN(FullWalletRequest);
133 // |context_getter| is reference counted so it has no lifetime or ownership
134 // requirements. |delegate| must outlive |this|. |source_url| is the url
135 // of the merchant page.
136 WalletClient(net::URLRequestContextGetter* context_getter,
137 WalletClientDelegate* delegate,
138 const GURL& source_url);
140 virtual ~WalletClient();
142 // GetWalletItems retrieves the user's online wallet. The WalletItems
143 // returned may require additional action such as presenting legal documents
144 // to the user to be accepted.
145 virtual void GetWalletItems();
147 // The GetWalletItems call to the Online Wallet backend may require the user
148 // to accept various legal documents before a FullWallet can be generated.
149 // The |google_transaction_id| is provided in the response to the
150 // GetWalletItems call. If |documents| are empty, |delegate_| will not receive
151 // a corresponding |OnDidAcceptLegalDocuments()| call.
152 virtual void AcceptLegalDocuments(
153 const std::vector<WalletItems::LegalDocument*>& documents,
154 const std::string& google_transaction_id);
156 // Authenticates that |card_verification_number| is for the backing instrument
157 // with |instrument_id|. |obfuscated_gaia_id| is used as a key when escrowing
158 // |card_verification_number|. |delegate_| is notified when the request is
159 // complete. Used to respond to Risk challenges.
160 virtual void AuthenticateInstrument(
161 const std::string& instrument_id,
162 const std::string& card_verification_number);
164 // GetFullWallet retrieves the a FullWallet for the user.
165 virtual void GetFullWallet(const FullWalletRequest& full_wallet_request);
167 // Saves the data in |instrument| and/or |address| to Wallet. |instrument|
168 // does not have to be complete if its being used to update an existing
169 // instrument, like in the case of expiration date or address only updates.
170 virtual void SaveToWallet(scoped_ptr<Instrument> instrument,
171 scoped_ptr<Address> address);
173 bool HasRequestInProgress() const;
175 // Cancels and clears the current |request_| and |pending_requests_| (if any).
176 void CancelRequests();
178 size_t user_index() const { return user_index_; }
179 void set_user_index(size_t user_index) {
180 user_index_ = user_index;
184 FRIEND_TEST_ALL_PREFIXES(WalletClientTest, PendingRequest);
185 FRIEND_TEST_ALL_PREFIXES(WalletClientTest, CancelRequests);
189 ACCEPT_LEGAL_DOCUMENTS,
190 AUTHENTICATE_INSTRUMENT,
196 // Like AcceptLegalDocuments, but takes a vector of document ids.
197 void DoAcceptLegalDocuments(
198 const std::vector<std::string>& document_ids,
199 const std::string& google_transaction_id);
201 // Posts |post_body| to |url| with content type |mime_type| and notifies
202 // |delegate_| when the request is complete.
203 void MakeWalletRequest(const GURL& url,
204 const std::string& post_body,
205 const std::string& mime_type);
207 // Performs bookkeeping tasks for any invalid requests.
208 void HandleMalformedResponse(RequestType request_type,
209 net::URLFetcher* request);
210 void HandleNetworkError(int response_code);
211 void HandleWalletError(ErrorType error_type);
213 // Start the next pending request (if any).
214 void StartNextPendingRequest();
216 // net::URLFetcherDelegate:
217 virtual void OnURLFetchComplete(const net::URLFetcher* source) OVERRIDE;
219 // Logs an UMA metric for each of the |required_actions|.
220 void LogRequiredActions(
221 const std::vector<RequiredAction>& required_actions) const;
223 // Converts |request_type| to an UMA metric.
224 AutofillMetrics::WalletApiCallMetric RequestTypeToUmaMetric(
225 RequestType request_type) const;
227 // The context for the request. Ensures the gdToken cookie is set as a header
228 // in the requests to Online Wallet if it is present.
229 scoped_refptr<net::URLRequestContextGetter> context_getter_;
231 // Observer class that has its various On* methods called based on the results
232 // of a request to Online Wallet.
233 WalletClientDelegate* const delegate_; // must outlive |this|.
235 // The index of the user account we're making requests for. The index is into
236 // GAIA's list of signed in users.
239 // The URL of the page we're making requests on behalf of.
242 // The current request object.
243 scoped_ptr<net::URLFetcher> request_;
245 // The type of the current request. Must be NO_PENDING_REQUEST for a request
246 // to be initiated as only one request may be running at a given time.
247 RequestType request_type_;
249 // The one time pad used for GetFullWallet encryption.
250 std::vector<uint8> one_time_pad_;
252 // Requests that are waiting to be run.
253 std::queue<base::Closure> pending_requests_;
255 // When the current request started. Used to track client side latency.
256 base::Time request_started_timestamp_;
258 base::WeakPtrFactory<WalletClient> weak_ptr_factory_;
260 DISALLOW_COPY_AND_ASSIGN(WalletClient);
263 } // namespace wallet
264 } // namespace autofill
266 #endif // COMPONENTS_AUTOFILL_CONTENT_BROWSER_WALLET_WALLET_CLIENT_H_