// to the maximum specified here.
const int kMaxReconnectDelaySeconds = 10 * 60;
-// Time when we we try to update OAuth token before its expiration.
-const int kTokenUpdateTimeBeforeExpirySeconds = 60;
-
} // namespace
-SignalingConnector::OAuthCredentials::OAuthCredentials(
- const std::string& login_value,
- const std::string& refresh_token_value,
- bool is_service_account)
- : login(login_value),
- refresh_token(refresh_token_value),
- is_service_account(is_service_account) {
-}
-
SignalingConnector::SignalingConnector(
XmppSignalStrategy* signal_strategy,
- scoped_refptr<net::URLRequestContextGetter> url_request_context_getter,
scoped_ptr<DnsBlackholeChecker> dns_blackhole_checker,
const base::Closure& auth_failed_callback)
: signal_strategy_(signal_strategy),
- url_request_context_getter_(url_request_context_getter),
auth_failed_callback_(auth_failed_callback),
dns_blackhole_checker_(dns_blackhole_checker.Pass()),
- reconnect_attempts_(0),
- refreshing_oauth_token_(false) {
+ reconnect_attempts_(0) {
DCHECK(!auth_failed_callback_.is_null());
DCHECK(dns_blackhole_checker_.get());
net::NetworkChangeNotifier::AddConnectionTypeObserver(this);
net::NetworkChangeNotifier::RemoveIPAddressObserver(this);
}
-void SignalingConnector::EnableOAuth(
- scoped_ptr<OAuthCredentials> oauth_credentials) {
- oauth_credentials_ = oauth_credentials.Pass();
- gaia_oauth_client_.reset(
- new gaia::GaiaOAuthClient(url_request_context_getter_.get()));
+void SignalingConnector::EnableOAuth(OAuthTokenGetter* oauth_token_getter) {
+ oauth_token_getter_ = oauth_token_getter;
}
void SignalingConnector::OnSignalStrategyStateChange(
}
}
-void SignalingConnector::OnGetTokensResponse(const std::string& user_email,
- const std::string& access_token,
- int expires_seconds) {
- NOTREACHED();
-}
-
-void SignalingConnector::OnRefreshTokenResponse(
- const std::string& access_token,
- int expires_seconds) {
- DCHECK(CalledOnValidThread());
- DCHECK(oauth_credentials_.get());
- HOST_LOG << "Received OAuth token.";
-
- oauth_access_token_ = access_token;
- auth_token_expiry_time_ = base::Time::Now() +
- base::TimeDelta::FromSeconds(expires_seconds) -
- base::TimeDelta::FromSeconds(kTokenUpdateTimeBeforeExpirySeconds);
-
- gaia_oauth_client_->GetUserEmail(access_token, 1, this);
-}
-
-void SignalingConnector::OnGetUserEmailResponse(const std::string& user_email) {
+void SignalingConnector::OnAccessToken(OAuthTokenGetter::Status status,
+ const std::string& user_email,
+ const std::string& access_token) {
DCHECK(CalledOnValidThread());
- DCHECK(oauth_credentials_.get());
- HOST_LOG << "Received user info.";
- if (user_email != oauth_credentials_->login) {
- LOG(ERROR) << "OAuth token and email address do not refer to "
- "the same account.";
+ if (status == OAuthTokenGetter::AUTH_ERROR) {
auth_failed_callback_.Run();
return;
+ } else if (status == OAuthTokenGetter::NETWORK_ERROR) {
+ OnNetworkError();
+ return;
}
- signal_strategy_->SetAuthInfo(oauth_credentials_->login,
- oauth_access_token_, "oauth2");
- refreshing_oauth_token_ = false;
+ DCHECK_EQ(status, OAuthTokenGetter::SUCCESS);
+ HOST_LOG << "Received user info.";
+
+ signal_strategy_->SetAuthInfo(user_email, access_token, "oauth2");
// Now that we've refreshed the token and verified that it's for the correct
// user account, try to connect using the new token.
signal_strategy_->Connect();
}
-void SignalingConnector::OnOAuthError() {
+void SignalingConnector::OnNetworkError() {
DCHECK(CalledOnValidThread());
- LOG(ERROR) << "OAuth: invalid credentials.";
- refreshing_oauth_token_ = false;
- reconnect_attempts_++;
- auth_failed_callback_.Run();
-}
-
-void SignalingConnector::OnNetworkError(int response_code) {
- DCHECK(CalledOnValidThread());
- LOG(ERROR) << "Network error when trying to update OAuth token: "
- << response_code;
- refreshing_oauth_token_ = false;
reconnect_attempts_++;
ScheduleTryReconnect();
}
}
if (signal_strategy_->GetState() == SignalStrategy::DISCONNECTED) {
- bool need_new_auth_token = oauth_credentials_.get() &&
- (auth_token_expiry_time_.is_null() ||
- base::Time::Now() >= auth_token_expiry_time_);
- if (need_new_auth_token) {
- RefreshOAuthToken();
- } else {
- HOST_LOG << "Attempting to connect signaling.";
- signal_strategy_->Connect();
- }
+ HOST_LOG << "Attempting to connect signaling.";
+ oauth_token_getter_->CallWithToken(
+ base::Bind(&SignalingConnector::OnAccessToken, AsWeakPtr()));
}
}
-void SignalingConnector::RefreshOAuthToken() {
- DCHECK(CalledOnValidThread());
- HOST_LOG << "Refreshing OAuth token.";
- DCHECK(!refreshing_oauth_token_);
-
- // Service accounts use different API keys, as they use the client app flow.
- google_apis::OAuth2Client oauth2_client;
- if (oauth_credentials_->is_service_account) {
- oauth2_client = google_apis::CLIENT_REMOTING_HOST;
- } else {
- oauth2_client = google_apis::CLIENT_REMOTING;
- }
-
- gaia::OAuthClientInfo client_info = {
- google_apis::GetOAuth2ClientID(oauth2_client),
- google_apis::GetOAuth2ClientSecret(oauth2_client),
- // Redirect URL is only used when getting tokens from auth code. It
- // is not required when getting access tokens.
- ""
- };
-
- refreshing_oauth_token_ = true;
- std::vector<std::string> empty_scope_list; // (Use scope from refresh token.)
- gaia_oauth_client_->RefreshToken(
- client_info, oauth_credentials_->refresh_token, empty_scope_list,
- 1, this);
-}
-
} // namespace remoting