| // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "chrome/browser/extensions/app_notify_channel_setup.h" |
| |
| #include <string> |
| #include <vector> |
| |
| #include "base/basictypes.h" |
| #include "base/bind.h" |
| #include "base/command_line.h" |
| #include "base/json/json_reader.h" |
| #include "base/metrics/histogram.h" |
| #include "base/stringprintf.h" |
| #include "chrome/browser/net/gaia/token_service.h" |
| #include "chrome/browser/prefs/pref_service.h" |
| #include "chrome/browser/profiles/profile.h" |
| #include "chrome/common/chrome_switches.h" |
| #include "chrome/common/net/gaia/gaia_constants.h" |
| #include "chrome/common/net/gaia/gaia_urls.h" |
| #include "chrome/common/net/http_return.h" |
| #include "chrome/common/pref_names.h" |
| #include "content/public/browser/browser_thread.h" |
| #include "content/public/common/url_fetcher.h" |
| #include "net/base/escape.h" |
| #include "net/base/load_flags.h" |
| #include "net/http/http_request_headers.h" |
| #include "net/url_request/url_request_status.h" |
| |
| using base::StringPrintf; |
| using content::BrowserThread; |
| using content::URLFetcher; |
| |
| namespace { |
| |
| static const char kChannelSetupAuthError[] = "unauthorized"; |
| static const char kChannelSetupInternalError[] = "internal_error"; |
| static const char kChannelSetupCanceledByUser[] = "canceled_by_user"; |
| static const char kAuthorizationHeaderFormat[] = |
| "Authorization: Bearer %s"; |
| static const char kOAuth2IssueTokenURL[] = |
| "https://www.googleapis.com/oauth2/v2/IssueToken"; |
| static const char kOAuth2IssueTokenBodyFormat[] = |
| "force=true" |
| "&response_type=token" |
| "&scope=%s" |
| "&client_id=%s" |
| "&origin=%s"; |
| static const char kOAuth2IssueTokenScope[] = |
| "https://www.googleapis.com/auth/chromewebstore.notification"; |
| static const char kCWSChannelServiceURL[] = |
| "https://www.googleapis.com/chromewebstore/v1.1/channels/id"; |
| |
| static AppNotifyChannelSetup::InterceptorForTests* g_interceptor_for_tests = |
| NULL; |
| |
| } // namespace. |
| |
| // static |
| void AppNotifyChannelSetup::SetInterceptorForTests( |
| AppNotifyChannelSetup::InterceptorForTests* interceptor) { |
| // Only one interceptor at a time, please. |
| CHECK(g_interceptor_for_tests == NULL); |
| g_interceptor_for_tests = interceptor; |
| } |
| |
| AppNotifyChannelSetup::AppNotifyChannelSetup( |
| Profile* profile, |
| const std::string& extension_id, |
| const std::string& client_id, |
| const GURL& requestor_url, |
| int return_route_id, |
| int callback_id, |
| AppNotifyChannelUI* ui, |
| base::WeakPtr<AppNotifyChannelSetup::Delegate> delegate) |
| : profile_(profile), |
| extension_id_(extension_id), |
| client_id_(client_id), |
| requestor_url_(requestor_url), |
| return_route_id_(return_route_id), |
| callback_id_(callback_id), |
| delegate_(delegate), |
| ui_(ui), |
| state_(INITIAL), |
| oauth2_access_token_failure_(false) {} |
| |
| AppNotifyChannelSetup::~AppNotifyChannelSetup() {} |
| |
| void AppNotifyChannelSetup::Start() { |
| if (g_interceptor_for_tests) { |
| std::string channel_id; |
| std::string error; |
| g_interceptor_for_tests->DoIntercept(this, &channel_id, &error); |
| delegate_->AppNotifyChannelSetupComplete(channel_id, error, this); |
| return; |
| } |
| AddRef(); // Balanced in ReportResult. |
| BeginLogin(); |
| } |
| |
| void AppNotifyChannelSetup::OnGetTokenSuccess( |
| const std::string& access_token) { |
| oauth2_access_token_ = access_token; |
| EndGetAccessToken(true); |
| } |
| void AppNotifyChannelSetup::OnGetTokenFailure( |
| const GoogleServiceAuthError& error) { |
| EndGetAccessToken(false); |
| } |
| |
| void AppNotifyChannelSetup::OnSyncSetupResult(bool enabled) { |
| EndLogin(enabled); |
| } |
| |
| void AppNotifyChannelSetup::OnURLFetchComplete(const URLFetcher* source) { |
| CHECK(source); |
| switch (state_) { |
| case RECORD_GRANT_STARTED: |
| EndRecordGrant(source); |
| break; |
| case CHANNEL_ID_SETUP_STARTED: |
| EndGetChannelId(source); |
| break; |
| default: |
| CHECK(false) << "Wrong state: " << state_; |
| break; |
| } |
| } |
| |
| // The contents of |body| should be URL-encoded as appropriate. |
| URLFetcher* AppNotifyChannelSetup::CreateURLFetcher( |
| const GURL& url, const std::string& body, const std::string& auth_token) { |
| CHECK(url.is_valid()); |
| URLFetcher::RequestType type = |
| body.empty() ? URLFetcher::GET : URLFetcher::POST; |
| URLFetcher* fetcher = URLFetcher::Create(0, url, type, this); |
| fetcher->SetRequestContext(profile_->GetRequestContext()); |
| // Always set flags to neither send nor save cookies. |
| fetcher->SetLoadFlags( |
| net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SAVE_COOKIES); |
| fetcher->SetExtraRequestHeaders(MakeAuthorizationHeader(auth_token)); |
| if (!body.empty()) { |
| fetcher->SetUploadData("application/x-www-form-urlencoded", body); |
| } |
| return fetcher; |
| } |
| |
| bool AppNotifyChannelSetup::ShouldPromptForLogin() const { |
| std::string username = profile_->GetPrefs()->GetString( |
| prefs::kGoogleServicesUsername); |
| // Prompt for login if either: |
| // 1. the user has not logged in at all or |
| // 2. if the user is logged in but there is no OAuth2 login token. |
| // The latter happens for users who are already logged in before the |
| // code to generate OAuth2 login token is released. |
| // 3. If the OAuth2 login token does not work anymore. |
| // This can happen if the user explicitly revoked access to Google Chrome |
| // from Google Accounts page. |
| return username.empty() || |
| !profile_->GetTokenService()->HasOAuthLoginToken() || |
| oauth2_access_token_failure_; |
| } |
| |
| namespace { |
| |
| enum LoginNeededHistogram { |
| LOGIN_NEEDED, |
| LOGIN_NOT_NEEDED, |
| LOGIN_NEEDED_BOUNDARY |
| }; |
| |
| enum LoginSuccessHistogram { |
| LOGIN_SUCCESS, |
| LOGIN_FAILURE, |
| LOGIN_SUCCESS_BOUNDARY |
| }; |
| |
| } // namespace |
| |
| void AppNotifyChannelSetup::BeginLogin() { |
| CHECK_EQ(INITIAL, state_); |
| state_ = LOGIN_STARTED; |
| bool login_needed = ShouldPromptForLogin(); |
| UMA_HISTOGRAM_ENUMERATION("AppNotify.ChannelSetupBegin", |
| login_needed ? LOGIN_NEEDED : LOGIN_NOT_NEEDED, |
| LOGIN_NEEDED_BOUNDARY); |
| if (login_needed) { |
| ui_->PromptSyncSetup(this); |
| // We'll get called back in OnSyncSetupResult |
| } else { |
| EndLogin(true); |
| } |
| } |
| |
| void AppNotifyChannelSetup::EndLogin(bool success) { |
| CHECK_EQ(LOGIN_STARTED, state_); |
| UMA_HISTOGRAM_ENUMERATION("AppNotify.ChannelSetupLoginResult", |
| success ? LOGIN_SUCCESS : LOGIN_FAILURE, |
| LOGIN_SUCCESS_BOUNDARY); |
| if (success) { |
| state_ = LOGIN_DONE; |
| BeginGetAccessToken(); |
| } else { |
| state_ = ERROR_STATE; |
| ReportResult("", USER_CANCELLED); |
| } |
| } |
| |
| void AppNotifyChannelSetup::BeginGetAccessToken() { |
| CHECK_EQ(LOGIN_DONE, state_); |
| state_ = FETCH_ACCESS_TOKEN_STARTED; |
| |
| oauth2_fetcher_.reset(new OAuth2AccessTokenFetcher( |
| this, profile_->GetRequestContext())); |
| std::vector<std::string> scopes; |
| scopes.push_back(GaiaUrls::GetInstance()->oauth1_login_scope()); |
| scopes.push_back(kOAuth2IssueTokenScope); |
| oauth2_fetcher_->Start( |
| GaiaUrls::GetInstance()->oauth2_chrome_client_id(), |
| GaiaUrls::GetInstance()->oauth2_chrome_client_secret(), |
| profile_->GetTokenService()->GetOAuth2LoginRefreshToken(), |
| scopes); |
| } |
| |
| void AppNotifyChannelSetup::EndGetAccessToken(bool success) { |
| CHECK_EQ(FETCH_ACCESS_TOKEN_STARTED, state_); |
| if (success) { |
| state_ = FETCH_ACCESS_TOKEN_DONE; |
| BeginRecordGrant(); |
| } else if (!oauth2_access_token_failure_) { |
| oauth2_access_token_failure_ = true; |
| // If access token generation fails, then it means somehow the |
| // OAuth2 login scoped token became invalid. One way this can happen |
| // is if a user explicitly revoked access to Google Chrome from |
| // Google Accounts page. In such a case, we should try to show the |
| // login setup again to the user, but only if we have not already |
| // done so once (to avoid infinite loop). |
| state_ = INITIAL; |
| BeginLogin(); |
| } else { |
| state_ = ERROR_STATE; |
| ReportResult("", INTERNAL_ERROR); |
| } |
| } |
| |
| void AppNotifyChannelSetup::BeginRecordGrant() { |
| CHECK_EQ(FETCH_ACCESS_TOKEN_DONE, state_); |
| state_ = RECORD_GRANT_STARTED; |
| |
| GURL url = GetOAuth2IssueTokenURL(); |
| std::string body = MakeOAuth2IssueTokenBody(client_id_, extension_id_); |
| |
| url_fetcher_.reset(CreateURLFetcher(url, body, oauth2_access_token_)); |
| url_fetcher_->Start(); |
| } |
| |
| void AppNotifyChannelSetup::EndRecordGrant(const URLFetcher* source) { |
| CHECK_EQ(RECORD_GRANT_STARTED, state_); |
| |
| net::URLRequestStatus status = source->GetStatus(); |
| |
| if (status.status() == net::URLRequestStatus::SUCCESS) { |
| if (source->GetResponseCode() == RC_REQUEST_OK) { |
| state_ = RECORD_GRANT_DONE; |
| BeginGetChannelId(); |
| } else { |
| // Successfully done with HTTP request, but got an explicit error. |
| state_ = ERROR_STATE; |
| ReportResult("", AUTH_ERROR); |
| } |
| } else { |
| // Could not do HTTP request. |
| state_ = ERROR_STATE; |
| ReportResult("", INTERNAL_ERROR); |
| } |
| } |
| |
| void AppNotifyChannelSetup::BeginGetChannelId() { |
| CHECK_EQ(RECORD_GRANT_DONE, state_); |
| state_ = CHANNEL_ID_SETUP_STARTED; |
| |
| GURL url = GetCWSChannelServiceURL(); |
| |
| url_fetcher_.reset(CreateURLFetcher(url, "", oauth2_access_token_)); |
| url_fetcher_->Start(); |
| } |
| |
| void AppNotifyChannelSetup::EndGetChannelId(const URLFetcher* source) { |
| CHECK_EQ(CHANNEL_ID_SETUP_STARTED, state_); |
| net::URLRequestStatus status = source->GetStatus(); |
| |
| if (status.status() == net::URLRequestStatus::SUCCESS) { |
| if (source->GetResponseCode() == RC_REQUEST_OK) { |
| std::string data; |
| source->GetResponseAsString(&data); |
| std::string channel_id; |
| bool result = ParseCWSChannelServiceResponse(data, &channel_id); |
| if (result) { |
| state_ = CHANNEL_ID_SETUP_DONE; |
| ReportResult(channel_id, NONE); |
| } else { |
| state_ = ERROR_STATE; |
| ReportResult("", INTERNAL_ERROR); |
| } |
| } else { |
| // Successfully done with HTTP request, but got an explicit error. |
| state_ = ERROR_STATE; |
| ReportResult("", AUTH_ERROR); |
| } |
| } else { |
| // Could not do HTTP request. |
| state_ = ERROR_STATE; |
| ReportResult("", INTERNAL_ERROR); |
| } |
| } |
| |
| void AppNotifyChannelSetup::ReportResult( |
| const std::string& channel_id, |
| SetupError error) { |
| CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| CHECK(state_ == CHANNEL_ID_SETUP_DONE || state_ == ERROR_STATE); |
| |
| UMA_HISTOGRAM_ENUMERATION("AppNotification.ChannelSetupFinalResult", |
| error, SETUP_ERROR_BOUNDARY); |
| if (delegate_.get()) { |
| delegate_->AppNotifyChannelSetupComplete( |
| channel_id, GetErrorString(error), this); |
| } |
| Release(); // Matches AddRef in Start. |
| } |
| |
| // static |
| std::string AppNotifyChannelSetup::GetErrorString(SetupError error) { |
| switch (error) { |
| case NONE: return ""; |
| case AUTH_ERROR: return kChannelSetupAuthError; |
| case INTERNAL_ERROR: return kChannelSetupInternalError; |
| case USER_CANCELLED: return kChannelSetupCanceledByUser; |
| case SETUP_ERROR_BOUNDARY: { |
| CHECK(false); |
| break; |
| } |
| } |
| CHECK(false) << "Unhandled enum value"; |
| return std::string(); |
| } |
| |
| |
| // static |
| GURL AppNotifyChannelSetup::GetCWSChannelServiceURL() { |
| CommandLine* command_line = CommandLine::ForCurrentProcess(); |
| if (command_line->HasSwitch(switches::kAppNotifyChannelServerURL)) { |
| std::string switch_value = command_line->GetSwitchValueASCII( |
| switches::kAppNotifyChannelServerURL); |
| GURL result(switch_value); |
| if (result.is_valid()) { |
| return result; |
| } else { |
| LOG(ERROR) << "Invalid value for " << |
| switches::kAppNotifyChannelServerURL; |
| } |
| } |
| return GURL(kCWSChannelServiceURL); |
| } |
| |
| // static |
| GURL AppNotifyChannelSetup::GetOAuth2IssueTokenURL() { |
| return GURL(kOAuth2IssueTokenURL); |
| } |
| |
| // static |
| std::string AppNotifyChannelSetup::MakeOAuth2IssueTokenBody( |
| const std::string& oauth_client_id, |
| const std::string& extension_id) { |
| return StringPrintf(kOAuth2IssueTokenBodyFormat, |
| kOAuth2IssueTokenScope, |
| net::EscapeUrlEncodedData(oauth_client_id, true).c_str(), |
| net::EscapeUrlEncodedData(extension_id, true).c_str()); |
| } |
| |
| // static |
| std::string AppNotifyChannelSetup::MakeAuthorizationHeader( |
| const std::string& auth_token) { |
| return StringPrintf(kAuthorizationHeaderFormat, auth_token.c_str()); |
| } |
| |
| // static |
| bool AppNotifyChannelSetup::ParseCWSChannelServiceResponse( |
| const std::string& data, std::string* result) { |
| base::JSONReader reader; |
| scoped_ptr<base::Value> value(reader.Read(data, false)); |
| if (!value.get() || value->GetType() != base::Value::TYPE_DICTIONARY) |
| return false; |
| |
| Value* channel_id_value; |
| DictionaryValue* dict = static_cast<DictionaryValue*>(value.get()); |
| if (!dict->Get("id", &channel_id_value)) |
| return false; |
| if (channel_id_value->GetType() != base::Value::TYPE_STRING) |
| return false; |
| |
| StringValue* channel_id = static_cast<StringValue*>(channel_id_value); |
| channel_id->GetAsString(result); |
| return true; |
| } |
