chromeos: Migrate TokenHandleFetcher to unconsented primary account

SplitSettingsSync will allow the user to opt-out of browser sync. However, IdentityManager::GetPrimaryAccount() assumes the user has consented to sync. Switch to using the "unconsented" primary account, which exists whether or not the user has consented to sync. This code doesn't add a DCHECK that the unconsented primary account exists because there are managed guest session tests that don't have a primary account but still exercise this code path. and on device Test: existing login browser tests, manual tests of login on linux Bug: 1042400 Change-Id: I14ee7bcc18c294dee31c26fcc9bed537836516b4 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2015589 Commit-Queue: James Cook <jamescook@chromium.org> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Cr-Commit-Position: refs/heads/master@{#734647}

chromeos: Migrate TokenHandleFetcher to unconsented primary account
SplitSettingsSync will allow the user to opt-out of browser sync. However, IdentityManager::GetPrimaryAccount() assumes the user has consented to sync. Switch to using the "unconsented" primary account, which exists whether or not the user has consented to sync. This code doesn't add a DCHECK that the unconsented primary account exists because there are managed guest session tests that don't have a primary account but still exercise this code path. and on device Test: existing login browser tests, manual tests of login on linux Bug: 1042400 Change-Id: I14ee7bcc18c294dee31c26fcc9bed537836516b4 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2015589 Commit-Queue: James Cook <jamescook@chromium.org> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Cr-Commit-Position: refs/heads/master@{#734647}
1454ded8 · James Cook · Commit Bot · 807da60f · 1454ded8 · 1454ded8
Commit 1454ded8 authored Jan 23, 2020 by James Cook Committed by Commit Bot Jan 23, 2020
2 changed files
--- a/chrome/browser/chromeos/login/signin/token_handle_fetcher.cc
+++ b/chrome/browser/chromeos/login/signin/token_handle_fetcher.cc
@@ -12,9 +12,10 @@
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/signin/identity_manager_factory.h"
 #include "components/keyed_service/content/browser_context_keyed_service_shutdown_notifier_factory.h"
+#include "components/signin/public/identity_manager/access_token_fetcher.h"
 #include "components/signin/public/identity_manager/access_token_info.h"
 #include "components/signin/public/identity_manager/identity_manager.h"
-#include "components/signin/public/identity_manager/primary_account_access_token_fetcher.h"
+#include "google_apis/gaia/core_account_id.h"
 #include "google_apis/gaia/gaia_constants.h"
 #include "services/identity/public/cpp/scope_set.h"
 #include "services/network/public/cpp/shared_url_loader_factory.h"
@@ -39,7 +40,7 @@ class TokenHandleFetcherShutdownNotifierFactory
            "TokenHandleFetcher") {
    DependsOn(IdentityManagerFactory::GetInstance());
  }
-  ~TokenHandleFetcherShutdownNotifierFactory() override {}
+  ~TokenHandleFetcherShutdownNotifierFactory() override = default;

  DISALLOW_COPY_AND_ASSIGN(TokenHandleFetcherShutdownNotifierFactory);
 };
@@ -50,7 +51,7 @@ TokenHandleFetcher::TokenHandleFetcher(TokenHandleUtil* util,
                                       const AccountId& account_id)
    : token_handle_util_(util), account_id_(account_id) {}

-TokenHandleFetcher::~TokenHandleFetcher() {}
+TokenHandleFetcher::~TokenHandleFetcher() = default;

 void TokenHandleFetcher::BackfillToken(Profile* profile,
                                       const TokenFetchingCallback& callback) {
@@ -58,7 +59,10 @@ void TokenHandleFetcher::BackfillToken(Profile* profile,
  callback_ = callback;

  identity_manager_ = IdentityManagerFactory::GetForProfile(profile);
-  if (!identity_manager_->HasPrimaryAccountWithRefreshToken()) {
+  // This class doesn't care about browser sync consent.
+  CoreAccountId core_account_id =
+      identity_manager_->GetUnconsentedPrimaryAccountId();
+  if (!identity_manager_->HasAccountWithRefreshToken(core_account_id)) {
    profile_shutdown_notification_ =
        TokenHandleFetcherShutdownNotifierFactory::GetInstance()
            ->Get(profile)
@@ -74,14 +78,13 @@ void TokenHandleFetcher::BackfillToken(Profile* profile,

  // We can use base::Unretained(this) below because |access_token_fetcher_| is
  // owned by this object (thus destroyed when this object is destroyed) and
-  // PrimaryAccountAccessTokenFetcher guarantees that it doesn't invoke its
-  // callback after it is destroyed.
-  access_token_fetcher_ =
-      std::make_unique<signin::PrimaryAccountAccessTokenFetcher>(
-          kAccessTokenFetchId, identity_manager_, scopes,
-          base::BindOnce(&TokenHandleFetcher::OnAccessTokenFetchComplete,
-                         base::Unretained(this)),
-          signin::PrimaryAccountAccessTokenFetcher::Mode::kWaitUntilAvailable);
+  // AccountAccessTokenFetcher guarantees that it doesn't invoke its callback
+  // after it is destroyed.
+  access_token_fetcher_ = identity_manager_->CreateAccessTokenFetcherForAccount(
+      core_account_id, kAccessTokenFetchId, scopes,
+      base::BindOnce(&TokenHandleFetcher::OnAccessTokenFetchComplete,
+                     base::Unretained(this)),
+      signin::AccessTokenFetcher::Mode::kWaitUntilRefreshTokenAvailable);
 }

 void TokenHandleFetcher::OnAccessTokenFetchComplete(

--- a/chrome/browser/chromeos/login/signin/token_handle_fetcher.h
+++ b/chrome/browser/chromeos/login/signin/token_handle_fetcher.h
@@ -13,7 +13,7 @@
 #include "base/time/time.h"
 #include "components/account_id/account_id.h"
 #include "components/keyed_service/core/keyed_service_shutdown_notifier.h"
-#include "components/signin/public/identity_manager/primary_account_access_token_fetcher.h"
+#include "components/signin/public/identity_manager/access_token_fetcher.h"
 #include "google_apis/gaia/gaia_oauth_client.h"

 namespace signin {
@@ -27,7 +27,6 @@ class Profile;
 // It can be used in two ways. When user have just used GAIA signin there is
 // an OAuth2 token available. If there is profile already loaded, then
 // minting additional access token might be required.
-
 class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate {
 public:
  TokenHandleFetcher(TokenHandleUtil* util, const AccountId& account_id);
@@ -45,7 +44,7 @@ class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate {
  void BackfillToken(Profile* profile, const TokenFetchingCallback& callback);

 private:
-  // AccessTokenFetcher::TokenCallback for PrimaryAccountAccessTokenFetcher.
+  // Callback for the access token fetcher.
  void OnAccessTokenFetchComplete(GoogleServiceAuthError error,
                                  signin::AccessTokenInfo token_info);

@@ -57,7 +56,7 @@ class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate {

  void FillForAccessToken(const std::string& access_token);

-  // This is called before profile is detroyed.
+  // This is called before profile is destroyed.
  void OnProfileDestroyed();

  TokenHandleUtil* token_handle_util_ = nullptr;
@@ -68,8 +67,7 @@ class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate {
  base::TimeTicks tokeninfo_response_start_time_ = base::TimeTicks();
  TokenFetchingCallback callback_;
  std::unique_ptr<gaia::GaiaOAuthClient> gaia_client_;
-  std::unique_ptr<signin::PrimaryAccountAccessTokenFetcher>
-      access_token_fetcher_;
+  std::unique_ptr<signin::AccessTokenFetcher> access_token_fetcher_;
  std::unique_ptr<KeyedServiceShutdownNotifier::Subscription>
      profile_shutdown_notification_;