[s13n] Convert UserCloudPolicyTokenForwarder to PrimaryAccountAccessTokenFetcher

This is a follow up of blundell@ request in [0]. It brings no functionality, but
eliminates the need of UserCloudPolicyTokenForwarder to directly inherit from
IdentityManager::Observer.

[0] https://crrev.com/c/1299313/3/chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.cc#78

For completeness, this CL is a 4/n CL that migrates UserCloudPolicyTokenForwarder to
IdentityManager. Previous two CLs were [1], [2] and [3].

[1] https://crrev.com/c/1296873
[2] https://crrev.com/c/1298775
[3] https://crrev.com/c/1299313.

It also takes the opportunity to convert the use of OAuth2TokenService::ScopeSet
to Identity::ScopeSet (driven-by).

BUG=893504,899175

Change-Id: I907520ed211debe3fbd1a4c21b341da4b0a81dd8
Reviewed-on: https://chromium-review.googlesource.com/c/1319770Reviewed-by: Maksim Ivanov <emaxx@chromium.org>
Reviewed-by: Colin Blundell <blundell@chromium.org>
Commit-Queue: Antonio Gomes <tonikitoo@igalia.com>
Cr-Commit-Position: refs/heads/master@{#606050}

chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.cc

@@ -9,7 +9,7 @@
 #include "components/policy/core/common/cloud/cloud_policy_core.h"
 #include "content/public/browser/notification_source.h"
 #include "google_apis/gaia/gaia_constants.h"
-#include "services/identity/public/cpp/access_token_fetcher.h"
+#include "services/identity/public/cpp/primary_account_access_token_fetcher.h"
 
 namespace policy {
 
@@ -30,16 +30,9 @@ UserCloudPolicyTokenForwarder::~UserCloudPolicyTokenForwarder() {}
 
 void UserCloudPolicyTokenForwarder::Shutdown() {
   access_token_fetcher_.reset();
-  identity_manager_->RemoveObserver(this);
   manager_->core()->service()->RemoveObserver(this);
 }
 
-void UserCloudPolicyTokenForwarder::OnRefreshTokenUpdatedForAccount(
-    const AccountInfo& account_info,
-    bool is_valid) {
-  RequestAccessToken();
-}
-
 void UserCloudPolicyTokenForwarder::OnInitializationCompleted(
     CloudPolicyService* service) {
   Initialize();
@@ -49,24 +42,16 @@ void UserCloudPolicyTokenForwarder::Initialize() {
   // TODO(mnissler): Once a better way to reconfirm whether a user is on the
   // login whitelist is available, there is no reason to fetch the OAuth2 token
   // here if the client is already registered, so check and bail out here.
-
-  if (identity_manager_->HasPrimaryAccountWithRefreshToken())
-    RequestAccessToken();
-  else
-    identity_manager_->AddObserver(this);
-}
-
-void UserCloudPolicyTokenForwarder::RequestAccessToken() {
-  OAuth2TokenService::ScopeSet scopes;
+  identity::ScopeSet scopes;
   scopes.insert(GaiaConstants::kDeviceManagementServiceOAuth);
   scopes.insert(GaiaConstants::kOAuthWrapBridgeUserInfoScope);
-  access_token_fetcher_ = identity_manager_->CreateAccessTokenFetcherForAccount(
-      identity_manager_->GetPrimaryAccountId(), "policy_token_forwarder",
-      scopes,
+  access_token_fetcher_ = std::make_unique<
+      identity::PrimaryAccountAccessTokenFetcher>(
+      "policy_token_forwarder", identity_manager_, scopes,
       base::BindOnce(
           &UserCloudPolicyTokenForwarder::OnAccessTokenFetchCompleted,
           base::Unretained(this)),
-      identity::AccessTokenFetcher::Mode::kImmediate);
+      identity::PrimaryAccountAccessTokenFetcher::Mode::kWaitUntilAvailable);
 }
 
 void UserCloudPolicyTokenForwarder::OnAccessTokenFetchCompleted(
@@ -80,7 +65,7 @@ void UserCloudPolicyTokenForwarder::OnAccessTokenFetchCompleted(
     // This should seldom happen: if the user is signing in for the first time
     // then this was an online signin and network errors are unlikely; if the
     // user had already signed in before then they should have policy cached,
-    // and RequestAccessToken() wouldn't have been invoked. Still, something
+    // and Initialize() wouldn't have been invoked. Still, something
     // just went wrong (server 500, or something). Currently we don't recover in
     // this case, and we'll just try to register for policy again on the next
     // signin.

chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.h

@@ -10,11 +10,10 @@
 #include "components/keyed_service/core/keyed_service.h"
 #include "components/policy/core/common/cloud/cloud_policy_service.h"
 #include "google_apis/gaia/google_service_auth_error.h"
-#include "services/identity/public/cpp/access_token_info.h"
 #include "services/identity/public/cpp/identity_manager.h"
 
 namespace identity {
-class AccessTokenFetcher;
+class PrimaryAccountAccessTokenFetcher;
 }
 
 namespace policy {
@@ -28,7 +27,6 @@ class UserCloudPolicyManagerChromeOS;
 // much earlier.
 class UserCloudPolicyTokenForwarder
     : public KeyedService,
-      public identity::IdentityManager::Observer,
       public CloudPolicyService::Observer {
  public:
   // The factory of this PKS depends on the factories of these two arguments,
@@ -41,23 +39,18 @@ class UserCloudPolicyTokenForwarder
   // KeyedService:
   void Shutdown() override;
 
-  // IdentityManager::Observer:
-  void OnRefreshTokenUpdatedForAccount(const AccountInfo& account_info,
-                                       bool is_valid) override;
-
   // CloudPolicyService::Observer:
   void OnInitializationCompleted(CloudPolicyService* service) override;
 
  private:
   void Initialize();
-
-  void RequestAccessToken();
   void OnAccessTokenFetchCompleted(GoogleServiceAuthError error,
                                    identity::AccessTokenInfo token_info);
 
   UserCloudPolicyManagerChromeOS* manager_;
   identity::IdentityManager* identity_manager_;
-  std::unique_ptr<identity::AccessTokenFetcher> access_token_fetcher_;
+  std::unique_ptr<identity::PrimaryAccountAccessTokenFetcher>
+      access_token_fetcher_;
 
   DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyTokenForwarder);
 };