arc: Add network traffic annotation for auth code request.

Bug: 786349 Test: Manually. ARC can be started. Change-Id: I4bbe58284642b8792095088dea7ccc6b9f337976 Reviewed-on: https://chromium-review.googlesource.com/792259 Commit-Queue: Yury Khmel <khmel@google.com> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Cr-Commit-Position: refs/heads/master@{#519754}

arc: Add network traffic annotation for auth code request.
Bug: 786349 Test: Manually. ARC can be started. Change-Id: I4bbe58284642b8792095088dea7ccc6b9f337976 Reviewed-on: https://chromium-review.googlesource.com/792259 Commit-Queue: Yury Khmel <khmel@google.com> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Cr-Commit-Position: refs/heads/master@{#519754}
48aee9ac · khmel · Commit Bot · fd5e6f0a · 48aee9ac
Commit 48aee9ac authored Nov 28, 2017 by khmel Committed by Commit Bot Nov 28, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 31 additions and 4 deletions

chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.cc ...ser/chromeos/arc/auth/arc_background_auth_code_fetcher.cc +31 -4

No files found.
--- a/chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.cc
+++ b/chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.cc
@@ -101,12 +101,39 @@ void ArcBackgroundAuthCodeFetcher::OnGetTokenSuccess(
  std::string request_string;
  base::JSONWriter::Write(request_data, &request_string);
-  auth_code_fetcher_ = net::URLFetcher::Create(
+  const net::NetworkTrafficAnnotationTag traffic_annotation =
-      0, GURL(kAuthTokenExchangeEndPoint), net::URLFetcher::POST, this);
+      net::DefineNetworkTrafficAnnotation("arc_auth_code_fetcher", R"(
+        semantics {
+          sender: "ARC auth code fetcher"
+          description:
+            "Fetches auth code to be used for Google Play Store sign-in."
+          trigger:
+            "The user or administrator initially enables Google Play Store on "
+            "the device, and Google Play Store requests authorization code for "
+            "account setup. This is also triggered when the Google Play Store "
+            "detects that current credentials are revoked or invalid and "
+            "requests extra authorization code for the account re-sign in."
+          data:
+            "Device id and access token."
+          destination: GOOGLE_OWNED_SERVICE
+        }
+        policy {
+          cookies_allowed: NO
+          setting:
+            "There's no direct Chromium's setting to disable this, but you can "
+            "remove Google Play Store in Chrome's settings under the Google "
+            "Play Store section if this is allowed by policy."
+          policy_exception_justification: "Not implemented."
+        })");
+  auth_code_fetcher_ =
+      net::URLFetcher::Create(0, GURL(kAuthTokenExchangeEndPoint),
+                              net::URLFetcher::POST, this, traffic_annotation);
  auth_code_fetcher_->SetRequestContext(request_context_getter_);
  auth_code_fetcher_->SetUploadData(kContentTypeJSON, request_string);
-  auth_code_fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE |
+  auth_code_fetcher_->SetLoadFlags(
-                                   net::LOAD_BYPASS_CACHE);
+      net::LOAD_DISABLE_CACHE | net::LOAD_BYPASS_CACHE |
+      net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SAVE_COOKIES);
  auth_code_fetcher_->SetAutomaticallyRetryOnNetworkChanges(
      kGetAuthCodeNetworkRetry);
  auth_code_fetcher_->SetExtraRequestHeaders(kGetAuthCodeHeaders);