Make |ArcBackgroundAuthCodeFetcher| work for Secondary Accounts

|ArcBackgroundAuthCodeFetcher| assumes that an auth code can only be fetched for the Device Account. This assumption is no longer true. Make |ArcBackgroundAuthCodeFetcher| accept |account_id| as a parameter so that it can be used for Secondary Accounts too. Bug: 871690 Test: browser_tests --gtest_filter="*ArcAuthServiceTest*" Change-Id: I6deb6cff545a516e1842c6cba3fb0cd68defd653 Reviewed-on: https://chromium-review.googlesource.com/1172122 Commit-Queue: Kush Sinha <sinhak@chromium.org> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Reviewed-by: Hidehiko Abe <hidehiko@chromium.org> Reviewed-by: Lutz Justen <ljusten@chromium.org> Cr-Commit-Position: refs/heads/master@{#585457}

Make |ArcBackgroundAuthCodeFetcher| work for Secondary Accounts
|ArcBackgroundAuthCodeFetcher| assumes that an auth code can only be fetched for the Device Account. This assumption is no longer true. Make |ArcBackgroundAuthCodeFetcher| accept |account_id| as a parameter so that it can be used for Secondary Accounts too. Bug: 871690 Test: browser_tests --gtest_filter="*ArcAuthServiceTest*" Change-Id: I6deb6cff545a516e1842c6cba3fb0cd68defd653 Reviewed-on: https://chromium-review.googlesource.com/1172122 Commit-Queue: Kush Sinha <sinhak@chromium.org> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Reviewed-by: Hidehiko Abe <hidehiko@chromium.org> Reviewed-by: Lutz Justen <ljusten@chromium.org> Cr-Commit-Position: refs/heads/master@{#585457}
57e3fb87 · Kushagra Sinha · Commit Bot · ac040567 · 57e3fb87 · 57e3fb87
Commit 57e3fb87 authored Aug 23, 2018 by Kushagra Sinha Committed by Commit Bot Aug 23, 2018
5 changed files
--- a/chrome/browser/chromeos/arc/auth/arc_auth_context.cc
+++ b/chrome/browser/chromeos/arc/auth/arc_auth_context.cc
@@ -6,14 +6,13 @@

 #include <utility>

+#include "base/stl_util.h"
 #include "base/strings/stringprintf.h"
 #include "chrome/browser/chromeos/arc/arc_support_host.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
-#include "chrome/browser/signin/signin_manager_factory.h"
 #include "chrome/browser/ui/app_list/arc/arc_app_utils.h"
 #include "components/signin/core/browser/profile_oauth2_token_service.h"
-#include "components/signin/core/browser/signin_manager_base.h"
 #include "content/public/common/url_constants.h"
 #include "google_apis/gaia/gaia_auth_fetcher.h"
 #include "google_apis/gaia/gaia_constants.h"
@@ -56,14 +55,12 @@ constexpr net::BackoffEntry::Policy kRetryBackoffPolicy = {

 }  // namespace

-ArcAuthContext::ArcAuthContext(Profile* profile)
-    : profile_(profile), retry_backoff_(&kRetryBackoffPolicy) {
-  // Get token service and account ID to fetch auth tokens.
-  token_service_ = ProfileOAuth2TokenServiceFactory::GetForProfile(profile);
-  const SigninManagerBase* const signin_manager =
-      SigninManagerFactory::GetForProfile(profile);
-  CHECK(token_service_ && signin_manager);
-  account_id_ = signin_manager->GetAuthenticatedAccountId();
+ArcAuthContext::ArcAuthContext(Profile* profile, const std::string& account_id)
+    : profile_(profile),
+      account_id_(account_id),
+      token_service_(ProfileOAuth2TokenServiceFactory::GetForProfile(profile)),
+      retry_backoff_(&kRetryBackoffPolicy) {
+  DCHECK(base::ContainsValue(token_service_->GetAccounts(), account_id_));
 }

 ArcAuthContext::~ArcAuthContext() {

--- a/chrome/browser/chromeos/arc/auth/arc_auth_context.h
+++ b/chrome/browser/chromeos/arc/auth/arc_auth_context.h
@@ -27,7 +27,11 @@ class ArcAuthContext : public UbertokenConsumer,
                       public GaiaAuthConsumer,
                       public OAuth2TokenService::Observer {
 public:
-  explicit ArcAuthContext(Profile* profile);
+  // Creates an |ArcAuthContext| for the given |account_id|. This |account_id|
+  // must be the |account_id| used by the OAuth Token Service chain.
+  // Note: |account_id| can be the Device Account or a Secondary Account stored
+  // in Chrome OS Account Manager.
+  ArcAuthContext(Profile* profile, const std::string& account_id);
  ~ArcAuthContext() override;

  ProfileOAuth2TokenService* token_service() { return token_service_; }
@@ -68,9 +72,8 @@ class ArcAuthContext : public UbertokenConsumer,

  // Unowned pointer.
  Profile* const profile_;
-  ProfileOAuth2TokenService* token_service_;
-
-  std::string account_id_;
+  const std::string account_id_;
+  ProfileOAuth2TokenService* const token_service_;

  // Whether the merge session should be skipped. Set to true only in testing.
  bool skip_merge_session_for_testing_ = false;

--- a/chrome/browser/chromeos/arc/auth/arc_auth_service.cc
+++ b/chrome/browser/chromeos/arc/auth/arc_auth_service.cc
@@ -36,6 +36,7 @@
 #include "components/arc/arc_supervision_transition.h"
 #include "components/arc/arc_util.h"
 #include "components/prefs/pref_service.h"
+#include "components/signin/core/browser/signin_manager_base.h"
 #include "components/user_manager/user_manager.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/browser_thread.h"
@@ -343,9 +344,12 @@ void ArcAuthService::RequestAccountInfo(bool initial_signin) {
    auth_code_fetcher = std::make_unique<ArcRobotAuthCodeFetcher>();
  } else {
    // Optionally retrieve auth code in silent mode.
+    const SigninManagerBase* const signin_manager =
+        SigninManagerFactory::GetForProfile(profile_);
    auto background_auth_code_fetcher =
        std::make_unique<ArcBackgroundAuthCodeFetcher>(
-            url_loader_factory_, profile_, initial_signin);
+            url_loader_factory_, profile_,
+            signin_manager->GetAuthenticatedAccountId(), initial_signin);
    if (skip_merge_session_for_testing_)
      background_auth_code_fetcher->SkipMergeSessionForTesting();


--- a/chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.cc
+++ b/chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.cc
@@ -51,11 +51,12 @@ const char kAuthTokenExchangeEndPoint[] =
 ArcBackgroundAuthCodeFetcher::ArcBackgroundAuthCodeFetcher(
    scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
    Profile* profile,
+    const std::string& account_id,
    bool initial_signin)
    : OAuth2TokenService::Consumer(kConsumerName),
      url_loader_factory_(std::move(url_loader_factory)),
      profile_(profile),
-      context_(profile_),
+      context_(profile_, account_id),
      initial_signin_(initial_signin),
      weak_ptr_factory_(this) {}

@@ -77,12 +78,12 @@ void ArcBackgroundAuthCodeFetcher::OnPrepared(

  // Get token service and account ID to fetch auth tokens.
  ProfileOAuth2TokenService* const token_service = context_.token_service();
-  const std::string& account_id = context_.account_id();
-  DCHECK(token_service->RefreshTokenIsAvailable(account_id));
+  DCHECK(token_service->RefreshTokenIsAvailable(context_.account_id()));

  OAuth2TokenService::ScopeSet scopes;
  scopes.insert(GaiaConstants::kOAuth1LoginScope);
-  login_token_request_ = token_service->StartRequest(account_id, scopes, this);
+  login_token_request_ =
+      token_service->StartRequest(context_.account_id(), scopes, this);
 }

 void ArcBackgroundAuthCodeFetcher::OnGetTokenSuccess(

--- a/chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.h
+++ b/chrome/browser/chromeos/arc/auth/arc_background_auth_code_fetcher.h
@@ -38,9 +38,11 @@ extern const char kAuthTokenExchangeEndPoint[];
 class ArcBackgroundAuthCodeFetcher : public ArcAuthCodeFetcher,
                                     public OAuth2TokenService::Consumer {
 public:
+  // |account_id| is the id used by the OAuth Token Service chain.
  ArcBackgroundAuthCodeFetcher(
      scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
      Profile* profile,
+      const std::string& account_id,
      bool initial_signin);
  ~ArcBackgroundAuthCodeFetcher() override;