Remove ShellOAuth2TokenService

This class is not used: (1) app_shell is defunct as a product (2) no tests rely on the class Its presence is a hindrance to an upcoming effort to internalize OAuth2TokenService behind IdentityManager. This change was originally authored by Colin Blundell<blundell@chromium.org> Bug: 967598 Change-Id: I7e353d891518d1626eb2e4d83294c6ca223b0d0c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1635120 Commit-Queue: Julie Jeongeun Kim <jkim@igalia.com> Reviewed-by: Michael Giuffrida <michaelpg@chromium.org> Cr-Commit-Position: refs/heads/master@{#666226}

Remove ShellOAuth2TokenService
This class is not used: (1) app_shell is defunct as a product (2) no tests rely on the class Its presence is a hindrance to an upcoming effort to internalize OAuth2TokenService behind IdentityManager. This change was originally authored by Colin Blundell<blundell@chromium.org> Bug: 967598 Change-Id: I7e353d891518d1626eb2e4d83294c6ca223b0d0c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1635120 Commit-Queue: Julie Jeongeun Kim <jkim@igalia.com> Reviewed-by: Michael Giuffrida <michaelpg@chromium.org> Cr-Commit-Position: refs/heads/master@{#666226}
6cf8f5fc · Julie Jeongeun Kim · Commit Bot · 9e6ad313 · 6cf8f5fc · 6cf8f5fc
Commit 6cf8f5fc authored Jun 05, 2019 by Julie Jeongeun Kim Committed by Commit Bot Jun 05, 2019
17 changed files
--- a/extensions/shell/BUILD.gn
+++ b/extensions/shell/BUILD.gn
@@ -65,7 +65,6 @@ source_set("app_shell_lib") {
    "//extensions/shell/browser/system_logs",
    "//extensions/shell/common/api",
    "//extensions/shell/common/api:extensions_features",
-    "//google_apis",
    "//third_party/blink/public:blink",
    "//ui/base",
    "//ui/base/ime/init",
@@ -149,10 +148,6 @@ source_set("app_shell_lib") {
    "browser/shell_network_controller_chromeos.h",
    "browser/shell_network_delegate.cc",
    "browser/shell_network_delegate.h",
-    "browser/shell_oauth2_token_service.cc",
-    "browser/shell_oauth2_token_service.h",
-    "browser/shell_oauth2_token_service_delegate.cc",
-    "browser/shell_oauth2_token_service_delegate.h",
    "browser/shell_prefs.cc",
    "browser/shell_prefs.h",
    "browser/shell_special_storage_policy.cc",
@@ -289,7 +284,6 @@ test("app_shell_unittests") {
    "browser/shell_content_browser_client_unittest.cc",
    "browser/shell_extension_loader_unittest.cc",
    "browser/shell_keep_alive_requester_unittest.cc",
-    "browser/shell_oauth2_token_service_unittest.cc",
    "browser/shell_prefs_unittest.cc",
    "browser/system_logs/shell_system_logs_fetcher_unittest.cc",
    "test/shell_test_extensions_browser_client.cc",
@@ -320,7 +314,6 @@ test("app_shell_unittests") {
    "//extensions/common",
    "//extensions/common/api",
    "//extensions/shell/browser/system_logs",
-    "//google_apis",
    "//testing/gtest",
    "//ui/gl:test_support",
    "//ui/platform_window",

--- a/extensions/shell/browser/DEPS
+++ b/extensions/shell/browser/DEPS
@@ -24,8 +24,6 @@ include_rules = [

  "+gin",

-  "+google_apis/gaia",
-
  "+net",

  "+ppapi",

--- a/extensions/shell/browser/api/identity/DEPS
+++ b/extensions/shell/browser/api/identity/DEPS
-include_rules = [
-  "+services/network/public/cpp",
-]
--- a/extensions/shell/browser/api/identity/identity_api.cc
+++ b/extensions/shell/browser/api/identity/identity_api.cc
@@ -4,152 +4,16 @@

 #include "extensions/shell/browser/api/identity/identity_api.h"

-#include <set>
-#include <string>
-
-#include "base/guid.h"
-#include "content/public/browser/browser_context.h"
-#include "content/public/browser/storage_partition.h"
-#include "extensions/common/manifest_handlers/oauth2_manifest_handler.h"
-#include "extensions/shell/browser/shell_oauth2_token_service.h"
 #include "extensions/shell/common/api/identity.h"
-#include "google_apis/gaia/gaia_auth_util.h"

 namespace extensions {
 namespace shell {

-namespace {
-const char kIdentityApiId[] = "identity_api";
-const char kErrorNoUserAccount[] = "No user account.";
-const char kErrorNoRefreshToken[] = "No refresh token.";
-const char kErrorNoScopesInManifest[] = "No scopes in manifest.";
-const char kErrorUserPermissionRequired[] =
-    "User permission required but not available in app_shell";
-}  // namespace
-
-IdentityAPI::IdentityAPI(content::BrowserContext* context)
-    : device_id_(base::GenerateGUID()) {
-}
-
-IdentityAPI::~IdentityAPI() {
-}
-
-// static
-IdentityAPI* IdentityAPI::Get(content::BrowserContext* context) {
-  return BrowserContextKeyedAPIFactory<IdentityAPI>::Get(context);
-}
-
-// static
-BrowserContextKeyedAPIFactory<IdentityAPI>* IdentityAPI::GetFactoryInstance() {
-  static base::LazyInstance<
-      BrowserContextKeyedAPIFactory<IdentityAPI>>::DestructorAtExit factory =
-      LAZY_INSTANCE_INITIALIZER;
-  return factory.Pointer();
-}
-
-///////////////////////////////////////////////////////////////////////////////
-
-IdentityGetAuthTokenFunction::IdentityGetAuthTokenFunction()
-    : OAuth2TokenService::Consumer(kIdentityApiId) {
-}
-
-IdentityGetAuthTokenFunction::~IdentityGetAuthTokenFunction() {
-}
-
-void IdentityGetAuthTokenFunction::SetMintTokenFlowForTesting(
-    OAuth2MintTokenFlow* flow) {
-  mint_token_flow_.reset(flow);
-}
-
-ExtensionFunction::ResponseAction IdentityGetAuthTokenFunction::Run() {
-  std::unique_ptr<api::identity::GetAuthToken::Params> params(
-      api::identity::GetAuthToken::Params::Create(*args_));
-  EXTENSION_FUNCTION_VALIDATE(params.get());
-
-  ShellOAuth2TokenService* service = ShellOAuth2TokenService::GetInstance();
-  std::string account_id = service->AccountId();
-  if (account_id.empty())
-    return RespondNow(Error(kErrorNoUserAccount));
-
-  if (!service->RefreshTokenIsAvailable(account_id))
-    return RespondNow(Error(kErrorNoRefreshToken));
-
-  // Verify that we have scopes.
-  const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(extension());
-  if (oauth2_info.scopes.empty())
-    return RespondNow(Error(kErrorNoScopesInManifest));
-
-  // Balanced in OnGetTokenFailure() and in the OAuth2MintTokenFlow callbacks.
-  AddRef();
-
-  // First, fetch a logged-in-user access token for the Chrome project client ID
-  // and client secret. This token is used later to get a second access token
-  // that will be returned to the app.
-  std::set<std::string> no_scopes;
-  access_token_request_ =
-      service->StartRequest(service->AccountId(), no_scopes, this);
-  return RespondLater();
-}
-
-void IdentityGetAuthTokenFunction::OnGetTokenSuccess(
-    const OAuth2TokenService::Request* request,
-    const OAuth2AccessTokenConsumer::TokenResponse& token_response) {
-  // Tests may override the mint token flow.
-  if (!mint_token_flow_) {
-    const OAuth2Info& oauth2_info = OAuth2Info::GetOAuth2Info(extension());
-    DCHECK(!oauth2_info.scopes.empty());
-
-    mint_token_flow_.reset(new OAuth2MintTokenFlow(
-        this,
-        OAuth2MintTokenFlow::Parameters(
-            extension()->id(),
-            oauth2_info.client_id,
-            oauth2_info.scopes,
-            IdentityAPI::Get(browser_context())->device_id(),
-            OAuth2MintTokenFlow::MODE_MINT_TOKEN_FORCE)));
-  }
-
-  // Use the logging-in-user access token to mint an access token for this app.
-  mint_token_flow_->Start(
-      content::BrowserContext::GetDefaultStoragePartition(browser_context())
-          ->GetURLLoaderFactoryForBrowserProcess(),
-      token_response.access_token);
-}
-
-void IdentityGetAuthTokenFunction::OnGetTokenFailure(
-    const OAuth2TokenService::Request* request,
-    const GoogleServiceAuthError& error) {
-  Respond(Error(error.ToString()));
-  Release();  // Balanced in Run().
-}
-
-void IdentityGetAuthTokenFunction::OnMintTokenSuccess(
-    const std::string& access_token,
-    int time_to_live) {
-  Respond(OneArgument(std::make_unique<base::Value>(access_token)));
-  Release();  // Balanced in Run().
-}
-
-void IdentityGetAuthTokenFunction::OnIssueAdviceSuccess(
-    const IssueAdviceInfo& issue_advice) {
-  Respond(Error(kErrorUserPermissionRequired));
-  Release();  // Balanced in Run().
-}
-
-void IdentityGetAuthTokenFunction::OnMintTokenFailure(
-    const GoogleServiceAuthError& error) {
-  Respond(Error(error.ToString()));
-  Release();  // Balanced in Run().
-}
-
-///////////////////////////////////////////////////////////////////////////////
-
-IdentityRemoveCachedAuthTokenFunction::IdentityRemoveCachedAuthTokenFunction() {
-}
+IdentityRemoveCachedAuthTokenFunction::IdentityRemoveCachedAuthTokenFunction() =
+    default;

 IdentityRemoveCachedAuthTokenFunction::
-    ~IdentityRemoveCachedAuthTokenFunction() {
-}
+    ~IdentityRemoveCachedAuthTokenFunction() = default;

 ExtensionFunction::ResponseAction IdentityRemoveCachedAuthTokenFunction::Run() {
  std::unique_ptr<api::identity::RemoveCachedAuthToken::Params> params(

--- a/extensions/shell/browser/api/identity/identity_api.h
+++ b/extensions/shell/browser/api/identity/identity_api.h
@@ -5,83 +5,12 @@
 #ifndef EXTENSIONS_SHELL_BROWSER_API_IDENTITY_IDENTITY_API_H_
 #define EXTENSIONS_SHELL_BROWSER_API_IDENTITY_IDENTITY_API_H_

-#include <string>
-
 #include "base/macros.h"
-#include "extensions/browser/browser_context_keyed_api_factory.h"
 #include "extensions/browser/extension_function.h"
-#include "google_apis/gaia/oauth2_mint_token_flow.h"
-#include "google_apis/gaia/oauth2_token_service.h"

 namespace extensions {
 namespace shell {

-// Storage for data used across identity function invocations.
-class IdentityAPI : public BrowserContextKeyedAPI {
- public:
-  explicit IdentityAPI(content::BrowserContext* context);
-  ~IdentityAPI() override;
-
-  static IdentityAPI* Get(content::BrowserContext* context);
-
-  const std::string& device_id() const { return device_id_; }
-
-  // BrowserContextKeyedAPI:
-  static BrowserContextKeyedAPIFactory<IdentityAPI>* GetFactoryInstance();
-  static const char* service_name() { return "IdentityAPI"; }
-
- private:
-  friend class BrowserContextKeyedAPIFactory<IdentityAPI>;
-
-  // A GUID identifying this device.
-  // TODO(jamescook): Make this GUID stable across runs of the app, perhaps by
-  // storing it in a pref.
-  const std::string device_id_;
-};
-
-// Returns an OAuth2 access token for a user. See the IDL file for
-// documentation.
-class IdentityGetAuthTokenFunction : public UIThreadExtensionFunction,
-                                     public OAuth2TokenService::Consumer,
-                                     public OAuth2MintTokenFlow::Delegate {
- public:
-  DECLARE_EXTENSION_FUNCTION("identity.getAuthToken", UNKNOWN)
-
-  IdentityGetAuthTokenFunction();
-
-  // Takes ownership.
-  void SetMintTokenFlowForTesting(OAuth2MintTokenFlow* flow);
-
- protected:
-  ~IdentityGetAuthTokenFunction() override;
-
-  // ExtensionFunction:
-  ResponseAction Run() override;
-
-  // OAuth2TokenService::Consumer:
-  void OnGetTokenSuccess(
-      const OAuth2TokenService::Request* request,
-      const OAuth2AccessTokenConsumer::TokenResponse& token_response) override;
-  void OnGetTokenFailure(const OAuth2TokenService::Request* request,
-                         const GoogleServiceAuthError& error) override;
-
-  // OAuth2MintTokenFlow::Delegate:
-  void OnMintTokenSuccess(const std::string& access_token,
-                          int time_to_live) override;
-  void OnIssueAdviceSuccess(const IssueAdviceInfo& issue_advice) override;
-  void OnMintTokenFailure(const GoogleServiceAuthError& error) override;
-
- private:
-  // A pending token fetch request to get a login-scoped access token for the
-  // current user for the Chrome project id.
-  std::unique_ptr<OAuth2TokenService::Request> access_token_request_;
-
-  // A request for an access token for the current app and its scopes.
-  std::unique_ptr<OAuth2MintTokenFlow> mint_token_flow_;
-
-  DISALLOW_COPY_AND_ASSIGN(IdentityGetAuthTokenFunction);
-};
-
 // Stub. See the IDL file for documentation.
 class IdentityRemoveCachedAuthTokenFunction : public UIThreadExtensionFunction {
 public:

--- a/extensions/shell/browser/api/identity/identity_api_unittest.cc
+++ b/extensions/shell/browser/api/identity/identity_api_unittest.cc
@@ -4,59 +4,14 @@

 #include "extensions/shell/browser/api/identity/identity_api.h"

-#include <memory>
-#include <string>
-#include <utility>
-
 #include "base/values.h"
 #include "extensions/browser/api_unittest.h"
 #include "extensions/common/extension_builder.h"
 #include "extensions/common/value_builder.h"
-#include "extensions/shell/browser/shell_oauth2_token_service.h"
-#include "google_apis/gaia/oauth2_mint_token_flow.h"
-#include "services/network/public/cpp/shared_url_loader_factory.h"

 namespace extensions {
 namespace shell {

-// A ShellOAuth2TokenService that does not make network requests.
-class MockShellOAuth2TokenService : public ShellOAuth2TokenService {
- public:
-  // The service starts with no account id or refresh token.
-  MockShellOAuth2TokenService() : ShellOAuth2TokenService("", "") {}
-  ~MockShellOAuth2TokenService() override {}
-
-  // OAuth2TokenService:
-  std::unique_ptr<Request> StartRequest(const std::string& account_id,
-                                        const ScopeSet& scopes,
-                                        Consumer* consumer) override {
-    // Immediately return success.
-    consumer->OnGetTokenSuccess(
-        nullptr, OAuth2AccessTokenConsumer::TokenResponse(
-                     "logged-in-user-token", base::Time(), std::string()));
-    return nullptr;
-  }
-};
-
-// A mint token flow that immediately returns a known access token when started.
-class MockOAuth2MintTokenFlow : public OAuth2MintTokenFlow {
- public:
-  explicit MockOAuth2MintTokenFlow(Delegate* delegate)
-      : OAuth2MintTokenFlow(delegate, Parameters()), delegate_(delegate) {}
-  ~MockOAuth2MintTokenFlow() override {}
-
-  // OAuth2ApiCallFlow:
-  void Start(scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
-             const std::string& access_token) override {
-    EXPECT_EQ("logged-in-user-token", access_token);
-    delegate_->OnMintTokenSuccess("app-access-token", 12345);
-  }
-
- private:
-  // Cached here so OAuth2MintTokenFlow does not have to expose its delegate.
-  Delegate* delegate_;
-};
-
 class IdentityApiTest : public ApiUnitTest {
 public:
  IdentityApiTest() {}
@@ -77,43 +32,9 @@ class IdentityApiTest : public ApiUnitTest {
  }
 };

-// Verifies that the getAuthToken function exists and can be called without
-// crashing.
-TEST_F(IdentityApiTest, GetAuthTokenNoRefreshToken) {
-  MockShellOAuth2TokenService token_service;
-
-  // Calling getAuthToken() before a refresh token is available causes an error.
-  std::string error =
-      RunFunctionAndReturnError(new IdentityGetAuthTokenFunction, "[{}]");
-  EXPECT_FALSE(error.empty());
-}
-
-// Verifies that getAuthToken() returns an app access token.
-TEST_F(IdentityApiTest, GetAuthToken) {
-  MockShellOAuth2TokenService token_service;
-
-  // Simulate a refresh token being set.
-  token_service.SetRefreshToken("larry@google.com", "refresh-token");
-
-  // RunFunctionAndReturnValue takes ownership.
-  IdentityGetAuthTokenFunction* function = new IdentityGetAuthTokenFunction;
-  function->SetMintTokenFlowForTesting(new MockOAuth2MintTokenFlow(function));
-
-  // Function succeeds and returns a token (for its callback).
-  std::unique_ptr<base::Value> result =
-      RunFunctionAndReturnValue(function, "[{}]");
-  ASSERT_TRUE(result.get());
-  std::string value;
-  result->GetAsString(&value);
-  EXPECT_NE("logged-in-user-token", value);
-  EXPECT_EQ("app-access-token", value);
-}
-
 // Verifies that the removeCachedAuthToken function exists and can be called
 // without crashing.
 TEST_F(IdentityApiTest, RemoveCachedAuthToken) {
-  MockShellOAuth2TokenService token_service;
-
  // Function succeeds and returns nothing (for its callback).
  std::unique_ptr<base::Value> result = RunFunctionAndReturnValue(
      new IdentityRemoveCachedAuthTokenFunction, "[{}]");

--- a/extensions/shell/browser/shell_browser_context_keyed_service_factories.cc
+++ b/extensions/shell/browser/shell_browser_context_keyed_service_factories.cc
@@ -12,8 +12,6 @@ namespace extensions {
 namespace shell {

 void EnsureBrowserContextKeyedServiceFactoriesBuilt() {
-  IdentityAPI::GetFactoryInstance();
-
  // TODO(rockot): Remove this once UpdateService is supported across all
  // extensions embedders (and namely chrome.)
  UpdateServiceFactory::GetInstance();

--- a/extensions/shell/browser/shell_browser_main_parts.cc
+++ b/extensions/shell/browser/shell_browser_main_parts.cc
@@ -36,7 +36,6 @@
 #include "extensions/shell/browser/shell_extension_system.h"
 #include "extensions/shell/browser/shell_extension_system_factory.h"
 #include "extensions/shell/browser/shell_extensions_browser_client.h"
-#include "extensions/shell/browser/shell_oauth2_token_service.h"
 #include "extensions/shell/browser/shell_prefs.h"
 #include "extensions/shell/browser/shell_update_query_params_delegate.h"
 #include "extensions/shell/common/shell_extensions_client.h"
@@ -230,12 +229,6 @@ void ShellBrowserMainParts::PreMainMessageLoopRun() {

  InitExtensionSystem();

-  // Initialize OAuth2 support from command line.
-  base::CommandLine* cmd = base::CommandLine::ForCurrentProcess();
-  oauth2_token_service_.reset(new ShellOAuth2TokenService(
-      cmd->GetSwitchValueASCII(switches::kAppShellUser),
-      cmd->GetSwitchValueASCII(switches::kAppShellRefreshToken)));
-
 #if BUILDFLAG(ENABLE_NACL)
  nacl::NaClBrowser::SetDelegate(
      std::make_unique<ShellNaClBrowserDelegate>(browser_context_.get()));
@@ -249,7 +242,8 @@ void ShellBrowserMainParts::PreMainMessageLoopRun() {
  content::ShellDevToolsManagerDelegate::StartHttpHandler(
      browser_context_.get());

-  if (cmd->HasSwitch(::switches::kBrowserCrashTest))
+  if (base::CommandLine::ForCurrentProcess()->HasSwitch(
+          ::switches::kBrowserCrashTest))
    CrashForTest();

  if (parameters_.ui_task) {
@@ -282,7 +276,6 @@ void ShellBrowserMainParts::PostMainMessageLoopRun() {
  task_tracker_.TryCancelAll();
 #endif

-  oauth2_token_service_.reset();
  BrowserContextDependencyManager::GetInstance()->DestroyBrowserContextServices(
      browser_context_.get());
  extension_system_ = NULL;

--- a/extensions/shell/browser/shell_browser_main_parts.h
+++ b/extensions/shell/browser/shell_browser_main_parts.h
@@ -29,7 +29,6 @@ class ShellBrowserMainDelegate;
 class ShellExtensionsClient;
 class ShellExtensionsBrowserClient;
 class ShellExtensionSystem;
-class ShellOAuth2TokenService;
 class ShellUpdateQueryParamsDelegate;

 #if defined(OS_CHROMEOS)
@@ -80,7 +79,6 @@ class ShellBrowserMainParts : public content::BrowserMainParts {
  std::unique_ptr<ShellExtensionsClient> extensions_client_;
  std::unique_ptr<ShellExtensionsBrowserClient> extensions_browser_client_;
  std::unique_ptr<ShellUpdateQueryParamsDelegate> update_query_params_delegate_;
-  std::unique_ptr<ShellOAuth2TokenService> oauth2_token_service_;

  // Owned by the KeyedService system.
  ShellExtensionSystem* extension_system_;

--- a/extensions/shell/browser/shell_oauth2_token_service.cc
+++ b/extensions/shell/browser/shell_oauth2_token_service.cc
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "extensions/shell/browser/shell_oauth2_token_service.h"
-
-#include "base/logging.h"
-#include "content/public/browser/browser_thread.h"
-#include "extensions/shell/browser/shell_oauth2_token_service_delegate.h"
-
-namespace extensions {
-namespace {
-
-ShellOAuth2TokenService* g_instance = nullptr;
-
-}  // namespace
-
-ShellOAuth2TokenService::ShellOAuth2TokenService(std::string account_id,
-                                                 std::string refresh_token)
-    : OAuth2TokenService(
-          std::make_unique<ShellOAuth2TokenServiceDelegate>(account_id,
-                                                            refresh_token)) {
-  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
-  DCHECK(!g_instance);
-  g_instance = this;
-}
-
-ShellOAuth2TokenService::~ShellOAuth2TokenService() {
-  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
-  DCHECK(g_instance);
-  g_instance = nullptr;
-}
-
-// static
-ShellOAuth2TokenService* ShellOAuth2TokenService::GetInstance() {
-  DCHECK(g_instance);
-  return g_instance;
-}
-
-void ShellOAuth2TokenService::SetRefreshToken(
-    const std::string& account_id,
-    const std::string& refresh_token) {
-  GetDelegate()->UpdateCredentials(account_id, refresh_token);
-}
-
-std::string ShellOAuth2TokenService::AccountId() const {
-  return GetAccounts()[0];
-}
-
-}  // namespace extensions
--- a/extensions/shell/browser/shell_oauth2_token_service.h
+++ b/extensions/shell/browser/shell_oauth2_token_service.h
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef EXTENSIONS_SHELL_BROWSER_SHELL_OAUTH2_TOKEN_SERVICE_H_
-#define EXTENSIONS_SHELL_BROWSER_SHELL_OAUTH2_TOKEN_SERVICE_H_
-
-#include <string>
-
-#include "base/macros.h"
-#include "google_apis/gaia/oauth2_token_service.h"
-
-namespace extensions {
-
-// Requests OAuth2 access tokens for app_shell. Requires the OAuth2 refresh
-// token to be set explicitly. Only stores a single refresh token for a single
-// user account. Created and accessed on the UI thread. Only one instance is
-// allowed.
-class ShellOAuth2TokenService : public OAuth2TokenService {
- public:
-  ShellOAuth2TokenService(std::string account_id, std::string refresh_token);
-  ~ShellOAuth2TokenService() override;
-
-  // Returns the single instance for app_shell.
-  static ShellOAuth2TokenService* GetInstance();
-
-  void SetRefreshToken(const std::string& account_id,
-                       const std::string& refresh_token);
-
-  std::string AccountId() const;
-
-  DISALLOW_COPY_AND_ASSIGN(ShellOAuth2TokenService);
-};
-
-}  // namespace extensions
-
-#endif  // EXTENSIONS_SHELL_BROWSER_SHELL_OAUTH2_TOKEN_SERVICE_H_
--- a/extensions/shell/browser/shell_oauth2_token_service_delegate.cc
+++ b/extensions/shell/browser/shell_oauth2_token_service_delegate.cc
-// Copyright 2015 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "extensions/shell/browser/shell_oauth2_token_service_delegate.h"
-
-#include <vector>
-
-#include "content/public/browser/storage_partition.h"
-
-namespace extensions {
-
-ShellOAuth2TokenServiceDelegate::ShellOAuth2TokenServiceDelegate(
-    std::string account_id,
-    std::string refresh_token)
-    : account_id_(account_id), refresh_token_(refresh_token) {}
-
-ShellOAuth2TokenServiceDelegate::~ShellOAuth2TokenServiceDelegate() {
-}
-
-bool ShellOAuth2TokenServiceDelegate::RefreshTokenIsAvailable(
-    const std::string& account_id) const {
-  if (account_id != account_id_)
-    return false;
-
-  return !refresh_token_.empty();
-}
-
-OAuth2AccessTokenFetcher*
-ShellOAuth2TokenServiceDelegate::CreateAccessTokenFetcher(
-    const std::string& account_id,
-    scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
-    OAuth2AccessTokenConsumer* consumer) {
-  DCHECK_EQ(account_id, account_id_);
-  DCHECK(!refresh_token_.empty());
-  return new OAuth2AccessTokenFetcherImpl(consumer, url_loader_factory,
-                                          refresh_token_);
-}
-
-std::vector<std::string> ShellOAuth2TokenServiceDelegate::GetAccounts() {
-  std::vector<std::string> accounts;
-  accounts.push_back(account_id_);
-  return accounts;
-}
-
-void ShellOAuth2TokenServiceDelegate::UpdateCredentials(
-    const std::string& account_id,
-    const std::string& refresh_token) {
-  account_id_ = account_id;
-  refresh_token_ = refresh_token;
-}
-
-}  // namespace extensions
--- a/extensions/shell/browser/shell_oauth2_token_service_delegate.h
+++ b/extensions/shell/browser/shell_oauth2_token_service_delegate.h
-// Copyright 2015 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef EXTENSIONS_SHELL_BROWSER_SHELL_OAUTH2_TOKEN_SERVICE_DELEGATE_H_
-#define EXTENSIONS_SHELL_BROWSER_SHELL_OAUTH2_TOKEN_SERVICE_DELEGATE_H_
-
-#include <string>
-
-#include "base/macros.h"
-#include "google_apis/gaia/oauth2_access_token_fetcher_impl.h"
-#include "google_apis/gaia/oauth2_token_service_delegate.h"
-
-namespace extensions {
-
-class ShellOAuth2TokenServiceDelegate : public OAuth2TokenServiceDelegate {
- public:
-  ShellOAuth2TokenServiceDelegate(std::string account_id,
-                                  std::string refresh_token);
-  ~ShellOAuth2TokenServiceDelegate() override;
-
-  bool RefreshTokenIsAvailable(const std::string& account_id) const override;
-
-  OAuth2AccessTokenFetcher* CreateAccessTokenFetcher(
-      const std::string& account_id,
-      scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
-      OAuth2AccessTokenConsumer* consumer) override;
-
-  std::vector<std::string> GetAccounts() override;
-
-  void UpdateCredentials(const std::string& account_id,
-                         const std::string& refresh_token) override;
-
- private:
-  // User account id, such as "foo@gmail.com".
-  std::string account_id_;
-
-  // Cached copy of an OAuth2 refresh token. Not stored on disk.
-  std::string refresh_token_;
-
-  DISALLOW_COPY_AND_ASSIGN(ShellOAuth2TokenServiceDelegate);
-};
-
-}  // namespace extensions
-#endif  // EXTENSIONS_SHELL_BROWSER_SHELL_OAUTH2_TOKEN_SERVICE_DELEGATE_H_
--- a/extensions/shell/browser/shell_oauth2_token_service_unittest.cc
+++ b/extensions/shell/browser/shell_oauth2_token_service_unittest.cc
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "extensions/shell/browser/shell_oauth2_token_service.h"
-
-#include "extensions/browser/extensions_test.h"
-
-namespace extensions {
-
-class ShellOAuth2TokenServiceTest : public ExtensionsTest {
- public:
-  ShellOAuth2TokenServiceTest() {}
-  ~ShellOAuth2TokenServiceTest() override {}
-};
-
-// Verifies setting the refresh token makes it available.
-TEST_F(ShellOAuth2TokenServiceTest, SetRefreshToken) {
-  ShellOAuth2TokenService service("larry@google.com", "token123");
-
-  // Only has a token for the account in the constructor.
-  EXPECT_EQ("larry@google.com", service.AccountId());
-  EXPECT_TRUE(service.RefreshTokenIsAvailable("larry@google.com"));
-  EXPECT_FALSE(service.RefreshTokenIsAvailable("sergey@google.com"));
-
-  service.SetRefreshToken("sergey@google.com", "token456");
-
-  // The account and refresh token have updated.
-  EXPECT_EQ("sergey@google.com", service.AccountId());
-  EXPECT_FALSE(service.RefreshTokenIsAvailable("larry@google.com"));
-  EXPECT_TRUE(service.RefreshTokenIsAvailable("sergey@google.com"));
-}
-
-}  // namespace extensions
--- a/extensions/shell/common/api/identity.idl
+++ b/extensions/shell/common/api/identity.idl
@@ -5,28 +5,15 @@
 // Simplified implementation of the <code>chrome.identity</code> for app_shell.
 namespace identity {

-  dictionary GetAuthTokenDetails {
-    // Ignored parameter. Exists only for compatibility.
-    boolean? interactive;
-  };
-
  dictionary InvalidTokenDetails {
    // Ignored parameter. Exists only for compatibility.
    DOMString? token;
  };

-  // Called with the OAuth2 access token on success or undefined on error.
-  callback GetAuthTokenCallback = void (optional DOMString token);
-  
  // Called by removeCachedAuthToken().
  callback InvalidateAuthTokenCallback = void ();

  interface Functions {
-    // Returns an OAuth2 access token for the current app_shell user for scopes
-    // from the manifest. Does not prompt the user. 
-    static void getAuthToken(GetAuthTokenDetails options,
-                             GetAuthTokenCallback callback);
-
    // Stub. Calls callback immediately because app_shell does not cache access
    // tokens the way Chrome does.
    static void removeCachedAuthToken(InvalidTokenDetails details,

--- a/extensions/shell/common/switches.cc
+++ b/extensions/shell/common/switches.cc
@@ -18,12 +18,6 @@ const char kAppShellHostWindowSize[] = "app-shell-host-window-size";
 const char kAppShellPreferredNetwork[] = "app-shell-preferred-network";
 #endif

-// Refresh token for identity API calls for the current user. Used for testing.
-const char kAppShellRefreshToken[] = "app-shell-refresh-token";
-
-// User email address of the current user.
-const char kAppShellUser[] = "app-shell-user";
-
 #if defined(OS_LINUX) && !defined(OS_CHROMEOS)
 // The directory breakpad should store minidumps in.
 const char kCrashDumpsDir[] = "crash-dumps-dir";

--- a/extensions/shell/common/switches.h
+++ b/extensions/shell/common/switches.h
@@ -17,8 +17,6 @@ extern const char kAppShellAllowRoaming[];
 extern const char kAppShellHostWindowSize[];
 extern const char kAppShellPreferredNetwork[];
 #endif
-extern const char kAppShellRefreshToken[];
-extern const char kAppShellUser[];
 #if defined(OS_LINUX) && !defined(OS_CHROMEOS)
 extern const char kCrashDumpsDir[];
 extern const char kEnableReporting[];