Fix order of notifications to update the unconsent/sync primary account

This CL fixes the order in which the notifications to update the
primary account are being fired. The scenario that failed before
this CL was the following (covered in test
SigninManagerTest.UnconsentedPrimaryAccountUpdatedOnSyncConsentRevoked):
1. Account A and B are signed in with this order in the cookie jar.
2. Unconsented primary account: A
3. User enables sync with account B. B becomes the primary account
4. User revokes sync consent.
5. Unconsented primary account is reverted to B

Before this CL, 2 notifications were sent with primary account changed
in the wrong order:
1. { previous_state: { primary_account: gaia_id_for_me2_gmail.com,
                       consent_level:NotRequired }
     current_state: { primary_account: gaia_id_for_me_gmail.com,
                      consent_level:NotRequired } }
2. { previous_state: { primary_account: gaia_id_for_me2_gmail.com,
                       consent_level:Sync },
     current_state: { primary_account: gaia_id_for_me2_gmail.com,
                       consent_level:NotRequired } }

This CL fixes this order, and ensures that notification 2 above is
correctly sent before notification 1.

The change in the CL is fairly complex as it also updates the
SigninManager to observe OnPrimaryAccountChanged notifications which
is required as OnUnconsentedPrimaryAccountSet is deprecated.

Bug: 1163126

Change-Id: I047014ce9bc569040d44121d90670d375f8fba62
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2613971
Commit-Queue: Mihai Sardarescu <msarda@chromium.org>
Reviewed-by: Monica Basta <msalama@chromium.org>
Reviewed-by: David Roger <droger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#841999}

chrome/browser/signin/signin_manager.cc

@@ -104,8 +104,7 @@ SigninManager::ComputeUnconsentedPrimaryAccountInfo() const {
 }
 
 // signin::IdentityManager::Observer implementation.
-void SigninManager::BeforePrimaryAccountCleared(
-    const CoreAccountInfo& previous_primary_account_info) {
+void SigninManager::AfterSyncPrimaryAccountCleared() {
   // This is needed for the case where the user chooses to start syncing
   // with an account that is different from the unconsented primary account
   // (not the first in cookies) but then cancels. In that case, the tokens stay

chrome/browser/signin/signin_manager.h

@@ -36,8 +36,7 @@ class SigninManager : public KeyedService,
   base::Optional<CoreAccountInfo> ComputeUnconsentedPrimaryAccountInfo() const;
 
   // signin::IdentityManager::Observer implementation.
-  void BeforePrimaryAccountCleared(
-      const CoreAccountInfo& previous_primary_account_info) override;
+  void AfterSyncPrimaryAccountCleared() override;
   void OnRefreshTokenUpdatedForAccount(
       const CoreAccountInfo& account_info) override;
   void OnRefreshTokenRemovedForAccount(

components/signin/public/identity_manager/identity_manager.cc

@@ -503,13 +503,20 @@ void IdentityManager::OnPrimaryAccountChanged(
     observer.OnPrimaryAccountChanged(event_details);
 
 #if defined(OS_ANDROID)
-  if (!java_identity_manager_)
-    return;
+  if (java_identity_manager_) {
     JNIEnv* env = base::android::AttachCurrentThread();
     Java_IdentityManager_onPrimaryAccountChanged(
         env, java_identity_manager_,
         ConvertToJavaPrimaryAccountChangeEvent(env, event_details));
+  }
 #endif
+
+  if (event_details.GetEventTypeFor(ConsentLevel::kSync) ==
+      PrimaryAccountChangeEvent::Type::kCleared) {
+    for (auto& observer : observer_list_) {
+      observer.AfterSyncPrimaryAccountCleared();
+    }
+  }
 }
 
 void IdentityManager::FirePrimaryAccountSet(
@@ -536,10 +543,6 @@ void IdentityManager::FirePrimaryAccountCleared(
       event_details.GetPreviousState().primary_account;
   DCHECK(!HasPrimaryAccount());
   DCHECK(!account_info.IsEmpty());
-  for (auto& observer : observer_list_) {
-    observer.BeforePrimaryAccountCleared(account_info);
-  }
-
   for (auto& observer : observer_list_) {
     observer.OnPrimaryAccountCleared(account_info);
   }

components/signin/public/identity_manager/identity_manager.h

@@ -94,12 +94,12 @@ class IdentityManager : public KeyedService,
         const CoreAccountInfo& previous_primary_account_info) {}
 
     // TODO(crbug.com/1046746): Move to |SigninClient|.
-    // Called Before notifying all the observers of |OnPrimaryAccountCleared|.
-    // |OnPrimaryAccountCleared| should be used instead in general.This function
-    // should be used carefully, as the value of the unconsented primary account
-    // is not properly defined when it is run and can be changed meanwhile.
-    virtual void BeforePrimaryAccountCleared(
-        const CoreAccountInfo& previous_primary_account_info) {}
+    // Called After notifying all the observers of |OnPrimaryAccountChanged|
+    // if the sync primary account was cleared.
+    //
+    // Note: This function is only intended to be used by the signin code.
+    // General observers should use |OnPrimaryAccountChanged|.
+    virtual void AfterSyncPrimaryAccountCleared() {}
 
     // When the unconsented primary account (see ./README.md) of the user
     // changes, this callback gets called with the new account as