UbertokenFecther should invalidate access token if it's invalid.

Add retry with backoff to invalidate only for non-transient errors. BUG=416612 Review URL: https://codereview.chromium.org/597003002 Cr-Commit-Position: refs/heads/master@{#296992}

UbertokenFecther should invalidate access token if it's invalid.
Add retry with backoff to invalidate only for non-transient errors. BUG=416612 Review URL: https://codereview.chromium.org/597003002 Cr-Commit-Position: refs/heads/master@{#296992}
b6fc7567 · rogerta · Commit bot · 7d0e6ece · b6fc7567 · b6fc7567
Commit b6fc7567 authored Sep 26, 2014 by rogerta Committed by Commit bot Sep 26, 2014
3 changed files
--- a/google_apis/gaia/ubertoken_fetcher.cc
+++ b/google_apis/gaia/ubertoken_fetcher.cc
@@ -7,11 +7,15 @@
 #include <vector>

 #include "base/logging.h"
+#include "base/rand_util.h"
+#include "base/time/time.h"
 #include "google_apis/gaia/gaia_auth_fetcher.h"
 #include "google_apis/gaia/gaia_constants.h"
 #include "google_apis/gaia/google_service_auth_error.h"
 #include "google_apis/gaia/oauth2_token_service.h"

+const int UbertokenFetcher::kMaxRetries = 3;
+
 UbertokenFetcher::UbertokenFetcher(
    OAuth2TokenService* token_service,
    UbertokenConsumer* consumer,
@@ -19,7 +23,9 @@ UbertokenFetcher::UbertokenFetcher(
    : OAuth2TokenService::Consumer("uber_token_fetcher"),
      token_service_(token_service),
      consumer_(consumer),
-      request_context_(request_context) {
+      request_context_(request_context),
+      retry_number_(0),
+      second_access_token_request_(false) {
  DCHECK(token_service);
  DCHECK(consumer);
  DCHECK(request_context);
@@ -29,10 +35,10 @@ UbertokenFetcher::~UbertokenFetcher() {
 }

 void UbertokenFetcher::StartFetchingToken(const std::string& account_id) {
-  OAuth2TokenService::ScopeSet scopes;
-  scopes.insert(GaiaConstants::kOAuth1LoginScope);
-  access_token_request_ =
-      token_service_->StartRequest(account_id, scopes, this);
+  DCHECK(!account_id.empty());
+  account_id_ = account_id;
+  second_access_token_request_ = false;
+  RequestAccessToken();
 }

 void UbertokenFetcher::OnUberAuthTokenSuccess(const std::string& token) {
@@ -41,6 +47,36 @@ void UbertokenFetcher::OnUberAuthTokenSuccess(const std::string& token) {

 void UbertokenFetcher::OnUberAuthTokenFailure(
    const GoogleServiceAuthError& error) {
+  // Retry only transient errors.
+  bool should_retry =
+      error.state() == GoogleServiceAuthError::CONNECTION_FAILED ||
+      error.state() == GoogleServiceAuthError::SERVICE_UNAVAILABLE;
+  if (should_retry) {
+    if (retry_number_ < kMaxRetries) {
+      // Calculate an exponential backoff with randomness of less than 1 sec.
+      double backoff = base::RandDouble() + (1 << retry_number_);
+      ++retry_number_;
+      retry_timer_.Stop();
+      retry_timer_.Start(FROM_HERE,
+                         base::TimeDelta::FromSecondsD(backoff),
+                         this,
+                         &UbertokenFetcher::ExchangeTokens);
+      return;
+    }
+  } else {
+    // The access token is invalid.  Tell the token service.
+    OAuth2TokenService::ScopeSet scopes;
+    scopes.insert(GaiaConstants::kOAuth1LoginScope);
+    token_service_->InvalidateToken(account_id_, scopes, access_token_);
+
+    // In case the access was just stale, try one more time.
+    if (!second_access_token_request_) {
+      second_access_token_request_ = true;
+      RequestAccessToken();
+      return;
+    }
+  }
+
  consumer_->OnUbertokenFailure(error);
 }

@@ -48,11 +84,10 @@ void UbertokenFetcher::OnGetTokenSuccess(
    const OAuth2TokenService::Request* request,
    const std::string& access_token,
    const base::Time& expiration_time) {
+  DCHECK(!access_token.empty());
+  access_token_ = access_token;
  access_token_request_.reset();
-  gaia_auth_fetcher_.reset(new GaiaAuthFetcher(this,
-                                               GaiaConstants::kChromeSource,
-                                               request_context_));
-  gaia_auth_fetcher_->StartTokenFetchForUberAuthExchange(access_token);
+  ExchangeTokens();
 }

 void UbertokenFetcher::OnGetTokenFailure(
@@ -61,3 +96,21 @@ void UbertokenFetcher::OnGetTokenFailure(
  access_token_request_.reset();
  consumer_->OnUbertokenFailure(error);
 }
+
+void UbertokenFetcher::RequestAccessToken() {
+  retry_number_ = 0;
+  gaia_auth_fetcher_.reset();
+  retry_timer_.Stop();
+
+  OAuth2TokenService::ScopeSet scopes;
+  scopes.insert(GaiaConstants::kOAuth1LoginScope);
+  access_token_request_ =
+      token_service_->StartRequest(account_id_, scopes, this);
+}
+
+void UbertokenFetcher::ExchangeTokens() {
+  gaia_auth_fetcher_.reset(new GaiaAuthFetcher(this,
+                                               GaiaConstants::kChromeSource,
+                                               request_context_));
+  gaia_auth_fetcher_->StartTokenFetchForUberAuthExchange(access_token_);
+}
--- a/google_apis/gaia/ubertoken_fetcher.h
+++ b/google_apis/gaia/ubertoken_fetcher.h
@@ -6,6 +6,7 @@
 #define GOOGLE_APIS_GAIA_UBERTOKEN_FETCHER_H_

 #include "base/memory/scoped_ptr.h"
+#include "base/timer/timer.h"
 #include "google_apis/gaia/gaia_auth_consumer.h"
 #include "google_apis/gaia/oauth2_token_service.h"

@@ -38,6 +39,9 @@ class UbertokenConsumer {
 class UbertokenFetcher : public GaiaAuthConsumer,
                         public OAuth2TokenService::Consumer {
 public:
+  // Maximum number of retries to get the uber-auth token before giving up.
+  static const int kMaxRetries;
+
  UbertokenFetcher(OAuth2TokenService* token_service,
                   UbertokenConsumer* consumer,
                   net::URLRequestContextGetter* request_context);
@@ -59,11 +63,22 @@ class UbertokenFetcher : public GaiaAuthConsumer,
                                 const GoogleServiceAuthError& error) OVERRIDE;

 private:
+  // Request a login-scoped access token from the token service.
+  void RequestAccessToken();
+
+  // Exchanges an oauth2 access token for an uber-auth token.
+  void ExchangeTokens();
+
  OAuth2TokenService* token_service_;
  UbertokenConsumer* consumer_;
  net::URLRequestContextGetter* request_context_;
  scoped_ptr<GaiaAuthFetcher> gaia_auth_fetcher_;
  scoped_ptr<OAuth2TokenService::Request> access_token_request_;
+  std::string account_id_;
+  std::string access_token_;
+  int retry_number_;
+  base::OneShotTimer<UbertokenFetcher> retry_timer_;
+  bool second_access_token_request_;

  DISALLOW_COPY_AND_ASSIGN(UbertokenFetcher);
 };

--- a/google_apis/gaia/ubertoken_fetcher_unittest.cc
+++ b/google_apis/gaia/ubertoken_fetcher_unittest.cc
@@ -100,13 +100,72 @@ TEST_F(UbertokenFetcherTest, FailureToGetAccessToken) {
  EXPECT_EQ("", consumer_.last_token_);
 }

-TEST_F(UbertokenFetcherTest, FailureToGetUberToken) {
+TEST_F(UbertokenFetcherTest, TransientFailureEventualFailure) {
+  fetcher_->StartFetchingToken(kTestAccountId);
+  GoogleServiceAuthError error(GoogleServiceAuthError::CONNECTION_FAILED);
+  fetcher_->OnGetTokenSuccess(NULL, "accessToken", base::Time());
+
+  for (int i = 0; i < UbertokenFetcher::kMaxRetries; ++i) {
+    fetcher_->OnUberAuthTokenFailure(error);
+    EXPECT_EQ(0, consumer_.nb_error_);
+    EXPECT_EQ(0, consumer_.nb_correct_token_);
+    EXPECT_EQ("", consumer_.last_token_);
+  }
+
+  fetcher_->OnUberAuthTokenFailure(error);
+  EXPECT_EQ(1, consumer_.nb_error_);
+  EXPECT_EQ(0, consumer_.nb_correct_token_);
+  EXPECT_EQ("", consumer_.last_token_);
+}
+
+TEST_F(UbertokenFetcherTest, TransientFailureEventualSuccess) {
+  fetcher_->StartFetchingToken(kTestAccountId);
+  GoogleServiceAuthError error(GoogleServiceAuthError::CONNECTION_FAILED);
+  fetcher_->OnGetTokenSuccess(NULL, "accessToken", base::Time());
+
+  for (int i = 0; i < UbertokenFetcher::kMaxRetries; ++i) {
+    fetcher_->OnUberAuthTokenFailure(error);
+    EXPECT_EQ(0, consumer_.nb_error_);
+    EXPECT_EQ(0, consumer_.nb_correct_token_);
+    EXPECT_EQ("", consumer_.last_token_);
+  }
+
+  fetcher_->OnUberAuthTokenSuccess("uberToken");
+  EXPECT_EQ(0, consumer_.nb_error_);
+  EXPECT_EQ(1, consumer_.nb_correct_token_);
+  EXPECT_EQ("uberToken", consumer_.last_token_);
+}
+
+TEST_F(UbertokenFetcherTest, PermanentFailureEventualFailure) {
  fetcher_->StartFetchingToken(kTestAccountId);
-  GoogleServiceAuthError error(GoogleServiceAuthError::USER_NOT_SIGNED_UP);
  fetcher_->OnGetTokenSuccess(NULL, "accessToken", base::Time());
+
+  GoogleServiceAuthError error(GoogleServiceAuthError::USER_NOT_SIGNED_UP);
  fetcher_->OnUberAuthTokenFailure(error);
+  EXPECT_EQ(0, consumer_.nb_error_);
+  EXPECT_EQ(0, consumer_.nb_correct_token_);
+  EXPECT_EQ("", consumer_.last_token_);

+  fetcher_->OnGetTokenSuccess(NULL, "accessToken", base::Time());
+  fetcher_->OnUberAuthTokenFailure(error);
  EXPECT_EQ(1, consumer_.nb_error_);
  EXPECT_EQ(0, consumer_.nb_correct_token_);
  EXPECT_EQ("", consumer_.last_token_);
 }
+
+TEST_F(UbertokenFetcherTest, PermanentFailureEventualSuccess) {
+  fetcher_->StartFetchingToken(kTestAccountId);
+  GoogleServiceAuthError error(GoogleServiceAuthError::USER_NOT_SIGNED_UP);
+  fetcher_->OnGetTokenSuccess(NULL, "accessToken", base::Time());
+
+  fetcher_->OnUberAuthTokenFailure(error);
+  EXPECT_EQ(0, consumer_.nb_error_);
+  EXPECT_EQ(0, consumer_.nb_correct_token_);
+  EXPECT_EQ("", consumer_.last_token_);
+
+  fetcher_->OnGetTokenSuccess(NULL, "accessToken", base::Time());
+  fetcher_->OnUberAuthTokenSuccess("uberToken");
+  EXPECT_EQ(0, consumer_.nb_error_);
+  EXPECT_EQ(1, consumer_.nb_correct_token_);
+  EXPECT_EQ("uberToken", consumer_.last_token_);
+}