Set the authorization header when calling an API. Otherwise, no API call will succeed.

Review URL: https://chromiumcodereview.appspot.com/10080016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@132473 0039d316-1c4b-4281-b951-d872f2087c98

Set the authorization header when calling an API. Otherwise, no API call will succeed.
Review URL: https://chromiumcodereview.appspot.com/10080016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@132473 0039d316-1c4b-4281-b951-d872f2087c98
bf0fa427 · munjal@chromium.org · e14b4d34 · bf0fa427 · bf0fa427 · bf0fa427
Commit bf0fa427 authored Apr 16, 2012 by munjal@chromium.org
3 changed files
--- a/chrome/common/net/gaia/oauth2_api_call_flow.cc
+++ b/chrome/common/net/gaia/oauth2_api_call_flow.cc
@@ -8,6 +8,7 @@
 #include <vector>
 #include "base/basictypes.h"
+#include "base/stringprintf.h"
 #include "chrome/common/net/gaia/gaia_urls.h"
 #include "net/base/escape.h"
 #include "net/base/load_flags.h"
@@ -21,6 +22,15 @@ using net::ResponseCookies;
 using net::URLRequestContextGetter;
 using net::URLRequestStatus;
+namespace {
+static const char kAuthorizationHeaderFormat[] =
+    "Authorization: Bearer %s";
+static std::string MakeAuthorizationHeader(const std::string& auth_token) {
+  return StringPrintf(kAuthorizationHeaderFormat, auth_token.c_str());
+}
+}  // namespace
 OAuth2ApiCallFlow::OAuth2ApiCallFlow(
    net::URLRequestContextGetter* context,
    const std::string& refresh_token,
@@ -146,6 +156,7 @@ URLFetcher* OAuth2ApiCallFlow::CreateURLFetcher() {
  result->SetRequestContext(context_);
  result->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
                       net::LOAD_DO_NOT_SAVE_COOKIES);
+  result->AddExtraRequestHeader(MakeAuthorizationHeader(access_token_));
  if (!empty_body)
    result->SetUploadData("application/x-www-form-urlencoded", body);

--- a/chrome/common/net/gaia/oauth2_api_call_flow.h
+++ b/chrome/common/net/gaia/oauth2_api_call_flow.h
@@ -88,6 +88,7 @@ class OAuth2ApiCallFlow
  };
  friend class OAuth2ApiCallFlowTest;
+  FRIEND_TEST_ALL_PREFIXES(OAuth2ApiCallFlowTest, CreateURLFetcher);
  // Helper to create an instance of access token fetcher.
  // Caller owns the returned instance.

--- a/chrome/common/net/gaia/oauth2_api_call_flow_unittest.cc
+++ b/chrome/common/net/gaia/oauth2_api_call_flow_unittest.cc
@@ -18,6 +18,7 @@
 #include "content/public/common/url_fetcher_delegate.h"
 #include "content/public/common/url_fetcher_factory.h"
 #include "content/test/test_url_fetcher_factory.h"
+#include "net/http/http_request_headers.h"
 #include "net/http/http_status_code.h"
 #include "net/url_request/url_request.h"
 #include "net/url_request/url_request_status.h"
@@ -27,11 +28,15 @@
 using content::URLFetcher;
 using content::URLFetcherDelegate;
 using content::URLFetcherFactory;
+using net::HttpRequestHeaders;
 using net::URLRequestStatus;
 using testing::_;
 using testing::Return;
 namespace {
+static std::string CreateBody() {
+  return "some body";
+}
 static GURL CreateApiUrl() {
  return GURL("https://www.googleapis.com/someapi");
@@ -48,7 +53,7 @@ static std::vector<std::string> CreateTestScopes() {
 class MockUrlFetcherFactory : public ScopedURLFetcherFactory,
                              public URLFetcherFactory {
-public:
+ public:
  MockUrlFetcherFactory()
      : ScopedURLFetcherFactory(ALLOW_THIS_IN_INITIALIZER_LIST(this)) {
  }
@@ -145,8 +150,9 @@ class OAuth2ApiCallFlowTest : public testing::Test {
  }
  TestURLFetcher* SetupApiCall(bool succeeds, net::HttpStatusCode status) {
+    std::string body(CreateBody());
    GURL url(CreateApiUrl());
-    EXPECT_CALL(*flow_, CreateApiCallBody()).WillOnce(Return(""));
+    EXPECT_CALL(*flow_, CreateApiCallBody()).WillOnce(Return(body));
    EXPECT_CALL(*flow_, CreateApiCallUrl()).WillOnce(Return(url));
    TestURLFetcher* url_fetcher = CreateURLFetcher(
        url, succeeds, status, "");
@@ -262,3 +268,22 @@ TEST_F(OAuth2ApiCallFlowTest, EmptyAccessTokenNewTokenGenerationFails) {
  flow_->Start();
  flow_->OnGetTokenFailure(error);
 }
+TEST_F(OAuth2ApiCallFlowTest, CreateURLFetcher) {
+  std::string rt = "refresh_token";
+  std::string at = "access_token";
+  std::vector<std::string> scopes(CreateTestScopes());
+  std::string body = CreateBody();
+  GURL url(CreateApiUrl());
+  CreateFlow(rt, at, scopes);
+  TestURLFetcher* url_fetcher = SetupApiCall(true, net::HTTP_OK);
+  flow_->CreateURLFetcher();
+  HttpRequestHeaders headers;
+  url_fetcher->GetExtraRequestHeaders(&headers);
+  std::string auth_header;
+  EXPECT_TRUE(headers.GetHeader("Authorization", &auth_header));
+  EXPECT_EQ("Bearer access_token", auth_header);
+  EXPECT_EQ(url, url_fetcher->GetOriginalURL());
+  EXPECT_EQ(body, url_fetcher->upload_data());
+}