Migrate TokenHandleFetcher to the IdentityManager

Move away from OAuth2TokenService and SigninManagerBase by implementing
IdentityManager::Observer and using Identity Service's APIs only (i.e.
IdentityManager, PrimaryAccessTokenFetcher).

Bug: 905689
Change-Id: I68e971ddf8a23987abfdadb8e2daf7b17a4a6ddb
Reviewed-on: https://chromium-review.googlesource.com/c/1340315Reviewed-by: Scott Violet <sky@chromium.org>
Reviewed-by: Colin Blundell <blundell@chromium.org>
Commit-Queue: Mario Sanchez Prada <mario@igalia.com>
Cr-Commit-Position: refs/heads/master@{#611044}

chrome/browser/chromeos/login/signin/token_handle_fetcher.cc

@@ -9,16 +9,16 @@
 #include "chrome/browser/chromeos/login/signin/token_handle_util.h"
 #include "chrome/browser/chromeos/profiles/profile_helper.h"
 #include "chrome/browser/profiles/profile.h"
-#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
-#include "chrome/browser/signin/signin_manager_factory.h"
+#include "chrome/browser/signin/identity_manager_factory.h"
 #include "components/keyed_service/content/browser_context_keyed_service_shutdown_notifier_factory.h"
-#include "components/signin/core/browser/profile_oauth2_token_service.h"
-#include "components/signin/core/browser/signin_manager.h"
 #include "google_apis/gaia/gaia_constants.h"
+#include "services/identity/public/cpp/primary_account_access_token_fetcher.h"
+#include "services/identity/public/cpp/scope_set.h"
 #include "services/network/public/cpp/shared_url_loader_factory.h"
 
 namespace {
 const int kMaxRetries = 3;
+const char kAccessTokenFetchId[] = "token_handle_fetcher";
 
 class TokenHandleFetcherShutdownNotifierFactory
     : public BrowserContextKeyedServiceShutdownNotifierFactory {
@@ -34,7 +34,7 @@ class TokenHandleFetcherShutdownNotifierFactory
   TokenHandleFetcherShutdownNotifierFactory()
       : BrowserContextKeyedServiceShutdownNotifierFactory(
             "TokenHandleFetcher") {
-    DependsOn(ProfileOAuth2TokenServiceFactory::GetInstance());
+    DependsOn(IdentityManagerFactory::GetInstance());
   }
   ~TokenHandleFetcherShutdownNotifierFactory() override {}
 
@@ -45,13 +45,11 @@ class TokenHandleFetcherShutdownNotifierFactory
 
 TokenHandleFetcher::TokenHandleFetcher(TokenHandleUtil* util,
                                        const AccountId& account_id)
-    : OAuth2TokenService::Consumer("user_session_manager"),
-      token_handle_util_(util),
-      account_id_(account_id) {}
+    : token_handle_util_(util), account_id_(account_id) {}
 
 TokenHandleFetcher::~TokenHandleFetcher() {
   if (waiting_for_refresh_token_)
-    token_service_->RemoveObserver(this);
+    identity_manager_->RemoveObserver(this);
 }
 
 void TokenHandleFetcher::BackfillToken(Profile* profile,
@@ -59,11 +57,9 @@ void TokenHandleFetcher::BackfillToken(Profile* profile,
   profile_ = profile;
   callback_ = callback;
 
-  token_service_ = ProfileOAuth2TokenServiceFactory::GetForProfile(profile);
-  SigninManagerBase* signin_manager =
-      SigninManagerFactory::GetForProfile(profile);
-  const std::string user_email = signin_manager->GetAuthenticatedAccountId();
-  if (!token_service_->RefreshTokenIsAvailable(user_email)) {
+  identity_manager_ = IdentityManagerFactory::GetForProfile(profile);
+  const std::string user_email = identity_manager_->GetPrimaryAccountId();
+  if (!identity_manager_->HasAccountWithRefreshToken(user_email)) {
     account_without_token_ = user_email;
     profile_shutdown_notification_ =
         TokenHandleFetcherShutdownNotifierFactory::GetInstance()
@@ -71,43 +67,52 @@ void TokenHandleFetcher::BackfillToken(Profile* profile,
             ->Subscribe(base::Bind(&TokenHandleFetcher::OnProfileDestroyed,
                                    base::Unretained(this)));
 
-    token_service_->AddObserver(this);
+    identity_manager_->AddObserver(this);
     waiting_for_refresh_token_ = true;
     return;
   }
   RequestAccessToken(user_email);
 }
 
-void TokenHandleFetcher::OnRefreshTokenAvailable(
-    const std::string& user_email) {
-  if (account_without_token_ != user_email)
+void TokenHandleFetcher::OnRefreshTokenUpdatedForAccount(
+    const AccountInfo& account_info,
+    bool is_valid) {
+  if (account_without_token_ != account_info.email)
     return;
   waiting_for_refresh_token_ = false;
-  token_service_->RemoveObserver(this);
-  RequestAccessToken(user_email);
+  identity_manager_->RemoveObserver(this);
+  RequestAccessToken(account_info.email);
 }
 
 void TokenHandleFetcher::RequestAccessToken(const std::string& user_email) {
-  OAuth2TokenService::ScopeSet scopes;
+  identity::ScopeSet scopes;
   scopes.insert(GaiaConstants::kOAuth1LoginScope);
-  oauth2_access_token_request_ =
-      token_service_->StartRequest(user_email, scopes, this);
-}
 
-void TokenHandleFetcher::OnGetTokenSuccess(
-    const OAuth2TokenService::Request* request,
-    const OAuth2AccessTokenConsumer::TokenResponse& token_response) {
-  oauth2_access_token_request_.reset();
-  FillForAccessToken(token_response.access_token);
+  // We can use base::Unretained(this) below because |access_token_fetcher_| is
+  // owned by this object (thus destroyed when this object is destroyed) and
+  // PrimaryAccountAccessTokenFetcher guarantees that it doesn't invoke its
+  // callback after it is destroyed.
+  access_token_fetcher_ =
+      std::make_unique<identity::PrimaryAccountAccessTokenFetcher>(
+          kAccessTokenFetchId, identity_manager_, scopes,
+          base::BindOnce(&TokenHandleFetcher::OnAccessTokenFetchComplete,
+                         base::Unretained(this)),
+          identity::PrimaryAccountAccessTokenFetcher::Mode::kImmediate);
 }
 
-void TokenHandleFetcher::OnGetTokenFailure(
-    const OAuth2TokenService::Request* request,
-    const GoogleServiceAuthError& error) {
-  oauth2_access_token_request_.reset();
-  LOG(ERROR) << "Could not get access token to backfill token handler"
-             << error.ToString();
-  callback_.Run(account_id_, false);
+void TokenHandleFetcher::OnAccessTokenFetchComplete(
+    GoogleServiceAuthError error,
+    identity::AccessTokenInfo token_info) {
+  access_token_fetcher_.reset();
+
+  if (error.state() != GoogleServiceAuthError::NONE) {
+    LOG(ERROR) << "Could not get access token to backfill token handler"
+               << error.ToString();
+    callback_.Run(account_id_, false);
+    return;
+  }
+
+  FillForAccessToken(token_info.token);
 }
 
 void TokenHandleFetcher::FillForNewUser(const std::string& access_token,

chrome/browser/chromeos/login/signin/token_handle_fetcher.h

@@ -14,7 +14,11 @@
 #include "components/account_id/account_id.h"
 #include "components/keyed_service/core/keyed_service_shutdown_notifier.h"
 #include "google_apis/gaia/gaia_oauth_client.h"
-#include "google_apis/gaia/oauth2_token_service.h"
+#include "services/identity/public/cpp/identity_manager.h"
+
+namespace identity {
+class PrimaryAccountAccessTokenFetcher;
+}
 
 class TokenHandleUtil;
 class Profile;
@@ -25,8 +29,7 @@ class Profile;
 // minting additional access token might be required.
 
 class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate,
-                           public OAuth2TokenService::Consumer,
-                           public OAuth2TokenService::Observer {
+                           public identity::IdentityManager::Observer {
  public:
   TokenHandleFetcher(TokenHandleUtil* util, const AccountId& account_id);
   ~TokenHandleFetcher() override;
@@ -43,15 +46,13 @@ class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate,
   void BackfillToken(Profile* profile, const TokenFetchingCallback& callback);
 
  private:
-  // OAuth2TokenService::Observer override:
-  void OnRefreshTokenAvailable(const std::string& user_email) override;
+  // identity::IdentityManager::Observer override:
+  void OnRefreshTokenUpdatedForAccount(const AccountInfo& account_info,
+                                       bool is_valid) override;
 
-  // OAuth2TokenService::Consumer overrides:
-  void OnGetTokenSuccess(
-      const OAuth2TokenService::Request* request,
-      const OAuth2AccessTokenConsumer::TokenResponse& token_response) override;
-  void OnGetTokenFailure(const OAuth2TokenService::Request* request,
-                         const GoogleServiceAuthError& error) override;
+  // AccessTokenFetcher::TokenCallback for PrimaryAccountAccessTokenFetcher.
+  void OnAccessTokenFetchComplete(GoogleServiceAuthError error,
+                                  identity::AccessTokenInfo token_info);
 
   // GaiaOAuthClient::Delegate overrides:
   void OnOAuthError() override;
@@ -67,7 +68,7 @@ class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate,
 
   TokenHandleUtil* token_handle_util_ = nullptr;
   AccountId account_id_;
-  OAuth2TokenService* token_service_ = nullptr;
+  identity::IdentityManager* identity_manager_ = nullptr;
 
   bool waiting_for_refresh_token_ = false;
   std::string account_without_token_;
@@ -75,7 +76,8 @@ class TokenHandleFetcher : public gaia::GaiaOAuthClient::Delegate,
   base::TimeTicks tokeninfo_response_start_time_ = base::TimeTicks();
   TokenFetchingCallback callback_;
   std::unique_ptr<gaia::GaiaOAuthClient> gaia_client_;
-  std::unique_ptr<OAuth2TokenService::Request> oauth2_access_token_request_;
+  std::unique_ptr<identity::PrimaryAccountAccessTokenFetcher>
+      access_token_fetcher_;
   std::unique_ptr<KeyedServiceShutdownNotifier::Subscription>
       profile_shutdown_notification_;