chromeos: Migrate //c/b/chromeos to consent aware identity API

Be explicit about whether or not browser sync consent is required when looking up the IdentityManager primary account. Updated: * kiosk mode tests * login / user session * device local account tests * plugin vm See go/cros-primary-account and go/consent-aware-api-dd Bug: 1042400, 1046746 Test: existing browser_tests Change-Id: I0f272f7bbcc2a4b0378cdf0e3590491617fe62a8 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2054275Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Commit-Queue: James Cook <jamescook@chromium.org> Cr-Commit-Position: refs/heads/master@{#741217}

chromeos: Migrate //c/b/chromeos to consent aware identity API
Be explicit about whether or not browser sync consent is required when looking up the IdentityManager primary account. Updated: * kiosk mode tests * login / user session * device local account tests * plugin vm See go/cros-primary-account and go/consent-aware-api-dd Bug: 1042400, 1046746 Test: existing browser_tests Change-Id: I0f272f7bbcc2a4b0378cdf0e3590491617fe62a8 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2054275Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Commit-Queue: James Cook <jamescook@chromium.org> Cr-Commit-Position: refs/heads/master@{#741217}
e913f61a · James Cook · Commit Bot · 0b470c09 · e913f61a · e913f61a
Commit e913f61a authored Feb 13, 2020 by James Cook Committed by Commit Bot Feb 13, 2020
5 changed files
--- a/chrome/browser/chromeos/login/kiosk_browsertest.cc
+++ b/chrome/browser/chromeos/login/kiosk_browsertest.cc
@@ -932,8 +932,8 @@ IN_PROC_BROWSER_TEST_F(KioskTest, NotSignedInWithGAIAAccount) {

  Profile* app_profile = ProfileManager::GetPrimaryUserProfile();
  ASSERT_TRUE(app_profile);
-  EXPECT_FALSE(
-      IdentityManagerFactory::GetForProfile(app_profile)->HasPrimaryAccount());
+  EXPECT_FALSE(IdentityManagerFactory::GetForProfile(app_profile)
+                   ->HasPrimaryAccount(signin::ConsentLevel::kNotRequired));
 }

 IN_PROC_BROWSER_TEST_F(KioskTest, PRE_LaunchAppNetworkDown) {
@@ -2290,8 +2290,8 @@ IN_PROC_BROWSER_TEST_F(KioskEnterpriseTest, EnterpriseKioskApp) {
  // account.
  Profile* app_profile = ProfileManager::GetPrimaryUserProfile();
  ASSERT_TRUE(app_profile);
-  EXPECT_FALSE(
-      IdentityManagerFactory::GetForProfile(app_profile)->HasPrimaryAccount());
+  EXPECT_FALSE(IdentityManagerFactory::GetForProfile(app_profile)
+                   ->HasPrimaryAccount(signin::ConsentLevel::kNotRequired));

  // Terminate the app.
  window->GetBaseWindow()->Close();

--- a/chrome/browser/chromeos/login/session/user_session_manager.cc
+++ b/chrome/browser/chromeos/login/session/user_session_manager.cc
@@ -178,6 +178,8 @@
 #include "components/rlz/rlz_tracker.h"
 #endif

+using signin::ConsentLevel;
+
 namespace chromeos {

 namespace {
@@ -654,7 +656,7 @@ void UserSessionManager::RestoreAuthenticationSession(Profile* user_profile) {
  auto* identity_manager = IdentityManagerFactory::GetForProfile(user_profile);
  const bool account_id_valid =
      identity_manager &&
-      !identity_manager->GetPrimaryAccountId(signin::ConsentLevel::kNotRequired)
+      !identity_manager->GetPrimaryAccountId(ConsentLevel::kNotRequired)
           .empty();
  if (!account_id_valid)
    LOG(ERROR) << "No account is associated with sign-in manager on restore.";
@@ -966,7 +968,7 @@ void UserSessionManager::OnSessionRestoreStateChanged(
        DCHECK(
            !identity_manager->HasAccountWithRefreshTokenInPersistentErrorState(
                identity_manager
-                    ->GetPrimaryAccountInfo(signin::ConsentLevel::kNotRequired)
+                    ->GetPrimaryAccountInfo(ConsentLevel::kNotRequired)
                    .account_id));
      }
      user_status = user_manager::User::OAUTH2_TOKEN_STATUS_VALID;
@@ -1424,15 +1426,15 @@ void UserSessionManager::InitProfilePreferences(
      DCHECK(account_info.has_value());
      if (features::IsSplitSettingsSyncEnabled()) {
        if (is_new_profile) {
-          if (!identity_manager->HasPrimaryAccount()) {
+          if (!identity_manager->HasPrimaryAccount(ConsentLevel::kSync)) {
            // Set the account without recording browser sync consent.
            identity_manager->GetPrimaryAccountMutator()
                ->SetUnconsentedPrimaryAccount(account_info->account_id);
          }
        }
        CHECK(identity_manager->HasUnconsentedPrimaryAccount());
-        CHECK_EQ(identity_manager
-                     ->GetPrimaryAccountInfo(signin::ConsentLevel::kNotRequired)
+        CHECK_EQ(
+            identity_manager->GetPrimaryAccountInfo(ConsentLevel::kNotRequired)
                .gaia,
            gaia_id);
      } else {
@@ -1441,7 +1443,7 @@ void UserSessionManager::InitProfilePreferences(
        // profile might only have an unconsented primary account.
        identity_manager->GetPrimaryAccountMutator()->SetPrimaryAccount(
            account_info->account_id);
-        CHECK(identity_manager->HasPrimaryAccount());
+        CHECK(identity_manager->HasPrimaryAccount(ConsentLevel::kSync));
        CHECK_EQ(identity_manager->GetPrimaryAccountInfo().gaia, gaia_id);
      }
    } else {
@@ -1455,8 +1457,8 @@ void UserSessionManager::InitProfilePreferences(
              gaia_id, user_context.GetAccountId().GetUserEmail());
    }

-    CoreAccountId account_id = identity_manager->GetPrimaryAccountId(
-        signin::ConsentLevel::kNotRequired);
+    CoreAccountId account_id =
+        identity_manager->GetPrimaryAccountId(ConsentLevel::kNotRequired);
    VLOG(1) << "Seed IdentityManager with the authenticated account info, "
            << "success=" << !account_id.empty();


--- a/chrome/browser/chromeos/plugin_vm/plugin_vm_drive_image_download_service.cc
+++ b/chrome/browser/chromeos/plugin_vm/plugin_vm_drive_image_download_service.cc
@@ -23,6 +23,7 @@
 #include "components/download/public/background_service/download_metadata.h"
 #include "components/drive/service/drive_api_service.h"
 #include "components/drive/service/drive_service_interface.h"
+#include "components/signin/public/identity_manager/consent_level.h"
 #include "components/signin/public/identity_manager/identity_manager.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/browser_task_traits.h"
@@ -139,7 +140,8 @@ PluginVmDriveImageDownloadService::PluginVmDriveImageDownloadService(
      identity_manager, url_loader_factory, blocking_task_runner.get(),
      base_url, base_thumbnail_url, std::string{},
      kPluginVmNetworkTrafficAnnotation);
-  drive_service_->Initialize(identity_manager->GetPrimaryAccountId());
+  drive_service_->Initialize(identity_manager->GetPrimaryAccountId(
+      signin::ConsentLevel::kNotRequired));
 }

 void PluginVmDriveImageDownloadService::StartDownload(

--- a/chrome/browser/chromeos/plugin_vm/plugin_vm_drive_image_download_service.h
+++ b/chrome/browser/chromeos/plugin_vm/plugin_vm_drive_image_download_service.h
@@ -86,4 +86,5 @@ class PluginVmDriveImageDownloadService {
 };

 }  // namespace plugin_vm
+
 #endif  // CHROME_BROWSER_CHROMEOS_PLUGIN_VM_PLUGIN_VM_DRIVE_IMAGE_DOWNLOAD_SERVICE_H_
--- a/chrome/browser/chromeos/policy/device_local_account_browsertest.cc
+++ b/chrome/browser/chromeos/policy/device_local_account_browsertest.cc
@@ -1158,7 +1158,8 @@ IN_PROC_BROWSER_TEST_F(DeviceLocalAccountTest, StartSession) {
  Profile* profile = GetProfileForTest();
  ASSERT_TRUE(profile);
  EXPECT_FALSE(
-      IdentityManagerFactory::GetForProfile(profile)->HasPrimaryAccount());
+      IdentityManagerFactory::GetForProfile(profile)->HasPrimaryAccount(
+          signin::ConsentLevel::kNotRequired));
 }

 IN_PROC_BROWSER_TEST_F(DeviceLocalAccountTest, FullscreenAllowed) {