File: device_oauth2_token_store_desktop.h

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (71 lines) | stat: -rw-r--r-- 2,845 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CHROME_BROWSER_DEVICE_IDENTITY_DEVICE_OAUTH2_TOKEN_STORE_DESKTOP_H_
#define CHROME_BROWSER_DEVICE_IDENTITY_DEVICE_OAUTH2_TOKEN_STORE_DESKTOP_H_

#include <string>

#include "base/memory/raw_ptr.h"
#include "base/memory/weak_ptr.h"
#include "chrome/browser/device_identity/device_oauth2_token_store.h"
#include "google_apis/gaia/core_account_id.h"

class PrefRegistrySimple;
class PrefService;

// The pref name where this class stores the encrypted refresh token.
extern const char kCBCMServiceAccountRefreshToken[];

// The pref name where this class stores the service account's email.
extern const char kCBCMServiceAccountEmail[];

// The desktop (mac, win, linux) implementation of DeviceOAuth2TokenStore. This
// is used by the DeviceOAuth2TokenService on those platforms to encrypt and
// persist the refresh token of the service account to LocalState.
class DeviceOAuth2TokenStoreDesktop : public DeviceOAuth2TokenStore {
 public:
  explicit DeviceOAuth2TokenStoreDesktop(PrefService* local_state);
  ~DeviceOAuth2TokenStoreDesktop() override;

  DeviceOAuth2TokenStoreDesktop(const DeviceOAuth2TokenStoreDesktop& other) =
      delete;
  DeviceOAuth2TokenStoreDesktop& operator=(
      const DeviceOAuth2TokenStoreDesktop& other) = delete;

  static void RegisterPrefs(PrefRegistrySimple* registry);

  // DeviceOAuth2TokenStore:
  void Init(InitCallback callback) override;
  CoreAccountId GetAccountId() const override;
  std::string GetRefreshToken() const override;
  void SetAndSaveRefreshToken(const std::string& refresh_token,
                              StatusCallback result_callback) override;
  void PrepareTrustedAccountId(TrustedAccountIdCallback callback) override;
  void SetAccountEmail(const std::string& account_email) override;

 private:
  void OnServiceAccountIdentityChanged();

  // Called the first time GetRefreshToken is called if |token_decrypted_| is
  // false. It decrypts |refresh_token_| using OSCrypt and writes it back to
  // |refresh_token_|.
  void DecryptToken() const;

  const raw_ptr<PrefService> local_state_;

  // This and the |token_decrypted_| field are mutable because they are modified
  // on the first call to |GetRefreshToken()|, which is const.
  mutable std::string refresh_token_;

  // The token is decrypted the first time it's read rather than on Init,
  // because OSCrypt hasn't been initialized early enough on some platforms.
  // This field is false and |refresh_token_| is encrypted until the first token
  // read.
  mutable bool token_decrypted_ = false;

  base::WeakPtrFactory<DeviceOAuth2TokenStoreDesktop> weak_ptr_factory_{this};
};

#endif  // CHROME_BROWSER_DEVICE_IDENTITY_DEVICE_OAUTH2_TOKEN_STORE_DESKTOP_H_