1 // Copyright 2020 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_DEVICE_IDENTITY_DEVICE_OAUTH2_TOKEN_STORE_H_ 6 #define CHROME_BROWSER_DEVICE_IDENTITY_DEVICE_OAUTH2_TOKEN_STORE_H_ 7 8 #include <string> 9 10 #include "base/callback_forward.h" 11 #include "google_apis/gaia/core_account_id.h" 12 13 // An interface to be implemented per-platform that represents an 14 // encrypted storage facility for the device's robot GAIA account. 15 class DeviceOAuth2TokenStore { 16 public: 17 // Implemented by the DeviceOAuth2TokenService to be notified of events 18 // related to the state of the token storage. 19 class Observer { 20 public: ~Observer()21 virtual ~Observer() {} 22 23 // Called when the refresh token becomes available, at which point it'll be 24 // returned by a call to |GetRefreshToken()|. 25 virtual void OnRefreshTokenAvailable() = 0; 26 }; 27 28 // Invoked by SetAndSaveRefreshToken to indicate whether the operation was 29 // successful or not. 30 using StatusCallback = base::OnceCallback<void(bool)>; 31 32 // Called when the |Init()| function finishes. 33 // The first param, |init_result|, will be true if the store is properly 34 // initialized and ready to use. 35 // The 2nd param, |validation_required|, will be true if the calling service 36 // is expected to perform validation on the token before using it, false if 37 // validation was already completed. 38 using InitCallback = base::OnceCallback<void(bool /* init_result */, 39 bool /* validation_required */)>; 40 41 // Called by |PrepareTrustedAccountId()| once it's done. 42 // The param, |trusted_account_present| indicates whether the store was able 43 // successfully prepare a trusted Account ID. 44 using TrustedAccountIdCallback = 45 base::RepeatingCallback<void(bool /* trusted_account_present */)>; 46 ~DeviceOAuth2TokenStore()47 virtual ~DeviceOAuth2TokenStore() {} 48 49 // Initialize this storage object and perform necessary setup to be able to 50 // store/load and encrypt/decrypt the relevant data. Calls 51 // |Observer::OnInitComplete()| upon completion. 52 virtual void Init(InitCallback callback) = 0; 53 54 // Return the current service account ID for this device. 55 virtual CoreAccountId GetAccountId() const = 0; 56 57 // Return the current refresh token for the account ID of the device. This may 58 // return the empty string if the token isn't yet ready or if there was an 59 // error during initialization. 60 virtual std::string GetRefreshToken() const = 0; 61 62 // Persist the given refresh token on the device. Overwrites any previous 63 // value. Should only be called during initial device setup. Signals 64 // completion via the given callback, passing true if the operation succeeded. 65 virtual void SetAndSaveRefreshToken(const std::string& refresh_token, 66 StatusCallback result_callback) = 0; 67 68 // Requests that this store prepare its underlying storage to be able to be 69 // queried for a trusted account ID, whatever that means for that platform. 70 // See concrete implementation comments for more details. This does not affect 71 // or change this objects' state or the stored token, it is meant to prepare 72 // the platform for retrieving the values. 73 // Invokes |callback| when the operation completes. 74 virtual void PrepareTrustedAccountId(TrustedAccountIdCallback callback) = 0; 75 76 #if !defined(OS_CHROMEOS) 77 // Requests that this store persist the current service account's associated 78 // email. 79 // On ChromeOS, the account email comes from CrosSettings so this should never 80 // be called. 81 virtual void SetAccountEmail(const std::string& account_email) = 0; 82 #endif 83 SetObserver(Observer * observer)84 void SetObserver(Observer* observer) { observer_ = observer; } observer()85 Observer* observer() { return observer_; } 86 87 private: 88 Observer* observer_ = nullptr; 89 }; 90 91 #endif // CHROME_BROWSER_DEVICE_IDENTITY_DEVICE_OAUTH2_TOKEN_STORE_H_ 92