// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_MANAGED_MODE_MANAGED_USER_REFRESH_TOKEN_FETCHER_H_
#define CHROME_BROWSER_MANAGED_MODE_MANAGED_USER_REFRESH_TOKEN_FETCHER_H_
#include <string>
#include "base/callback_forward.h"
#include "base/compiler_specific.h"
#include "base/memory/scoped_ptr.h"
#include "base/strings/string16.h"
class GoogleServiceAuthError;
class OAuth2TokenService;
namespace net {
class URLRequestContextGetter;
}
// This class fetches an OAuth2 refresh token that is tied to a managed user ID
// and downscoped to a special scope for Chrome Sync for managed users.
// Fetching the token consists of the following steps:
// 1. Get an access token for the custodian from OAuth2TokenService
// (either cached or fetched).
// 2. Call the IssueToken API to mint a scoped authorization code for a
// refresh token for the managed user from the custodian's access token.
// 3. Exchange the authorization code for a refresh token for the managed
// user and return it to the caller. The refresh token can only be used to
// mint tokens with the special managed user Sync scope.
class ManagedUserRefreshTokenFetcher {
public:
typedef base::Callback<void(const GoogleServiceAuthError& /* error */,
const std::string& /* refresh_token */)>
TokenCallback;
static scoped_ptr<ManagedUserRefreshTokenFetcher> Create(
OAuth2TokenService* oauth2_token_service,
const std::string& account_id,
net::URLRequestContextGetter* context);
virtual ~ManagedUserRefreshTokenFetcher();
virtual void Start(const std::string& managed_user_id,
const std::string& device_name,
const TokenCallback& callback) = 0;
};
#endif // CHROME_BROWSER_MANAGED_MODE_MANAGED_USER_REFRESH_TOKEN_FETCHER_H_