exports.getAuthToken = function(details, callback) {
if (typeof details === 'function' && typeof callback === 'undefined') {
callback = details;
details = { interactive: false };
}
if (typeof callback !== 'function') {
return callbackWithError('Callback function required');
}
if (typeof details !== 'object') {
return callbackWithError('TokenDetails object required', callback);
}
var fail = function(msg) {
callbackWithError(msg, callback);
};
// If we have a cached token, send it along.
if (cachedToken) {
callback(cachedToken);
return;
}
// Augment the callback so that it caches a received token.
var augmentedCallback = function(token) {
if (token) {
cachedToken = token;
}
callback(token);
};
// If we are not using chrome.runtime, check for oauth2 args in the details map
var oauthDetails = details.oauth2 || runtime && runtime.getManifest().oauth2;
// Use native implementation for logging into google accounts
exec(augmentedCallback, fail, 'ChromeIdentity', 'getAuthToken', [!!details.interactive, oauthDetails]);
};
exports.launchWebAuthFlow = function(details, callback) {
if (typeof callback !== 'function') {
return callbackWithError('Callback function required');
}
if (typeof details !== 'object') {
return callbackWithError('WebAuthFlowDetails object required', callback);
}
launchInAppBrowser(details.url, details.interactive, callback);
};
var fail = callback && function(error) {
var sendInfo = {
bytesSent: 0,
resultCode: error.resultCode
};
callbackWithError(error.message, callback, sendInfo);
};
var launchWebAuthFlowCallback = function(responseUrl) {
var token = extractToken(responseUrl);
// If we weren't able to extract a token, error out. Otherwise, call the callback.
if (!token) {
callbackWithError('URL did not contain a token.', callback);
return;
}
augmentedCallback(token);
};
var fail = function(msg) {
if (msg === GOOGLE_PLAY_SERVICES_UNAVAILABLE) {
console.warn('Google Play Services is unavailable; falling back to web authentication flow.');
// Verify that oAuthDetails contains a client_id and scopes.
// Since we're using the web auth flow as a fallback, we need the web client id.
var manifest = runtime.getManifest();
var webClientId = manifest && manifest.web && manifest.web.oauth2 && manifest.web.oauth2.client_id;
if (!webClientId) {
callbackWithError('Web client id missing from mobile manifest.', callback);
return;
}
if (!oAuthDetails.scopes) {
callbackWithError('Scopes missing from manifest.', callback);
return;
}
// Add the appropriate URL to the `details` object.
var scopes = encodeURIComponent(oAuthDetails.scopes.join(' '));
details.url = 'https://accounts.google.com/o/oauth2/auth?client_id=' + webClientId + '&redirect_uri=' + chrome.identity.getRedirectURL() + '&response_type=token&scope=' + scopes;
// The callback needs to extract the access token from the returned URL and pass that on to the original callback.
var launchWebAuthFlowCallback = function(responseUrl) {
var token = extractToken(responseUrl);
// If we weren't able to extract a token, error out.
if (!token) {
callbackWithError('URL did not contain a token.', callback);
return;
}
// Our augmented callback expects a token data object containing the token and the account.
// We don't know the account, so we say so.
var tokenData = { token: token, account: UNKNOWN_ACCOUNT };
augmentedCallback(tokenData);
};
// Launch the web auth flow!
exports.launchWebAuthFlow(details, launchWebAuthFlowCallback);
} else {
callbackWithError(msg, callback);
}
};
var launchWebAuthFlowCallback = function(responseUrl) {
var token = extractToken(responseUrl);
// If we weren't able to extract a token, error out.
if (!token) {
callbackWithError('URL did not contain a token.', callback);
return;
}
// Our augmented callback expects a token data object containing the token and the account.
// We don't know the account, so we say so.
var tokenData = { token: token, account: UNKNOWN_ACCOUNT };
augmentedCallback(tokenData);
};
exports.revokeAuthToken = function(details, callback) {
// If a token has been passed, revoke it and remove it from the cache.
// If not, call the callback with an error.
if (details && details.token) {
// Revoke the token!
var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://accounts.google.com/o/oauth2/revoke?token=' + details.token);
xhr.onreadystatechange = function() {
if (xhr.readyState == 4) {
if (xhr.status < 200 || xhr.status > 300) {
console.log('Could not revoke token; status ' + xhr.status + '.');
} else {
exports.removeCachedAuthToken({ token: details.token }, callback);
}
}
}
xhr.send(null);
} else {
return callbackWithError('No token to revoke.', callback);
}
}
var fail = function(msg) {
callbackWithError(msg, callback);
};
exports.getAuthToken = function(details, callback) {
if (typeof details === 'function' && typeof callback === 'undefined') {
callback = details;
details = { interactive: false };
}
if (typeof callback !== 'function') {
return callbackWithError('Callback function required');
}
if (typeof details !== 'object') {
return callbackWithError('TokenDetails object required', callback);
}
// If we have a cached token, send it along.
if (cachedToken) {
callback(cachedToken, cachedAccount);
return;
}
// Fetch the OAuth details from either the passed-in `details` object or the manifest.
var oAuthDetails = details.oauth2 || runtime && runtime.getManifest().oauth2;
// Augment the callback so that it caches a received token.
var augmentedCallback = function(tokenData) {
if (tokenData.token) {
cachedToken = tokenData.token;
}
if (tokenData.account) {
cachedAccount = tokenData.account;
}
callback(tokenData.token, tokenData.account);
};
// This function extracts a token from a given URL and returns it.
var extractToken = function(url) {
// This function is only used when using web authentication as a fallback from native Google authentication.
// As a result, it's okay to search for "access_token", since that's what Google puts in the resulting URL.
// The regular expression looks for "access_token=", followed by a lazy capturing of some string (the token).
// This lazy capturing ends when either an ampersand (followed by more stuff) is reached or the end of the string is reached.
var match = /\baccess_token=(.+?)(?:&.*)?$/.exec(url);
return match && match[1];
};
// If we failed because Google Play Services is unavailable, revert to the web auth flow.
// Otherwise, just fail.
var fail = function(msg) {
if (msg === GOOGLE_PLAY_SERVICES_UNAVAILABLE) {
console.warn('Google Play Services is unavailable; falling back to web authentication flow.');
// Verify that oAuthDetails contains a client_id and scopes.
// Since we're using the web auth flow as a fallback, we need the web client id.
var manifest = runtime.getManifest();
var webClientId = manifest && manifest.web && manifest.web.oauth2 && manifest.web.oauth2.client_id;
if (!webClientId) {
callbackWithError('Web client id missing from mobile manifest.', callback);
return;
}
if (!oAuthDetails.scopes) {
callbackWithError('Scopes missing from manifest.', callback);
return;
}
// Add the appropriate URL to the `details` object.
var scopes = encodeURIComponent(oAuthDetails.scopes.join(' '));
details.url = 'https://accounts.google.com/o/oauth2/auth?client_id=' + webClientId + '&redirect_uri=' + chrome.identity.getRedirectURL() + '&response_type=token&scope=' + scopes;
// The callback needs to extract the access token from the returned URL and pass that on to the original callback.
var launchWebAuthFlowCallback = function(responseUrl) {
var token = extractToken(responseUrl);
// If we weren't able to extract a token, error out. Otherwise, call the callback.
if (!token) {
callbackWithError('URL did not contain a token.', callback);
return;
}
augmentedCallback(token);
};
// Launch the web auth flow!
exports.launchWebAuthFlow(details, launchWebAuthFlowCallback);
} else {
callbackWithError(msg, callback);
}
};
// Use the native implementation for logging into Google accounts.
var args = [!!details.interactive, oAuthDetails];
if (details.accountHint) {
args.push(details.accountHint);
}
exec(augmentedCallback, fail, 'ChromeIdentity', 'getAuthToken', args);
};
return callback && function(msg) {
callbackWithError(msg, callback);
};
var fail = callback && function(error) {
callbackWithError(error.message, callback, error.resultCode);
};
var fail = function(info) {
var error = function() {
exports.onReceiveError.fire(info);
};
callbackWithError(info.message, error);
};
var fail = function(info) {
callbackWithError(info.message, exports.onReceiveError.fire, info);
};