Allow supportcontent scope in signed-in not syncing state.
This CL adds "https://www.googleapis.com/auth/supportcontent" to the list of OAUth 2.0 scopes allowed when the user is signed in but not consented for sync. This is required by the feedback uploader that includes user information when uploading the feedback. Fixed: 1235041 Change-Id: I14edabbc4e5d495b4f2106d85920b3e6f241d816 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3110443 Auto-Submit: Mihai Sardarescu <msarda@chromium.org> Reviewed-by: Nohemi Fernandez <fernandex@chromium.org> Reviewed-by: Jimmy Gong <jimmyxgong@chromium.org> Commit-Queue: Mihai Sardarescu <msarda@chromium.org> Cr-Commit-Position: refs/heads/main@{#914455}
This commit is contained in:

committed by
Chromium LUCI CQ

parent
8c8f4244cb
commit
52909f522c
chrome/browser/feedback
components/signin/public/identity_manager
google_apis/gaia
@ -18,6 +18,7 @@
|
||||
#include "content/public/browser/browser_task_traits.h"
|
||||
#include "content/public/browser/browser_thread.h"
|
||||
#include "content/public/browser/storage_partition.h"
|
||||
#include "google_apis/gaia/gaia_constants.h"
|
||||
#include "services/network/public/cpp/resource_request.h"
|
||||
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
@ -38,8 +39,6 @@ constexpr char kAuthenticationErrorLogMessage[] =
|
||||
|
||||
constexpr char kConsumer[] = "feedback_uploader_chrome";
|
||||
|
||||
constexpr char kScope[] = "https://www.googleapis.com/auth/supportcontent";
|
||||
|
||||
void QueueSingleReport(base::WeakPtr<feedback::FeedbackUploader> uploader,
|
||||
scoped_refptr<FeedbackReport> report) {
|
||||
content::GetUIThreadTaskRunner({})->PostTask(
|
||||
@ -131,7 +130,7 @@ void FeedbackUploaderChrome::StartDispatchingReport() {
|
||||
if (identity_manager &&
|
||||
identity_manager->HasPrimaryAccount(signin::ConsentLevel::kSignin)) {
|
||||
signin::ScopeSet scopes;
|
||||
scopes.insert(kScope);
|
||||
scopes.insert(GaiaConstants::kSupportContentOAuth2Scope);
|
||||
primary_account_token_fetcher_ =
|
||||
std::make_unique<signin::PrimaryAccountAccessTokenFetcher>(
|
||||
kConsumer, identity_manager, scopes,
|
||||
@ -158,7 +157,7 @@ void FeedbackUploaderChrome::StartDispatchingReport() {
|
||||
policy::EnrollmentRequisitionManager::IsRemoraRequisition();
|
||||
if (isMeetDevice && !device_identity_provider->GetActiveAccountId().empty()) {
|
||||
OAuth2AccessTokenManager::ScopeSet scopes;
|
||||
scopes.insert(kScope);
|
||||
scopes.insert(GaiaConstants::kSupportContentOAuth2Scope);
|
||||
active_account_token_fetcher_ = device_identity_provider->FetchAccessToken(
|
||||
kConsumer, scopes,
|
||||
base::BindOnce(
|
||||
|
@ -50,6 +50,9 @@ const std::set<std::string> GetUnconsentedOAuth2Scopes() {
|
||||
// Required by Permission Request Creator.
|
||||
GaiaConstants::kClassifyUrlKidPermissionOAuth2Scope,
|
||||
|
||||
// Required by the feedback uploader.
|
||||
GaiaConstants::kSupportContentOAuth2Scope,
|
||||
|
||||
// Required by ChromeOS only.
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
GaiaConstants::kAccountsReauthOAuth2Scope,
|
||||
|
@ -145,6 +145,10 @@ const char kChromeWebstoreOAuth2Scope[] =
|
||||
const char kAccountCapabilitiesOAuth2Scope[] =
|
||||
"https://www.googleapis.com/auth/account.capabilities";
|
||||
|
||||
// OAuth2 scope for support content API.
|
||||
const char kSupportContentOAuth2Scope[] =
|
||||
"https://www.googleapis.com/auth/supportcontent";
|
||||
|
||||
// Used to mint uber auth tokens when needed.
|
||||
const char kGaiaSid[] = "sid";
|
||||
const char kGaiaLsid[] = "lsid";
|
||||
|
@ -57,6 +57,7 @@ extern const char kGCMGroupServerOAuth2Scope[];
|
||||
extern const char kGCMCheckinServerOAuth2Scope[];
|
||||
extern const char kChromeWebstoreOAuth2Scope[];
|
||||
extern const char kAccountCapabilitiesOAuth2Scope[];
|
||||
extern const char kSupportContentOAuth2Scope[];
|
||||
|
||||
// Used with uber auth tokens when needed.
|
||||
extern const char kGaiaSid[];
|
||||
|
Reference in New Issue
Block a user