New issue
Advanced search Search tips

Issue 854166 link

Starred by 1 user
Status: Fixed
Owner:
msarda@chromium.org
Closed: Jun 2018
Cc:
ew...@chromium.org
jsc...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 2
Type: Bug



Sign in to add a comment

Separate OAuth client configuration from API keys

Project Member Reported by msarda@chromium.org, Jun 19 2018 
The API keys and OAuth client ID and client secret configurations have been bundled in google_apis. Indeed there was a single method to check whether the API keys were configured: HasAPIKeysConfigured.

However the API key and the OAuth client are used in 2 different contexts:
* API key is required to use non-authorized Google APIs (e.g. safe browsing, geolocation etc)
* OAuth client is required to do authorized calls to Google APIs (e.g. Chrome sync)

With Desktop Identity Consistency, signing in to Google web requires a client ID to be configured. This is a problem for 3rd party Chromium based browsers that want to continue to use API keys.

The solution consists in replacing the HasAPIKeysConfigured with 2 different calls:
a) HasApiKeyConfigured - only checks if the API keys is configured
b) HasOAuthClientConfigured - only checks if the OAUth client is configured

Desktop Identity Consistency is only enabled if the OAuth client was configured.
Project Member

Comment 1 by bugdroid1@chromium.org, Jun 20 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/806c3540ef27ceca487d47c231cce38e0439e57a

commit 806c3540ef27ceca487d47c231cce38e0439e57a
Author: Mihai Sardarescu <msarda@chromium.org>
Date: Wed Jun 20 17:01:06 2018

Separate API key from client ID and secret.

The CL separates the HasAPIKeysConfigured in HasAPIKeyConfigured and
HasOAuthClientConfigured. It then disables Desktop Identity Consistency
when the OAuth client ID and secret are not configured.

That allows developers to set and API key without having to also configure
the OAuth client ID and client secret. In such an environment, Chromium
would continue to use the non-authorized Google APIs (e.g geolocation,
translate, safe browsing etc), while at the same time being able to
sign in to Google web properties.

Bug:  854166 

Cq-Include-Trybots: luci.chromium.try:ios-simulator-full-configs;master.tryserver.chromium.mac:ios-simulator-cronet
Change-Id: I9606c5d34e57823e47466bf4fc02f258ecd262a8
Reviewed-on: https://chromium-review.googlesource.com/1105991
Commit-Queue: Mihai Sardarescu <msarda@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Reviewed-by: David Roger <droger@chromium.org>
Reviewed-by: Roger Tawa <rogerta@chromium.org>
Cr-Commit-Position: refs/heads/master@{#568882}
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/chrome/browser/signin/account_consistency_mode_manager.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/chrome/browser/signin/account_consistency_mode_manager.h
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/chrome/browser/ui/webui/chromeos/login/core_oobe_handler.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/chrome/test/base/chrome_test_suite.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/components/translate/core/browser/translate_manager.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/google_apis/google_api_keys.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/google_apis/google_api_keys.h
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/google_apis/google_api_keys_mac_unittest.mm
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/google_apis/google_api_keys_unittest.cc
[modify] https://crrev.com/806c3540ef27ceca487d47c231cce38e0439e57a/ios/chrome/browser/ntp_snippets/ios_chrome_content_suggestions_service_factory_util.cc

Comment 2 by msarda@chromium.org, Jun 21 2018

Status: Fixed (was: Started)

Sign in to add a comment