Currently, all ListAccounts callers can provide their own source parameter (see [1]).
On the server side, we'd like to be able easily exclude all (known) browser-initiated traffic to this endpoint when doing analysis, so having one common prefix would make that a lot easier. Currently we'd need to exclude sources starting with (Chromium|durations_metrics|SyncAuthManager|ProfileChooserView|child_account_service), and have to extend that list it as more parts of Chrome start using it.
[1] https://cs.chromium.org/chromium/src/components/signin/core/browser/gaia_cookie_manager_service.cc?l=503&rcl=5b50594018f5d39b87d9dbe390c900b4560c2d46
--Chrome Identity automated triaging--
This bug is Untriaged and has gone for two weeks without any activity, so it is being moved to Available. Please see https://goo.gl/78kbny for more details. Please remove the Services>SignIn or UI>Browser>Profiles components if this bug isn't related to Chrome Identity.
For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
I see that several calls already use a "Chromium" prefix. I will add a Chromium prefix to all calls that don't already have one, as this will be simplest the least risky change.
nick: is this only for ListAccounts or should we try to do this for all Gaia calls? Maybe that's riskier though, because I know that in some cases server logic depends on the source value (see b/110375876 for an example).
Are there places beyond Dice/Mirror that actually use the other Gaia calls? I'd be worried about random Chrome code calling Logout for example.
I looked a bit more at the code, and we would be OK for Dice to have everything else also use a Chromium prefix since we only look at the prefix for M67. However for Mirror we always only look at the prefix, so if non-Mirror Chrome code started using that for non-ListAccounts calls we might introduce bugs.
I'm not 100% sure I caught everything, but apart from list account there are not many calls.
Logout is only called by Mirror and Dice.
uber auth token exchange (used by merge session internally) and CheckConnection info use a source, but it is always "ChromiumBrowser" currently which already starts with Chromium.
From Chrome 72, all sources for ListAccounts, Merge session, Logout, multilogin will start with "Chromium" or be "chromeos".
In particular ListAccounts should now always use "ChromiumBrowser" as source.
Comment 1 by sheriffbot@chromium.org
, Oct 29