Force Account Consistency off for Logout call on iOS.

The GaiaAuthFetcher Logout call needs Account Consistency to be disabled to work properly. On iOS, the state of Account Consistency is handled by cookies set on the various Google domains. Sadly, the cookie clearing request is not synchronized with the Logout call and there is a race between the two. This CL forces the cookie to be invalid during the Logout request to ensure the accounts will be cleared. The cookie will eventually be invalidated in the WKWebView cookie jar when AccountConsistencyService finishes. BUG=569501 Review URL: https://codereview.chromium.org/1522873002 Cr-Commit-Position: refs/heads/master@{#365248}
joone · Dec 15, 2015 · def2982 · def2982
1 parent 3706ec0
commit def2982
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 2 deletions.
diff --git a/google_apis/gaia/gaia_auth_fetcher.cc b/google_apis/gaia/gaia_auth_fetcher.cc
@@ -195,6 +195,10 @@ void GaiaAuthFetcher::SetPendingFetch(bool pending_fetch) {
   fetch_pending_ = pending_fetch;
 }
 
+void GaiaAuthFetcher::SetLogoutHeaders(const std::string& headers) {
+  logout_headers_ = headers;
+}
+
 void GaiaAuthFetcher::CancelRequest() {
   fetcher_.reset();
   fetch_pending_ = false;
@@ -629,7 +633,7 @@ void GaiaAuthFetcher::StartListAccounts() {
 void GaiaAuthFetcher::StartLogOut() {
   DCHECK(!fetch_pending_) << "Tried to fetch two things at once!";
 
-  CreateAndStartGaiaFetcher(std::string(), std::string(), logout_gurl_,
+  CreateAndStartGaiaFetcher(std::string(), logout_headers_, logout_gurl_,
                             net::LOAD_NORMAL);
 }
 

diff --git a/google_apis/gaia/gaia_auth_fetcher.h b/google_apis/gaia/gaia_auth_fetcher.h
@@ -228,6 +228,9 @@ class GaiaAuthFetcher : public net::URLFetcherDelegate {
 
   void SetPendingFetch(bool pending_fetch);
 
+  // Set the headers to use during the Logout call.
+  void SetLogoutHeaders(const std::string& headers);
+
  private:
   // The format of the POST body for IssueAuthToken.
   static const char kIssueAuthTokenFormat[];
@@ -430,6 +433,9 @@ class GaiaAuthFetcher : public net::URLFetcherDelegate {
   std::string requested_service_;
   bool fetch_pending_;
 
+  // Headers used during the Logout call.
+  std::string logout_headers_;
+
   friend class GaiaAuthFetcherTest;
   FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, CaptchaParse);
   FRIEND_TEST_ALL_PREFIXES(GaiaAuthFetcherTest, AccountDeletedError);

diff --git a/ios/chrome/browser/signin/gaia_auth_fetcher_ios.mm b/ios/chrome/browser/signin/gaia_auth_fetcher_ios.mm
@@ -320,7 +320,12 @@ - (void)webView:(WKWebView*)webView
                                        web::BrowserState* browser_state)
     : GaiaAuthFetcher(consumer, source, getter),
       bridge_(new GaiaAuthFetcherIOSBridge(this, browser_state)),
-      browser_state_(browser_state) {}
+      browser_state_(browser_state) {
+  // Account Consistency needs to be disabled for the Logout call. There is a
+  // race with the cookie clearing request (handled by
+  // AccountConsistencyService), so we invalidate the cookie for the call.
+  SetLogoutHeaders("Cookie: X-CHROME-CONNECTED=EXPIRED;");
+}
 
 GaiaAuthFetcherIOS::~GaiaAuthFetcherIOS() {
 }