| // Copyright 2016 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| [DartPackage="mojo_services"] |
| module authentication; |
| |
| // Interface to handle user identity management features on such as account |
| // provisioning and listing all users. |
| [ServiceName="authentication::AuthenticationAdminService"] |
| interface AuthenticationAdminService { |
| // Requests an oauth2 device code response for the given set of scopes. In |
| // case of error, all response parameters other than error, namely |
| // verifcation_url, device_code and user_code will be null and error will |
| // contain a description of the error. To provision FNL like systems with |
| // Google account credentials, invoke GetOAuth2DeviceCode() method followed by |
| // AddAccount() instead of using SelectAccount(), which only works for |
| // Android. |
| GetOAuth2DeviceCode(array<string> scopes) |
| => (string? verification_url, |
| string? device_code, |
| string? user_code, |
| string? error); |
| |
| // Exchanges an oauth2 device code to a refresh token for the granted user, |
| // and stores it locally in a secure storage location on FNL. For future |
| // GetOAuth2Token requests, a new access token is minted from this refresh |
| // token and returned to the calling mojo app. |
| AddAccount(string device_code) => (string? username, string? error); |
| |
| // Requests list of usernames for users registered on the current device. |
| GetAllUsers() => (array<string> usernames, string? error); |
| }; |
