// Copyright 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

module identity.mojom;

import "mojo/public/mojom/base/time.mojom";
import "services/identity/public/mojom/account.mojom";
import "services/identity/public/mojom/account_info.mojom";
import "services/identity/public/mojom/account_state.mojom";
import "services/identity/public/mojom/google_service_auth_error.mojom";
import "services/identity/public/mojom/scope_set.mojom";

// Gives access to information about the user's Google accounts.
interface IdentityManager {
  // Returns the AccountInfo for the Google account that serves as the user's
  // primary account, or null if the user has no primary account (e.g., if they
  // are not signed in). |account_state| gives the current state of the account
  // (relevant only if |account_info| is non-null).
  GetPrimaryAccountInfo() => (AccountInfo? account_info,
                              AccountState account_state);

  // Returns the AccountInfo for the Google account that serves as the user's
  // primary account once this account is available (i.e., the user is signed
  // in, a refresh token is available, and the refresh token is in a non-error
  // state). |account_state| gives the current state of the account.
  // Overlapping requests are permitted; all pending requests will be called
  // back when the primary account is available.
  GetPrimaryAccountWhenAvailable() => (AccountInfo account_info,
                                       AccountState account_state);

  // Returns the AccountInfo for the user's Google account corresponding to
  // |gaia_id|, or null if the user has such corresponding account.
  // |account_state| gives the current state of the account (relevant only if
  // |account_info| is non-null).
  GetAccountInfoFromGaiaId(string gaia_id) => (AccountInfo? account_info,
                                               AccountState account_state);

  // Returns a list of all known accounts. The primary account (if any exists)
  // will be first, after which the order is undefined.
  GetAccounts() => (array<Account> accounts);

  // Returns an access token with the requested scopes for the given
  // |account_id|, or null if it is not possible to obtain such a token (e.g.,
  // because the user is not signed in with that account). |expiration_time|
  // gives the time until the returned token expires.  In the case of failure,
  // |error| will give information detailing the reason for the failure, and
  // |expiration_time| is undefined. |consumer_id| is an arbitrary string used
  // to identity the consumer (e.g., in about:://signin-internals).
  // NOTE: |account_id| corresponds to that used by OAuth2TokenService.
  GetAccessToken(string account_id, ScopeSet scopes, string consumer_id) =>
     (string? token,
      mojo_base.mojom.Time expiration_time,
      GoogleServiceAuthError error);
};