After signin token check failed, show force reauth dialog and start window closing countdown.

chrome/browser/signin/force_signin_verifier.cc

Index: chrome/browser/signin/force_signin_verifier.cc
diff --git a/chrome/browser/signin/force_signin_verifier.cc b/chrome/browser/signin/force_signin_verifier.cc
index 9afd37813e60a95759bb6d5224e99398dbbdbac5..0311d85dd9f3f1d2d98d3a1810199d01f784f755 100644
--- a/chrome/browser/signin/force_signin_verifier.cc
+++ b/chrome/browser/signin/force_signin_verifier.cc
@@ -4,10 +4,12 @@
 
 #include <string>
 
+#include "base/bind.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/signin/force_signin_verifier.h"
 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
 #include "chrome/browser/signin/signin_manager_factory.h"
+#include "chrome/browser/ui/forced_reauthentication_dialog.h"
 #include "components/signin/core/browser/signin_manager.h"
 #include "google_apis/gaia/gaia_constants.h"
 
@@ -23,10 +25,22 @@ const net::BackoffEntry::Policy kBackoffPolicy = {
     false           // Do not always use initial delay.
 };
 
+// The duration of window closing countdown when verification failed. Use the
+// short countdown if the verfication is finished in
+// |kShortCountdownVerificationTimeLimitInSeconds|, otherwise use the normal
+// countdown.
+const int kShortCountdownVerificationTimeLimitInSeconds = 3;
+const int kWindowClosingNormalCountdownDurationInSecond = 300;
+const int kWindowClosingShortCountdownDurationInSecond = 30;
+
 }  // namespace
 
 ForceSigninVerifier::ForceSigninVerifier(Profile* profile)
     : OAuth2TokenService::Consumer("force_signin_verifier"),
+#if !defined(OS_MACOSX)
+      profile_(profile),
+      dialog_(ForcedReauthenticationDialog::Create()),
+#endif
       has_token_verified_(false),
       backoff_entry_(&kBackoffPolicy),
       oauth2_token_service_(
@@ -90,6 +104,10 @@ bool ForceSigninVerifier::HasTokenBeenVerified() {
   return has_token_verified_;
 }
 
+void ForceSigninVerifier::AbortSignoutCountdownIfExisted() {
+  window_close_timer_.Stop();
+}
+
 void ForceSigninVerifier::SendRequest() {
   if (!ShouldSendRequest())
     return;
@@ -107,8 +125,38 @@ bool ForceSigninVerifier::ShouldSendRequest() {
          signin_manager_->IsAuthenticated();
 }
 
+base::TimeDelta ForceSigninVerifier::StartCountdown() {
+  base::TimeDelta countdown_duration;
+  if (base::Time::Now() - token_request_time_ >
+      base::TimeDelta::FromSeconds(
+          kShortCountdownVerificationTimeLimitInSeconds)) {
+    countdown_duration = base::TimeDelta::FromSeconds(
+        kWindowClosingNormalCountdownDurationInSecond);
+  } else {
+    countdown_duration = base::TimeDelta::FromSeconds(
+        kWindowClosingShortCountdownDurationInSecond);
+  }
+
+  window_close_timer_.Start(FROM_HERE, countdown_duration, this,
+                            &ForceSigninVerifier::CloseAllBrowserWindows);
+  return countdown_duration;
+}
+
 void ForceSigninVerifier::ShowDialog() {
-  // TODO(zmin): Show app modal dialog.
+#if !defined(OS_MACOSX)
+  base::TimeDelta countdown_duration = StartCountdown();
+  dialog_->ShowDialog(profile_, signin_manager_, countdown_duration);
+#endif
+}
+
+void ForceSigninVerifier::CloseAllBrowserWindows() {
+  // Do not close window if there is ongoing reauth. If it fails later, the
+  // signin process should take care of the signout.
+  if (signin_manager_->AuthInProgress())
+    return;
+  signin_manager_->SignOut(
+      signin_metrics::AUTHENTICATION_FAILED_WITH_FORCE_SIGNIN,
+      signin_metrics::SignoutDelete::IGNORE_METRIC);
 }
 
 OAuth2TokenService::Request* ForceSigninVerifier::GetRequestForTesting() {
@@ -122,3 +170,7 @@ net::BackoffEntry* ForceSigninVerifier::GetBackoffEntryForTesting() {
 base::OneShotTimer* ForceSigninVerifier::GetOneShotTimerForTesting() {
   return &backoff_request_timer_;
 }
+
+base::OneShotTimer* ForceSigninVerifier::GetWindowCloseTimerForTesting() {
+  return &window_close_timer_;
+}