Network traffic annotation added to OAuth2ApiCallFlow and its subclasses.

google_apis/gaia/oauth2_mint_token_flow.cc

Index: google_apis/gaia/oauth2_mint_token_flow.cc
diff --git a/google_apis/gaia/oauth2_mint_token_flow.cc b/google_apis/gaia/oauth2_mint_token_flow.cc
index 69c241cef6a24df158d7f12898cc0f495476c88b..6ffed50fcc8632bc8908a26e58cadff4b3c8161d 100644
--- a/google_apis/gaia/oauth2_mint_token_flow.cc
+++ b/google_apis/gaia/oauth2_mint_token_flow.cc
@@ -279,3 +279,31 @@ bool OAuth2MintTokenFlow::ParseIssueAdviceResponse(
 
   return success;
 }
+
+net::PartialNetworkTrafficAnnotationTag
+OAuth2MintTokenFlow::GetNetworkTrafficAnnotationTag() {
+  return net::DefinePartialNetworkTrafficAnnotation(
+      "oauth2_mint_token_flow", "oauth2_api_call_flow", R"(
+      semantics {
+        sender: "Chrome Identity API"
+        description:
+          "Requests a token from gaia allowing an app or extension to act as "
+          "the user when calling other google APIs."
+        trigger: "API call from the app/extension."
+        data:
+          "User's login token, the identity of a chrome app/extension, and a "
+          "list of oauth scopes requested by the app/extension."
+        destination: GOOGLE_OWNED_SERVICE
+      }
+      policy {
+        setting:
+          "This feature cannot be disabled by settings, however the request is "
+          "made only for signed-in users."
+        chrome_policy {
+          SigninAllowed {
+            policy_options {mode: MANDATORY}
+            SigninAllowed: false
+          }
+        }
+      })");
+}