BASELINE: Update Chromium to 90.0.4430.221

Change-Id: Iff4d9d18d2fcf1a576f3b1f453010f744a232920
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

1 files changed, 70 insertions, 5 deletions

diff --git a/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js b/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
index 9d12441ce84..b9ddcce25b2 100644
--- a/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
+++ b/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
@@ -29,6 +29,25 @@ cr.define('cr.login', function() {
   /* #ignore */ 'use strict';
 
   /**
+   * Individual sync trusted vault key.
+   * @typedef {{
+   *   keyMaterial: ArrayBuffer,
+   *   version: number,
+   * }}
+   */
+  /* #export */ let SyncTrustedVaultKey;
+
+  /**
+   * Sync trusted vault encryption keys optionally passed with 'authCompleted'
+   * message.
+   * @typedef {{
+   *   encryptionKeys: Array<SyncTrustedVaultKey>,
+   *   trustedPublicKeys: Array<SyncTrustedVaultKey>
+   * }}
+   */
+  /* #export */ let SyncTrustedVaultKeys;
+
+  /**
    * Credentials passed with 'authCompleted' message.
    * @typedef {{
    *   email: string,
@@ -41,7 +60,8 @@ cr.define('cr.login', function() {
    *   sessionIndex: string,
    *   trusted: boolean,
    *   services: Array,
-   *   passwordAttributes: !PasswordAttributes
+   *   passwordAttributes: !PasswordAttributes,
+   *   syncTrustedVaultKeys: !SyncTrustedVaultKeys
    * }}
    */
   /* #export */ let AuthCompletedCredentials;
@@ -67,8 +87,12 @@ cr.define('cr.login', function() {
    *   flow: string,
    *   ignoreCrOSIdpSetting: boolean,
    *   enableGaiaActionButtons: boolean,
+   *   enableSyncTrustedVaultKeys: boolean,
    *   enterpriseEnrollmentDomain: string,
-   *   samlAclUrl: string
+   *   samlAclUrl: string,
+   *   isSupervisedUser: boolean,
+   *   isDeviceOwner: boolean,
+   *   ssoProfile: string,
    * }}
    */
   /* #export */ let AuthParams;
@@ -124,7 +148,11 @@ cr.define('cr.login', function() {
                      // If this set to |false|, |confirmPasswordCallback| is
                      // not called before dispatching |authCopleted|.
                      // Default is |true|.
-    'flow',          // One of 'default', 'enterprise', or 'theftprotection'.
+    'enableSyncTrustedVaultKeys',  // Whether the host is interested in getting
+                                   // sync trusted vault keys.
+                                   // Default is |false|.
+    'flow',                        // One of 'default', 'enterprise', or
+                                   // 'theftprotection'.
     'enterpriseDisplayDomain',     // Current domain name to be displayed.
     'enterpriseDomainManager',     // Manager of the current domain. Can be
                                    // either a domain name (foo.com) or an email
@@ -147,6 +175,9 @@ cr.define('cr.login', function() {
     'ignoreCrOSIdpSetting',  // If set to true, causes Gaia to ignore 3P
                              // SAML IdP SSO redirection policies (and
                              // redirect to SAML IdPs by default).
+    'ssoProfile',            // An identifier for the device's managing OU's
+                             // SAML SSO setting. Used by the login screen to
+                             // pass to Gaia.
 
     // The email fields allow for the following possibilities:
     //
@@ -172,6 +203,8 @@ cr.define('cr.login', function() {
     // SAML assertion consumer URL, used to detect when Gaia-less SAML flows end
     // (e.g. for SAML managed guest sessions).
     'samlAclUrl',
+    'isSupervisedUser',  // True if the user is supervised user.
+    'isDeviceOwner',     // True if the user is device owner.
   ];
 
   /**
@@ -269,6 +302,19 @@ cr.define('cr.login', function() {
       }
       this.dispatchEvent(
           new CustomEvent('setAllActionsEnabled', {detail: msg.value}));
+    },
+    'removeUserByEmail'(msg) {
+      this.dispatchEvent(
+          new CustomEvent('removeUserByEmail', {detail: msg.email}));
+    },
+    'exit'(msg) {
+      this.dispatchEvent(new CustomEvent('exit'));
+    },
+    'syncTrustedVaultKeys'(msg) {
+      if (!this.enableSyncTrustedVaultKeys_) {
+        return;
+      }
+      this.syncTrustedVaultKeys_ = msg.value;
     }
   };
 
@@ -345,6 +391,7 @@ cr.define('cr.login', function() {
        */
       this.getIsSamlUserPasswordlessCallback = null;
       this.needPassword = true;
+      this.enableSyncTrustedVaultKeys_ = false;
       this.services_ = null;
       /**
        * Caches the result of |getIsSamlUserPasswordlessCallback| invocation for
@@ -356,6 +403,8 @@ cr.define('cr.login', function() {
       /** @private {boolean} */
       this.isConstrainedWindow_ = false;
       this.samlAclUrl_ = null;
+      /** @private {?SyncTrustedVaultKeys} */
+      this.syncTrustedVaultKeys_ = null;
 
       window.addEventListener(
           'message', this.onMessageFromWebview_.bind(this), false);
@@ -394,6 +443,7 @@ cr.define('cr.login', function() {
       this.videoEnabled = false;
       this.services_ = null;
       this.isSamlUserPasswordless_ = null;
+      this.syncTrustedVaultKeys_ = null;
     }
 
     /**
@@ -558,6 +608,7 @@ cr.define('cr.login', function() {
       this.clientId_ = data.clientId;
       this.dontResizeNonEmbeddedPages = data.dontResizeNonEmbeddedPages;
       this.enableGaiaActionButtons_ = data.enableGaiaActionButtons;
+      this.enableSyncTrustedVaultKeys_ = !!data.enableSyncTrustedVaultKeys;
 
       this.initialFrameUrl_ = this.constructInitialFrameUrl_(data);
       this.reloadUrl_ = data.frameUrl || this.initialFrameUrl_;
@@ -614,6 +665,9 @@ cr.define('cr.login', function() {
       if (data.doSamlRedirect) {
         let url = this.idpOrigin_ + SAML_REDIRECTION_PATH;
         url = appendParam(url, 'domain', data.enterpriseEnrollmentDomain);
+        if (data.ssoProfile) {
+          url = appendParam(url, 'sso_profile', data.ssoProfile);
+        }
         url = appendParam(
             url, 'continue',
             data.gaiaUrl + 'programmatic_auth_chromeos?hl=' + data.hl +
@@ -700,6 +754,16 @@ cr.define('cr.login', function() {
       if (data.enableGaiaActionButtons) {
         url = appendParam(url, 'use_native_navigation', '1');
       }
+      if (data.isSupervisedUser) {
+        url = appendParam(url, 'is_supervised', '1');
+      }
+      if (data.isDeviceOwner) {
+        url = appendParam(url, 'is_device_owner', '1');
+      }
+      if (data.enableSyncTrustedVaultKeys) {
+        url = appendParam(url, 'szkr', '1');
+      }
+
       return url;
     }
 
@@ -869,7 +933,7 @@ cr.define('cr.login', function() {
       const msg = e.data;
       if (msg.method in messageHandlers) {
         if (this.authCompletedFired_) {
-          console.error(msg.method + ' message sent after auth completed');
+          console.warn(msg.method + ' message sent after auth completed');
         }
         messageHandlers[msg.method].call(this, msg);
       } else if (!IGNORED_MESSAGES_FROM_GAIA.includes(msg.method)) {
@@ -1123,7 +1187,8 @@ cr.define('cr.login', function() {
               sessionIndex: this.sessionIndex_ || '',
               trusted: this.trusted_,
               services: this.services_ || [],
-              passwordAttributes: passwordAttributes
+              passwordAttributes: passwordAttributes,
+              syncTrustedVaultKeys: this.syncTrustedVaultKeys_ || {}
             }
           }));
       this.resetStates();