diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2021-09-03 13:32:17 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2021-10-01 14:31:55 +0200 |
commit | 21ba0c5d4bf8fba15dddd97cd693bad2358b77fd (patch) | |
tree | 91be119f694044dfc1ff9fdc054459e925de9df0 /chromium/chrome/browser/resources/gaia_auth_host/authenticator.js | |
parent | 03c549e0392f92c02536d3f86d5e1d8dfa3435ac (diff) |
BASELINE: Update Chromium to 92.0.4515.166
Change-Id: I42a050486714e9e54fc271f2a8939223a02ae364
Diffstat (limited to 'chromium/chrome/browser/resources/gaia_auth_host/authenticator.js')
-rw-r--r-- | chromium/chrome/browser/resources/gaia_auth_host/authenticator.js | 129 |
1 files changed, 95 insertions, 34 deletions
diff --git a/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js b/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js index a81e93a2e1a..f2767801775 100644 --- a/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js +++ b/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js @@ -38,11 +38,21 @@ cr.define('cr.login', function() { /* #export */ let SyncTrustedVaultKey; /** + * Individual sync trusted recovery method. + * @typedef {{ + * publicKey: ArrayBuffer, + * type: number, + * }} + */ + /* #export */ let SyncTrustedRecoveryMethod; + + /** * Sync trusted vault encryption keys optionally passed with 'authCompleted' * message. * @typedef {{ + * obfuscatedGaiaId: string, * encryptionKeys: Array<SyncTrustedVaultKey>, - * trustedPublicKeys: Array<SyncTrustedVaultKey> + * trustedRecoveryMethods: Array<SyncTrustedRecoveryMethod> * }} */ /* #export */ let SyncTrustedVaultKeys; @@ -87,12 +97,12 @@ cr.define('cr.login', function() { * flow: string, * ignoreCrOSIdpSetting: boolean, * enableGaiaActionButtons: boolean, - * enableSyncTrustedVaultKeys: boolean, * enterpriseEnrollmentDomain: string, * samlAclUrl: string, * isSupervisedUser: boolean, * isDeviceOwner: boolean, * ssoProfile: string, + * enableCloseView: boolean, * }} */ /* #export */ let AuthParams; @@ -109,6 +119,12 @@ cr.define('cr.login', function() { const SAML_REDIRECTION_PATH = 'samlredirect'; const BLANK_PAGE_URL = 'about:blank'; + // Metric names for messages we get from Gaia. + const GAIA_MESSAGE_SAML_USER_INFO = 'ChromeOS.Gaia.Message.Saml.UserInfo'; + const GAIA_MESSAGE_GAIA_USER_INFO = 'ChromeOS.Gaia.Message.Gaia.UserInfo'; + const GAIA_MESSAGE_SAML_CLOSE_VIEW = 'ChromeOS.Gaia.Message.Saml.CloseView'; + const GAIA_MESSAGE_GAIA_CLOSE_VIEW = 'ChromeOS.Gaia.Message.Gaia.CloseView'; + /** * The source URL parameter for the constrained signin flow. */ @@ -148,9 +164,6 @@ cr.define('cr.login', function() { // If this set to |false|, |confirmPasswordCallback| is // not called before dispatching |authCopleted|. // Default is |true|. - 'enableSyncTrustedVaultKeys', // Whether the host is interested in getting - // sync trusted vault keys. - // Default is |false|. 'flow', // One of 'default', 'enterprise', or // 'theftprotection'. 'enterpriseDisplayDomain', // Current domain name to be displayed. @@ -205,12 +218,16 @@ cr.define('cr.login', function() { 'samlAclUrl', 'isSupervisedUser', // True if the user is supervised user. 'isDeviceOwner', // True if the user is device owner. + 'doSamlRedirect', // True if the authentication is done via external IdP. + 'enableCloseView', // True if authenticator should wait for the closeView + // message from Gaia. ]; - // Timeout in ms to wait for the user info message. The message is used to - // extract user services and to define whether or not the account is a child - // one. - const USER_INFO_WAIT_TIMEOUT_MS = 5 * 1000; + // Timeout in ms to wait for the message from Gaia indicating end of the flow. + // Could be userInfo (The message is used to extract user services and to + // define whether or not the account is a child one) or closeView (specific + // message to indicate the end of the flow). + const GAIA_DONE_WAIT_TIMEOUT_MS = 5 * 1000; /** * Extract domain name from an URL. @@ -266,6 +283,12 @@ cr.define('cr.login', function() { }, 'userInfo'(msg) { this.services_ = msg.services; + if (!this.authCompletedFired_) { + const metric = this.authFlow == AuthFlow.SAML ? + GAIA_MESSAGE_SAML_USER_INFO : + GAIA_MESSAGE_GAIA_USER_INFO; + chrome.send('metricsHandler:recordBooleanHistogram', [metric, true]); + } if (this.email_ && this.gaiaId_ && this.sessionIndex_) { this.maybeCompleteAuth_(); } @@ -316,10 +339,28 @@ cr.define('cr.login', function() { this.dispatchEvent(new CustomEvent('exit')); }, 'syncTrustedVaultKeys'(msg) { - if (!this.enableSyncTrustedVaultKeys_) { + this.syncTrustedVaultKeys_ = msg.value; + }, + 'closeView'(msg) { + if (!this.enableCloseView_) { return; } - this.syncTrustedVaultKeys_ = msg.value; + + if (!this.services_) { + console.error('Authenticator: UserInfo should come before closeView'); + } + + if (!this.authCompletedFired_) { + const metric = this.authFlow == AuthFlow.SAML ? + GAIA_MESSAGE_SAML_CLOSE_VIEW : + GAIA_MESSAGE_GAIA_CLOSE_VIEW; + chrome.send('metricsHandler:recordBooleanHistogram', [metric, true]); + } + + this.closeViewReceived_ = true; + if (this.email_ && this.gaiaId_ && this.sessionIndex_) { + this.maybeCompleteAuth_(); + } } }; @@ -376,6 +417,7 @@ cr.define('cr.login', function() { webview; assert(this.webview_); this.enableGaiaActionButtons_ = false; + this.enableCloseView_ = false; this.webviewEventManager_ = WebviewEventManager.create(); this.clientId_ = null; @@ -396,9 +438,8 @@ cr.define('cr.login', function() { */ this.getIsSamlUserPasswordlessCallback = null; this.needPassword = true; - this.enableSyncTrustedVaultKeys_ = false; this.services_ = null; - this.userInfoTimer_ = null; + this.gaiaDoneTimer_ = null; /** * Caches the result of |getIsSamlUserPasswordlessCallback| invocation for * the current user. Null if no result is obtained yet. @@ -411,6 +452,7 @@ cr.define('cr.login', function() { this.samlAclUrl_ = null; /** @private {?SyncTrustedVaultKeys} */ this.syncTrustedVaultKeys_ = null; + this.closeViewReceived_ = false; window.addEventListener( 'message', this.onMessageFromWebview_.bind(this), false); @@ -448,9 +490,10 @@ cr.define('cr.login', function() { this.samlHandler_.reset(); this.videoEnabled = false; this.services_ = null; - this.userInfoTimer_ = null; + this.gaiaDoneTimer_ = null; this.isSamlUserPasswordless_ = null; this.syncTrustedVaultKeys_ = null; + this.closeViewReceived_ = false; } /** @@ -615,7 +658,7 @@ cr.define('cr.login', function() { this.clientId_ = data.clientId; this.dontResizeNonEmbeddedPages = data.dontResizeNonEmbeddedPages; this.enableGaiaActionButtons_ = data.enableGaiaActionButtons; - this.enableSyncTrustedVaultKeys_ = !!data.enableSyncTrustedVaultKeys; + this.enableCloseView_ = !!data.enableCloseView; this.initialFrameUrl_ = this.constructInitialFrameUrl_(data); this.reloadUrl_ = data.frameUrl || this.initialFrameUrl_; @@ -767,9 +810,6 @@ cr.define('cr.login', function() { if (data.isDeviceOwner) { url = appendParam(url, 'is_device_owner', '1'); } - if (data.enableSyncTrustedVaultKeys) { - url = appendParam(url, 'szkr', '1'); - } return url; } @@ -1012,23 +1052,26 @@ cr.define('cr.login', function() { } // Could be set either by `userInfo` message or by the - // `onUserInfoTimeout_`. + // `onGaiaDoneTimeout_`. const userInfoAvailable = !!this.services_; - if (userInfoAvailable && this.userInfoTimer_) { - window.clearTimeout(this.userInfoTimer_); - this.userInfoTimer_ = null; + const gaiaDone = userInfoAvailable && + (!this.enableCloseView_ || this.closeViewReceived_); + + if (gaiaDone && this.gaiaDoneTimer_) { + window.clearTimeout(this.gaiaDoneTimer_); + this.gaiaDoneTimer_ = null; } - if (this.userInfoTimer_) { - // Early out if `userInfoTimer_` is running. + if (this.gaiaDoneTimer_) { + // Early out if `gaiaDoneTimer_` is running. return; } - if (!userInfoAvailable) { - // Start `userInfoTimer_` if user info is not available. - this.userInfoTimer_ = window.setTimeout( - this.onUserInfoTimeout_.bind(this), USER_INFO_WAIT_TIMEOUT_MS); + if (!gaiaDone) { + // Start `gaiaDoneTimer_` if user info is not available. + this.gaiaDoneTimer_ = window.setTimeout( + this.onGaiaDoneTimeout_.bind(this), GAIA_DONE_WAIT_TIMEOUT_MS); return; } @@ -1256,10 +1299,12 @@ cr.define('cr.login', function() { } /** - * Invoked when |samlHandler_| fires 'apiPasswordAdded' event. + * Invoked when |samlHandler_| fires 'apiPasswordAdded' event. Could be from + * 3rd-party SAML IdP or Gaia which also uses the API. * @private */ onSamlApiPasswordAdded_(e) { + this.dispatchEvent(new Event('apiPasswordAdded')); // Saml API 'add' password might be received after the 'loadcommit' // event. In such case, maybeCompleteAuth_ should be attempted again if // GAIA ID is available. @@ -1384,11 +1429,27 @@ cr.define('cr.login', function() { * Callback for the user info message waiting timeout. * @private */ - onUserInfoTimeout_() { - console.warn('User info timeout: Forcing empty services.'); - assert(!this.services_); - this.services_ = []; - this.userInfoTimer_ = null; + onGaiaDoneTimeout_() { + if (!this.services_) { + console.error('Gaia done timeout: Forcing empty services.'); + this.services_ = []; + const metric = this.authFlow == AuthFlow.SAML ? + GAIA_MESSAGE_SAML_USER_INFO : + GAIA_MESSAGE_GAIA_USER_INFO; + chrome.send('metricsHandler:recordBooleanHistogram', [metric, false]); + } + + if (this.enableCloseView_ && !this.closeViewReceived_) { + console.error('Gaia done timeout: closeView was not called.'); + this.closeViewReceived_ = true; + + const metric = this.authFlow == AuthFlow.SAML ? + GAIA_MESSAGE_SAML_CLOSE_VIEW : + GAIA_MESSAGE_GAIA_CLOSE_VIEW; + chrome.send('metricsHandler:recordBooleanHistogram', [metric, false]); + } + + this.gaiaDoneTimer_ = null; this.maybeCompleteAuth_(); } } |