summaryrefslogtreecommitdiffstats
path: root/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
diff options
context:
space:
mode:
authorAllan Sandfeld Jensen <allan.jensen@qt.io>2021-09-03 13:32:17 +0200
committerAllan Sandfeld Jensen <allan.jensen@qt.io>2021-10-01 14:31:55 +0200
commit21ba0c5d4bf8fba15dddd97cd693bad2358b77fd (patch)
tree91be119f694044dfc1ff9fdc054459e925de9df0 /chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
parent03c549e0392f92c02536d3f86d5e1d8dfa3435ac (diff)
BASELINE: Update Chromium to 92.0.4515.166
Change-Id: I42a050486714e9e54fc271f2a8939223a02ae364
Diffstat (limited to 'chromium/chrome/browser/resources/gaia_auth_host/authenticator.js')
-rw-r--r--chromium/chrome/browser/resources/gaia_auth_host/authenticator.js129
1 files changed, 95 insertions, 34 deletions
diff --git a/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js b/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
index a81e93a2e1a..f2767801775 100644
--- a/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
+++ b/chromium/chrome/browser/resources/gaia_auth_host/authenticator.js
@@ -38,11 +38,21 @@ cr.define('cr.login', function() {
/* #export */ let SyncTrustedVaultKey;
/**
+ * Individual sync trusted recovery method.
+ * @typedef {{
+ * publicKey: ArrayBuffer,
+ * type: number,
+ * }}
+ */
+ /* #export */ let SyncTrustedRecoveryMethod;
+
+ /**
* Sync trusted vault encryption keys optionally passed with 'authCompleted'
* message.
* @typedef {{
+ * obfuscatedGaiaId: string,
* encryptionKeys: Array<SyncTrustedVaultKey>,
- * trustedPublicKeys: Array<SyncTrustedVaultKey>
+ * trustedRecoveryMethods: Array<SyncTrustedRecoveryMethod>
* }}
*/
/* #export */ let SyncTrustedVaultKeys;
@@ -87,12 +97,12 @@ cr.define('cr.login', function() {
* flow: string,
* ignoreCrOSIdpSetting: boolean,
* enableGaiaActionButtons: boolean,
- * enableSyncTrustedVaultKeys: boolean,
* enterpriseEnrollmentDomain: string,
* samlAclUrl: string,
* isSupervisedUser: boolean,
* isDeviceOwner: boolean,
* ssoProfile: string,
+ * enableCloseView: boolean,
* }}
*/
/* #export */ let AuthParams;
@@ -109,6 +119,12 @@ cr.define('cr.login', function() {
const SAML_REDIRECTION_PATH = 'samlredirect';
const BLANK_PAGE_URL = 'about:blank';
+ // Metric names for messages we get from Gaia.
+ const GAIA_MESSAGE_SAML_USER_INFO = 'ChromeOS.Gaia.Message.Saml.UserInfo';
+ const GAIA_MESSAGE_GAIA_USER_INFO = 'ChromeOS.Gaia.Message.Gaia.UserInfo';
+ const GAIA_MESSAGE_SAML_CLOSE_VIEW = 'ChromeOS.Gaia.Message.Saml.CloseView';
+ const GAIA_MESSAGE_GAIA_CLOSE_VIEW = 'ChromeOS.Gaia.Message.Gaia.CloseView';
+
/**
* The source URL parameter for the constrained signin flow.
*/
@@ -148,9 +164,6 @@ cr.define('cr.login', function() {
// If this set to |false|, |confirmPasswordCallback| is
// not called before dispatching |authCopleted|.
// Default is |true|.
- 'enableSyncTrustedVaultKeys', // Whether the host is interested in getting
- // sync trusted vault keys.
- // Default is |false|.
'flow', // One of 'default', 'enterprise', or
// 'theftprotection'.
'enterpriseDisplayDomain', // Current domain name to be displayed.
@@ -205,12 +218,16 @@ cr.define('cr.login', function() {
'samlAclUrl',
'isSupervisedUser', // True if the user is supervised user.
'isDeviceOwner', // True if the user is device owner.
+ 'doSamlRedirect', // True if the authentication is done via external IdP.
+ 'enableCloseView', // True if authenticator should wait for the closeView
+ // message from Gaia.
];
- // Timeout in ms to wait for the user info message. The message is used to
- // extract user services and to define whether or not the account is a child
- // one.
- const USER_INFO_WAIT_TIMEOUT_MS = 5 * 1000;
+ // Timeout in ms to wait for the message from Gaia indicating end of the flow.
+ // Could be userInfo (The message is used to extract user services and to
+ // define whether or not the account is a child one) or closeView (specific
+ // message to indicate the end of the flow).
+ const GAIA_DONE_WAIT_TIMEOUT_MS = 5 * 1000;
/**
* Extract domain name from an URL.
@@ -266,6 +283,12 @@ cr.define('cr.login', function() {
},
'userInfo'(msg) {
this.services_ = msg.services;
+ if (!this.authCompletedFired_) {
+ const metric = this.authFlow == AuthFlow.SAML ?
+ GAIA_MESSAGE_SAML_USER_INFO :
+ GAIA_MESSAGE_GAIA_USER_INFO;
+ chrome.send('metricsHandler:recordBooleanHistogram', [metric, true]);
+ }
if (this.email_ && this.gaiaId_ && this.sessionIndex_) {
this.maybeCompleteAuth_();
}
@@ -316,10 +339,28 @@ cr.define('cr.login', function() {
this.dispatchEvent(new CustomEvent('exit'));
},
'syncTrustedVaultKeys'(msg) {
- if (!this.enableSyncTrustedVaultKeys_) {
+ this.syncTrustedVaultKeys_ = msg.value;
+ },
+ 'closeView'(msg) {
+ if (!this.enableCloseView_) {
return;
}
- this.syncTrustedVaultKeys_ = msg.value;
+
+ if (!this.services_) {
+ console.error('Authenticator: UserInfo should come before closeView');
+ }
+
+ if (!this.authCompletedFired_) {
+ const metric = this.authFlow == AuthFlow.SAML ?
+ GAIA_MESSAGE_SAML_CLOSE_VIEW :
+ GAIA_MESSAGE_GAIA_CLOSE_VIEW;
+ chrome.send('metricsHandler:recordBooleanHistogram', [metric, true]);
+ }
+
+ this.closeViewReceived_ = true;
+ if (this.email_ && this.gaiaId_ && this.sessionIndex_) {
+ this.maybeCompleteAuth_();
+ }
}
};
@@ -376,6 +417,7 @@ cr.define('cr.login', function() {
webview;
assert(this.webview_);
this.enableGaiaActionButtons_ = false;
+ this.enableCloseView_ = false;
this.webviewEventManager_ = WebviewEventManager.create();
this.clientId_ = null;
@@ -396,9 +438,8 @@ cr.define('cr.login', function() {
*/
this.getIsSamlUserPasswordlessCallback = null;
this.needPassword = true;
- this.enableSyncTrustedVaultKeys_ = false;
this.services_ = null;
- this.userInfoTimer_ = null;
+ this.gaiaDoneTimer_ = null;
/**
* Caches the result of |getIsSamlUserPasswordlessCallback| invocation for
* the current user. Null if no result is obtained yet.
@@ -411,6 +452,7 @@ cr.define('cr.login', function() {
this.samlAclUrl_ = null;
/** @private {?SyncTrustedVaultKeys} */
this.syncTrustedVaultKeys_ = null;
+ this.closeViewReceived_ = false;
window.addEventListener(
'message', this.onMessageFromWebview_.bind(this), false);
@@ -448,9 +490,10 @@ cr.define('cr.login', function() {
this.samlHandler_.reset();
this.videoEnabled = false;
this.services_ = null;
- this.userInfoTimer_ = null;
+ this.gaiaDoneTimer_ = null;
this.isSamlUserPasswordless_ = null;
this.syncTrustedVaultKeys_ = null;
+ this.closeViewReceived_ = false;
}
/**
@@ -615,7 +658,7 @@ cr.define('cr.login', function() {
this.clientId_ = data.clientId;
this.dontResizeNonEmbeddedPages = data.dontResizeNonEmbeddedPages;
this.enableGaiaActionButtons_ = data.enableGaiaActionButtons;
- this.enableSyncTrustedVaultKeys_ = !!data.enableSyncTrustedVaultKeys;
+ this.enableCloseView_ = !!data.enableCloseView;
this.initialFrameUrl_ = this.constructInitialFrameUrl_(data);
this.reloadUrl_ = data.frameUrl || this.initialFrameUrl_;
@@ -767,9 +810,6 @@ cr.define('cr.login', function() {
if (data.isDeviceOwner) {
url = appendParam(url, 'is_device_owner', '1');
}
- if (data.enableSyncTrustedVaultKeys) {
- url = appendParam(url, 'szkr', '1');
- }
return url;
}
@@ -1012,23 +1052,26 @@ cr.define('cr.login', function() {
}
// Could be set either by `userInfo` message or by the
- // `onUserInfoTimeout_`.
+ // `onGaiaDoneTimeout_`.
const userInfoAvailable = !!this.services_;
- if (userInfoAvailable && this.userInfoTimer_) {
- window.clearTimeout(this.userInfoTimer_);
- this.userInfoTimer_ = null;
+ const gaiaDone = userInfoAvailable &&
+ (!this.enableCloseView_ || this.closeViewReceived_);
+
+ if (gaiaDone && this.gaiaDoneTimer_) {
+ window.clearTimeout(this.gaiaDoneTimer_);
+ this.gaiaDoneTimer_ = null;
}
- if (this.userInfoTimer_) {
- // Early out if `userInfoTimer_` is running.
+ if (this.gaiaDoneTimer_) {
+ // Early out if `gaiaDoneTimer_` is running.
return;
}
- if (!userInfoAvailable) {
- // Start `userInfoTimer_` if user info is not available.
- this.userInfoTimer_ = window.setTimeout(
- this.onUserInfoTimeout_.bind(this), USER_INFO_WAIT_TIMEOUT_MS);
+ if (!gaiaDone) {
+ // Start `gaiaDoneTimer_` if user info is not available.
+ this.gaiaDoneTimer_ = window.setTimeout(
+ this.onGaiaDoneTimeout_.bind(this), GAIA_DONE_WAIT_TIMEOUT_MS);
return;
}
@@ -1256,10 +1299,12 @@ cr.define('cr.login', function() {
}
/**
- * Invoked when |samlHandler_| fires 'apiPasswordAdded' event.
+ * Invoked when |samlHandler_| fires 'apiPasswordAdded' event. Could be from
+ * 3rd-party SAML IdP or Gaia which also uses the API.
* @private
*/
onSamlApiPasswordAdded_(e) {
+ this.dispatchEvent(new Event('apiPasswordAdded'));
// Saml API 'add' password might be received after the 'loadcommit'
// event. In such case, maybeCompleteAuth_ should be attempted again if
// GAIA ID is available.
@@ -1384,11 +1429,27 @@ cr.define('cr.login', function() {
* Callback for the user info message waiting timeout.
* @private
*/
- onUserInfoTimeout_() {
- console.warn('User info timeout: Forcing empty services.');
- assert(!this.services_);
- this.services_ = [];
- this.userInfoTimer_ = null;
+ onGaiaDoneTimeout_() {
+ if (!this.services_) {
+ console.error('Gaia done timeout: Forcing empty services.');
+ this.services_ = [];
+ const metric = this.authFlow == AuthFlow.SAML ?
+ GAIA_MESSAGE_SAML_USER_INFO :
+ GAIA_MESSAGE_GAIA_USER_INFO;
+ chrome.send('metricsHandler:recordBooleanHistogram', [metric, false]);
+ }
+
+ if (this.enableCloseView_ && !this.closeViewReceived_) {
+ console.error('Gaia done timeout: closeView was not called.');
+ this.closeViewReceived_ = true;
+
+ const metric = this.authFlow == AuthFlow.SAML ?
+ GAIA_MESSAGE_SAML_CLOSE_VIEW :
+ GAIA_MESSAGE_GAIA_CLOSE_VIEW;
+ chrome.send('metricsHandler:recordBooleanHistogram', [metric, false]);
+ }
+
+ this.gaiaDoneTimer_ = null;
this.maybeCompleteAuth_();
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-21 20:33:28 +0000