chromium/src
0
Fork 0
Code Activity

Fix OS settings browser tests ran with AuthPanel enabled

Browse Source 
Bug: b:271248452
Change-Id: Icfbd35874180202c40823fc930afcdc38a30fd53
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5625635
Commit-Queue: Elie Maamari <emaamari@google.com>
Reviewed-by: Denis Kuznetsov <antrim@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1327782}
This commit is contained in:
Elie Maamari
2024-07-15 21:02:20 +00:00
committed by Chromium LUCI CQ
parent 67debfe411
commit 5eee77bec2
21 changed files with 381 additions and 44 deletions

1
ash/in_session_auth/BUILD.gn

@ -37,6 +37,7 @@ source_set("in_session_auth") {
"//chromeos/ash/components/dbus/userdataauth",
"//chromeos/ash/components/dbus/userdataauth:userdataauth_proto",
"//chromeos/ash/components/login/auth",
"//chromeos/ash/components/osauth/impl",
"//chromeos/ash/components/osauth/public",
"//chromeos/components/webauthn",
"//ui/strings:ui_strings_grit",

3
ash/in_session_auth/in_session_auth_dialog_controller_impl.cc

@ -28,6 +28,7 @@
#include "chromeos/ash/components/cryptohome/constants.h"
#include "chromeos/ash/components/dbus/userdataauth/userdataauth_client.h"
#include "chromeos/ash/components/login/auth/auth_performer.h"
#include "chromeos/ash/components/osauth/impl/auth_surface_registry.h"
#include "chromeos/ash/components/osauth/public/auth_factor_status_consumer.h"
#include "chromeos/ash/components/osauth/public/auth_hub.h"
#include "chromeos/ash/components/osauth/public/common_types.h"
@ -189,6 +190,8 @@ void InSessionAuthDialogControllerImpl::OnUserAuthAttemptConfirmed(
dialog_ = CreateAuthDialogWidget(std::move(contents_view));
dialog_->Show();
state_ = State::kShown;
AuthParts::Get()->GetAuthSurfaceRegistry()->NotifyInSessionAuthDialogShown(
connector);
}
void InSessionAuthDialogControllerImpl::OnAuthPanelPreferredSizeChanged() {

6
chrome/browser/ash/login/test/cryptohome_mixin.cc

@ -177,4 +177,10 @@ void CryptohomeMixin::SendLegacyFingerprintFailureLockoutScan() {
user_data_auth::FingerprintScanResult::FINGERPRINT_SCAN_RESULT_LOCKOUT);
}
bool CryptohomeMixin::IsAuthenticated(const AccountId& user) {
CHECK(FakeUserDataAuthClient::TestApi::Get());
return FakeUserDataAuthClient::TestApi::Get()->IsAuthenticated(
cryptohome::CreateAccountIdentifierFromAccountId(user));
}
} // namespace ash

2
chrome/browser/ash/login/test/cryptohome_mixin.h

@ -53,6 +53,8 @@ class CryptohomeMixin : public InProcessBrowserTestMixin,
void SendLegacyFingerprintSuccessScan();
void SendLegacyFingerprintFailureScan();
void SendLegacyFingerprintFailureLockoutScan();
bool IsAuthenticated(const AccountId& user);
};
} // namespace ash

4
chrome/browser/resources/ash/settings/os_privacy_page/os_privacy_page.ts

@ -524,9 +524,9 @@ export class OsSettingsPrivacyPageElement extends
}
if (this.authTokenReply_) {
await InSessionAuth.getRemote().invalidateToken(
this.authTokenReply_.token);
const token = this.authTokenReply_.token;
this.authTokenReply_ = undefined;
await InSessionAuth.getRemote().invalidateToken(token);
}
}

82
chrome/browser/ui/webui/ash/settings/integration_tests/os_settings_lock_screen_authentication_browsertest.cc

@ -2,8 +2,10 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "ash/constants/ash_features.h"
#include "base/metrics/histogram_base.h"
#include "base/test/metrics/histogram_tester.h"
#include "chrome/browser/ash/login/test/cryptohome_mixin.h"
#include "chrome/browser/ui/webui/ash/settings/test_support/os_settings_lock_screen_browser_test_base.h"
#include "chromeos/ash/components/osauth/public/common_types.h"
#include "content/public/test/browser_test.h"
@ -27,7 +29,14 @@ class OSSettingsLockScreenAuthenticationTest
public testing::WithParamInterface<PasswordType> {
public:
OSSettingsLockScreenAuthenticationTest()
: OSSettingsLockScreenBrowserTestBase(GetParam()) {}
: OSSettingsLockScreenBrowserTestBase(GetParam()) {
UserDataAuthClient::InitializeFake();
}
void SetUpOnMainThread() override {
OSSettingsLockScreenBrowserTestBase::SetUpOnMainThread();
cryptohome_.MarkUserAsExisting(GetAccountId());
}
// Password constants used in test cases. The correct password is the same
// one as the one set up through the OSSettingsLockScreenBrowserTestBase test
@ -35,6 +44,9 @@ class OSSettingsLockScreenAuthenticationTest
static constexpr const char* kCorrectPassword =
OSSettingsLockScreenBrowserTestBase::kPassword;
static constexpr char kIncorrectPassword[] = "incorrect-password";
protected:
CryptohomeMixin cryptohome_{&mixin_host_};
};
INSTANTIATE_TEST_SUITE_P(OSSettingsLockScreenAuthenticationTests,
@ -46,37 +58,67 @@ IN_PROC_BROWSER_TEST_P(OSSettingsLockScreenAuthenticationTest,
SuccessfulUnlock) {
base::HistogramTester histograms;
auto lock_screen_settings = OpenLockScreenSettings();
lock_screen_settings.AssertAuthenticated(false);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 0);
lock_screen_settings.Authenticate(kCorrectPassword);
if (ash::features::IsUseAuthPanelInSettingsEnabled()) {
ASSERT_FALSE(cryptohome_.IsAuthenticated(GetAccountId()));
lock_screen_settings.AssertAuthenticated(false);
lock_screen_settings.AssertAuthenticated(true);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 1);
AuthenticateViaCryptohomePasswordEngine(false);
ASSERT_TRUE(cryptohome_.IsAuthenticated(GetAccountId()));
lock_screen_settings.AssertAuthenticated(true);
} else {
lock_screen_settings.AssertAuthenticated(false);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 0);
lock_screen_settings.Authenticate(kCorrectPassword);
lock_screen_settings.AssertAuthenticated(true);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 1);
}
}
IN_PROC_BROWSER_TEST_P(OSSettingsLockScreenAuthenticationTest, FailedUnlock) {
base::HistogramTester histograms;
auto lock_screen_settings = OpenLockScreenSettings();
lock_screen_settings.AssertAuthenticated(false);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 0);
if (ash::features::IsUseAuthPanelInSettingsEnabled()) {
ASSERT_FALSE(cryptohome_.IsAuthenticated(GetAccountId()));
lock_screen_settings.AssertAuthenticated(false);
lock_screen_settings.AuthenticateIncorrectly(kIncorrectPassword);
FakeUserDataAuthClient::Get()->SetNextOperationError(
FakeUserDataAuthClient::Operation::kAuthenticateAuthFactor,
cryptohome::ErrorWrapper::CreateFromErrorCodeOnly(
user_data_auth::CRYPTOHOME_ERROR_AUTHORIZATION_KEY_FAILED));
lock_screen_settings.AssertAuthenticated(false);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 0);
AuthenticateViaCryptohomePasswordEngine(true);
ASSERT_FALSE(cryptohome_.IsAuthenticated(GetAccountId()));
lock_screen_settings.AssertAuthenticated(false);
// Check that we can still authenticate after an unsuccessful attempt:
lock_screen_settings.Authenticate(kCorrectPassword);
AuthenticateViaCryptohomePasswordEngine(false);
lock_screen_settings.AssertAuthenticated(true);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 1);
ASSERT_TRUE(cryptohome_.IsAuthenticated(GetAccountId()));
lock_screen_settings.AssertAuthenticated(true);
} else {
lock_screen_settings.AssertAuthenticated(false);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 0);
lock_screen_settings.AuthenticateIncorrectly(kIncorrectPassword);
lock_screen_settings.AssertAuthenticated(false);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 0);
// Check that we can still authenticate after an unsuccessful attempt:
lock_screen_settings.Authenticate(kCorrectPassword);
lock_screen_settings.AssertAuthenticated(true);
histograms.ExpectBucketCount(kPinUnlockUmaHistogramName,
kEnterPasswordCorrectly, 1);
}
}
} // namespace ash::settings

57
chrome/browser/ui/webui/ash/settings/integration_tests/os_settings_pin_setup_browsertest.cc

@ -2,8 +2,11 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "ash/constants/ash_features.h"
#include "ash/constants/ash_pref_names.h"
#include "ash/public/cpp/in_session_auth_dialog_controller.h"
#include "base/test/metrics/histogram_tester.h"
#include "base/test/test_future.h"
#include "base/values.h"
#include "chrome/browser/ash/login/quick_unlock/pin_storage_prefs.h"
#include "chrome/browser/ash/login/quick_unlock/quick_unlock_factory.h"
@ -15,6 +18,10 @@
#include "chrome/common/pref_names.h"
#include "chrome/test/data/webui/chromeos/settings/os_people_page/pin_settings_api.test-mojom-test-utils.h"
#include "chrome/test/data/webui/chromeos/settings/test_api.test-mojom-test-utils.h"
#include "chromeos/ash/components/osauth/impl/auth_hub_common.h"
#include "chromeos/ash/components/osauth/impl/auth_surface_registry.h"
#include "chromeos/ash/components/osauth/public/auth_engine_api.h"
#include "chromeos/ash/components/osauth/public/auth_parts.h"
#include "components/policy/core/browser/browser_policy_connector.h"
#include "components/policy/core/common/mock_configuration_policy_provider.h"
#include "components/policy/core/common/policy_map.h"
@ -497,7 +504,19 @@ IN_PROC_BROWSER_TEST_P(OSSettingsPinSetupTest, MaximumLengthAutosubmit) {
// Tests that the user is asked to reauthenticate when trying to enable PIN
// autosubmit but with a locked-out PIN.
IN_PROC_BROWSER_TEST_P(OSSettingsPinSetupTest, AutosubmitWithLockedPin) {
auto lock_screen_settings = OpenLockScreenSettingsAndAuthenticate();
auto go_to_lock_screen_settings_and_authenticate = [&]() {
if (ash::features::IsUseAuthPanelInSettingsEnabled()) {
OpenLockScreenSettings();
AuthenticateViaCryptohomePasswordEngine(/*keep_alive_connector=*/false);
return mojom::LockScreenSettingsAsyncWaiter{
lock_screen_settings_remote_.get()};
} else {
return OpenLockScreenSettingsAndAuthenticate();
}
};
auto lock_screen_settings = go_to_lock_screen_settings_and_authenticate();
auto pin_settings = GoToPinSettings(lock_screen_settings);
pin_settings.SetPin(kFirstPin);
// We disable autosubmit so that we can try to reenable.
@ -506,12 +525,38 @@ IN_PROC_BROWSER_TEST_P(OSSettingsPinSetupTest, AutosubmitWithLockedPin) {
pin_settings.TryEnablePinAutosubmit(kFirstPin);
lock_screen_settings.AssertAuthenticated(false);
if (ash::features::IsUseAuthPanelInSettingsEnabled()) {
base::test::TestFuture<AuthHubConnector*, AuthSurfaceRegistry::AuthSurface>
future;
auto subscription =
ash::AuthParts::Get()->GetAuthSurfaceRegistry()->RegisterShownCallback(
future.GetCallback());
lock_screen_settings.Authenticate(
OSSettingsLockScreenBrowserTestBase::kPassword);
EXPECT_EQ(false, GetPinAutoSubmitState());
pin_settings.AssertPinAutosubmitEnabled(false);
auto [connector, surface] = future.Get();
base::RunLoop().RunUntilIdle();
AuthEngineApi::AuthenticateWithPassword(
connector, AshAuthFactor::kGaiaPassword, kPassword);
// Reset the connector so that it's not caught dangling during test fixture
// destruction, since the pointee will be destroyed upon successful
// authentication.
connector = nullptr;
base::RunLoop().RunUntilIdle();
EXPECT_EQ(false, GetPinAutoSubmitState());
pin_settings.AssertPinAutosubmitEnabled(false);
} else {
lock_screen_settings.AssertAuthenticated(false);
lock_screen_settings.Authenticate(
OSSettingsLockScreenBrowserTestBase::kPassword);
EXPECT_EQ(false, GetPinAutoSubmitState());
pin_settings.AssertPinAutosubmitEnabled(false);
}
}
} // namespace ash::settings

83
chrome/browser/ui/webui/ash/settings/test_support/os_settings_lock_screen_browser_test_base.cc

@ -6,11 +6,17 @@
#include <string>
#include "ash/constants/ash_features.h"
#include "ash/public/cpp/in_session_auth_dialog_controller.h"
#include "base/check_op.h"
#include "base/test/test_future.h"
#include "chrome/browser/ash/login/test/logged_in_user_mixin.h"
#include "chrome/browser/ash/login/test/user_auth_config.h"
#include "chrome/test/base/mixin_based_in_process_browser_test.h"
#include "chrome/test/data/webui/chromeos/settings/test_api.test-mojom-test-utils.h"
#include "chromeos/ash/components/osauth/impl/auth_surface_registry.h"
#include "chromeos/ash/components/osauth/public/auth_engine_api.h"
#include "chromeos/ash/components/osauth/public/auth_parts.h"
#include "chromeos/ash/components/osauth/public/common_types.h"
namespace ash::settings {
@ -52,16 +58,55 @@ void OSSettingsLockScreenBrowserTestBase::SetUpOnMainThread() {
mojom::LockScreenSettingsAsyncWaiter
OSSettingsLockScreenBrowserTestBase::OpenLockScreenSettings() {
auto os_settings_driver = OpenOSSettings();
lock_screen_settings_remote_ =
mojo::Remote(os_settings_driver.GoToLockScreenSettings());
if (ash::features::IsUseAuthPanelInSettingsEnabled()) {
base::test::TestFuture<AuthHubConnector*, AuthSurfaceRegistry::AuthSurface>
future;
auto subscription =
ash::AuthParts::Get()->GetAuthSurfaceRegistry()->RegisterShownCallback(
future.GetCallback());
auto os_settings_driver = OpenOSSettings();
lock_screen_settings_remote_ =
mojo::Remote(os_settings_driver.GoToLockScreenSettings());
auto [connector, surface] = future.Get();
connector_ = connector;
base::RunLoop().RunUntilIdle();
} else {
auto os_settings_driver = OpenOSSettings();
lock_screen_settings_remote_ =
mojo::Remote(os_settings_driver.GoToLockScreenSettings());
}
return mojom::LockScreenSettingsAsyncWaiter(
lock_screen_settings_remote_.get());
}
void OSSettingsLockScreenBrowserTestBase::
AuthenticateViaCryptohomePasswordEngine(bool keep_alive_connector) {
AuthEngineApi::AuthenticateWithPassword(
connector_, AshAuthFactor::kGaiaPassword, kPassword);
if (!keep_alive_connector) {
// In certain cases, we do not want to invalidate `connector`,
// for example, to test scenarios such as entering the wrong password
// initially, followed by the correct one.
connector_ = nullptr;
}
base::RunLoop().RunUntilIdle();
}
mojom::LockScreenSettingsAsyncWaiter
OSSettingsLockScreenBrowserTestBase::OpenLockScreenSettingsAndAuthenticate() {
OpenLockScreenSettings().Authenticate(kPassword);
if (ash::features::IsUseAuthPanelInSettingsEnabled()) {
OpenLockScreenSettings();
AuthenticateViaCryptohomePasswordEngine(false);
} else {
OpenLockScreenSettings().Authenticate(kPassword);
}
// The mojom AsyncWaiter classes have deleted copy constructors even though
// they only hold a non-owning pointer to a mojo remote. This restriction
// should probably be dropped, so that we can just return the async waiter
@ -76,12 +121,32 @@ mojom::LockScreenSettingsAsyncWaiter OSSettingsLockScreenBrowserTestBase::
const std::string& setting_id) {
std::string relative_url = "/osPrivacy/lockScreen?settingId=";
relative_url += setting_id;
auto os_settings_driver = OpenOSSettings(relative_url);
if (ash::features::IsUseAuthPanelInSettingsEnabled()) {
base::test::TestFuture<AuthHubConnector*, AuthSurfaceRegistry::AuthSurface>
future;
auto subscription =
ash::AuthParts::Get()->GetAuthSurfaceRegistry()->RegisterShownCallback(
future.GetCallback());
lock_screen_settings_remote_ =
mojo::Remote(os_settings_driver.AssertOnLockScreenSettings());
mojom::LockScreenSettingsAsyncWaiter(lock_screen_settings_remote_.get())
.Authenticate(kPassword);
auto os_settings_driver = OpenOSSettings(relative_url);
auto [connector, surface] = future.Get();
connector_ = connector;
base::RunLoop().RunUntilIdle();
AuthenticateViaCryptohomePasswordEngine(false);
lock_screen_settings_remote_ =
mojo::Remote(os_settings_driver.AssertOnLockScreenSettings());
} else {
auto os_settings_driver = OpenOSSettings(relative_url);
lock_screen_settings_remote_ =
mojo::Remote(os_settings_driver.AssertOnLockScreenSettings());
mojom::LockScreenSettingsAsyncWaiter(lock_screen_settings_remote_.get())
.Authenticate(kPassword);
}
return mojom::LockScreenSettingsAsyncWaiter(
lock_screen_settings_remote_.get());

12
chrome/browser/ui/webui/ash/settings/test_support/os_settings_lock_screen_browser_test_base.h

@ -17,6 +17,12 @@
#include "components/account_id/account_id.h"
#include "mojo/public/cpp/bindings/remote.h"
namespace ash {
class AuthHubConnector;
}
namespace ash::settings {
// Fixture for browser tests of the "lock screen" section in
@ -53,7 +59,10 @@ class OSSettingsLockScreenBrowserTestBase
// The account ID of the user set up by this fixture.
const AccountId& GetAccountId();
void AuthenticateViaCryptohomePasswordEngine(bool keep_alive_connector);
protected:
mojo::Remote<mojom::LockScreenSettings> lock_screen_settings_remote_;
std::unique_ptr<LoggedInUserMixin> logged_in_user_mixin_;
raw_ptr<CryptohomeMixin> cryptohome_{nullptr};
OSSettingsBrowserTestMixin os_settings_mixin_{&mixin_host_};
@ -65,7 +74,8 @@ class OSSettingsLockScreenBrowserTestBase
const std::string& relative_url = "");
mojo::Remote<mojom::OSSettingsDriver> os_settings_driver_remote_;
mojo::Remote<mojom::LockScreenSettings> lock_screen_settings_remote_;
raw_ptr<AuthHubConnector> connector_;
};
} // namespace ash::settings

15
chrome/test/data/webui/chromeos/settings/os_privacy_page/os_privacy_page_test.ts

@ -406,13 +406,17 @@ suite('<os-settings-privacy-page>', () => {
fingerprintUnlockEnabled: true,
});
const tokenLabel = loadTimeData.getBoolean('isAuthPanelEnabled') ?
'authTokenReply_' :
'authTokenInfo_';
privacyPage = document.createElement('os-settings-privacy-page');
document.body.appendChild(privacyPage);
await waitAfterNextRender(privacyPage);
const quickUnlockPrivateApi = new FakeQuickUnlockPrivate();
privacyPage['authTokenInfo_'] = quickUnlockPrivateApi.getFakeToken();
privacyPage[tokenLabel] = quickUnlockPrivateApi.getFakeToken();
Router.getInstance().navigateTo(routes.LOCK_SCREEN);
flush();
@ -450,13 +454,16 @@ suite('<os-settings-privacy-page>', () => {
fingerprintTrigger.click();
// Invalidate the auth token by firing an event.
assertNotEquals(undefined, privacyPage.get('authTokenInfo_'));
assertNotEquals(undefined, privacyPage.get(tokenLabel));
const event = new CustomEvent('invalidate-auth-token-requested');
lockScreenPage.dispatchEvent(event);
assertEquals(undefined, privacyPage.get('authTokenInfo_'));
assertEquals(undefined, privacyPage.get(tokenLabel));
assertEquals(routes.FINGERPRINT, Router.getInstance().currentRoute);
assertTrue(privacyPage.get('showPasswordPromptDialog_'));
if (!loadTimeData.getBoolean('isAuthPanelEnabled')) {
assertTrue(privacyPage.get('showPasswordPromptDialog_'));
}
});
test('Smart privacy hidden when both features disabled', async () => {

28
chrome/test/data/webui/chromeos/settings/os_settings_browsertest.cc

@ -6,13 +6,17 @@
#include "base/strings/strcat.h"
#include "base/test/scoped_feature_list.h"
#include "chrome/browser/ash/crostini/fake_crostini_features.h"
#include "chrome/browser/ash/login/test/cryptohome_mixin.h"
#include "chrome/browser/nearby_sharing/common/nearby_share_features.h"
#include "chrome/common/chrome_features.h"
#include "chrome/common/webui_url_constants.h"
#include "chrome/test/base/chromeos/lacros_only_mocha_browser_test.h"
#include "chrome/test/base/web_ui_mocha_browser_test.h"
#include "chromeos/ash/components/cryptohome/cryptohome_parameters.h"
#include "chromeos/ash/components/dbus/userdataauth/userdataauth_client.h"
#include "chromeos/ash/components/standalone_browser/standalone_browser_features.h"
#include "chromeos/constants/chromeos_features.h"
#include "components/user_manager/user_names.h"
#include "content/public/test/browser_test.h"
#include "ui/accessibility/accessibility_features.h"
#include "ui/base/ui_base_features.h"
@ -75,6 +79,27 @@ INSTANTIATE_TEST_SUITE_P(RevampParameterized,
testing::Bool(),
OSSettingsRevampMochaTest::DescribeParams);
class OSSettingsRevampMochaTestWithExistingUser
: public OSSettingsRevampMochaTest {
public:
OSSettingsRevampMochaTestWithExistingUser() {
UserDataAuthClient::Get()->InitializeFake();
}
void SetUpOnMainThread() override {
OSSettingsRevampMochaTest::SetUpOnMainThread();
FakeUserDataAuthClient::TestApi::Get()->AddExistingUser(
cryptohome::CreateAccountIdentifierFromAccountId(
user_manager::StubAccountId()));
}
};
INSTANTIATE_TEST_SUITE_P(
RevampParameterized,
OSSettingsRevampMochaTestWithExistingUser,
testing::Bool(),
OSSettingsRevampMochaTestWithExistingUser::DescribeParams);
class OSSettingsMochaTestRevampEnabled : public OSSettingsMochaTest {
protected:
OSSettingsMochaTestRevampEnabled() {
@ -1753,7 +1778,8 @@ IN_PROC_BROWSER_TEST_P(OSSettingsRevampMochaTest, OsPrintingPagePrinterStatus) {
RunSettingsTest("os_printing_page/printer_status_test.js");
}
IN_PROC_BROWSER_TEST_P(OSSettingsRevampMochaTest, OsPrivacyPage) {
IN_PROC_BROWSER_TEST_P(OSSettingsRevampMochaTestWithExistingUser,
OsPrivacyPage) {
RunSettingsTest("os_privacy_page/os_privacy_page_test.js");
}

15
chrome/test/data/webui/chromeos/settings/test_api.ts

@ -15,7 +15,7 @@ import {PinSettingsApi} from './os_people_page/pin_settings_api.js';
import {PasswordSettingsApiRemote} from './password_settings_api.test-mojom-webui.js';
import {PinSettingsApiRemote} from './pin_settings_api.test-mojom-webui.js';
import {GoogleDriveSettingsInterface, GoogleDriveSettingsReceiver, GoogleDriveSettingsRemote, LockScreenSettings_RecoveryDialogAction as RecoveryDialogAction, LockScreenSettingsInterface, LockScreenSettingsReceiver, LockScreenSettingsRemote, OSSettingsBrowserProcess, OSSettingsDriverInterface, OSSettingsDriverReceiver} from './test_api.test-mojom-webui.js';
import {assertAsync, assertForDuration, hasBooleanProperty, hasProperty, Lazy, querySelectorShadow, retry, retryUntilSome} from './utils.js';
import {assertAsync, assertForDuration, hasBooleanProperty, hasProperty, hasStringProperty, Lazy, querySelectorShadow, retry, retryUntilSome} from './utils.js';
class RecoveryDialog {
private element: HTMLElement;
@ -80,6 +80,19 @@ export class LockScreenSettings implements LockScreenSettingsInterface {
}
async assertAuthenticated(isAuthenticated: boolean): Promise<void> {
if (loadTimeData.getBoolean('isAuthPanelEnabled')) {
const property = () => {
const authTokenExists =
hasStringProperty(this.lockScreen, 'authToken') &&
this.lockScreen['authToken'] !== undefined;
return isAuthenticated === authTokenExists;
};
assertAsync(property);
assertForDuration(property);
return;
}
const property = () => {
const dialogExists = this.passwordDialog() !== null;
return isAuthenticated === !dialogExists;

2
chromeos/ash/components/auth_panel/impl/auth_panel.h

@ -49,6 +49,8 @@ class AuthPanel : public NonAccessibleView, public AuthFactorStatusConsumer {
PasswordAuthView* GetPasswordAuthView();
AuthHubConnector* GetAuthHubConnector();
void SetSubmitPasswordCallback(auth_panel::SubmitPasswordCallback);
private:

15
chromeos/ash/components/dbus/userdataauth/fake_userdataauth_client.cc

@ -562,6 +562,21 @@ std::pair<std::string, std::string> FakeUserDataAuthClient::TestApi::AddSession(
return {auth_session_id, session.broadcast_id};
}
bool FakeUserDataAuthClient::TestApi::IsAuthenticated(
const cryptohome::AccountIdentifier& account_id) {
CHECK(FakeUserDataAuthClient::Get()->users_.contains(account_id));
auto& auth_sessions = FakeUserDataAuthClient::Get()->auth_sessions_;
auto [auth_session_id, session] =
*find_if(std::begin(auth_sessions), std::end(auth_sessions),
[&account_id](auto session_entry) {
return session_entry.second.account == account_id;
});
return session.authenticated;
}
bool FakeUserDataAuthClient::TestApi::IsCurrentSessionEphemeral() {
CHECK_EQ(FakeUserDataAuthClient::Get()->auth_sessions_.size(), 1u);
return FakeUserDataAuthClient::Get()

2
chromeos/ash/components/dbus/userdataauth/fake_userdataauth_client.h

@ -162,6 +162,8 @@ class COMPONENT_EXPORT(USERDATAAUTH_CLIENT) FakeUserDataAuthClient
void SetNextOperationError(Operation operation,
::cryptohome::ErrorWrapper error);
bool IsAuthenticated(const cryptohome::AccountIdentifier& account_id);
private:
FakeUserDataAuthClient::UserCryptohomeState& GetUserState(
const cryptohome::AccountIdentifier& account_id);

2
chromeos/ash/components/osauth/impl/BUILD.gn

@ -41,6 +41,8 @@ component("impl") {
"auth_parts_impl.h",
"auth_session_storage_impl.cc",
"auth_session_storage_impl.h",
"auth_surface_registry.cc",
"auth_surface_registry.h",
"cryptohome_core_impl.cc",
"cryptohome_core_impl.h",
"early_login_auth_policy_connector.cc",

5
chromeos/ash/components/osauth/impl/auth_parts_impl.cc

@ -83,6 +83,7 @@ void AuthPartsImpl::CreateDefaultComponents(PrefService* local_state) {
login_screen_policy_connector_ =
std::make_unique<LoginScreenAuthPolicyConnector>(local_state);
auth_surface_registry_ = std::make_unique<AuthSurfaceRegistry>();
}
AuthSessionStorage* AuthPartsImpl::GetAuthSessionStorage() {
@ -166,4 +167,8 @@ void AuthPartsImpl::Shutdown() {
}
}
AuthSurfaceRegistry* AuthPartsImpl::GetAuthSurfaceRegistry() {
return auth_surface_registry_.get();
}
} // namespace ash

4
chromeos/ash/components/osauth/impl/auth_parts_impl.h

@ -10,6 +10,7 @@
#include "base/component_export.h"
#include "base/memory/raw_ptr.h"
#include "chromeos/ash/components/osauth/impl/auth_surface_registry.h"
#include "chromeos/ash/components/osauth/public/auth_parts.h"
namespace ash {
@ -33,6 +34,7 @@ class COMPONENT_EXPORT(CHROMEOS_ASH_COMPONENTS_OSAUTH) AuthPartsImpl
AuthSessionStorage* GetAuthSessionStorage() override;
AuthHub* GetAuthHub() override;
CryptohomeCore* GetCryptohomeCore() override;
AuthSurfaceRegistry* GetAuthSurfaceRegistry() override;
void RegisterEngineFactory(
std::unique_ptr<AuthFactorEngineFactory> factory) override;
const std::vector<std::unique_ptr<AuthFactorEngineFactory>>&
@ -52,6 +54,7 @@ class COMPONENT_EXPORT(CHROMEOS_ASH_COMPONENTS_OSAUTH) AuthPartsImpl
private:
friend class AuthParts;
void CreateDefaultComponents(PrefService* local_state);
std::unique_ptr<AuthFactorPresenceCache> factors_cache_;
@ -60,6 +63,7 @@ class COMPONENT_EXPORT(CHROMEOS_ASH_COMPONENTS_OSAUTH) AuthPartsImpl
std::unique_ptr<AuthPolicyConnector> login_screen_policy_connector_;
std::unique_ptr<AuthPolicyConnector> early_login_policy_connector_;
raw_ptr<AuthPolicyConnector> profile_prefs_policy_connector_ = nullptr;
std::unique_ptr<AuthSurfaceRegistry> auth_surface_registry_;
std::vector<std::unique_ptr<AuthFactorEngineFactory>> engine_factories_;
std::unique_ptr<AuthHub> auth_hub_;

41
chromeos/ash/components/osauth/impl/auth_surface_registry.cc Normal file

@ -0,0 +1,41 @@
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chromeos/ash/components/osauth/impl/auth_surface_registry.h"
#include "base/notimplemented.h"
#include "base/task/single_thread_task_runner.h"
namespace ash {
AuthSurfaceRegistry::AuthSurfaceRegistry() = default;
AuthSurfaceRegistry::~AuthSurfaceRegistry() = default;
void AuthSurfaceRegistry::NotifyLoginScreenAuthDialogShown(
AuthHubConnector* connector) {
NOTIMPLEMENTED();
}
void AuthSurfaceRegistry::NotifyLockScreenAuthDialogShown(
AuthHubConnector* connector) {
NOTIMPLEMENTED();
}
void AuthSurfaceRegistry::NotifyInSessionAuthDialogShown(
AuthHubConnector* connector) {
base::SingleThreadTaskRunner::GetCurrentDefault()->PostTask(
FROM_HERE,
base::BindOnce(
[](AuthSurfaceRegistry* self, AuthHubConnector* connector) {
self->callback_list_.Notify(connector, AuthSurface::kInSession);
},
this, connector));
}
base::CallbackListSubscription AuthSurfaceRegistry::RegisterShownCallback(
CallbackList::CallbackType on_shown) {
return callback_list_.Add(std::move(on_shown));
}
} // namespace ash

44
chromeos/ash/components/osauth/impl/auth_surface_registry.h Normal file

@ -0,0 +1,44 @@
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROMEOS_ASH_COMPONENTS_OSAUTH_IMPL_AUTH_SURFACE_REGISTRY_H_
#define CHROMEOS_ASH_COMPONENTS_OSAUTH_IMPL_AUTH_SURFACE_REGISTRY_H_
#include "base/callback_list.h"
#include "base/component_export.h"
namespace ash {
class AuthHubConnector;
class COMPONENT_EXPORT(CHROMEOS_ASH_COMPONENTS_OSAUTH) AuthSurfaceRegistry {
public:
enum class AuthSurface {
kLoginScreen,
kLockScreen,
kInSession,
kMaxValue = kInSession,
};
AuthSurfaceRegistry();
~AuthSurfaceRegistry();
using CallbackList =
base::OnceCallbackList<void(AuthHubConnector*, AuthSurface)>;
void NotifyLoginScreenAuthDialogShown(AuthHubConnector* connector);
void NotifyLockScreenAuthDialogShown(AuthHubConnector* connector);
void NotifyInSessionAuthDialogShown(AuthHubConnector* connector);
base::CallbackListSubscription RegisterShownCallback(
CallbackList::CallbackType on_shown);
private:
base::OnceCallbackList<void(AuthHubConnector*, AuthSurface surface)>
callback_list_;
};
} // namespace ash
#endif // CHROMEOS_ASH_COMPONENTS_OSAUTH_IMPL_AUTH_SURFACE_REGISTRY_H_

2
chromeos/ash/components/osauth/public/auth_parts.h

@ -17,6 +17,7 @@ namespace ash {
class AuthHub;
class AuthPolicyConnector;
class AuthSessionStorage;
class AuthSurfaceRegistry;
class AuthFactorEngineFactory;
class CryptohomeCore;
@ -41,6 +42,7 @@ class COMPONENT_EXPORT(CHROMEOS_ASH_COMPONENTS_OSAUTH) AuthParts {
virtual AuthHub* GetAuthHub() = 0;
virtual CryptohomeCore* GetCryptohomeCore() = 0;
virtual AuthPolicyConnector* GetAuthPolicyConnector() = 0;
virtual AuthSurfaceRegistry* GetAuthSurfaceRegistry() = 0;
virtual void RegisterEngineFactory(
std::unique_ptr<AuthFactorEngineFactory> factory) = 0;