// Copyright 2024 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/ui/webauthn/authenticator_request_window.h" #include <memory> #include <string> #include <utility> #include "base/command_line.h" #include "base/feature_list.h" #include "base/functional/bind.h" #include "base/functional/callback.h" #include "base/memory/raw_ptr.h" #include "base/memory/weak_ptr.h" #include "base/notreached.h" #include "base/strings/strcat.h" #include "chrome/browser/profiles/profile.h" #include "chrome/browser/ui/browser.h" #include "chrome/browser/ui/browser_finder.h" #include "chrome/browser/ui/browser_window.h" #include "chrome/browser/ui/tabs/tab_enums.h" #include "chrome/browser/ui/webauthn/user_actions.h" #include "chrome/browser/webauthn/authenticator_request_dialog_model.h" #include "chrome/browser/webauthn/gpm_enclave_controller.h" #include "chrome/browser/webauthn/webauthn_switches.h" #include "content/public/browser/navigation_controller.h" #include "content/public/browser/navigation_handle.h" #include "content/public/browser/web_contents_observer.h" #include "device/fido/enclave/metrics.h" #include "device/fido/features.h" #include "google_apis/gaia/gaia_urls.h" #include "net/base/url_util.h" #include "net/http/http_response_headers.h" #include "net/http/http_status_code.h" #include "ui/base/page_transition_types.h" #include "ui/gfx/geometry/point.h" #include "ui/gfx/geometry/rect.h" #include "url/origin.h" namespace { const char kGpmPinResetReauthUrl[] = …; const char kGpmPasskeyResetSuccessUrl[] = …; const char kGpmPasskeyResetFailUrl[] = …; // The kdi parameter here was generated from the following protobuf: // // { // operation: RETRIEVAL // retrieval_inputs: { // security_domain_name: "hw_protected" // } // } // // And then converted to bytes with: // // % gqui --outfile=rawproto:/tmp/out.pb from textproto:/tmp/input \ // proto gaia_frontend.ClientDecryptableKeyDataInputs // // Then the contents of `/tmp/out.pb` need to be base64url-encoded to produce // the "kdi" parameter's value. const char kKdi[] = …; GURL GetGpmResetPinUrl() { … } // This WebContents observer watches the WebView that shows a GAIA // reauthentication page. When that page navigates to a URL that includes the // resulting RAPT token, it invokes a callback with that token. class ReauthWebContentsObserver : public content::WebContentsObserver { … }; // The user may be prompted to reset their passkeys if the MagicArch PIN // challenge fails. MagicArch will then navigate to either // `kGpmPasskeyResetSuccessUrl` or `kGpmPasskeyResetFailUrl` after completing a // reset. The pages have a message on and a button. If the user clicks the // button, a ref is appended to the URL. This observer will observe which page // the user is on and call the `callback_`. class PasskeyResetWebContentsObserver : public content::WebContentsObserver { … }; // Shows a pop-up window containing some WebAuthn-related UI. This object // owns itself. class AuthenticatorRequestWindow : public content::WebContentsObserver, public AuthenticatorRequestDialogModel::Observer { … }; } // namespace void ShowAuthenticatorRequestWindow(content::WebContents* web_contents, AuthenticatorRequestDialogModel* model) { … } bool IsAuthenticatorRequestWindowUrl(const GURL& url) { … }
Codebase Browser
chromium