| // Copyright 2018 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef DEVICE_FIDO_FEATURES_H_ |
| #define DEVICE_FIDO_FEATURES_H_ |
| |
| #include "base/component_export.h" |
| #include "base/feature_list.h" |
| #include "build/build_config.h" |
| #include "build/chromeos_buildflags.h" |
| |
| namespace device { |
| |
| #if BUILDFLAG(IS_WIN) |
| // Controls whether on Windows, U2F/CTAP2 requests are forwarded to the |
| // native WebAuthentication API, where available. |
| COMPONENT_EXPORT(DEVICE_FIDO) BASE_DECLARE_FEATURE(kWebAuthUseNativeWinApi); |
| #endif // BUILDFLAG(IS_WIN) |
| |
| // Support the caBLE extension in assertion requests from any origin. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthCableExtensionAnywhere); |
| |
| #if BUILDFLAG(IS_CHROMEOS) |
| // Enable a ChromeOS platform authenticator |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthCrosPlatformAuthenticator); |
| #endif // BUILDFLAG(IS_CHROMEOS) |
| |
| #if BUILDFLAG(IS_ANDROID) |
| // Enable UI options to explicitly invoke hybrid CTAP authentication on |
| // Android. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnAndroidHybridClientUi); |
| #endif // BUILDFLAG(IS_ANDROID) |
| |
| // Feature flag for the Google-internal |
| // `WebAuthenticationAllowGoogleCorpRemoteRequestProxying` enterprise policy. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnGoogleCorpRemoteDesktopClientPrivilege); |
| |
| // Use the Android 14 Credential Manager API. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnAndroidCredMan); |
| |
| // Count kCtap2ErrPinRequired as meaning not recognised. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnPinRequiredMeansNotRecognized); |
| |
| // Advertise hybrid prelinking on Android even if the app doesn't have |
| // notifications permission. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnHybridLinkWithoutNotifications); |
| |
| // Don't allow the old style JSON where values could be `null`. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnNoNullInJSON); |
| |
| // Require the "easy accessor" fields to be provided in JSON attestation |
| // responses. Otherwise the fields are only checked if provided. |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnRequireEasyAccessorFieldsInJSON); |
| |
| // Enable support for iCloud Keychain |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnICloudKeychain); |
| |
| // Enable new hybrid UI |
| COMPONENT_EXPORT(DEVICE_FIDO) |
| BASE_DECLARE_FEATURE(kWebAuthnNewHybridUI); |
| |
| } // namespace device |
| |
| #endif // DEVICE_FIDO_FEATURES_H_ |