components/sync/protocol/gaia_password_reuse.proto - chromium/src - Git at Google

 // Copyright 2019 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Security Events used for recording security related events.

 // If you change or add any fields in this file, update proto_visitors.h and
 // potentially proto_enum_conversions.{h, cc}.

 syntax = "proto2";

 option java_multiple_files = true;
 option java_package = "org.chromium.components.sync.protocol";

 option optimize_for = LITE_RUNTIME;

 package sync_pb;

 // User reused their GAIA password on another website.
 message GaiaPasswordReuse {
   // Logged when we detect a password re-use event on a non-GAIA site.
   // If the user hasn’t enabled SafeBrowsing, this will be the last event.
   message PasswordReuseDetected {
     message SafeBrowsingStatus {
       // Is SafeBrowsing enabled?
       optional bool enabled = 1;
       // If SafeBrowsing is enabled, is the user opted-in to extended
       // reporting or Scout?
       enum ReportingPopulation {
         REPORTING_POPULATION_UNSPECIFIED = 0;
         NONE = 1;
         EXTENDED_REPORTING = 2;
         SCOUT = 3;
       }
       optional ReportingPopulation safe_browsing_reporting_population = 2;
     }
     optional SafeBrowsingStatus status = 1;
   }
   optional PasswordReuseDetected reuse_detected = 1;

   message PasswordReuseLookup {
     enum LookupResult {
       UNSPECIFIED = 0;
       // URL did match the password reuse whitelist.
       // No further action required related to this re-use event.
       WHITELIST_HIT = 1;
       // The URL exists in the client’s cache.
       // No further action required related to this re-use event.
       // This event also logs the ReputationVerdict.
       CACHE_HIT = 2;
       // A valid response received from the SafeBrowsing service.
       // This event also logs the ReputationVerdict.
       REQUEST_SUCCESS = 3;
       // Unable to get a valid response from the SafeBrowsing service.
       REQUEST_FAILURE = 4;
       // We won't be able to compute reputation for the URL e.g. local IP
       // address, localhost, not-yet-assigned by ICANN gTLD, etc.
       URL_UNSUPPORTED = 5;
       // URL did match enterprise whitelist.
       // No further action required related to this re-use event.
       ENTERPRISE_WHITELIST_HIT = 6;
       // Password reuse lookup is turned off by enterprise policy.
       // No further action required related to this re-use event.
       TURNED_OFF_BY_POLICY = 7;
     }
     optional LookupResult lookup_result = 1;

     // The following two are only present for CACHE_HIT and REQUEST_SUCCESS.
     // The verdict received from the Reputation service. This is set only
     // if the user has SafeBrowsing enabled and we fetch the verdict from the
     // cache or by sending a verdict request.
     enum ReputationVerdict {
       VERDICT_UNSPECIFIED = 0;
       SAFE = 1;
       LOW_REPUTATION = 2;
       PHISHING = 3;
     }
     optional ReputationVerdict verdict = 2;
     // PhishGuard token that identifies the verdict on the server.
     optional bytes verdict_token = 3;
   }
   // Logged when we try to detect whether the password was reused on a
   // Phishing or a Low-reputation site.
   optional PasswordReuseLookup reuse_lookup = 2;

   // Logged when the user interacts with the warning UI shown to encourage
   // password change if the site is Phishing or Low-reputation.
   message PasswordReuseDialogInteraction {
     enum InteractionResult {
       UNSPECIFIED = 0;
       // The user took the action suggested by the warning prompt.
       WARNING_ACTION_TAKEN = 1;
       // The user clicked ignore in the warning prompt.
       WARNING_ACTION_IGNORED = 2;
       // The warning UI was ignored, i.e. not interacted with by the user.
       // This could happen if the user navigates away from the page.
       WARNING_UI_IGNORED = 3;
       // The user clicked "Change Password" on chrome://settings page.
       WARNING_ACTION_TAKEN_ON_SETTINGS = 4;
     }
     optional InteractionResult interaction_result = 1;
   }
   optional PasswordReuseDialogInteraction dialog_interaction = 3;

   // TODO(markusheintz): Remove
   // DEPRECATED: DO NOT USE!
   // Logged when the user logs into Google, and at least once per 28d.
   message PasswordCaptured {
     enum EventTrigger {
       UNSPECIFIED = 0;
       // Event added because user logged in.
       USER_LOGGED_IN = 1;
       // Event added because 28d timer fired.
       EXPIRED_28D_TIMER = 2;
     }
     optional EventTrigger event_trigger = 1;
   }
   optional PasswordCaptured password_captured = 4;
 }
	// Copyright 2019 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.
	//
	// Security Events used for recording security related events.

	// If you change or add any fields in this file, update proto_visitors.h and
	// potentially proto_enum_conversions.{h, cc}.

	syntax = "proto2";

	option java_multiple_files = true;
	option java_package = "org.chromium.components.sync.protocol";

	option optimize_for = LITE_RUNTIME;

	package sync_pb;

	// User reused their GAIA password on another website.
	message GaiaPasswordReuse {
	// Logged when we detect a password re-use event on a non-GAIA site.
	// If the user hasn’t enabled SafeBrowsing, this will be the last event.
	message PasswordReuseDetected {
	message SafeBrowsingStatus {
	// Is SafeBrowsing enabled?
	optional bool enabled = 1;
	// If SafeBrowsing is enabled, is the user opted-in to extended
	// reporting or Scout?
	enum ReportingPopulation {
	REPORTING_POPULATION_UNSPECIFIED = 0;
	NONE = 1;
	EXTENDED_REPORTING = 2;
	SCOUT = 3;
	}
	optional ReportingPopulation safe_browsing_reporting_population = 2;
	}
	optional SafeBrowsingStatus status = 1;
	}
	optional PasswordReuseDetected reuse_detected = 1;

	message PasswordReuseLookup {
	enum LookupResult {
	UNSPECIFIED = 0;
	// URL did match the password reuse whitelist.
	// No further action required related to this re-use event.
	WHITELIST_HIT = 1;
	// The URL exists in the client’s cache.
	// No further action required related to this re-use event.
	// This event also logs the ReputationVerdict.
	CACHE_HIT = 2;
	// A valid response received from the SafeBrowsing service.
	// This event also logs the ReputationVerdict.
	REQUEST_SUCCESS = 3;
	// Unable to get a valid response from the SafeBrowsing service.
	REQUEST_FAILURE = 4;
	// We won't be able to compute reputation for the URL e.g. local IP
	// address, localhost, not-yet-assigned by ICANN gTLD, etc.
	URL_UNSUPPORTED = 5;
	// URL did match enterprise whitelist.
	// No further action required related to this re-use event.
	ENTERPRISE_WHITELIST_HIT = 6;
	// Password reuse lookup is turned off by enterprise policy.
	// No further action required related to this re-use event.
	TURNED_OFF_BY_POLICY = 7;
	}
	optional LookupResult lookup_result = 1;

	// The following two are only present for CACHE_HIT and REQUEST_SUCCESS.
	// The verdict received from the Reputation service. This is set only
	// if the user has SafeBrowsing enabled and we fetch the verdict from the
	// cache or by sending a verdict request.
	enum ReputationVerdict {
	VERDICT_UNSPECIFIED = 0;
	SAFE = 1;
	LOW_REPUTATION = 2;
	PHISHING = 3;
	}
	optional ReputationVerdict verdict = 2;
	// PhishGuard token that identifies the verdict on the server.
	optional bytes verdict_token = 3;
	}
	// Logged when we try to detect whether the password was reused on a
	// Phishing or a Low-reputation site.
	optional PasswordReuseLookup reuse_lookup = 2;

	// Logged when the user interacts with the warning UI shown to encourage
	// password change if the site is Phishing or Low-reputation.
	message PasswordReuseDialogInteraction {
	enum InteractionResult {
	UNSPECIFIED = 0;
	// The user took the action suggested by the warning prompt.
	WARNING_ACTION_TAKEN = 1;
	// The user clicked ignore in the warning prompt.
	WARNING_ACTION_IGNORED = 2;
	// The warning UI was ignored, i.e. not interacted with by the user.
	// This could happen if the user navigates away from the page.
	WARNING_UI_IGNORED = 3;
	// The user clicked "Change Password" on chrome://settings page.
	WARNING_ACTION_TAKEN_ON_SETTINGS = 4;
	}
	optional InteractionResult interaction_result = 1;
	}
	optional PasswordReuseDialogInteraction dialog_interaction = 3;

	// TODO(markusheintz): Remove
	// DEPRECATED: DO NOT USE!
	// Logged when the user logs into Google, and at least once per 28d.
	message PasswordCaptured {
	enum EventTrigger {
	UNSPECIFIED = 0;
	// Event added because user logged in.
	USER_LOGGED_IN = 1;
	// Event added because 28d timer fired.
	EXPIRED_28D_TIMER = 2;
	}
	optional EventTrigger event_trigger = 1;
	}
	optional PasswordCaptured password_captured = 4;
	}