components/device_reauth/biometric_authenticator.h - chromium/src - Git at Google

 // Copyright 2019 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef COMPONENTS_DEVICE_REAUTH_BIOMETRIC_AUTHENTICATOR_H_
 #define COMPONENTS_DEVICE_REAUTH_BIOMETRIC_AUTHENTICATOR_H_

 #include "base/callback_forward.h"
 #include "base/memory/ref_counted.h"

 namespace device_reauth {

 // Different states for biometric availability for a given device. Either no
 // biometric hardware is available, hardware is available but the user has no
 // biometrics enrolled, or hardware is available and the user makes use of it.
 //
 // These values are persisted to logs. Entries should not be renumbered and
 // numeric values should never be reused.
 //
 // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.device_reauth
 enum class BiometricsAvailability {
   kOtherError = 0,
   kAvailable = 1,
   kAvailableNoFallback = 2,
   kNoHardware = 3,
   kHwUnavailable = 4,
   kNotEnrolled = 5,
   kSecurityUpdateRequired = 6,
   kAndroidVersionNotSupported = 7,

   kMaxValue = kAndroidVersionNotSupported,
 };

 // The filling surface asking for biometric authentication.
 //
 // These values are persisted to logs. Entries should not be renumbered and
 // numeric values should never be reused.
 //
 // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.device_reauth
 enum class BiometricAuthRequester {
   // The filling surface shown on the first tap on the field after page load.
   // This surface has replaced autofilling on Android.
   kTouchToFill = 0,

   // The suggestion presented in the keyboard accessory or autofill popup.
   kAutofillSuggestion = 1,

   // The keyboard accessory sheet displaying suggestions for manual filling.
   kFallbackSheet = 2,

   // The list displaying all saved passwords. Can be used for filling on
   // Android.
   kAllPasswordsList = 3,

   // The dialog displayed via the Credential Management API.
   kAccountChooserDialog = 4,

   // The list displaying all compromised passwords. Reauth is triggered before
   // starting automated password change.
   kPasswordCheckAutoPwdChange = 5,

   kMaxValue = kPasswordCheckAutoPwdChange,
 };

 // The result of the biometric authentication.
 //
 // These values are persisted to logs. Entries should not be renumbered and
 // numeric values should never be reused.
 enum class BiometricAuthFinalResult {
   // This value is used for when we don't know the exact auth method used. This
   // can be the case on Android versions under 11.
   kSuccessWithUnknownMethod = 0,
   kSuccessWithBiometrics = 1,
   kSuccessWithDeviceLock = 2,
   kCanceledByUser = 3,
   kFailed = 4,

   // Recorded when the auth succeeds after Chrome cancelled it.
   kSuccessButCanceled = 5,

   // Recorded when the auth fails after Chrome cancelled it.
   kFailedAndCanceled = 6,

   // Recorded if an authentication was requested within 60s of the previous
   // successful authentication.
   kAuthStillValid = 7,

   kMaxValue = kAuthStillValid,
 };

 // This interface encapsulates operations related to biometric authentication.
 // It's intended to be used prior to sharing the user's credentials with a
 // website, either via form filling or the Credential Management API.
 class BiometricAuthenticator : public base::RefCounted<BiometricAuthenticator> {
  public:
   using AuthenticateCallback = base::OnceCallback<void(bool)>;

   BiometricAuthenticator();
   BiometricAuthenticator(const BiometricAuthenticator&) = delete;
   BiometricAuthenticator& operator=(const BiometricAuthenticator&) = delete;

   // Returns whether biometrics are available for a given device. Only if this
   // returns kAvailable, callers can expect Authenticate() to succeed.
   virtual BiometricsAvailability CanAuthenticate() = 0;

   // Asks the user to authenticate. Invokes |callback| asynchronously when
   // the auth flow returns with the result.
   // |requester| is the filling surface that is asking for authentication.
   virtual void Authenticate(BiometricAuthRequester requester,
                             AuthenticateCallback callback) = 0;

   // Cancels an in-progress authentication if the filling surface requesting
   // the cancelation corresponds to the one for which the ongoing auth was
   // triggered.
   virtual void Cancel(BiometricAuthRequester requester) = 0;

  protected:
   virtual ~BiometricAuthenticator() = default;

  private:
   friend class base::RefCounted<BiometricAuthenticator>;
 };

 }  // namespace device_reauth

 #endif  // COMPONENTS_DEVICE_REAUTH_BIOMETRIC_AUTHENTICATOR_H_
	// Copyright 2019 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef COMPONENTS_DEVICE_REAUTH_BIOMETRIC_AUTHENTICATOR_H_
	#define COMPONENTS_DEVICE_REAUTH_BIOMETRIC_AUTHENTICATOR_H_

	#include "base/callback_forward.h"
	#include "base/memory/ref_counted.h"

	namespace device_reauth {

	// Different states for biometric availability for a given device. Either no
	// biometric hardware is available, hardware is available but the user has no
	// biometrics enrolled, or hardware is available and the user makes use of it.
	//
	// These values are persisted to logs. Entries should not be renumbered and
	// numeric values should never be reused.
	//
	// GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.device_reauth
	enum class BiometricsAvailability {
	kOtherError = 0,
	kAvailable = 1,
	kAvailableNoFallback = 2,
	kNoHardware = 3,
	kHwUnavailable = 4,
	kNotEnrolled = 5,
	kSecurityUpdateRequired = 6,
	kAndroidVersionNotSupported = 7,

	kMaxValue = kAndroidVersionNotSupported,
	};

	// The filling surface asking for biometric authentication.
	//
	// These values are persisted to logs. Entries should not be renumbered and
	// numeric values should never be reused.
	//
	// GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.device_reauth
	enum class BiometricAuthRequester {
	// The filling surface shown on the first tap on the field after page load.
	// This surface has replaced autofilling on Android.
	kTouchToFill = 0,

	// The suggestion presented in the keyboard accessory or autofill popup.
	kAutofillSuggestion = 1,

	// The keyboard accessory sheet displaying suggestions for manual filling.
	kFallbackSheet = 2,

	// The list displaying all saved passwords. Can be used for filling on
	// Android.
	kAllPasswordsList = 3,

	// The dialog displayed via the Credential Management API.
	kAccountChooserDialog = 4,

	// The list displaying all compromised passwords. Reauth is triggered before
	// starting automated password change.
	kPasswordCheckAutoPwdChange = 5,

	kMaxValue = kPasswordCheckAutoPwdChange,
	};

	// The result of the biometric authentication.
	//
	// These values are persisted to logs. Entries should not be renumbered and
	// numeric values should never be reused.
	enum class BiometricAuthFinalResult {
	// This value is used for when we don't know the exact auth method used. This
	// can be the case on Android versions under 11.
	kSuccessWithUnknownMethod = 0,
	kSuccessWithBiometrics = 1,
	kSuccessWithDeviceLock = 2,
	kCanceledByUser = 3,
	kFailed = 4,

	// Recorded when the auth succeeds after Chrome cancelled it.
	kSuccessButCanceled = 5,

	// Recorded when the auth fails after Chrome cancelled it.
	kFailedAndCanceled = 6,

	// Recorded if an authentication was requested within 60s of the previous
	// successful authentication.
	kAuthStillValid = 7,

	kMaxValue = kAuthStillValid,
	};

	// This interface encapsulates operations related to biometric authentication.
	// It's intended to be used prior to sharing the user's credentials with a
	// website, either via form filling or the Credential Management API.
	class BiometricAuthenticator : public base::RefCounted<BiometricAuthenticator> {
	public:
	using AuthenticateCallback = base::OnceCallback<void(bool)>;

	BiometricAuthenticator();
	BiometricAuthenticator(const BiometricAuthenticator&) = delete;
	BiometricAuthenticator& operator=(const BiometricAuthenticator&) = delete;

	// Returns whether biometrics are available for a given device. Only if this
	// returns kAvailable, callers can expect Authenticate() to succeed.
	virtual BiometricsAvailability CanAuthenticate() = 0;

	// Asks the user to authenticate. Invokes \|callback\| asynchronously when
	// the auth flow returns with the result.
	// \|requester\| is the filling surface that is asking for authentication.
	virtual void Authenticate(BiometricAuthRequester requester,
	AuthenticateCallback callback) = 0;

	// Cancels an in-progress authentication if the filling surface requesting
	// the cancelation corresponds to the one for which the ongoing auth was
	// triggered.
	virtual void Cancel(BiometricAuthRequester requester) = 0;

	protected:
	virtual ~BiometricAuthenticator() = default;

	private:
	friend class base::RefCounted<BiometricAuthenticator>;
	};

	} // namespace device_reauth

	#endif // COMPONENTS_DEVICE_REAUTH_BIOMETRIC_AUTHENTICATOR_H_