blob: b5e848db1991ffc8a36f2e2899d22c362db67976 [file] [log] [blame]
Avi Drissman4e1b7bc32022-09-15 14:03:501// Copyright 2019 The Chromium Authors
Manas Verma2ff0cc572019-03-19 23:42:562// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
Amos Lim12696e5e32022-09-16 07:37:585#ifndef CONTENT_BROWSER_WEBAUTH_AUTHENTICATOR_COMMON_IMPL_H_
6#define CONTENT_BROWSER_WEBAUTH_AUTHENTICATOR_COMMON_IMPL_H_
Manas Verma2ff0cc572019-03-19 23:42:567
8#include <stdint.h>
9
10#include <memory>
Arthur Sonzognic686e8f2024-01-11 08:36:3711#include <optional>
Manas Verma2ff0cc572019-03-19 23:42:5612#include <string>
13#include <vector>
14
Nina Satragno6e0f1ab2024-06-13 22:28:1115#include "base/memory/weak_ptr.h"
Adam Langleye8ba2cc2024-08-06 13:53:2316#include "base/types/strong_alias.h"
Ken Buchananbe8629f2025-01-11 03:37:1617#include "content/browser/webauth/client_data_json.h"
Manas Verma2ff0cc572019-03-19 23:42:5618#include "content/common/content_export.h"
Amos Lim12696e5e32022-09-16 07:37:5819#include "content/public/browser/authenticator_common.h"
Manas Verma2ff0cc572019-03-19 23:42:5620#include "content/public/browser/authenticator_request_client_delegate.h"
Adam Langleyb0385822021-03-19 23:34:0021#include "content/public/browser/global_routing_id.h"
Martin Kreichgauer165ff722021-08-26 01:33:5222#include "content/public/browser/web_authentication_request_proxy.h"
Manas Verma2ff0cc572019-03-19 23:42:5623#include "device/fido/authenticator_get_assertion_response.h"
24#include "device/fido/authenticator_make_credential_response.h"
Ken Buchananbe8629f2025-01-11 03:37:1625#include "device/fido/fido_request_handler_base.h"
Adam Langley6f8b030d2020-04-06 20:10:5726#include "device/fido/make_credential_request_handler.h"
Julie Jeongeun Kimb6a0a1f2019-03-21 05:08:2627#include "third_party/blink/public/mojom/webauthn/authenticator.mojom.h"
Manas Verma2ff0cc572019-03-19 23:42:5628
29namespace device {
30
Martin Kreichgauer0b24720b2020-08-17 19:58:2331class FidoDiscoveryFactory;
Manas Verma2ff0cc572019-03-19 23:42:5632
33enum class FidoReturnCode : uint8_t;
34
Martin Kreichgauerabd93b982019-08-30 19:35:3835enum class GetAssertionStatus;
36enum class MakeCredentialStatus;
37
Manas Verma2ff0cc572019-03-19 23:42:5638} // namespace device
39
Manas Verma2ff0cc572019-03-19 23:42:5640namespace url {
41class Origin;
42}
43
44namespace content {
45
46class BrowserContext;
47class RenderFrameHost;
Ken Buchanan3889e2b2020-02-11 04:26:5348class WebAuthRequestSecurityChecker;
Manas Verma2ff0cc572019-03-19 23:42:5649
Martin Kreichgauer3b3a6572020-09-24 08:49:4850enum class RequestExtension;
Adam Langley70a24152022-08-30 02:01:0451enum class AttestationErasureOption;
Martin Kreichgauer3b3a6572020-09-24 08:49:4852
Andrii Natiahlyi6b2f4b12024-09-03 14:58:4253// https://w3c.github.io/webauthn/#enumdef-clientcapability
54namespace client_capabilities {
55
Nina Satragno7e1175ff2024-09-17 15:12:3556// This is the subset of client capabilities computed by the browser. See also
57// //third_party/blink/renderer/modules/credentialmanagement/public_key_credential.cc.
Martin Kreichgauera57d2f12025-03-12 16:47:4558inline constexpr char kConditionalCreate[] = "conditionalCreate";
Andrii Natiahlyi6b2f4b12024-09-03 14:58:4259inline constexpr char kConditionalGet[] = "conditionalGet";
60inline constexpr char kHybridTransport[] = "hybridTransport";
61inline constexpr char kPasskeyPlatformAuthenticator[] =
62 "passkeyPlatformAuthenticator";
63inline constexpr char kUserVerifyingPlatformAuthenticator[] =
64 "userVerifyingPlatformAuthenticator";
65inline constexpr char kRelatedOrigins[] = "relatedOrigins";
Adem Derineld5640322025-04-24 09:14:0666inline constexpr char kImmediateGet[] = "immediateGet";
Andrii Natiahlyi6b2f4b12024-09-03 14:58:4267
68} // namespace client_capabilities
69
Manas Verma9ba13692019-03-21 21:01:0070// Common code for any WebAuthn Authenticator interfaces.
Amos Lim12696e5e32022-09-16 07:37:5871class CONTENT_EXPORT AuthenticatorCommonImpl : public AuthenticatorCommon {
Manas Verma2ff0cc572019-03-19 23:42:5672 public:
Adam Langley3ec44c22023-08-10 01:04:0173 // ServingRequestsFor enumerates the sources of WebAuthn requests.
74 enum class ServingRequestsFor {
75 // kInternalUses is for synthesized requests that don't originate from
76 // any Javascript call.
77 kInternalUses,
78 // kWebContents is for typical cases where Javascript is making a
79 // `navigator.credentials` call.
80 kWebContents,
81 };
82
Nina Satragno129251c2023-10-23 21:50:4083 // These values are persisted to logs. Entries should not be renumbered and
84 // numeric values should never be reused.
Ken Buchanand5edc0782024-06-10 22:01:2285 enum class CredentialRequestResult {
Nina Satragno129251c2023-10-23 21:50:4086 kTimeout = 0,
87 kUserCancelled = 1,
88
89 kWinNativeSuccess = 2,
90 kWinNativeError = 3,
91
92 kTouchIDSuccess = 4,
93 kTouchIDError = 5,
94
95 kChromeOSSuccess = 6,
96 kChromeOSError = 7,
97
98 kPhoneSuccess = 8,
99 kPhoneError = 9,
100
101 kICloudKeychainSuccess = 10,
102 kICloudKeychainError = 11,
103
104 kEnclaveSuccess = 12,
105 kEnclaveError = 13,
106
107 kOtherSuccess = 14,
108 kOtherError = 15,
109
110 kMaxValue = kOtherError,
111 };
112
Amos Lim12696e5e32022-09-16 07:37:58113 // Creates a new AuthenticatorCommonImpl. Callers must ensure that this
114 // instance outlives the RenderFrameHost.
Adam Langley3ec44c22023-08-10 01:04:01115 explicit AuthenticatorCommonImpl(RenderFrameHost* render_frame_host,
116 ServingRequestsFor serving_requests_for);
Peter Boström828b9022021-09-21 02:28:43117
Amos Lim12696e5e32022-09-16 07:37:58118 AuthenticatorCommonImpl(const AuthenticatorCommonImpl&) = delete;
119 AuthenticatorCommonImpl& operator=(const AuthenticatorCommonImpl&) = delete;
Peter Boström828b9022021-09-21 02:28:43120
Amos Lim12696e5e32022-09-16 07:37:58121 ~AuthenticatorCommonImpl() override;
Manas Verma2ff0cc572019-03-19 23:42:56122
Amos Lim12696e5e32022-09-16 07:37:58123 // AuthenticatorCommon:
Manas Verma9ba13692019-03-21 21:01:00124 void MakeCredential(
125 url::Origin caller_origin,
126 blink::mojom::PublicKeyCredentialCreationOptionsPtr options,
Amos Lim12696e5e32022-09-16 07:37:58127 blink::mojom::Authenticator::MakeCredentialCallback callback) override;
Adem Derinel72e11db2025-02-11 15:58:00128 void GetCredential(
Amos Lim12696e5e32022-09-16 07:37:58129 url::Origin caller_origin,
130 blink::mojom::PublicKeyCredentialRequestOptionsPtr options,
131 blink::mojom::PaymentOptionsPtr payment,
Adem Derinel72e11db2025-02-11 15:58:00132 blink::mojom::Authenticator::GetCredentialCallback callback) override;
Manas Verma9ba13692019-03-21 21:01:00133 void IsUserVerifyingPlatformAuthenticatorAvailable(
Martin Kreichgauer1f4aa592023-01-06 18:39:37134 url::Origin caller_origin,
Manas Verma9ba13692019-03-21 21:01:00135 blink::mojom::Authenticator::
Amos Lim12696e5e32022-09-16 07:37:58136 IsUserVerifyingPlatformAuthenticatorAvailableCallback callback)
137 override;
Nina Satragnoc3444e8f2022-08-04 22:43:00138 void IsConditionalMediationAvailable(
Martin Kreichgauer1f4aa592023-01-06 18:39:37139 url::Origin caller_origin,
Nina Satragnoc3444e8f2022-08-04 22:43:00140 blink::mojom::Authenticator::IsConditionalMediationAvailableCallback
Amos Lim12696e5e32022-09-16 07:37:58141 callback) override;
142 void Cancel() override;
143 void Cleanup() override;
144 void DisableUI() override;
Nina Satragno8d67dec32023-04-18 22:10:44145 void DisableTLSCheck() override;
Amos Lim12696e5e32022-09-16 07:37:58146 RenderFrameHost* GetRenderFrameHost() const override;
147 void EnableRequestProxyExtensionsAPISupport() override;
Martin Kreichgauer8c97189a2022-01-10 20:31:43148
Andrii Natiahlyi6b2f4b12024-09-03 14:58:42149 // GetClientCapabilities returns a list WebAuthn capabilities of the browser
150 // via the `callback` parameter. Websites can use this information to
151 // determine which WebAuthn features and extensions are supported and tailor
152 // their requests accordingly.
153 void GetClientCapabilities(
154 url::Origin caller_origin,
155 blink::mojom::Authenticator::GetClientCapabilitiesCallback callback);
156
Gabriel Viera7bc08f212024-07-10 15:42:33157 // Report attempts to report a WebAuthn credential on behalf of
158 // `caller_origin` using the supplied `options` and invokes `callback` with
159 // the result.
160 void Report(url::Origin caller_origin,
161 blink::mojom::PublicKeyCredentialReportOptionsPtr options,
162 blink::mojom::Authenticator::ReportCallback callback);
163
Manas Verma2ff0cc572019-03-19 23:42:56164 protected:
Martin Kreichgauer37ace492021-04-08 23:36:46165 // MaybeCreateRequestDelegate returns the embedder-provided implementation of
166 // AuthenticatorRequestClientDelegate, which encapsulates per-request state
167 // relevant to the embedder, e.g. because it is used to display browser UI.
168 //
169 // Chrome may return nullptr here in order to ensure that at most one request
170 // per WebContents is ongoing at once.
Nina Satragnof3b63e72019-08-20 16:44:38171 virtual std::unique_ptr<AuthenticatorRequestClientDelegate>
Martin Kreichgauer37ace492021-04-08 23:36:46172 MaybeCreateRequestDelegate();
Manas Verma2ff0cc572019-03-19 23:42:56173
Manas Verma2ff0cc572019-03-19 23:42:56174 private:
Manas Verma9ba13692019-03-21 21:01:00175 friend class AuthenticatorImplTest;
Adam Langleyf59b55602023-07-05 19:51:20176 struct RequestState;
Adam Langleye8ba2cc2024-08-06 13:53:23177 // A RequestKey is a magic value that identifies a request. Since requests can
178 // be canceled, some callbacks need to ensure that they're still operating on
179 // the same request when they resolve.
180 using RequestKey = base::StrongAlias<class RequestKeyTag, uint64_t>;
Manas Verma2ff0cc572019-03-19 23:42:56181
182 // Enumerates whether or not to check that the WebContents has focus.
183 enum class Focus {
184 kDoCheck,
185 kDontCheck,
186 };
187
Adam Langley6d16761b2023-11-01 21:39:51188 void ContinueMakeCredentialAfterRpIdCheck(
Adam Langleye8ba2cc2024-08-06 13:53:23189 RequestKey request_key,
Adam Langley6d16761b2023-11-01 21:39:51190 url::Origin caller_origin,
191 blink::mojom::PublicKeyCredentialCreationOptionsPtr options,
192 bool is_cross_origin_iframe,
193 blink::mojom::AuthenticatorStatus rp_id_validation_result);
Martin Kreichgauer90c3da42024-05-09 18:34:26194 void ContinueMakeCredentialAfterBrowserPasskeysAvailabilityCheck(
Adam Langleye8ba2cc2024-08-06 13:53:23195 RequestKey request_key,
Martin Kreichgauer90c3da42024-05-09 18:34:26196 bool available);
Ken Buchanan90fe29552024-04-26 21:15:48197 void ContinueMakeCredentialAfterIsUvpaaOverrideCheck(
Adam Langleye8ba2cc2024-08-06 13:53:23198 RequestKey request_key,
Ken Buchanan90fe29552024-04-26 21:15:48199 std::optional<bool> is_uvpaa_override);
Adam Langley6d16761b2023-11-01 21:39:51200
201 void ContinueGetAssertionAfterRpIdCheck(
Adam Langleye8ba2cc2024-08-06 13:53:23202 RequestKey request_key,
Adam Langley6d16761b2023-11-01 21:39:51203 url::Origin caller_origin,
204 blink::mojom::PublicKeyCredentialRequestOptionsPtr options,
205 blink::mojom::PaymentOptionsPtr payment_options,
206 bool is_cross_origin_iframe,
207 blink::mojom::AuthenticatorStatus rp_id_validation_result);
Martin Kreichgauer90c3da42024-05-09 18:34:26208 void ContinueGetAssertionAfterBrowserPasskeysAvailabilityCheck(
Adam Langleye8ba2cc2024-08-06 13:53:23209 RequestKey request_key,
Martin Kreichgauer90c3da42024-05-09 18:34:26210 bool available);
Ken Buchanan90fe29552024-04-26 21:15:48211 void ContinueGetAssertionAfterIsUvpaaOverrideCheck(
Adam Langleye8ba2cc2024-08-06 13:53:23212 RequestKey request_key,
Ken Buchanan90fe29552024-04-26 21:15:48213 std::optional<bool> is_uvpaa_override);
214
215 void ContinueIsUvpaaAfterOverrideCheck(
216 blink::mojom::Authenticator::
217 IsUserVerifyingPlatformAuthenticatorAvailableCallback callback,
Andrii Natiahlyi6b2f4b12024-09-03 14:58:42218 bool is_get_client_capabilities_call,
Ken Buchanan90fe29552024-04-26 21:15:48219 std::optional<bool> is_uvpaa_override);
220
221 void ContinueIsConditionalMediationAvailableAfterOverrideCheck(
222 url::Origin caller_origin,
223 blink::mojom::Authenticator::IsConditionalMediationAvailableCallback
224 callback,
225 std::optional<bool> is_uvpaa_override);
Adam Langley6d16761b2023-11-01 21:39:51226
Gabriel Viera7bc08f212024-07-10 15:42:33227 void ContinueReportAfterRpIdCheck(
Adam Langleye8ba2cc2024-08-06 13:53:23228 RequestKey request_key,
Gabriel Viera7bc08f212024-07-10 15:42:33229 blink::mojom::PublicKeyCredentialReportOptionsPtr options,
230 blink::mojom::AuthenticatorStatus rp_id_validation_result);
231
Adem Derineldc2d52f2024-09-19 08:06:56232 void GetMetricsWrappedMakeCredentialCallback(
233 blink::mojom::Authenticator::MakeCredentialCallback callback,
234 blink::mojom::AuthenticatorStatus status,
235 blink::mojom::MakeCredentialAuthenticatorResponsePtr
236 authenticator_response,
237 blink::mojom::WebAuthnDOMExceptionDetailsPtr dom_exception_details);
238
Adem Derinel72e11db2025-02-11 15:58:00239 void GetMetricsWrappedGetCredentialCallback(
240 blink::mojom::Authenticator::GetCredentialCallback callback,
241 blink::mojom::GetCredentialResponsePtr response);
Adem Derineldc2d52f2024-09-19 08:06:56242
Martin Kreichgauer8c97189a2022-01-10 20:31:43243 // Replaces the current |request_handler_| with a
244 // |MakeCredentialRequestHandler|, effectively restarting the request.
Nina Satragno70589ab2019-10-02 16:40:04245 void StartMakeCredentialRequest(bool allow_skipping_pin_touch);
Nina Satragno31e3fa42019-06-03 21:44:28246
Martin Kreichgauer8c97189a2022-01-10 20:31:43247 // Replaces the current |request_handler_| with a
248 // |GetAssertionRequestHandler|, effectively restarting the request.
Nina Satragno70589ab2019-10-02 16:40:04249 void StartGetAssertionRequest(bool allow_skipping_pin_touch);
Nina Satragno31e3fa42019-06-03 21:44:28250
Manas Verma2ff0cc572019-03-19 23:42:56251 bool IsFocused() const;
252
Andrii Natiahlyie480a492024-09-18 15:20:37253 // Checks if hybrid transport is supported on this device, i.e. if it has a
254 // Bluetooth adapter that supports BLE. If so, runs |callback| with `true`.
255 // Otherwise, or if Bluetooth is disabled by Permissions Policy, runs
256 // |callback| with `false`.
257 void IsHybridTransportSupported(base::OnceCallback<void(bool)> callback);
258
Andrii Natiahlyi6b2f4b12024-09-03 14:58:42259 // `is_get_client_capabilities_call` is true if this call originated from the
260 // `GetClientCapabilities` method. The UMA metric is only recorded if this is
261 // false, i.e. the call came directly from
262 // `IsUserVerifyingPlatformAuthenticatorAvailable`.
263 void IsUvpaaAvailableInternal(
264 url::Origin caller_origin,
265 blink::mojom::Authenticator::
266 IsUserVerifyingPlatformAuthenticatorAvailableCallback callback,
267 bool is_get_client_capabilities_call);
268
Nina Satragnofe6e52ad72022-06-01 14:04:14269 void DispatchGetAssertionRequest(
270 const std::string& authenticator_id,
Arthur Sonzognic686e8f2024-01-11 08:36:37271 std::optional<std::vector<uint8_t>> credential_id);
Nina Satragnofe6e52ad72022-06-01 14:04:14272
Manas Verma2ff0cc572019-03-19 23:42:56273 // Callback to handle the async response from a U2fDevice.
274 void OnRegisterResponse(
Martin Kreichgauerabd93b982019-08-30 19:35:38275 device::MakeCredentialStatus status_code,
Arthur Sonzognic686e8f2024-01-11 08:36:37276 std::optional<device::AuthenticatorMakeCredentialResponse> response_data,
Martin Kreichgauer3676c7282019-07-19 19:27:22277 const device::FidoAuthenticator* authenticator);
Manas Verma2ff0cc572019-03-19 23:42:56278
Manas Verma2ff0cc572019-03-19 23:42:56279 // Callback to handle the async response from a U2fDevice.
280 void OnSignResponse(
Martin Kreichgauerabd93b982019-08-30 19:35:38281 device::GetAssertionStatus status_code,
Arthur Sonzognic686e8f2024-01-11 08:36:37282 std::optional<std::vector<device::AuthenticatorGetAssertionResponse>>
Adam Langley3ec44c22023-08-10 01:04:01283 response_data,
284 device::FidoAuthenticator* authenticator);
Manas Verma2ff0cc572019-03-19 23:42:56285
Martin Kreichgauer8c97189a2022-01-10 20:31:43286 // Begins a timeout at the beginning of a request.
Arthur Sonzognic686e8f2024-01-11 08:36:37287 void BeginRequestTimeout(std::optional<base::TimeDelta> timeout);
Martin Kreichgauer8c97189a2022-01-10 20:31:43288
Adem Derinel38626c22025-05-22 13:31:58289 // Called when a request times out. This is for options.timeout parameter.
Manas Verma2ff0cc572019-03-19 23:42:56290 void OnTimeout();
Martin Kreichgauer8c97189a2022-01-10 20:31:43291
Adem Derinel38626c22025-05-22 13:31:58292 // Begins a timeout at the beginning of an immediate mediation request.
293 void BeginImmediateRequestTimeout();
294
295 // Called when an immediate mediation request times out.
296 void OnImmediateTimeout();
297
298 // Cancels the immediate mediation timer when the UI is shown.
299 void CancelImmediateTimeout();
300
Adem Derinelbe67ee72025-06-16 07:01:30301 // Cancels the current request if it's an immediate mediation and no immediate
302 // mediation UI was shown.
303 void CancelRequestForImmediateMediation();
304
Suzy Lid4dda9c2019-05-10 17:36:42305 // Cancels the currently pending request (if any) with the supplied status.
306 void CancelWithStatus(blink::mojom::AuthenticatorStatus status);
Martin Kreichgauer8c97189a2022-01-10 20:31:43307
Manas Verma2ff0cc572019-03-19 23:42:56308 // Runs when the user cancels WebAuthN request via UI dialog.
Suzy Lid4dda9c2019-05-10 17:36:42309 void OnCancelFromUI();
Manas Verma2ff0cc572019-03-19 23:42:56310
Adam Langleyf72000b2019-03-27 16:04:24311 // Called when a GetAssertion has completed, either because an allow_list was
312 // used and so an answer is returned directly, or because the user selected an
313 // account from the options.
314 void OnAccountSelected(device::AuthenticatorGetAssertionResponse response);
315
Martin Kreichgauer86faed32019-08-29 18:44:44316 // Signals to the request delegate that the request has failed for |reason|.
317 // The request delegate decides whether to present the user with a visual
318 // error before the request is finally resolved with |status|.
Manas Verma2ff0cc572019-03-19 23:42:56319 void SignalFailureToRequestDelegate(
Martin Kreichgauer86faed32019-08-29 18:44:44320 AuthenticatorRequestClientDelegate::InterestingFailureReason reason,
321 blink::mojom::AuthenticatorStatus status);
Manas Verma2ff0cc572019-03-19 23:42:56322
zakaria ridouh15ce79e12021-09-24 20:20:14323 // Creates a make credential response
324 blink::mojom::MakeCredentialAuthenticatorResponsePtr
325 CreateMakeCredentialResponse(
326 device::AuthenticatorMakeCredentialResponse response_data,
327 AttestationErasureOption attestation_erasure);
328
Martin Kreichgauer393f5ef2021-03-30 23:57:57329 // Runs |make_credential_response_callback_| and then Cleanup().
330 void CompleteMakeCredentialRequest(
Manas Verma2ff0cc572019-03-19 23:42:56331 blink::mojom::AuthenticatorStatus status,
Manas Verma9ba13692019-03-21 21:01:00332 blink::mojom::MakeCredentialAuthenticatorResponsePtr response = nullptr,
Martin Kreichgauer6119e842022-01-28 01:52:41333 blink::mojom::WebAuthnDOMExceptionDetailsPtr dom_exception_details =
334 nullptr,
Manas Verma9ba13692019-03-21 21:01:00335 Focus focus_check = Focus::kDontCheck);
Martin Kreichgauer393f5ef2021-03-30 23:57:57336
zakaria ridouh15ce79e12021-09-24 20:20:14337 // Creates a get assertion response.
338 blink::mojom::GetAssertionAuthenticatorResponsePtr CreateGetAssertionResponse(
Nina Satragno7f33f9b2023-01-31 22:09:03339 device::AuthenticatorGetAssertionResponse response_data);
zakaria ridouh15ce79e12021-09-24 20:20:14340
Nina Satragno63637f32022-04-27 18:18:57341 // Runs |get_assertion_response_callback_| and then Cleanup().
Martin Kreichgauer393f5ef2021-03-30 23:57:57342 void CompleteGetAssertionRequest(
Manas Verma2ff0cc572019-03-19 23:42:56343 blink::mojom::AuthenticatorStatus status,
Martin Kreichgauer6119e842022-01-28 01:52:41344 blink::mojom::GetAssertionAuthenticatorResponsePtr response = nullptr,
345 blink::mojom::WebAuthnDOMExceptionDetailsPtr dom_exception_details =
346 nullptr);
Manas Verma2ff0cc572019-03-19 23:42:56347
Adem Derinel72e11db2025-02-11 15:58:00348 void HandlePasswordResponse(password_manager::CredentialInfo credential);
349
Adam Langley3ec44c22023-08-10 01:04:01350 AuthenticatorRequestClientDelegate::RequestSource RequestSource() const;
Adam Langleyb0385822021-03-19 23:34:00351 BrowserContext* GetBrowserContext() const;
Manas Verma2ff0cc572019-03-19 23:42:56352
Gabriel Viera7bc08f212024-07-10 15:42:33353 // Runs |report_response_callback_| and then Cleanup().
354 void CompleteReportRequest(blink::mojom::AuthenticatorStatus status,
355 blink::mojom::WebAuthnDOMExceptionDetailsPtr
356 dom_exception_details = nullptr);
357
Martin Kreichgauer0b24720b2020-08-17 19:58:23358 // Returns the FidoDiscoveryFactory for the current request. This may be a
359 // real instance, or one injected by the Virtual Authenticator environment, or
360 // a unit testing fake. InitDiscoveryFactory() must be called before this
361 // accessor. It gets reset at the end of each request by Cleanup().
362 device::FidoDiscoveryFactory* discovery_factory();
Martin Kreichgauer4ce13be2022-10-28 23:20:21363 void InitDiscoveryFactory();
Martin Kreichgauer0b24720b2020-08-17 19:58:23364
Martin Kreichgauer1f4aa592023-01-06 18:39:37365 WebAuthenticationRequestProxy* GetWebAuthnRequestProxyIfActive(
366 const url::Origin& caller_origin);
Martin Kreichgauer165ff722021-08-26 01:33:52367
Martin Kreichgauer8c97189a2022-01-10 20:31:43368 void OnMakeCredentialProxyResponse(
Adam Langleye8ba2cc2024-08-06 13:53:23369 RequestKey request_key,
Martin Kreichgauerb27f6312022-01-25 00:03:32370 WebAuthenticationRequestProxy::RequestId request_id,
Martin Kreichgauer6119e842022-01-28 01:52:41371 blink::mojom::WebAuthnDOMExceptionDetailsPtr error,
Martin Kreichgauer8c97189a2022-01-10 20:31:43372 blink::mojom::MakeCredentialAuthenticatorResponsePtr response);
373
Martin Kreichgauer1beaff02022-02-02 18:58:42374 void OnGetAssertionProxyResponse(
Adam Langleye8ba2cc2024-08-06 13:53:23375 RequestKey request_key,
Martin Kreichgauer1beaff02022-02-02 18:58:42376 WebAuthenticationRequestProxy::RequestId request_id,
377 blink::mojom::WebAuthnDOMExceptionDetailsPtr error,
378 blink::mojom::GetAssertionAuthenticatorResponsePtr response);
379
Ken Buchananbe8629f2025-01-11 03:37:16380 void UpdateChallengeFromUrl(
381 ClientDataJsonParams params,
382 std::optional<base::span<const uint8_t>> challenge);
383
Adam Langleye8ba2cc2024-08-06 13:53:23384 // Get an identifier for the current request. Callbacks that might span a
385 // cancelation must hold one of these values to check whether they're still
386 // pertinent when called.
387 RequestKey GetRequestKey();
388 // Check whether the given `RequestKey` identifies the current request.
389 [[nodiscard]] bool CheckRequestKey(RequestKey key);
390
Alexander Timin8690530c2021-06-19 00:34:32391 const GlobalRenderFrameHostId render_frame_host_id_;
Adam Langley3ec44c22023-08-10 01:04:01392 const ServingRequestsFor serving_requests_for_;
Adam Langleyf59b55602023-07-05 19:51:20393 const scoped_refptr<WebAuthRequestSecurityChecker> security_checker_;
394
395 // These members hold state that spans different requests. All
396 // request-specific state should go in `RequestState` to ensure that it's
397 // cleared between requests.
Avi Drissmanc306dde72023-07-02 18:46:27398 bool disable_tls_check_ = false;
Adam Langleyf59b55602023-07-05 19:51:20399 bool disable_ui_ = false;
Martin Kreichgauer8c97189a2022-01-10 20:31:43400 bool enable_request_proxy_api_ = false;
Martin Kreichgauer3b3a6572020-09-24 08:49:48401
Adam Langleye8ba2cc2024-08-06 13:53:23402 // The RequestKey of the next request. This starts at one so that a
403 // `RequestKey` that was default initialized to zero is invalid.
404 uint64_t next_request_key_ = 1;
405
Adam Langleyf59b55602023-07-05 19:51:20406 // req_state_ contains all state specific to a single WebAuthn call. It
407 // only contains a value when a request is being processed.
408 std::unique_ptr<RequestState> req_state_;
Martin Kreichgauerb27f6312022-01-25 00:03:32409
Ken Buchanan90fe29552024-04-26 21:15:48410 // Cached values from the WebAuthenticationDelegate.
Martin Kreichgauer90c3da42024-05-09 18:34:26411 bool browser_passkeys_available_ = false;
Ken Buchanan90fe29552024-04-26 21:15:48412 std::optional<bool> is_uvpaa_override_;
413
Amos Lim12696e5e32022-09-16 07:37:58414 base::WeakPtrFactory<AuthenticatorCommonImpl> weak_factory_{this};
Manas Verma2ff0cc572019-03-19 23:42:56415};
416
417} // namespace content
418
Amos Lim12696e5e32022-09-16 07:37:58419#endif // CONTENT_BROWSER_WEBAUTH_AUTHENTICATOR_COMMON_IMPL_H_