| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_QUICK_UNLOCK_PIN_STORAGE_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_QUICK_UNLOCK_PIN_STORAGE_H_ |
| 7 |
| 8 #include <string> |
| 9 |
| 10 #include "base/gtest_prod_util.h" |
| 11 #include "base/time/time.h" |
| 12 #include "components/keyed_service/core/keyed_service.h" |
| 13 |
| 14 class PrefService; |
| 15 |
| 16 namespace user_prefs { |
| 17 class PrefRegistrySyncable; |
| 18 } // namespace user_prefs |
| 19 |
| 20 class PinStorageTestApi; |
| 21 |
| 22 namespace chromeos { |
| 23 |
| 24 // TODO(jdufault): Figure out the UX we want on the lock screen when there are |
| 25 // multiple users. We will be storing either global or per-user unlock state. If |
| 26 // we end up storing global unlock state, we can pull the unlock attempt and |
| 27 // strong-auth code out of this class. |
| 28 |
| 29 class PinStorage : public KeyedService { |
| 30 public: |
| 31 // TODO(jdufault): Pull these values in from policy. See crbug.com/612271. |
| 32 static const int kMaximumUnlockAttempts = 3; |
| 33 static const base::TimeDelta kStrongAuthTimeout; |
| 34 |
| 35 // Registers profile prefs. |
| 36 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); |
| 37 |
| 38 explicit PinStorage(PrefService* pref_service); |
| 39 ~PinStorage() override; |
| 40 |
| 41 // Mark in storage that the user has had a strong authentication. This means |
| 42 // that they authenticated with their password, for example. PIN unlock will |
| 43 // timeout after a delay. |
| 44 void MarkStrongAuth(); |
| 45 // Returns true if the user has been strongly authenticated. |
| 46 bool HasStrongAuth() const; |
| 47 // Returns the time since the last strong authentication. This should not be |
| 48 // called if HasStrongAuth returns false. |
| 49 base::TimeDelta TimeSinceLastStrongAuth() const; |
| 50 |
| 51 // Add a PIN unlock attempt count. |
| 52 void AddUnlockAttempt(); |
| 53 // Reset the number of unlock attempts to 0. |
| 54 void ResetUnlockAttemptCount(); |
| 55 // Returns the number of unlock attempts. |
| 56 int unlock_attempt_count() const { return unlock_attempt_count_; } |
| 57 |
| 58 // Returns true if a pin is set. |
| 59 bool IsPinSet() const; |
| 60 // Sets the pin to the given value; IsPinSet will return true. |
| 61 void SetPin(const std::string& pin); |
| 62 // Removes the pin; IsPinSet will return false. |
| 63 void RemovePin(); |
| 64 |
| 65 // Is PIN entry currently available? |
| 66 bool IsPinAuthenticationAvailable() const; |
| 67 |
| 68 // Tries to authenticate the given pin. This will consume an unlock attempt. |
| 69 // This always returns false if IsPinAuthenticationAvailable returns false. |
| 70 bool TryAuthenticatePin(const std::string& pin); |
| 71 |
| 72 private: |
| 73 // Return the stored salt/secret. This is fetched directly from pref_service_. |
| 74 std::string PinSalt() const; |
| 75 std::string PinSecret() const; |
| 76 |
| 77 friend class ::PinStorageTestApi; |
| 78 |
| 79 PrefService* pref_service_; |
| 80 int unlock_attempt_count_ = 0; |
| 81 base::Time last_strong_auth_; |
| 82 |
| 83 DISALLOW_COPY_AND_ASSIGN(PinStorage); |
| 84 }; |
| 85 |
| 86 } // namespace chromeos |
| 87 |
| 88 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_QUICK_UNLOCK_PIN_STORAGE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1977923002:
Implement pin storage backend. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@lkgr