1 // Copyright 2019 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef ASH_PUBLIC_CPP_LOGIN_TYPES_H_ 6 #define ASH_PUBLIC_CPP_LOGIN_TYPES_H_ 7 8 #include "ash/public/cpp/ash_public_export.h" 9 #include "ash/public/cpp/session/user_info.h" 10 #include "base/callback.h" 11 #include "base/time/time.h" 12 #include "base/token.h" 13 #include "chromeos/components/proximity_auth/public/mojom/auth_type.mojom-forward.h" 14 #include "chromeos/components/security_token_pin/constants.h" 15 #include "components/account_id/account_id.h" 16 17 namespace ash { 18 19 // State of the Oobe UI dialog, which is used to update the visibility of login 20 // shelf buttons. 21 // This comes from OOBE_UI_STATE defined in display_manager_types.js, with an 22 // additional value HIDDEN to indicate the visibility of the oobe ui dialog. 23 enum class OobeDialogState { 24 // Showing other screen, which does not impact the visibility of login shelf 25 // buttons. 26 NONE = 0, 27 28 // Showing gaia signin screen. 29 GAIA_SIGNIN = 1, 30 31 // 2 is unused to keep in sync with display_manager.js 32 33 // Showing wrong hardware identification screen. 34 WRONG_HWID_WARNING = 3, 35 36 // Showing supervised user creation screen. 37 SUPERVISED_USER_CREATION_FLOW = 4, 38 39 // Showing SAML password confirmation screen. 40 SAML_PASSWORD_CONFIRM = 5, 41 42 // Showing password changed screen. 43 PASSWORD_CHANGED = 6, 44 45 // Showing device enrollment screen. 46 ENROLLMENT = 7, 47 48 // Showing error screen. 49 ERROR = 8, 50 51 // Showing any of post-login onboarding screens. 52 ONBOARDING = 9, 53 54 // Screen that blocks device usage for some reason. 55 BLOCKING = 10, 56 57 // Showing any of kiosk launch screens. 58 KIOSK_LAUNCH = 11, 59 60 // Showing data migration screen. 61 MIGRATION = 12, 62 63 // Oobe UI dialog is currently hidden. 64 HIDDEN = 13, 65 66 // Showing login UI provided by a Chrome extension using chrome.loginScreenUi 67 // API. 68 EXTENSION_LOGIN = 14, 69 70 // Showing user creation screen. 71 USER_CREATION = 15, 72 }; 73 74 // Supported multi-profile user behavior values. 75 // Keep in sync with the enum in chromeos_user_pod_row.js and user_pod_row.js 76 // TODO(estade): change all the enums to use kCamelCase. 77 enum class MultiProfileUserBehavior { 78 UNRESTRICTED = 0, 79 PRIMARY_ONLY = 1, 80 NOT_ALLOWED = 2, 81 OWNER_PRIMARY_ONLY = 3, 82 }; 83 84 // Easy unlock icon choices. 85 enum class EasyUnlockIconId { 86 // No icon shown. 87 NONE, 88 // The user has clicked the easy unlock icon and disabled easy unlock for this 89 // login/lock session. 90 HARDLOCKED, 91 // Phone could not be found. 92 LOCKED, 93 // Phone found, but it is not unlocked. 94 LOCKED_TO_BE_ACTIVATED, 95 // Phone found, but it is too far away. 96 LOCKED_WITH_PROXIMITY_HINT, 97 // Phone found and unlocked. The user can click to dismiss the login/lock 98 // screen. 99 UNLOCKED, 100 // Scanning for phone. 101 SPINNER, 102 }; 103 104 // The status of fingerprint availability. 105 enum class FingerprintState { 106 // The user cannot use fingerprint. This may be because: 107 // - they are not the primary user 108 // - they never registered fingerprint 109 // - the device does not have a fingerprint sensor 110 UNAVAILABLE, 111 // Fingerprint can be used to unlock the device. 112 AVAILABLE_DEFAULT, 113 // Fingerprint can be used to unlock the device but the user touched the 114 // fingerprint icon instead of the fingerprint sensor. A warning message 115 // should be displayed for 3 seconds before getting back to AVAILABLE_DEFAULT 116 // state. 117 AVAILABLE_WITH_TOUCH_SENSOR_WARNING, 118 // There have been too many attempts, so now fingerprint is disabled. 119 DISABLED_FROM_ATTEMPTS, 120 // It has been too long since the device was last used. 121 DISABLED_FROM_TIMEOUT, 122 kMaxValue = DISABLED_FROM_TIMEOUT, 123 }; 124 125 // Information about the custom icon in the user pod. 126 struct ASH_PUBLIC_EXPORT EasyUnlockIconOptions { 127 EasyUnlockIconOptions(); 128 EasyUnlockIconOptions(const EasyUnlockIconOptions& other); 129 EasyUnlockIconOptions(EasyUnlockIconOptions&& other); 130 ~EasyUnlockIconOptions(); 131 132 EasyUnlockIconOptions& operator=(const EasyUnlockIconOptions& other); 133 EasyUnlockIconOptions& operator=(EasyUnlockIconOptions&& other); 134 135 // Icon that should be displayed. 136 EasyUnlockIconId icon = EasyUnlockIconId::NONE; 137 // Tooltip that is associated with the icon. This is shown automatically if 138 // |autoshow_tooltip| is true. The user can always see the tooltip if they 139 // hover over the icon. The tooltip should be used for the accessibility label 140 // if it is present. 141 base::string16 tooltip; 142 // If true, the tooltip should be displayed (even if the user is not currently 143 // hovering over the icon, ie, this makes |tooltip| act like a little like a 144 // notification). 145 bool autoshow_tooltip = false; 146 // Accessibility label. Only used if |tooltip| is empty. 147 // TODO(jdufault): Always populate and use |aria_label|, even if |tooltip| is 148 // non-empty. 149 base::string16 aria_label; 150 // If true, clicking the easy unlock icon should fire a hardlock event which 151 // will disable easy unlock. The hardlock event will request a new icon 152 // display via a separate EasyUnlockIconsOption update. See 153 // LoginScreenClient::HardlockPod. 154 bool hardlock_on_click = false; 155 }; 156 157 // Information of each input method. This is used to populate keyboard layouts 158 // for public account user. 159 struct ASH_PUBLIC_EXPORT InputMethodItem { 160 InputMethodItem(); 161 InputMethodItem(const InputMethodItem& other); 162 InputMethodItem(InputMethodItem&& other); 163 ~InputMethodItem(); 164 165 InputMethodItem& operator=(const InputMethodItem& other); 166 InputMethodItem& operator=(InputMethodItem&& other); 167 168 // An id that identifies an input method engine (e.g., "t:latn-post", 169 // "pinyin", "hangul"). 170 std::string ime_id; 171 172 // Title of the input method. 173 std::string title; 174 175 // Whether this input method is been selected. 176 bool selected = false; 177 }; 178 179 // Information of each available locale. This is used to populate language 180 // locales for public account user. 181 struct ASH_PUBLIC_EXPORT LocaleItem { 182 LocaleItem(); 183 LocaleItem(const LocaleItem& other); 184 LocaleItem(LocaleItem&& other); 185 ~LocaleItem(); 186 187 LocaleItem& operator=(const LocaleItem& other); 188 LocaleItem& operator=(LocaleItem&& other); 189 190 bool operator==(const LocaleItem& other) const; 191 192 // Language code of the locale. 193 std::string language_code; 194 195 // Title of the locale. 196 std::string title; 197 198 // Group name of the locale. 199 base::Optional<std::string> group_name; 200 }; 201 202 // Information about a public account user. 203 struct ASH_PUBLIC_EXPORT PublicAccountInfo { 204 PublicAccountInfo(); 205 PublicAccountInfo(const PublicAccountInfo& other); 206 PublicAccountInfo(PublicAccountInfo&& other); 207 ~PublicAccountInfo(); 208 209 PublicAccountInfo& operator=(const PublicAccountInfo& other); 210 PublicAccountInfo& operator=(PublicAccountInfo&& other); 211 212 // The name of the device manager displayed in the login screen UI for 213 // device-level management. May be either a domain (foo.com) or an email 214 // address (user@foo.com). 215 base::Optional<std::string> device_enterprise_manager; 216 217 // A list of available user locales. 218 std::vector<LocaleItem> available_locales; 219 220 // Default locale for this user. 221 std::string default_locale; 222 223 // Show expanded user view that contains session information/warnings and 224 // locale selection. 225 bool show_expanded_view = false; 226 227 // Show the advanced expanded user view if there are at least two recommended 228 // locales. This will be the case in multilingual environments where users 229 // are likely to want to choose among locales. 230 bool show_advanced_view = false; 231 232 // A list of available keyboard layouts. 233 std::vector<InputMethodItem> keyboard_layouts; 234 235 // Whether public account uses SAML authentication. 236 bool using_saml = false; 237 }; 238 239 // Info about a user in login/lock screen. 240 struct ASH_PUBLIC_EXPORT LoginUserInfo { 241 LoginUserInfo(); 242 LoginUserInfo(const LoginUserInfo& other); 243 LoginUserInfo(LoginUserInfo&& other); 244 ~LoginUserInfo(); 245 246 LoginUserInfo& operator=(const LoginUserInfo& other); 247 LoginUserInfo& operator=(LoginUserInfo&& other); 248 249 // User's basic information including account id, email, avatar etc. 250 UserInfo basic_user_info; 251 252 // What method the user can use to sign in. 253 // Initialized in .cc file because the mojom header is huge. 254 proximity_auth::mojom::AuthType auth_type; 255 256 // True if this user has already signed in. 257 bool is_signed_in = false; 258 259 // True if this user is the device owner. 260 bool is_device_owner = false; 261 262 // The initial fingerprint state. There are other methods (ie, 263 // LoginScreenModel::SetFingerprintState) which update the current state. 264 FingerprintState fingerprint_state = FingerprintState::UNAVAILABLE; 265 266 // True if multi-profiles sign in is allowed for this user. 267 bool is_multiprofile_allowed = false; 268 269 // Enforced policy for multi-profiles sign in. 270 MultiProfileUserBehavior multiprofile_policy = 271 MultiProfileUserBehavior::UNRESTRICTED; 272 273 // True if this user can be removed. 274 bool can_remove = false; 275 276 // Show pin pad for password for this user or not. 277 bool show_pin_pad_for_password = false; 278 279 // True if the display password button should be visible on the login/lock 280 // screen for this user. 281 bool show_display_password_button = false; 282 283 // The name of the entity that manages this user's account displayed in the 284 // login screen UI for user-level management. Will be either a domain name 285 // (foo.com) or the email address of the admin (some_user@foo.com). 286 // This is only set if the relevant user is managed. 287 base::Optional<std::string> user_account_manager; 288 289 // Contains the public account information if user type is PUBLIC_ACCOUNT. 290 base::Optional<PublicAccountInfo> public_account_info; 291 292 // True if this user chooses to use 24 hour clock in preference. 293 bool use_24hour_clock = false; 294 }; 295 296 enum class AuthDisabledReason { 297 // Auth is disabled because the device is locked by a time limit override. 298 kTimeLimitOverride, 299 300 // Auth is disabled because the user has reached their daily usage limit on 301 // the device. 302 kTimeUsageLimit, 303 304 // Auth is disabled because the device is within a locked time window. 305 kTimeWindowLimit, 306 }; 307 308 // The data needed to customize the lock screen when auth is disabled. 309 struct ASH_PUBLIC_EXPORT AuthDisabledData { 310 AuthDisabledData(); 311 AuthDisabledData(AuthDisabledReason reason, 312 const base::Time& auth_reenabled_time, 313 const base::TimeDelta& device_used_time, 314 bool disable_lock_screen_media); 315 AuthDisabledData(const AuthDisabledData& other); 316 AuthDisabledData(AuthDisabledData&& other); 317 ~AuthDisabledData(); 318 319 AuthDisabledData& operator=(const AuthDisabledData& other); 320 AuthDisabledData& operator=(AuthDisabledData&& other); 321 322 // Reason why auth is disabled. 323 AuthDisabledReason reason = AuthDisabledReason::kTimeLimitOverride; 324 325 // A future time when auth will be enabled. This value is for display purpose 326 // only, auth won't be automatically enabled when this time is reached. 327 base::Time auth_reenabled_time; 328 329 // The amount of time that the user used this device. 330 base::TimeDelta device_used_time; 331 332 // If true media will be suspended and media controls will be unavailable on 333 // lock screen. 334 bool disable_lock_screen_media = false; 335 }; 336 337 // Parameters and callbacks for a security token PIN request that is to be shown 338 // to the user. 339 struct ASH_PUBLIC_EXPORT SecurityTokenPinRequest { 340 SecurityTokenPinRequest(); 341 SecurityTokenPinRequest(SecurityTokenPinRequest&&); 342 SecurityTokenPinRequest& operator=(SecurityTokenPinRequest&&); 343 ~SecurityTokenPinRequest(); 344 345 // The user whose authentication triggered this PIN request. 346 AccountId account_id; 347 348 // Type of the code requested from the user. 349 chromeos::security_token_pin::CodeType code_type = 350 chromeos::security_token_pin::CodeType::kPin; 351 352 // Whether the UI controls that allow user to enter the value should be 353 // enabled. MUST be |false| when |attempts_left| is zero. 354 bool enable_user_input = true; 355 356 // An optional error to be displayed to the user. 357 chromeos::security_token_pin::ErrorLabel error_label = 358 chromeos::security_token_pin::ErrorLabel::kNone; 359 360 // When non-negative, the UI should indicate this number to the user; 361 // otherwise must be equal to -1. 362 int attempts_left = -1; 363 364 // Called when the user submits the input. Will not be called if the UI is 365 // closed before that happens. 366 using OnPinEntered = base::OnceCallback<void(const std::string& user_input)>; 367 OnPinEntered pin_entered_callback; 368 369 // Called when the PIN request UI gets closed. Will not be called when the 370 // browser itself requests the UI to be closed. 371 using OnUiClosed = base::OnceClosure; 372 OnUiClosed pin_ui_closed_callback; 373 }; 374 375 } // namespace ash 376 377 #endif // ASH_PUBLIC_CPP_LOGIN_TYPES_H_ 378