1 // Copyright 2018 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef DEVICE_FIDO_MAC_AUTHENTICATOR_H_
6 #define DEVICE_FIDO_MAC_AUTHENTICATOR_H_
7 
8 #include <memory>
9 #include <string>
10 
11 #include "base/component_export.h"
12 #include "base/macros.h"
13 #include "base/memory/weak_ptr.h"
14 #include "base/strings/string16.h"
15 #include "base/strings/string_piece_forward.h"
16 #include "device/fido/fido_authenticator.h"
17 #include "device/fido/fido_transport_protocol.h"
18 #include "device/fido/mac/credential_store.h"
19 #include "device/fido/mac/operation.h"
20 
21 namespace device {
22 namespace fido {
23 namespace mac {
24 
25 struct AuthenticatorConfig;
26 
COMPONENT_EXPORT(DEVICE_FIDO)27 class COMPONENT_EXPORT(DEVICE_FIDO) TouchIdAuthenticator
28     : public FidoAuthenticator {
29  public:
30   // IsAvailable returns true iff Touch ID is available and
31   // enrolled on the current device and the current binary carries
32   // a keychain-access-groups entitlement that matches the one set
33   // in |config|.
34   //
35   // Note that this may differ from the result of
36   // AuthenticatorImpl::IsUserVerifyingPlatformAuthenticatorAvailable(),
37   // which also checks whether the embedder supports this
38   // authenticator, and if the request occurs from an
39   // off-the-record/incognito context.
40   static bool IsAvailable(const AuthenticatorConfig& config);
41 
42   // CreateIfAvailable returns a TouchIdAuthenticator. Callers must check
43   // IsAvailable() first.
44   static std::unique_ptr<TouchIdAuthenticator> Create(
45       AuthenticatorConfig config);
46 
47   ~TouchIdAuthenticator() override;
48 
49   bool HasCredentialForGetAssertionRequest(
50       const CtapGetAssertionRequest& request);
51 
52   // FidoAuthenticator
53   void InitializeAuthenticator(base::OnceClosure callback) override;
54   void MakeCredential(CtapMakeCredentialRequest request,
55                       MakeCredentialCallback callback) override;
56   void GetAssertion(CtapGetAssertionRequest request,
57                     GetAssertionCallback callback) override;
58   void GetNextAssertion(GetAssertionCallback callback) override;
59   void Cancel() override;
60   std::string GetId() const override;
61   base::string16 GetDisplayName() const override;
62   const base::Optional<AuthenticatorSupportedOptions>& Options() const override;
63   base::Optional<FidoTransportProtocol> AuthenticatorTransport() const override;
64   bool IsInPairingMode() const override;
65   bool IsPaired() const override;
66   bool RequiresBlePairingPin() const override;
67   bool IsTouchIdAuthenticator() const override;
68   void GetTouch(base::OnceClosure callback) override;
69   base::WeakPtr<FidoAuthenticator> GetWeakPtr() override;
70 
71  private:
72   TouchIdAuthenticator(std::string keychain_access_group,
73                        std::string metadata_secret);
74 
75   TouchIdCredentialStore credential_store_;
76 
77   std::unique_ptr<Operation> operation_;
78 
79   base::WeakPtrFactory<TouchIdAuthenticator> weak_factory_;
80 
81  private:
82   DISALLOW_COPY_AND_ASSIGN(TouchIdAuthenticator);
83 };
84 
85 }  // namespace mac
86 }  // namespace fido
87 }  // namespace device
88 
89 #endif  // DEVICE_FIDO_MAC_AUTHENTICATOR_H_
90