1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
content / public / browser / federated_identity_auto_reauthn_permission_context_delegate.h [blame]
// Copyright 2023 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_PUBLIC_BROWSER_FEDERATED_IDENTITY_AUTO_REAUTHN_PERMISSION_CONTEXT_DELEGATE_H_
#define CONTENT_PUBLIC_BROWSER_FEDERATED_IDENTITY_AUTO_REAUTHN_PERMISSION_CONTEXT_DELEGATE_H_
#include "base/time/time.h"
#include "content/common/content_export.h"
namespace url {
class Origin;
}
namespace content {
// Delegate interface for the FedCM implementation to query whether the FedCM
// API's auto re-authn is enabled in Site Settings.
class CONTENT_EXPORT FederatedIdentityAutoReauthnPermissionContextDelegate {
public:
FederatedIdentityAutoReauthnPermissionContextDelegate() = default;
virtual ~FederatedIdentityAutoReauthnPermissionContextDelegate() = default;
// Returns whether the FedCM API's auto re-authn is unblocked based on content
// settings. A caller should also use `IsAutoReauthnEmbargoed()` to determine
// whether auto re-authn is allowed or not.
virtual bool IsAutoReauthnSettingEnabled() = 0;
// Returns whether the FedCM API's auto re-authn feature is embargoed for the
// passed-in |relying_party_embedder|. A caller should also use
// `IsAutoReauthnSettingEnabled()` to determine whether auto re-authn is
// allowed or not.
virtual bool IsAutoReauthnEmbargoed(
const url::Origin& relying_party_embedder) = 0;
// Returns the most recent recorded time an auto-reauthn embargo was started
// with the given |relying_party_embedder|. Returns base::Time() if no record
// is found.
virtual base::Time GetAutoReauthnEmbargoStartTime(
const url::Origin& relying_party_embedder) = 0;
// Records that an auto re-authn prompt was displayed to the user and places
// the permission under embargo for the passed-in |relying_party_embedder|.
virtual void RecordEmbargoForAutoReauthn(
const url::Origin& relying_party_embedder) = 0;
// Remove embargo for auto re-authn for the passed-in
// |relying_party_embedder|.
virtual void RemoveEmbargoForAutoReauthn(
const url::Origin& relying_party_embedder) = 0;
// Updates the "RequiresUserMediation" bit for the site. It's set to true when
// `navigator.credentials.preventSilentAccess` is called and set to false
// after a successful authentication flow by FedCM.
virtual void SetRequiresUserMediation(const url::Origin& rp_origin,
bool requires_user_mediation) = 0;
// Returns if the site requires user mediation for re-authentication.
virtual bool RequiresUserMediation(const url::Origin& rp_origin) = 0;
};
} // namespace content
#endif // CONTENT_PUBLIC_BROWSER_FEDERATED_IDENTITY_AUTO_REAUTHN_PERMISSION_CONTEXT_DELEGATE_H_