1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
// Copyright 2016 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Use the <code>chrome.quickUnlockPrivate</code> API to change whether the
// lock screen is enabled and which modes are allowed (active) for unlocking a
// Chrome OS device from the lock screen. The API is also used to set quick
// unlock credentials.
// Note: The API is named 'quickUnlock' for historical reasons but it should be
// used for all lock screen settings.
// Note: This API can not be used to actually unlock the device.
[platforms=("chromeos")]
namespace quickUnlockPrivate {
dictionary TokenInfo {
// The authentication token that can be passed to $(ref:setModes) calls.
DOMString token;
// The number of seconds until the token expires. The UI should refresh the
// token before it expires.
long lifetimeSeconds;
};
// TODO(jdufault): Add more quick unlock modes, such as a pattern unlock.
enum QuickUnlockMode {
PIN
};
// The problems a given PIN might have.
enum CredentialProblem {
TOO_SHORT,
TOO_LONG,
TOO_WEAK,
CONTAINS_NONDIGIT
};
dictionary CredentialCheck {
// The given PINs errors. Users cannot proceed with an error.
CredentialProblem[] errors;
// THe given PINs warnings. Users can, but are not advised to proceed with
// a warning.
CredentialProblem[] warnings;
};
dictionary CredentialRequirements {
// The minimum allowed length for a PIN.
long minLength;
// The maximum allowed length for a PIN. A value of 0 indicates no maximum
// length.
long maxLength;
};
callback VoidResultCallback = void ();
callback BooleanResultCallback = void (boolean value);
callback TokenResultCallback = void (TokenInfo result);
callback ModesCallback = void (QuickUnlockMode[] modes);
callback CredentialCheckCallback = void (CredentialCheck check);
callback CredentialRequirementsCallback =
void (CredentialRequirements requirements);
interface Functions {
// Returns a token that can be used for future operations and the number
// of seconds until the token expires.
// |accountPassword|: The account password for the logged in user.
static void getAuthToken(
DOMString accountPassword,
TokenResultCallback onComplete);
// Sets the lock screen enabled state. NOTE: The lock enabled state is
// reflected in the settings.enable_screen_lock pref, which can be read
// but not written using the settings_private API (which also provides
// policy information). This API must be used to change the pref.
// |token|: The token returned by $(ref:getAuthToken).
// |enabled|: Whether to enable the lock screen.
[platforms=("chromeos")] static void setLockScreenEnabled(
DOMString token,
boolean enabled,
optional VoidResultCallback onComplete);
// Sets the PIN auto submit enabled state. NOTE: The PIN autosubmit state is
// reflected in the pin_unlock_autosubmit_enabled pref, which can be read
// but not written using the settings_private API (which also provides
// policy information). This API must be used to change the pref.
// |token|: The authentication token.
// |pin|: The PIN of the logged in user.
// |enabled|: Whether to enable PIN auto submit.
// |onComplete|: Called with true if the quick unlock state was updated,
// false otherwise. The update is treated as a single atomic operation.
[platforms=("chromeos")]
static void setPinAutosubmitEnabled(
DOMString token,
DOMString pin,
boolean enabled,
BooleanResultCallback onComplete);
// Tests wether it is currently possible to authenticate using PIN.
[platforms=("chromeos")] static void canAuthenticatePin(
BooleanResultCallback onComplete);
// Returns the set of quick unlock modes that are available for the user to
// use. Some quick unlock modes may be disabled by policy.
[platforms=("chromeos")] static void getAvailableModes(
ModesCallback onComplete);
// Returns the quick unlock modes that are currently enabled and usable on
// the lock screen.
[platforms=("chromeos")]
static void getActiveModes(ModesCallback onComplete);
// Checks if the given credential can be used for the given unlock mode.
// Enterprise policy can change credential requirements.
// |mode|: The quick unlock mode that is used.
// |credential|: The given credential.
// |onComplete|: Called with a list of warnings and errors the given
// |credential| has (or an empty list if there are none).
[platforms=("chromeos")] static void checkCredential(
QuickUnlockMode mode,
DOMString credential,
CredentialCheckCallback onComplete);
// Gets the credential requirements for the given unlock mode.
// |mode|: The quick unlock mode that is used.
// |onComplete|: Called with the credential requirements of the given
// |mode|.
[platforms=("chromeos")]
static void getCredentialRequirements(
QuickUnlockMode mode,
CredentialRequirementsCallback onComplete);
// Update the set of quick unlock modes that are currently active/enabled.
// |token|: The token returned by $(ref:getAuthToken).
// |modes|: The quick unlock modes that should be active.
// |credentials|: The associated credential for each mode. To keep the
// credential the same for the associated mode, pass an empty string.
// |onComplete|: Called with true if the quick unlock state was updated,
// false otherwise. The update is treated as a single atomic operation.
[platforms=("chromeos")]
static void setModes(
DOMString token,
QuickUnlockMode[] modes,
DOMString[] credentials,
VoidResultCallback onComplete);
};
interface Events {
// Called after the active set of quick unlock modes has changed.
// |activeModes|: The set of quick unlock modes which are now active.
static void onActiveModesChanged(QuickUnlockMode[] activeModes);
};
};
|
