blob: 0cce34b070012903947604bd2ed42d87c0d7e09a [file] [log] [blame]
// Copyright 2020 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <string>
#include <base/timer/timer.h>
#include <base/unguessable_token.h>
#include <brillo/secure_blob.h>
namespace cryptohome {
// This enum holds the states an AuthSession could be in during the session.
enum class AuthStatus {
// kAuthStatusFurtherFactorRequired is a state where the session is waiting
// for one or more factors so that the session can continue the processes of
// authenticating a user. This is the state the AuthSession starts in by
// default.
// kAuthStatusTimedOut tells the user to restart the AuthSession because
// the session has timed out.
// TODO( Complete the implementation of AuthStatus.
// This class starts a session for the user to authenticate with their
// credentials.
class AuthSession final {
std::string username,
base::OnceCallback<void(const base::UnguessableToken&)> on_timeout);
// Returns the full unhashed user name.
std::string username() const { return username_; }
// Returns the token which is used to identify the current AuthSession.
const base::UnguessableToken& token() { return token_; }
// This function return the current status of this AuthSession.
AuthStatus GetStatus() const { return status_; }
// Static function which returns a serialized token in a vector format. The
// token is serialized into two uint64_t values which are stored in string of
// size 16 bytes. The first 8 bytes represent the high value of the serialized
// token, the next 8 represent the low value of the serialized token.
static base::Optional<std::string> GetSerializedStringFromToken(
const base::UnguessableToken& token);
// Static function which returns UnguessableToken object after deconstructing
// the string formed in GetSerializedStringFromToken.
static base::Optional<base::UnguessableToken> GetTokenFromSerializedString(
const std::string& serialized_token);
AuthSession() = delete;
// AuthSessionTimedOut is called when the session times out and cleans up
// credentials that may be in memory. |on_timeout_| is also called to remove
// this |AuthSession| reference from |UserDataAuth|.
void AuthSessionTimedOut();
std::string username_;
base::UnguessableToken token_;
AuthStatus status_ = AuthStatus::kAuthStatusFurtherFactorRequired;
base::OneShotTimer timer_;
base::OnceCallback<void(const base::UnguessableToken&)> on_timeout_;
FRIEND_TEST(AuthSessionTest, TimeoutTest);
FRIEND_TEST(UserDataAuthExTest, StartAuthSession);
} // namespace cryptohome