ash: Add API to check in-session auth availability

This enables websites/apps to decide whether to send a user-verification
request without actually starting a dialog.

BUG: b/144861739
Change-Id: Iaa5044aac25229e9a55f3e4b0f67236ffae941a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2528635
Commit-Queue: Yicheng Li <yichengli@chromium.org>
Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#828517}

ash/dbus/user_authentication_service_provider.cc

@@ -29,6 +29,7 @@ void UserAuthenticationServiceProvider::Start(
                           weak_ptr_factory_.GetWeakPtr()),
       base::BindOnce(&UserAuthenticationServiceProvider::OnExported,
                      weak_ptr_factory_.GetWeakPtr()));
+
   exported_object->ExportMethod(
       chromeos::kUserAuthenticationServiceInterface,
       chromeos::kUserAuthenticationServiceCancelMethod,
@@ -36,6 +37,15 @@ void UserAuthenticationServiceProvider::Start(
                           weak_ptr_factory_.GetWeakPtr()),
       base::BindOnce(&UserAuthenticationServiceProvider::OnExported,
                      weak_ptr_factory_.GetWeakPtr()));
+
+  exported_object->ExportMethod(
+      chromeos::kUserAuthenticationServiceInterface,
+      chromeos::kUserAuthenticationServiceIsAuthenticatorAvailableMethod,
+      base::BindRepeating(
+          &UserAuthenticationServiceProvider::IsAuthenticatorAvailable,
+          weak_ptr_factory_.GetWeakPtr()),
+      base::BindOnce(&UserAuthenticationServiceProvider::OnExported,
+                     weak_ptr_factory_.GetWeakPtr()));
 }
 
 void UserAuthenticationServiceProvider::OnExported(
@@ -109,4 +119,24 @@ void UserAuthenticationServiceProvider::Cancel(
   std::move(response_sender).Run(std::move(response));
 }
 
+void UserAuthenticationServiceProvider::IsAuthenticatorAvailable(
+    dbus::MethodCall* method_call,
+    dbus::ExportedObject::ResponseSender response_sender) {
+  auto* auth_dialog_controller = InSessionAuthDialogController::Get();
+  auth_dialog_controller->CheckAvailability(base::BindOnce(
+      &UserAuthenticationServiceProvider::OnAvailabilityChecked,
+      weak_ptr_factory_.GetWeakPtr(), method_call, std::move(response_sender)));
+}
+
+void UserAuthenticationServiceProvider::OnAvailabilityChecked(
+    dbus::MethodCall* method_call,
+    dbus::ExportedObject::ResponseSender response_sender,
+    bool available) {
+  std::unique_ptr<dbus::Response> response =
+      dbus::Response::FromMethodCall(method_call);
+  dbus::MessageWriter writer(response.get());
+  writer.AppendBool(available);
+  std::move(response_sender).Run(std::move(response));
+}
+
 }  // namespace ash

ash/dbus/user_authentication_service_provider.h

@@ -51,6 +51,17 @@ class UserAuthenticationServiceProvider
   void Cancel(dbus::MethodCall* method_call,
               dbus::ExportedObject::ResponseSender response_sender);
 
+  // Called on UI thread in response to D-Bus requests.
+  void IsAuthenticatorAvailable(
+      dbus::MethodCall* method_call,
+      dbus::ExportedObject::ResponseSender response_sender);
+
+  // Called when authenticator availability is checked.
+  void OnAvailabilityChecked(
+      dbus::MethodCall* method_call,
+      dbus::ExportedObject::ResponseSender response_sender,
+      bool available);
+
   // Keep this last so that all weak pointers will be invalidated at the
   // beginning of destruction.
   base::WeakPtrFactory<UserAuthenticationServiceProvider> weak_ptr_factory_{

ash/in_session_auth/in_session_auth_dialog_controller_impl.cc

@@ -196,4 +196,19 @@ void InSessionAuthDialogControllerImpl::OpenInSessionAuthHelpPage() {
   client_->OpenInSessionAuthHelpPage();
 }
 
+void InSessionAuthDialogControllerImpl::CheckAvailability(
+    FinishCallback on_availability_checked) const {
+  // Assumes the requests are for the active user (no teleported window).
+  AccountId account_id =
+      Shell::Get()->session_controller()->GetActiveAccountId();
+
+  if (client_->IsFingerprintAuthAvailable(account_id)) {
+    std::move(on_availability_checked).Run(true);
+    return;
+  }
+
+  client_->CheckPinAuthAvailability(account_id,
+                                    std::move(on_availability_checked));
+}
+
 }  // namespace ash

ash/in_session_auth/in_session_auth_dialog_controller_impl.h

@@ -47,6 +47,7 @@ class InSessionAuthDialogControllerImpl : public InSessionAuthDialogController {
       base::OnceCallback<void(bool, FingerprintState)> callback) override;
   void OpenInSessionAuthHelpPage() override;
   void Cancel() override;
+  void CheckAvailability(FinishCallback on_availability_checked) const override;
 
  private:
   bool IsFingerprintAvailable(const AccountId& account_id);

ash/public/cpp/in_session_auth_dialog_controller.h

@@ -56,6 +56,10 @@ class ASH_PUBLIC_EXPORT InSessionAuthDialogController {
   // Cancels all operations and destroys the dialog.
   virtual void Cancel() = 0;
 
+  // Checks whether there's at least one authentication method.
+  virtual void CheckAvailability(
+      FinishCallback on_availability_checked) const = 0;
+
  protected:
   InSessionAuthDialogController();
   virtual ~InSessionAuthDialogController();

chrome/browser/ui/ash/in_session_auth_dialog_client_unittest.cc

@@ -51,6 +51,8 @@ class FakeInSessionAuthDialogController
   }
   void OpenInSessionAuthHelpPage() override {}
   void Cancel() override {}
+  void CheckAvailability(
+      FinishCallback on_availability_checked) const override {}
 };
 
 class InSessionAuthDialogClientTest : public testing::Test {