CrOS - Login Screen - Accept numeric passwords

The login screen in ChromeOS currently only performs one authentication attempt. Either against the user's PIN or password depending on a flag passed by the UI. When the combined 'PIN or password' input field is used, any input consisting of only digits is treated as a PIN. If the user's password is composed of only digits (The minimum is 8 digits.), trying to use the password on the login screen fails. This issue does not exist on the lock screen, where two authentication attempts are made when the input is composed of only digits. It first tries to authenticate against the PIN, and, in case of failure, it tries again against the password. Since the introduction of PIN 'automatic unlock' / 'auto submit', the default UI has been separated into dedicated PIN and password fields with a button to toggle between both. This CL fixes an issue that caused the input from the dedicated password field to be treated as a PIN instead of a password. It also improves tests on LoginAuthUserView. Note that the issue still exists for the combined 'PIN or password' field and it should be addressed in the near future. Bug: 1122939 Change-Id: I719c441d023e9b2c37b901d101e4939732061a8b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2512916Reviewed-by: Thomas Tellier <tellier@google.com> Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org> Commit-Queue: Renato Silva <rrsilva@google.com> Cr-Commit-Position: refs/heads/master@{#846085}

CrOS - Login Screen - Accept numeric passwords
The login screen in ChromeOS currently only performs one authentication attempt. Either against the user's PIN or password depending on a flag passed by the UI. When the combined 'PIN or password' input field is used, any input consisting of only digits is treated as a PIN. If the user's password is composed of only digits (The minimum is 8 digits.), trying to use the password on the login screen fails. This issue does not exist on the lock screen, where two authentication attempts are made when the input is composed of only digits. It first tries to authenticate against the PIN, and, in case of failure, it tries again against the password. Since the introduction of PIN 'automatic unlock' / 'auto submit', the default UI has been separated into dedicated PIN and password fields with a button to toggle between both. This CL fixes an issue that caused the input from the dedicated password field to be treated as a PIN instead of a password. It also improves tests on LoginAuthUserView. Note that the issue still exists for the combined 'PIN or password' field and it should be addressed in the near future. Bug: 1122939 Change-Id: I719c441d023e9b2c37b901d101e4939732061a8b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2512916Reviewed-by: Thomas Tellier <tellier@google.com> Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org> Commit-Queue: Renato Silva <rrsilva@google.com> Cr-Commit-Position: refs/heads/master@{#846085}
dee00e24 · Renato Silva · Chromium LUCI CQ · 1f0f8510 · dee00e24 · dee00e24
Commit dee00e24 authored Jan 22, 2021 by Renato Silva Committed by Chromium LUCI CQ Jan 22, 2021
3 changed files
--- a/ash/login/ui/login_auth_user_view.cc
+++ b/ash/login/ui/login_auth_user_view.cc
@@ -1530,7 +1530,7 @@ void LoginAuthUserView::OnAuthSubmit(const base::string16& password) {
  Shell::Get()->login_screen_controller()->AuthenticateUserWithPasswordOrPin(
      current_user().basic_user_info.account_id, base::UTF16ToUTF8(password),
-      HasAuthMethod(AUTH_PIN),
+      ShouldAuthenticateWithPin(),
      base::BindOnce(&LoginAuthUserView::OnAuthComplete,
                     weak_factory_.GetWeakPtr()));
 }
@@ -1623,6 +1623,11 @@ bool LoginAuthUserView::HasAuthMethod(AuthMethods auth_method) const {
  return (auth_methods_ & auth_method) != 0;
 }
+bool LoginAuthUserView::ShouldAuthenticateWithPin() const {
+  return input_field_mode_ == InputFieldMode::PIN_AND_PASSWORD ||
+         input_field_mode_ == InputFieldMode::PIN_WITH_TOGGLE;
+}
 void LoginAuthUserView::AttemptAuthenticateWithChallengeResponse() {
  challenge_response_view_->SetState(
      ChallengeResponseView::State::kAuthenticating);

--- a/ash/login/ui/login_auth_user_view.h
+++ b/ash/login/ui/login_auth_user_view.h
@@ -216,6 +216,9 @@ class ASH_EXPORT LoginAuthUserView : public NonAccessibleView {
  // bool has_tap = HasAuthMethod(AUTH_TAP).
  bool HasAuthMethod(AuthMethods auth_method) const;
+  // Whether the authentication attempt should use the user's PIN.
+  bool ShouldAuthenticateWithPin() const;
  // TODO(crbug/899812): remove this and pass a handler in via the Callbacks
  // struct instead.
  void AttemptAuthenticateWithExternalBinary();

--- a/ash/login/ui/login_auth_user_view_unittest.cc
+++ b/ash/login/ui/login_auth_user_view_unittest.cc