Allow SAML logins to use the webcam |
||||||||
Issue descriptionWhen a GAIA account (such as adfs-test1@crosdev2.biz) is configured to use SAML authentication, the Chrome OS login screen will redirect to the customer's third-party site after entering the username. Most current implementations ask for a company's Active Directory credentials or something similar. But there is another use case we'd like to cover for EDU: login via QR codes. In this setup, users will hold a badge with a QR code up to the webcam instead of having to memorize a login/password. This is expected to be a popular option in elementary schools. We would like to allow enterprise/EDU customers to optionally enable webcam support on the SAML login page through CPanel. By default it will remain disabled.
,
Apr 28 2016
Regarding the use of QR codes for login - what will prevent someone from making a photocopy of someone else's badge? Will a password still be required?
,
Apr 28 2016
That's entirely up to IdPs (e.g. clever.com/badges). This change will simply give a policy to admins to allow video capture for a certain set of domains in the SAML flow.
,
May 2 2016
,
May 3 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/cfcb9306e198a4e56facc865a60f45ce6d28f1aa commit cfcb9306e198a4e56facc865a60f45ce6d28f1aa Author: cernekee <cernekee@chromium.org> Date: Tue May 03 23:19:26 2016 Allow SAML logins to use the webcam Add a new opt-in policy, LoginVideoCaptureAllowedUrls, that works in a similar way to the existing VideoCaptureAllowedUrls policy. SAML login pages listed in the whitelist will be allowed to access the webcam (no audio). If the policy is unset or the list is empty, all SAML login pages will be denied webcam access. BUG= 606979 TEST=whitelist https://clever.com via YAPS and verify with mo@clever.academy login Review-Url: https://codereview.chromium.org/1936903002 Cr-Commit-Position: refs/heads/master@{#391390} [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chrome/browser/chromeos/login/ui/webui_login_view.cc [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chrome/browser/chromeos/policy/device_policy_decoder_chromeos.cc [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chrome/browser/chromeos/policy/proto/chrome_device_policy.proto [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chrome/browser/chromeos/settings/device_settings_provider.cc [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chrome/browser/resources/gaia_auth_host/saml_handler.js [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chrome/test/data/policy/policy_test_cases.json [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chromeos/settings/cros_settings_names.cc [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/chromeos/settings/cros_settings_names.h [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/components/policy/resources/policy_templates.json [modify] https://crrev.com/cfcb9306e198a4e56facc865a60f45ce6d28f1aa/tools/metrics/histograms/histograms.xml
,
May 4 2016
,
May 6 2016
Please provide automated unit and integration tests.
,
May 17 2016
Two additional requirements from legal were 1. Proper UI attribution for video flow <https://codereview.chromium.org/1966853002/> 2. Timeout to reset login flow <https://codereview.chromium.org/1983433002> To ensure we don't complicate the implementation too much, we are fine with the timeout applying to all SAML flows (video and non-video) and setting it at three minutes.
,
May 18 2016
When testing video capturing during SAML login on a real device (Toshiba), I noticed that the camera LED is still on after canceling the login. It only turns off when a new login process is initiated (before the video-requesting IdP page is reached). However, it may be a local problem with my device (as, in fact, I don't see the video capture at the Clever.com's page). Does anybody else see the same behavior?
,
May 18 2016
Re 9 - I reproduced the same on Pixel. Looks like the SAML webview still works in the background even after the SAML flow is canceled.
,
May 18 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a965a46038909b25ed0d7b14590c8d97df36f780 commit a965a46038909b25ed0d7b14590c8d97df36f780 Author: cernekee <cernekee@chromium.org> Date: Wed May 18 20:03:11 2016 Add indication of camera use on SAML webcam logins SAML logins on Chrome OS currently display a banner showing the "authDomain" of the sign-in service. If the sign-in service tries to enable the user's webcam, change this banner to warn the user by adding "is using your camera" verbiage and a red "recording" dot. BUG= 606979 TEST=manual CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:closure_compilation Review-Url: https://codereview.chromium.org/1966853002 Cr-Commit-Position: refs/heads/master@{#394519} [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/app/chromeos_strings.grdp [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/app/theme/theme_resources.grd [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/browser/resources/chromeos/login/screen_gaia_signin.css [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/browser/resources/chromeos/login/screen_gaia_signin.html [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/browser/resources/chromeos/login/screen_gaia_signin.js [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/browser/resources/gaia_auth_host/authenticator.js [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/browser/resources/gaia_auth_host/saml_handler.js [modify] https://crrev.com/a965a46038909b25ed0d7b14590c8d97df36f780/chrome/browser/ui/webui/chromeos/login/signin_screen_handler.cc
,
May 18 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/75619fb6b1c62cfce2ac70a0dab6c0e5ddbd1049 commit 75619fb6b1c62cfce2ac70a0dab6c0e5ddbd1049 Author: cernekee <cernekee@chromium.org> Date: Wed May 18 22:14:03 2016 Add timeout for SAML webcam logins In order to avoid leaving the camera on for extended periods of time, ensure that SAML webcam logins time out after one minute. This has the same effect as clicking the "X" button. BUG= 606979 TEST=manual CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:closure_compilation Review-Url: https://codereview.chromium.org/1983433002 Cr-Commit-Position: refs/heads/master@{#394571} [modify] https://crrev.com/75619fb6b1c62cfce2ac70a0dab6c0e5ddbd1049/chrome/browser/resources/chromeos/login/screen_gaia_signin.js
,
May 18 2016
> Looks like the SAML webview still works in the background even after the SAML flow is canceled. Same issue here on a Pixel 1 (link). Should we just destroy the webview when the user cancels out? I did notice that when the flow is restarted, the camera LED turns off. In my testing I'm using a device that already has an owner set, and I'm clicking "Add person" to exercise the SAML flow.
,
May 18 2016
And after powerwashing, I see that the camera is deactivated immediately upon canceling the SAML camera login and returning to the "Sign in to your Chromebook" dialog.
,
May 19 2016
I think this only happens when pods exist on the login screen. So the cancel button is clicked, the webview is simply hidden but not transitioned back to accounts.google.com. When you click "Add Person" again, the webview URL is changed so the camera action is gone. This is a bug we need to fix. The camera capture can effectively stay in the background in the even that the X sends the user back to the pods. When the flow is cancelled, the webview URL needs to be changed back to whatever it was.
,
May 19 2016
M52 Branch is today. Is this work done?
,
May 19 2016
Marking this bug as fixed. Re comments 9-10, 13-15: the fix for the bug will be tracked in a separate issue 613245 .
,
May 23 2016
,
May 27 2016
Verified on Peppy: 8350.3.0;52.0.2743.0. Will add more notes. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by dskaram@chromium.org
, Apr 27 2016