New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 884056 link

Starred by 0 users

Issue metadata

Status: Fixed
Owner:
Closed: Sep 21
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Feature

Blocking:
issue 870128
issue 884065


Participants' hotlists:
Better-Together-Launch-Blockers


Sign in to add a comment

Add Mojo API for setting host without auth token

Project Member Reported by khorimoto@chromium.org, Sep 14

Issue description

In the current setup flow which runs post-OOBE, the user is prompted for their password before being allowed to set a multi-device host. When the password is entered successfully, an auth token is fetched and is passed to the SetHostDevice() API function at [1].

In OOBE mode, the user has *just* entered their password, so there is no need to prompt the user a second time. However, since the API function requires that a valid auth token be passed, the function is not applicable for this case.

Thus, we must create a new Mojo function for this specific purpose; the function would only need one parameter (the device ID) and would not take an auth token as a parameter.

Unfortunately, the new function cannot simply be added to the same interface because the existing flow would still have access to that interface. This means that, if this API function were added to the same interface, a malicious user could bypass our security checks by opening the DevTools for the post-OOBE flow and using the JS console to call this new API function without having to pass a token at all.

Thus, a new interface must be created, and that interface should only be exposed to the OOBE version.

I've chatted with dcheng@ (security reviewer) about this change, and he agrees it is the correct approach.

[1] https://cs.chromium.org/chromium/src/chromeos/services/multidevice_setup/public/mojom/multidevice_setup.mojom?l=148
 
Blocking: 884065
Status: Started (was: Assigned)
Components: -UI>ProximityAuth UI>Multidevice
Project Member

Comment 4 by bugdroid1@chromium.org, Sep 21

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ba2cdbfe7f6709badd03df975a658077eb105d63

commit ba2cdbfe7f6709badd03df975a658077eb105d63
Author: Kyle Horimoto <khorimoto@google.com>
Date: Fri Sep 21 22:08:28 2018

[CrOS MultiDevice] Add ability to set host device without auth token.

Previously, the multi-device setup flow ran in a normal user session;
when the user wanted to set up a device, the user would be prompted to
enter a password before continuing. When the password is entered
successfully, an auth token is fetched and is passed to the
SetHostDevice() API function.

Now, we are adding support for the setup flow as part of OOBE. In OOBE
mode, the user has just entered a password in order to sign in, so there
is no need to prompt the user a second time. However, since the API
function requires that a valid auth token be passed, it is not
applicable for this case.

This CL creates a new Mojo interface which exposes a function to set a
host device without the need for an auth token. The interface is
designed to be used only be OOBE.

Bug:  884056 
Change-Id: Ice02f1d38ed722a97497d5be8b6f603455f8461a
Reviewed-on: https://chromium-review.googlesource.com/1235305
Commit-Queue: Kyle Horimoto <khorimoto@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#593349}
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chrome/browser/chrome_content_browser_manifest_overlay.json
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/BUILD.gn
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/manifest.json
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_base.h
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_impl.cc
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_impl.h
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_impl_unittest.cc
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_initializer.cc
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_initializer.h
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_service.cc
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_service.h
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/multidevice_setup_service_unittest.cc
[add] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/privileged_host_device_setter_base.cc
[add] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/privileged_host_device_setter_base.h
[add] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/privileged_host_device_setter_impl.cc
[add] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/privileged_host_device_setter_impl.h
[add] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/privileged_host_device_setter_impl_unittest.cc
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/public/cpp/BUILD.gn
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/public/cpp/fake_multidevice_setup.cc
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/public/cpp/fake_multidevice_setup.h
[add] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/public/cpp/fake_privileged_host_device_setter.cc
[add] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/public/cpp/fake_privileged_host_device_setter.h
[modify] https://crrev.com/ba2cdbfe7f6709badd03df975a658077eb105d63/chromeos/services/multidevice_setup/public/mojom/multidevice_setup.mojom

Status: Fixed (was: Started)

Sign in to add a comment