Bug 1623861: Allow for OS authentication to succeed when no passcode is set. r=mstange

Differential Revision: https://phabricator.services.mozilla.com/D68670

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Stephen A Pohl 2020-03-31 00:27:17 +00:00
Родитель cd6049bac5
Коммит f7d86b1d6b
1 изменённых файлов: 8 добавлений и 3 удалений

Просмотреть файл

@ -13,6 +13,8 @@ using namespace mozilla;
#include <CoreFoundation/CoreFoundation.h>
#include <LocalAuthentication/LocalAuthentication.h>
static const int32_t kPasswordNotSetErrorCode = -1000;
nsresult ReauthenticateUserMacOS(const nsAString& aPrompt,
/* out */ bool& aReauthenticated) {
// The idea here is that we ask to be authorized to unlock the user's session.
@ -24,7 +26,7 @@ nsresult ReauthenticateUserMacOS(const nsAString& aPrompt,
dispatch_semaphore_t sema = dispatch_semaphore_create(0);
__block BOOL biometricSuccess; // mark variable r/w across the block
__block BOOL biometricSuccess = NO; // mark variable r/w across the block
// Note: This is an async callback in an already-async Promise chain.
[context evaluatePolicy:LAPolicyDeviceOwnerAuthentication
@ -34,8 +36,11 @@ nsresult ReauthenticateUserMacOS(const nsAString& aPrompt,
// error is not particularly useful in this context, and we have no
// mechanism to really return it. We could use it to set the nsresult,
// but this is a best-effort mechanism and there's no particular case for
// propagating up XPCOM.
biometricSuccess = success;
// propagating up XPCOM. The one exception being a user account that
// has no passcode set, which we handle below.
if (success || [error code] == kPasswordNotSetErrorCode) {
biometricSuccess = YES;
}
dispatch_semaphore_signal(sema);
});
}];