1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #include "OSReauthenticator.h"
9 #include "nsCocoaUtils.h"
11 using namespace mozilla;
13 #include <CoreFoundation/CoreFoundation.h>
14 #include <LocalAuthentication/LocalAuthentication.h>
16 nsresult ReauthenticateUserMacOS(const nsACString& aPrompt,
17 /* out */ bool& aReauthenticated) {
18 // The idea here is that we ask to be authorized to unlock the user's session.
19 // This should cause a prompt to come up for the user asking them for their
20 // password. If they correctly enter it, we'll set aReauthenticated to true.
22 LAContext* context = [[LAContext alloc] init];
23 NSString* prompt = nsCocoaUtils::ToNSString(NS_ConvertUTF8toUTF16(aPrompt));
25 dispatch_semaphore_t sema = dispatch_semaphore_create(0);
27 __block BOOL biometricSuccess; // mark variable r/w across the block
29 // Note: This is an async callback in an already-async Promise chain.
30 [context evaluatePolicy:LAPolicyDeviceOwnerAuthentication
31 localizedReason:prompt
32 reply:^(BOOL success, NSError* error) {
33 dispatch_async(dispatch_get_main_queue(), ^{
34 // error is not particularly useful in this context, and we have no
35 // mechanism to really return it. We could use it to set the nsresult,
36 // but this is a best-effort mechanism and there's no particular case for
37 // propagating up XPCOM.
38 biometricSuccess = success;
39 dispatch_semaphore_signal(sema);
43 // What we want to do here is convert this into a blocking call, since
44 // our calling methods expect us to block and set aReauthenticated on return.
45 dispatch_semaphore_wait(sema, DISPATCH_TIME_FOREVER);
46 dispatch_release(sema);
49 aReauthenticated = biometricSuccess;