From eaa7217db15a28e88ce0b5a84827c306148561ca Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 10:57:02 -0400 Subject: [PATCH 1/3] smartcardManager: add way to detect if user logged using (any) token If a user uses a token at login time, we need to make sure they continue to use the token at unlock time. As a prerequisite for addressing that problem we need to know up front if a user logged in with a token at all. This commit adds the necessary api to detect that case. --- js/misc/smartcardManager.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/js/misc/smartcardManager.js b/js/misc/smartcardManager.js index 32573cd384..6c48c80a19 100644 --- a/js/misc/smartcardManager.js +++ b/js/misc/smartcardManager.js @@ -118,4 +118,11 @@ class SmartcardManager extends Signals.EventEmitter { return true; } + + loggedInWithToken() { + if (this._loginToken) + return true; + + return false; + } } -- 2.45.2 From d7ef26d7b9d352232c9e0a24a04bcfcf6eee7d9a Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 19:56:53 -0400 Subject: [PATCH 2/3] gdm: only unlock with smartcard, if smartcard used for login If a smartcard is used for login, we need to make sure the smartcard gets used for unlock, too. --- js/gdm/util.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/js/gdm/util.js b/js/gdm/util.js index c9c040beb7..c0d8852880 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js @@ -465,6 +465,8 @@ export class ShellUserVerifier extends Signals.EventEmitter { this.smartcardDetected = false; this._checkForSmartcard(); + this._updateDefaultService(); + this._smartcardManager.connectObject( 'smartcard-inserted', () => this._checkForSmartcard(), 'smartcard-removed', () => this._checkForSmartcard(), this); @@ -643,7 +645,9 @@ export class ShellUserVerifier extends Signals.EventEmitter { } _getDetectedDefaultService() { - if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY)) + if (this._smartcardManager?.loggedInWithToken()) + return SMARTCARD_SERVICE_NAME; + else if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY)) return PASSWORD_SERVICE_NAME; else if (this._smartcardManager) return SMARTCARD_SERVICE_NAME; -- 2.45.2 From 9bff98c2757e4591035e408aa9cee703cec74bdf Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mon, 28 Sep 2015 19:57:36 -0400 Subject: [PATCH 3/3] gdm: update default service when smartcard inserted Early on at start up we may not know if a smartcard is available. Make sure we reupdate the default service after we get a smartcard insertion event. --- js/gdm/util.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/js/gdm/util.js b/js/gdm/util.js index c0d8852880..430af4d8ef 100644 --- a/js/gdm/util.js +++ b/js/gdm/util.js @@ -490,6 +490,8 @@ export class ShellUserVerifier extends Signals.EventEmitter { else if (this._preemptingService === SMARTCARD_SERVICE_NAME) this._preemptingService = null; + this._updateDefaultService(); + this.emit('smartcard-status-changed'); } } -- 2.45.2