зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1773760 - part 3: make UserVerificationRequirement a DOMString. r=keeler,webidl,smaug
Depends on D167747 Differential Revision: https://phabricator.services.mozilla.com/D167748
This commit is contained in:
Родитель
0ac78da65a
Коммит
7e87c63940
|
@ -161,8 +161,7 @@ RefPtr<U2FRegisterPromise> AndroidWebAuthnTokenManager::Register(
|
||||||
java::sdk::Integer::ValueOf(1));
|
java::sdk::Integer::ValueOf(1));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sel.userVerificationRequirement() ==
|
if (sel.userVerificationRequirement().EqualsLiteral("required")) {
|
||||||
UserVerificationRequirement::Required) {
|
|
||||||
GECKOBUNDLE_PUT(authSelBundle, "requireUserVerification",
|
GECKOBUNDLE_PUT(authSelBundle, "requireUserVerification",
|
||||||
java::sdk::Integer::ValueOf(1));
|
java::sdk::Integer::ValueOf(1));
|
||||||
}
|
}
|
||||||
|
|
|
@ -141,11 +141,8 @@ RefPtr<U2FRegisterPromise> CTAPHIDTokenManager::Register(
|
||||||
const auto& extra = aInfo.Extra().ref();
|
const auto& extra = aInfo.Extra().ref();
|
||||||
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
||||||
|
|
||||||
UserVerificationRequirement userVerificationRequirement =
|
|
||||||
sel.userVerificationRequirement();
|
|
||||||
|
|
||||||
bool requireUserVerification =
|
bool requireUserVerification =
|
||||||
userVerificationRequirement == UserVerificationRequirement::Required;
|
sel.userVerificationRequirement().EqualsLiteral("required");
|
||||||
|
|
||||||
bool requirePlatformAttachment = false;
|
bool requirePlatformAttachment = false;
|
||||||
if (sel.authenticatorAttachment().isSome()) {
|
if (sel.authenticatorAttachment().isSome()) {
|
||||||
|
@ -272,11 +269,8 @@ RefPtr<U2FSignPromise> CTAPHIDTokenManager::Sign(
|
||||||
if (aInfo.Extra().isSome()) {
|
if (aInfo.Extra().isSome()) {
|
||||||
const auto& extra = aInfo.Extra().ref();
|
const auto& extra = aInfo.Extra().ref();
|
||||||
|
|
||||||
UserVerificationRequirement userVerificationReq =
|
|
||||||
extra.userVerificationRequirement();
|
|
||||||
|
|
||||||
// Set flags for credential requests.
|
// Set flags for credential requests.
|
||||||
if (userVerificationReq == UserVerificationRequirement::Required) {
|
if (extra.userVerificationRequirement().EqualsLiteral("required")) {
|
||||||
signFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
signFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,14 +17,13 @@
|
||||||
include protocol PBackground;
|
include protocol PBackground;
|
||||||
|
|
||||||
using mozilla::dom::MaybeDiscardedBrowsingContext from "mozilla/dom/BrowsingContext.h";
|
using mozilla::dom::MaybeDiscardedBrowsingContext from "mozilla/dom/BrowsingContext.h";
|
||||||
using mozilla::dom::UserVerificationRequirement from "mozilla/dom/WebAuthnUtil.h";
|
|
||||||
|
|
||||||
namespace mozilla {
|
namespace mozilla {
|
||||||
namespace dom {
|
namespace dom {
|
||||||
|
|
||||||
struct WebAuthnAuthenticatorSelection {
|
struct WebAuthnAuthenticatorSelection {
|
||||||
bool requireResidentKey;
|
bool requireResidentKey;
|
||||||
UserVerificationRequirement userVerificationRequirement;
|
nsString userVerificationRequirement;
|
||||||
nsString? authenticatorAttachment;
|
nsString? authenticatorAttachment;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -107,7 +106,7 @@ struct WebAuthnMakeCredentialResult {
|
||||||
|
|
||||||
struct WebAuthnGetAssertionExtraInfo {
|
struct WebAuthnGetAssertionExtraInfo {
|
||||||
WebAuthnExtension[] Extensions;
|
WebAuthnExtension[] Extensions;
|
||||||
UserVerificationRequirement userVerificationRequirement;
|
nsString userVerificationRequirement;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct WebAuthnGetAssertionInfo {
|
struct WebAuthnGetAssertionInfo {
|
||||||
|
|
|
@ -113,12 +113,6 @@ RefPtr<U2FRegisterPromise> U2FHIDTokenManager::Register(
|
||||||
const auto& extra = aInfo.Extra().ref();
|
const auto& extra = aInfo.Extra().ref();
|
||||||
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
||||||
|
|
||||||
UserVerificationRequirement userVerificaitonRequirement =
|
|
||||||
sel.userVerificationRequirement();
|
|
||||||
|
|
||||||
bool requireUserVerification =
|
|
||||||
userVerificaitonRequirement == UserVerificationRequirement::Required;
|
|
||||||
|
|
||||||
bool requirePlatformAttachment = false;
|
bool requirePlatformAttachment = false;
|
||||||
if (sel.authenticatorAttachment().isSome()) {
|
if (sel.authenticatorAttachment().isSome()) {
|
||||||
const nsString& authenticatorAttachment =
|
const nsString& authenticatorAttachment =
|
||||||
|
@ -132,7 +126,7 @@ RefPtr<U2FRegisterPromise> U2FHIDTokenManager::Register(
|
||||||
if (sel.requireResidentKey()) {
|
if (sel.requireResidentKey()) {
|
||||||
registerFlags |= U2F_FLAG_REQUIRE_RESIDENT_KEY;
|
registerFlags |= U2F_FLAG_REQUIRE_RESIDENT_KEY;
|
||||||
}
|
}
|
||||||
if (requireUserVerification) {
|
if (sel.userVerificationRequirement().EqualsLiteral("required")) {
|
||||||
registerFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
registerFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
||||||
}
|
}
|
||||||
if (requirePlatformAttachment) {
|
if (requirePlatformAttachment) {
|
||||||
|
@ -231,11 +225,8 @@ RefPtr<U2FSignPromise> U2FHIDTokenManager::Sign(
|
||||||
if (aInfo.Extra().isSome()) {
|
if (aInfo.Extra().isSome()) {
|
||||||
const auto& extra = aInfo.Extra().ref();
|
const auto& extra = aInfo.Extra().ref();
|
||||||
|
|
||||||
UserVerificationRequirement userVerificaitonReq =
|
|
||||||
extra.userVerificationRequirement();
|
|
||||||
|
|
||||||
// Set flags for credential requests.
|
// Set flags for credential requests.
|
||||||
if (userVerificaitonReq == UserVerificationRequirement::Required) {
|
if (extra.userVerificationRequirement().EqualsLiteral("required")) {
|
||||||
signFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
signFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -581,11 +581,8 @@ RefPtr<U2FRegisterPromise> U2FSoftTokenManager::Register(
|
||||||
const auto& extra = aInfo.Extra().ref();
|
const auto& extra = aInfo.Extra().ref();
|
||||||
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
||||||
|
|
||||||
UserVerificationRequirement userVerificaitonRequirement =
|
|
||||||
sel.userVerificationRequirement();
|
|
||||||
|
|
||||||
bool requireUserVerification =
|
bool requireUserVerification =
|
||||||
userVerificaitonRequirement == UserVerificationRequirement::Required;
|
sel.userVerificationRequirement().EqualsLiteral("required");
|
||||||
|
|
||||||
bool requirePlatformAttachment = false;
|
bool requirePlatformAttachment = false;
|
||||||
if (sel.authenticatorAttachment().isSome()) {
|
if (sel.authenticatorAttachment().isSome()) {
|
||||||
|
@ -824,11 +821,8 @@ RefPtr<U2FSignPromise> U2FSoftTokenManager::Sign(
|
||||||
if (aInfo.Extra().isSome()) {
|
if (aInfo.Extra().isSome()) {
|
||||||
const auto& extra = aInfo.Extra().ref();
|
const auto& extra = aInfo.Extra().ref();
|
||||||
|
|
||||||
UserVerificationRequirement userVerificaitonReq =
|
|
||||||
extra.userVerificationRequirement();
|
|
||||||
|
|
||||||
// The U2F softtoken doesn't support user verification.
|
// The U2F softtoken doesn't support user verification.
|
||||||
if (userVerificaitonReq == UserVerificationRequirement::Required) {
|
if (extra.userVerificationRequirement().EqualsLiteral("required")) {
|
||||||
return U2FSignPromise::CreateAndReject(NS_ERROR_DOM_NOT_ALLOWED_ERR,
|
return U2FSignPromise::CreateAndReject(NS_ERROR_DOM_NOT_ALLOWED_ERR,
|
||||||
__func__);
|
__func__);
|
||||||
}
|
}
|
||||||
|
|
|
@ -62,15 +62,4 @@ nsresult BuildTransactionHashes(const nsCString& aRpId,
|
||||||
|
|
||||||
} // namespace mozilla::dom
|
} // namespace mozilla::dom
|
||||||
|
|
||||||
namespace IPC {
|
|
||||||
|
|
||||||
template <>
|
|
||||||
struct ParamTraits<mozilla::dom::UserVerificationRequirement>
|
|
||||||
: public ContiguousEnumSerializer<
|
|
||||||
mozilla::dom::UserVerificationRequirement,
|
|
||||||
mozilla::dom::UserVerificationRequirement::Required,
|
|
||||||
mozilla::dom::UserVerificationRequirement::EndGuard_> {};
|
|
||||||
|
|
||||||
} // namespace IPC
|
|
||||||
|
|
||||||
#endif // mozilla_dom_WebAuthnUtil_h
|
#endif // mozilla_dom_WebAuthnUtil_h
|
||||||
|
|
|
@ -231,24 +231,17 @@ void WinWebAuthnManager::Register(
|
||||||
|
|
||||||
const auto& sel = extra.AuthenticatorSelection();
|
const auto& sel = extra.AuthenticatorSelection();
|
||||||
|
|
||||||
UserVerificationRequirement userVerificationReq =
|
const nsString& userVerificationRequirement =
|
||||||
sel.userVerificationRequirement();
|
sel.userVerificationRequirement();
|
||||||
switch (userVerificationReq) {
|
if (userVerificationRequirement.EqualsLiteral("required")) {
|
||||||
case UserVerificationRequirement::Required:
|
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
||||||
winUserVerificationReq =
|
} else if (userVerificationRequirement.EqualsLiteral("preferred")) {
|
||||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
||||||
break;
|
} else if (userVerificationRequirement.EqualsLiteral("discouraged")) {
|
||||||
case UserVerificationRequirement::Preferred:
|
winUserVerificationReq =
|
||||||
winUserVerificationReq =
|
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
||||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
} else {
|
||||||
break;
|
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
||||||
case UserVerificationRequirement::Discouraged:
|
|
||||||
winUserVerificationReq =
|
|
||||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sel.authenticatorAttachment().isSome()) {
|
if (sel.authenticatorAttachment().isSome()) {
|
||||||
|
@ -565,25 +558,16 @@ void WinWebAuthnManager::Sign(PWebAuthnTransactionParent* aTransactionParent,
|
||||||
rpID = aInfo.RpId().get();
|
rpID = aInfo.RpId().get();
|
||||||
|
|
||||||
// User Verification Requirement
|
// User Verification Requirement
|
||||||
UserVerificationRequirement userVerificationReq =
|
const nsString& userVerificationReq = extra.userVerificationRequirement();
|
||||||
extra.userVerificationRequirement();
|
if (userVerificationReq.EqualsLiteral("required")) {
|
||||||
|
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
||||||
switch (userVerificationReq) {
|
} else if (userVerificationReq.EqualsLiteral("preferred")) {
|
||||||
case UserVerificationRequirement::Required:
|
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
||||||
winUserVerificationReq =
|
} else if (userVerificationReq.EqualsLiteral("discouraged")) {
|
||||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
winUserVerificationReq =
|
||||||
break;
|
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
||||||
case UserVerificationRequirement::Preferred:
|
} else {
|
||||||
winUserVerificationReq =
|
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
||||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
|
||||||
break;
|
|
||||||
case UserVerificationRequirement::Discouraged:
|
|
||||||
winUserVerificationReq =
|
|
||||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
rpID = aInfo.Origin().get();
|
rpID = aInfo.Origin().get();
|
||||||
|
|
|
@ -70,7 +70,7 @@
|
||||||
add_task(test_too_large_user_id);
|
add_task(test_too_large_user_id);
|
||||||
add_task(test_excluding_unknown_transports);
|
add_task(test_excluding_unknown_transports);
|
||||||
add_task(test_unknown_attestation_type);
|
add_task(test_unknown_attestation_type);
|
||||||
add_task(test_unknown_authenticator_attachment);
|
add_task(test_unknown_selection_criteria);
|
||||||
|
|
||||||
function arrivingHereIsGood(aResult) {
|
function arrivingHereIsGood(aResult) {
|
||||||
ok(true, "Good result! Received a: " + aResult);
|
ok(true, "Good result! Received a: " + aResult);
|
||||||
|
@ -394,10 +394,13 @@
|
||||||
.catch(arrivingHereIsBad);
|
.catch(arrivingHereIsBad);
|
||||||
}
|
}
|
||||||
|
|
||||||
async function test_unknown_authenticator_attachment() {
|
async function test_unknown_selection_criteria() {
|
||||||
let makeCredentialOptions = {
|
let makeCredentialOptions = {
|
||||||
rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param],
|
rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param],
|
||||||
authenticatorSelection: { authenticatorAttachment: "unknown authenticator attachment type" },
|
authenticatorSelection: {
|
||||||
|
userVerificationRequirement: "unknown UV requirement",
|
||||||
|
authenticatorAttachment: "unknown authenticator attachment type"
|
||||||
|
},
|
||||||
};
|
};
|
||||||
return credm.create({publicKey: makeCredentialOptions })
|
return credm.create({publicKey: makeCredentialOptions })
|
||||||
.then(arrivingHereIsGood)
|
.then(arrivingHereIsGood)
|
||||||
|
|
|
@ -82,13 +82,7 @@ dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity {
|
||||||
dictionary AuthenticatorSelectionCriteria {
|
dictionary AuthenticatorSelectionCriteria {
|
||||||
DOMString authenticatorAttachment;
|
DOMString authenticatorAttachment;
|
||||||
boolean requireResidentKey = false;
|
boolean requireResidentKey = false;
|
||||||
UserVerificationRequirement userVerification = "preferred";
|
DOMString userVerification = "preferred";
|
||||||
};
|
|
||||||
|
|
||||||
enum UserVerificationRequirement {
|
|
||||||
"required",
|
|
||||||
"preferred",
|
|
||||||
"discouraged"
|
|
||||||
};
|
};
|
||||||
|
|
||||||
dictionary PublicKeyCredentialRequestOptions {
|
dictionary PublicKeyCredentialRequestOptions {
|
||||||
|
@ -96,7 +90,7 @@ dictionary PublicKeyCredentialRequestOptions {
|
||||||
unsigned long timeout;
|
unsigned long timeout;
|
||||||
USVString rpId;
|
USVString rpId;
|
||||||
sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
|
sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
|
||||||
UserVerificationRequirement userVerification = "preferred";
|
DOMString userVerification = "preferred";
|
||||||
// FIXME: bug 1493860: should this "= {}" be here?
|
// FIXME: bug 1493860: should this "= {}" be here?
|
||||||
AuthenticationExtensionsClientInputs extensions = {};
|
AuthenticationExtensionsClientInputs extensions = {};
|
||||||
};
|
};
|
||||||
|
|
Загрузка…
Ссылка в новой задаче