зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1773760 - part 3: make UserVerificationRequirement a DOMString. r=keeler,webidl,smaug
Depends on D167747 Differential Revision: https://phabricator.services.mozilla.com/D167748
This commit is contained in:
John Schanck
Родитель
0ac78da65a
Коммит
7e87c63940
|
|
@ -161,8 +161,7 @@ RefPtr<U2FRegisterPromise> AndroidWebAuthnTokenManager::Register(
|
|||
java::sdk::Integer::ValueOf(1));
|
||||
}
|
||||
|
||||
if (sel.userVerificationRequirement() ==
|
||||
UserVerificationRequirement::Required) {
|
||||
if (sel.userVerificationRequirement().EqualsLiteral("required")) {
|
||||
GECKOBUNDLE_PUT(authSelBundle, "requireUserVerification",
|
||||
java::sdk::Integer::ValueOf(1));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -141,11 +141,8 @@ RefPtr<U2FRegisterPromise> CTAPHIDTokenManager::Register(
|
|||
const auto& extra = aInfo.Extra().ref();
|
||||
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
||||
|
||||
UserVerificationRequirement userVerificationRequirement =
|
||||
sel.userVerificationRequirement();
|
||||
|
||||
bool requireUserVerification =
|
||||
userVerificationRequirement == UserVerificationRequirement::Required;
|
||||
sel.userVerificationRequirement().EqualsLiteral("required");
|
||||
|
||||
bool requirePlatformAttachment = false;
|
||||
if (sel.authenticatorAttachment().isSome()) {
|
||||
|
|
@ -272,11 +269,8 @@ RefPtr<U2FSignPromise> CTAPHIDTokenManager::Sign(
|
|||
if (aInfo.Extra().isSome()) {
|
||||
const auto& extra = aInfo.Extra().ref();
|
||||
|
||||
UserVerificationRequirement userVerificationReq =
|
||||
extra.userVerificationRequirement();
|
||||
|
||||
// Set flags for credential requests.
|
||||
if (userVerificationReq == UserVerificationRequirement::Required) {
|
||||
if (extra.userVerificationRequirement().EqualsLiteral("required")) {
|
||||
signFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,14 +17,13 @@
|
|||
include protocol PBackground;
|
||||
|
||||
using mozilla::dom::MaybeDiscardedBrowsingContext from "mozilla/dom/BrowsingContext.h";
|
||||
using mozilla::dom::UserVerificationRequirement from "mozilla/dom/WebAuthnUtil.h";
|
||||
|
||||
namespace mozilla {
|
||||
namespace dom {
|
||||
|
||||
struct WebAuthnAuthenticatorSelection {
|
||||
bool requireResidentKey;
|
||||
UserVerificationRequirement userVerificationRequirement;
|
||||
nsString userVerificationRequirement;
|
||||
nsString? authenticatorAttachment;
|
||||
};
|
||||
|
||||
|
|
@ -107,7 +106,7 @@ struct WebAuthnMakeCredentialResult {
|
|||
|
||||
struct WebAuthnGetAssertionExtraInfo {
|
||||
WebAuthnExtension[] Extensions;
|
||||
UserVerificationRequirement userVerificationRequirement;
|
||||
nsString userVerificationRequirement;
|
||||
};
|
||||
|
||||
struct WebAuthnGetAssertionInfo {
|
||||
|
|
|
|||
|
|
@ -113,12 +113,6 @@ RefPtr<U2FRegisterPromise> U2FHIDTokenManager::Register(
|
|||
const auto& extra = aInfo.Extra().ref();
|
||||
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
||||
|
||||
UserVerificationRequirement userVerificaitonRequirement =
|
||||
sel.userVerificationRequirement();
|
||||
|
||||
bool requireUserVerification =
|
||||
userVerificaitonRequirement == UserVerificationRequirement::Required;
|
||||
|
||||
bool requirePlatformAttachment = false;
|
||||
if (sel.authenticatorAttachment().isSome()) {
|
||||
const nsString& authenticatorAttachment =
|
||||
|
|
@ -132,7 +126,7 @@ RefPtr<U2FRegisterPromise> U2FHIDTokenManager::Register(
|
|||
if (sel.requireResidentKey()) {
|
||||
registerFlags |= U2F_FLAG_REQUIRE_RESIDENT_KEY;
|
||||
}
|
||||
if (requireUserVerification) {
|
||||
if (sel.userVerificationRequirement().EqualsLiteral("required")) {
|
||||
registerFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
||||
}
|
||||
if (requirePlatformAttachment) {
|
||||
|
|
@ -231,11 +225,8 @@ RefPtr<U2FSignPromise> U2FHIDTokenManager::Sign(
|
|||
if (aInfo.Extra().isSome()) {
|
||||
const auto& extra = aInfo.Extra().ref();
|
||||
|
||||
UserVerificationRequirement userVerificaitonReq =
|
||||
extra.userVerificationRequirement();
|
||||
|
||||
// Set flags for credential requests.
|
||||
if (userVerificaitonReq == UserVerificationRequirement::Required) {
|
||||
if (extra.userVerificationRequirement().EqualsLiteral("required")) {
|
||||
signFlags |= U2F_FLAG_REQUIRE_USER_VERIFICATION;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -581,11 +581,8 @@ RefPtr<U2FRegisterPromise> U2FSoftTokenManager::Register(
|
|||
const auto& extra = aInfo.Extra().ref();
|
||||
const WebAuthnAuthenticatorSelection& sel = extra.AuthenticatorSelection();
|
||||
|
||||
UserVerificationRequirement userVerificaitonRequirement =
|
||||
sel.userVerificationRequirement();
|
||||
|
||||
bool requireUserVerification =
|
||||
userVerificaitonRequirement == UserVerificationRequirement::Required;
|
||||
sel.userVerificationRequirement().EqualsLiteral("required");
|
||||
|
||||
bool requirePlatformAttachment = false;
|
||||
if (sel.authenticatorAttachment().isSome()) {
|
||||
|
|
@ -824,11 +821,8 @@ RefPtr<U2FSignPromise> U2FSoftTokenManager::Sign(
|
|||
if (aInfo.Extra().isSome()) {
|
||||
const auto& extra = aInfo.Extra().ref();
|
||||
|
||||
UserVerificationRequirement userVerificaitonReq =
|
||||
extra.userVerificationRequirement();
|
||||
|
||||
// The U2F softtoken doesn't support user verification.
|
||||
if (userVerificaitonReq == UserVerificationRequirement::Required) {
|
||||
if (extra.userVerificationRequirement().EqualsLiteral("required")) {
|
||||
return U2FSignPromise::CreateAndReject(NS_ERROR_DOM_NOT_ALLOWED_ERR,
|
||||
__func__);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -62,15 +62,4 @@ nsresult BuildTransactionHashes(const nsCString& aRpId,
|
|||
|
||||
} // namespace mozilla::dom
|
||||
|
||||
namespace IPC {
|
||||
|
||||
template <>
|
||||
struct ParamTraits<mozilla::dom::UserVerificationRequirement>
|
||||
: public ContiguousEnumSerializer<
|
||||
mozilla::dom::UserVerificationRequirement,
|
||||
mozilla::dom::UserVerificationRequirement::Required,
|
||||
mozilla::dom::UserVerificationRequirement::EndGuard_> {};
|
||||
|
||||
} // namespace IPC
|
||||
|
||||
#endif // mozilla_dom_WebAuthnUtil_h
|
||||
|
|
|
|||
|
|
@ -231,24 +231,17 @@ void WinWebAuthnManager::Register(
|
|||
|
||||
const auto& sel = extra.AuthenticatorSelection();
|
||||
|
||||
UserVerificationRequirement userVerificationReq =
|
||||
const nsString& userVerificationRequirement =
|
||||
sel.userVerificationRequirement();
|
||||
switch (userVerificationReq) {
|
||||
case UserVerificationRequirement::Required:
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
||||
break;
|
||||
case UserVerificationRequirement::Preferred:
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
||||
break;
|
||||
case UserVerificationRequirement::Discouraged:
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
||||
break;
|
||||
default:
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
||||
break;
|
||||
if (userVerificationRequirement.EqualsLiteral("required")) {
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
||||
} else if (userVerificationRequirement.EqualsLiteral("preferred")) {
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
||||
} else if (userVerificationRequirement.EqualsLiteral("discouraged")) {
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
||||
} else {
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
||||
}
|
||||
|
||||
if (sel.authenticatorAttachment().isSome()) {
|
||||
|
|
@ -565,25 +558,16 @@ void WinWebAuthnManager::Sign(PWebAuthnTransactionParent* aTransactionParent,
|
|||
rpID = aInfo.RpId().get();
|
||||
|
||||
// User Verification Requirement
|
||||
UserVerificationRequirement userVerificationReq =
|
||||
extra.userVerificationRequirement();
|
||||
|
||||
switch (userVerificationReq) {
|
||||
case UserVerificationRequirement::Required:
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
||||
break;
|
||||
case UserVerificationRequirement::Preferred:
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
||||
break;
|
||||
case UserVerificationRequirement::Discouraged:
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
||||
break;
|
||||
default:
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
||||
break;
|
||||
const nsString& userVerificationReq = extra.userVerificationRequirement();
|
||||
if (userVerificationReq.EqualsLiteral("required")) {
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
|
||||
} else if (userVerificationReq.EqualsLiteral("preferred")) {
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED;
|
||||
} else if (userVerificationReq.EqualsLiteral("discouraged")) {
|
||||
winUserVerificationReq =
|
||||
WEBAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED;
|
||||
} else {
|
||||
winUserVerificationReq = WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY;
|
||||
}
|
||||
} else {
|
||||
rpID = aInfo.Origin().get();
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@
|
|||
add_task(test_too_large_user_id);
|
||||
add_task(test_excluding_unknown_transports);
|
||||
add_task(test_unknown_attestation_type);
|
||||
add_task(test_unknown_authenticator_attachment);
|
||||
add_task(test_unknown_selection_criteria);
|
||||
|
||||
function arrivingHereIsGood(aResult) {
|
||||
ok(true, "Good result! Received a: " + aResult);
|
||||
|
|
@ -394,10 +394,13 @@
|
|||
.catch(arrivingHereIsBad);
|
||||
}
|
||||
|
||||
async function test_unknown_authenticator_attachment() {
|
||||
async function test_unknown_selection_criteria() {
|
||||
let makeCredentialOptions = {
|
||||
rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param],
|
||||
authenticatorSelection: { authenticatorAttachment: "unknown authenticator attachment type" },
|
||||
authenticatorSelection: {
|
||||
userVerificationRequirement: "unknown UV requirement",
|
||||
authenticatorAttachment: "unknown authenticator attachment type"
|
||||
},
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions })
|
||||
.then(arrivingHereIsGood)
|
||||
|
|
|
|||
|
|
@ -82,13 +82,7 @@ dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity {
|
|||
dictionary AuthenticatorSelectionCriteria {
|
||||
DOMString authenticatorAttachment;
|
||||
boolean requireResidentKey = false;
|
||||
UserVerificationRequirement userVerification = "preferred";
|
||||
};
|
||||
|
||||
enum UserVerificationRequirement {
|
||||
"required",
|
||||
"preferred",
|
||||
"discouraged"
|
||||
DOMString userVerification = "preferred";
|
||||
};
|
||||
|
||||
dictionary PublicKeyCredentialRequestOptions {
|
||||
|
|
@ -96,7 +90,7 @@ dictionary PublicKeyCredentialRequestOptions {
|
|||
unsigned long timeout;
|
||||
USVString rpId;
|
||||
sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
|
||||
UserVerificationRequirement userVerification = "preferred";
|
||||
DOMString userVerification = "preferred";
|
||||
// FIXME: bug 1493860: should this "= {}" be here?
|
||||
AuthenticationExtensionsClientInputs extensions = {};
|
||||
};
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче