mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-13 13:25:37 +00:00
Bug 1406456 - WebAuthn WebIDL Updates for WD-07 (part 2) r=qdot,ttaubert
This covers these renames: * In CollectedClientData, hashAlg => hashAlgorithm * In CollectedClientData, tokenBinding => tokenBindingId * In MakePublicKeyCredentialOptions, parameters => pubKeyCredParams * In MakePublicKeyCredentialOptions, excludeList => excludeCredentials * In PublicKeyCredentialRequestOptions, allowList => allowCredentials * Transport (WebAuthnTransport in Gecko) => AuthenticatorTransport MozReview-Commit-ID: 3FdRnkosy83 --HG-- extra : rebase_source : 22f124c781b03837ad0cd4be4edf34527e3b9d38
This commit is contained in:
parent
24696391df
commit
8622a9216c
@ -90,7 +90,7 @@ AssembleClientData(const nsAString& aOrigin, const CryptoBuffer& aChallenge,
|
||||
CollectedClientData clientDataObject;
|
||||
clientDataObject.mChallenge.Assign(challengeBase64);
|
||||
clientDataObject.mOrigin.Assign(aOrigin);
|
||||
clientDataObject.mHashAlg.AssignLiteral(u"SHA-256");
|
||||
clientDataObject.mHashAlgorithm.AssignLiteral(u"SHA-256");
|
||||
|
||||
nsAutoString temp;
|
||||
if (NS_WARN_IF(!clientDataObject.ToJSON(temp))) {
|
||||
@ -365,14 +365,14 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
|
||||
// Process each element of cryptoParameters using the following steps, to
|
||||
// produce a new sequence normalizedParameters.
|
||||
nsTArray<PublicKeyCredentialParameters> normalizedParams;
|
||||
for (size_t a = 0; a < aOptions.mParameters.Length(); ++a) {
|
||||
for (size_t a = 0; a < aOptions.mPubKeyCredParams.Length(); ++a) {
|
||||
// Let current be the currently selected element of
|
||||
// cryptoParameters.
|
||||
|
||||
// If current.type does not contain a PublicKeyCredentialType
|
||||
// supported by this implementation, then stop processing current and move
|
||||
// on to the next element in cryptoParameters.
|
||||
if (aOptions.mParameters[a].mType != PublicKeyCredentialType::Public_key) {
|
||||
if (aOptions.mPubKeyCredParams[a].mType != PublicKeyCredentialType::Public_key) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -383,7 +383,7 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
|
||||
// element in cryptoParameters.
|
||||
|
||||
nsString algName;
|
||||
if (NS_FAILED(GetAlgorithmName(aOptions.mParameters[a].mAlg,
|
||||
if (NS_FAILED(GetAlgorithmName(aOptions.mPubKeyCredParams[a].mAlg,
|
||||
algName))) {
|
||||
continue;
|
||||
}
|
||||
@ -392,7 +392,7 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
|
||||
// normalizedParameters, with type set to current.type and algorithm set to
|
||||
// normalizedAlgorithm.
|
||||
PublicKeyCredentialParameters normalizedObj;
|
||||
normalizedObj.mType = aOptions.mParameters[a].mType;
|
||||
normalizedObj.mType = aOptions.mPubKeyCredParams[a].mType;
|
||||
normalizedObj.mAlg.SetAsString().Assign(algName);
|
||||
|
||||
if (!normalizedParams.AppendElement(normalizedObj, mozilla::fallible)){
|
||||
@ -404,7 +404,7 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
|
||||
// If normalizedAlgorithm is empty and cryptoParameters was not empty, cancel
|
||||
// the timer started in step 2, reject promise with a DOMException whose name
|
||||
// is "NotSupportedError", and terminate this algorithm.
|
||||
if (normalizedParams.IsEmpty() && !aOptions.mParameters.IsEmpty()) {
|
||||
if (normalizedParams.IsEmpty() && !aOptions.mPubKeyCredParams.IsEmpty()) {
|
||||
promise->MaybeReject(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
|
||||
return promise.forget();
|
||||
}
|
||||
@ -476,7 +476,7 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
|
||||
}
|
||||
|
||||
nsTArray<WebAuthnScopedCredentialDescriptor> excludeList;
|
||||
for (const auto& s: aOptions.mExcludeList) {
|
||||
for (const auto& s: aOptions.mExcludeCredentials) {
|
||||
WebAuthnScopedCredentialDescriptor c;
|
||||
CryptoBuffer cb;
|
||||
cb.Assign(s.mId);
|
||||
@ -636,13 +636,13 @@ WebAuthnManager::GetAssertion(nsPIDOMWindowInner* aParent,
|
||||
|
||||
// Note: we only support U2F-style authentication for now, so we effectively
|
||||
// require an AllowList.
|
||||
if (aOptions.mAllowList.Length() < 1) {
|
||||
if (aOptions.mAllowCredentials.Length() < 1) {
|
||||
promise->MaybeReject(NS_ERROR_DOM_NOT_ALLOWED_ERR);
|
||||
return promise.forget();
|
||||
}
|
||||
|
||||
nsTArray<WebAuthnScopedCredentialDescriptor> allowList;
|
||||
for (const auto& s: aOptions.mAllowList) {
|
||||
for (const auto& s: aOptions.mAllowCredentials) {
|
||||
WebAuthnScopedCredentialDescriptor c;
|
||||
CryptoBuffer cb;
|
||||
cb.Assign(s.mId);
|
||||
|
@ -38,7 +38,7 @@ let makeCredentialOptions = {
|
||||
user: {id: new Uint8Array(), name: "none", icon: "none", displayName: "none"},
|
||||
challenge: gCredentialChallenge,
|
||||
timeout: 5000, // the minimum timeout is actually 15 seconds
|
||||
parameters: [{type: "public-key", alg: "ES256"}],
|
||||
pubKeyCredParams: [{type: "public-key", alg: "ES256"}],
|
||||
};
|
||||
|
||||
navigator.credentials.create({publicKey: makeCredentialOptions})
|
||||
@ -61,7 +61,7 @@ navigator.credentials.create({publicKey: makeCredentialOptions})
|
||||
challenge: gAssertionChallenge,
|
||||
timeout: 5000, // the minimum timeout is actually 15 seconds
|
||||
rpId: document.domain,
|
||||
allowList: [newCredential]
|
||||
allowCredentials: [newCredential]
|
||||
};
|
||||
|
||||
// Make sure the RP ID hash matches what we calculate.
|
||||
|
@ -81,7 +81,7 @@
|
||||
// Test with an invalid credential
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: gAssertionChallenge,
|
||||
allowList: [invalidCred]
|
||||
allowCredentials: [invalidCred]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -91,7 +91,7 @@
|
||||
// Test with an unknown credential
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: gAssertionChallenge,
|
||||
allowList: [unknownCred]
|
||||
allowCredentials: [unknownCred]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -102,7 +102,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: gAssertionChallenge,
|
||||
unknownValue: "hi",
|
||||
allowList: [invalidCred]
|
||||
allowCredentials: [invalidCred]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
|
@ -64,7 +64,7 @@ function() {
|
||||
let clientData = JSON.parse(buffer2string(aCredInfo.response.clientDataJSON));
|
||||
is(clientData.challenge, bytesToBase64UrlSafe(gCredentialChallenge), "Challenge is correct");
|
||||
is(clientData.origin, window.location.origin, "Origin is correct");
|
||||
is(clientData.hashAlg, "SHA-256", "Hash algorithm is correct");
|
||||
is(clientData.hashAlgorithm, "SHA-256", "Hash algorithm is correct");
|
||||
|
||||
return webAuthnDecodeCBORAttestation(aCredInfo.response.attestationObject)
|
||||
.then(function(aAttestationObj) {
|
||||
@ -114,7 +114,7 @@ function() {
|
||||
let clientData = JSON.parse(buffer2string(aAssertion.response.clientDataJSON));
|
||||
is(clientData.challenge, bytesToBase64UrlSafe(gAssertionChallenge), "Challenge is correct");
|
||||
is(clientData.origin, window.location.origin, "Origin is correct");
|
||||
is(clientData.hashAlg, "SHA-256", "Hash algorithm is correct");
|
||||
is(clientData.hashAlgorithm, "SHA-256", "Hash algorithm is correct");
|
||||
|
||||
return webAuthnDecodeAuthDataArray(aAssertion.response.authenticatorData)
|
||||
.then(function(aAttestation) {
|
||||
@ -143,7 +143,7 @@ function() {
|
||||
rp: rp,
|
||||
user: user,
|
||||
challenge: gCredentialChallenge,
|
||||
parameters: [param]
|
||||
pubKeyCredParams: [param]
|
||||
};
|
||||
credm.create({publicKey: makeCredentialOptions})
|
||||
.then(decodeCreatedCredential)
|
||||
@ -162,8 +162,8 @@ function() {
|
||||
rp: rp,
|
||||
user: user,
|
||||
challenge: gCredentialChallenge,
|
||||
parameters: [param],
|
||||
excludeList: [{type: "public-key", id: new Uint8Array(aCredInfo.rawId),
|
||||
pubKeyCredParams: [param],
|
||||
excludeCredentials: [{type: "public-key", id: new Uint8Array(aCredInfo.rawId),
|
||||
transports: ["usb"]}]
|
||||
};
|
||||
credm.create({publicKey: makeCredentialOptions})
|
||||
@ -189,7 +189,7 @@ function() {
|
||||
challenge: gAssertionChallenge,
|
||||
timeout: 5000, // the minimum timeout is actually 15 seconds
|
||||
rpId: document.domain,
|
||||
allowList: [newCredential]
|
||||
allowCredentials: [newCredential]
|
||||
};
|
||||
credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(function(aAssertion) {
|
||||
|
@ -70,7 +70,7 @@
|
||||
// Test basic good call
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, parameters: [param]
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -80,7 +80,7 @@
|
||||
// Test empty account
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
challenge: gCredentialChallenge, parameters: [param]
|
||||
challenge: gCredentialChallenge, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -90,7 +90,7 @@
|
||||
// Test without a parameter
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, parameters: []
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, pubKeyCredParams: []
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -110,7 +110,7 @@
|
||||
// Test with an unsupported parameter
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, parameters: [unsupportedParam]
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, pubKeyCredParams: [unsupportedParam]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -121,7 +121,7 @@
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge,
|
||||
parameters: [param, unsupportedParam]
|
||||
pubKeyCredParams: [param, unsupportedParam]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -131,7 +131,7 @@
|
||||
// Test with a bad parameter
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, parameters: [badParam]
|
||||
rp: rp, user: user, challenge: gCredentialChallenge, pubKeyCredParams: [badParam]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -142,7 +142,7 @@
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge,
|
||||
parameters: [unsupportedParam, badParam]
|
||||
pubKeyCredParams: [unsupportedParam, badParam]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -154,7 +154,7 @@
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge,
|
||||
parameters: [param, unsupportedParam, badParam]
|
||||
pubKeyCredParams: [param, unsupportedParam, badParam]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -164,7 +164,7 @@
|
||||
// Test without a challenge
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, parameters: [param]
|
||||
rp: rp, user: user, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -175,18 +175,18 @@
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: "begone, thou ill-fitting moist glove!",
|
||||
parameters: [unsupportedParam]
|
||||
pubKeyCredParams: [unsupportedParam]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
.catch(expectTypeError);
|
||||
},
|
||||
|
||||
// Test with duplicate parameters
|
||||
// Test with duplicate pubKeyCredParams
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: gCredentialChallenge,
|
||||
parameters: [param, param, param]
|
||||
pubKeyCredParams: [param, param, param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -196,7 +196,7 @@
|
||||
// Test with missing rp
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
user: user, challenge: gCredentialChallenge, parameters: [param]
|
||||
user: user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -208,7 +208,7 @@
|
||||
let invalidType = user;
|
||||
invalidType.id = "a string, which is not a buffer";
|
||||
let makeCredentialOptions = {
|
||||
user: invalidType, challenge: gCredentialChallenge, parameters: [param]
|
||||
user: invalidType, challenge: gCredentialChallenge, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -218,7 +218,7 @@
|
||||
// Test with missing user
|
||||
function() {
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, challenge: gCredentialChallenge, parameters: [param]
|
||||
rp: rp, challenge: gCredentialChallenge, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -235,7 +235,7 @@
|
||||
displayName: "Foxxy V"};
|
||||
let makeCredentialOptions = {
|
||||
rp: completeRP, user: completeUser, challenge: gCredentialChallenge,
|
||||
parameters: [param]
|
||||
pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -250,7 +250,7 @@
|
||||
displayName: "Foxxy V"};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: hugeUser, challenge: gCredentialChallenge,
|
||||
parameters: [param]
|
||||
pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
|
@ -47,7 +47,7 @@ function() {
|
||||
let user = {name: "none", icon: "none", displayName: "none"};
|
||||
let param = {type: "public-key", alg: "es256"};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: credentialChallenge, parameters: [param]
|
||||
rp: rp, user: user, challenge: credentialChallenge, pubKeyCredParams: [param]
|
||||
};
|
||||
credm.create({publicKey: makeCredentialOptions})
|
||||
.then(function(aResult) {
|
||||
@ -70,7 +70,7 @@ function() {
|
||||
challenge: assertionChallenge,
|
||||
timeout: 5000, // the minimum timeout is actually 15 seconds
|
||||
rpId: document.domain,
|
||||
allowList: [newCredential]
|
||||
allowCredentials: [newCredential]
|
||||
};
|
||||
credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(function(aResult) {
|
||||
|
@ -68,7 +68,7 @@
|
||||
// Test basic good call
|
||||
let rp = {id: document.domain};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(keepThisPublicKeyCredential("basic"))
|
||||
@ -78,7 +78,7 @@
|
||||
function() {
|
||||
// Test rp.id being unset
|
||||
let makeCredentialOptions = {
|
||||
rp: {}, user: user, challenge: chall, parameters: [param]
|
||||
rp: {}, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -88,7 +88,7 @@
|
||||
// Test this origin with optional fields
|
||||
let rp = {id: "user:pass@" + document.domain + ":8888"};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -98,7 +98,7 @@
|
||||
// Test blank rp.id
|
||||
let rp = {id: ""};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -108,7 +108,7 @@
|
||||
// Test subdomain of this origin
|
||||
let rp = {id: "subdomain." + document.domain};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -118,7 +118,7 @@
|
||||
// Test the same origin
|
||||
let rp = {id: "example.com"};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -128,7 +128,7 @@
|
||||
// Test the eTLD
|
||||
let rp = {id: "com"};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -138,7 +138,7 @@
|
||||
// Test a different domain within the same TLD
|
||||
let rp = {id: "alt.test"};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -149,7 +149,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: document.domain,
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -159,7 +159,7 @@
|
||||
// Test rpId being unset
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -170,7 +170,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: "user:pass@" + document.origin + ":8888",
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -181,7 +181,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: "",
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -192,7 +192,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: "subdomain." + document.domain,
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -203,7 +203,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: "example.com",
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsGood)
|
||||
@ -214,7 +214,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: "com",
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -225,7 +225,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: "alt.test",
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -235,7 +235,7 @@
|
||||
// Test basic good Create call but using an origin (Bug 1380421)
|
||||
let rp = {id: window.origin};
|
||||
let makeCredentialOptions = {
|
||||
rp: rp, user: user, challenge: chall, parameters: [param]
|
||||
rp: rp, user: user, challenge: chall, pubKeyCredParams: [param]
|
||||
};
|
||||
return credm.create({publicKey: makeCredentialOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
@ -246,7 +246,7 @@
|
||||
let publicKeyCredentialRequestOptions = {
|
||||
challenge: chall,
|
||||
rpId: window.origin,
|
||||
allowList: [gTrackedCredential["basic"]]
|
||||
allowCredentials: [gTrackedCredential["basic"]]
|
||||
};
|
||||
return credm.get({publicKey: publicKeyCredentialRequestOptions})
|
||||
.then(arrivingHereIsBad)
|
||||
|
@ -47,10 +47,10 @@ dictionary MakePublicKeyCredentialOptions {
|
||||
required PublicKeyCredentialUserEntity user;
|
||||
|
||||
required BufferSource challenge;
|
||||
required sequence<PublicKeyCredentialParameters> parameters;
|
||||
required sequence<PublicKeyCredentialParameters> pubKeyCredParams;
|
||||
|
||||
unsigned long timeout;
|
||||
sequence<PublicKeyCredentialDescriptor> excludeList = [];
|
||||
sequence<PublicKeyCredentialDescriptor> excludeCredentials = [];
|
||||
AuthenticatorSelectionCriteria authenticatorSelection;
|
||||
// Extensions are not supported yet.
|
||||
// AuthenticationExtensions extensions; // Add in Bug 1406458
|
||||
@ -80,7 +80,7 @@ dictionary PublicKeyCredentialRequestOptions {
|
||||
required BufferSource challenge;
|
||||
unsigned long timeout;
|
||||
USVString rpId;
|
||||
sequence<PublicKeyCredentialDescriptor> allowList = [];
|
||||
sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
|
||||
// Extensions are not supported yet.
|
||||
// AuthenticationExtensions extensions; // Add in Bug 1406458
|
||||
};
|
||||
@ -90,8 +90,8 @@ typedef record<DOMString, any> AuthenticationExtensions;
|
||||
dictionary CollectedClientData {
|
||||
required DOMString challenge;
|
||||
required DOMString origin;
|
||||
required DOMString hashAlg;
|
||||
DOMString tokenBinding;
|
||||
required DOMString hashAlgorithm;
|
||||
DOMString tokenBindingId;
|
||||
// Extensions are not supported yet.
|
||||
// AuthenticationExtensions clientExtensions; // Add in Bug 1406458
|
||||
// AuthenticationExtensions authenticatorExtensions; // Add in Bug 1406458
|
||||
@ -104,7 +104,7 @@ enum PublicKeyCredentialType {
|
||||
dictionary PublicKeyCredentialDescriptor {
|
||||
required PublicKeyCredentialType type;
|
||||
required BufferSource id;
|
||||
sequence<WebAuthnTransport> transports;
|
||||
sequence<AuthenticatorTransport> transports;
|
||||
};
|
||||
|
||||
typedef (boolean or DOMString) WebAuthnAlgorithmID; // Switch to COSE in Bug 1381190
|
||||
@ -116,8 +116,7 @@ interface AuthenticatorAssertionResponse : AuthenticatorResponse {
|
||||
readonly attribute DOMString userId;
|
||||
};
|
||||
|
||||
// Renamed from "Transport" to avoid a collision with U2F
|
||||
enum WebAuthnTransport {
|
||||
enum AuthenticatorTransport {
|
||||
"usb",
|
||||
"nfc",
|
||||
"ble"
|
||||
|
Loading…
Reference in New Issue
Block a user