Closed
Bug 1435527
Opened 7 years ago
Closed 7 years ago
Web Authentication - Run to Timeout from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
Categories
(Core :: DOM: Device Interfaces, defect, P1)
Core
DOM: Device Interfaces
Tracking
()
RESOLVED
FIXED
mozilla60
| Tracking | Status | |
|---|---|---|
| firefox60 | --- | fixed |
People
(Reporter: mail, Assigned: ttaubert)
References
Details
(Whiteboard: [webauthn][webauthn-interop])
Attachments
(1 file)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
Build ID: 20180203100135
Steps to reproduce:
This bug is related to WebAuthn.
https://bugzilla.mozilla.org/show_bug.cgi?id=1294514
# Setup
create a credential by calling `navigator.credentials.create`
# Test
call `navigator.credentials.get` with PublicKeyCredentialRequestOptions whose allowCredentials is empty.
Actual results:
DOMException with message "The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission." is thrown.
(It is confirmed that an assertion is returned when putting item with a crednetialId to allowCredentials.)
Expected results:
assertion should be returned
|
Reporter | |
Updated•7 years ago
|
Summary: Nothing returned from when PublicKeyCredentialRequestOptions.allowCredentials is empty → DOMException thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
|
|
Reporter | |
Updated•7 years ago
|
Summary: DOMException thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty → DOMException is thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
|
||
Comment 1•7 years ago
|
||
Since we don't support any authenticators yet that can operate without a passed-in AllowCredential, we can't return an assertion. (U2F devices -- all we support -- have no internal storage)
That said, per 5.1.4 [1] step 19, we should return a NotAllowedError at the end of the timeout, not immediately.
You can reproduce this easily with:
navigator.credentials.get({publicKey: {
timeout: 3000,
challenge: new Uint8Array(),
allowCredentials: [],
}})
.catch( (e) => {console.log("Should be NotAllowedError after timeout. Error = ", e.name);} );
[1] https://w3c.github.io/webauthn/#discover-from-external-source
Status: UNCONFIRMED → NEW
status-firefox60:
--- → affected
Ever confirmed: true
OS: Unspecified → All
Priority: -- → P1
Hardware: Unspecified → All
Summary: DOMException is thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty → Web Authentication - Run to Timeout from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
Whiteboard: [webauthn][webauthn-interop]
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → ttaubert
Status: NEW → ASSIGNED
|
||
Comment 2•7 years ago
|
||
|
|
||
Comment 3•7 years ago
|
||
Comment on attachment 8949112 [details]
Bug 1435527 - Run to Timeout from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty r=jcj
J.C. Jones [:jcj] has approved the revision.
https://phabricator.services.mozilla.com/D559
Attachment #8949112 -
Flags: review+
Pushed by ttaubert@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/e2818fa57916
Run to timeout from navigator.credentials.get() when PublicKeyCredentialRequestOptions.allowCredentials is empty r=jcj
Backout by aciure@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/ec6cd52c3fde
Backed out changeset e2818fa57916 mochitest leakcheck failures, a=backout on a CLOSED TREE
|
||
Comment 6•7 years ago
|
||
Backed out changeset e2818fa57916 (bug 1435527) mochitest leakcheck failures, a=backout on a CLOSED TREE
Push that caused the failures: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=e2818fa5791629800811b280926b834270b26958
recent log failure: https://treeherder.mozilla.org/logviewer.html#?job_id=160942897&repo=mozilla-inbound&lineNumber=5490
backout: https://hg.mozilla.org/integration/mozilla-inbound/rev/ec6cd52c3fde993d8672938c135ea7c81c680c0a
|
|
Assignee | |
Comment 7•7 years ago
|
||
Turns out that using a global `let credm = navigator.credentials` together with the new `add_task()` routines somehow leaks... Going to fix up the test a bit.
Pushed by ttaubert@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/c4034229cf62
Run to timeout from navigator.credentials.get() when PublicKeyCredentialRequestOptions.allowCredentials is empty r=jcj
|
||
Comment 9•7 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla60
|
|
Reporter | |
Comment 10•7 years ago
|
||
Thank you for clarification, but I got another DOMException named "UnknownError" from `navigator.credentials.get` wih 60.0a1 (2018-02-09).
DOMException
name: UnknownError
message: The operation failed for an unknown transient reason
Demo site to reproduce:
https://ynojima.github.io/webauthn-exp/
My environment:
OS: Windows 10 64bit
Browser: Firefox Nigtly 60.0a1 (2018-02-09)
FIDO U2FKey : Yubico FIDO U2F Security Key
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Assignee | |
Comment 11•7 years ago
|
||
Please don't reopen bugs. File a new one for new issues.
Status: REOPENED → RESOLVED
Closed: 7 years ago → 7 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 12•7 years ago
|
||
Filed bug 1437487.
You need to log in
before you can comment on or make changes to this bug.
Description
•