Closed
Bug 1435527
Opened 6 years ago
Closed 6 years ago
Web Authentication - Run to Timeout from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
Categories
(Core :: DOM: Device Interfaces, defect, P1)
Core
DOM: Device Interfaces
Tracking
()
RESOLVED
FIXED
mozilla60
Tracking | Status | |
---|---|---|
firefox60 | --- | fixed |
People
(Reporter: mail, Assigned: ttaubert)
References
Details
(Whiteboard: [webauthn][webauthn-interop])
Attachments
(1 file)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0 Build ID: 20180203100135 Steps to reproduce: This bug is related to WebAuthn. https://bugzilla.mozilla.org/show_bug.cgi?id=1294514 # Setup create a credential by calling `navigator.credentials.create` # Test call `navigator.credentials.get` with PublicKeyCredentialRequestOptions whose allowCredentials is empty. Actual results: DOMException with message "The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission." is thrown. (It is confirmed that an assertion is returned when putting item with a crednetialId to allowCredentials.) Expected results: assertion should be returned
Reporter | ||
Updated•6 years ago
|
Summary: Nothing returned from when PublicKeyCredentialRequestOptions.allowCredentials is empty → DOMException thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
Reporter | ||
Updated•6 years ago
|
Summary: DOMException thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty → DOMException is thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
Comment 1•6 years ago
|
||
Since we don't support any authenticators yet that can operate without a passed-in AllowCredential, we can't return an assertion. (U2F devices -- all we support -- have no internal storage) That said, per 5.1.4 [1] step 19, we should return a NotAllowedError at the end of the timeout, not immediately. You can reproduce this easily with: navigator.credentials.get({publicKey: { timeout: 3000, challenge: new Uint8Array(), allowCredentials: [], }}) .catch( (e) => {console.log("Should be NotAllowedError after timeout. Error = ", e.name);} ); [1] https://w3c.github.io/webauthn/#discover-from-external-source
Status: UNCONFIRMED → NEW
status-firefox60:
--- → affected
Ever confirmed: true
OS: Unspecified → All
Priority: -- → P1
Hardware: Unspecified → All
Summary: DOMException is thrown from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty → Web Authentication - Run to Timeout from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty
Whiteboard: [webauthn][webauthn-interop]
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → ttaubert
Status: NEW → ASSIGNED
Comment 2•6 years ago
|
||
Comment 3•6 years ago
|
||
Comment on attachment 8949112 [details] Bug 1435527 - Run to Timeout from navigator.credentials.get when PublicKeyCredentialRequestOptions.allowCredentials is empty r=jcj J.C. Jones [:jcj] has approved the revision. https://phabricator.services.mozilla.com/D559
Attachment #8949112 -
Flags: review+
Pushed by ttaubert@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/e2818fa57916 Run to timeout from navigator.credentials.get() when PublicKeyCredentialRequestOptions.allowCredentials is empty r=jcj
Backout by aciure@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/ec6cd52c3fde Backed out changeset e2818fa57916 mochitest leakcheck failures, a=backout on a CLOSED TREE
Comment 6•6 years ago
|
||
Backed out changeset e2818fa57916 (bug 1435527) mochitest leakcheck failures, a=backout on a CLOSED TREE Push that caused the failures: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=e2818fa5791629800811b280926b834270b26958 recent log failure: https://treeherder.mozilla.org/logviewer.html#?job_id=160942897&repo=mozilla-inbound&lineNumber=5490 backout: https://hg.mozilla.org/integration/mozilla-inbound/rev/ec6cd52c3fde993d8672938c135ea7c81c680c0a
Assignee | ||
Comment 7•6 years ago
|
||
Turns out that using a global `let credm = navigator.credentials` together with the new `add_task()` routines somehow leaks... Going to fix up the test a bit.
Pushed by ttaubert@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/c4034229cf62 Run to timeout from navigator.credentials.get() when PublicKeyCredentialRequestOptions.allowCredentials is empty r=jcj
Comment 9•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/c4034229cf62
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla60
Reporter | ||
Comment 10•6 years ago
|
||
Thank you for clarification, but I got another DOMException named "UnknownError" from `navigator.credentials.get` wih 60.0a1 (2018-02-09). DOMException name: UnknownError message: The operation failed for an unknown transient reason Demo site to reproduce: https://ynojima.github.io/webauthn-exp/ My environment: OS: Windows 10 64bit Browser: Firefox Nigtly 60.0a1 (2018-02-09) FIDO U2FKey : Yubico FIDO U2F Security Key
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 11•6 years ago
|
||
Please don't reopen bugs. File a new one for new issues.
Status: REOPENED → RESOLVED
Closed: 6 years ago → 6 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 12•6 years ago
|
||
Filed bug 1437487.
You need to log in
before you can comment on or make changes to this bug.
Description
•