Closed Bug 1505106 Opened 3 years ago Closed 3 years ago
User method for Touch ID-enabled Mac OS devices
47 bytes, text/x-phabricator-request
|Details | Review|
The intention was to support TouchID but from testing by coworkers it seems like only a password is supported.
Confirmed, doing the authentication  test in the browser console doesn't work.  https://searchfox.org/mozilla-central/source/security/manager/ssl/tests/unit/test_osreauthenticator.js#14
Correct, only a password is supported. We'll need to write a separate implementation feature-gated on TouchID to get that support, as it's a separate API. This will appear as another method in OSReauthenticator.cpp  that gets called if XP_MACOSX and we detect TouchID at runtime.  https://searchfox.org/mozilla-central/rev/6e0e603f4852b8e571e5b8ae133e772b18b6016e/security/manager/ssl/OSReauthenticator.cpp#266
Severity: normal → enhancement
Summary: asyncReauthenticateUser doesn't support TouchID on macOS → Implement ReauthenticateUser method for TouchID-enabled MacOS devices
Assignee: nobody → jjones
Status: NEW → ASSIGNED
Priority: P3 → P1
In Bug 1499846 we added support for OSX to do Keychain-based reauthentication. On newer versions of OSX, it's possible to instead do TouchID/FaceID for bio- metric reauthentication, with a fallback to Keychain. This implements that functionality. There's no C++ interface to access the LocalAuthentication framework, so it adds an Objective-C method called by the existing OSReauthenticator methods to perform its work.
Attachment #9024587 - Attachment description: Bug 1505106 - Support TouchID/FaceID for Reauthentication r?keeler → Bug 1505106 - Support TouchID/FaceID for Reauthentication r?spohl
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/autoland/rev/2b2777f72b09 Support TouchID/FaceID for Reauthentication r=spohl
I am not sure how to verify bugs with Touch ID, we don't have any MacBook with Touch ID.
I suppose one could verify no regressions w/o Touch ID. Otherwise I'd guess we need to accept no QA verification and leave that up to Web Payments if that is OK. MattN: Thoughts?
I think it's fine to rely on J.C.'s testing and bug reports for this.
You need to log in before you can comment on or make changes to this bug.