Implement ReauthenticateUser method for TouchID-enabled MacOS devices

RESOLVED FIXED in Firefox 65

Status

()

enhancement
P1
normal
RESOLVED FIXED
9 months ago
6 months ago

People

(Reporter: MattN, Assigned: jcj)

Tracking

unspecified
mozilla65
All
macOS
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox65 fixed)

Details

(Whiteboard: [webpayments-reserve])

Attachments

(1 attachment)

The intention was to support TouchID but from testing by coworkers it seems like only a password is supported.
Priority: -- → P3
Confirmed, doing the authentication [1] test in the browser console doesn't work.

[1] https://searchfox.org/mozilla-central/source/security/manager/ssl/tests/unit/test_osreauthenticator.js#14
Correct, only a password is supported. We'll need to write a separate implementation feature-gated on TouchID to get that support, as it's a separate API.

This will appear as another method in OSReauthenticator.cpp [1] that gets called if XP_MACOSX and we detect TouchID at runtime.

[1] https://searchfox.org/mozilla-central/rev/6e0e603f4852b8e571e5b8ae133e772b18b6016e/security/manager/ssl/OSReauthenticator.cpp#266
Severity: normal → enhancement
Summary: asyncReauthenticateUser doesn't support TouchID on macOS → Implement ReauthenticateUser method for TouchID-enabled MacOS devices
Taking this.
Assignee: nobody → jjones
Status: NEW → ASSIGNED
Priority: P3 → P1
In Bug 1499846 we added support for OSX to do Keychain-based reauthentication.
On newer versions of OSX, it's possible to instead do TouchID/FaceID for bio-
metric reauthentication, with a fallback to Keychain.

This implements that functionality. There's no C++ interface to access the
LocalAuthentication framework, so it adds an Objective-C method called by the
existing OSReauthenticator methods to perform its work.
Flags: qe-verify+
QA Contact: hani.yacoub
Attachment #9024587 - Attachment description: Bug 1505106 - Support TouchID/FaceID for Reauthentication r?keeler → Bug 1505106 - Support TouchID/FaceID for Reauthentication r?spohl
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2b2777f72b09
Support TouchID/FaceID for Reauthentication r=spohl
https://hg.mozilla.org/mozilla-central/rev/2b2777f72b09
Status: ASSIGNED → RESOLVED
Closed: 8 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
I am not sure how to verify bugs with Touch ID, we don't have any MacBook with Touch ID.
I suppose one could verify no regressions w/o Touch ID. Otherwise I'd guess we need to accept no QA verification and leave that up to Web Payments if that is OK.

MattN: Thoughts?
Flags: needinfo?(MattN+bmo)
I think it's fine to rely on J.C.'s testing and bug reports for this.
Flags: needinfo?(MattN+bmo)

Removing the qe-verify flag, based on the previous comments.

Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.