Resident key support
Categories
(Core :: DOM: Web Authentication, defect)
Tracking
()
People
(Reporter: bugzilla.mozilla.org, Unassigned)
References
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:67.0) Gecko/20100101 Firefox/67.0
Steps to reproduce:
webauthn resident keys do not look to be supported
As per spec:
https://www.w3.org/TR/webauthn/#client-side-resident-public-key-credential-source
$options = {
"publicKey": {
"rp": {
"id": "localhost",
"name": "Demo server"
},
"excludeCredentials": [],
"authenticatorSelection": {
"requireResidentKey": true,
"userVerification": "preferred"
},
"challenge": ...,
"pubKeyCredParams": [
{
"alg": -7,
"type": "public-key"
}
],
"attestation": "none",
"user": {
"displayName": "foo",
"id": ...,
"name": "foo"
},
"timeout": 30000
}
}
navigator.credentials.create($options);
Actual results:
The security key does not react (should be blinking).
Expected results:
The security key should be contacted and blink
|
Reporter | |
Updated•6 years ago
|
|
|
Reporter | |
Comment 1•6 years ago
|
||
Chrome had this implemented, and removed it due to privacy concerns: https://bugs.chromium.org/p/chromium/issues/detail?id=896404
|
|
Reporter | |
Comment 2•6 years ago
|
||
(In reply to Arthur Gautier from comment #0)
Expected results:
The security key should be contacted and blink
Actually according to the spec, either the security should react, either the Promise should throw ConstraintError.
https://w3c.github.io/webauthn/#op-make-cred
If requireResidentKey is true and the authenticator cannot store a client-side-resident public key credential source, return an error code equivalent to "ConstraintError" and terminate the operation.
|
|
Reporter | |
Updated•6 years ago
|
|
||
Updated•6 years ago
|
Description
•