Closed
Bug 1689612
Opened 4 years ago
Closed 3 years ago
WebAuthn does not specify the authenticator type during attestation
Categories
(GeckoView :: General, defect, P1)
Tracking
(firefox92 fixed)
RESOLVED
FIXED
92 Branch
| Tracking | Status | |
|---|---|---|
| firefox92 | --- | fixed |
People
(Reporter: jonalmeida, Assigned: agi)
References
(Blocks 1 open bug)
Details
(Whiteboard: [geckoview:m91][geckoview:m92])
Attachments
(1 file)
|
(deleted),
text/x-phabricator-request
|
Details |
When GeckoView (also true in Fennec) requests for authentication, we do not provide the authenticator type which is used for sites that may need to specific a cross-platform (e.g. FIDO key) instead of a platform-specific (e.g. biometric reader)
Below are three cases that should work:
Undefined
Steps to reproduce
- Go to webauthn.io
- Enter any example username and "Authenticator Type" as "Undefined".
- Click register.
Expected
- The authenticator on Android should present NFC, Bluetooth, USB, and Biometric options.
Actual
- The authenticator on Android does present all the above options as the expected.
Cross-platform
Steps to reproduce
- Go to webauthn.io
- Enter any example username and "Authenticator Type" as "Cross platform".
- Click register.
Expected
- The authenticator on Android should present NFC, Bluetooth, and USB options.
Actual
- The authenticator on Android presents NFC, Bluetooth, USB, and Biometric options.
Platform
Steps to reproduce
- Go to webauthn.io
- Enter any example username and "Authenticator Type" as "Platform (TPM)".
- Click register.
Expected
- The authenticator on Android should present only the Biometric option.
Actual
- The authenticator on Android presents NFC, Bluetooth, USB, and Biometric options.
|
Reporter | |
Updated•4 years ago
|
|
|
Reporter | |
Comment 1•4 years ago
|
||
I realized later that a table is easier to read showing which options should be supported:
| Authenticator Type | NFC | Bluetooth | USB | Biometric |
|---|---|---|---|---|
| Undefined | x | x | x | x |
| Cross-platform | x | x | x | |
| Platform-specific | x |
|
||
Updated•4 years ago
|
Severity: -- → S3
Priority: -- → P2
Whiteboard: [geckoview:m88]
|
|
Reporter | |
Updated•4 years ago
|
Summary: WebAuthn does not specific the authenticator type during attestation → WebAuthn does not specify the authenticator type during attestation
|
|
||
Updated•4 years ago
|
Whiteboard: [geckoview:m88] → [geckoview:m89]
|
|
||
Updated•4 years ago
|
Whiteboard: [geckoview:m89] → [geckoview:m90]
|
|
||
Updated•4 years ago
|
Whiteboard: [geckoview:m90] → [geckoview:m90?]
|
|
||
Updated•3 years ago
|
Whiteboard: [geckoview:m90?] → [geckoview:m91?]
|
|
||
Updated•3 years ago
|
Priority: P2 → P1
Whiteboard: [geckoview:m91?] → [geckoview:m91]
|
|
||
Updated•3 years ago
|
Rank: 4
|
Assignee | |
Updated•3 years ago
|
Assignee: nobody → agi
|
|
||
Updated•3 years ago
|
Whiteboard: [geckoview:m91] → [geckoview:m91][geckoview:m92]
|
|
Assignee | |
Comment 2•3 years ago
|
||
The fact that we were checking for extensions seems like a typo to me? We
never set anything other than fidoAppId in the extensions bundle, which
makes sense to me (authenticatorAttachment is not an extension from what I can
tell).
Pushed by asferro@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e112ed192dde
Support WebAuthn authenticator type on Android. r=tjr,dveditz,aklotz
|
||
Comment 4•3 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox92:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 92 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•