[Webkit-unassigned] [Bug 213187] [WebAuthn] The support of the GetAssertion response without containing a credential case
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 28 00:54:04 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=213187
--- Comment #3 from Jiewen Tan <jiewen_tan at apple.com> ---
(In reply to nuno.sung from comment #0)
> [Environment]
> Test Device: MacBook Pro (2013)
> OS: macOS 10.15.5
> Safari Technology Preview Release 108
>
> [Repro Steps]
> 1. Test https://webauthntest.azurewebsites.net/#
> 2. Create a credential without modifying any settings.
> 3. Make sure only one created credential on the web page.
> 4. Run Get credential and let "Use allowCredentials" checked.
> 5. The response from authenticator will omit the credential(0x01) member if
> the allowList has exactly one Credential.
> 6. The result is not okay.
> 7. But if the key has the support of U2F, annother U2F_AUTH request/response
> will be processed and result is okay.
>
> [Ref.]
> 1. "May be omitted if the allowList has exactly one Credential." in the
> description of GetAssertion response table under
> https://fidoalliance.org/specs/fido2/fido-client-to-authenticator-protocol-
> v2.1-rd-20191217.html#authenticatorGetAssertion
>
> 2.
> // When the response from the authenticator does not contain a credential and
> // the allow list from the GetAssertion request only contains a single
> // credential id, manually set credential id in the returned response.
> https://chromium.googlesource.com/chromium/src/+/refs/heads/master/device/
> fido/get_assertion_request_handler.cc#187
May I ask what model of authenticator you are using?
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200728/d025c74e/attachment-0001.htm>
More information about the webkit-unassigned
mailing list