[Webkit-unassigned] [Bug 225233] New: WebAuthn API error messages too vague when Touch ID is unavailable

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Apr 30 09:15:55 PDT 2021


https://bugs.webkit.org/show_bug.cgi?id=225233

            Bug ID: 225233
           Summary: WebAuthn API error messages too vague when Touch ID is
                    unavailable
           Product: WebKit
           Version: Safari 14
          Hardware: Mac (Intel)
                OS: macOS 11
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: matthew at millerti.me

Created attachment 427429

  --> https://bugs.webkit.org/attachment.cgi?id=427429&action=review

Screenshot of console error output from call to `navigator.credentials.create()`

It appears that Safari 14.1 (on macOS 11.3) no longer supports access to Touch ID when a MacBook is in clamshell mode. Attempts to call `navigator.credentials.create()` while specifying "platform" in authenticator selection fail with the following console message:

> Unhandled Promise Rejection: NotAllowedError: This request has been cancelled by the user.
The confusion comes from the fact that the user is never shown any UI to interact with; the request immediately errors out with no clue except for this single error message! It was only after some frantic testing that I discovered it was because the laptop was closed. When I opened the laptop then the same code worked as expected, with Safari prompting me to interact with Touch ID.

For sake of example here's what I'm passing in within attestation options to try and access Touch ID:

```
"authenticatorSelection": {
  "authenticatorAttachment": "platform",
  "requireResidentKey": false,
  "userVerification": "required"
}
```

Is it possible to clarify this error message to indicate that the request is erroring out because Touch ID is unavailable (for whatever reason)? It'll make it easier to debug this issue in the future as it'll be more obvious why seemingly functional code "stopped working for some reason".

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210430/c7f437bf/attachment.htm>


More information about the webkit-unassigned mailing list