Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #1268 Type transport strings as DOMStrings. #1275

Merged
merged 3 commits into from
Aug 28, 2019
Merged

Fix #1268 Type transport strings as DOMStrings. #1275

merged 3 commits into from
Aug 28, 2019

Conversation

agl
Copy link
Contributor

@agl agl commented Aug 13, 2019
edited by pr-preview bot
Loading

Currently transports are represented as an enum. However, WebIDL has
strict enums. (I.e. an RP which sent an unrecognised transport would
make the whole structure unparsable.) This means that every time we add
a transport, we break all existing browsers.

In order to address this, this change retypes transports as plain
DOMStrings. The AuthenticatorTransport enum still exists, but now only
as documentation and registry — not as a factor in type-checking.

fixes #1268

Preview | Diff

@agl
Type transport strings as DOMStrings.
48702ac 
Currently transports are represented as an enum. However, WebIDL has
strict enums. (I.e. an RP which sent an unrecognised transport would
make the whole structure unparsable.) This means that every time we add
a transport, we break all existing browsers.

In order to address this, this change retypes transports as plain
DOMStrings. The AuthenticatorTransport enum still exists, but now only
as documentation and registry — not as a factor in type-checking.
emlun
emlun requested changes Aug 14, 2019
View reviewed changes
Copy link
Member

@emlun emlun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! (except for an editorial detail)

@equalsJeffH equalsJeffH added this to the L2-WD-02 milestone Aug 14, 2019
@jcjones jcjones changed the title Type transport strings as DOMStrings. Fix #1268 Type transport strings as DOMStrings. Aug 14, 2019
@nadalin nadalin requested review from akshayku and jcjones August 14, 2019 19:33
@jcjones
Copy link
Contributor

jcjones commented Aug 14, 2019

This is a fix for #1268.

jcjones
jcjones approved these changes Aug 20, 2019
View reviewed changes
Copy link
Contributor

@jcjones jcjones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks right to me.

equalsJeffH
equalsJeffH approved these changes Aug 20, 2019
View reviewed changes
Copy link
Contributor

@equalsJeffH equalsJeffH left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thx. Suggested modest edits below.

equalsJeffH
equalsJeffH approved these changes Aug 21, 2019
View reviewed changes
Copy link
Contributor

@equalsJeffH equalsJeffH left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@equalsJeffH
Copy link
Contributor

on 21-08-2019 call, this is ready to land modulo re-review & lgtm from @emlun

@akshayku akshayku merged commit b75aef3 into w3c:master Aug 28, 2019
WebAuthnBot pushed a commit that referenced this pull request Aug 28, 2019
Built by Travis-CI: b75aef3 Fix #1268 Type transport strings as DOMSt…
5222340 
…rings. (#1275)
@emlun emlun mentioned this pull request Oct 15, 2019
Merged
emlun added a commit to Yubico/java-webauthn-server that referenced this pull request Nov 1, 2019
@emlun
Release 1.5.0
f8693e0 
Changes:

- `RelyingParty` now makes an immutable copy of the `origins` argument,
  instead of storing a reference to a possibly mutable value.
- The enum `AuthenticatorTransport` has been replaced by a value class
  containing methods and value constants equivalent to the previous
  enum.
- The return type of `PublicKeyCredentialDescriptor.getTransports()` is
  now a `SortedSet` instead of `Set`. The builder still accepts a plain
  `Set`.
- Registration ceremony now verifies that the returned credential public
  key matches one of the algorithms specified in
  `RelyingParty.preferredPubkeyParams` and can be successfully parsed.

New features:

- Origin matching can now be relaxed via two new `RelyingParty` options:
  - `allowOriginPort` (default `false`): Allow any port number in the
    origin
  - `allowOriginSubdomain` (default `false`): Allow any subdomain of any
    origin listed in `RelyingParty.origins`
  - See JavaDoc for details and examples.
- The new `AuthenticatorTransport` can now contain any string value as
  the transport identifier, as required in the editor's draft of the L2
  spec. See: w3c/webauthn#1275
- Added support for RS1 credentials. Registration of RS1 credentials is
  not enabled by default, but can be enabled by setting
  `RelyingParty.preferredPubKeyCredParams` to a list containing
  `PublicKeyCredentialParameters.RS1`.
  - New constant `PublicKeyCredentialParameters.RS1`
  - New constant `COSEAlgorithmIdentifier.RS1`
@madwizard-thomas madwizard-thomas mentioned this pull request Jul 7, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@equalsJeffH equalsJeffH equalsJeffH approved these changes

@jcjones jcjones jcjones approved these changes

@emlun emlun emlun approved these changes

@akshayku akshayku akshayku approved these changes

Assignees

@agl agl

@equalsJeffH equalsJeffH

Labels
type:technical
Projects
None yet
Milestone
L2-WD-02
Development

Successfully merging this pull request may close these issues.

change AuthenticatorTransport to be other than an enum
6 participants
@agl @jcjones @equalsJeffH @emlun @akshayku @nadalin