Google Git
Sign in
chromium / chromium / src / 5bac165c3a66f63ce3511975a81d72c8b7031058
commit5bac165c3a66f63ce3511975a81d72c8b7031058[log] [tgz]
authorMartin Kreichgauer <martinkr@google.com>Wed Aug 22 16:41:10 2018
committerCommit Bot <commit-bot@chromium.org>Wed Aug 22 16:41:10 2018
tree9b79c49c8e699f8094f48996c415926418f27946
parent844c12c60076653ccd709a5ab2593e2be8461ec3 [diff]
fido: return NOT_ALLOWED_ERROR for OPERATION_DENIED from platform authenticator

This changes FidoRequestHandler to translate any
CtapDeviceResponseCode::kCtap2ErrOperationDenied
(CTAP2_ERR_OPERATION_DENIED) responses from platform authenticators into
FidoReturnCode::kUserConsentDenied. Upon receiving this error, all
outstanding authenticator requests are cancelled, and the error is
bubbled up into a NOT_ALLOWED_ERROR.

More concretely, this is going to change UI behavior such that the
request is cancelled if the user clicks cancel or fails verification in
the native macOS Touch ID dialog.

The WebAuthn spec in sections 5.1.3 and 5.1.4 states that "If any
authenticator returns a status indicating that the user cancelled the
operation", which indicate that the UA should cancel the entire
operation and return NOT_ALLOWED_ERROR in this case".

CTAP2_ERR_OPERATION_DENIED is used by the CTAP2 spec to signal
 - user declined to create a credential
 - user failed gesture verification
 - time out during user consent collection
 - user failing to select a credential on authenticators with account
chooser UI (deny or timeout)

Because of the reference to authenticator-defined timeouts, it is
debatable whether this CTAP error sufficiently indicates that "the user
cancelled the operation". For internal authenticators (Touch ID),
however, this is definitely the case. I will track a follow-up
discussion whether to extend this behavior to external authenticators
also in crbug/875982.

Also fix a bug in MockFidoDevice GetId generation and add a
|ExpectCtapRequestAndReturnError| helper method.

Bug: 875982, 678128
Change-Id: I616b319accb7d387c0d98de059c52b04bc80ce59
Reviewed-on: https://chromium-review.googlesource.com/1181863
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
Reviewed-by: Jun Choi <hongjunchoi@chromium.org>
Reviewed-by: Balazs Engedy <engedy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#585070}
8 files changed
tree: 9b79c49c8e699f8094f48996c415926418f27946
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. blink/
  6. build/
  7. build_overrides/
  8. cc/
  9. chrome/
  10. chrome_elf/
  11. chromecast/
  12. chromeos/
  13. cloud_print/
  14. components/
  15. content/
  16. courgette/
  17. crypto/
  18. dbus/
  19. device/
  20. docs/
  21. extensions/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. jingle/
  31. mash/
  32. media/
  33. mojo/
  34. native_client_sdk/
  35. net/
  36. pdf/
  37. ppapi/
  38. printing/
  39. remoting/
  40. rlz/
  41. sandbox/
  42. services/
  43. skia/
  44. sql/
  45. storage/
  46. styleguide/
  47. testing/
  48. third_party/
  49. tools/
  50. ui/
  51. url/
  52. webrunner/
  53. .clang-format
  54. .eslintrc.js
  55. .git-blame-ignore-revs
  56. .gitattributes
  57. .gitignore
  58. .gn
  59. .vpython
  60. AUTHORS
  61. BUILD.gn
  62. CODE_OF_CONDUCT.md
  63. codereview.settings
  64. DEPS
  65. ENG_REVIEW_OWNERS
  66. LICENSE
  67. LICENSE.chromium_os
  68. OWNERS
  69. PRESUBMIT.py
  70. PRESUBMIT_test.py
  71. PRESUBMIT_test_mocks.py
  72. README.md
  73. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .