Google Git
Sign in
chromium / chromium / src / 54d12f7046fac87aa6b190cf001ef10834da5f9b
commit54d12f7046fac87aa6b190cf001ef10834da5f9b[log] [tgz]
authorMartin Kreichgauer <martinkr@google.com>Thu May 16 21:25:24 2019
committerCommit Bot <commit-bot@chromium.org>Thu May 16 21:25:24 2019
tree076da9023a0b2a91835de43677fce0ff955e272d
parent744ced6d82e41091b76bc7512bf47beefeb67d76 [diff]
Revert "webauthn: remove the CREDENTIAL_NOT_RECOGNIZED status"

This reverts commit 62ed0cea3b83a600f245ce4a2387f28593c95271.

Reason for revert: This apparently breaks an Android build where CREDENTIAL_NOT_RECOGNIZED is referenced.

Original change's description:
> webauthn: remove the CREDENTIAL_NOT_RECOGNIZED status
> 
> The WebAuthn spec says that during a WebAuthn get() request, if an
> authenticator returns an error in response to the request, the browser
> should simply ignore that device and let the user try a different one
> until the user cancels or the request times out, at which point the
> browser returns a "NotAllowedError" DOMException.
> 
> Chrome diverges from the WebAuthn spec a little in that errors from the
> authenticator can cause termination of the entire request (depending on
> the exact nature of the authenticator's response). Originally, this
> resulted in the WebAuthn request's promise to be rejected with an error
> immediately.
> 
> To allow the relying party (RP) to distinguish a request that was
> terminated due to a security key not recognizing any of the presented
> credential IDs from other errors (such as the user clicking "Cancel" in
> the UI), Chrome therefore returned an InvalidStateError for this
> particular case, such that the RP could then inform the user that the
> security key that they tapped wasn't registered with the site.
> 
> Later, Chrome's WebAuthn implementation added an error to its own UI for
> this case that informs the user that their security key wasn't
> recognized. But Chrome still returns the InvalidState error with a
> special message. This change aligns Chrome's behavior with the spec and
> makes it return NotAllowedError in this case.
> 
> Change-Id: Ib2a3c3134555cfc87da451a5c5738b59df674139
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1602745
> Commit-Queue: Martin Kreichgauer <martinkr@google.com>
> Reviewed-by: Mike West <mkwst@chromium.org>
> Reviewed-by: Adam Langley <agl@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#660519}

TBR=agl@chromium.org,martinkr@google.com,mkwst@chromium.org

Change-Id: Icc31c71dbfdea5a741bf0511223e48874852ac0a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1614254
Reviewed-by: Martin Kreichgauer <martinkr@google.com>
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
Cr-Commit-Position: refs/heads/master@{#660555}
11 files changed
tree: 076da9023a0b2a91835de43677fce0ff955e272d
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. cloud_print/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. fuchsia/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. jingle/
  31. media/
  32. mojo/
  33. native_client_sdk/
  34. net/
  35. pdf/
  36. ppapi/
  37. printing/
  38. remoting/
  39. rlz/
  40. sandbox/
  41. services/
  42. skia/
  43. sql/
  44. storage/
  45. styleguide/
  46. testing/
  47. third_party/
  48. tools/
  49. ui/
  50. url/
  51. .clang-format
  52. .eslintrc.js
  53. .git-blame-ignore-revs
  54. .gitattributes
  55. .gitignore
  56. .gn
  57. .vpython
  58. AUTHORS
  59. BUILD.gn
  60. CODE_OF_CONDUCT.md
  61. codereview.settings
  62. DEPS
  63. ENG_REVIEW_OWNERS
  64. LICENSE
  65. LICENSE.chromium_os
  66. OWNERS
  67. PRESUBMIT.py
  68. PRESUBMIT_test.py
  69. PRESUBMIT_test_mocks.py
  70. README.md
  71. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .