W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] Allow client to return NotAllowedError early if success is impossible

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 26 Jun 2018 17:17:10 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-400394507-1530033428-sysbot+gh@w3.org>
On second thought, this should probably be a different error than `NotAllowedError`, right? In [create()][create], the current possible errors and their reasons are:

- `NotAllowedError`
  - _sameOriginWithAncestors_ is false
  - _callerOrigin_ is an opaque origin
  - Timeout
- `SecurityError`
  - Effective domain is not a valid domain
  - `options.rpId` is not a registrable domain suffix of and is not equal to _effectiveDomain_
- `NotSupportedError`
  - _credTypesAndPubKeyAlgs_ is empty and `options.pubKeyCredParams` is not empty
- `AbortError`
  - Aborted by user
- `InvalidStateError`
  - User tried to register an already registered authenticator

And in [get()][get]:

- `NotAllowedError`
  - _sameOriginWithAncestors_ is false
  - _callerOrigin_ is an opaque origin
  - Timeout
- `SecurityError`
  - Effective domain is not a valid domain
  - `options.rpId` is not a registrable domain suffix of and is not equal to _effectiveDomain_
- `AbortError`
  - Aborted by user

If we want this error condition to be clearly discernible from the others, it should probably be something more like `ConstraintError` in create() and `NotFoundError` in get().

[create]: https://w3c.github.io/webauthn/#createCredential
[get]: https://w3c.github.io/webauthn/#discover-from-external-source

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/962#issuecomment-400394507 using your GitHub account
Received on Tuesday, 26 June 2018 17:17:12 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC