- From: RyannaArline via GitHub <sysbot+gh@w3.org>
- Date: Wed, 16 Mar 2022 00:34:19 +0000
- To: public-webauthn@w3.org
i have no idea what i am doing On Tue, Mar 15, 2022 at 1:11 PM Nina Satragno ***@***.***> wrote: > ***@***.**** commented on this pull request. > > Thank you for your work here! I think this might require a little more > work to avoid breaking the Credential Management integration. Happy to > answer any questions you might have. > ------------------------------ > > In index.bs > <https://github.com/w3c/webauthn/pull/1706#discussion_r827365417>: > > > :: [=set/For each=] |authenticator| in |issuedRequests| invoke the [=authenticatorCancel=] > - operation on |authenticator| and [=set/remove=] |authenticator| from |issuedRequests|. Then return a {{DOMException}} > - whose name is "{{AbortError}}" and terminate this algorithm. > + operation on |authenticator| and [=set/remove=] |authenticator| from |issuedRequests|. Then return the > + <code>|options|.{{CredentialCreationOptions/signal}}</code>'s [=AbortSignal/abort reason=] and terminate this algorithm. > > Piggybacking off @annevk <https://github.com/annevk>'s comment: this > breaks the contract that [[Create]] will always return null, a credential, > or an exception > <https://w3c.github.io/webappsec-credential-management/#algorithm-create-cred> > since the abort reason can be anything. It is important to maintain this > contract so that the Create a Credential > <https://w3c.github.io/webappsec-credential-management/#algorithm-create> > algorithm doesn't break in unexpected ways. > > A way to solve this would be to wrap the abort reason in some other > object (maybe in an AbortError exception?) and handling that specific > case in credential management's Create a credential algorithm step 10 > <https://w3c.github.io/webappsec-credential-management/#:~:text=Run%20the%20following,Create%5D%5D%20internal%20method> > .). > ------------------------------ > > In index.bs > <https://github.com/w3c/webauthn/pull/1706#discussion_r827368421>: > > > @@ -2097,9 +2096,8 @@ When this method is invoked, the user agent MUST execute the following algorithm > > 1. Let |clientDataHash| be the [=hash of the serialized client data=] represented by |clientDataJSON|. > > -1. If the <code>|options|.{{CredentialRequestOptions/signal}}</code> is present and its > - [=AbortSignal/aborted flag=] is set to [TRUE], return a {{DOMException}} whose name is "{{AbortError}}" > - and terminate this algorithm. > +1. If the <code>|options|.{{CredentialRequestOptions/signal}}</code> is present and [=AbortSignal/aborted=], return > > This has the same issues > <https://w3c.github.io/webappsec-credential-management/#algorithm-discover-creds> > as credential creation, and I suspect an equivalent fix would work. > > — > Reply to this email directly, view it on GitHub > <https://github.com/w3c/webauthn/pull/1706#pullrequestreview-910756916>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AYB3TUWRQHE24FQ4JNE454LVADVFXANCNFSM5QXIML7Q> > . > Triage notifications on the go with GitHub Mobile for iOS > <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> > or Android > <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>. > > You are receiving this because you commented.Message ID: > ***@***.***> > -- GitHub Notification of comment by RyannaArline Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1706#issuecomment-1068605427 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 16 March 2022 00:34:20 UTC