- From: Matthew Miller via GitHub <sysbot+gh@w3.org>
- Date: Fri, 24 Feb 2023 22:45:18 +0000
- To: public-webauthn@w3.org
You have to go digging into the spec to connect the pieces, but the spec definitely outlines discrete error scenarios that should be reliably detectable. For sake of discussion, I've done so with my own library for both registration and authentication: - https://github.com/MasterKale/SimpleWebAuthn/blob/master/packages/browser/src/helpers/identifyRegistrationError.ts - https://github.com/MasterKale/SimpleWebAuthn/blob/master/packages/browser/src/helpers/identifyAuthenticationError.ts The exceptions here are the various `NotAllowedError` that can come up. The spec defines a couple of discrete conditions under which `NotAllowedError` can be mapped to specific error causes. However, browsers have overloaded this type of error with browser-specific error messages too that make it trickier to differentiate spec-related error conditions from browser-related error conditions. All this said, I agree that the spec doesn't make it easy at all to identify all the discrete errors that can come up during a WebAuthn ceremony. Perhaps this becomes an editorial PR to bundle these errors together and under what conditions they'd arise. -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1859#issuecomment-1444610557 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 24 February 2023 22:45:20 UTC