feat: add support for the U2F Web API #30438
Conversation
MarshallOfSound
added
no-backport
semver/minor
| // permissions::PermissionRequestManager::FromWebContents(web_contents); | ||
| // nullptr; | ||
| // if (!permission_request_manager) { | ||
| return RespondNow(Error("no PermissionRequestManager")); |
There was a problem hiding this comment.
Hm... it looks like we always respond with an error here. Do we need to expose something through our permission check handlers?
There was a problem hiding this comment.
This API isn't actually used by the U2F extension, I think it might be a private API that some google.com sites use 馃 So I wasn't too concerned with wiring this up to anything in particular.
There was a problem hiding this comment.
For other extensions APIs that I've copied from Chrome, I've stripped out the bits we explicitly don't want to support. If we don't care about this API at all, maybe replace the entire implementation with just return RespondNow(Error("API not supported in Electron")) or so?
There was a problem hiding this comment.
I did that but in order to make diffing easier in the future I left the old implementation here with #if 0 wrappers
There was a problem hiding this comment.
hm ok, i'm not sure that makes diffing easier but sure.
| // Profile* const profile = Profile::FromBrowserContext(browser_context()); | ||
| // const PrefService* const prefs = profile->GetPrefs(); | ||
| // const base::ListValue* const permit_attestation = | ||
| // prefs->GetList(prefs::kSecurityKeyPermitAttestation); |
There was a problem hiding this comment.
probs don't need both // and #if 0
| // permissions::PermissionRequestManager::FromWebContents(web_contents); | ||
| // nullptr; | ||
| // if (!permission_request_manager) { | ||
| return RespondNow(Error("no PermissionRequestManager")); |
There was a problem hiding this comment.
hm ok, i'm not sure that makes diffing easier but sure.
Not without a U2F key plugged in and a human there to touch it. |
|
Release Notes Persisted
|
|
This feature is coming to version 14 or 15? |
|
@MarshallOfSound you mention you tested it on https://mdp.github.io/u2fdemo, but I also did the same, and nothing seems to happen. I've tried it with Electron v16.0.0 using $ git clone https://github.com/electron/electron-quick-start
$ cd electron-quick-start
$ npm install && npm startAnd then loading the registration page in diff --git a/main.js b/main.js
index 815c04b..6b58c35 100644
--- a/main.js
+++ b/main.js
@@ -13,10 +13,11 @@ function createWindow () {
})
// and load the index.html of the app.
- mainWindow.loadFile('index.html')
+ // mainWindow.loadFile('index.html')
+ mainWindow.loadURL('https://mdp.github.io/u2fdemo/#reg')
// Open the DevTools.
- // mainWindow.webContents.openDevTools()
+ mainWindow.webContents.openDevTools()
}
// This method will be called when Electron has finishedIt logs the following in the console until the timeout kicks in:
|
|
It looks like the U2F API is deprecated in favor of WebAuthn: https://www.yubico.com/blog/google-chrome-u2f-api-decommission/ |
Closes #3226
The large files in this PR namely
cryptotoken_private_api.ccandcryptotoken_private.idlare 99% copied from Chromium source. They're copied for build system reasons, the difference is as follows;Everything else is just annoyingly undocumented wiring to make this magic U2F component extension work.
Tested this out on https://mdp.github.io/u2fdemo and it appears to work great 馃憤
Notes: Added support for the U2F Web API