New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: WebAuthn Discoverable Credential (Resident Credential) #35374
fix: WebAuthn Discoverable Credential (Resident Credential) #35374
Conversation
…33353 Enables support for Webauthn discoverable credentials (aka resident credentials). This allows users to authenticate without first having to select or type a username. To decide if discoverable credentials are supported, the class 'AuthenticatorCommon', in the chrome content code, indirectly calls the method 'context::WebAuthenticationDelegate.SupportsResidentKeys(..)'. The default implementation of this returns false, leaving it up to specific implementations to override. This change adds a new class 'ElectronWebAuthenticationDelegate' to subclass 'WebAuthenticationDelegate' and override the behaviour of the 'SupportsResidentKeys' method to return true. The implementation is copied from the Chrome browser equivalent 'ChromeWebAuthenticationDelegate', though the chrome class includes other methods that don't seem to be required for this functionality. The 'ElectronContentClient' class was also updated to store an instance of 'ElectronWebAuthenticationDelegate', and to provide an accessor method, GetWebAuthenticationDelegate().
💖 Thanks for opening this pull request! 💖 We use semantic commit messages to streamline the release process. Before your pull request can be merged, you should update your pull request title to start with a semantic prefix. Examples of commit messages with semantic prefixes:
Things that will help get your PR across the finish line:
We get a lot of pull requests on this repo, so please be patient and we will get back to you as soon as we can. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few small changes, but overall looks good! I think we should look towards adding WebAuthn specs (Node.js does it so I know it's doable) but i recognize that might be a lot of work for the scope of this PR so once comments are addressed i'm happy to move forward w/ this!
shell/browser/webauthn/electron_authenticator_request_delegate.cc
Outdated
Show resolved
Hide resolved
shell/browser/webauthn/electron_authenticator_request_delegate.cc
Outdated
Show resolved
Hide resolved
shell/browser/webauthn/electron_authenticator_request_delegate.h
Outdated
Show resolved
Hide resolved
shell/browser/webauthn/electron_authenticator_request_delegate.h
Outdated
Show resolved
Hide resolved
shell/browser/webauthn/electron_authenticator_request_delegate.cc
Outdated
Show resolved
Hide resolved
shell/browser/webauthn/electron_authenticator_request_delegate.cc
Outdated
Show resolved
Hide resolved
* docs: Update Quick Start Guide for Electron 12 With `contextIsolation` enabled by default in Electron 12, the Getting Started Guide no longer works as it is written. In order for the basic example to display values from `process.versions`, we need to add a `preload.js` to the example. * fix: annotate preload code block with a language * docs: update quick-start Fiddle example to use preload to provide version info * fix: ensure example files end in a newline * docs: add security warning to instructions for turning off contextIsolation Co-authored-by: John Kleinschmidt <jkleinsc@github.com> * docs: treat preload as an adjective instead of a noun Co-authored-by: John Kleinschmidt <jkleinsc@github.com> Co-authored-by: John Kleinschmidt <jkleinsc@github.com>
Thanks for the review, and appreciate your comments. I hadn't added tests as I wasn't sure of the best approach. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm 🥳
Just fix these two lint issues:
shell/browser/webauthn/electron_authenticator_request_delegate.h:5: (cpplint) #ifndef header guard has wrong style, please use: ELECTRON_SHELL_BROWSER_WEBAUTHN_ELECTRON_AUTHENTICATOR_REQUEST_DELEGATE_H_ [build/header_guard] [5]
shell/browser/webauthn/electron_authenticator_request_delegate.h:23: (cpplint) #endif line should be "#endif // ELECTRON_SHELL_BROWSER_WEBAUTHN_ELECTRON_AUTHENTICATOR_REQUEST_DELEGATE_H_" [build/header_guard] [5]
Total errors found: 2
Thanks for the approval, have made the lint changes. |
Hi @codebytere , |
Congrats on merging your first pull request! 🎉🎉🎉 |
Release Notes Persisted
|
…#35374) * fix: WebAuthn Discoverable Credential (Resident Credential) electron#33353 Enables support for Webauthn discoverable credentials (aka resident credentials). This allows users to authenticate without first having to select or type a username. To decide if discoverable credentials are supported, the class 'AuthenticatorCommon', in the chrome content code, indirectly calls the method 'context::WebAuthenticationDelegate.SupportsResidentKeys(..)'. The default implementation of this returns false, leaving it up to specific implementations to override. This change adds a new class 'ElectronWebAuthenticationDelegate' to subclass 'WebAuthenticationDelegate' and override the behaviour of the 'SupportsResidentKeys' method to return true. The implementation is copied from the Chrome browser equivalent 'ChromeWebAuthenticationDelegate', though the chrome class includes other methods that don't seem to be required for this functionality. The 'ElectronContentClient' class was also updated to store an instance of 'ElectronWebAuthenticationDelegate', and to provide an accessor method, GetWebAuthenticationDelegate(). * Remove redundant, commented-out code * style: comment cleanup * style: updated comments and formatting based on pull request review * style: fix lint error on header guard clause
Description of Change
Enables support for Webauthn discoverable credentials (aka resident
credentials). This allows users to authenticate without first having to
select or type a username.
To decide if discoverable credentials are supported, the class
'AuthenticatorCommon', in the chrome content code, indirectly calls the
method 'context::WebAuthenticationDelegate.SupportsResidentKeys(..)'.
The default implementation of this returns false, leaving it up to
specific implementations to override.
This change adds a new class 'ElectronWebAuthenticationDelegate' to
subclass 'WebAuthenticationDelegate' and override the behaviour of the
'SupportsResidentKeys' method to return true.
The implementation is copied from the Chrome browser equivalent
'ChromeWebAuthenticationDelegate', though the chrome class includes
other methods that don't seem to be required for this functionality.
The 'ElectronContentClient' class was also updated to store an instance
of 'ElectronWebAuthenticationDelegate', and to provide an accessor
method, GetWebAuthenticationDelegate().
Checklist
npm test
passesRelease Notes
Notes: Added support for Webauthn discoverable keys (aka resident keys), allowing users to authenticate without first having to select or type a username.