Bug 1718228 - Make CollectedClientData follow the spec r=dveditz,baku

Differential Revision: https://phabricator.services.mozilla.com/D136881

Author: R. Martinho Fernandes

dom/webauthn/WebAuthnManager.cpp

@@ -75,8 +75,6 @@ static nsresult AssembleClientData(
   clientDataObject.mType.Assign(aType);
   clientDataObject.mChallenge.Assign(challengeBase64);
   clientDataObject.mOrigin.Assign(aOrigin);
-  clientDataObject.mHashAlgorithm.AssignLiteral(u"SHA-256");
-  clientDataObject.mClientExtensions = aExtensions;
 
   nsAutoString temp;
   if (NS_WARN_IF(!clientDataObject.ToJSON(temp))) {

dom/webauthn/tests/test_webauthn_loopback.html

@@ -50,7 +50,6 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
        - response : AuthenticatorAttestationResponse : AuthenticatorResponse
          - attestationObject: CBOR object
          - clientDataJSON: serialized JSON
-       - clientExtensionResults: (not yet supported)
     */
 
     is(aCredInfo.type, "public-key", "Credential type must be public-key")
@@ -66,13 +65,8 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
     let clientData = JSON.parse(buffer2string(aCredInfo.response.clientDataJSON));
     is(clientData.challenge, bytesToBase64UrlSafe(gCredentialChallenge), "Challenge is correct");
     is(clientData.origin, window.location.origin, "Origin is correct");
-    is(clientData.hashAlgorithm, "SHA-256", "Hash algorithm is correct");
     is(clientData.type, "webauthn.create", "Type is correct");
 
-    let extensions = aCredInfo.getClientExtensionResults();
-    is(extensions.appid, undefined, "appid extension wasn't used");
-    is(clientData.clientExtensions.appid, undefined, "appid extension wasn't sent");
-
     return webAuthnDecodeCBORAttestation(aCredInfo.response.attestationObject)
     .then(function(aAttestationObj) {
       // Make sure the RP ID hash matches what we calculate.
@@ -118,13 +112,11 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
     ok(aAssertion.response.signature === aAssertion.response.signature, "AuthenticatorAssertionResponse.Signature is SameObject");
     ok(aAssertion.response.signature instanceof ArrayBuffer, "AuthenticatorAssertionResponse.Signature is an ArrayBuffer");
     ok(aAssertion.response.userHandle === null, "AuthenticatorAssertionResponse.UserHandle is null for u2f authenticators");
-    isDeeply(aAssertion.getClientExtensionResults(), {}, "No extensions should be reported");
 
     ok(aAssertion.response.authenticatorData.byteLength > 0, "Authenticator data exists");
     let clientData = JSON.parse(buffer2string(aAssertion.response.clientDataJSON));
     is(clientData.challenge, bytesToBase64UrlSafe(gAssertionChallenge), "Challenge is correct");
     is(clientData.origin, window.location.origin, "Origin is correct");
-    is(clientData.hashAlgorithm, "SHA-256", "Hash algorithm is correct");
     is(clientData.type, "webauthn.get", "Type is correct");
 
     return webAuthnDecodeAuthDataArray(aAssertion.response.authenticatorData)

dom/webidl/WebAuthentication.webidl

@@ -140,13 +140,16 @@ dictionary CollectedClientData {
     required DOMString           type;
     required DOMString           challenge;
     required DOMString           origin;
-    required DOMString           hashAlgorithm;
-    DOMString                    tokenBindingId;
-    // FIXME: bug 1493860: should this "= {}" be here?
-    AuthenticationExtensionsClientInputs clientExtensions = {};
-    AuthenticationExtensionsAuthenticatorInputs authenticatorExtensions;
+    TokenBinding                 tokenBinding;
+};
+
+dictionary TokenBinding {
+    required DOMString status;
+    DOMString id;
 };
 
+enum TokenBindingStatus { "present", "supported" };
+
 enum PublicKeyCredentialType {
     "public-key"
 };