Backed out changeset 6807a13afdd9 (bug 1718228) for causing browser-chrome failures on browser_fido_appid_extension.js CLOSED TREE

Author: Norisz Fay

dom/webauthn/WebAuthnManager.cpp

@@ -75,6 +75,8 @@ static nsresult AssembleClientData(
   clientDataObject.mType.Assign(aType);
   clientDataObject.mChallenge.Assign(challengeBase64);
   clientDataObject.mOrigin.Assign(aOrigin);
+  clientDataObject.mHashAlgorithm.AssignLiteral(u"SHA-256");
+  clientDataObject.mClientExtensions = aExtensions;
 
   nsAutoString temp;
   if (NS_WARN_IF(!clientDataObject.ToJSON(temp))) {

dom/webauthn/tests/test_webauthn_loopback.html

@@ -50,6 +50,7 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
        - response : AuthenticatorAttestationResponse : AuthenticatorResponse
          - attestationObject: CBOR object
          - clientDataJSON: serialized JSON
+       - clientExtensionResults: (not yet supported)
     */
 
     is(aCredInfo.type, "public-key", "Credential type must be public-key")
@@ -65,8 +66,13 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
     let clientData = JSON.parse(buffer2string(aCredInfo.response.clientDataJSON));
     is(clientData.challenge, bytesToBase64UrlSafe(gCredentialChallenge), "Challenge is correct");
     is(clientData.origin, window.location.origin, "Origin is correct");
+    is(clientData.hashAlgorithm, "SHA-256", "Hash algorithm is correct");
     is(clientData.type, "webauthn.create", "Type is correct");
 
+    let extensions = aCredInfo.getClientExtensionResults();
+    is(extensions.appid, undefined, "appid extension wasn't used");
+    is(clientData.clientExtensions.appid, undefined, "appid extension wasn't sent");
+
     return webAuthnDecodeCBORAttestation(aCredInfo.response.attestationObject)
     .then(function(aAttestationObj) {
       // Make sure the RP ID hash matches what we calculate.
@@ -112,11 +118,13 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
     ok(aAssertion.response.signature === aAssertion.response.signature, "AuthenticatorAssertionResponse.Signature is SameObject");
     ok(aAssertion.response.signature instanceof ArrayBuffer, "AuthenticatorAssertionResponse.Signature is an ArrayBuffer");
     ok(aAssertion.response.userHandle === null, "AuthenticatorAssertionResponse.UserHandle is null for u2f authenticators");
+    isDeeply(aAssertion.getClientExtensionResults(), {}, "No extensions should be reported");
 
     ok(aAssertion.response.authenticatorData.byteLength > 0, "Authenticator data exists");
     let clientData = JSON.parse(buffer2string(aAssertion.response.clientDataJSON));
     is(clientData.challenge, bytesToBase64UrlSafe(gAssertionChallenge), "Challenge is correct");
     is(clientData.origin, window.location.origin, "Origin is correct");
+    is(clientData.hashAlgorithm, "SHA-256", "Hash algorithm is correct");
     is(clientData.type, "webauthn.get", "Type is correct");
 
     return webAuthnDecodeAuthDataArray(aAssertion.response.authenticatorData)

dom/webidl/WebAuthentication.webidl

@@ -140,16 +140,13 @@ dictionary CollectedClientData {
     required DOMString           type;
     required DOMString           challenge;
     required DOMString           origin;
-    TokenBinding                 tokenBinding;
-};
-
-dictionary TokenBinding {
-    required DOMString status;
-    DOMString id;
+    required DOMString           hashAlgorithm;
+    DOMString                    tokenBindingId;
+    // FIXME: bug 1493860: should this "= {}" be here?
+    AuthenticationExtensionsClientInputs clientExtensions = {};
+    AuthenticationExtensionsAuthenticatorInputs authenticatorExtensions;
 };
 
-enum TokenBindingStatus { "present", "supported" };
-
 enum PublicKeyCredentialType {
     "public-key"
 };