Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conditional request allowList credential filtering #1810

Merged
merged 2 commits into from
Oct 7, 2022
Merged

Conditional request allowList credential filtering #1810

merged 2 commits into from
Oct 7, 2022

Conversation

nsatragno
Copy link
Member

@nsatragno nsatragno commented Sep 30, 2022
edited by pr-preview bot
Loading

Allow filtering credentials during conditional requests by passing an allowList to navigator.credentials.get. This allows relying parties who know who the user attempting to authenticate is (e.g. because they entered their username) to have autofill only show credentials for that user. See the bug for a description of use-cases.

Fixes #1793

Preview | Diff

@nsatragno nsatragno self-assigned this Sep 30, 2022
@emlun emlun self-requested a review October 3, 2022 09:28
emlun
emlun reviewed Oct 3, 2022
View reviewed changes
index.bs Outdated Show resolved Hide resolved
@nsatragno nsatragno marked this pull request as ready for review October 3, 2022 19:35
@Firstyear
Copy link
Contributor

Looks great to me :)

emlun
emlun approved these changes Oct 5, 2022
View reviewed changes
Copy link
Member

@emlun emlun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, with a few minor nits.

index.bs Show resolved Hide resolved
index.bs Show resolved Hide resolved
index.bs Show resolved Hide resolved
index.bs Show resolved Hide resolved
ve7jtb
ve7jtb approved these changes Oct 5, 2022
View reviewed changes
Copy link
Contributor

@ve7jtb ve7jtb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@nadalin nadalin added this to the L3-WD-01 milestone Oct 5, 2022
@nsatragno
Copy link
Member Author

From the call: Nina to merge after fixing the merge errors.

@nsatragno
Conditional request allowList credential filtering
d3ad336 
Allow filtering credentials during conditional requests by passing an
allowList to navigator.credentials.get. This allows relying parties who
know who the user attempting to authenticate is (e.g. because they
entered their username) to have autofill only show credentials for that
user. See the bug for a description of use-cases.

Fixes w3c#1793
@nsatragno
kenrb@'s feedback
c7b8940
@nsatragno nsatragno merged commit 8a6daec into w3c:main Oct 7, 2022
@nsatragno nsatragno deleted the autofill_filtering branch October 7, 2022 15:39
github-actions bot added a commit that referenced this pull request Oct 7, 2022
@nsatragno @github-actions
Conditional request allowList credential filtering (#1810)
69f699d 
SHA: 8a6daec
Reason: push, by @nsatragno

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
github-actions bot added a commit to nsatragno/webauthn that referenced this pull request Oct 7, 2022
@nsatragno @github-actions
Conditional request allowList credential filtering (w3c#1810)
bc89597 
SHA: 8a6daec
Reason: push, by @nsatragno

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agl agl agl approved these changes

@ve7jtb ve7jtb ve7jtb approved these changes

@emlun emlun emlun approved these changes

@pascoej pascoej pascoej approved these changes

Assignees

@nsatragno nsatragno

Labels
type:technical
Projects
None yet
Milestone
L3-WD-01
Development

Successfully merging this pull request may close these issues.

Support Filtering by allow list in Conditional UI
7 participants
@nsatragno @Firstyear @agl @ve7jtb @emlun @pascoej @nadalin