Intent to Ship: Web Authentication API: JSON serialization methods

[Martin Kreichgauer]

Contact emails

mart...@google.com

Explainer

https://github.com/w3c/webauthn/wiki/Explainer:-JSON-Serialization-Methods

Specification

https://w3c.github.io/webauthn/#publickeycredential

Summary

The WebAuthn PublicKeyCredential.toJSON(), parseCreationOptionsFromJSON() and parseRequestOptionsFromJSON() methods let developers serialize a WebAuthn response into a JSON object or deserialize a WebAuthn request object from its JSON representation.

Blink component

Blink>WebAuthentication

TAG review

None

TAG review status

Not applicable

Risks

Interoperability and Compatibility

None

Gecko: Shipped/Shipping (https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential/toJSON#browser_compatibility)

WebKit: No signal

Web developers: Positive (https://github.com/github/webauthn-json) webauthn-json is a widely used polyfill for this API maintained by Github.

Other signals:

WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

None

Debuggability

None

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)?

Yes

This feature is implemented in Blink renderer code and shipping on all platforms.

Is this feature fully tested by web-platform-tests?

Yes

https://wpt.fyi/results/webauthn/public-key-credential-creation-options-from-json.https.window.html https://wpt.fyi/results/webauthn/public-key-credential-request-options-from-json.https.window.html https://wpt.fyi/results/webauthn/public-key-credential-to-json.https.window.html

DevTrial instructions

https://docs.google.com/document/d/e/2PACX-1vSl4jywfU4xD3fkWrC-T5hHI79xs90oOq9tVSx4M63WkcI-wuk-nnFlPlDIAttrpTEd5BbXABJnDuxT/pub

Flag name on chrome://flags

enable-experimental-web-platform-features

Finch feature name

WebAuthenticationJSONSerialization

Requires code in //chrome?

False

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1401128

Availability expectation

Firefox has shipped an implementation already.

Adoption expectation

There is a widely used polyfill (https://github.com/github/webauthn-json), which suggests there is demand from developers for this feature.

Estimated milestones

Shipping on desktop	128
DevTrial on desktop	128

Shipping on Android	128
DevTrial on Android	128

Shipping on WebView

128

Anticipated spec changes

Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).

None

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5141695044255744?gate=6322764007342080

Links to previous Intent discussions

Intent to prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAB%3DfcEbBz4a%2BEE-KbbRDkEexDON8hCfCC-saD600J7fo9J3jZg%40mail.gmail.com

This intent message was generated by Chrome Platform Status.

[Daniel Clark]

Could you request WebKit’s position for this? https://github.com/WebKit/standards-positions/issues/

 

-- Dan

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAB%3DfcEYktBpGbDOw9pT40jjE%2B6T4HVCq%2Bzu-P3KMf1PQQuzaew%40mail.gmail.com.

[Martin Kreichgauer]

Done: https://github.com/WebKit/standards-positions/issues/373. Also added to the chromestatus entry.