Intent to implement and ship: WebAuthn WebDriver backup flags settings

188 views
Skip to first unread message

Nina Satragno

unread,
Feb 14, 2024, 1:21:57 PMFeb 14
to blink-dev, chrome-...@google.com

Contact emails

nsat...@chromium.org, chrome-...@google.com


Specification

https://w3c.github.io/webauthn/#sctn-automation, look for backupState and backupEligibility


Or, if you prefer, see the merged PR.

Summary

A set of new attributes for WebAuthn WebDriver Virtual Authenticators and their Credential Parameters that allow setting default and current values for the backup state and backup eligibility credential flags, and a new Set Credential Properties command that lets developers manipulate these values for existing (virtual) credentials. The motivation is to allow developers to write integration tests that exercise a web application reacting to backup state changes as real credentials would during their lifetime.


The feature is already implemented at the devtools level, we are requesting permission to implement and ship its WebDriver layer.


Blink component

Blink>WebAuthn


TAG review

N/A


Risks



Interoperability and Compatibility

Firefox and Safari support the WebAuthn WebDriver API. However, Chrome is the first to implement backup flags settings.


Gecko: No signals.


WebKit: pascoej@ (Apple) reviewed & approved the PR.


Web developers: MasterKale@ (Duo / Cisco) showed support & approved the PR.


Other signals: emlun@ (Yubico) also approved the PR.


WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

The virtual authenticator is not supported on webviews.


Ergonomics

N/A


Activation

Developers will be able to connect to the browser through the WebDriver API as specified, or use Selenium bindings.


Security

This is only exposed through WebDriver.



Debuggability

This is a debugging feature.


Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)?

No. The WebAuthn WebDriver API is only available on desktop.


Is this feature fully tested by web-platform-tests?

No. This is not a web feature.


DevTrial instructions

The WebDriver layer is not implemented yet. Developers wishing to try the underlying API can access it directly through Chrome's DevTools Protocol.


Flag name on chrome://flags

N/A


Finch feature name

N/A


Non-finch justification

WebDriver feature.


Requires code in //chrome?

False


Tracking bug

crbug.com/40945430


Launch bug

crbug.com/40945430


Estimated milestones

M124.



--
Nina Satragno

Rick Byers

unread,
Feb 20, 2024, 2:51:01 PMFeb 20
to Nina Satragno, blink-dev, chrome-...@google.com, Mathias Bynens
Looks pretty straightforward to me and has some good support from other engines. LGTM1

/cc @Mathias Bynens in case he has any thoughts from a WebDriver perspective 


--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAB0jio%3DMgFH%2BurT0jeM66dvBwJZFq3LoZiUUndmgccO%3DRzNBbg%40mail.gmail.com.

Yoav Weiss (@Shopify)

unread,
Feb 20, 2024, 4:03:15 PMFeb 20
to Rick Byers, Nina Satragno, blink-dev, chrome-...@google.com, Mathias Bynens
LGTM2

To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFUtAY9QYnbo0x-tqpb8mQDju2jgOZjuefRgjLKRdVziz94Jyg%40mail.gmail.com.

Chris Harrelson

unread,
Feb 23, 2024, 5:17:17 PMFeb 23
to Yoav Weiss (@Shopify), Rick Byers, Nina Satragno, blink-dev, chrome-...@google.com, Mathias Bynens
LGTM3

To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSJyZ%2BYH8k_bUYL2NVTAwRs4BTT1AhmGmTaAMMY1sMsQJg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages