Replace in-field string metadata with resource-level default fields #2280
Conversation
emlun
requested review from
pascoej,
nsatragno,
MasterKale,
timcappalli,
selfissued,
jschanck and
akshayku
| 1. If <code>|pkOptions|.{{PublicKeyCredentialCreationOptions/user}}.{{PublicKeyCredentialUserEntity/language}}</code> is present | ||
| and is not a [=well-formed language tag=], throw a "{{SyntaxError}}" {{DOMException}}. |
There was a problem hiding this comment.
One final thought: this requirement feels like it might push implementations that don't support the language field to do extra work. The field is optional and supporting the value is optional, but this clearly says that implementations need to check the tag's structure if the field is present.
String-Meta recommends but does not require that you emit an error here. I'd suggest handling language similar to direction and ignoring the field if the tag is not well-formed.
There was a problem hiding this comment.
I see what you mean, but I'm still more inclined to keep the error in the interest of "fail faster". Of course no error will be thrown here if the client implementation predates WebAuthn L3, so there will always be that possibility, but I still think that clients that know the field exists should verify its well-formedness when present - even if the client otherwise ignores the value.
I think this position is also supported by the W3C priority of consituencies: "[...] the needs of web page authors [...] come before the needs of user agent implementors, [...]".
|
From 2025-04-11 face-to-face WG meeting:
|
| <td>|userLanguage|</td> | ||
| <td> | ||
| The [=resource-wide default=] language tag for the {{PublicKeyCredentialUserEntity|user}} entity associated to the credential. | ||
| This property may not be defined. |
There was a problem hiding this comment.
| This property may not be defined. | |
| Note that this property might not be present. |
| <td>|userDirection|</td> | ||
| <td> | ||
| The [=resource-wide default=] [=string direction=] for the {{PublicKeyCredentialUserEntity|user}} entity associated to the credential. | ||
| This property may not be defined. |
There was a problem hiding this comment.
| This property may not be defined. | |
| Note that this property might not be present. |
…er Add Credential
Co-authored-by: Michael B. Jones <michael_b_jones@hotmail.com>
|
@selfissued can you review to make sure your issues have been resolved |
| @@ -1767,6 +1771,9 @@ When this method is invoked, the user agent MUST execute the following algorithm | |||
|
|
|||
| 1. If the length of <code>|pkOptions|.{{PublicKeyCredentialCreationOptions/user}}.{{PublicKeyCredentialUserEntity/id}}</code> is not between 1 and 64 bytes (inclusive) then throw a {{TypeError}}. | |||
|
|
|||
| 1. If <code>|pkOptions|.{{PublicKeyCredentialCreationOptions/user}}.{{PublicKeyCredentialUserEntity/language}}</code> is present | |||
| and is not a [=well-formed language tag=], throw a "{{SyntaxError}}" {{DOMException}}. | |||
There was a problem hiding this comment.
WebAuthn typically raises TypeError's when there's an issue with a malformed value, as documented in L3:
- https://w3c.github.io/webauthn/#sctn-create-request-exceptions
- https://w3c.github.io/webauthn/#sctn-get-request-exceptions
We should probably maintain this behavior for this exception too.
There was a problem hiding this comment.
Hm. I see what you mean, but TypeError is not semantically correct for this error case. The user.id error ideally should have been a SyntaxError too, but that's probably too late to change now. SyntaxError is also used by the PRF extension when base64 decoding fails. So I'd prefer to keep this as SyntaxError rather than TypeError.
| : {{SyntaxError}} | ||
| :: <code>{{PublicKeyCredentialCreationOptions/user}}.{{PublicKeyCredentialUserEntity/language}}</code> | ||
| was present and was not a [=well-formed language tag=]. | ||
|
|
There was a problem hiding this comment.
If we agree to keep things consistent with TypeError as I call out above, we'll want to take this out.
|
|
||
| Upon invocation of {{PublicKeyCredential/signalCurrentUserDetails(options)}}, the | ||
| [=client=] executes these steps: | ||
|
|
||
| 1. If the result of [=base64url encoding | base64url decoding=] | ||
| <code>|options|.{{CurrentUserDetailsOptions/userId}}</code> is an error, | ||
| then return [=a promise rejected with=] a {{TypeError}}. | ||
| 1. If <code>|options|.{{CurrentUserDetailsOptions/language}}</code> is present | ||
| and is not a [=well-formed language tag=], | ||
| then return [=a promise rejected with=] a "{{SyntaxError}}" {{DOMException}}. |
There was a problem hiding this comment.
Tagging another SyntaxError pending a decision about sticking with TypeError as called out above.
index.bs
Outdated
|
|
||
| So the string “حبیب الرحمان” could have two different DOMString values, depending on whether the language was encoded or not. (Since the direction is unambiguous a directionality marker is not needed in this example.) | ||
| Instead, the Level 3 [=Web Authentication API=] provides [=resource-wide default=] fields for encoding language and direction metadata | ||
| which SHOULD be used when supported by the [=client=] and [=authenticator=]. |
There was a problem hiding this comment.
How does a relying party know if the client/authenticator support the new language tags?
There was a problem hiding this comment.
It doesn't... but I think I see what you mean. When I wrote "SHOULD be used" I meant "[the client] should use them [when provided by the RP and supported by the authenticator]", but your reading was "[the RP] should use them [when supported by the client and authenticator]"? That's definitely an ambiguity I need to fix.
Anything else to do here after fixing that ambiguity?
There was a problem hiding this comment.
Does 5d2e401 resolve this ambiguity?
| @@ -1767,6 +1771,9 @@ When this method is invoked, the user agent MUST execute the following algorithm | |||
|
|
|||
| 1. If the length of <code>|pkOptions|.{{PublicKeyCredentialCreationOptions/user}}.{{PublicKeyCredentialUserEntity/id}}</code> is not between 1 and 64 bytes (inclusive) then throw a {{TypeError}}. | |||
|
|
|||
| 1. If <code>|pkOptions|.{{PublicKeyCredentialCreationOptions/user}}.{{PublicKeyCredentialUserEntity/language}}</code> is present | |||
There was a problem hiding this comment.
Should we require language and direction be present if the other one is? i.e. if language is present, direction cannot be undefined.
There was a problem hiding this comment.
I don't think so, String-Meta specifically describes these as separate values. It doesn't look like either should require the other.
| @@ -240,6 +240,10 @@ spec: RFC8610; urlPrefix: https://tools.ietf.org/html/rfc8610 | |||
| type: dfn | |||
| text: group sockets; url: section-3.9 | |||
|
|
|||
| spec: String-Meta; urlPrefix: https://www.w3.org/TR/2024/NOTE-string-meta-20241017 | |||
There was a problem hiding this comment.
General comment:
I understand this is the i18n wg proposal, but this approach feels strictly worse, since authenticators have to support it for browsers to take advantage of it.
| @@ -2926,6 +2938,8 @@ value and terminate the operation. | |||
| required Base64URLString id; | |||
| required DOMString name; | |||
| required DOMString displayName; | |||
| DOMString language; | |||
There was a problem hiding this comment.
Was it decided whether we needed language or not?
There was a problem hiding this comment.
A language map might be a better pattern here:
https://www.w3.org/TR/2024/NOTE-string-meta-20241017/#language-maps
For example, if we added a new "user.localizedName" property, that looked like this...
localizedName: {
"en-US": {
value: "...",
dir: "ltr"
}
}
...then processing rules could say clients should use a value in user.localizedName when present, otherwise fall back to user.name.
The same could be done with a "user.localizedDisplayName" too.
|
From WG meeting @ May 28: We'll wait till next week's meeting when we can have a more direct discussion on the "best" path forward |
|
Question since I don't quite understand from conversation - is there a reason the UserEntity fields (language, direction and value) can't be encoded by the client into a single string behind the API using STRINGPREP, and decoded by the client when read? (theoretically read - I don't believe we expose displayName back into the API today) This would mean that we are using STRINGPREP internally only, otherwise banning its use on the web-facing API. This allows for improvements on a more arbitrary schedule to the backing CTAP and platform specifications. |
This addresses #1643:
New
languageanddirectionattributes onPublicKeyCredentialUserEntityseems like the most appropriate implementation of a "document-level field", since these are the only natural language string parameters we have. The new attributes won't work with currently existing CTAP authenticators, but their processing is specified as "best-effort" (at least that's the intent) so RPs should be aware that they might not work.The following tasks have been completed:
Implementation commitment:
Documentation and checks
Affects privacyAffects securityUpdated explainerPreview | Diff