Launchpad has imported 18 comments from the remote bug at https://bugs.webkit.org/show_bug.cgi?id=143491.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2015-04-07T18:39:36+00:00 Ry5n wrote: The FIDO Universal Second Factor (U2F) protocol is an open specification that was recently finalized. The FINAL spec can be downloaded here: https://fidoalliance.org/specs/fido-u2f-v1.0-ps-20141009.zip Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/0 ------------------------------------------------------------------------ On 2016-05-19T18:49:02+00:00 E-alice wrote: Created attachment 279408 U2F request flow diagram. U2F is beginning to see more wide-spread deployment, with Github being one notable example site that utilizes it. Currently, Chrome integrates support, but lower-level integration in WebKit would broadly increase the potential user base. There exists a cross-platform (Windows, Linux, Mac OS X) C reference implementation, https://developers.yubico.com/libu2f-host/, supported by a manufacturer (Yubico) of U2F-compliant tokens. They also provide a test server for interactive experimentation (https://demo.yubico.com/u2f), reference server integration implementation, and cURL-able test endpoints. This client (device host) reference implementation depends on: pkg- config, JSON-C, and HIDAPI for USB communication. I very strongly desire U2F support both for my own site use, as well as for token-secured access to Github. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/1 ------------------------------------------------------------------------ On 2017-02-17T05:23:32+00:00 Ysuzuki-z wrote: What is the difference from the Web Authentication[1,2]? [1]: https://github.com/w3c/webauthn [2]: https://w3c.github.io/webauthn/ Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/2 ------------------------------------------------------------------------ On 2018-01-22T21:28:13+00:00 Jiewen-tan wrote: (In reply to Yusuke Suzuki from comment #2) > What is the difference from the Web Authentication[1,2]? > > [1]: https://github.com/w3c/webauthn > [2]: https://w3c.github.io/webauthn/ WebAuthN is effectively FIDO 2.0. See Bug 181943 for status update regarding to WebAuthN. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/7 ------------------------------------------------------------------------ On 2018-05-26T19:28:37+00:00 John+webkit wrote: Does the work on WebAuthN contain FIDO 1.0 support as well? If not, this ticket is probably still valid on it's own. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/8 ------------------------------------------------------------------------ On 2018-10-29T07:20:48+00:00 Dwaite-b wrote: FWIW, Edge has no intention to support U2F and only support WebAuthn. The U2F JavaScript API unfortunately doesn't fully document how to get access to the objects needed to use the MessagePort and u2f interface API. U2F supports CTAP1 devices, while WebAuthn supports CTAP1 and CTAP2 devices. There is an extension for WebAuthn to work with existing U2F registrations (such as those created via another browser, or the Safari App Extension) with the new API, so that users can still authenticate when a site upgrades from using the U2F to WebAuthn javascript interfaces. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/9 ------------------------------------------------------------------------ On 2018-10-29T18:06:14+00:00 Jiewen-tan wrote: (In reply to john+webkit from comment #4) > Does the work on WebAuthN contain FIDO 1.0 support as well? If not, this > ticket is probably still valid on it's own. WebAuthN will support CTAP1/U2F devices. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/10 ------------------------------------------------------------------------ On 2018-10-29T18:08:50+00:00 Jiewen-tan wrote: (In reply to David Waite from comment #5) > FWIW, Edge has no intention to support U2F and only support WebAuthn. > > The U2F JavaScript API unfortunately doesn't fully document how to get > access to the objects needed to use the MessagePort and u2f interface API. > > U2F supports CTAP1 devices, while WebAuthn supports CTAP1 and CTAP2 devices. > > There is an extension for WebAuthn to work with existing U2F registrations > (such as those created via another browser, or the Safari App Extension) > with the new API, so that users can still authenticate when a site upgrades > from using the U2F to WebAuthn javascript interfaces. Same as WebKit. I will leave this bug alone and re-scope it as [WebAuthN] Implement FIDO U2F extension. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/11 ------------------------------------------------------------------------ On 2019-02-22T01:53:42+00:00 Webkit-bug-importer wrote: <rdar://problem/48298273> Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/12 ------------------------------------------------------------------------ On 2019-03-19T22:48:01+00:00 Jiewen-tan wrote: Created attachment 365249 Patch Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/13 ------------------------------------------------------------------------ On 2019-03-19T23:29:50+00:00 Jiewen-tan wrote: Created attachment 365256 Patch Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/14 ------------------------------------------------------------------------ On 2019-03-19T23:45:16+00:00 Jiewen-tan wrote: Comment on attachment 365256 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=365256&action=review > Source/WebCore/ChangeLog:11 > + do in practice to avoid some unncessary steps of unnecessary > Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.h:65 > +WEBCORE_EXPORT Optional<Vector<uint8_t>> convertToU2fSignCommand(const > Vector<uint8_t>& clientDataHash, const > WebCore::PublicKeyCredentialRequestOptions&, const Vector<uint8_t>& > keyHandle, bool isAppId = false); I should explain the change in the ChangeLog: the checkOnly flag is never used and therefore is deleted. > LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https.html:19 > + assert_not_exists(credential.getClientExtensionResults()); assert_not_exists(credential.getClientExtensionResults(), "appid"); > LayoutTests/http/wpt/webauthn/public-key-credential-create-success-local.https.html:33 > + assert_not_exists(credential.getClientExtensionResults()); Ditto. > LayoutTests/http/wpt/webauthn/public-key-credential-create-success-u2f.https.html:15 > + assert_not_exists(credential.getClientExtensionResults()); Ditto. > LayoutTests/http/wpt/webauthn/public-key-credential-get-success-local.https.html:36 > + > assert_not_exists(credential.getClientExtensionResults()); Ditto. > LayoutTests/http/wpt/webauthn/public-key-credential-get-success-u2f.https.html:18 > + assert_not_exists(credential.getClientExtensionResults()); Ditto. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/15 ------------------------------------------------------------------------ On 2019-03-19T23:57:52+00:00 Jiewen-tan wrote: Comment on attachment 365256 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=365256&action=review > Source/WebCore/ChangeLog:15 > + Need to add the new IDL file to MakeLists.txt to make GTK+ happy. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/16 ------------------------------------------------------------------------ On 2019-03-20T00:37:23+00:00 Bfulgham-b wrote: Comment on attachment 365256 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=365256&action=review Nice work getting this together. r=me with the changes suggested, and assuming tests pass when you are done. >> Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.h:65 >> +WEBCORE_EXPORT Optional<Vector<uint8_t>> convertToU2fSignCommand(const >> Vector<uint8_t>& clientDataHash, const >> WebCore::PublicKeyCredentialRequestOptions&, const Vector<uint8_t>& >> keyHandle, bool isAppId = false); > > I should explain the change in the ChangeLog: the checkOnly flag is never > used and therefore is deleted. Yes -- I got confused when I looked at the implementation, until I saw this note! :-) > Source/WebKit/UIProcess/WebAuthentication/fido/U2fHidAuthenticator.cpp:214 > + response->appid = true; Could this be: response->appid = m_isAppId; Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/17 ------------------------------------------------------------------------ On 2019-03-20T01:01:49+00:00 Jiewen-tan wrote: Comment on attachment 365256 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=365256&action=review Thanks Brent for r+ this patch. >> Source/WebKit/UIProcess/WebAuthentication/fido/U2fHidAuthenticator.cpp:214 >> + response->appid = true; > > Could this be: > > response->appid = m_isAppId; Sure. Fixed. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/18 ------------------------------------------------------------------------ On 2019-03-20T04:53:30+00:00 Jiewen-tan wrote: Created attachment 365306 Patch for Landing Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/19 ------------------------------------------------------------------------ On 2019-03-20T05:44:16+00:00 Jiewen-tan wrote: Comment on attachment 365306 Patch for Landing cq+ since GTK+ bots are happy. Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/20 ------------------------------------------------------------------------ On 2019-03-20T06:12:03+00:00 Commit-queue wrote: Comment on attachment 365306 Patch for Landing Clearing flags on attachment: 365306 Committed r243193: <https://trac.webkit.org/changeset/243193> Reply at: https://bugs.launchpad.net/ubuntu/+source/gnome-online- accounts/+bug/1733002/comments/21 ** Changed in: webkit Status: Unknown => Fix Released ** Changed in: webkit Importance: Unknown => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1733002 Title: Google Online Account Two Factor with hardware key fails immediately Status in gnome-online-accounts: Unknown Status in Webkit: Fix Released Status in gnome-online-accounts package in Ubuntu: Triaged Bug description: The hardware key authentication two factor fails immediately with a web based retry dialogue when connecting a Google account to the online accounts in settings using a hardware key second factor. Steps to reproduce: 1. Set Google Account to default to a hardware security key like a Yubikey or other FIDO standard key after having two factor authentication enabled on your Google Account. 2. Open Online accounts 3. Add a Google Account 4. Enter google email address 5. Enter google password 6. (this is the login flow of two factor, if default is the hardware key the error should appear). Work around: Choose use another method to authenticate: enter the authentication code and you will proceed. Expectations were: The ability to use the hardware key to authenticate as the second factor. ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: gnome-control-center 1:3.26.1-0ubuntu5 ProcVersionSignature: Ubuntu 4.13.0-16.19-lowlatency 4.13.4 Uname: Linux 4.13.0-16-lowlatency x86_64 NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia ApportVersion: 2.20.7-0ubuntu3.4 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Fri Nov 17 16:01:11 2017 EcryptfsInUse: Yes ExecutablePath: /usr/bin/gnome-control-center ProcEnviron: XDG_RUNTIME_DIR=<set> SHELL=/bin/bash PATH=(custom, user) LANG=en_US.UTF-8 SourcePackage: gnome-control-center UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-online-accounts/+bug/1733002/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
