Open Progdrasil opened 1 month ago
Wouldn't this be against the spec?
Yes, however the operation should not fail if UV was not performed and the preference is "preferred". In practice its also been interpreted as "up to the client".
The thing is, I personally think this enum should have been passed to the authenticator directly and let the authenticator decide. I could have done that in this library but decided to follow CTAP which sets this as a boolean.
I personally think this enum should have been passed to the authenticator directly and let the authenticator decide
That's exactly how we've implemented it, we're setting aside value before calling the client and then use it in a wrapper around our own UserValidationMethod
As a way to keep CTAP interface compatibility, we could implement this as an authenticator extension. We'll be bringing PRs soon adding extension infrastructure
_Originally posted by @Progdrasil in https://github.com/1Password/passkey-rs/pull/22#discussion_r1633616876_