Closed mdedonno1337 closed 5 years ago
Thanks for making the changes I requested and explaining your thinking behind some of the others! If you could just change the line that checks if user_verification
is None
to this then I'm good to merge:
if user_verification is not None:
Thanks again!
With the Windows update 1903, the behaviour seems different... With old versions of Windows, I was able to use my keys without any PIN. Since the update, the protocol used seems to be FIDO2 instead of FIDO-U2F, breaking some of my codes. After investigation, the
WebAuthnMakeCredentialOptions.registration_dict
property did not contain theauthenticatorSelection->userVerification
field (https://www.w3.org/TR/webauthn/#userVerificationRequirement).This option allow the server to enforce or not the creation of a PIN (actual Windows behaviour) on the client-side, "e.g., in the interest of minimizing disruption to the user interaction flow" as mentionned in the W3C webauthn Recommendation linked.
This commit should not be api breaking, and the default behaviour is the same as without the commit.