emlun
commented
2 months ago I reckon this is inherited from the JavaScript-to-WebIDL language bindings? See for example the conversion routine for dictionary types (which include PublicKeyCredentialCreationOptions and PublicKeyCredentialRequestOptions):
3.2.17. Dictionary types [...] A JavaScript value jsDict is converted to an IDL dictionary type value by running the following algorithm (where D is the dictionary type):
- If Type(jsDict) is not Undefined, Null or Object, then throw a
TypeError. [...] 4.1.3.1. Let idlMemberValue be the result of converting jsMemberValue to an IDL value whose type is the type member is declared to be of. [...] 4.1.5. Otherwise, if jsMemberValue is undefined and member is required, then throw aTypeError.
We don't explicitly state in the WebAuthn spec that this conversion must occur, but it clearly must since the API is defined in WebIDL and the actual implementation is exposed in JavaScript. See also:
§3.2. JavaScript type mapping [...] [...] For each IDL type, it is described how JavaScript values are converted to an IDL value when passed to a platform object expecting that type, [...]
§2.12. Objects implementing interfaces [...] Platform objects are objects that implement an interface.
...which would for example include the PublicKeyCredential interface.
I'm in favour of #2047 mentioning that TypeError is one of the errors RPs may expect, but I don't think WebAuthn needs to explicitly define how these particular TypeErrors should be thrown - I figure that should be handled by WebIDL already.
MasterKale
Proposed Change
@nsatragno called out a couple weeks back that it's odd there's no definition of a
TypeErrorbeing raised from a call to.get()when theoptionsvalue is invalid:https://github.com/w3c/webauthn/pull/2047#discussion_r1655429301
We should address this after merging #2047.