search

w3c / webauthn

Web Authentication: An API for accessing Public Key Credentials
https://w3c.github.io/webauthn/
Other
1.19k stars 172 forks source link

Add new error codes #2095

Open MasterKale opened 4 months ago

MasterKale commented 4 months ago

This PR proposes new error codes to be raised across various WebAuthn interactions. There is an assumption that the user has meaningfully interacted with some part of the ceremony to consent to informing RP's why the ceremony failed.

Fixes #2096.

An explainer is available here: https://github.com/w3c/webauthn/wiki/Explainer:-New-Error-Codes-(2024-Edition)

Note: This PR is targeting #2047 and should not be merged until that PR has been merged.

Preview | Diff

MasterKale commented 2 months ago

I'm inclined to break this PR up to try and get some of the less contentious new error codes into L3 before the upcoming deadline (which those are, I'll try and identify before today's WG meeting.)

MasterKale commented 2 months ago

I've taken HybridPrerequisitesError and UserHybridCancellationError out of the running for now for sake of pursuing incremental improvement in WebAuthn's error messages instead.