diff options
Diffstat (limited to 'dom/webauthn')
| -rw-r--r-- | dom/webauthn/MacOSWebAuthnService.mm | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/dom/webauthn/MacOSWebAuthnService.mm b/dom/webauthn/MacOSWebAuthnService.mm index fc08ee1a48..24fad770c8 100644 --- a/dom/webauthn/MacOSWebAuthnService.mm +++ b/dom/webauthn/MacOSWebAuthnService.mm @@ -941,6 +941,17 @@ void MacOSWebAuthnService::DoGetAssertion( Unused << aArgs->GetAllowList(allowList); Unused << aArgs->GetAllowListTransports(allowListTransports); } + // Compute the union of the transport sets. + uint8_t transports = 0; + for (uint8_t credTransports : allowListTransports) { + if (credTransports == 0) { + // treat the empty transport set as "all transports". + transports = ~0; + break; + } + transports |= credTransports; + } + NSMutableArray* platformAllowedCredentials = [[NSMutableArray alloc] init]; for (const auto& allowedCredentialId : allowList) { @@ -999,6 +1010,15 @@ void MacOSWebAuthnService::DoGetAssertion( platformAssertionRequest.userVerificationPreference = *userVerificationPreference; } + if (__builtin_available(macos 13.5, *)) { + // Show the hybrid transport option if (1) we have no transport hints + // or (2) at least one allow list entry lists the hybrid transport. + bool shouldShowHybridTransport = + !transports || + (transports & MOZ_WEBAUTHN_AUTHENTICATOR_TRANSPORT_ID_HYBRID); + platformAssertionRequest.shouldShowHybridTransport = + shouldShowHybridTransport; + } // Initialize the cross-platform provider with the rpId. ASAuthorizationSecurityKeyPublicKeyCredentialProvider* |