Adjust WebAuthn WebDriver API to match the spec

Now that the WebAuthn WebDriver API has landed on the spec [1], update
the implementation to match it closely:

* Add isUserVerified flag to AddVirtualAuthenticator
* hasResidentKey and hasUserVerification are optional and default to
  false.

[1] https://w3c.github.io/webauthn/#sctn-automation-add-virtual-authenticator

Bug: 922572
Change-Id: I884988c15e4a46ab5aad2395c76dca284386dc7e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1837477Reviewed-by: Andrey Kosyakov <caseq@chromium.org>
Reviewed-by: John Chen <johnchen@chromium.org>
Commit-Queue: Nina Satragno <nsatragno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#702469}

chrome/test/chromedriver/client/chromedriver.py

@@ -628,7 +628,7 @@ class ChromeDriver(object):
 
   def AddVirtualAuthenticator(self, protocol=None, transport=None,
                               hasResidentKey=None, hasUserVerification=None,
-                              isUserVerified=None):
+                              isUserConsenting=None, isUserVerified=None):
     options = {}
     if protocol is not None:
       options['protocol'] = protocol
@@ -638,6 +638,8 @@ class ChromeDriver(object):
       options['hasResidentKey'] = hasResidentKey
     if hasUserVerification is not None:
       options['hasUserVerification'] = hasUserVerification
+    if isUserConsenting is not None:
+      options['isUserConsenting'] = isUserConsenting
     if isUserVerified is not None:
       options['isUserVerified'] = isUserVerified
 

chrome/test/chromedriver/server/http_handler.cc

@@ -745,8 +745,7 @@ HttpHandler::HttpHandler(
                         base::BindRepeating(&ExecuteSetNetworkConnection))),
 
       // Extension for WebAuthn API:
-      // TODO(nsatragno): Update the link to the official spec once it lands.
-      // https://github.com/w3c/webauthn/pull/1256
+      // https://w3c.github.io/webauthn/#sctn-automation
       CommandMapping(kPost, "session/:sessionId/webauthn/authenticator",
                      WrapToCommand("AddVirtualAuthenticator",
                                    base::BindRepeating(
@@ -760,7 +759,6 @@ HttpHandler::HttpHandler(
               base::BindRepeating(
                   &ExecuteWebAuthnCommand,
                   base::BindRepeating(&ExecuteRemoveVirtualAuthenticator)))),
-
       CommandMapping(
           kPost,
           "session/:sessionId/webauthn/authenticator/:authenticatorId/"
@@ -801,6 +799,7 @@ HttpHandler::HttpHandler(
                         base::BindRepeating(
                             &ExecuteWebAuthnCommand,
                             base::BindRepeating(&ExecuteSetUserVerified)))),
+
       // Extension for Permissions Standard Automation "set permission" command:
       // https://w3c.github.io/permissions/#set-permission-command
       CommandMapping(kPost, "session/:sessionId/permissions",

chrome/test/chromedriver/test/run_py_tests.py

@@ -2394,6 +2394,23 @@ class ChromeDriverSecureContextTest(ChromeDriverBaseTestWithWebServer):
         transport = 'usb',
         hasResidentKey = False,
         hasUserVerification = False,
+        isUserConsenting = True,
+        isUserVerified = True,
+    )
+    result = self._driver.ExecuteAsyncScript(script)
+    self.assertEquals('OK', result['status'])
+    self.assertEquals(['usb'], result['credential']['transports'])
+
+  def testAddVirtualAuthenticatorDefaultParams(self):
+    script = """
+      let done = arguments[0];
+      registerCredential().then(done);
+    """
+    self._driver.Load(self.GetHttpsUrlForFile(
+        '/chromedriver/webauthn_test.html', 'chromedriver.test'))
+    self._driver.AddVirtualAuthenticator(
+        protocol = 'ctap2',
+        transport = 'usb',
     )
     result = self._driver.ExecuteAsyncScript(script)
     self.assertEquals('OK', result['status'])
@@ -2501,6 +2518,7 @@ class ChromeDriverSecureContextTest(ChromeDriverBaseTestWithWebServer):
         transport = 'usb',
         hasResidentKey = True,
         hasUserVerification = True,
+        isUserVerified = True,
     )['authenticatorId']
 
     # Register a credential via the webauthn API.
@@ -2529,8 +2547,6 @@ class ChromeDriverSecureContextTest(ChromeDriverBaseTestWithWebServer):
     authenticatorId = self._driver.AddVirtualAuthenticator(
         protocol = 'ctap2',
         transport = 'usb',
-        hasResidentKey = True,
-        hasUserVerification = True,
     )['authenticatorId']
 
     # Register two credentials.
@@ -2562,8 +2578,6 @@ class ChromeDriverSecureContextTest(ChromeDriverBaseTestWithWebServer):
     authenticatorId = self._driver.AddVirtualAuthenticator(
         protocol = 'ctap2',
         transport = 'usb',
-        hasResidentKey = True,
-        hasUserVerification = True,
     )['authenticatorId']
 
     # Register a credential via the webauthn API.

chrome/test/chromedriver/webauthn_commands.cc

@@ -110,7 +110,8 @@ Status ExecuteAddVirtualAuthenticator(WebView* web_view,
               {"options.transport", "transport"},
               {"options.hasResidentKey", "hasResidentKey"},
               {"options.hasUserVerification", "hasUserVerification"},
-              {"options.automaticPresenceSimulation", "isUserVerified"},
+              {"options.automaticPresenceSimulation", "isUserConsenting"},
+              {"options.isUserVerified", "isUserVerified"},
           },
           params),
       value);

content/browser/devtools/protocol/webauthn_handler.cc

@@ -152,12 +152,15 @@ Response WebAuthnHandler::AddVirtualAuthenticator(
       transport == device::FidoTransportProtocol::kInternal
           ? device::AuthenticatorAttachment::kPlatform
           : device::AuthenticatorAttachment::kCrossPlatform,
-      options->GetHasResidentKey(), options->GetHasUserVerification());
+      options->GetHasResidentKey(false /* default */),
+      options->GetHasUserVerification(false /* default */));
   if (!authenticator)
     return Response::Error(kErrorCreatingAuthenticator);
 
   authenticator->SetUserPresence(
       options->GetAutomaticPresenceSimulation(true /* default */));
+  authenticator->set_user_verified(
+      options->GetIsUserVerified(false /* default */));
 
   *out_authenticator_id = authenticator->unique_id();
   return Response::OK();

third_party/blink/renderer/core/inspector/browser_protocol.pdl

@@ -7307,11 +7307,16 @@ experimental domain WebAuthn
     properties
       AuthenticatorProtocol protocol
       AuthenticatorTransport transport
-      boolean hasResidentKey
-      boolean hasUserVerification
+      # Defaults to false.
+      optional boolean hasResidentKey
+      # Defaults to false.
+      optional boolean hasUserVerification
       # If set to true, tests of user presence will succeed immediately.
       # Otherwise, they will not be resolved. Defaults to true.
       optional boolean automaticPresenceSimulation
+      # Sets whether User Verification succeeds or fails for an authenticator.
+      # Defaults to false.
+      optional boolean isUserVerified
 
   type Credential extends object
     properties

third_party/blink/web_tests/http/tests/inspector-protocol/webauthn/webauthn-get-credential.js

@@ -11,6 +11,7 @@
       transport: "usb",
       hasResidentKey: true,
       hasUserVerification: true,
+      isUserVerified: true,
     },
   })).result.authenticatorId;
 

third_party/blink/web_tests/http/tests/inspector-protocol/webauthn/webauthn-get-credentials.js

@@ -11,6 +11,7 @@
       transport: "usb",
       hasResidentKey: true,
       hasUserVerification: true,
+      isUserVerified: true,
     },
   })).result.authenticatorId;