Revert "[webauthn] Don't adjust timeout when testing"

This reverts commit 60d219b6. Reason for revert: breaks android downstream. https://logs.chromium.org/logs/chrome/buildbucket/cr-buildbucket.appspot.com/8886827242049965872/+/steps/compile/0/stdout Original change's description: > [webauthn] Don't adjust timeout when testing > > Move the timeout adjustment from blink to the browser and avoid > adjusting it if we detect a discovery factory override is in place. > > This change makes authenticator browser tests and WPTs 3X faster. > > Fixed: 976428 > Change-Id: Iaea88f356a6d090c14474151b29c04e912c471b8 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2079043 > Commit-Queue: Nina Satragno <nsatragno@chromium.org> > Reviewed-by: Ken Buchanan <kenrb@chromium.org> > Reviewed-by: Jared Saul <jsaul@google.com> > Cr-Commit-Position: refs/heads/master@{#746432} TBR=kenrb@chromium.org,nsatragno@chromium.org,jsaul@google.com Change-Id: Iab40100ead5acdbc6dc631461470314f9eafc815 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2083564Reviewed-by: Xing Liu <xingliu@chromium.org> Commit-Queue: Xing Liu <xingliu@chromium.org> Cr-Commit-Position: refs/heads/master@{#746445}

Revert "[webauthn] Don't adjust timeout when testing"
This reverts commit 60d219b6. Reason for revert: breaks android downstream. https://logs.chromium.org/logs/chrome/buildbucket/cr-buildbucket.appspot.com/8886827242049965872/+/steps/compile/0/stdout Original change's description: > [webauthn] Don't adjust timeout when testing > > Move the timeout adjustment from blink to the browser and avoid > adjusting it if we detect a discovery factory override is in place. > > This change makes authenticator browser tests and WPTs 3X faster. > > Fixed: 976428 > Change-Id: Iaea88f356a6d090c14474151b29c04e912c471b8 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2079043 > Commit-Queue: Nina Satragno <nsatragno@chromium.org> > Reviewed-by: Ken Buchanan <kenrb@chromium.org> > Reviewed-by: Jared Saul <jsaul@google.com> > Cr-Commit-Position: refs/heads/master@{#746432} TBR=kenrb@chromium.org,nsatragno@chromium.org,jsaul@google.com Change-Id: Iab40100ead5acdbc6dc631461470314f9eafc815 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2083564Reviewed-by: Xing Liu <xingliu@chromium.org> Commit-Queue: Xing Liu <xingliu@chromium.org> Cr-Commit-Position: refs/heads/master@{#746445}
924bccc5 · Xing Liu · Commit Bot · dc7e5427 · 924bccc5 · 924bccc5
Commit 924bccc5 authored Mar 03, 2020 by Xing Liu Committed by Commit Bot Mar 03, 2020
6 changed files
--- a/components/autofill/core/browser/payments/credit_card_fido_authenticator.cc
+++ b/components/autofill/core/browser/payments/credit_card_fido_authenticator.cc
@@ -528,7 +528,7 @@ CreditCardFIDOAuthenticator::ParseRequestOptions(
  const auto* timeout = request_options.FindKeyOfType(
      "timeout_millis", base::Value::Type::INTEGER);
-  options->timeout = base::TimeDelta::FromMilliseconds(
+  options->adjusted_timeout = base::TimeDelta::FromMilliseconds(
      timeout ? timeout->GetInt() : kWebAuthnTimeoutMs);
  options->user_verification = UserVerificationRequirement::kRequired;
@@ -595,7 +595,7 @@ CreditCardFIDOAuthenticator::ParseCreationOptions(
  const auto* timeout = creation_options.FindKeyOfType(
      "timeout_millis", base::Value::Type::INTEGER);
-  options->timeout = base::TimeDelta::FromMilliseconds(
+  options->adjusted_timeout = base::TimeDelta::FromMilliseconds(
      timeout ? timeout->GetInt() : kWebAuthnTimeoutMs);
  const auto* attestation =

--- a/content/browser/webauth/authenticator_common.cc
+++ b/content/browser/webauth/authenticator_common.cc
@@ -276,30 +276,6 @@ enum class AttestationErasureOption {
  kEraseAttestationAndAaguid,
 };
-base::TimeDelta AdjustTimeout(base::Optional<base::TimeDelta> timeout,
-                              RenderFrameHost* render_frame_host) {
-  // Time to wait for an authenticator to successfully complete an operation.
-  static constexpr base::TimeDelta kAdjustedTimeoutLower =
-      base::TimeDelta::FromSeconds(10);
-  static constexpr base::TimeDelta kAdjustedTimeoutUpper =
-      base::TimeDelta::FromMinutes(10);
-  if (!timeout)
-    return kAdjustedTimeoutUpper;
-  bool testing_api_enabled =
-      AuthenticatorEnvironmentImpl::GetInstance()->GetDiscoveryFactoryOverride(
-          static_cast<RenderFrameHostImpl*>(render_frame_host)
-              ->frame_tree_node());
-  if (testing_api_enabled) {
-    return *timeout;
-  }
-  return std::max(kAdjustedTimeoutLower,
-                  std::min(kAdjustedTimeoutUpper, *timeout));
-}
 blink::mojom::MakeCredentialAuthenticatorResponsePtr
 CreateMakeCredentialResponse(
    const std::string& client_data_json,
@@ -826,7 +802,7 @@ void AuthenticatorCommon::MakeCredential(
  make_credential_response_callback_ = std::move(callback);
  timer_->Start(
-      FROM_HERE, AdjustTimeout(options->timeout, render_frame_host_),
+      FROM_HERE, options->adjusted_timeout,
      base::BindOnce(&AuthenticatorCommon::OnTimeout, base::Unretained(this)));
  const bool origin_is_crypto_token_extension =
@@ -1010,7 +986,7 @@ void AuthenticatorCommon::GetAssertion(
  get_assertion_response_callback_ = std::move(callback);
  timer_->Start(
-      FROM_HERE, AdjustTimeout(options->timeout, render_frame_host_),
+      FROM_HERE, options->adjusted_timeout,
      base::BindOnce(&AuthenticatorCommon::OnTimeout, base::Unretained(this)));
  ctap_get_assertion_request_ = CreateCtapGetAssertionRequest(

--- a/content/browser/webauth/authenticator_impl_unittest.cc
+++ b/content/browser/webauth/authenticator_impl_unittest.cc
@@ -346,7 +346,7 @@ GetTestPublicKeyCredentialCreationOptions() {
  options->public_key_parameters =
      GetTestPublicKeyCredentialParameters(kCoseEs256);
  options->challenge.assign(32, 0x0A);
-  options->timeout = base::TimeDelta::FromMinutes(1);
+  options->adjusted_timeout = base::TimeDelta::FromMinutes(1);
  options->authenticator_selection = GetTestAuthenticatorSelectionCriteria();
  return options;
 }
@@ -356,7 +356,7 @@ GetTestPublicKeyCredentialRequestOptions() {
  auto options = PublicKeyCredentialRequestOptions::New();
  options->relying_party_id = std::string(kTestRelyingPartyId);
  options->challenge.assign(32, 0x0A);
-  options->timeout = base::TimeDelta::FromMinutes(1);
+  options->adjusted_timeout = base::TimeDelta::FromMinutes(1);
  options->user_verification = device::UserVerificationRequirement::kPreferred;
  options->allow_credentials = GetTestCredentials();
  return options;
@@ -2027,7 +2027,7 @@ class AuthenticatorContentBrowserClientTest : public AuthenticatorImplTest {
      PublicKeyCredentialCreationOptionsPtr options =
          GetTestPublicKeyCredentialCreationOptions();
      options->relying_party.id = "example.com";
-      options->timeout = base::TimeDelta::FromSeconds(1);
+      options->adjusted_timeout = base::TimeDelta::FromSeconds(1);
      options->attestation =
          ConvertAttestationConveyancePreference(test.attestation_requested);
      TestMakeCredentialCallback callback_receiver;
@@ -3771,7 +3771,7 @@ TEST_F(InternalUVAuthenticatorImplTest, MakeCredential) {
          !fingerprints_enrolled &&
          uv == device::UserVerificationRequirement::kRequired;
      if (should_timeout) {
-        options->timeout = base::TimeDelta::FromMilliseconds(100);
+        options->adjusted_timeout = base::TimeDelta::FromMilliseconds(100);
      }
      TestMakeCredentialCallback callback_receiver;
@@ -4093,7 +4093,7 @@ TEST_F(UVTokenAuthenticatorImplTest, MakeCredentialUVToken) {
          !fingerprints_enrolled &&
          uv == device::UserVerificationRequirement::kRequired;
      if (should_timeout) {
-        options->timeout = base::TimeDelta::FromMilliseconds(100);
+        options->adjusted_timeout = base::TimeDelta::FromMilliseconds(100);
      }
      TestMakeCredentialCallback callback_receiver;

--- a/content/browser/webauth/webauth_browsertest.cc
+++ b/content/browser/webauth/webauth_browsertest.cc
@@ -128,7 +128,7 @@ constexpr char kCreatePublicKeyTemplate[] =
    "    displayName: 'Avery A. Jones', "
    "    icon: '$8'},"
    "  pubKeyCredParams: [{ type: 'public-key', alg: '$4'}],"
-    "  timeout: _timeout_,"
+    "  timeout: 1000,"
    "  excludeCredentials: [],"
    "  authenticatorSelection: {"
    "     requireResidentKey: $1,"
@@ -150,7 +150,7 @@ constexpr char kCreatePublicKeyWithAbortSignalTemplate[] =
    "    displayName: 'Avery A. Jones', "
    "    icon: '$8'},"
    "  pubKeyCredParams: [{ type: 'public-key', alg: '$4'}],"
-    "  timeout: _timeout_,"
+    "  timeout: 1000,"
    "  excludeCredentials: [],"
    "  authenticatorSelection: {"
    "     requireResidentKey: $1,"
@@ -167,7 +167,6 @@ constexpr char kPlatform[] = "platform";
 constexpr char kCrossPlatform[] = "cross-platform";
 constexpr char kPreferredVerification[] = "preferred";
 constexpr char kRequiredVerification[] = "required";
-constexpr char kShortTimeout[] = "100";
 // Default values for kCreatePublicKeyTemplate.
 struct CreateParameters {
@@ -184,7 +183,6 @@ struct CreateParameters {
  // It can use the |PublicKeyCredential| object named |c| to extract useful
  // fields.
  const char* extra_ok_output = "''";
-  const char* timeout = "1000";
 };
 std::string BuildCreateCallWithParameters(const CreateParameters& parameters) {
@@ -198,26 +196,20 @@ std::string BuildCreateCallWithParameters(const CreateParameters& parameters) {
  substitutions.push_back(parameters.rp_icon);
  substitutions.push_back(parameters.user_icon);
-  std::string result;
  if (strlen(parameters.signal) == 0) {
    substitutions.push_back(parameters.extra_ok_output);
-    result = base::ReplaceStringPlaceholders(kCreatePublicKeyTemplate,
+    return base::ReplaceStringPlaceholders(kCreatePublicKeyTemplate,
-                                             substitutions, nullptr);
+                                           substitutions, nullptr);
-  } else {
-    substitutions.push_back(parameters.signal);
-    result = base::ReplaceStringPlaceholders(
-        kCreatePublicKeyWithAbortSignalTemplate, substitutions, nullptr);
  }
+  substitutions.push_back(parameters.signal);
-  base::ReplaceFirstSubstringAfterOffset(&result, 0, "_timeout_",
+  return base::ReplaceStringPlaceholders(
-                                         parameters.timeout);
+      kCreatePublicKeyWithAbortSignalTemplate, substitutions, nullptr);
-  return result;
 }
 constexpr char kGetPublicKeyTemplate[] =
    "navigator.credentials.get({ publicKey: {"
    "  challenge: new TextEncoder().encode('climb a mountain'),"
-    "  timeout: $4,"
+    "  timeout: 1000,"
    "  userVerification: '$1',"
    "  $2}"
    "}).then(c => window.domAutomationController.send('webauth: OK' + $3),"
@@ -227,10 +219,10 @@ constexpr char kGetPublicKeyTemplate[] =
 constexpr char kGetPublicKeyWithAbortSignalTemplate[] =
    "navigator.credentials.get({ publicKey: {"
    "  challenge: new TextEncoder().encode('climb a mountain'),"
-    "  timeout: $4,"
+    "  timeout: 1000,"
    "  userVerification: '$1',"
    "  $2},"
-    "  signal: $5"
+    "  signal: $4"
    "}).catch(c => window.domAutomationController.send("
    "                  'webauth: ' + c.toString()));";
@@ -242,7 +234,6 @@ struct GetParameters {
      "     id: new TextEncoder().encode('allowedCredential'),"
      "     transports: ['usb', 'nfc', 'ble']}]";
  const char* signal = "";
-  const char* timeout = "1000";
  // extra_ok_output is a Javascript expression which must evaluate to a string.
  // It can use the |PublicKeyCredential| object named |c| to extract useful
  // fields.
@@ -254,7 +245,6 @@ std::string BuildGetCallWithParameters(const GetParameters& parameters) {
  substitutions.push_back(parameters.user_verification);
  substitutions.push_back(parameters.allow_credentials);
  substitutions.push_back(parameters.extra_ok_output);
-  substitutions.push_back(parameters.timeout);
  if (strlen(parameters.signal) == 0) {
    return base::ReplaceStringPlaceholders(kGetPublicKeyTemplate, substitutions,
                                           nullptr);
@@ -868,7 +858,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
    CreateParameters parameters;
    parameters.user_verification = kRequiredVerification;
-    parameters.timeout = kShortTimeout;
    std::string result;
    ASSERT_TRUE(content::ExecuteScriptAndExtractString(
        shell()->web_contents()->GetMainFrame(),
@@ -906,7 +895,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
    CreateParameters parameters;
    parameters.algorithm_identifier = "123";
-    parameters.timeout = kShortTimeout;
    std::string result;
    ASSERT_TRUE(content::ExecuteScriptAndExtractString(
        shell()->web_contents()->GetMainFrame(),
@@ -926,7 +914,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
    CreateParameters parameters;
    parameters.authenticator_attachment = kPlatform;
-    parameters.timeout = kShortTimeout;
    std::string result;
    ASSERT_TRUE(content::ExecuteScriptAndExtractString(
        shell()->web_contents()->GetMainFrame(),
@@ -1028,7 +1015,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
      "  id: new TextEncoder().encode('allowedCredential'),"
      "  transports: ['carrierpigeon'],"
      "}]";
-  parameters.timeout = kShortTimeout;
  std::string result;
  ASSERT_TRUE(content::ExecuteScriptAndExtractString(
      shell()->web_contents()->GetMainFrame(),

--- a/third_party/blink/public/mojom/webauthn/authenticator.mojom
+++ b/third_party/blink/public/mojom/webauthn/authenticator.mojom
@@ -210,9 +210,9 @@ struct PublicKeyCredentialRequestOptions {
  // to be sent to an authenticator for signing.
  array<uint8> challenge;
-  // Time to wait for an authenticator to complete an operation provided by the
+  // Time to wait for an authenticator to complete an operation.
-  // relying party.
+  // Adjusted to fall within a client-defined range.
-  mojo_base.mojom.TimeDelta? timeout;
+  mojo_base.mojom.TimeDelta adjusted_timeout;
  // An ASCII serialization of the origin claimed by the relying party.
  string relying_party_id;
@@ -299,9 +299,9 @@ struct PublicKeyCredentialCreationOptions {
  // party would accept.
  array<PublicKeyCredentialParameters> public_key_parameters;
-  // Time to wait for an authenticator to complete an operation provided by the
+  // Time to wait for an authenticator to complete an operation.
-  // relying party.
+  // Adjusted to fall within a client-defined range.
-  mojo_base.mojom.TimeDelta? timeout;
+  mojo_base.mojom.TimeDelta adjusted_timeout;
  // A list of credentials the relying party knows about. If an
  // authenticator has one of these credentials, it should not

--- a/third_party/blink/renderer/modules/credentialmanager/credential_manager_type_converters.cc
+++ b/third_party/blink/renderer/modules/credentialmanager/credential_manager_type_converters.cc
@@ -25,6 +25,21 @@
 #include "third_party/blink/renderer/modules/credentialmanager/password_credential.h"
 #include "third_party/blink/renderer/modules/credentialmanager/public_key_credential.h"
+namespace {
+// Time to wait for an authenticator to successfully complete an operation.
+constexpr base::TimeDelta kAdjustedTimeoutLower =
+    base::TimeDelta::FromSeconds(10);
+constexpr base::TimeDelta kAdjustedTimeoutUpper =
+    base::TimeDelta::FromMinutes(10);
+base::TimeDelta AdjustTimeout(uint32_t timeout) {
+  base::TimeDelta adjusted_timeout;
+  adjusted_timeout = base::TimeDelta::FromMilliseconds(timeout);
+  return std::max(kAdjustedTimeoutLower,
+                  std::min(kAdjustedTimeoutUpper, adjusted_timeout));
+}
+}  // namespace
 namespace mojo {
 using blink::mojom::blink::AttestationConveyancePreference;
@@ -393,8 +408,9 @@ TypeConverter<PublicKeyCredentialCreationOptionsPtr,
  // Step 4 of https://w3c.github.io/webauthn/#createCredential
  if (options->hasTimeout()) {
-    mojo_options->timeout =
+    mojo_options->adjusted_timeout = AdjustTimeout(options->timeout());
-        base::TimeDelta::FromMilliseconds(options->timeout());
+  } else {
+    mojo_options->adjusted_timeout = kAdjustedTimeoutUpper;
  }
  // Steps 8 and 9 of
@@ -536,8 +552,9 @@ TypeConverter<PublicKeyCredentialRequestOptionsPtr,
  mojo_options->challenge = ConvertTo<Vector<uint8_t>>(options->challenge());
  if (options->hasTimeout()) {
-    mojo_options->timeout =
+    mojo_options->adjusted_timeout = AdjustTimeout(options->timeout());
-        base::TimeDelta::FromMilliseconds(options->timeout());
+  } else {
+    mojo_options->adjusted_timeout = kAdjustedTimeoutUpper;
  }
  mojo_options->relying_party_id = options->rpId();