Revert "[webauthn] Don't adjust timeout when testing"

This reverts commit 60d219b6.

Reason for revert: breaks android downstream.
https://logs.chromium.org/logs/chrome/buildbucket/cr-buildbucket.appspot.com/8886827242049965872/+/steps/compile/0/stdout


Original change's description:
> [webauthn] Don't adjust timeout when testing
> 
> Move the timeout adjustment from blink to the browser and avoid
> adjusting it if we detect a discovery factory override is in place.
> 
> This change makes authenticator browser tests and WPTs 3X faster.
> 
> Fixed: 976428
> Change-Id: Iaea88f356a6d090c14474151b29c04e912c471b8
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2079043
> Commit-Queue: Nina Satragno <nsatragno@chromium.org>
> Reviewed-by: Ken Buchanan <kenrb@chromium.org>
> Reviewed-by: Jared Saul <jsaul@google.com>
> Cr-Commit-Position: refs/heads/master@{#746432}

TBR=kenrb@chromium.org,nsatragno@chromium.org,jsaul@google.com

Change-Id: Iab40100ead5acdbc6dc631461470314f9eafc815
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2083564Reviewed-by: Xing Liu <xingliu@chromium.org>
Commit-Queue: Xing Liu <xingliu@chromium.org>
Cr-Commit-Position: refs/heads/master@{#746445}

components/autofill/core/browser/payments/credit_card_fido_authenticator.cc

@@ -528,7 +528,7 @@ CreditCardFIDOAuthenticator::ParseRequestOptions(
 
   const auto* timeout = request_options.FindKeyOfType(
       "timeout_millis", base::Value::Type::INTEGER);
-  options->timeout = base::TimeDelta::FromMilliseconds(
+  options->adjusted_timeout = base::TimeDelta::FromMilliseconds(
       timeout ? timeout->GetInt() : kWebAuthnTimeoutMs);
 
   options->user_verification = UserVerificationRequirement::kRequired;
@@ -595,7 +595,7 @@ CreditCardFIDOAuthenticator::ParseCreationOptions(
 
   const auto* timeout = creation_options.FindKeyOfType(
       "timeout_millis", base::Value::Type::INTEGER);
-  options->timeout = base::TimeDelta::FromMilliseconds(
+  options->adjusted_timeout = base::TimeDelta::FromMilliseconds(
       timeout ? timeout->GetInt() : kWebAuthnTimeoutMs);
 
   const auto* attestation =

content/browser/webauth/authenticator_common.cc

@@ -276,30 +276,6 @@ enum class AttestationErasureOption {
   kEraseAttestationAndAaguid,
 };
 
-base::TimeDelta AdjustTimeout(base::Optional<base::TimeDelta> timeout,
-                              RenderFrameHost* render_frame_host) {
-  // Time to wait for an authenticator to successfully complete an operation.
-  static constexpr base::TimeDelta kAdjustedTimeoutLower =
-      base::TimeDelta::FromSeconds(10);
-  static constexpr base::TimeDelta kAdjustedTimeoutUpper =
-      base::TimeDelta::FromMinutes(10);
-
-  if (!timeout)
-    return kAdjustedTimeoutUpper;
-
-  bool testing_api_enabled =
-      AuthenticatorEnvironmentImpl::GetInstance()->GetDiscoveryFactoryOverride(
-          static_cast<RenderFrameHostImpl*>(render_frame_host)
-              ->frame_tree_node());
-
-  if (testing_api_enabled) {
-    return *timeout;
-  }
-
-  return std::max(kAdjustedTimeoutLower,
-                  std::min(kAdjustedTimeoutUpper, *timeout));
-}
-
 blink::mojom::MakeCredentialAuthenticatorResponsePtr
 CreateMakeCredentialResponse(
     const std::string& client_data_json,
@@ -826,7 +802,7 @@ void AuthenticatorCommon::MakeCredential(
   make_credential_response_callback_ = std::move(callback);
 
   timer_->Start(
-      FROM_HERE, AdjustTimeout(options->timeout, render_frame_host_),
+      FROM_HERE, options->adjusted_timeout,
       base::BindOnce(&AuthenticatorCommon::OnTimeout, base::Unretained(this)));
 
   const bool origin_is_crypto_token_extension =
@@ -1010,7 +986,7 @@ void AuthenticatorCommon::GetAssertion(
   get_assertion_response_callback_ = std::move(callback);
 
   timer_->Start(
-      FROM_HERE, AdjustTimeout(options->timeout, render_frame_host_),
+      FROM_HERE, options->adjusted_timeout,
       base::BindOnce(&AuthenticatorCommon::OnTimeout, base::Unretained(this)));
 
   ctap_get_assertion_request_ = CreateCtapGetAssertionRequest(

content/browser/webauth/authenticator_impl_unittest.cc

@@ -346,7 +346,7 @@ GetTestPublicKeyCredentialCreationOptions() {
   options->public_key_parameters =
       GetTestPublicKeyCredentialParameters(kCoseEs256);
   options->challenge.assign(32, 0x0A);
-  options->timeout = base::TimeDelta::FromMinutes(1);
+  options->adjusted_timeout = base::TimeDelta::FromMinutes(1);
   options->authenticator_selection = GetTestAuthenticatorSelectionCriteria();
   return options;
 }
@@ -356,7 +356,7 @@ GetTestPublicKeyCredentialRequestOptions() {
   auto options = PublicKeyCredentialRequestOptions::New();
   options->relying_party_id = std::string(kTestRelyingPartyId);
   options->challenge.assign(32, 0x0A);
-  options->timeout = base::TimeDelta::FromMinutes(1);
+  options->adjusted_timeout = base::TimeDelta::FromMinutes(1);
   options->user_verification = device::UserVerificationRequirement::kPreferred;
   options->allow_credentials = GetTestCredentials();
   return options;
@@ -2027,7 +2027,7 @@ class AuthenticatorContentBrowserClientTest : public AuthenticatorImplTest {
       PublicKeyCredentialCreationOptionsPtr options =
           GetTestPublicKeyCredentialCreationOptions();
       options->relying_party.id = "example.com";
-      options->timeout = base::TimeDelta::FromSeconds(1);
+      options->adjusted_timeout = base::TimeDelta::FromSeconds(1);
       options->attestation =
           ConvertAttestationConveyancePreference(test.attestation_requested);
       TestMakeCredentialCallback callback_receiver;
@@ -3771,7 +3771,7 @@ TEST_F(InternalUVAuthenticatorImplTest, MakeCredential) {
           !fingerprints_enrolled &&
           uv == device::UserVerificationRequirement::kRequired;
       if (should_timeout) {
-        options->timeout = base::TimeDelta::FromMilliseconds(100);
+        options->adjusted_timeout = base::TimeDelta::FromMilliseconds(100);
       }
 
       TestMakeCredentialCallback callback_receiver;
@@ -4093,7 +4093,7 @@ TEST_F(UVTokenAuthenticatorImplTest, MakeCredentialUVToken) {
           !fingerprints_enrolled &&
           uv == device::UserVerificationRequirement::kRequired;
       if (should_timeout) {
-        options->timeout = base::TimeDelta::FromMilliseconds(100);
+        options->adjusted_timeout = base::TimeDelta::FromMilliseconds(100);
       }
 
       TestMakeCredentialCallback callback_receiver;

content/browser/webauth/webauth_browsertest.cc

@@ -128,7 +128,7 @@ constexpr char kCreatePublicKeyTemplate[] =
     "    displayName: 'Avery A. Jones', "
     "    icon: '$8'},"
     "  pubKeyCredParams: [{ type: 'public-key', alg: '$4'}],"
-    "  timeout: _timeout_,"
+    "  timeout: 1000,"
     "  excludeCredentials: [],"
     "  authenticatorSelection: {"
     "     requireResidentKey: $1,"
@@ -150,7 +150,7 @@ constexpr char kCreatePublicKeyWithAbortSignalTemplate[] =
     "    displayName: 'Avery A. Jones', "
     "    icon: '$8'},"
     "  pubKeyCredParams: [{ type: 'public-key', alg: '$4'}],"
-    "  timeout: _timeout_,"
+    "  timeout: 1000,"
     "  excludeCredentials: [],"
     "  authenticatorSelection: {"
     "     requireResidentKey: $1,"
@@ -167,7 +167,6 @@ constexpr char kPlatform[] = "platform";
 constexpr char kCrossPlatform[] = "cross-platform";
 constexpr char kPreferredVerification[] = "preferred";
 constexpr char kRequiredVerification[] = "required";
-constexpr char kShortTimeout[] = "100";
 
 // Default values for kCreatePublicKeyTemplate.
 struct CreateParameters {
@@ -184,7 +183,6 @@ struct CreateParameters {
   // It can use the |PublicKeyCredential| object named |c| to extract useful
   // fields.
   const char* extra_ok_output = "''";
-  const char* timeout = "1000";
 };
 
 std::string BuildCreateCallWithParameters(const CreateParameters& parameters) {
@@ -198,26 +196,20 @@ std::string BuildCreateCallWithParameters(const CreateParameters& parameters) {
   substitutions.push_back(parameters.rp_icon);
   substitutions.push_back(parameters.user_icon);
 
-  std::string result;
   if (strlen(parameters.signal) == 0) {
     substitutions.push_back(parameters.extra_ok_output);
-    result = base::ReplaceStringPlaceholders(kCreatePublicKeyTemplate,
-                                             substitutions, nullptr);
-  } else {
-    substitutions.push_back(parameters.signal);
-    result = base::ReplaceStringPlaceholders(
-        kCreatePublicKeyWithAbortSignalTemplate, substitutions, nullptr);
+    return base::ReplaceStringPlaceholders(kCreatePublicKeyTemplate,
+                                           substitutions, nullptr);
   }
-
-  base::ReplaceFirstSubstringAfterOffset(&result, 0, "_timeout_",
-                                         parameters.timeout);
-  return result;
+  substitutions.push_back(parameters.signal);
+  return base::ReplaceStringPlaceholders(
+      kCreatePublicKeyWithAbortSignalTemplate, substitutions, nullptr);
 }
 
 constexpr char kGetPublicKeyTemplate[] =
     "navigator.credentials.get({ publicKey: {"
     "  challenge: new TextEncoder().encode('climb a mountain'),"
-    "  timeout: $4,"
+    "  timeout: 1000,"
     "  userVerification: '$1',"
     "  $2}"
     "}).then(c => window.domAutomationController.send('webauth: OK' + $3),"
@@ -227,10 +219,10 @@ constexpr char kGetPublicKeyTemplate[] =
 constexpr char kGetPublicKeyWithAbortSignalTemplate[] =
     "navigator.credentials.get({ publicKey: {"
     "  challenge: new TextEncoder().encode('climb a mountain'),"
-    "  timeout: $4,"
+    "  timeout: 1000,"
     "  userVerification: '$1',"
     "  $2},"
-    "  signal: $5"
+    "  signal: $4"
     "}).catch(c => window.domAutomationController.send("
     "                  'webauth: ' + c.toString()));";
 
@@ -242,7 +234,6 @@ struct GetParameters {
       "     id: new TextEncoder().encode('allowedCredential'),"
       "     transports: ['usb', 'nfc', 'ble']}]";
   const char* signal = "";
-  const char* timeout = "1000";
   // extra_ok_output is a Javascript expression which must evaluate to a string.
   // It can use the |PublicKeyCredential| object named |c| to extract useful
   // fields.
@@ -254,7 +245,6 @@ std::string BuildGetCallWithParameters(const GetParameters& parameters) {
   substitutions.push_back(parameters.user_verification);
   substitutions.push_back(parameters.allow_credentials);
   substitutions.push_back(parameters.extra_ok_output);
-  substitutions.push_back(parameters.timeout);
   if (strlen(parameters.signal) == 0) {
     return base::ReplaceStringPlaceholders(kGetPublicKeyTemplate, substitutions,
                                            nullptr);
@@ -868,7 +858,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
 
     CreateParameters parameters;
     parameters.user_verification = kRequiredVerification;
-    parameters.timeout = kShortTimeout;
     std::string result;
     ASSERT_TRUE(content::ExecuteScriptAndExtractString(
         shell()->web_contents()->GetMainFrame(),
@@ -906,7 +895,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
 
     CreateParameters parameters;
     parameters.algorithm_identifier = "123";
-    parameters.timeout = kShortTimeout;
     std::string result;
     ASSERT_TRUE(content::ExecuteScriptAndExtractString(
         shell()->web_contents()->GetMainFrame(),
@@ -926,7 +914,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
 
     CreateParameters parameters;
     parameters.authenticator_attachment = kPlatform;
-    parameters.timeout = kShortTimeout;
     std::string result;
     ASSERT_TRUE(content::ExecuteScriptAndExtractString(
         shell()->web_contents()->GetMainFrame(),
@@ -1028,7 +1015,6 @@ IN_PROC_BROWSER_TEST_F(WebAuthJavascriptClientBrowserTest,
       "  id: new TextEncoder().encode('allowedCredential'),"
       "  transports: ['carrierpigeon'],"
       "}]";
-  parameters.timeout = kShortTimeout;
   std::string result;
   ASSERT_TRUE(content::ExecuteScriptAndExtractString(
       shell()->web_contents()->GetMainFrame(),

third_party/blink/public/mojom/webauthn/authenticator.mojom

@@ -210,9 +210,9 @@ struct PublicKeyCredentialRequestOptions {
   // to be sent to an authenticator for signing.
   array<uint8> challenge;
 
-  // Time to wait for an authenticator to complete an operation provided by the
-  // relying party.
-  mojo_base.mojom.TimeDelta? timeout;
+  // Time to wait for an authenticator to complete an operation.
+  // Adjusted to fall within a client-defined range.
+  mojo_base.mojom.TimeDelta adjusted_timeout;
 
   // An ASCII serialization of the origin claimed by the relying party.
   string relying_party_id;
@@ -299,9 +299,9 @@ struct PublicKeyCredentialCreationOptions {
   // party would accept.
   array<PublicKeyCredentialParameters> public_key_parameters;
 
-  // Time to wait for an authenticator to complete an operation provided by the
-  // relying party.
-  mojo_base.mojom.TimeDelta? timeout;
+  // Time to wait for an authenticator to complete an operation.
+  // Adjusted to fall within a client-defined range.
+  mojo_base.mojom.TimeDelta adjusted_timeout;
 
   // A list of credentials the relying party knows about. If an
   // authenticator has one of these credentials, it should not

third_party/blink/renderer/modules/credentialmanager/credential_manager_type_converters.cc

@@ -25,6 +25,21 @@
 #include "third_party/blink/renderer/modules/credentialmanager/password_credential.h"
 #include "third_party/blink/renderer/modules/credentialmanager/public_key_credential.h"
 
+namespace {
+// Time to wait for an authenticator to successfully complete an operation.
+constexpr base::TimeDelta kAdjustedTimeoutLower =
+    base::TimeDelta::FromSeconds(10);
+constexpr base::TimeDelta kAdjustedTimeoutUpper =
+    base::TimeDelta::FromMinutes(10);
+
+base::TimeDelta AdjustTimeout(uint32_t timeout) {
+  base::TimeDelta adjusted_timeout;
+  adjusted_timeout = base::TimeDelta::FromMilliseconds(timeout);
+  return std::max(kAdjustedTimeoutLower,
+                  std::min(kAdjustedTimeoutUpper, adjusted_timeout));
+}
+}  // namespace
+
 namespace mojo {
 
 using blink::mojom::blink::AttestationConveyancePreference;
@@ -393,8 +408,9 @@ TypeConverter<PublicKeyCredentialCreationOptionsPtr,
 
   // Step 4 of https://w3c.github.io/webauthn/#createCredential
   if (options->hasTimeout()) {
-    mojo_options->timeout =
-        base::TimeDelta::FromMilliseconds(options->timeout());
+    mojo_options->adjusted_timeout = AdjustTimeout(options->timeout());
+  } else {
+    mojo_options->adjusted_timeout = kAdjustedTimeoutUpper;
   }
 
   // Steps 8 and 9 of
@@ -536,8 +552,9 @@ TypeConverter<PublicKeyCredentialRequestOptionsPtr,
   mojo_options->challenge = ConvertTo<Vector<uint8_t>>(options->challenge());
 
   if (options->hasTimeout()) {
-    mojo_options->timeout =
-        base::TimeDelta::FromMilliseconds(options->timeout());
+    mojo_options->adjusted_timeout = AdjustTimeout(options->timeout());
+  } else {
+    mojo_options->adjusted_timeout = kAdjustedTimeoutUpper;
   }
 
   mojo_options->relying_party_id = options->rpId();