webauthn: adjust timeout bounds.

Sites can specify a timeout for a Webauthn operation but Blink enforces
sanity bounds on the value. This change alters those bounds from [1..60]
seconds to [10..600] seconds.

A one second timeout is unreasonable: it'll cause the UI dialog to
appear and then disappear one second later; probably too fast for the
user to read.

Also, a 60 second upper bound seems too harsh: if a site wants to allow
a longer timeout, why not? I'm sure I've spent more than 60 seconds
going downstairs to find a security key on occasion.

Change-Id: Ia9d677d0b7249059529112b4ee0b69bd870d751a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1617644
Auto-Submit: Adam Langley <agl@chromium.org>
Commit-Queue: Ken Buchanan <kenrb@chromium.org>
Reviewed-by: Ken Buchanan <kenrb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#660943}

third_party/blink/renderer/modules/credentialmanager/credential_manager_type_converters.cc

@@ -26,8 +26,8 @@
 
 namespace {
 // Time to wait for an authenticator to successfully complete an operation.
-constexpr TimeDelta kAdjustedTimeoutLower = TimeDelta::FromSeconds(1);
-constexpr TimeDelta kAdjustedTimeoutUpper = TimeDelta::FromMinutes(1);
+constexpr TimeDelta kAdjustedTimeoutLower = TimeDelta::FromSeconds(10);
+constexpr TimeDelta kAdjustedTimeoutUpper = TimeDelta::FromMinutes(10);
 
 WTF::TimeDelta AdjustTimeout(uint32_t timeout) {
   WTF::TimeDelta adjusted_timeout;