Revert "ui: window/Settings / WebAuthn: add browser setting for userVerificationo"
even if the options *could* be set in the frontend, the backend
actually has to do validation of those settings, thus we should not
make that a browser setting
additionally, having the value 'preferred' does not actually make sense,
since it does not add any security (the backend skips the
userverification check then)
This reverts commit aca4c2b5a9
.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
parent
7f37cacfac
commit
b452e2df74
@ -390,11 +390,6 @@ Ext.define('PBS.login.TfaWindow', {
|
||||
// Byte array fixup, keep challenge string:
|
||||
challenge.string = challenge.publicKey.challenge;
|
||||
challenge.publicKey.challenge = PBS.Utils.base64url_to_bytes(challenge.string);
|
||||
let userVerification = Ext.state.Manager.getProvider().get('webauthn-user-verification');
|
||||
if (userVerification !== undefined) {
|
||||
challenge.publicKey.userVerification = userVerification;
|
||||
}
|
||||
|
||||
for (const cred of challenge.publicKey.allowCredentials) {
|
||||
cred.id = PBS.Utils.base64url_to_bytes(cred.id);
|
||||
}
|
||||
|
@ -79,13 +79,6 @@ Ext.define('PBS.window.AddWebauthn', {
|
||||
// string to pass in the response:
|
||||
let challenge_str = challenge_obj.publicKey.challenge;
|
||||
challenge_obj.publicKey.challenge = PBS.Utils.base64url_to_bytes(challenge_str);
|
||||
let userVerification = Ext.state.Manager.getProvider().get('webauthn-user-verification');
|
||||
if (userVerification !== undefined) {
|
||||
challenge_obj.publicKey.authenticatorSelection = {
|
||||
userVerification,
|
||||
};
|
||||
}
|
||||
|
||||
challenge_obj.publicKey.user.id =
|
||||
PBS.Utils.base64url_to_bytes(challenge_obj.publicKey.user.id);
|
||||
|
||||
|
@ -30,9 +30,6 @@ Ext.define('PBS.window.Settings', {
|
||||
let username = sp.get('login-username') || Proxmox.Utils.noneText;
|
||||
me.lookupReference('savedUserName').setValue(Ext.String.htmlEncode(username));
|
||||
|
||||
let userverification= sp.get('webauthn-user-verification') || '__default__';
|
||||
me.lookupReference('webauthnUserVerification').setValue(userverification);
|
||||
|
||||
let settings = ['fontSize', 'fontFamily', 'letterSpacing', 'lineHeight'];
|
||||
settings.forEach(function(setting) {
|
||||
let val = localStorage.getItem('pve-xterm-' + setting);
|
||||
@ -94,7 +91,7 @@ Ext.define('PBS.window.Settings', {
|
||||
},
|
||||
'button[name=reset]': {
|
||||
click: function() {
|
||||
let blacklist = ['login-username', 'webauthn-user-verification'];
|
||||
let blacklist = ['login-username'];
|
||||
let sp = Ext.state.Manager.getProvider();
|
||||
for (const state of Object.values(sp.state)) {
|
||||
if (blacklist.indexOf(state) !== -1) {
|
||||
@ -117,14 +114,6 @@ Ext.define('PBS.window.Settings', {
|
||||
sp.clear('login-username');
|
||||
},
|
||||
},
|
||||
'field[reference=webauthnUserVerification]': {
|
||||
change: function(e, v) {
|
||||
if (v === '__default__') {
|
||||
v = undefined;
|
||||
}
|
||||
Ext.state.Manager.getProvider().set('webauthn-user-verification', v);
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@ -185,23 +174,6 @@ Ext.define('PBS.window.Settings', {
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
xtype: 'box',
|
||||
autoEl: { tag: 'hr' },
|
||||
},
|
||||
{
|
||||
xtype: 'proxmoxKVComboBox',
|
||||
fieldLabel: gettext('WebAuthn User Verification') + ':',
|
||||
labelWidth: 150,
|
||||
stateId: 'webauthn-user-verification',
|
||||
reference: 'webauthnUserVerification',
|
||||
value: '__default__',
|
||||
comboItems: [
|
||||
['__default__', Proxmox.Utils.defaultText],
|
||||
['discouraged', gettext('Discouraged')],
|
||||
['preferred', gettext('Preferred')],
|
||||
],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user