ui: tfa: make webAuthn abortable and restartable

Fix two things:
* do not reject the login promise when we get the abort DOMException
  error
* safely save the original challenge string as we work on a reference
  here and avoid to convert to a UInt8 array twice to avoid an
  exception.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

www/LoginView.js

@@ -380,12 +380,14 @@ Ext.define('PBS.login.TfaWindow', {
 
 	    let challenge = view.challenge.webauthn;
 
+	    if (typeof challenge.string !== 'string') {
 		// Byte array fixup, keep challenge string:
-	    let challenge_str = challenge.publicKey.challenge;
+		challenge.string = challenge.publicKey.challenge;
-	    challenge.publicKey.challenge = PBS.Utils.base64url_to_bytes(challenge_str);
+		challenge.publicKey.challenge = PBS.Utils.base64url_to_bytes(challenge.string);
 		for (const cred of challenge.publicKey.allowCredentials) {
 		    cred.id = PBS.Utils.base64url_to_bytes(cred.id);
 		}
+	    }
 
 	    let controller = new AbortController();
 	    challenge.signal = controller.signal;
@@ -395,7 +397,12 @@ Ext.define('PBS.login.TfaWindow', {
 		//Promise.race( ...
 		hwrsp = await navigator.credentials.get(challenge);
 	    } catch (error) {
-		view.onReject(error);
+		// we do NOT want to fail login because of canceling the challenge actively,
+		// in some browser that's the only way to switch over to another method as the
+		// disallow user input during the time the challenge is active
+		// checking for error.code === DOMException.ABORT_ERR only works in firefox -.-
+		this.getViewModel().set('canConfirm', true);
+		// FIXME: better handling, show some message, ...?
 		return;
 	    } finally {
 		let waitingMessage = me.lookup('webAuthnWaiting');
@@ -407,7 +414,7 @@ Ext.define('PBS.login.TfaWindow', {
 	    let response = {
 		id: hwrsp.id,
 		type: hwrsp.type,
-		challenge: challenge_str,
+		challenge: challenge.string,
 		rawId: PBS.Utils.bytes_to_base64url(hwrsp.rawId),
 		response: {
 		    authenticatorData: PBS.Utils.bytes_to_base64url(