Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update browser.secureStorage proposal with authentication levels #226

Closed
wants to merge 1 commit into from
Closed

Update browser.secureStorage proposal with authentication levels #226

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 54 additions & 7 deletions proposals/secure-storage.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,35 +38,82 @@ Response:
```
{
type: "MACOS_KEYCHAIN",
availableAuthentication: [
"PIN",
"PASSWORD",
"BIOMETRY_FACE",
"BIOMETRY_FINGERPRINT"
supportedAuthenticationLevels: [
{
name: "BIOMETRIC",
implementation: [
"MACOS_KEYCHAIN_FACE",
"MACOS_KEYCHAIN_TOUCHID"
Comment on lines +45 to +46
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would apply to iOS as well. I would prefer to not bake the platform into the contents like this. I much preferred the previous generic wording.

]
},
{
name: "DEVICE_CREDENTIAL",
implementation: [
"MACOS_ACCOUNT_PASSWORD"
]
}
]
}
```

Name can be either `BIOMETRIC` or `DEVICE_CREDENTIAL`, indicating which authentication levels are supported for a `browser.secureStorage.store` call. These are intentionally vague descriptors that allow the API to be used with some level of abstraction away from the hardware.

Implementation is an array of browser-specific descriptors that a developer can use to learn more about what specific implementations the browser will use. These are not standardised and therefore are not used elsewhere in the API. They simply exist so the developer can get a better idea about what will be used if they request a secret to be stored with a particular authentication level.

On platforms like Windows, where the OS provides an API like Windows Hello but does not allow specific methods to be requested, the response will look as follows:

```
{
type: "WINDOWS_HELLO",
supportedAuthenticationLevels: [
{
name: "ANY",
implementation: []
}
]
}
```

In this case, a call to `browser.secureStorage.store` must set the `minimumAuthenticationLevel` to `ANY`. This indicates that the developer is willing to use whatever authentication method is picked by the OS.

**browser.secureStorage.store**

This stores the provided string.
This stores the provided string. The minimumAuthenticationLevel key indicates the minimum level of authentication that should be required when this secret is retrieved in the future.

```
browser.secureStorage.store({
id: "example-data"
authentication: ["BIOMETRY_FACE", "BIOMETRY_FINGERPRINT"],
minimumAuthenticationLevel: "BIOMETRIC",
data: JSON.stringify({ password: "!72AH8d_.-*gFgNFPUFz2" })
});
```

Unless required by the OS for enrollment, biometrics should not be required when storing data.

**browser.secureStorage.retrieve**

This retrieves the stored data. The browser will only provide it if the user authenticates with one of the allowed mechanisms for this secret, and will throw an error otherwise.

Request:

```
browser.secureStorage.retrieve({ id: "example-data" });
```

Response:

```
{
data: "",
authentication: {
level: "BIOMETRIC",
implementation: "MACOS_KEYCHAIN_FACE"
}
}
```

The response includes both the requested data, and the type of authentication that was performed.

**browser.secureStorage.remove**

Removes an entry from secureStorage given an ID. No biometrics are required.
Expand Down