Conversation
|
@DaVinci9196 |
mar-v-in
left a comment
mar-v-in
left a comment
There was a problem hiding this comment.
It seems you are wildly mixing different things here:
- Bluetooth in the transport selection refers to connecting to Bluetooth capable fido tokens. This does not involve qr codes. See https://fidoalliance.org/specs/fido-v2.3-rd-20251023/fido-client-to-authenticator-protocol-v2.3-rd-20251023.html#ble for the protocol specification.
- This seems to implement hybrid authentication in both directions, but weirdly entangles it with unrelated code paths.
| import kotlin.also | ||
| import kotlin.text.lowercase | ||
|
|
||
| class QRBounceActivity : AppCompatActivity() { |
There was a problem hiding this comment.
What's the purpose of this activity? Why not just directly launch HybridAuthenticateActivity when it's needed?
There was a problem hiding this comment.
The initial idea was to have a transition page, with HybridAuthenticateActivity not directly accessible externally. It can also be removed.
| return | ||
| } | ||
| val targetIntent = Intent() | ||
| targetIntent.setClassName(this, "org.microg.gms.fido.core.ui.hybrid.HybridAuthenticateActivity") |
There was a problem hiding this comment.
Please reference directly the class (via HybridAuthenticateActivity::class.java) rather than by name.
There was a problem hiding this comment.
You shouldn't do any changes to this file, this is from mlkit and is entirely unrelated to fido.
|
|
||
| override fun onCreateOptionsMenu(menu: Menu, inflater: MenuInflater) { | ||
| menu.add(0, MENU_GAMES_MANAGED, 0, org.microg.gms.base.core.R.string.menu_game_managed) | ||
| menu.add(0, MENU_SCAN_FIDO_QR_CODE, 0, org.microg.gms.base.core.R.string.menu_qr_code_scan) |
There was a problem hiding this comment.
I don't think Google has such a menu option either. The documentation also suggests that the QR code is scanned using the regular camera app, not using Google settings app. Please make it work using the regular flow, no need to have a custom QR code reader button in microG.
There was a problem hiding this comment.
Not all camera apps support QR codes (specially on old Android), so it would be nice to have the possibility to make it working without having to install an additional app.
There was a problem hiding this comment.
@ale5000-git using FIDO hybrid passkeys is unrelated to Google accounts and this shouldn't be buried in some Google account-related setting.
People with a camera app that can't scan QR codes are well-adviced to have another way to scan QR codes anyway, or how would one be able to scan QR codes that are not application-specific, like just regular web links?
There was a problem hiding this comment.
@mar-v-in
My opinion is that a not application-specific QR code can be useful but not fundamental so on old phones it is perfectly possible to not have generic QR code app but still it would be useful to still use FIDO hybrid passkeys.
If the code isn't too big I think it is very useful to have it.
As for "shouldn't be buried in some Google account-related setting", it could be moved to a better place (but without requiring a separate app if possible).
There was a problem hiding this comment.
microG isn't a user-facing app. The only launcher is microG settings, which intentionally can be disabled/hidden for users that prefer to reach it from system settings or when custom ROMs have a tight integration. If we wanted to have a new user-facing launcher, what else would be in it other than this QR scanner? Having an additional microG launcher with just a QR code scanner wouldn't really make sense, users could just install a QR code scanner app then.
There was a problem hiding this comment.
@mar-v-in
Even if the microG settings aren't in the launcher, they still are integrated in Android settings so it is fine (in my opinion).
My idea is to have a special "FIDO" section inside microG settings that open a separate page that contains the QR code scanning function (and maybe in the future the possibility to list and delete the FIDO screen lock credentials).
| } | ||
|
|
||
| class AuthenticatorGetInfoRequest : Ctap2Request(0x04) | ||
| class AuthenticatorGetInfoRequest( |
There was a problem hiding this comment.
authenticatorGetInfo does not take any inputs, see https://fidoalliance.org/specs/fido-v2.3-rd-20251023/fido-client-to-authenticator-protocol-v2.3-rd-20251023.html#authenticatorGetInfo
The structure here looks like you actually wanted to use the outputs, that is the AuthenticatorGetInfoResponse class below.
There was a problem hiding this comment.
It has been changed to use AuthenticatorGetInfoResponse
3 participants
FIDO adds cross-device (Bluetooth) login.
Scene 1: Log in to local applications using other device keys by scanning the local device's QR code.
Scene 2: Scan the key QR code on another device using the Google App to log in using your device's key.