Merge pull request #21880 from nextcloud/webauthn/discourage_user_auth

Discourage webauthn user interaction

Author: MorrisJobke

lib/private/Authentication/WebAuthn/Manager.php

@@ -107,7 +107,11 @@ public function startRegistration(IUser $user, string $serverHost): PublicKeyCre
 		$excludedPublicKeyDescriptors = [
 		];
 
-		$authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria();
+		$authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(
+			null,
+			false,
+			AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_DISCOURAGED
+		);
 
 		return new PublicKeyCredentialCreationOptions(
 			$rpEntity,
@@ -186,7 +190,8 @@ public function startAuthentication(string $uid, string $serverHost): PublicKeyC
 			random_bytes(32),                                                    // Challenge
 			60000,                                                              // Timeout
 			$this->stripPort($serverHost),                                                                  // Relying Party ID
-			$registeredPublicKeyCredentialDescriptors                                  // Registered PublicKeyCredentialDescriptor classes
+			$registeredPublicKeyCredentialDescriptors,                                  // Registered PublicKeyCredentialDescriptor classes
+			AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_DISCOURAGED
 		);
 	}