Address review feedback

2026-01-30 16:23:53 +00:00 · 2025-12-19 11:34:03 -06:00
parent 239fb19561
commit 9b43ffcc49
3 changed files with 19 additions and 6 deletions
--- a/apps/desktop/desktop_native/win_webauthn/src/plugin/com.rs
+++ b/apps/desktop/desktop_native/win_webauthn/src/plugin/com.rs
@@ -219,7 +219,7 @@ impl IPluginAuthenticator_Impl for PluginAuthenticatorComObject_Impl {

        match self.handler.cancel_operation(request.into()) {
            Ok(()) => {
-                tracing::error!("CancelOperation completed successfully");
+                tracing::debug!("CancelOperation completed successfully");
                S_OK
            }
            Err(err) => {
--- a/apps/desktop/desktop_native/win_webauthn/src/plugin/types.rs
+++ b/apps/desktop/desktop_native/win_webauthn/src/plugin/types.rs
@@ -547,8 +547,16 @@ impl PluginMakeCredentialRequest {
                err,
            )
        })?;
-
+        // SAFETY: Initialized by successful call to webauthn_decode_make_credential()
        let registration_request = registration_request.assume_init();
+
+        if request.hWnd.is_invalid() {
+            return Err(WinWebAuthnError::new(
+                ErrorKind::WindowsInternal,
+                "Invalid handle received",
+            ));
+        }
+
        Ok(Self {
            inner: registration_request as *const WEBAUTHN_CTAPCBOR_MAKE_CREDENTIAL_REQUEST,
            window_handle: request.hWnd,
@@ -989,6 +997,14 @@ impl PluginGetAssertionRequest {
                err,
            )
        })?;
+
+        if request.hWnd.is_invalid() {
+            return Err(WinWebAuthnError::new(
+                ErrorKind::WindowsInternal,
+                "Invalid handle received",
+            ));
+        }
+
        Ok(Self {
            // SAFETY: Windows should return a valid decoded assertion request struct.
            inner: assertion_request as *const WEBAUTHN_CTAPCBOR_GET_ASSERTION_REQUEST,
--- a/apps/desktop/desktop_native/win_webauthn/src/types/mod.rs
+++ b/apps/desktop/desktop_native/win_webauthn/src/types/mod.rs
@@ -724,7 +724,7 @@ mod tests {
        let aaguid = Uuid::try_from(AAGUID).unwrap();
        let authenticator_info = AuthenticatorInfo {
            versions: HashSet::from([CtapVersion::Fido2_0, CtapVersion::Fido2_1]),
-            aaguid: aaguid,
+            aaguid,
            options: Some(HashSet::from([
                "rk".to_string(),
                "up".to_string(),
@@ -778,9 +778,6 @@ mod tests {
        } else {
            panic!("CBOR should decode to a map");
        }
-
-        // Print the generated CBOR for verification
-        println!("Generated CBOR hex: {}", hex::encode(&cbor_bytes));
    }

    #[test]