luci-auth-fido2-plugin: use WindowsClient if available

WindowsClient works for both non-admin and admin users. There's no need to branch and use Fido2Client for admin users. Bug:b/433851494 Change-Id: I42d52d71749beaf0b2c68d9adc6027a5b6bb2ac2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/tools/depot_tools/+/6844138 Reviewed-by: Allen Li <ayatane@chromium.org> Reviewed-by: Chenlin Fan <fancl@chromium.org> Auto-Submit: Jiewei Qian <qjw@chromium.org> Commit-Queue: Allen Li <ayatane@chromium.org>
3 months ago · 09f005050e
parent aef7f6994e
commit 09f005050e
1 changed files with 4 additions and 9 deletions
--- a/luci_auth_fido2_plugin.py
+++ b/luci_auth_fido2_plugin.py
@ -25,7 +25,6 @@

 from concurrent.futures import ThreadPoolExecutor, as_completed
 from contextlib import contextmanager
-import ctypes
 import dataclasses
 import json
 import logging
@ -185,14 +184,10 @@ def get_clients(origin: str) -> list[tuple[WebAuthnClient, str]]:
    """
    client_data_collector = DefaultClientDataCollector(origin)

-    # Use Windows WebAuthn API if available, and if we aren't running as admin.
-    if WindowsClient is not None \
-       and WindowsClient.is_available():
-        if ctypes.windll.shell32.IsUserAnAdmin():
-            logging.info("User is admin")
-        else:
-            logging.info("Using WindowsClient")
-            return [(WindowsClient(client_data_collector), "WindowsWebAuthn")]
+    # Use Windows WebAuthn API if available.
+    if WindowsClient and WindowsClient.is_available():
+        logging.info("Using WindowsClient")
+        return [(WindowsClient(client_data_collector), "WindowsWebAuthn")]

    user_interaction = DiscardInteraction()
    clients = []