mozilla · msirringhaus · Oct 23, 2023
diff --git a/examples/ctap2.rs b/examples/ctap2.rs
@@ -84,6 +84,9 @@ fn main() {
     let (status_tx, status_rx) = channel::<StatusUpdate>();
     thread::spawn(move || loop {
         match status_rx.recv() {
+            Ok(StatusUpdate::NoDevicesFound) => {
+                println!("STATUS: No device found. Please connect one!");
+            }
             Ok(StatusUpdate::InteractiveManagement(..)) => {
                 panic!("STATUS: This can't happen when doing non-interactive usage");
             }

diff --git a/examples/ctap2_discoverable_creds.rs b/examples/ctap2_discoverable_creds.rs
@@ -15,9 +15,9 @@ use authenticator::{
 };
 use getopts::Options;
 use sha2::{Digest, Sha256};
+use std::io::Write;
 use std::sync::mpsc::{channel, RecvError};
 use std::{env, io, thread};
-use std::io::Write;
 
 fn print_usage(program: &str, opts: Options) {
     println!("------------------------------------------------------------------------");
@@ -84,6 +84,9 @@ fn register_user(manager: &mut AuthenticatorService, username: &str, timeout_ms:
             Ok(StatusUpdate::InteractiveManagement(..)) => {
                 panic!("STATUS: This can't happen when doing non-interactive usage");
             }
+            Ok(StatusUpdate::NoDevicesFound) => {
+                println!("STATUS: No device found. Please connect one!");
+            }
             Ok(StatusUpdate::SelectDeviceNotice) => {
                 println!("STATUS: Please select a device by touching one of them.");
             }
@@ -216,10 +219,7 @@ fn main() {
         "timeout in seconds",
         "SEC",
     );
-    opts.optflag(
-        "s",
-        "skip_reg",
-        "Skip registration");
+    opts.optflag("s", "skip_reg", "Skip registration");
 
     opts.optflag("h", "help", "print this help menu");
     let matches = match opts.parse(&args[1..]) {
@@ -273,6 +273,9 @@ fn main() {
             Ok(StatusUpdate::InteractiveManagement(..)) => {
                 panic!("STATUS: This can't happen when doing non-interactive usage");
             }
+            Ok(StatusUpdate::NoDevicesFound) => {
+                println!("STATUS: No device found. Please connect one!");
+            }
             Ok(StatusUpdate::SelectDeviceNotice) => {
                 println!("STATUS: Please select a device by touching one of them.");
             }
@@ -368,7 +371,13 @@ fn main() {
                 println!("Found credentials:");
                 println!(
                     "{:?}",
-                    assertion_object.assertion.user.clone().unwrap().name.unwrap() // Unwrapping here, as these shouldn't fail
+                    assertion_object
+                        .assertion
+                        .user
+                        .clone()
+                        .unwrap()
+                        .name
+                        .unwrap() // Unwrapping here, as these shouldn't fail
                 );
                 println!("-----------------------------------------------------------------");
                 println!("Done.");

diff --git a/examples/interactive_management.rs b/examples/interactive_management.rs
@@ -680,6 +680,9 @@ fn interactive_status_callback(status_rx: Receiver<StatusUpdate>) {
                 );
                 continue;
             }
+            Ok(StatusUpdate::NoDevicesFound) => {
+                println!("STATUS: No device found. Please connect one!");
+            }
             Ok(StatusUpdate::SelectDeviceNotice) => {
                 println!("STATUS: Please select a device by touching one of them.");
             }

diff --git a/examples/reset.rs b/examples/reset.rs
@@ -93,6 +93,9 @@ fn main() {
 
     loop {
         match status_rx.recv() {
+            Ok(StatusUpdate::NoDevicesFound) => {
+                println!("STATUS: No device found. Please connect one!");
+            }
             Ok(StatusUpdate::SelectDeviceNotice) => {
                 println!("ERROR: Please unplug all other tokens that should not be reset!");
                 // Needed to give the tokens enough time to start blinking

diff --git a/examples/set_pin.rs b/examples/set_pin.rs
@@ -68,6 +68,9 @@ fn main() {
             Ok(StatusUpdate::InteractiveManagement(..)) => {
                 panic!("STATUS: This can't happen when doing non-interactive usage");
             }
+            Ok(StatusUpdate::NoDevicesFound) => {
+                println!("STATUS: No device found. Please connect one!");
+            }
             Ok(StatusUpdate::SelectDeviceNotice) => {
                 println!("STATUS: Please select a device by touching one of them.");
             }

diff --git a/examples/test_exclude_list.rs b/examples/test_exclude_list.rs
@@ -82,6 +82,9 @@ fn main() {
             Ok(StatusUpdate::InteractiveManagement(..)) => {
                 panic!("STATUS: This can't happen when doing non-interactive usage");
             }
+            Ok(StatusUpdate::NoDevicesFound) => {
+                println!("STATUS: No device found. Please connect one!");
+            }
             Ok(StatusUpdate::SelectDeviceNotice) => {
                 println!("STATUS: Please select a device by touching one of them.");
             }

diff --git a/src/ctap2/commands/mod.rs b/src/ctap2/commands/mod.rs
@@ -1,7 +1,5 @@
 use crate::crypto::{CryptoError, PinUvAuthParam, PinUvAuthToken};
-use crate::ctap2::commands::client_pin::{
-    GetPinRetries, GetUvRetries, PinError,
-};
+use crate::ctap2::commands::client_pin::{GetPinRetries, GetUvRetries, PinError};
 use crate::ctap2::commands::get_info::AuthenticatorInfo;
 use crate::ctap2::server::UserVerificationRequirement;
 use crate::errors::AuthenticatorError;

diff --git a/src/status_update.rs b/src/status_update.rs
@@ -107,6 +107,8 @@ pub enum StatusUpdate {
     InteractiveManagement(InteractiveUpdate),
     /// Sent when a token returns multiple results for a getAssertion request
     SelectResultNotice(Sender<Option<usize>>, Vec<PublicKeyCredentialUserEntity>),
+    /// Inform user that no devices are plugged in
+    NoDevicesFound,
 }
 
 pub(crate) fn send_status(status: &Sender<StatusUpdate>, msg: StatusUpdate) {

diff --git a/src/transport/device_selector.rs b/src/transport/device_selector.rs
@@ -1,4 +1,6 @@
+use crate::status_update::send_status;
 use crate::transport::hid::HIDDevice;
+use crate::StatusUpdate;
 
 pub use crate::transport::platform::device::Device;
 
@@ -45,7 +47,7 @@ pub struct DeviceSelector {
 }
 
 impl DeviceSelector {
-    pub fn run() -> Self {
+    pub fn run(status: Sender<crate::StatusUpdate>) -> Self {
         let (selector_send, selector_rec) = channel();
         // let new_device_callback = Arc::new(new_device_cb);
         let runloop = RunLoop::new(move |alive| {
@@ -77,6 +79,9 @@ impl DeviceSelector {
                         break; // We are done here. The selected device continues without us.
                     }
                     DeviceSelectorEvent::DevicesAdded(ids) => {
+                        if ids.is_empty() && waiting_for_response.is_empty() && tokens.is_empty() {
+                            send_status(&status, StatusUpdate::NoDevicesFound);
+                        }
                         for id in ids {
                             debug!("Device added event: {:?}", id);
                             waiting_for_response.insert(id);
@@ -99,9 +104,15 @@ impl DeviceSelector {
                             tokens.retain(|dev_id, _| dev_id != id);
                             if tokens.is_empty() {
                                 blinking = false;
+                                if waiting_for_response.is_empty() {
+                                    send_status(&status, StatusUpdate::NoDevicesFound);
+                                }
                                 continue;
                             }
                         }
+                        if waiting_for_response.is_empty() && tokens.is_empty() {
+                            send_status(&status, StatusUpdate::NoDevicesFound);
+                        }
                         // We are already blinking, so no need to run the code below this match
                         // that figures out if we should blink or not. In fact, currently, we do
                         // NOT want to run this code again, because if you have 2 blinking tokens
@@ -115,6 +126,9 @@ impl DeviceSelector {
                     DeviceSelectorEvent::NotAToken(ref id) => {
                         debug!("Device not a token event: {:?}", id);
                         waiting_for_response.remove(id);
+                        if waiting_for_response.is_empty() && tokens.is_empty() {
+                            send_status(&status, StatusUpdate::NoDevicesFound);
+                        }
                     }
                     DeviceSelectorEvent::ImAToken((id, tx)) => {
                         let _ = waiting_for_response.remove(&id);
@@ -187,6 +201,7 @@ pub mod tests {
         transport::FidoDevice,
         u2ftypes::U2FDeviceInfo,
     };
+    use std::sync::mpsc::TryRecvError;
 
     fn gen_info(id: String) -> U2FDeviceInfo {
         U2FDeviceInfo {
@@ -267,9 +282,10 @@ pub mod tests {
             Device::new("device selector 4").unwrap(),
         ];
 
+        let (tx, rx) = channel();
         // Make those actual tokens. The rest is interpreted as non-u2f-devices
         make_device_with_pin(&mut devices[2]);
-        let selector = DeviceSelector::run();
+        let selector = DeviceSelector::run(tx);
 
         // Adding all
         add_devices(devices.iter(), &selector);
@@ -278,6 +294,7 @@ pub mod tests {
                 send_no_token(d, &selector);
             }
         });
+        assert_matches!(rx.try_recv(), Err(TryRecvError::Empty));
 
         send_i_am_token(&devices[2], &selector);
 
@@ -292,18 +309,24 @@ pub mod tests {
     fn test_device_selector_stop() {
         let device = Device::new("device selector 1").unwrap();
 
-        let mut selector = DeviceSelector::run();
+        let (tx, rx) = channel();
+        let mut selector = DeviceSelector::run(tx);
 
         // Adding all
         selector
             .clone_sender()
             .send(DeviceSelectorEvent::DevicesAdded(vec![device.id()]))
             .unwrap();
+        assert_matches!(rx.try_recv(), Err(TryRecvError::Empty));
 
         selector
             .clone_sender()
             .send(DeviceSelectorEvent::NotAToken(device.id()))
             .unwrap();
+        assert_matches!(
+            rx.recv_timeout(Duration::from_millis(500)),
+            Ok(StatusUpdate::NoDevicesFound)
+        );
         selector.stop();
     }
 
@@ -323,7 +346,8 @@ pub mod tests {
         make_device_with_pin(&mut devices[4]);
         make_device_with_pin(&mut devices[5]);
 
-        let selector = DeviceSelector::run();
+        let (tx, rx) = channel();
+        let selector = DeviceSelector::run(tx);
 
         // Adding all, except the last one (we simulate that this one is not yet plugged in)
         add_devices(devices.iter().take(5), &selector);
@@ -355,6 +379,7 @@ pub mod tests {
             devices[5].receiver.as_ref().unwrap().recv().unwrap(),
             DeviceCommand::Blink
         );
+        assert_matches!(rx.try_recv(), Err(TryRecvError::Empty));
     }
 
     #[test]
@@ -375,7 +400,8 @@ pub mod tests {
         make_device_simple_u2f(&mut devices[4]);
         make_device_simple_u2f(&mut devices[5]);
 
-        let selector = DeviceSelector::run();
+        let (tx, rx) = channel();
+        let selector = DeviceSelector::run(tx);
 
         // Adding all, except the last one (we simulate that this one is not yet plugged in)
         add_devices(devices.iter().take(5), &selector);
@@ -417,6 +443,7 @@ pub mod tests {
             devices[6].receiver.as_ref().unwrap().recv().unwrap(),
             DeviceCommand::Blink
         );
+        assert_matches!(rx.try_recv(), Err(TryRecvError::Empty));
     }
 
     #[test]
@@ -437,7 +464,8 @@ pub mod tests {
         make_device_with_pin(&mut devices[4]);
         make_device_with_pin(&mut devices[5]);
 
-        let selector = DeviceSelector::run();
+        let (tx, rx) = channel();
+        let selector = DeviceSelector::run(tx);
 
         // Adding all, except the last one (we simulate that this one is not yet plugged in)
         add_devices(devices.iter(), &selector);
@@ -456,11 +484,16 @@ pub mod tests {
                 DeviceCommand::Blink
             );
         }
+        assert_matches!(rx.try_recv(), Err(TryRecvError::Empty));
 
         // Remove all tokens
         for idx in [2, 4, 5] {
             remove_device(&devices[idx], &selector);
         }
+        assert_matches!(
+            rx.recv_timeout(Duration::from_millis(500)),
+            Ok(StatusUpdate::NoDevicesFound)
+        );
 
         // Adding one again
         send_i_am_token(&devices[4], &selector);
@@ -471,4 +504,56 @@ pub mod tests {
             DeviceCommand::Continue
         );
     }
+
+    #[test]
+    fn test_device_selector_no_devices() {
+        let mut devices = vec![
+            Device::new("device selector 1").unwrap(),
+            Device::new("device selector 2").unwrap(),
+            Device::new("device selector 3").unwrap(),
+            Device::new("device selector 4").unwrap(),
+        ];
+
+        let (tx, rx) = channel();
+        // Make those actual tokens. The rest is interpreted as non-u2f-devices
+        make_device_with_pin(&mut devices[2]);
+        make_device_with_pin(&mut devices[3]);
+        let selector = DeviceSelector::run(tx);
+
+        // Adding no devices first (none are plugged in when we start)
+        add_devices(std::iter::empty(), &selector);
+        assert_matches!(
+            rx.recv_timeout(Duration::from_millis(500)),
+            Ok(StatusUpdate::NoDevicesFound)
+        );
+
+        // Adding the devices
+        add_devices(devices.iter(), &selector);
+        devices.iter_mut().for_each(|d| {
+            if !d.is_u2f() {
+                send_no_token(d, &selector);
+            }
+        });
+        assert_matches!(rx.try_recv(), Err(TryRecvError::Empty));
+
+        send_i_am_token(&devices[2], &selector);
+        send_i_am_token(&devices[3], &selector);
+
+        assert_eq!(
+            devices[2].receiver.as_ref().unwrap().recv().unwrap(),
+            DeviceCommand::Blink
+        );
+        assert_eq!(
+            devices[3].receiver.as_ref().unwrap().recv().unwrap(),
+            DeviceCommand::Blink
+        );
+
+        // Removing all blinking devices
+        remove_device(&devices[2], &selector);
+        remove_device(&devices[3], &selector);
+        assert_matches!(
+            rx.recv_timeout(Duration::from_millis(500)),
+            Ok(StatusUpdate::NoDevicesFound)
+        );
+    }
 }
diff --git a/src/transport/freebsd/transaction.rs b/src/transport/freebsd/transaction.rs
@@ -35,7 +35,7 @@ impl Transaction {
             + 'static,
         T: 'static,
     {
-        let device_selector = DeviceSelector::run();
+        let device_selector = DeviceSelector::run(status.clone());
         let selector_sender = device_selector.clone_sender();
         let thread = RunLoop::new_with_timeout(
             move |alive| {

diff --git a/src/transport/linux/transaction.rs b/src/transport/linux/transaction.rs
@@ -35,7 +35,7 @@ impl Transaction {
             + 'static,
         T: 'static,
     {
-        let device_selector = DeviceSelector::run();
+        let device_selector = DeviceSelector::run(status.clone());
         let selector_sender = device_selector.clone_sender();
         let thread = RunLoop::new_with_timeout(
             move |alive| {

diff --git a/src/transport/macos/transaction.rs b/src/transport/macos/transaction.rs
@@ -46,7 +46,7 @@ impl Transaction {
     {
         let (tx, rx) = channel();
         let timeout = (timeout as f64) / 1000.0;
-        let device_selector = DeviceSelector::run();
+        let device_selector = DeviceSelector::run(status.clone());
         let selector_sender = device_selector.clone_sender();
         let builder = thread::Builder::new();
         let thread = builder