[webkit-changes] [295702] trunk/Source/WebKit/UIProcess/API/Cocoa/ _WKWebAuthenticationPanel.mm
Title: [295702] trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm Revision 295702 Author j_pas...@apple.com Date 2022-06-21 16:51:24 -0700 (Tue, 21 Jun 2022) Log Message [WebAuthn] Fix crash when making assertions https://bugs.webkit.org/show_bug.cgi?id=241814 rdar://95618710 Reviewed by Brent Fulgham. We return an NSData inside _WKAuthenticatorAssertionResponse with ref count 0. To fix this, we use autorelease as we do in the _WKAuthenticatorAttestationResponse case. * Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (wkAuthenticatorAssertionResponse): Canonical link: https://commits.webkit.org/251707@main Modified Paths trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm Diff Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (295701 => 295702) --- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-06-21 23:28:41 UTC (rev 295701) +++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-06-21 23:51:24 UTC (rev 295702) @@ -929,7 +929,7 @@ if (data.userHandle) userHandle = [NSData dataWithBytes:data.userHandle->data() length:data.userHandle->byteLength()]; -return adoptNS([[_WKAuthenticatorAssertionResponse alloc] initWithClientDataJSON:clientDataJSON rawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensionOutputsCBOR:toNSData(data.extensionOutputs->toCBOR()).get() authenticatorData:[NSData dataWithBytes:data.authenticatorData->data() length:data.authenticatorData->byteLength()] signature:[NSData dataWithBytes:data.signature->data() length:data.signature->byteLength()] userHandle:userHandle attachment:authenticatorAttachmentToWKAuthenticatorAttachment(attachment)]); +return adoptNS([[_WKAuthenticatorAssertionResponse alloc] initWithClientDataJSON:clientDataJSON rawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensionOutputsCBOR:toNSData(data.extensionOutputs->toCBOR()).autorelease() authenticatorData:[NSData dataWithBytes:data.authenticatorData->data() length:data.authenticatorData->byteLength()] signature:[NSData dataWithBytes:data.signature->data() length:data.signature->byteLength()] userHandle:userHandle attachment:authenticatorAttachmentToWKAuthenticatorAttachment(attachment)]); } #endif ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295695] trunk/Source/WebKit/UIProcess/WebPageProxy.cpp
Title: [295695] trunk/Source/WebKit/UIProcess/WebPageProxy.cpp Revision 295695 Author j_pas...@apple.com Date 2022-06-21 15:34:05 -0700 (Tue, 21 Jun 2022) Log Message Only support downloading previews in captive portal mode https://bugs.webkit.org/show_bug.cgi?id=241741 Reviewed by Brent Fulgham. * Source/WebKit/UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::decidePolicyForResponseShared): Set policy for previews to download Canonical link: https://commits.webkit.org/251700@main Modified Paths trunk/Source/WebKit/UIProcess/WebPageProxy.cpp Diff Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (295694 => 295695) --- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2022-06-21 22:11:33 UTC (rev 295694) +++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2022-06-21 22:34:05 UTC (rev 295695) @@ -320,6 +320,10 @@ #import #endif +#if USE(QUICK_LOOK) +#include +#endif + #define MESSAGE_CHECK(process, assertion) MESSAGE_CHECK_BASE(assertion, process->connection()) #define MESSAGE_CHECK_URL(process, url) MESSAGE_CHECK_BASE(checkURLReceivedFromCurrentOrPreviousWebProcess(process, url), process->connection()) #define MESSAGE_CHECK_COMPLETION(process, assertion, completion) MESSAGE_CHECK_COMPLETION_BASE(assertion, process->connection(), completion) @@ -5833,9 +5837,10 @@ #endif ), webPageID); }); -if (process->captivePortalMode() == WebProcessProxy::CaptivePortalMode::Enabled && MIMETypeRegistry::isPDFOrPostScriptMIMEType(navigationResponse->response().mimeType())) +#if USE(QUICK_LOOK) +if (process->captivePortalMode() == WebProcessProxy::CaptivePortalMode::Enabled && (MIMETypeRegistry::isPDFOrPostScriptMIMEType(navigationResponse->response().mimeType()) || PreviewConverter::supportsMIMEType(navigationResponse->response().mimeType( policyAction = PolicyAction::Download; - +#endif receivedPolicyDecision(policyAction, navigation.get(), nullptr, WTFMove(navigationResponse), WTFMove(sender)); }, ShouldExpectSafeBrowsingResult::No, ShouldExpectAppBoundDomainResult::No); ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295694] trunk
Title: [295694] trunk Revision 295694 Author j_pas...@apple.com Date 2022-06-21 15:11:33 -0700 (Tue, 21 Jun 2022) Log Message NotificationEventEnabled should be enabled macOS Ventura+ https://bugs.webkit.org/show_bug.cgi?id=241605 rdar://94441142 Reviewed by Alex Christensen. * Source/WTF/wtf/PlatformEnable.h: This API should only be enabled on macOS 13 and later. * LayoutTests/TestExpectations: * LayoutTests/platform/mac-wk2/TestExpectations: * Tools/TestWebKitAPI/Tests/WebKitCocoa/PushAPI.mm: * Tools/TestWebKitAPI/Tests/WebKitCocoa/WebPushDaemon.mm: Update test expectations to account for these being macOS Ventura+ Canonical link: https://commits.webkit.org/251699@main Modified Paths trunk/LayoutTests/TestExpectations trunk/LayoutTests/platform/mac-wk2/TestExpectations trunk/Source/WTF/wtf/PlatformEnable.h trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/PushAPI.mm trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WebPushDaemon.mm Diff Modified: trunk/LayoutTests/TestExpectations (295693 => 295694) --- trunk/LayoutTests/TestExpectations 2022-06-21 22:08:27 UTC (rev 295693) +++ trunk/LayoutTests/TestExpectations 2022-06-21 22:11:33 UTC (rev 295694) @@ -1145,6 +1145,17 @@ webanimations/frame-rate [ Skip ] +# NOTIFICATION_EVENT is Ventura+ +http/tests/workers/service/shownotification-allowed-document.html [ Skip ] +http/tests/workers/service/shownotification-allowed.html [ Skip ] +http/tests/workers/service/shownotification-invalid-data.html [ Skip ] +http/wpt/push-api/pushEvent.any.serviceworker.html [ Skip ] +imported/w3c/web-platform-tests/notifications/idlharness.https.any.html [ Skip ] +imported/w3c/web-platform-tests/notifications/idlharness.https.any.serviceworker.html [ Skip ] +imported/w3c/web-platform-tests/notifications/idlharness.https.any.worker.html [ Skip ] +http/tests/workers/service/getnotifications-stop.html [ Skip ] +http/tests/workers/service/getnotifications.html [ Skip ] + #// # End platform-specific tests. #// Modified: trunk/LayoutTests/platform/mac-wk2/TestExpectations (295693 => 295694) --- trunk/LayoutTests/platform/mac-wk2/TestExpectations 2022-06-21 22:08:27 UTC (rev 295693) +++ trunk/LayoutTests/platform/mac-wk2/TestExpectations 2022-06-21 22:11:33 UTC (rev 295694) @@ -1717,3 +1717,14 @@ webkit.org/b/241265 [ Debug ] imported/w3c/web-platform-tests/html/rendering/replaced-elements/svg-embedded-sizing/svg-in-object-percentage.html [ Pass Crash ] webkit.org/b/241283 fast/animation/request-animation-frame-throttling-detached-iframe.html [ Pass Failure ] + +# NOTIFICATION_EVENT is Ventura+ +[ Ventura+ ] http/tests/workers/service/shownotification-allowed-document.html [ Pass ] +[ Ventura+ ] http/tests/workers/service/shownotification-allowed.html [ Pass ] +[ Ventura+ ] http/tests/workers/service/shownotification-invalid-data.html [ Pass ] +[ Ventura+ ] http/wpt/push-api/pushEvent.any.serviceworker.html [ Pass ] +[ Ventura+ ] imported/w3c/web-platform-tests/notifications/idlharness.https.any.html [ Pass ] +[ Ventura+ ] imported/w3c/web-platform-tests/notifications/idlharness.https.any.serviceworker.html [ Pass ] +[ Ventura+ ] imported/w3c/web-platform-tests/notifications/idlharness.https.any.worker.html [ Pass ] +[ Ventura+ ] http/tests/workers/service/getnotifications-stop.html [ Pass ] +[ Ventura+ ] http/tests/workers/service/getnotifications.html [ Pass ] Modified: trunk/Source/WTF/wtf/PlatformEnable.h (295693 => 295694) --- trunk/Source/WTF/wtf/PlatformEnable.h 2022-06-21 22:08:27 UTC (rev 295693) +++ trunk/Source/WTF/wtf/PlatformEnable.h 2022-06-21 22:11:33 UTC (rev 295694) @@ -956,7 +956,8 @@ #error "ENABLE(WEBXR_HANDS) requires ENABLE(WEBXR)" #endif -#if ENABLE(SERVICE_WORKER) && ENABLE(NOTIFICATIONS) +#if ENABLE(SERVICE_WORKER) && ENABLE(NOTIFICATIONS) \ +&& PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 13 #if !defined(ENABLE_NOTIFICATION_EVENT) #define ENABLE_NOTIFICATION_EVENT 1 #endif Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/PushAPI.mm (295693 => 295694) --- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/PushAPI.mm 2022-06-21 22:08:27 UTC (rev 295693) +++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/PushAPI.mm 2022-06-21 22:11:33 UTC (rev 295694) @@ -25,7 +25,7 @@ #import "config.h" -#if ENABLE(NOTIFICATIONS) +#if ENABLE(NOTIFICATIONS) && ENABLE(NOTIFICATION_EVENT) #import "DeprecatedGlobalValues.h" #import "HTTPServer.h" @@ -729,4 +729,4 @@ #endif // WK_HAVE_C_SPI -#endif // ENABLE(NOTIFICATIONS) +#endif // ENABLE(NOTIFICATIONS) && ENABLE(NOTIFICATION_EVENT) Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WebPushDaemon.mm (295693 => 295694) --- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WebPushDaemon.mm 2022-06-21 22:08:27 UTC (rev 295693) +++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WebPushDaemon.mm 2022-06-21
[webkit-changes] [295691] trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp
Title: [295691] trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp Revision 295691 Author j_pas...@apple.com Date 2022-06-21 14:50:42 -0700 (Tue, 21 Jun 2022) Log Message Disable system preview in captive portal mode https://bugs.webkit.org/show_bug.cgi?id=241739 rdar://90563679 Reviewed by Brent Fulgham. * Source/WebKit/WebProcess/WebPage/WebPage.cpp: (WebKit::adjustSettingsForCaptivePortal): Disable system preview when in captive portal mode. Canonical link: https://commits.webkit.org/251696@main Modified Paths trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp Diff Modified: trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp (295690 => 295691) --- trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2022-06-21 21:35:26 UTC (rev 295690) +++ trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2022-06-21 21:50:42 UTC (rev 295691) @@ -4141,6 +4141,9 @@ #if ENABLE(PDFJS) settings.setPdfJSViewerEnabled(true); #endif +#if USE(SYSTEM_PREVIEW) +settings.setSystemPreviewEnabled(false); +#endif settings.setAllowedMediaContainerTypes(store.getStringValueForKey(WebPreferencesKey::mediaContainerTypesAllowedInCaptivePortalModeKey())); settings.setAllowedMediaCodecTypes(store.getStringValueForKey(WebPreferencesKey::mediaCodecTypesAllowedInCaptivePortalModeKey())); ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295690] trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp
Title: [295690] trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp
Revision 295690
Author j_pas...@apple.com
Date 2022-06-21 14:35:26 -0700 (Tue, 21 Jun 2022)
Log Message
Use PageIdentifier, not WebPageProxy's identifier for WKPageGetIdentifier
https://bugs.webkit.org/show_bug.cgi?id=241701
rdar://problem/95332001
Reviewed by Chris Dumez.
* Source/WebKit/UIProcess/API/C/WKPage.cpp:
(WKPageGetIdentifier):
Use webPageID, not identifier.
Canonical link: https://commits.webkit.org/251695@main
Modified Paths
trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp
Diff
Modified: trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp (295689 => 295690)
--- trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp 2022-06-21 21:27:16 UTC (rev 295689)
+++ trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp 2022-06-21 21:35:26 UTC (rev 295690)
@@ -3191,5 +3191,5 @@
uint64_t WKPageGetIdentifier(WKPageRef pageRef)
{
-return toImpl(pageRef)->identifier().toUInt64();
+return toImpl(pageRef)->webPageID().toUInt64();
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295641] trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/ LocalAuthenticator.mm
Title: [295641] trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Revision 295641
Author j_pas...@apple.com
Date 2022-06-17 11:57:08 -0700 (Fri, 17 Jun 2022)
Log Message
[WebAuthn] Upgrading a legacy platform credential to a passkey does not delete the legacy credential
https://bugs.webkit.org/show_bug.cgi?id=241608
rdar://95059952
Reviewed by Brent Fulgham.
* Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::deleteDuplicateCredential const):
Query credentials by user handle, regardless of sync status to properly remove
legacy credentials.
Canonical link: https://commits.webkit.org/251646@main
Modified Paths
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Diff
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (295640 => 295641)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-06-17 18:03:22 UTC (rev 295640)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-06-17 18:57:08 UTC (rev 295641)
@@ -670,15 +670,14 @@
if (memcmp(userHandle->data(), creationOptions.user.id.data(), userHandle->byteLength()))
return false;
-auto query = adoptNS([[NSMutableDictionary alloc] init]);
-[query setDictionary:@{
+NSDictionary *query = @{
(id)kSecClass: (id)kSecClassKey,
(id)kSecAttrApplicationLabel: toNSData(credential->rawId()).get(),
+(id)kSecAttrSynchronizable: (id)kSecAttrSynchronizableAny,
(id)kSecUseDataProtectionKeychain: @YES
-}];
-updateQueryIfNecessary(query.get());
+};
-OSStatus status = SecItemDelete((__bridge CFDictionaryRef)query.get());
+OSStatus status = SecItemDelete((__bridge CFDictionaryRef)query);
if (status && status != errSecItemNotFound)
LOG_ERROR(makeString("Couldn't delete older credential: "_s, status).utf8().data());
return true;
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295617] trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/ LocalAuthenticator.mm
Title: [295617] trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Revision 295617
Author j_pas...@apple.com
Date 2022-06-16 16:52:58 -0700 (Thu, 16 Jun 2022)
Log Message
[WebAuthn] Stop using decidePolicyForLocalAuthenticator
https://bugs.webkit.org/show_bug.cgi?id=241614
rdar://95066808
Reviewed by Brent Fulgham.
* Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::makeCredential):
Previously, in the browser ui delegate based flow, consent would be given
for the platform authenticator after selecting it. In the new flow you
must consent to the platform authenticator before getting here, so
decidePolicyForLocalAuthenticator is no longer needed.
Canonical link: https://commits.webkit.org/251622@main
Modified Paths
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Diff
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (295616 => 295617)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-06-16 23:37:37 UTC (rev 295616)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-06-16 23:52:58 UTC (rev 295617)
@@ -262,19 +262,7 @@
ASSERT(rawId);
return excludeCredentialIds.contains(base64EncodeToString(rawId->data(), rawId->byteLength()));
})) {
-// Obtain consent per Step 3.1
-auto callback = [weakThis = WeakPtr { *this }] (LocalAuthenticatorPolicy policy) {
-RELEASE_ASSERT(RunLoop::isMain());
-if (!weakThis)
-return;
-
-if (policy == LocalAuthenticatorPolicy::Allow)
-weakThis->receiveException({ InvalidStateError, "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator."_s }, WebAuthenticationStatus::LAExcludeCredentialsMatched);
-else
-weakThis->receiveException({ NotAllowedError, "This request has been cancelled by the user."_s });
-};
-// Similar to below, consent has already been given.
-observer()->decidePolicyForLocalAuthenticator(WTFMove(callback));
+receiveException({ InvalidStateError, "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator."_s }, WebAuthenticationStatus::LAExcludeCredentialsMatched);
return;
}
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295616] trunk/Source
Title: [295616] trunk/Source
Revision 295616
Author j_pas...@apple.com
Date 2022-06-16 16:37:37 -0700 (Thu, 16 Jun 2022)
Log Message
[WebAuthn] Rename cable transport to hybrid
https://bugs.webkit.org/show_bug.cgi?id=241691
rdar://problem/95312126
Reviewed by Brent Fulgham.
This transport got renamed in https://github.com/fido-alliance/fido-2-specs/issues/1332
Hybrid is the name that should be used in AuthenticatorTransport, we continue to recgnize
the old string.
* Source/WebCore/Modules/webauthn/AuthenticatorTransport.h:
* Source/WebCore/Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp:
(fido::toString):
* Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp:
(fido::convertStringToAuthenticatorTransport):
* Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticatorInternal::transports):
* Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::toASCDescriptor):
Canonical link: https://commits.webkit.org/251621@main
Modified Paths
trunk/Source/WebCore/Modules/webauthn/AuthenticatorTransport.h
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h
trunk/Source/WebCore/Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp
trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorTransport.h (295615 => 295616)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorTransport.h 2022-06-16 23:23:20 UTC (rev 295615)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorTransport.h 2022-06-16 23:37:37 UTC (rev 295616)
@@ -36,7 +36,8 @@
Nfc,
Ble,
Internal,
-Cable
+Cable,
+Hybrid
};
} // namespace WebCore
@@ -50,7 +51,8 @@
WebCore::AuthenticatorTransport::Nfc,
WebCore::AuthenticatorTransport::Ble,
WebCore::AuthenticatorTransport::Internal,
-WebCore::AuthenticatorTransport::Cable
+WebCore::AuthenticatorTransport::Cable,
+WebCore::AuthenticatorTransport::Hybrid
>;
};
Modified: trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h (295615 => 295616)
--- trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-06-16 23:23:20 UTC (rev 295615)
+++ trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-06-16 23:37:37 UTC (rev 295616)
@@ -95,6 +95,7 @@
constexpr auto authenticatorTransportBle = "ble"_s;
constexpr auto authenticatorTransportInternal = "internal"_s;
constexpr auto authenticatorTransportCable = "cable"_s;
+constexpr auto authenticatorTransportHybrid = "hybrid"_s;
} // namespace WebCore
Modified: trunk/Source/WebCore/Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp (295615 => 295616)
--- trunk/Source/WebCore/Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp 2022-06-16 23:23:20 UTC (rev 295615)
+++ trunk/Source/WebCore/Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp 2022-06-16 23:37:37 UTC (rev 295616)
@@ -100,6 +100,8 @@
break;
case WebCore::AuthenticatorTransport::Cable:
return WebCore::authenticatorTransportCable;
+case WebCore::AuthenticatorTransport::Hybrid:
+return WebCore::authenticatorTransportHybrid;
default:
break;
}
Modified: trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp (295615 => 295616)
--- trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp 2022-06-16 23:23:20 UTC (rev 295615)
+++ trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp 2022-06-16 23:37:37 UTC (rev 295616)
@@ -66,6 +66,8 @@
return AuthenticatorTransport::Internal;
if (transport == authenticatorTransportCable)
return AuthenticatorTransport::Cable;
+if (transport == authenticatorTransportHybrid)
+return AuthenticatorTransport::Hybrid;
return std::nullopt;
}
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (295615 => 295616)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-06-16 23:23:20 UTC (rev 295615)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-06-16 23:37:37 UTC (rev 295616)
@@ -200,7 +200,7 @@
{
Vector transports = { WebCore::AuthenticatorTransport::Internal };
if (shouldUpdateQuery())
-transports.append(WebCore::AuthenticatorTransport::Cable);
+transports.append(WebCore::AuthenticatorTransport::Hybrid);
return transports;
}
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (295615 => 295616)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-06-16 23:23:20 UTC (rev 295615)
+++ trunk/Source
[webkit-changes] [295506] trunk/Source
Title: [295506] trunk/Source
Revision 295506
Author j_pas...@apple.com
Date 2022-06-13 17:21:10 -0700 (Mon, 13 Jun 2022)
Log Message
[WebAuthn] CTAP2_ERR_USER_ACTION_TIMEOUT isn't handled properly
https://bugs.webkit.org/show_bug.cgi?id=241565
rdar://95040155
Reviewed by Brent Fulgham.
Authenticators will time out operations after so many seconds of
waiting for user interaction, returning an error of
CTAP2_ERR_USER_ACTION_TIMEOUT. This patch handles that error
by reissuing the request, instead of letting it go to U2F fallback
and failing there with "no credentials found."
Tested with a Yubikey 5c.
* Source/WebCore/Modules/webauthn/fido/FidoConstants.cpp:
(fido::isCtapDeviceResponseCode):
* Source/WebCore/Modules/webauthn/fido/FidoConstants.h:
* Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
(WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived):
(WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived):
Canonical link: https://commits.webkit.org/251511@main
Modified Paths
trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.cpp
trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.h
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
Diff
Modified: trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.cpp (295505 => 295506)
--- trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.cpp 2022-06-13 23:42:46 UTC (rev 295505)
+++ trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.cpp 2022-06-14 00:21:10 UTC (rev 295506)
@@ -82,6 +82,7 @@
case CtapDeviceResponseCode::kCtap2ErrPinPolicyViolation:
case CtapDeviceResponseCode::kCtap2ErrPinTokenExpired:
case CtapDeviceResponseCode::kCtap2ErrRequestTooLarge:
+case CtapDeviceResponseCode::kCtap2ErrActionTimeout:
case CtapDeviceResponseCode::kCtap2ErrOther:
case CtapDeviceResponseCode::kCtap2ErrSpecLast:
case CtapDeviceResponseCode::kCtap2ErrExtensionFirst:
Modified: trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.h (295505 => 295506)
--- trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.h 2022-06-13 23:42:46 UTC (rev 295505)
+++ trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.h 2022-06-14 00:21:10 UTC (rev 295506)
@@ -98,6 +98,7 @@
kCtap2ErrPinPolicyViolation = 0x37,
kCtap2ErrPinTokenExpired = 0x38,
kCtap2ErrRequestTooLarge = 0x39,
+kCtap2ErrActionTimeout = 0x3A,
kCtap2ErrOther = 0x7F,
kCtap2ErrSpecLast = 0xDF,
kCtap2ErrExtensionFirst = 0xE0,
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp (295505 => 295506)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2022-06-13 23:42:46 UTC (rev 295505)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2022-06-14 00:21:10 UTC (rev 295506)
@@ -119,6 +119,11 @@
if (!response) {
auto error = getResponseCode(data);
+if (error == CtapDeviceResponseCode::kCtap2ErrActionTimeout) {
+makeCredential();
+return;
+}
+
if (error == CtapDeviceResponseCode::kCtap2ErrCredentialExcluded) {
receiveRespond(ExceptionData { InvalidStateError, "At least one credential matches an entry of the excludeCredentials list in the authenticator."_s });
return;
@@ -173,6 +178,11 @@
if (!response) {
auto error = getResponseCode(data);
+if (error == CtapDeviceResponseCode::kCtap2ErrActionTimeout) {
+getAssertion();
+return;
+}
+
if (!isPinError(error) && tryDowngrade())
return;
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295407] trunk/Source
Title: [295407] trunk/Source Revision 295407 Author j_pas...@apple.com Date 2022-06-08 17:55:13 -0700 (Wed, 08 Jun 2022) Log Message [WebAuthn] Support credProps extension and refactor extension handling https://bugs.webkit.org/show_bug.cgi?id=241199 rdar://90281799 Reviewed by Brent Fulgham. This patch implements the credProps Web Authentication extension specified here: https://www.w3.org/TR/webauthn-2/#sctn-authenticator-credential-properties-extension This extension provides information about the created credential to the relying party, at this time this is only the resident key credential property. This is useful information for RPs to enable passwordless flows. The patch also refactors how we ferry extension inputs/outputs between WebKit and Authentication Services. We now passthrough inputs and outputs as a cbor serialized blob. This is well specified as described here: https://www.w3.org/TR/webauthn-2/#sctn-extensions-inputs-outputs This extension is covered by the web platform test webauthn/createcredential-resident-key.https.html. * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientInputs.cpp: Added. (WebCore::AuthenticationExtensionsClientInputs::fromCBOR): (WebCore::AuthenticationExtensionsClientInputs::toCBOR const): * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientInputs.h: * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientInputs.idl: * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientOutputs.cpp: Added. (WebCore::AuthenticationExtensionsClientOutputs::fromCBOR): (WebCore::AuthenticationExtensionsClientOutputs::toCBOR const): * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientOutputs.h: (WebCore::AuthenticationExtensionsClientOutputs::encode const): (WebCore::AuthenticationExtensionsClientOutputs::decode): (WebCore::AuthenticationExtensionsClientOutputs::CredentialPropertiesOutput::encode const): (WebCore::AuthenticationExtensionsClientOutputs::CredentialPropertiesOutput::decode): * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: * Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): * Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): * Source/WebCore/Modules/webauthn/AuthenticatorResponse.h: * Source/WebCore/Modules/webauthn/AuthenticatorResponseData.h: (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Source/WebCore/WebCore.xcodeproj/project.pbxproj: * Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm: (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensionOutputsCBOR:authenticatorData:signature:userHandle:attachment:]): * Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h: * Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensionOutputsCBOR:attestationObject:attachment:transports:]): * Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h: * Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm: (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensionOutputsCBOR:attachment:]): * Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h: * Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialCreationOptions.h: * Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialCreationOptions.mm: (-[_WKPublicKeyCredentialCreationOptions dealloc]): * Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRequestOptions.h: * Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRequestOptions.mm: (-[_WKPublicKeyCredentialRequestOptions dealloc]): * Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (toNSData): (+[_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:]): (wkAuthenticatorAttestationResponse): (wkAuthenticatorAssertionResponse): (wkExtensionsClientOutputs): Deleted. * Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.h: * Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::processClientExtensions): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserVerification): * Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureRegistrationRequestContext): (WebKit::configureAssertionOptions): (WebKit::toExtensionOutputs): (WebKit::continueAfterRequest): * Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::
[webkit-changes] [295070] trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/ WebAuthenticatorCoordinatorProxy.mm
Title: [295070] trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Revision 295070
Author j_pas...@apple.com
Date 2022-05-31 15:24:11 -0700 (Tue, 31 May 2022)
Log Message
[WebAuthn][ios] weakThis not checked before clearing ASCProxy
https://bugs.webkit.org/show_bug.cgi?id=241029
rdar://93932684
Reviewed by Brent Fulgham.
This issue causes crashes after cancelling some types of requests. This change
has been tested on device to verify it fixes the crash.
* Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
Canonical link: https://commits.webkit.org/251165@main
Modified Paths
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (295069 => 295070)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-31 22:22:07 UTC (rev 295069)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-31 22:24:11 UTC (rev 295070)
@@ -446,7 +446,8 @@
return;
}
continueAfterRequest(credential, error, WTFMove(handler));
-weakThis->m_proxy.clear();
+if (weakThis->m_proxy)
+weakThis->m_proxy.clear();
});
}).get()];
return;
@@ -462,7 +463,7 @@
if (!weakThis || !daemonEndpoint) {
LOG_ERROR("Could not connect to authorization daemon: %@\n", error.get());
handler({ }, (AuthenticatorAttachment)0, ExceptionData { NotAllowedError, "Operation failed."_s });
-if (weakThis)
+if (weakThis && weakThis->m_proxy)
weakThis->m_proxy.clear();
return;
}
@@ -473,7 +474,8 @@
auto error = retainPtr(errorNotRetain);
#endif
continueAfterRequest(credential, error, WTFMove(handler));
-weakThis->m_proxy.clear();
+if (weakThis && weakThis->m_proxy)
+weakThis->m_proxy.clear();
#if PLATFORM(MAC)
}).get()];
#endif
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294975] trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/ TestSOAuthorization.mm
Title: [294975] trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm
Revision 294975
Author j_pas...@apple.com
Date 2022-05-27 18:46:33 -0700 (Fri, 27 May 2022)
Log Message
[ iOS ] TestWebKitAPI.SOAuthorizationSubFrame.InterceptionErrorWithReferrer is a flaky timeout
https://bugs.webkit.org/show_bug.cgi?id=239311
Reviewed by Brent Fulgham.
There is a race condition when using waitForMessage that we hit here, causing flaky tests on
some bots. This patch avoids this by specifying the messages waited for before loading the
request.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm:
(-[TestSOAuthorizationScriptMessageHandler initWithExpectation:]):
(-[TestSOAuthorizationScriptMessageHandler userContentController:didReceiveScriptMessage:]):
(TestWebKitAPI::TEST):
Canonical link: https://commits.webkit.org/251079@main
Modified Paths
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm
Diff
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm (294974 => 294975)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm 2022-05-28 01:23:18 UTC (rev 294974)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm 2022-05-28 01:46:33 UTC (rev 294975)
@@ -250,28 +250,24 @@
@implementation TestSOAuthorizationScriptMessageHandler {
RetainPtr _messages;
+RetainPtr _expectedMessages;
}
+- (instancetype)initWithExpectation:(NSArray *)expectedMessages
+{
+_messages = adoptNS([[NSMutableArray alloc] init]);
+_expectedMessages = expectedMessages;
+return self;
+}
+
- (void)userContentController:(WKUserContentController *)userContentController didReceiveScriptMessage:(WKScriptMessage *)message
{
-if (!_messages)
-_messages = adoptNS([[NSMutableArray alloc] init]);
+auto curIndex = [_messages count];
[_messages addObject:message.body];
-
-if ([message.body isEqual:@""]) {
+if ([_messages count] == [_expectedMessages count])
allMessagesReceived = true;
-EXPECT_EQ([_messages count], 5u);
-EXPECT_WK_STREQ("SOAuthorizationDidStart", [_messages objectAtIndex:1]);
-EXPECT_WK_STREQ("SOAuthorizationDidCancel", [_messages objectAtIndex:3]);
-EXPECT_WK_STREQ("", [_messages objectAtIndex:4]);
-}
-
-if ([message.body isEqual:@"Hello."]) {
-allMessagesReceived = true;
-EXPECT_EQ([_messages count], 4u);
-EXPECT_WK_STREQ("SOAuthorizationDidStart", [_messages objectAtIndex:1]);
-EXPECT_WK_STREQ("Hello.", [_messages objectAtIndex:3]);
-}
+if (curIndex < [_expectedMessages count] && [_expectedMessages objectAtIndex:curIndex] != [NSNull null])
+EXPECT_WK_STREQ([_expectedMessages objectAtIndex:curIndex], [_messages objectAtIndex:curIndex]);
}
@end
@@ -2635,7 +2631,7 @@
}
// FIXME: https://bugs.webkit.org/show_bug.cgi?id=239311
-TEST(SOAuthorizationSubFrame, DISABLED_InterceptionErrorWithReferrer)
+TEST(SOAuthorizationSubFrame, InterceptionErrorWithReferrer)
{
resetState();
ClassMethodSwizzler swizzler1(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast(overrideCanPerformAuthorizationWithURL));
@@ -2668,21 +2664,22 @@
});
});
});
+auto configuration = adoptNS([[WKWebViewConfiguration alloc] init]);
+auto origin = makeString("http://127.0.0.1:", server.port());
-auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+auto messageHandler = adoptNS([[TestSOAuthorizationScriptMessageHandler alloc] initWithExpectation:@[origin, @"SOAuthorizationDidStart", origin, @"SOAuthorizationDidCancel", origin, @"Hello.", origin, makeString("Referrer: ", origin, "/")]]);
+[[configuration userContentController] addScriptMessageHandler:messageHandler.get() name:@"testHandler"];
+auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500) configuration:configuration.get()]);
auto delegate = adoptNS([[TestSOAuthorizationDelegate alloc] init]);
configureSOAuthorizationWebView(webView.get(), delegate.get());
-auto origin = makeString("http://127.0.0.1:", server.port());
[webView _loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:(id)origin]] shouldOpenExternalURLs:NO];
-[webView waitForMessage:(id)origin];
-[webView waitForMessage:@"SOAuthorizationDidStart"];
+
+Util::run(&authorizationPerformed);
EXPECT_TRUE(policyForAppSSOPerformed);
[gDelegate authorization:gAuthorization didCompleteWithError:adoptNS([[NSError alloc] initWithDomain:NSCocoaErrorDomain code:0 userInfo:nil]).get()];
-[webView waitForMessage:(id)origin];
-[webView waitForMessage:@"SOAuthorizationDidCancel"];
-[webView waitForMessage:(id)makeString("Referrer: ", origin, "/")]; // Referrer policy requires '/' after origin.
+Util::run(&allMessagesReceived);
}
TEST(SOAuthorizationSub
[webkit-changes] [294950] trunk/Source
Title: [294950] trunk/Source Revision 294950 Author j_pas...@apple.com Date 2022-05-27 13:14:24 -0700 (Fri, 27 May 2022) Log Message [WebAuthn] Forward declare ASC SPI for internal needs. https://bugs.webkit.org/show_bug.cgi?id=240928 rdar://problem/93930713 Reviewed by Brent Fulgham. This fixes the build after an internal change for older macOS. * Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: Remove unused import that isn't present in older macOS sdk. Canonical link: https://commits.webkit.org/251058@main Modified Paths trunk/Source/WTF/wtf/PlatformHave.h trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm Diff Modified: trunk/Source/WTF/wtf/PlatformHave.h (294949 => 294950) --- trunk/Source/WTF/wtf/PlatformHave.h 2022-05-27 19:54:52 UTC (rev 294949) +++ trunk/Source/WTF/wtf/PlatformHave.h 2022-05-27 20:14:24 UTC (rev 294950) @@ -830,6 +830,11 @@ #define HAVE_ASC_AUTH_UI 1 #endif +#if PLATFORM(IOS) \ +|| (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 12) +#define HAVE_ASC_WEBKIT_SPI 1 +#endif + #if PLATFORM(MAC) #if !defined(HAVE_MT_PLUGIN_FORMAT_READER) #define HAVE_MT_PLUGIN_FORMAT_READER 1 Modified: trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h (294949 => 294950) --- trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-05-27 19:54:52 UTC (rev 294949) +++ trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-05-27 20:14:24 UTC (rev 294950) @@ -27,7 +27,7 @@ #if HAVE(ASC_AUTH_UI) || HAVE(UNIFIED_ASC_AUTH_UI) -#if USE(APPLE_INTERNAL_SDK) +#if USE(APPLE_INTERNAL_SDK) && HAVE(ASC_WEBKIT_SPI) #import #else @interface ASCWebKitSPISupport : NSObject Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (294949 => 294950) --- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-27 19:54:52 UTC (rev 294949) +++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-27 20:14:24 UTC (rev 294950) @@ -32,7 +32,6 @@ #import "WKError.h" #import "WebAuthenticationRequestData.h" #import "WebPageProxy.h" -#import #import #import #import ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294812] trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/ _WKWebAuthenticationPanel.mm
Title: [294812] trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Revision 294812
Author j_pas...@apple.com
Date 2022-05-25 11:33:57 -0700 (Wed, 25 May 2022)
Log Message
REGRESSION (r294434): [ iOS ] TestWebKitAPI.WebAuthenticationPanel.ExportImportDuplicateCredential is a consistent failure
https://bugs.webkit.org/show_bug.cgi?id=240686
Reviewed by Brent Fulgham.
The sync flag may differ at runtime due to internal reasons. This patch modifies the test to support either value
of the flag.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Canonical link: https://commits.webkit.org/250966@main
Modified Paths
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (294811 => 294812)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-25 18:13:09 UTC (rev 294811)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-25 18:33:57 UTC (rev 294812)
@@ -2285,7 +2285,7 @@
reset();
cleanUpKeychain(emptyString());
-addKeyToKeychain(testES256PrivateKeyBase64, "example.com"_s, testUserEntityBundleBase64, true /* synchronized */);
+addKeyToKeychain(testES256PrivateKeyBase64, "example.com"_s, testUserEntityBundleBase64);
auto *credentials = [_WKWebAuthenticationPanel getAllLocalAuthenticatorCredentialsWithAccessGroup:testWebKitAPIAccessGroup];
EXPECT_NOT_NULL(credentials);
@@ -2294,8 +2294,16 @@
EXPECT_NOT_NULL([credentials firstObject]);
NSError *error = nil;
auto exportedKey = [_WKWebAuthenticationPanel exportLocalAuthenticatorCredentialWithID:[credentials firstObject][_WKLocalAuthenticatorCredentialIDKey] error:&error];
+cleanUpKeychain("example.com"_s);
auto credentialId = [_WKWebAuthenticationPanel importLocalAuthenticatorWithAccessGroup:testWebKitAPIAccessGroup credential:exportedKey error:&error];
+
+credentials = [_WKWebAuthenticationPanel getAllLocalAuthenticatorCredentialsWithAccessGroup:testWebKitAPIAccessGroup];
+EXPECT_NOT_NULL(credentials);
+EXPECT_EQ([credentials count], 1lu);
+addKeyToKeychain(testES256PrivateKeyBase64, "example.com"_s, testUserEntityBundleBase64, [credentials firstObject][_WKLocalAuthenticatorCredentialSynchronizableKey]);
+
+credentialId = [_WKWebAuthenticationPanel importLocalAuthenticatorWithAccessGroup:testWebKitAPIAccessGroup credential:exportedKey error:&error];
EXPECT_EQ(credentialId, nil);
EXPECT_EQ(error.code, WKErrorDuplicateCredential);
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294434] trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/ _WKWebAuthenticationPanel.mm
Title: [294434] trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm Revision 294434 Author j_pas...@apple.com Date 2022-05-18 14:28:09 -0700 (Wed, 18 May 2022) Log Message REGRESSION (442fcb1ea6f?): TestWebKitAPI.WebAuthenticationPanel.ExportImportDuplicateCredential is failing https://bugs.webkit.org/show_bug.cgi?id=240534 rdar://93267243 Reviewed by Brent Fulgham. The default for a flag relevant to syncing has changed in test infrastructure. This change fixes this test by using the sync=1 flag as set by default when importing credentials. * Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: (TestWebKitAPI::TEST): Canonical link: https://commits.webkit.org/250713@main Modified Paths trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm Diff Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (294433 => 294434) --- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-18 21:27:14 UTC (rev 294433) +++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-18 21:28:09 UTC (rev 294434) @@ -2388,7 +2388,7 @@ reset(); cleanUpKeychain(emptyString()); -addKeyToKeychain(testES256PrivateKeyBase64, "example.com"_s, testUserEntityBundleBase64); +addKeyToKeychain(testES256PrivateKeyBase64, "example.com"_s, testUserEntityBundleBase64, true /* synchronized */); auto *credentials = [_WKWebAuthenticationPanel getAllLocalAuthenticatorCredentialsWithAccessGroup:testWebKitAPIAccessGroup]; EXPECT_NOT_NULL(credentials); ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294332] trunk
Title: [294332] trunk
Revision 294332
Author j_pas...@apple.com
Date 2022-05-17 12:09:56 -0700 (Tue, 17 May 2022)
Log Message
[WebAuthn] Add SPI to update platform credential's displayName
https://bugs.webkit.org/show_bug.cgi?id=240471
Reviewed by Brent Fulgham.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Updated API test.
* Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
* Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(+[_WKWebAuthenticationPanel setUsernameForLocalCredentialWithGroupAndID:credential:username:]):
(+[_WKWebAuthenticationPanel setDisplayNameForLocalCredentialWithGroupAndID:credential:displayName:]):
This change introduces setDisplayNameForLocalCredentialWithGroupAndID, which will supercede
the existing setUsernameForLocalCredentialWithGroupAndID once all callers are updated.
Canonical link: https://commits.webkit.org/250652@main
Modified Paths
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (294331 => 294332)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-05-17 19:02:27 UTC (rev 294331)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-05-17 19:09:56 UTC (rev 294332)
@@ -128,6 +128,7 @@
+ (void)clearAllLocalAuthenticatorCredentials WK_API_AVAILABLE(macos(12.0), ios(15.0));
+ (void)setUsernameForLocalCredentialWithID:(NSData *)credentialID username: (NSString *)username WK_API_AVAILABLE(macos(12.0), ios(15.0));
+ (void)setUsernameForLocalCredentialWithGroupAndID:(NSString * _Nullable)group credential:(NSData *)credentialID username: (NSString *)username WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (void)setDisplayNameForLocalCredentialWithGroupAndID:(NSString * _Nullable)group credential:(NSData *)credentialID displayName: (NSString *)displayName WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (NSData *)exportLocalAuthenticatorCredentialWithID:(NSData *)credentialID error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (NSData *)exportLocalAuthenticatorCredentialWithGroupAndID:(NSString * _Nullable)group credential:(NSData *)credentialID error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (294331 => 294332)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-05-17 19:02:27 UTC (rev 294331)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-05-17 19:09:56 UTC (rev 294332)
@@ -363,6 +363,7 @@
[self setUsernameForLocalCredentialWithGroupAndID:nil credential:credentialID username:username];
}
+// rdar://93366441 - Remove this method once callers updated
+ (void)setUsernameForLocalCredentialWithGroupAndID:(NSString *)group credential:(NSData *)credentialID username: (NSString *)username
{
#if ENABLE(WEB_AUTHN)
@@ -428,7 +429,71 @@
#endif
}
++ (void)setDisplayNameForLocalCredentialWithGroupAndID:(NSString *)group credential:(NSData *)credentialID displayName: (NSString *)displayName
+{
#if ENABLE(WEB_AUTHN)
+auto query = adoptNS([[NSMutableDictionary alloc] init]);
+[query setDictionary:@{
+(__bridge id)kSecClass: bridge_id_cast(kSecClassKey),
+(__bridge id)kSecReturnAttributes: @YES,
+(__bridge id)kSecAttrApplicationLabel: credentialID,
+(__bridge id)kSecReturnPersistentRef : bridge_id_cast(kCFBooleanTrue),
+(__bridge id)kSecAttrSynchronizable: (id)kSecAttrSynchronizableAny,
+(__bridge id)kSecUseDataProtectionKeychain: @YES
+}];
+updateQueryForGroupIfNecessary(query.get(), group);
+
+CFTypeRef attributesArrayRef = nullptr;
+OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query.get(), &attributesArrayRef);
+if (status && status != errSecItemNotFound) {
+ASSERT_NOT_REACHED();
+return;
+}
+NSDictionary *attributes = (__bridge NSDictionary *)attributesArrayRef;
+auto decodedResponse = cbor::CBORReader::read(vectorFromNSData(attributes[bridge_id_cast(kSecAttrApplicationTag)]));
+if (!decodedResponse || !decodedResponse->isMap()) {
+ASSERT_NOT_REACHED();
+return;
+}
+auto& previousUserMap = decodedResponse->getMap();
+
+bool nameSet = false;
+cbor::CBORValue::MapValue updatedUserMap;
+for (auto it = previousUserMap.begin(); it != previousUserMap.end(); ++it) {
+if (it->first.isString() && it->first.getString() == fido::kDisplayNameMapKey) {
+if (displayName)
+updatedUserMap[it->first.clone()] = cbor::CBORValue(String(displayName));
+nameSet = true;
+} else
+
[webkit-changes] [294331] trunk
Title: [294331] trunk
Revision 294331
Author j_pas...@apple.com
Date 2022-05-17 12:02:27 -0700 (Tue, 17 May 2022)
Log Message
[WebAuthn] Set displayName in AuthenticatorAssertionResponse for platform authenticator
https://bugs.webkit.org/show_bug.cgi?id=240459
Reviewed by Brent Fulgham.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(-[TestWebAuthenticationPanelDelegate panel:selectAssertionResponse:source:completionHandler:]):
(TestWebKitAPI::TEST):
Updated API test to account for displayName.
* Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticatorInternal::getExistingCredentials):
Canonical link: https://commits.webkit.org/250651@main
Modified Paths
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (294330 => 294331)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-05-17 17:53:44 UTC (rev 294330)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-05-17 19:02:27 UTC (rev 294331)
@@ -187,6 +187,9 @@
response->setGroup(group);
if ([[attributes allKeys] containsObject:bridge_cast(kSecAttrSynchronizable)])
response->setSynchronizable([attributes[(id)kSecAttrSynchronizable] isEqual:@YES]);
+it = responseMap.find(CBOR(fido::kDisplayNameMapKey));
+if (it != responseMap.end() && it->second.isString())
+response->setDisplayName(it->second.getString());
result.uncheckedAppend(WTFMove(response));
}
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (294330 => 294331)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-17 17:53:44 UTC (rev 294330)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-17 19:02:27 UTC (rev 294331)
@@ -83,6 +83,7 @@
static String testUserEntityBundleBase64 = "omJpZEoAAQIDBAUGBwgJZG5hbWVkSm9obg=="_s; // { "id": h'00010203040506070809', "name": "John" }
static String testUserEntityBundleNoUserHandleBase64 = "oWRuYW1lbE1DIE5vLUhhbmRsZQ=="_s; // {"name": "MC No-Handle"}
static String webAuthenticationPanelSelectedCredentialName;
+static String webAuthenticationPanelSelectedCredentialDisplayName;
static String testWebKitAPIAccessGroup = "com.apple.TestWebKitAPI"_s;
static String testWebKitAPIAlternateAccessGroup = "com.apple.TestWebKitAPIAlternate"_s;
static bool laContextRequested = false;
@@ -174,6 +175,7 @@
[object setLAContext:laContext.get()];
webAuthenticationPanelSelectedCredentialName = object.name;
+webAuthenticationPanelSelectedCredentialDisplayName = object.displayName;
completionHandler(object);
return;
}
@@ -1510,7 +1512,7 @@
[webView focus];
ASSERT_TRUE(addKeyToKeychain(testES256PrivateKeyBase64, emptyString(), testUserEntityBundleBase64));
-ASSERT_TRUE(addKeyToKeychain("BBRoi2JbR0IXTeJmvXUp1YIuM4sph/Lu3eGf75F7n+HojHKG70a4R0rB2PQce5/SJle6T7OO5Cqet/LJZVM6NQ8yDDxWvayf71GTDp2yUtuIbqJLFVbpWymlj9WRizgX3A=="_s, emptyString(), "omJpZEoAAQIDBAUGBwgJZG5hbWVkSmFuZQ=="_s/* { "id": h'00010203040506070809', "name": "Jane" } */, true /* synchronizable */));
+ASSERT_TRUE(addKeyToKeychain("BBRoi2JbR0IXTeJmvXUp1YIuM4sph/Lu3eGf75F7n+HojHKG70a4R0rB2PQce5/SJle6T7OO5Cqet/LJZVM6NQ8yDDxWvayf71GTDp2yUtuIbqJLFVbpWymlj9WRizgX3A=="_s, emptyString(), "o2JpZEoAAQIDBAUGBwgJZG5hbWVkSmFuZWtkaXNwbGF5TmFtZWpKYW5lIFNtaXRo"_s/* { "id": h'00010203040506070809', "name": "Jane", "displayName": "Jane Smith" } */, true /* synchronizable */));
[webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
[webView waitForMessage:@"Succeeded!"];
@@ -1519,6 +1521,7 @@
[webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
[webView waitForMessage:@"Succeeded!"];
EXPECT_WK_STREQ(webAuthenticationPanelSelectedCredentialName, "Jane");
+EXPECT_WK_STREQ(webAuthenticationPanelSelectedCredentialDisplayName, "Jane Smith");
cleanUpKeychain(emptyString());
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294242] trunk/Tools
Title: [294242] trunk/Tools Revision 294242 Author j_pas...@apple.com Date 2022-05-16 10:48:17 -0700 (Mon, 16 May 2022) Log Message (REGRESSION(r287957)[ Mac ] TestWebKitAPI.WebAuthenticationPanel.LAGetAssertionNoMockNoUserGesture is a constant timeout) https://bugs.webkit.org/show_bug.cgi?id=240403 rdar://93271671 Reviewed by Brent Fulgham. Whenever HAVE(UNIFIED_ASC_AUTH_UI), unmocked calls are passed to ASA, which does not support calls from TWAPI. * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: (TestWebKitAPI::TEST): Modified Paths trunk/Tools/ChangeLog trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm Diff Modified: trunk/Tools/ChangeLog (294241 => 294242) --- trunk/Tools/ChangeLog 2022-05-16 17:43:08 UTC (rev 294241) +++ trunk/Tools/ChangeLog 2022-05-16 17:48:17 UTC (rev 294242) @@ -1,3 +1,17 @@ +2022-05-16 J Pascoe + +(REGRESSION(r287957)[ Mac ] TestWebKitAPI.WebAuthenticationPanel.LAGetAssertionNoMockNoUserGesture is a constant timeout) +https://bugs.webkit.org/show_bug.cgi?id=240403 +rdar://93271671 + +Reviewed by Brent Fulgham. + +Whenever HAVE(UNIFIED_ASC_AUTH_UI), unmocked calls are passed to ASA, which does not +support calls from TWAPI. + +* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: +(TestWebKitAPI::TEST): + 2022-05-16 Youenn Fablet Make sure calling showNotification will extend the service worker lifetime Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (294241 => 294242) --- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-16 17:43:08 UTC (rev 294241) +++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-05-16 17:48:17 UTC (rev 294242) @@ -1538,7 +1538,11 @@ [webView focus]; [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; +#if HAVE(UNIFIED_ASC_AUTH_UI) +[webView waitForMessage:@"Operation failed."]; +#else [webView waitForMessage:@"This request has been cancelled by the user."]; +#endif } TEST(WebAuthenticationPanel, LAGetAssertionMultipleOrder) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294241] trunk/Source/WebKit
Title: [294241] trunk/Source/WebKit Revision 294241 Author j_pas...@apple.com Date 2022-05-16 10:43:08 -0700 (Mon, 16 May 2022) Log Message REGRESSION (250501@main): [ Mac ] 2 TestWebKitAPI.WebAuthenticationPanel.GetAssertionLA tests failing https://bugs.webkit.org/show_bug.cgi?id=240406 rdar://93267082 Reviewed by Brent Fulgham. Using the the truthiness of BOOL from attributes doesn't work here, instead compare it to @YES. * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::getExistingCredentials): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm Diff Modified: trunk/Source/WebKit/ChangeLog (294240 => 294241) --- trunk/Source/WebKit/ChangeLog 2022-05-16 17:35:40 UTC (rev 294240) +++ trunk/Source/WebKit/ChangeLog 2022-05-16 17:43:08 UTC (rev 294241) @@ -1,3 +1,16 @@ +2022-05-16 J Pascoe + +REGRESSION (250501@main): [ Mac ] 2 TestWebKitAPI.WebAuthenticationPanel.GetAssertionLA tests failing +https://bugs.webkit.org/show_bug.cgi?id=240406 +rdar://93267082 + +Reviewed by Brent Fulgham. + +Using the the truthiness of BOOL from attributes doesn't work here, instead compare it to @YES. + +* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: +(WebKit::LocalAuthenticatorInternal::getExistingCredentials): + 2022-05-16 Alex Christensen Use _adoptEffectiveConfiguration instead of a separate NSURLSession without credentials Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (294240 => 294241) --- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-05-16 17:35:40 UTC (rev 294240) +++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-05-16 17:43:08 UTC (rev 294241) @@ -186,7 +186,7 @@ if (!group.isNull()) response->setGroup(group); if ([[attributes allKeys] containsObject:bridge_cast(kSecAttrSynchronizable)]) -response->setSynchronizable(attributes[(id)kSecAttrSynchronizable]); +response->setSynchronizable([attributes[(id)kSecAttrSynchronizable] isEqual:@YES]); result.uncheckedAppend(WTFMove(response)); } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294135] trunk/Source/WebCore
Title: [294135] trunk/Source/WebCore
Revision 294135
Author j_pas...@apple.com
Date 2022-05-12 18:02:49 -0700 (Thu, 12 May 2022)
Log Message
[WebAuthn] Remove document focus requirement for conditional mediation requests
https://bugs.webkit.org/show_bug.cgi?id=240361
rdar://problem/93201070
Reviewed by Brent Fulgham.
This is necessary so conditional mediation requests work when you open a page in
a new tab. Conditional mediation requests do not support security keys and the
request will be aborted if conditional mediation is not available.
* Modules/credentialmanagement/CredentialsContainer.cpp:
(WebCore::CredentialsContainer::get):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp
Diff
Modified: trunk/Source/WebCore/ChangeLog (294134 => 294135)
--- trunk/Source/WebCore/ChangeLog 2022-05-13 00:55:25 UTC (rev 294134)
+++ trunk/Source/WebCore/ChangeLog 2022-05-13 01:02:49 UTC (rev 294135)
@@ -1,3 +1,18 @@
+2022-05-12 J Pascoe
+
+[WebAuthn] Remove document focus requirement for conditional mediation requests
+https://bugs.webkit.org/show_bug.cgi?id=240361
+rdar://problem/93201070
+
+Reviewed by Brent Fulgham.
+
+This is necessary so conditional mediation requests work when you open a page in
+a new tab. Conditional mediation requests do not support security keys and the
+request will be aborted if conditional mediation is not available.
+
+* Modules/credentialmanagement/CredentialsContainer.cpp:
+(WebCore::CredentialsContainer::get):
+
2022-05-12 Alan Bujtas
TextBoxPainter::paintForeground: painting text with no marking/decoration should be simple
Modified: trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp (294134 => 294135)
--- trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp 2022-05-13 00:55:25 UTC (rev 294134)
+++ trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp 2022-05-13 01:02:49 UTC (rev 294135)
@@ -92,8 +92,8 @@
return;
}
-// Extra.
-if (!m_document->hasFocus()) {
+// The request will be aborted in WebAuthenticatorCoordinatorProxy if conditional mediation is not available.
+if (options.mediation != CredentialRequestOptions::MediationRequirement::Conditional && !m_document->hasFocus()) {
promise.reject(Exception { NotAllowedError, "The document is not focused."_s });
return;
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294122] trunk/Source
Title: [294122] trunk/Source
Revision 294122
Author j_pas...@apple.com
Date 2022-05-12 14:51:58 -0700 (Thu, 12 May 2022)
Log Message
[WebAuthn] Include backup state in authenticatorData
https://bugs.webkit.org/show_bug.cgi?id=240353
rdar://problem/93191958
Reviewed by Brent Fulgham.
Source/WebCore:
Add flags for credential backup state: https://github.com/w3c/webauthn/pull/1695
* Modules/webauthn/WebAuthenticationConstants.h:
Source/WebKit:
This patch adds support for backup state flags, which will be added to
the Web Authentication spec soon via https://github.com/w3c/webauthn/pull/1695
These flags are set whenever a credential is "backup eligible" and "backed up"
hinting to RPs that the credential is "durable" and may persist through device
restores. This is useful for RPs that may choose to offer to remove the user
password if a credental is in this state.
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticatorInternal::authDataFlags):
(WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
(WebKit::LocalAuthenticator::continueGetAssertionAfterUserVerification):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Diff
Modified: trunk/Source/WebCore/ChangeLog (294121 => 294122)
--- trunk/Source/WebCore/ChangeLog 2022-05-12 21:30:42 UTC (rev 294121)
+++ trunk/Source/WebCore/ChangeLog 2022-05-12 21:51:58 UTC (rev 294122)
@@ -1,3 +1,15 @@
+2022-05-12 J Pascoe
+
+[WebAuthn] Include backup state in authenticatorData
+https://bugs.webkit.org/show_bug.cgi?id=240353
+rdar://problem/93191958
+
+Reviewed by Brent Fulgham.
+
+Add flags for credential backup state: https://github.com/w3c/webauthn/pull/1695
+
+* Modules/webauthn/WebAuthenticationConstants.h:
+
2022-05-12 Brent Fulgham
REGRESSION (r281791): [iOS] WKWebView cannot load local .log file
Modified: trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h (294121 => 294122)
--- trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-05-12 21:30:42 UTC (rev 294121)
+++ trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-05-12 21:51:58 UTC (rev 294122)
@@ -110,5 +110,8 @@
constexpr uint8_t userPresenceFlag = 0b0001;
constexpr uint8_t userVerifiedFlag = 0b0100;
constexpr uint8_t attestedCredentialDataIncludedFlag = 0b0100;
+// https://github.com/w3c/webauthn/pull/1695
+constexpr uint8_t backupEligibilityFlag = 0b1000;
+constexpr uint8_t backupStateFlag = 0b0001;
} // namespace WebAuthn
Modified: trunk/Source/WebKit/ChangeLog (294121 => 294122)
--- trunk/Source/WebKit/ChangeLog 2022-05-12 21:30:42 UTC (rev 294121)
+++ trunk/Source/WebKit/ChangeLog 2022-05-12 21:51:58 UTC (rev 294122)
@@ -1,3 +1,24 @@
+2022-05-12 J Pascoe
+
+[WebAuthn] Include backup state in authenticatorData
+https://bugs.webkit.org/show_bug.cgi?id=240353
+rdar://problem/93191958
+
+Reviewed by Brent Fulgham.
+
+This patch adds support for backup state flags, which will be added to
+the Web Authentication spec soon via https://github.com/w3c/webauthn/pull/1695
+
+These flags are set whenever a credential is "backup eligible" and "backed up"
+hinting to RPs that the credential is "durable" and may persist through device
+restores. This is useful for RPs that may choose to offer to remove the user
+password if a credental is in this state.
+
+* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+(WebKit::LocalAuthenticatorInternal::authDataFlags):
+(WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
+(WebKit::LocalAuthenticator::continueGetAssertionAfterUserVerification):
+
2022-05-12 Tim Horton
Don't install WebKit feature flags plist on macOS
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (294121 => 294122)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-05-12 21:30:42 UTC (rev 294121)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-05-12 21:51:58 UTC (rev 294122)
@@ -75,11 +75,6 @@
namespace LocalAuthenticatorInternal {
-// See https://www.w3.org/TR/webauthn/#flags.
-const uint8_t makeCredentialFlags = userPresenceFlag | userVerifiedFlag | attestedCredentialDataIncludedFlag; // UP, UV and AT are set.
-const uint8_t otherMakeCredentialFlags = userPresenceFlag | attestedCredentialDataIncludedFlag; // UP and AT are set.
-const uint8_t getAssertionFlags = userPresenceFlag | userVerifiedFlag; // UP and UV are set.
-const uint8_t otherGetAssertionFlags = userPresenceFlag; // UP is set.
// Credential ID is currently SHA-1 of the corresponding p
[webkit-changes] [293907] trunk/Source/WebKit
Title: [293907] trunk/Source/WebKit
Revision 293907
Author j_pas...@apple.com
Date 2022-05-06 10:59:21 -0700 (Fri, 06 May 2022)
Log Message
[WebAuthn] Get rid of ASCAgentProxy instance after success/error/cancel
https://bugs.webkit.org/show_bug.cgi?id=240143
rdar://problem/92825715
Reviewed by Brent Fulgham.
For internal reasons, the ASCAgentProxy instance cannot be reused, so we
should clear it after a request or cancellation.
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (293906 => 293907)
--- trunk/Source/WebKit/ChangeLog 2022-05-06 17:56:17 UTC (rev 293906)
+++ trunk/Source/WebKit/ChangeLog 2022-05-06 17:59:21 UTC (rev 293907)
@@ -1,3 +1,16 @@
+2022-05-06 J Pascoe
+
+[WebAuthn] Get rid of ASCAgentProxy instance after success/error/cancel
+https://bugs.webkit.org/show_bug.cgi?id=240143
+rdar://problem/92825715
+
+Reviewed by Brent Fulgham.
+
+For internal reasons, the ASCAgentProxy instance cannot be reused, so we
+should clear it after a request or cancellation.
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+
2022-05-06 Brent Fulgham
Remove the viewportFitEnabled WKPreference now that it is always on
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (293906 => 293907)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-06 17:56:17 UTC (rev 293906)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-06 17:59:21 UTC (rev 293907)
@@ -447,6 +447,7 @@
return;
}
continueAfterRequest(credential, error, WTFMove(handler));
+weakThis->m_proxy.clear();
});
}).get()];
return;
@@ -453,8 +454,8 @@
}
#endif // PLATFORM(MAC) || PLATFORM(MACCATALYST)
#if PLATFORM(IOS)
-[m_proxy performAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([handler = WTFMove(handler)](id credential, NSError *error) mutable {
-callOnMainRunLoop([handler = WTFMove(handler), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
+[m_proxy performAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([weakThis = WeakPtr { *this }, handler = WTFMove(handler)](id credential, NSError *error) mutable {
+callOnMainRunLoop([weakThis, handler = WTFMove(handler), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
#elif PLATFORM(MAC)
RetainPtr window = m_webPageProxy.platformWindow();
[m_proxy performAuthorizationRequestsForContext:requestContext.get() withClearanceHandler:makeBlockPtr([weakThis = WeakPtr { *this }, handler = WTFMove(handler), window = WTFMove(window)](NSXPCListenerEndpoint *daemonEndpoint, NSError *error) mutable {
@@ -462,15 +463,18 @@
if (!weakThis || !daemonEndpoint) {
LOG_ERROR("Could not connect to authorization daemon: %@\n", error.get());
handler({ }, (AuthenticatorAttachment)0, ExceptionData { NotAllowedError, "Operation failed."_s });
+if (weakThis)
+weakThis->m_proxy.clear();
return;
}
weakThis->m_presenter = adoptNS([allocASCAuthorizationRemotePresenterInstance() init]);
-[weakThis->m_presenter presentWithWindow:window.get() daemonEndpoint:daemonEndpoint.get() completionHandler:makeBlockPtr([handler = WTFMove(handler)](id credentialNotRetain, NSError *errorNotRetain) mutable {
+[weakThis->m_presenter presentWithWindow:window.get() daemonEndpoint:daemonEndpoint.get() completionHandler:makeBlockPtr([weakThis, handler = WTFMove(handler)](id credentialNotRetain, NSError *errorNotRetain) mutable {
auto credential = retainPtr(credentialNotRetain);
auto error = retainPtr(errorNotRetain);
#endif
continueAfterRequest(credential, error, WTFMove(handler));
+weakThis->m_proxy.clear();
#if PLATFORM(MAC)
}).get()];
#endif
@@ -495,8 +499,10 @@
void WebAuthenticatorCoordinatorProxy::cancel()
{
-if (m_proxy)
+if (m_proxy) {
[m_proxy cancelCurrentRequest];
+m_proxy.clear();
+}
}
} // namespace WebKit
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293786] trunk/Source/WebKit
Title: [293786] trunk/Source/WebKit
Revision 293786
Author j_pas...@apple.com
Date 2022-05-04 13:28:40 -0700 (Wed, 04 May 2022)
Log Message
[WebAuthn] Remove user gesture requirement for mediation=conditional assertions
https://bugs.webkit.org/show_bug.cgi?id=240038
rdar://92137603
Reviewed by Brent Fulgham.
Conditional assertions are non-modal and already require a gesture to complete via
a different mechanism.
Tested manually on device.
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::configurationAssertionRequestContext):
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
(WebKit::WebAuthenticatorCoordinatorProxy::handleRequest):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp
Diff
Modified: trunk/Source/WebKit/ChangeLog (293785 => 293786)
--- trunk/Source/WebKit/ChangeLog 2022-05-04 20:22:05 UTC (rev 293785)
+++ trunk/Source/WebKit/ChangeLog 2022-05-04 20:28:40 UTC (rev 293786)
@@ -1,3 +1,21 @@
+2022-05-04 J Pascoe
+
+[WebAuthn] Remove user gesture requirement for mediation=conditional assertions
+https://bugs.webkit.org/show_bug.cgi?id=240038
+rdar://92137603
+
+Reviewed by Brent Fulgham.
+
+Conditional assertions are non-modal and already require a gesture to complete via
+a different mechanism.
+
+Tested manually on device.
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::configurationAssertionRequestContext):
+* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
+(WebKit::WebAuthenticatorCoordinatorProxy::handleRequest):
+
2022-05-04 Brent Fulgham
Remove deprecated 'JavaEnabled' feature flag and related code
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (293785 => 293786)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-04 20:22:05 UTC (rev 293785)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-05-04 20:28:40 UTC (rev 293786)
@@ -321,8 +321,11 @@
auto requestContext = adoptNS([allocASCCredentialRequestContextInstance() initWithRequestTypes:requestTypes]);
[requestContext setRelyingPartyIdentifier:options.rpId];
-if (mediation == MediationRequirement::Conditional && [requestContext respondsToSelector:@selector(setRequestStyle:)])
+if (mediation == MediationRequirement::Conditional) {
+if (![requestContext respondsToSelector:@selector(setRequestStyle:)])
+return nil;
requestContext.get().requestStyle = ASCredentialRequestStyleAutoFill;
+}
setGlobalFrameIDForContext(requestContext, globalFrameID);
if (requestTypes & ASCCredentialRequestTypePlatformPublicKeyAssertion) {
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp (293785 => 293786)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp 2022-05-04 20:22:05 UTC (rev 293785)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp 2022-05-04 20:28:40 UTC (rev 293786)
@@ -107,7 +107,7 @@
handler({ }, (AuthenticatorAttachment)0, ExceptionData { NotAllowedError, "This request has been cancelled by the user."_s });
};
-if (!data.processingUserGesture && !m_webPageProxy.websiteDataStore().authenticatorManager().isVirtual())
+if (!data.processingUserGesture && data.mediation != MediationRequirement::Conditional && !m_webPageProxy.websiteDataStore().authenticatorManager().isVirtual())
m_webPageProxy.uiClient().requestWebAuthenticationNoGesture(origin, WTFMove(afterConsent));
else
afterConsent(true);
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293433] trunk/Source/WebKit
Title: [293433] trunk/Source/WebKit
Revision 293433
Author j_pas...@apple.com
Date 2022-04-26 11:16:52 -0700 (Tue, 26 Apr 2022)
Log Message
[WebAuthn] Do not pass ASCCredentialRequestTypePlatform... if LocalService unavailable
https://bugs.webkit.org/show_bug.cgi?id=239746
rdar://91981865
Reviewed by Brent Fulgham.
Passing platform in requestTypes breaks the UI in registerations with the syncing platform
authenticator off and local service is unavailable. This patch stops passing it in this case.
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::configureRegistrationRequestContext):
(WebKit::WebAuthenticatorCoordinatorProxy::performRequest):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (293432 => 293433)
--- trunk/Source/WebKit/ChangeLog 2022-04-26 18:09:57 UTC (rev 293432)
+++ trunk/Source/WebKit/ChangeLog 2022-04-26 18:16:52 UTC (rev 293433)
@@ -1,3 +1,18 @@
+2022-04-26 J Pascoe
+
+[WebAuthn] Do not pass ASCCredentialRequestTypePlatform... if LocalService unavailable
+https://bugs.webkit.org/show_bug.cgi?id=239746
+rdar://91981865
+
+Reviewed by Brent Fulgham.
+
+Passing platform in requestTypes breaks the UI in registerations with the syncing platform
+authenticator off and local service is unavailable. This patch stops passing it in this case.
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::configureRegistrationRequestContext):
+(WebKit::WebAuthenticatorCoordinatorProxy::performRequest):
+
2022-04-26 Simon Fraser
Fix crashes under RemoteLayerBackingStore::applyBackingStoreToLayer()
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (293432 => 293433)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-04-26 18:09:57 UTC (rev 293432)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-04-26 18:16:52 UTC (rev 293433)
@@ -221,6 +221,8 @@
shouldRequireResidentKey = authenticatorSelection->requireResidentKey;
residentKeyRequirement = authenticatorSelection->residentKey;
}
+if (!LocalService::isAvailable())
+requestTypes &= ~ASCCredentialRequestTypePlatformPublicKeyRegistration;
auto requestContext = adoptNS([allocASCCredentialRequestContextInstance() initWithRequestTypes:requestTypes]);
[requestContext setRelyingPartyIdentifier:options.rp.id];
@@ -428,6 +430,10 @@
void WebAuthenticatorCoordinatorProxy::performRequest(RetainPtr requestContext, RequestCompletionHandler&& handler)
{
+if (requestContext.get().requestTypes == ASCCredentialRequestTypeNone) {
+handler({ }, (AuthenticatorAttachment)0, ExceptionData { NotAllowedError, "This request has been cancelled by the user."_s });
+return;
+}
m_proxy = adoptNS([allocASCAgentProxyInstance() init]);
#if PLATFORM(MAC) || PLATFORM(MACCATALYST)
if ([requestContext respondsToSelector:@selector(requestStyle)] && requestContext.get().requestStyle == ASCredentialRequestStyleAutoFill) {
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293432] trunk/Source/WebCore
Title: [293432] trunk/Source/WebCore Revision 293432 Author j_pas...@apple.com Date 2022-04-26 11:09:57 -0700 (Tue, 26 Apr 2022) Log Message [WebAuthn] Remove misspelled constant "LocalAuthenticatiorAccessGroup" https://bugs.webkit.org/show_bug.cgi?id=235894 rdar://88104045 Reviewed by Brent Fulgham. This change removes a constant with a misspelled variable name after all downstream usage is removed. * Modules/webauthn/WebAuthenticationConstants.h: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h Diff Modified: trunk/Source/WebCore/ChangeLog (293431 => 293432) --- trunk/Source/WebCore/ChangeLog 2022-04-26 18:01:40 UTC (rev 293431) +++ trunk/Source/WebCore/ChangeLog 2022-04-26 18:09:57 UTC (rev 293432) @@ -1,3 +1,16 @@ +2022-04-26 J Pascoe + +[WebAuthn] Remove misspelled constant "LocalAuthenticatiorAccessGroup" +https://bugs.webkit.org/show_bug.cgi?id=235894 +rdar://88104045 + +Reviewed by Brent Fulgham. + +This change removes a constant with a misspelled variable name after all +downstream usage is removed. + +* Modules/webauthn/WebAuthenticationConstants.h: + 2022-04-26 Kate Cheney Remove WebArchiveDebugMode Modified: trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h (293431 => 293432) --- trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-04-26 18:01:40 UTC (rev 293431) +++ trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-04-26 18:09:57 UTC (rev 293432) @@ -78,9 +78,6 @@ Get }; -// rdar://88104045 - Remove once staged change completed -const char LocalAuthenticatiorAccessGroup[] = "com.apple.webkit.webauthn"; - constexpr const char LocalAuthenticatorAccessGroup[] = "com.apple.webkit.webauthn"; // User entity extension ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [292913] trunk
Title: [292913] trunk Revision 292913 Author j_pas...@apple.com Date 2022-04-15 10:38:42 -0700 (Fri, 15 Apr 2022) Log Message Source/WebCore: [WebAuthn] Implement getTransports() and getAuthenticatorData() on AuthenticatorAttestationResponse https://bugs.webkit.org/show_bug.cgi?id=238966 rdar://problem/91449906 This change implements the getTransports() and getAuthenticatorData() functions on AuthenticatorAttestationResponse. For security keys, the supported transports of the key are parsed from authenticatorGetInfo. For the local authenticator, the supported transports are specified according to which features are available. getAuthenticatorData() is a convenience method for RPs who want to avoid parsing CBOR. Reviewed by Brent Fulgham. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): (WebCore::AuthenticatorAttestationResponse::getTransports const): (WebCore::AuthenticatorAttestationResponse::getAuthenticatorData const): * Modules/webauthn/AuthenticatorAttestationResponse.h: * Modules/webauthn/AuthenticatorAttestationResponse.idl: * Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): * Modules/webauthn/AuthenticatorResponse.h: * Modules/webauthn/AuthenticatorResponseData.h: (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/AuthenticatorTransport.h: * Modules/webauthn/AuthenticatorTransport.idl: * Modules/webauthn/WebAuthenticationConstants.h: * Modules/webauthn/WebAuthenticationUtils.cpp: (WebCore::convertArrayBufferToVector): * Modules/webauthn/WebAuthenticationUtils.h: * Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp: (fido::AuthenticatorGetInfoResponse::setTransports): (fido::toStringVector): (fido::encodeAsCBOR): * Modules/webauthn/fido/AuthenticatorGetInfoResponse.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::convertStringToAuthenticatorTransport): (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetInfoResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): * Modules/webauthn/fido/U2fResponseConverter.h: (fido::readU2fRegisterResponse): Source/WebKit: [WebAuthn] Implement getTransports() and getAuthenticatorData() on AuthenticatorAttestationResponse https://bugs.webkit.org/show_bug.cgi?id=238966 rdar://problem/91449906 This change implements the getTransports() and getAuthenticatorData() functions on AuthenticatorAttestationResponse. For security keys, the supported transports of the key are parsed from authenticatorGetInfo. For the local authenticator, the supported transports are specified according to which features are available. getAuthenticatorData() is a convenience method for RPs who want to avoid parsing CBOR. Reviewed by Brent Fulgham. * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:transports:]): (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (wkExtensionsClientOutputs): (wkAuthenticatorAttestationResponse): (wkAuthenticatorAssertionResponse): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::transports): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::toASCDescriptor): (WebKit::toAuthenticatorTransports): (WebKit::continueAfterRequest): * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): (WebKit::CtapAuthenticator::transports): * UIProcess/WebAuthentication/fido/CtapAuthenticator.h: * UIProcess/WebAuthentication/fido/CtapDriver.h: (WebKit::CtapDriver::transport const): (WebKit::CtapDriver::protocol const): (WebKit::CtapDriver::CtapDriver): * UIProcess/WebAuthentication/fido/CtapHidDriver.cpp: (WebKit::CtapHidDriver::CtapHidDriver): * UIProcess/WebAuthentication/fido/CtapNfcDriver.cpp: (WebKit::CtapNfcDriver::CtapNfcDriver): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): Tools: [WebAuthn] Implement getTransports() and getAuthenticatorData() on AuthenticatorAttestationResponse https://bugs.webkit.org/show_bug.cgi?id=238966 rdar://problem/91449906 Reviewed
[webkit-changes] [292710] trunk/Source/WebKit
Title: [292710] trunk/Source/WebKit
Revision 292710
Author j_pas...@apple.com
Date 2022-04-11 09:18:54 -0700 (Mon, 11 Apr 2022)
Log Message
[WebAuthn] Ensure requestPin callback on main thread
https://bugs.webkit.org/show_bug.cgi?id=238962
rdar://problem/91446051
Reviewed by Brent Fulgham.
This callback gets called by a non-main thread when making calls via
ASA. This patch uses ensureOnMainThread to ensure the completion handler
is called on the main thread. It also upgrades the callback asserts to
RELEASE_ASSERTs to avoid this issue in the future.
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::getAssertion):
* UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm:
(WebKit::WebAuthenticationPanelClient::requestPin const):
* UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
(WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived):
(WebKit::CtapAuthenticator::continueRequestPinAfterGetKeyAgreement):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
Diff
Modified: trunk/Source/WebKit/ChangeLog (292709 => 292710)
--- trunk/Source/WebKit/ChangeLog 2022-04-11 16:13:37 UTC (rev 292709)
+++ trunk/Source/WebKit/ChangeLog 2022-04-11 16:18:54 UTC (rev 292710)
@@ -1,3 +1,24 @@
+2022-04-11 J Pascoe
+
+[WebAuthn] Ensure requestPin callback on main thread
+https://bugs.webkit.org/show_bug.cgi?id=238962
+rdar://problem/91446051
+
+Reviewed by Brent Fulgham.
+
+This callback gets called by a non-main thread when making calls via
+ASA. This patch uses ensureOnMainThread to ensure the completion handler
+is called on the main thread. It also upgrades the callback asserts to
+RELEASE_ASSERTs to avoid this issue in the future.
+
+* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+(WebKit::LocalAuthenticator::getAssertion):
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm:
+(WebKit::WebAuthenticationPanelClient::requestPin const):
+* UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
+(WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived):
+(WebKit::CtapAuthenticator::continueRequestPinAfterGetKeyAgreement):
+
2022-04-10 Chris Dumez
Unreviewed Windows build fix after r292696.
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (292709 => 292710)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-04-11 16:13:37 UTC (rev 292709)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-04-11 16:18:54 UTC (rev 292710)
@@ -544,7 +544,7 @@
if (auto* observer = this->observer()) {
auto callback = [this, weakThis = WeakPtr { *this }] (AuthenticatorAssertionResponse* response) {
-ASSERT(RunLoop::isMain());
+RELEASE_ASSERT(RunLoop::isMain());
if (!weakThis)
return;
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm (292709 => 292710)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm 2022-04-11 16:13:37 UTC (rev 292709)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm 2022-04-11 16:18:54 UTC (rev 292710)
@@ -131,10 +131,12 @@
auto checker = CompletionHandlerCallChecker::create(delegate.get(), @selector(panel:requestPINWithRemainingRetries:completionHandler:));
[delegate panel:m_panel requestPINWithRemainingRetries:retries completionHandler:makeBlockPtr([completionHandler = WTFMove(completionHandler), checker = WTFMove(checker)](NSString *pin) mutable {
-if (checker->completionHandlerHasBeenCalled())
-return;
-checker->didCallCompletionHandler();
-completionHandler(pin);
+ensureOnMainThread([completionHandler = WTFMove(completionHandler), checker = WTFMove(checker), pin = retainPtr(pin)] () mutable {
+if (checker->completionHandlerHasBeenCalled())
+return;
+checker->didCallCompletionHandler();
+completionHandler(pin.get());
+});
}).get()];
}
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp (292709 => 292710)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2022-04-11 16:13:37 UTC (rev 292709)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2022-04-11 16:18:54 UTC (rev 292710)
@@ -210,7 +210,7 @@
if (!m_remainingAssertionResponses) {
if (auto* observer = this->observer()) {
observer->sele
[webkit-changes] [292593] trunk/Source/WebKit
Title: [292593] trunk/Source/WebKit Revision 292593 Author j_pas...@apple.com Date 2022-04-07 22:40:06 -0700 (Thu, 07 Apr 2022) Log Message [WebAuthn] Support all CTAP transports and remove gesture requirement for virtual authenticators https://bugs.webkit.org/show_bug.cgi?id=238814 rdar://problem/91300515 Reviewed by Brent Fulgham. This patch adds support for the other CTAP virtual authenticator transports and removes the user gesture requirement when using virtual authenticators. These changes are needed to run the webauthn web-platform-tests. * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::WebCore::collectTransports): (WebKit::AuthenticatorManager::filterTransports const): * UIProcess/WebAuthentication/Mock/MockAuthenticatorManager.cpp: (WebKit::MockAuthenticatorManager::filterTransports const): * UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp: (WebKit::VirtualAuthenticatorManager::createAuthenticator): * UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h: * UIProcess/WebAuthentication/Virtual/VirtualLocalConnection.mm: (WebKit::VirtualLocalConnection::verifyUser): * UIProcess/WebAuthentication/Virtual/VirtualService.mm: (WebKit::VirtualService::startDiscoveryInternal): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/Mock/MockAuthenticatorManager.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualLocalConnection.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualService.mm trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp Diff Modified: trunk/Source/WebKit/ChangeLog (292592 => 292593) --- trunk/Source/WebKit/ChangeLog 2022-04-08 04:59:16 UTC (rev 292592) +++ trunk/Source/WebKit/ChangeLog 2022-04-08 05:40:06 UTC (rev 292593) @@ -1,3 +1,30 @@ +2022-04-07 J Pascoe + +[WebAuthn] Support all CTAP transports and remove gesture requirement for virtual authenticators +https://bugs.webkit.org/show_bug.cgi?id=238814 +rdar://problem/91300515 + +Reviewed by Brent Fulgham. + +This patch adds support for the other CTAP virtual authenticator transports and removes +the user gesture requirement when using virtual authenticators. These changes are needed +to run the webauthn web-platform-tests. + +* UIProcess/WebAuthentication/AuthenticatorManager.cpp: +(WebKit::WebCore::collectTransports): +(WebKit::AuthenticatorManager::filterTransports const): +* UIProcess/WebAuthentication/Mock/MockAuthenticatorManager.cpp: +(WebKit::MockAuthenticatorManager::filterTransports const): +* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp: +(WebKit::VirtualAuthenticatorManager::createAuthenticator): +* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h: +* UIProcess/WebAuthentication/Virtual/VirtualLocalConnection.mm: +(WebKit::VirtualLocalConnection::verifyUser): +* UIProcess/WebAuthentication/Virtual/VirtualService.mm: +(WebKit::VirtualService::startDiscoveryInternal): +* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: +(WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): + 2022-04-07 Elliott Williams [XCBuild] Enable dependency validation by default Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp (292592 => 292593) --- trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp 2022-04-08 04:59:16 UTC (rev 292592) +++ trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp 2022-04-08 05:40:06 UTC (rev 292593) @@ -63,6 +63,8 @@ ASSERT_UNUSED(addResult, addResult.isNewEntry); addResult = result.add(AuthenticatorTransport::Nfc); ASSERT_UNUSED(addResult, addResult.isNewEntry); +addResult = result.add(AuthenticatorTransport::Ble); +ASSERT_UNUSED(addResult, addResult.isNewEntry); return result; } @@ -76,6 +78,8 @@ ASSERT_UNUSED(addResult, addResult.isNewEntry); addResult = result.add(AuthenticatorTransport::Nfc); ASSERT_UNUSED(addResult, addResult.isNewEntry); +addResult = result.add(AuthenticatorTransport::Ble); +ASSERT_UNUSED(addResult, addResult.isNewEntry); return result; } @@ -98,6 +102,8 @@ ASSERT_UNUSED(addResult, addResult.isNewEntry); addResult = result.add(AuthenticatorTransport::Nfc); ASSERT_UNUSED(addResult, addResult.isNewEntry);
[webkit-changes] [292508] trunk
Title: [292508] trunk
Revision 292508
Author j_pas...@apple.com
Date 2022-04-06 14:57:52 -0700 (Wed, 06 Apr 2022)
Log Message
Fix expected, actual links for variant-based imported wpt tests
https://bugs.webkit.org/show_bug.cgi?id=238832
rdar://problem/91313891
Reviewed by Brent Fulgham.
Tools:
Ensure that the workaround involving "len(fs.splitext(output_basename)[1]) - 1 > 5"
does not affect imported templated wpt tests that may match that condition, such as
".../pbkdf2.https.any.worker.html."
* Scripts/webkitpy/layout_tests/controllers/test_result_writer.py:
(TestResultWriter.output_filename):
* Scripts/webkitpy/layout_tests/controllers/test_result_writer_unittest.py:
(TestResultWriterTest.test_output_filename):
(TestResultWriterTest):
(TestResultWriterTest.test_output_filename_variant):
LayoutTests:
The changes to LayoutTests/fast/harness/results.html were wiped when
preparing https://bugs.webkit.org/show_bug.cgi?id=231544, causing the
links not to match. This patch fixes it.
* fast/harness/results.html:
Modified Paths
trunk/LayoutTests/ChangeLog
trunk/LayoutTests/fast/harness/results.html
trunk/Tools/ChangeLog
trunk/Tools/Scripts/webkitpy/layout_tests/controllers/test_result_writer.py
trunk/Tools/Scripts/webkitpy/layout_tests/controllers/test_result_writer_unittest.py
Diff
Modified: trunk/LayoutTests/ChangeLog (292507 => 292508)
--- trunk/LayoutTests/ChangeLog 2022-04-06 21:49:12 UTC (rev 292507)
+++ trunk/LayoutTests/ChangeLog 2022-04-06 21:57:52 UTC (rev 292508)
@@ -1,3 +1,17 @@
+2022-04-06 J Pascoe
+
+Fix expected, actual links for variant-based imported wpt tests
+https://bugs.webkit.org/show_bug.cgi?id=238832
+rdar://problem/91313891
+
+Reviewed by Brent Fulgham.
+
+The changes to LayoutTests/fast/harness/results.html were wiped when
+preparing https://bugs.webkit.org/show_bug.cgi?id=231544, causing the
+links not to match. This patch fixes it.
+
+* fast/harness/results.html:
+
2022-04-06 Matteo Flores
[ Mac , iOS Debug ] imported/w3c/web-platform-tests/html/cross-origin-opener-policy/resource-popup.https.html is a flaky failure.
Modified: trunk/LayoutTests/fast/harness/results.html (292507 => 292508)
--- trunk/LayoutTests/fast/harness/results.html 2022-04-06 21:49:12 UTC (rev 292507)
+++ trunk/LayoutTests/fast/harness/results.html 2022-04-06 21:57:52 UTC (rev 292508)
@@ -280,13 +280,19 @@
return null;
}
-static stripExtension(testName)
+static testPrefix(testName)
{
// Temporary fix, also in Tools/Scripts/webkitpy/layout_tests/constrollers/test_result_writer.py, line 95.
// FIXME: Refactor to avoid confusing reference to both test and process names.
-if (Utils.splitExtension(testName)[1].length > 5)
+let parts = Utils.splitExtension(testName);
+let prefix = parts[0];
+if (parts[1].includes('?'))
+prefix += '_' + parts[1].split('?')[1]
+else if (parts[1].includes('#'))
+prefix += '_' + parts[1].split('#')[1]
+else if (Utils.splitExtension(parts[0])[1].length > 5)
return testName;
-return Utils.splitExtension(testName)[0];
+return prefix;
}
static splitExtension(testName)
@@ -1168,7 +1174,7 @@
TestResultsController._getResultContainer(node).remove();
else if (url.match('-actual.png$')) {
let name = Utils.parentOfType(node, 'tbody').querySelector('.test-link').textContent;
-TestResultsController._getResultContainer(node).outerHTML = togglingImageFunction(Utils.stripExtension(name));
+TestResultsController._getResultContainer(node).outerHTML = togglingImageFunction(Utils.testPrefix(name));
}
}
}
@@ -1344,7 +1350,7 @@
let actualTokens = testResult.info.actual.split(/\s+/);
-let testPrefix = Utils.stripExtension(testResult.name);
+let testPrefix = Utils.testPrefix(testResult.name);
let imageResults = this.imageResultLinks(testResult, testPrefix, actualTokens[0]);
if (!imageResults && actualTokens.length > 1)
imageResults = this.imageResultLinks(testResult, 'retries/' + testPrefix, actualTokens[1]);
@@ -1374,12 +1380,12 @@
appendTextFailureLinks(testResult, cell)
{
-cell.innerHTML += this._resultsController.textResultLinks(Utils.stripExtension(testResult.name));
+cell.innerHTML += this._resultsController.textResultLinks(Utils.testPrefix(testResult.name));
}
appendAudioFailureLinks(testResult, cell)
{
-let prefix = Utils.stripExtension(testResult.name);
+let prefix = Utils.testPrefix(testResult.name);
cell.innerHTML += TestResultsController.resultLink(prefix, '-expected.wav', 'expected audio')
+ TestResultsController.resultLink(prefix, '-actual.wav', 'actual audio')
+ TestResults
[webkit-changes] [292495] trunk/LayoutTests
Title: [292495] trunk/LayoutTests Revision 292495 Author j_pas...@apple.com Date 2022-04-06 12:44:10 -0700 (Wed, 06 Apr 2022) Log Message pbkdf2.https.any.worker.html fails on WPE, GTK2 ports https://bugs.webkit.org/show_bug.cgi?id=238885 Unreviewed test gardening. * platform/gtk/TestExpectations: * platform/wpe/TestExpectations: Modified Paths trunk/LayoutTests/ChangeLog trunk/LayoutTests/platform/gtk/TestExpectations trunk/LayoutTests/platform/wpe/TestExpectations Diff Modified: trunk/LayoutTests/ChangeLog (292494 => 292495) --- trunk/LayoutTests/ChangeLog 2022-04-06 19:40:27 UTC (rev 292494) +++ trunk/LayoutTests/ChangeLog 2022-04-06 19:44:10 UTC (rev 292495) @@ -1,3 +1,13 @@ +2022-04-06 J Pascoe + +pbkdf2.https.any.worker.html fails on WPE, GTK2 ports +https://bugs.webkit.org/show_bug.cgi?id=238885 + +Unreviewed test gardening. + +* platform/gtk/TestExpectations: +* platform/wpe/TestExpectations: + 2022-04-06 Robert Jenner [ Monterey wk2 Release ] imported/w3c/web-platform-tests/css/css-text/white-space/pre-wrap-012.html is a flaky image failure Modified: trunk/LayoutTests/platform/gtk/TestExpectations (292494 => 292495) --- trunk/LayoutTests/platform/gtk/TestExpectations 2022-04-06 19:40:27 UTC (rev 292494) +++ trunk/LayoutTests/platform/gtk/TestExpectations 2022-04-06 19:44:10 UTC (rev 292495) @@ -1891,3 +1891,20 @@ # Ftp code is disabled in gtk port http/tests/misc/ftp-eplf-directory.py [ Skip ] + +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?1001-2000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?2001-3000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?3001-4000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?4001-5000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?5001-6000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?6001-7000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?7001-8000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?8001-last [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?1001-2000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?2001-3000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?3001-4000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?4001-5000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?5001-6000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?6001-7000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?7001-8000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html?8001-last [ Failure Timeout ] Modified: trunk/LayoutTests/platform/wpe/TestExpectations (292494 => 292495) --- trunk/LayoutTests/platform/wpe/TestExpectations 2022-04-06 19:40:27 UTC (rev 292494) +++ trunk/LayoutTests/platform/wpe/TestExpectations 2022-04-06 19:44:10 UTC (rev 292495) @@ -1355,3 +1355,20 @@ # # These tests require platform support. + +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?1001-2000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?2001-3000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?3001-4000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?4001-5000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?5001-6000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.html?6001-7000 [ Failure Timeout ] +webkit.org/b/238885 imported/w3c/web-plat
[webkit-changes] [291988] trunk/Source/WebKit
Title: [291988] trunk/Source/WebKit
Revision 291988
Author j_pas...@apple.com
Date 2022-03-28 13:58:18 -0700 (Mon, 28 Mar 2022)
Log Message
Adopt ASCPublicKeyCredentialCreationOptions's residentKeyPreference
https://bugs.webkit.org/show_bug.cgi?id=238387
rdar://problem/90845393
Reviewed by Brent Fulgham.
This patch passes along the residentKeyPreference to ASA, so it can be passed
back via _WKAuthenticatorSelectionCriteria.residentKey.
* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::toASCResidentKeyPreference):
(WebKit::configureRegistrationRequestContext):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (291987 => 291988)
--- trunk/Source/WebKit/ChangeLog 2022-03-28 20:43:02 UTC (rev 291987)
+++ trunk/Source/WebKit/ChangeLog 2022-03-28 20:58:18 UTC (rev 291988)
@@ -1,3 +1,19 @@
+2022-03-28 J Pascoe
+
+Adopt ASCPublicKeyCredentialCreationOptions's residentKeyPreference
+https://bugs.webkit.org/show_bug.cgi?id=238387
+rdar://problem/90845393
+
+Reviewed by Brent Fulgham.
+
+This patch passes along the residentKeyPreference to ASA, so it can be passed
+back via _WKAuthenticatorSelectionCriteria.residentKey.
+
+* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::toASCResidentKeyPreference):
+(WebKit::configureRegistrationRequestContext):
+
2022-03-28 Per Arne Vollan
[iOS] Fix sandbox violation related to Network content filtering
Modified: trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h (291987 => 291988)
--- trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-28 20:43:02 UTC (rev 291987)
+++ trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-28 20:58:18 UTC (rev 291988)
@@ -183,6 +183,13 @@
ASCCredentialRequestTypeSecurityKeyPublicKeyAssertion = 1 << 5,
};
+typedef NS_ENUM(NSInteger, ASPublicKeyCredentialResidentKeyPreference) {
+ASPublicKeyCredentialResidentKeyPreferenceNotPresent,
+ASPublicKeyCredentialResidentKeyPreferenceDiscouraged,
+ASPublicKeyCredentialResidentKeyPreferencePreferred,
+ASPublicKeyCredentialResidentKeyPreferenceRequired,
+};
+
@interface ASCPublicKeyCredentialCreationOptions : NSObject
@property (nonatomic, nullable, copy) NSData *challenge;
@@ -198,6 +205,7 @@
@property (nonatomic, nullable, copy) NSNumber *timeout;
@property (nonatomic) BOOL shouldRequireResidentKey;
+@property (nonatomic) ASPublicKeyCredentialResidentKeyPreference residentKeyPreference;
@property (nonatomic, copy) NSArray *excludedCredentials;
@end
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (291987 => 291988)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-28 20:43:02 UTC (rev 291987)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-28 20:58:18 UTC (rev 291988)
@@ -182,6 +182,22 @@
}
}
+static inline ASPublicKeyCredentialResidentKeyPreference toASCResidentKeyPreference(std::optional requirement, bool requireResidentKey)
+{
+if (!requirement)
+return requireResidentKey ? ASPublicKeyCredentialResidentKeyPreferenceRequired : ASPublicKeyCredentialResidentKeyPreferenceNotPresent;
+switch (*requirement) {
+case ResidentKeyRequirement::Discouraged:
+return ASPublicKeyCredentialResidentKeyPreferenceDiscouraged;
+case ResidentKeyRequirement::Preferred:
+return ASPublicKeyCredentialResidentKeyPreferencePreferred;
+case ResidentKeyRequirement::Required:
+return ASPublicKeyCredentialResidentKeyPreferenceRequired;
+}
+ASSERT_NOT_REACHED();
+return ASPublicKeyCredentialResidentKeyPreferenceNotPresent;
+}
+
static RetainPtr configureRegistrationRequestContext(const PublicKeyCredentialCreationOptions& options, const Vector& hash, std::optional globalFrameID)
{
ASCCredentialRequestTypes requestTypes = ASCCredentialRequestTypePlatformPublicKeyRegistration | ASCCredentialRequestTypeSecurityKeyPublicKeyRegistration;
@@ -188,6 +204,7 @@
RetainPtr userVerification;
bool shouldRequireResidentKey = false;
+std::optional residentKeyRequirement;
std::optional authenticatorSelection = options.authenticatorSelection;
if (authenticatorSelection) {
std::optional attachment = authenticatorSelection->authenticatorAttachment;
@@ -199,6 +216,7 @@
userVerification = toNSString(authenticatorSelection->userVerification);
shouldRequireResidentKey = authe
[webkit-changes] [291882] trunk
Title: [291882] trunk Revision 291882 Author j_pas...@apple.com Date 2022-03-25 13:16:29 -0700 (Fri, 25 Mar 2022) Log Message [WebAuthn] Maintain last modification time separate from last used time for platform credentials https://bugs.webkit.org/show_bug.cgi?id=238293 rdar://90655676 Reviewed by Brent Fulgham. This patch splits a key returned from [_WKWebAuthenticationPanel getAllLocalAuthenticatorCredentials...], _WKLocalAuthenticatorCredentialLastModificationDateKey, which previously signified the last time a credential was modified or used in an assertion, to just the last time the credential was modified. A new key, _WKLocalAuthenticatorCredentialLastUsedDateKey represents the old definition, the last time a key was used or modified. Source/WebCore: * Modules/webauthn/WebAuthenticationConstants.h: Source/WebKit: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (getAllLocalAuthenticatorCredentialsImpl): (+[_WKWebAuthenticationPanel setUsernameForLocalCredentialWithGroupAndID:credential:username:]): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): Tools: Updated API test to verify differences between _WKLocalAuthenticatorCredentialLastModificationDateKey and _WKLocalAuthenticatorCredentialLastModificationDateKey. * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: (TestWebKitAPI::TEST): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm trunk/Tools/ChangeLog trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm Diff Modified: trunk/Source/WebCore/ChangeLog (291881 => 291882) --- trunk/Source/WebCore/ChangeLog 2022-03-25 20:07:32 UTC (rev 291881) +++ trunk/Source/WebCore/ChangeLog 2022-03-25 20:16:29 UTC (rev 291882) @@ -1,3 +1,20 @@ +2022-03-25 J Pascoe + +[WebAuthn] Maintain last modification time separate from last used time for platform credentials +https://bugs.webkit.org/show_bug.cgi?id=238293 +rdar://90655676 + +Reviewed by Brent Fulgham. + +This patch splits a key returned from [_WKWebAuthenticationPanel getAllLocalAuthenticatorCredentials...], +_WKLocalAuthenticatorCredentialLastModificationDateKey, which previously signified the last time a +credential was modified or used in an assertion, to just the last time the credential was modified. + +A new key, _WKLocalAuthenticatorCredentialLastUsedDateKey represents the old definition, the last +time a key was used or modified. + +* Modules/webauthn/WebAuthenticationConstants.h: + 2022-03-25 Zan Dobersek [TextureMapper] Implement GraphicsContextGLTextureMapperANGLE::prepareForDisplay() Modified: trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h (291881 => 291882) --- trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-03-25 20:07:32 UTC (rev 291881) +++ trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-03-25 20:16:29 UTC (rev 291882) @@ -83,6 +83,9 @@ constexpr const char LocalAuthenticatorAccessGroup[] = "com.apple.webkit.webauthn"; +// User entity extension +constexpr const char userEntityLastModifiedKey[] = "last_modified"; + // Credential serialization constexpr const char privateKeyKey[] = "priv"; constexpr const char keyTypeKey[] = "key_type"; Modified: trunk/Source/WebKit/ChangeLog (291881 => 291882) --- trunk/Source/WebKit/ChangeLog 2022-03-25 20:07:32 UTC (rev 291881) +++ trunk/Source/WebKit/ChangeLog 2022-03-25 20:16:29 UTC (rev 291882) @@ -1,3 +1,24 @@ +2022-03-25 J Pascoe +[WebAuthn] Maintain last modification time separate from last used time for platform credentials +https://bugs.webkit.org/show_bug.cgi?id=238293 +rdar://90655676 + +Reviewed by Brent Fulgham. + +This patch splits a key returned from [_WKWebAuthenticationPanel getAllLocalAuthenticatorCredentials...], +_WKLocalAuthenticatorCredentialLastModificationDateKey, which previously signified the last time a +credential was modified or used in an assertion, to just the last time the credential was modified. + +A new key, _WKLocalAuthenticatorCredentialLastUsedDateKey represents the old definition, the last +time a key was used or modified. + +* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h: +* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: +(getAllLocalAuthenticatorCredentialsImpl): +(+[_WKWebAuthenticationPanel setUsernameForLocalCredentialWithGroupAndID:credential:username:]): +* UIProcess/WebAuthent
[webkit-changes] [291761] trunk/Source/WebKit
Title: [291761] trunk/Source/WebKit
Revision 291761
Author j_pas...@apple.com
Date 2022-03-23 12:24:00 -0700 (Wed, 23 Mar 2022)
Log Message
[WebAuthn] Specify correct ASCPublicKeyCredentialKind in configureAssertionOptions
https://bugs.webkit.org/show_bug.cgi?id=238272
rdar://problem/90710080
Reviewed by Brent Fulgham.
There was a typo when refactoring code into this method. The kind passed to the function
should be used, instead of always ASCPublicKeyCredentialKindPlatform.
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::configureAssertionOptions):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (291760 => 291761)
--- trunk/Source/WebKit/ChangeLog 2022-03-23 19:22:04 UTC (rev 291760)
+++ trunk/Source/WebKit/ChangeLog 2022-03-23 19:24:00 UTC (rev 291761)
@@ -1,3 +1,17 @@
+2022-03-23 J Pascoe
+
+[WebAuthn] Specify correct ASCPublicKeyCredentialKind in configureAssertionOptions
+https://bugs.webkit.org/show_bug.cgi?id=238272
+rdar://problem/90710080
+
+Reviewed by Brent Fulgham.
+
+There was a typo when refactoring code into this method. The kind passed to the function
+should be used, instead of always ASCPublicKeyCredentialKindPlatform.
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::configureAssertionOptions):
+
2022-03-23 Kimmo Kinnunen
After losing context due to too many contexts, getError() does not return CONTEXT_LOST_WEBGL
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (291760 => 291761)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-23 19:22:04 UTC (rev 291760)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-23 19:24:00 UTC (rev 291761)
@@ -255,10 +255,10 @@
auto assertionOptions = adoptNS(allocASCPublicKeyCredentialAssertionOptionsInstance());
if ([assertionOptions respondsToSelector:@selector(initWithKind:relyingPartyIdentifier:clientDataHash:userVerificationPreference:allowedCredentials:)]) {
auto nsHash = toNSData(hash);
-[assertionOptions initWithKind:ASCPublicKeyCredentialKindPlatform relyingPartyIdentifier:options.rpId clientDataHash:nsHash.get() userVerificationPreference:userVerification.get() allowedCredentials:allowedCredentials.get()];
+[assertionOptions initWithKind:kind relyingPartyIdentifier:options.rpId clientDataHash:nsHash.get() userVerificationPreference:userVerification.get() allowedCredentials:allowedCredentials.get()];
} else {
auto challenge = WebCore::toNSData(options.challenge);
-[assertionOptions initWithKind:ASCPublicKeyCredentialKindPlatform relyingPartyIdentifier:options.rpId challenge:challenge.get() userVerificationPreference:userVerification.get() allowedCredentials:allowedCredentials.get()];
+[assertionOptions initWithKind:kind relyingPartyIdentifier:options.rpId challenge:challenge.get() userVerificationPreference:userVerification.get() allowedCredentials:allowedCredentials.get()];
}
if (options.extensions)
[assertionOptions setExtensions:toASCExtensions(*options.extensions).get()];
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291625] trunk
Title: [291625] trunk Revision 291625 Author j_pas...@apple.com Date 2022-03-22 10:12:15 -0700 (Tue, 22 Mar 2022) Log Message [WebAuthn] Pass along timeout to ASA and ignore timeout for conditional mediation requests https://bugs.webkit.org/show_bug.cgi?id=238147 rdar://90509464 Reviewed by Brent Fulgham. Source/WebKit: Currently we don't pass the timeout from the rp into ASA, so the default timeout is always used. This patch starts passing along the timeout to ASA, and creates a place for ASA to specify the mediation of the request, so we can ignore the timeout for requests using conditional mediation. Modified API test. * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (toWebCore): (-[_WKWebAuthenticationPanel makeCredentialWithMediationRequirement:clientDataHash:options:completionHandler:]): (-[_WKWebAuthenticationPanel makeCredentialWithClientDataHash:options:completionHandler:]): (-[_WKWebAuthenticationPanel getAssertionWithMediationRequirement:clientDataHash:options:completionHandler:]): (-[_WKWebAuthenticationPanel getAssertionWithClientDataHash:options:completionHandler:]): * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::initTimeOutTimer): * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureRegistrationRequestContext): (WebKit::configureAssertionOptions): Tools: Modify API test to use new SPI. * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: (TestWebKitAPI::TEST): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm trunk/Tools/ChangeLog trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm Diff Modified: trunk/Source/WebKit/ChangeLog (291624 => 291625) --- trunk/Source/WebKit/ChangeLog 2022-03-22 16:14:25 UTC (rev 291624) +++ trunk/Source/WebKit/ChangeLog 2022-03-22 17:12:15 UTC (rev 291625) @@ -1,5 +1,34 @@ 2022-03-22 J Pascoe +[WebAuthn] Pass along timeout to ASA and ignore timeout for conditional mediation requests +https://bugs.webkit.org/show_bug.cgi?id=238147 +rdar://90509464 + +Reviewed by Brent Fulgham. + +Currently we don't pass the timeout from the rp into ASA, so the default timeout is always used. +This patch starts passing along the timeout to ASA, and creates a place for ASA to specify the +mediation of the request, so we can ignore the timeout for requests using conditional mediation. + +Modified API test. + +* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: +* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h: +* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: +(toWebCore): +(-[_WKWebAuthenticationPanel makeCredentialWithMediationRequirement:clientDataHash:options:completionHandler:]): +(-[_WKWebAuthenticationPanel makeCredentialWithClientDataHash:options:completionHandler:]): +(-[_WKWebAuthenticationPanel getAssertionWithMediationRequirement:clientDataHash:options:completionHandler:]): +(-[_WKWebAuthenticationPanel getAssertionWithClientDataHash:options:completionHandler:]): +* UIProcess/WebAuthentication/AuthenticatorManager.cpp: +(WebKit::AuthenticatorManager::respondReceived): +(WebKit::AuthenticatorManager::initTimeOutTimer): +* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: +(WebKit::configureRegistrationRequestContext): +(WebKit::configureAssertionOptions): + +2022-03-22 J Pascoe + [WebAuthn] Support getAssertion for virtual HID authenticators https://bugs.webkit.org/show_bug.cgi?id=238154 rdar://problem/90593150 Modified: trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h (291624 => 291625) --- trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-22 16:14:25 UTC (rev 291624) +++ trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-22 17:12:15 UTC (rev 291625) @@ -164,6 +164,7 @@ @property (nonatomic, nullable, copy) NSData *clientDataHash; @property (nonatomic, nullable, readonly, copy) NSString *userVerificationPreference; @property (nonatomic, nullable, copy) ASCWebAuthenticationExtensionsClientInputs *extensions; +@property (nonatomic, nullable, copy) NSNumber *timeout; @property (nonatomic, nullable, readonly, copy) NSArray *allowedCredentials; @@ -194,6 +195,7 @@ @property (nonatomic, nullable, copy) NSStri
[webkit-changes] [291624] trunk/Source
Title: [291624] trunk/Source
Revision 291624
Author j_pas...@apple.com
Date 2022-03-22 09:14:25 -0700 (Tue, 22 Mar 2022)
Log Message
[WebAuthn] Support getAssertion for virtual HID authenticators
https://bugs.webkit.org/show_bug.cgi?id=238154
rdar://problem/90593150
Reviewed by Brent Fulgham.
Source/WebCore:
Virtual authenticators for WebAuthn support different transprots: nfc, usb, internal,
and ble. Currently, we only fully support the internal transport and makeCredential for
usb-transport. The default transport for web-platform-tests is usb. This patch implements
getAssertion for hid-based virtual authneticators.
* Modules/webauthn/WebAuthenticationUtils.cpp:
(WebCore::buildUserEntityMap):
(WebCore::buildCredentialDescriptor):
* Modules/webauthn/WebAuthenticationUtils.h:
* Modules/webauthn/fido/FidoConstants.h:
Source/WebKit:
Virtual authenticators for WebAuthn support different transports: nfc, usb, internal,
and ble. Currently, we only fully support the internal transport and makeCredential for
usb-transport. The default transport for web-platform-tests is usb. This patch implements
getAssertion for hid-based virtual authneticators.
Tested via manually creating virtual authenticator and performing create / get.
* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp:
(WebKit::VirtualAuthenticatorManager::addCredential):
(WebKit::VirtualAuthenticatorManager::credentialsMatchingList):
* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h:
* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.h:
* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.mm:
(WebKit::privateKeyFromBase64):
(WebKit::signatureForPrivateKey):
* UIProcess/WebAuthentication/Virtual/VirtualHidConnection.cpp:
(WebKit::VirtualHidConnection::parseRequest):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h
trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp
trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualHidConnection.cpp
Diff
Modified: trunk/Source/WebCore/ChangeLog (291623 => 291624)
--- trunk/Source/WebCore/ChangeLog 2022-03-22 16:01:26 UTC (rev 291623)
+++ trunk/Source/WebCore/ChangeLog 2022-03-22 16:14:25 UTC (rev 291624)
@@ -1,3 +1,22 @@
+2022-03-22 J Pascoe
+
+[WebAuthn] Support getAssertion for virtual HID authenticators
+https://bugs.webkit.org/show_bug.cgi?id=238154
+rdar://problem/90593150
+
+Reviewed by Brent Fulgham.
+
+Virtual authenticators for WebAuthn support different transprots: nfc, usb, internal,
+and ble. Currently, we only fully support the internal transport and makeCredential for
+usb-transport. The default transport for web-platform-tests is usb. This patch implements
+getAssertion for hid-based virtual authneticators.
+
+* Modules/webauthn/WebAuthenticationUtils.cpp:
+(WebCore::buildUserEntityMap):
+(WebCore::buildCredentialDescriptor):
+* Modules/webauthn/WebAuthenticationUtils.h:
+* Modules/webauthn/fido/FidoConstants.h:
+
2022-03-22 Ricky Mondello
It should be possible to copy text out of "AutoFilledAndViewable" password fields
Modified: trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp (291623 => 291624)
--- trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp 2022-03-22 16:01:26 UTC (rev 291623)
+++ trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp 2022-03-22 16:14:25 UTC (rev 291624)
@@ -29,6 +29,7 @@
#if ENABLE(WEB_AUTHN)
#include "CBORWriter.h"
+#include "FidoConstants.h"
#include "WebAuthenticationConstants.h"
#include
#include
@@ -87,6 +88,22 @@
return attestedCredentialData;
}
+cbor::CBORValue::MapValue buildUserEntityMap(const Vector& userId, const String& name, const String& displayName)
+{
+cbor::CBORValue::MapValue userEntityMap;
+userEntityMap[cbor::CBORValue(fido::kEntityIdMapKey)] = cbor::CBORValue(userId);
+userEntityMap[cbor::CBORValue(fido::kEntityNameMapKey)] = cbor::CBORValue(name);
+userEntityMap[cbor::CBORValue(fido::kDisplayNameMapKey)] = cbor::CBORValue(displayName);
+return userEntityMap;
+}
+
+cbor::CBORValue::MapValue buildCredentialDescriptor(const Vector& credentialId)
+{
+cbor::CBORValue::MapValue credential;
+credential[cbor::CBORValue("id")] = cbor::CBORValue(credentialId);
+return credential;
+}
+
Vector buildAuthData(const String& rpId, const uint8_t flags, const uint32_t counte
[webkit-changes] [291491] trunk
Title: [291491] trunk
Revision 291491
Author j_pas...@apple.com
Date 2022-03-18 12:11:11 -0700 (Fri, 18 Mar 2022)
Log Message
Trigger PDF download in captive portal mode instead of using PDF viewer
https://bugs.webkit.org/show_bug.cgi?id=237245
rdar://problem/89525531
Reviewed by Chris Dumez.
Source/WebKit:
This is a stopgap solution since PDF.js needs more cycles to polish.
Added API test WKDownload.CaptivePortalPDF.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForResponseShared):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
Tools:
Add API test for captive portal pdf behavior.
* TestWebKitAPI/Tests/WebKitCocoa/Download.mm:
(tempPDFThatDoesNotExist):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebPageProxy.cpp
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (291490 => 291491)
--- trunk/Source/WebKit/ChangeLog 2022-03-18 18:48:50 UTC (rev 291490)
+++ trunk/Source/WebKit/ChangeLog 2022-03-18 19:11:11 UTC (rev 291491)
@@ -1,3 +1,20 @@
+2022-03-18 J Pascoe
+
+Trigger PDF download in captive portal mode instead of using PDF viewer
+https://bugs.webkit.org/show_bug.cgi?id=237245
+rdar://problem/89525531
+
+Reviewed by Chris Dumez.
+
+This is a stopgap solution since PDF.js needs more cycles to polish.
+
+Added API test WKDownload.CaptivePortalPDF.
+
+* UIProcess/WebPageProxy.cpp:
+(WebKit::WebPageProxy::decidePolicyForResponseShared):
+* WebProcess/WebPage/WebPage.cpp:
+(WebKit::WebPage::updatePreferences):
+
2022-03-18 Kimmo Kinnunen
Recycling a webgl context when it has been lost and restored causes a crash
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (291490 => 291491)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2022-03-18 18:48:50 UTC (rev 291490)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2022-03-18 19:11:11 UTC (rev 291491)
@@ -5731,6 +5731,8 @@
auto sender = PolicyDecisionSender::create(identifier, [webPageID, frameID, listenerID, process] (const auto& policyDecision) {
process->send(Messages::WebPage::DidReceivePolicyDecision(frameID, listenerID, policyDecision, createNetworkExtensionsSandboxExtensions(process)), webPageID);
});
+if (process->captivePortalMode() == WebProcessProxy::CaptivePortalMode::Enabled && MIMETypeRegistry::isPDFOrPostScriptMIMEType(navigationResponse->response().mimeType()))
+policyAction = PolicyAction::Download;
receivedPolicyDecision(policyAction, navigation.get(), nullptr, WTFMove(navigationResponse), WTFMove(sender));
}, ShouldExpectSafeBrowsingResult::No, ShouldExpectAppBoundDomainResult::No);
Modified: trunk/Tools/ChangeLog (291490 => 291491)
--- trunk/Tools/ChangeLog 2022-03-18 18:48:50 UTC (rev 291490)
+++ trunk/Tools/ChangeLog 2022-03-18 19:11:11 UTC (rev 291491)
@@ -1,3 +1,16 @@
+2022-03-18 J Pascoe
+
+Trigger PDF download in captive portal mode instead of using PDF viewer
+https://bugs.webkit.org/show_bug.cgi?id=237245
+rdar://problem/89525531
+
+Reviewed by Chris Dumez.
+
+Add API test for captive portal pdf behavior.
+
+* TestWebKitAPI/Tests/WebKitCocoa/Download.mm:
+(tempPDFThatDoesNotExist):
+
2022-03-18 Jonathan Bedard
[git-webkit] Make radar conditional on authentication
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm (291490 => 291491)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm 2022-03-18 18:48:50 UTC (rev 291490)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm 2022-03-18 19:11:11 UTC (rev 291491)
@@ -45,6 +45,8 @@
#import
#import
#import
+#import
+#import
#import
#import
#import
@@ -1264,6 +1266,15 @@
return file;
}
+static NSURL *tempPDFThatDoesNotExist()
+{
+NSURL *tempDir = [NSURL fileURLWithPath:[NSTemporaryDirectory() stringByAppendingPathComponent:@"DownloadTest"] isDirectory:YES];
+[[NSFileManager defaultManager] createDirectoryAtURL:tempDir withIntermediateDirectories:YES attributes:nil error:nil];
+NSURL *file = [tempDir URLByAppendingPathComponent:@"example.pdf"];
+[[NSFileManager defaultManager] removeItemAtURL:file error:nil];
+return file;
+}
+
TEST(_WKDownload, Resume)
{
using namespace TestWebKitAPI;
@@ -2617,4 +2628,53 @@
});
}
+
+static TestWebKitAPI::HTTPServer simplePDFTestServer()
+{
+return { [](TestWebKitAPI::Connection connection) {
+connection.receiveHTTPRequest([connection](Vector&&) {
+connection.send(makeString(
+"HTTP/1.1 200 OK\r\n"
+"content-type: application/pdf\r\n"
+"Content-Length: 5000\r\n"
+"\r\n", longString<5000>('a')
+));
+});
+} };
}
+
+TEST(WKDownload, Cap
[webkit-changes] [291423] trunk/Source
Title: [291423] trunk/Source Revision 291423 Author j_pas...@apple.com Date 2022-03-17 11:28:13 -0700 (Thu, 17 Mar 2022) Log Message [WebAuthn] Support makeCredential for virtual HID authenticators https://bugs.webkit.org/show_bug.cgi?id=237984 rdar://problem/90393676 Reviewed by Brent Fulgham. Virtual authenticators for WebAuthn supports different transports: nfc,usb,internal,ble. Currently, we support the internal transport, but the default transport used in web platform tests is usb. This patch implements makeCredential for hid-based virtual authenticators. Virtual credential information is stored in the VirtualCredential struct as suggested by the spec. Source/WebCore: * Modules/webauthn/WebAuthenticationUtils.cpp: (WebCore::buildAttestationMap): (WebCore::buildAttestationObject): * Modules/webauthn/WebAuthenticationUtils.h: * Modules/webauthn/fido/FidoConstants.h: Source/WebKit: Tested manually via creating virtual authenticator and performing create and via wpt tests. * UIProcess/WebAuthentication/Mock/MockHidConnection.cpp: (WebKit::MockHidConnection::parseRequest): (WebKit::MockHidConnection::feedReports): * UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp: (WebKit::VirtualAuthenticatorManager::createAuthenticator): (WebKit::VirtualAuthenticatorManager::addCredential): (WebKit::VirtualAuthenticatorManager::createService const): * UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h: * UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualService.h. * UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.mm: Added. (WebKit::flagsForConfig): (WebKit::createPrivateKey): (WebKit::credentialIdAndCosePubKeyForPrivateKey): (WebKit::base64PrivateKey): * UIProcess/WebAuthentication/Virtual/VirtualCredential.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualService.h. * UIProcess/WebAuthentication/Virtual/VirtualHidConnection.cpp: Added. (WebKit::VirtualHidConnection::VirtualHidConnection): (WebKit::VirtualHidConnection::initialize): (WebKit::VirtualHidConnection::terminate): (WebKit::VirtualHidConnection::sendSync): (WebKit::VirtualHidConnection::send): (WebKit::VirtualHidConnection::assembleRequest): (WebKit::VirtualHidConnection::receiveHidMessage): (WebKit::VirtualHidConnection::recieveResponseCode): (WebKit::VirtualHidConnection::parseRequest): * UIProcess/WebAuthentication/Virtual/VirtualHidConnection.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h. * UIProcess/WebAuthentication/Virtual/VirtualService.h: * UIProcess/WebAuthentication/Virtual/VirtualService.mm: (WebKit::VirtualService::VirtualService): (WebKit::VirtualService::createVirtual): (WebKit::authenticatorInfoForConfig): (WebKit::VirtualService::startDiscoveryInternal): * WebKit.xcodeproj/project.pbxproj: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h trunk/Source/WebCore/Modules/webauthn/fido/FidoConstants.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Mock/MockHidConnection.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualService.h trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualService.mm trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj Added Paths trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.h trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorUtils.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualCredential.h trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualHidConnection.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualHidConnection.h Diff Modified: trunk/Source/WebCore/ChangeLog (291422 => 291423) --- trunk/Source/WebCore/ChangeLog 2022-03-17 18:15:38 UTC (rev 291422) +++ trunk/Source/WebCore/ChangeLog 2022-03-17 18:28:13 UTC (rev 291423) @@ -1,3 +1,22 @@ +2022-03-17 J Pascoe + +[WebAuthn] Support makeCredential for virtual HID authenticators +https://bugs.webkit.org/show_bug.cgi?id=237984 +rdar://problem/90393676 + +Reviewed by Brent Fulgham. + +Virtual authenticators for WebAuthn supports different transports: nfc,usb,internal,ble. +Currently, we support the internal transport, but the default transport used in web platform +tests is usb. This patch implements makeCredential for hid-based virtual authenticators. Virtual +credential information i
[webkit-changes] [291321] trunk/Source/WebKit
Title: [291321] trunk/Source/WebKit
Revision 291321
Author j_pas...@apple.com
Date 2022-03-15 16:23:54 -0700 (Tue, 15 Mar 2022)
Log Message
[WebAuthn] Mock UI interactions whenever virtual authenticators are in use.
https://bugs.webkit.org/show_bug.cgi?id=237856
rdar://problem/90274854
Reviewed by Brent Fulgham.
Tested by wpt's webauthn tests.
* UIProcess/WebAuthentication/AuthenticatorManager.h:
* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp:
(WebKit::VirtualAuthenticatorManager::runPanel):
(WebKit::VirtualAuthenticatorManager::selectAssertionResponse):
(WebKit::VirtualAuthenticatorManager::decidePolicyForLocalAuthenticator):
* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp
trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h
Diff
Modified: trunk/Source/WebKit/ChangeLog (291320 => 291321)
--- trunk/Source/WebKit/ChangeLog 2022-03-15 23:16:02 UTC (rev 291320)
+++ trunk/Source/WebKit/ChangeLog 2022-03-15 23:23:54 UTC (rev 291321)
@@ -1,3 +1,20 @@
+2022-03-15 J Pascoe
+
+[WebAuthn] Mock UI interactions whenever virtual authenticators are in use.
+https://bugs.webkit.org/show_bug.cgi?id=237856
+rdar://problem/90274854
+
+Reviewed by Brent Fulgham.
+
+Tested by wpt's webauthn tests.
+
+* UIProcess/WebAuthentication/AuthenticatorManager.h:
+* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp:
+(WebKit::VirtualAuthenticatorManager::runPanel):
+(WebKit::VirtualAuthenticatorManager::selectAssertionResponse):
+(WebKit::VirtualAuthenticatorManager::decidePolicyForLocalAuthenticator):
+* UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.h:
+
2022-03-15 Chris Dumez
Make it clearer in the loading logging when it is for the main frame or not
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.h (291320 => 291321)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.h 2022-03-15 23:16:02 UTC (rev 291320)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.h 2022-03-15 23:23:54 UTC (rev 291321)
@@ -80,6 +80,12 @@
void clearState();
void invokePendingCompletionHandler(Respond&&);
+void decidePolicyForLocalAuthenticator(CompletionHandler&&);
+TransportSet getTransports() const;
+virtual void runPanel();
+void selectAssertionResponse(Vector>&&, WebAuthenticationSource, CompletionHandler&&);
+void startDiscovery(const TransportSet&);
+
private:
enum class Mode {
Compatible,
@@ -96,8 +102,6 @@
void downgrade(Authenticator* id, Ref&& downgradedAuthenticator) final;
void authenticatorStatusUpdated(WebAuthenticationStatus) final;
void requestPin(uint64_t retries, CompletionHandler&&) final;
-void selectAssertionResponse(Vector>&&, WebAuthenticationSource, CompletionHandler&&) final;
-void decidePolicyForLocalAuthenticator(CompletionHandler&&) final;
void requestLAContextForUserVerification(CompletionHandler&&) final;
void cancelRequest() final;
@@ -108,13 +112,10 @@
virtual void filterTransports(TransportSet&) const;
virtual void runPresenterInternal(const TransportSet&);
-void startDiscovery(const TransportSet&);
void initTimeOutTimer();
void timeOutTimerFired();
-void runPanel();
void runPresenter();
void restartDiscovery();
-TransportSet getTransports() const;
void dispatchPanelClientCall(Function&&) const;
// Request: We only allow one request per time. A new request will cancel any pending ones.
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp (291320 => 291321)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp 2022-03-15 23:16:02 UTC (rev 291320)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Virtual/VirtualAuthenticatorManager.cpp 2022-03-15 23:23:54 UTC (rev 291321)
@@ -63,6 +63,27 @@
return VirtualService::createVirtual(transport, observer, configs);
}
+void VirtualAuthenticatorManager::runPanel()
+{
+auto transports = getTransports();
+if (transports.isEmpty()) {
+cancel();
+return;
+}
+
+startDiscovery(transports);
+}
+
+void VirtualAuthenticatorManager::selectAssertionResponse(Vector>&& responses, WebAuthenticationSource source, CompletionHandler&& completionHandler)
+{
+completionHandler(responses[0].ptr());
+}
+
+void VirtualAuthenticatorManager::decidePolicyForLocalAuthenticator(CompletionHandler&& completionHandler)
+{
+completionHandler(LocalAuthenticatorPolicy::Allow);
+}
+
} // namespace WebKit
#endif // ENABLE(WEB_AUTHN)
Mod
[webkit-changes] [291196] trunk/Source/WebKit
Title: [291196] trunk/Source/WebKit
Revision 291196
Author j_pas...@apple.com
Date 2022-03-11 15:30:11 -0800 (Fri, 11 Mar 2022)
Log Message
[WebAuthn] Unreviewed build fix after r291177
https://bugs.webkit.org/show_bug.cgi?id=237797
rdar://problem/90183881
Remove unused move that is breaking iOS build
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (291195 => 291196)
--- trunk/Source/WebKit/ChangeLog 2022-03-11 23:25:11 UTC (rev 291195)
+++ trunk/Source/WebKit/ChangeLog 2022-03-11 23:30:11 UTC (rev 291196)
@@ -1,3 +1,13 @@
+2022-03-11 J Pascoe
+
+[WebAuthn] Unreviewed build fix after r291177
+https://bugs.webkit.org/show_bug.cgi?id=237797
+rdar://problem/90183881
+
+Remove unused move that is breaking iOS build
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+
2022-03-11 Simon Fraser
Do buffer swapping on all RemoteLayerBackingStores before painting all of them
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (291195 => 291196)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-11 23:25:11 UTC (rev 291195)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-11 23:30:11 UTC (rev 291196)
@@ -401,7 +401,7 @@
#endif // PLATFORM(MAC) || PLATFORM(MACCATALYST)
#if PLATFORM(IOS)
[m_proxy performAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([handler = WTFMove(handler)](id credential, NSError *error) mutable {
-callOnMainRunLoop([handler = WTFMove(handler), proxy = WTFMove(proxy), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
+callOnMainRunLoop([handler = WTFMove(handler), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
#elif PLATFORM(MAC)
RetainPtr window = m_webPageProxy.platformWindow();
[m_proxy performAuthorizationRequestsForContext:requestContext.get() withClearanceHandler:makeBlockPtr([weakThis = WeakPtr { *this }, handler = WTFMove(handler), window = WTFMove(window)](NSXPCListenerEndpoint *daemonEndpoint, NSError *error) mutable {
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291177] trunk/Source/WebKit
Title: [291177] trunk/Source/WebKit
Revision 291177
Author j_pas...@apple.com
Date 2022-03-11 10:25:39 -0800 (Fri, 11 Mar 2022)
Log Message
[WebAuthn] Cancel running operations in ASA on navigation
https://bugs.webkit.org/show_bug.cgi?id=237452
rdar://problem/89781990
Reviewed by Brent Fulgham.
Pre-ASA WebAuthn calls cancel requests on navigation via calling authenticatorManager.cancelRequest
in WebPageProxy. In WebAuthn calls that go through ASA, the authenticatorManager lives in the ASA
process, so calls won't be cancelled on navigation.
This patch attempts to cancel ongoing operations whenever a WebAuthenticatorCoordinatorProxy that
uses ASA is destroyed, effectively cancelling requests on reload or navigation.
* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
(WebKit::WebAuthenticatorCoordinatorProxy::~WebAuthenticatorCoordinatorProxy):
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h
Diff
Modified: trunk/Source/WebKit/ChangeLog (291176 => 291177)
--- trunk/Source/WebKit/ChangeLog 2022-03-11 17:49:14 UTC (rev 291176)
+++ trunk/Source/WebKit/ChangeLog 2022-03-11 18:25:39 UTC (rev 291177)
@@ -1,5 +1,26 @@
2022-03-11 J Pascoe
+[WebAuthn] Cancel running operations in ASA on navigation
+https://bugs.webkit.org/show_bug.cgi?id=237452
+rdar://problem/89781990
+
+Reviewed by Brent Fulgham.
+
+Pre-ASA WebAuthn calls cancel requests on navigation via calling authenticatorManager.cancelRequest
+in WebPageProxy. In WebAuthn calls that go through ASA, the authenticatorManager lives in the ASA
+process, so calls won't be cancelled on navigation.
+
+This patch attempts to cancel ongoing operations whenever a WebAuthenticatorCoordinatorProxy that
+uses ASA is destroyed, effectively cancelling requests on reload or navigation.
+
+* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
+(WebKit::WebAuthenticatorCoordinatorProxy::~WebAuthenticatorCoordinatorProxy):
+* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
+
+2022-03-11 J Pascoe
+
[WebAuthn] Support authenticatorSelection.residentKey ResidentKeyRequirement
https://bugs.webkit.org/show_bug.cgi?id=237567
rdar://89788378
Modified: trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h (291176 => 291177)
--- trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-11 17:49:14 UTC (rev 291176)
+++ trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-11 18:25:39 UTC (rev 291177)
@@ -341,6 +341,8 @@
- (void)performAutoFillAuthorizationRequestsForContext:(ASCCredentialRequestContext *)context withCompletionHandler:(void (^)(id _Nullable credential, NSError * _Nullable error))completionHandler;
#endif
+- (void)cancelCurrentRequest;
+
@end
@interface ASCAgentProxy : NSObject
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (291176 => 291177)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-11 17:49:14 UTC (rev 291176)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-03-11 18:25:39 UTC (rev 291177)
@@ -384,11 +384,11 @@
void WebAuthenticatorCoordinatorProxy::performRequest(RetainPtr requestContext, RequestCompletionHandler&& handler)
{
-auto proxy = adoptNS([allocASCAgentProxyInstance() init]);
+m_proxy = adoptNS([allocASCAgentProxyInstance() init]);
#if PLATFORM(MAC) || PLATFORM(MACCATALYST)
if ([requestContext respondsToSelector:@selector(requestStyle)] && requestContext.get().requestStyle == ASCredentialRequestStyleAutoFill) {
-[proxy performAutoFillAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([weakThis = WeakPtr { *this }, proxy = WTFMove(proxy), handler = WTFMove(handler)](id credential, NSError *error) mutable {
-ensureOnMainRunLoop([weakThis, handler = WTFMove(handler), proxy = WTFMove(proxy), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
+[m_proxy performAutoFillAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([weakThis = WeakPtr { *t
[webkit-changes] [291176] trunk
Title: [291176] trunk Revision 291176 Author j_pas...@apple.com Date 2022-03-11 09:49:14 -0800 (Fri, 11 Mar 2022) Log Message [WebAuthn] Support authenticatorSelection.residentKey ResidentKeyRequirement https://bugs.webkit.org/show_bug.cgi?id=237567 rdar://89788378 Reviewed by Brent Fulgham and Chris Dumez. Source/WebCore: In Web Authentication level one, relying parties can specify authenticatorSelection.residentKeyRequired, to signify they require a client-side discoverable credential. However, if the authenticator does not support client-side discoverable credentials, the rp has no way to clarify they want a client-side discoverable credential only if available. This patch implements authenticatorSelection.residentKeyRequired introduced in level 2, which has three values 'Preferred', 'Required', and 'Discouraged'. This allows RPs to create a client-side discoverable credential if possible. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Modules/webauthn/PublicKeyCredentialCreationOptions.h: (WebCore::PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria::encode const): (WebCore::PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria::decode): * Modules/webauthn/PublicKeyCredentialCreationOptions.idl: * Modules/webauthn/ResidentKeyRequirement.h: Copied from Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.mm. * Modules/webauthn/ResidentKeyRequirement.idl: Copied from Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.mm. * Modules/webauthn/fido/AuthenticatorSupportedOptions.cpp: (fido::AuthenticatorSupportedOptions::setResidentKeyAvailability): (fido::convertToCBOR): (fido::AuthenticatorSupportedOptions::setSupportsResidentKey): Deleted. * Modules/webauthn/fido/AuthenticatorSupportedOptions.h: * Modules/webauthn/fido/DeviceRequestConverter.cpp: (fido::encodeMakeCredenitalRequestAsCBOR): * Modules/webauthn/fido/DeviceRequestConverter.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPGetInfoResponse): * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: In Web Authentication level one, relying parties can specify authenticatorSelection.residentKeyRequired, to signify they require a client-side discoverable credential. However, if the authenticator does not support client-side discoverable credentials, the rp has no way to clarify they want a client-side discoverable credential only if available. This patch implements authenticatorSelection.residentKeyRequired introduced in level 2, which has three values 'Preferred', 'Required', and 'Discouraged'. This allows RPs to create a client-side discoverable credential if possible. * UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.h: * UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.mm: (-[_WKAuthenticatorSelectionCriteria init]): * UIProcess/API/Cocoa/_WKResidentKeyRequirement.h: Copied from Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.mm. * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (residentKey): (authenticatorSelectionCriteria): (+[_WKWebAuthenticationPanel encodeMakeCredentialCommandWithClientDataJSON:options:userVerificationAvailability:]): (+[_WKWebAuthenticationPanel encodeMakeCredentialCommandWithClientDataHash:options:userVerificationAvailability:]): * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::makeCredential): * WebKit.xcodeproj/project.pbxproj: Tools: Add API tests for authenticatorSelection.residentKey. * TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): LayoutTests: Add layout tests using residentKey field. * http/wpt/webauthn/public-key-credential-create-failure-hid.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-hid.https.html: * http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-success-hid.https.html: Modified Paths trunk/LayoutTests/ChangeLog trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-hid.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-hid.https.html trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https.html trunk/Source/WebCore/CMakeLists.txt trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/DerivedSources-input.xcfilelist trunk/Source/WebCore/DerivedSources-output.xcfilelist trunk/Source/WebCore/DerivedSources.make trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.idl trunk/Source/WebCore/Modules/webauthn/fido/AuthenticatorSupportedOptions.cpp trunk/Source/WebCore/Modules/webauthn/fido
[webkit-changes] [291018] trunk
Title: [291018] trunk Revision 291018 Author j_pas...@apple.com Date 2022-03-08 15:51:45 -0800 (Tue, 08 Mar 2022) Log Message [WebAuthn] Using WebAuthn within cross-origin iframe elements https://bugs.webkit.org/show_bug.cgi?id=40 rdar://problem/74830748 Reviewed by Brent Fulgham. Source/WebCore: This patch relaxes the requirement to perform a Web Authentication assertion inside an i-frame with the "publickey-credentials-get" feature policy from 'same-site' to 'cross-origin with consent'. There is an additional requirement that there is only a single cross-origin parent to present to the user in the prompt. If we can't display the updated prompt, then cross-origin assertions are not allowed. Test: http/wpt/webauthn/public-key-credential-cross-origin.https.html * Modules/credentialmanagement/CredentialsContainer.cpp: (WebCore::CredentialsContainer::scopeAndSingleParent): (WebCore::CredentialsContainer::get): (WebCore::CredentialsContainer::isCreate): (WebCore::CredentialsContainer::scope): Deleted. * Modules/credentialmanagement/CredentialsContainer.h: * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinator.h: * Modules/webauthn/AuthenticatorCoordinatorClient.h: Source/WebKit: This patch relaxes the requirement to perform a Web Authentication assertion inside an i-frame with the "publickey-credentials-get" feature policy from 'same-site' to 'cross-origin with consent'. There is an additional requirement that there is only a single cross-origin parent to present to the user in the prompt. If we can't display the updated prompt, then cross-origin assertions are not allowed. * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureAssertionOptions): (WebKit::configurationAssertionRequestContext): (WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest): * UIProcess/WebAuthentication/WebAuthenticationRequestData.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::makeCredential): (WebKit::WebAuthenticatorCoordinatorProxy::getAssertion): (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: (WebKit::WebAuthenticatorCoordinator::getAssertion): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h: LayoutTests: Update existing tests and create new test for cross-origin, non same-site i-frames. * http/wpt/webauthn/public-key-credential-cross-origin.https-expected.txt: Added. * http/wpt/webauthn/public-key-credential-cross-origin.https.html: Added. * http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt: * http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html: * http/wpt/webauthn/resources/public-key-credential-cross-origin.https.html: Added. Modified Paths trunk/LayoutTests/ChangeLog trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h Added Paths trunk/LayoutTests/http/wpt/webauthn/public-key-credential-cross-origin.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-cross-origin.https.html trunk/LayoutTests/http/wpt/webauthn/resources/public-key-credential-cross-origin.https.html Diff Modified: trunk/LayoutTests/ChangeLog (291017 => 291018) --- trunk/LayoutTests/ChangeLog 2022-03-08 23:27:30
[webkit-changes] [290991] trunk/LayoutTests
Title: [290991] trunk/LayoutTests Revision 290991 Author j_pas...@apple.com Date 2022-03-08 08:17:13 -0800 (Tue, 08 Mar 2022) Log Message [ iOS ] 2X http/wpt/webauthn/public-key-credential-create-failure-local (layout-tests) are constant text failures https://bugs.webkit.org/show_bug.cgi?id=237548 rdar://problem/89923849 Unreviewed test gardening. These console messages differing is causing test failures, fixing expectations. * http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt: Modified Paths trunk/LayoutTests/ChangeLog trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt Diff Modified: trunk/LayoutTests/ChangeLog (290990 => 290991) --- trunk/LayoutTests/ChangeLog 2022-03-08 15:37:17 UTC (rev 290990) +++ trunk/LayoutTests/ChangeLog 2022-03-08 16:17:13 UTC (rev 290991) @@ -1,3 +1,16 @@ +2022-03-08 J Pascoe + +[ iOS ] 2X http/wpt/webauthn/public-key-credential-create-failure-local (layout-tests) are constant text failures +https://bugs.webkit.org/show_bug.cgi?id=237548 +rdar://problem/89923849 + +Unreviewed test gardening. + +These console messages differing is causing test failures, fixing expectations. + +* http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt: +* http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt: + 2022-03-08 Youenn Fablet Add a preference to mute video capture in case audio capture gets interrupted Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt (290990 => 290991) --- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt 2022-03-08 15:37:17 UTC (rev 290990) +++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt 2022-03-08 16:17:13 UTC (rev 290991) @@ -2,7 +2,6 @@ CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. -CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. PASS PublicKeyCredential's [[create]] with unsupported public key credential parameters in a mock local authenticator. PASS PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator. Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt (290990 => 290991) --- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt 2022-03-08 15:37:17 UTC (rev 290990) +++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt 2022-03-08 16:17:13 UTC (rev 290991) @@ -5,7 +5,6 @@ CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. -CONSOLE MESSAGE: User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events. PASS PublicKeyCredential's [[create]] with unsupported public key credential parameters in a mock local authenticator. PASS PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator. ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290893] trunk/Source/WebKit
Title: [290893] trunk/Source/WebKit
Revision 290893
Author j_pas...@apple.com
Date 2022-03-07 09:37:04 -0800 (Mon, 07 Mar 2022)
Log Message
[WebAuthn] Provide global frame identifier to ASCAgent SPI
https://bugs.webkit.org/show_bug.cgi?id=237454
rdar://problem/89782147
Reviewed by Brent Fulgham.
For purposes related to conditional mediation, the ASCAgent SPI
need to know what frame requested the assertion. This patch starts
passing that along.
* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
* UIProcess/WebAuthentication/AuthenticatorManager.cpp:
(WebKit::AuthenticatorManager::cancelRequest):
(WebKit::AuthenticatorManager::runPanel):
* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h:
* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm:
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::configurationAssertionRequestContext):
(WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest):
* UIProcess/WebAuthentication/WebAuthenticationRequestData.h:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h
trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h
Diff
Modified: trunk/Source/WebKit/ChangeLog (290892 => 290893)
--- trunk/Source/WebKit/ChangeLog 2022-03-07 17:29:22 UTC (rev 290892)
+++ trunk/Source/WebKit/ChangeLog 2022-03-07 17:37:04 UTC (rev 290893)
@@ -1,3 +1,26 @@
+2022-03-07 J Pascoe
+
+[WebAuthn] Provide global frame identifier to ASCAgent SPI
+https://bugs.webkit.org/show_bug.cgi?id=237454
+rdar://problem/89782147
+
+Reviewed by Brent Fulgham.
+
+For purposes related to conditional mediation, the ASCAgent SPI
+need to know what frame requested the assertion. This patch starts
+passing that along.
+
+* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
+* UIProcess/WebAuthentication/AuthenticatorManager.cpp:
+(WebKit::AuthenticatorManager::cancelRequest):
+(WebKit::AuthenticatorManager::runPanel):
+* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h:
+* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm:
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::configurationAssertionRequestContext):
+(WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest):
+* UIProcess/WebAuthentication/WebAuthenticationRequestData.h:
+
2022-03-07 Peng Liu
Small cleanups of media code
Modified: trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h (290892 => 290893)
--- trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-07 17:29:22 UTC (rev 290892)
+++ trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-03-07 17:37:04 UTC (rev 290893)
@@ -234,6 +234,13 @@
ASCredentialRequestStyleAutoFill,
};
+@class ASCGlobalFrameIdentifier;
+
+@interface ASCGlobalFrameIdentifier : NSObject
+@property (nonatomic, copy) NSNumber *webPageID;
+@property (nonatomic, copy) NSNumber *webFrameID;
+@end
+
@interface ASCCredentialRequestContext : NSObject
- (instancetype)init NS_UNAVAILABLE;
@@ -252,6 +259,7 @@
@property (nonatomic) ASCredentialRequestStyle requestStyle;
+@property (nonatomic, nullable, copy) ASCGlobalFrameIdentifier *globalFrameID;
@end
@protocol ASCCredentialProtocol
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp (290892 => 290893)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp 2022-03-07 17:29:22 UTC (rev 290892)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp 2022-03-07 17:37:04 UTC (rev 290893)
@@ -198,7 +198,7 @@
{
if (!m_pendingCompletionHandler)
return;
-if (auto pendingFrameID = m_pendingRequestData.frameID) {
+if (auto pendingFrameID = m_pendingRequestData.globalFrameID) {
if (pendingFrameID->pageID != pageID)
return;
if (frameID && frameID != pendingFrameID->frameID)
@@ -447,8 +447,8 @@
auto* page = m_pendingRequestData.page.get();
if (!page)
return;
-ASSERT(m_pendingRequestData.frameID && page->webPageID() == m_pendingRequestData.frameID->pageID);
-auto* frame = page->process().webFrame(m_pendingRequestData.frameID->frameID);
+ASSERT(m_pendingRequestData.globalFrameID && page->webPageID() == m_pendingRequestData.globalFrameID->pageID);
+auto* frame = page->process().webFrame(m_pending
[webkit-changes] [290840] trunk/Source/WebKit
Title: [290840] trunk/Source/WebKit
Revision 290840
Author j_pas...@apple.com
Date 2022-03-04 12:33:12 -0800 (Fri, 04 Mar 2022)
Log Message
[WebAuthn] Don't use decidePolicyForLocalAuthenticator for Web Authentication Modern
https://bugs.webkit.org/show_bug.cgi?id=225646
rdar://78147681
Reviewed by Brent Fulgham.
decidePolicyForLocalAuthenticator is not implemented for the _WKWebAuthenticationPanelDelegate
used for modern because the prompt to allow Touch/FaceID comes earlier in the process.
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::makeCredential):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (290839 => 290840)
--- trunk/Source/WebKit/ChangeLog 2022-03-04 19:40:31 UTC (rev 290839)
+++ trunk/Source/WebKit/ChangeLog 2022-03-04 20:33:12 UTC (rev 290840)
@@ -1,3 +1,17 @@
+2022-03-04 J Pascoe
+
+[WebAuthn] Don't use decidePolicyForLocalAuthenticator for Web Authentication Modern
+https://bugs.webkit.org/show_bug.cgi?id=225646
+rdar://78147681
+
+Reviewed by Brent Fulgham.
+
+decidePolicyForLocalAuthenticator is not implemented for the _WKWebAuthenticationPanelDelegate
+used for modern because the prompt to allow Touch/FaceID comes earlier in the process.
+
+* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+(WebKit::LocalAuthenticator::makeCredential):
+
2022-03-04 Per Arne Vollan
[iOS] Hard link AVPictureInPictureController
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (290839 => 290840)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-03-04 19:40:31 UTC (rev 290839)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-03-04 20:33:12 UTC (rev 290840)
@@ -249,7 +249,11 @@
else
weakThis->receiveException({ NotAllowedError, "This request has been cancelled by the user."_s });
};
-observer()->decidePolicyForLocalAuthenticator(WTFMove(callback));
+// Similar to below, consent has already been given.
+if (webAuthenticationModernEnabled())
+callback(LocalAuthenticatorPolicy::Allow);
+else
+observer()->decidePolicyForLocalAuthenticator(WTFMove(callback));
return;
}
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290751] trunk/LayoutTests
Title: [290751] trunk/LayoutTests
Revision 290751
Author j_pas...@apple.com
Date 2022-03-02 13:04:20 -0800 (Wed, 02 Mar 2022)
Log Message
[WebAuthn] Remove obsolete failed attestation tests
https://bugs.webkit.org/show_bug.cgi?id=237346
rdar://problem/89647260
Reviewed by Brent Fulgham.
The removed items tested that creation fails whenever attestation fails, however
we've changed behavior such that creation succeeds with 'none' attestation in this
case, making these failure tests obsolete.
* http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt:
* http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html:
* http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt:
* http/wpt/webauthn/public-key-credential-create-failure-local.https.html:
Modified Paths
trunk/LayoutTests/ChangeLog
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https.html
Diff
Modified: trunk/LayoutTests/ChangeLog (290750 => 290751)
--- trunk/LayoutTests/ChangeLog 2022-03-02 20:59:53 UTC (rev 290750)
+++ trunk/LayoutTests/ChangeLog 2022-03-02 21:04:20 UTC (rev 290751)
@@ -1,3 +1,20 @@
+2022-03-02 J Pascoe
+
+[WebAuthn] Remove obsolete failed attestation tests
+https://bugs.webkit.org/show_bug.cgi?id=237346
+rdar://problem/89647260
+
+Reviewed by Brent Fulgham.
+
+The removed items tested that creation fails whenever attestation fails, however
+we've changed behavior such that creation succeeds with 'none' attestation in this
+case, making these failure tests obsolete.
+
+* http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt:
+* http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html:
+* http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt:
+* http/wpt/webauthn/public-key-credential-create-failure-local.https.html:
+
2022-03-02 Matteo Flores
[ iOS Debug ] editing/async-clipboard/* 20 tests are flaky timeouts on iOS.
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt (290750 => 290751)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt 2022-03-02 20:59:53 UTC (rev 290750)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt 2022-03-02 21:04:20 UTC (rev 290751)
@@ -9,5 +9,4 @@
PASS PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator. 2nd
PASS PublicKeyCredential's [[create]] without user consent in a mock local authenticator.
PASS PublicKeyCredential's [[create]] without private keys in a mock local authenticator.
-PASS PublicKeyCredential's [[create]] without attestation in a mock local authenticator.
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html (290750 => 290751)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html 2022-03-02 20:59:53 UTC (rev 290750)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html 2022-03-02 21:04:20 UTC (rev 290751)
@@ -129,33 +129,4 @@
internals.setMockWebAuthenticationConfiguration({ silentFailure: true, local: { userVerification: "yes", acceptAttestation: false } });
return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.");
}, "PublicKeyCredential's [[create]] without private keys in a mock local authenticator.");
-
-promise_test(async t => {
-const privateKeyBase64 = await generatePrivateKeyBase64();
-const credentialID = await calculateCredentialID(privateKeyBase64);
-const credentialIDBase64 = base64encode(credentialID);
-
-const options = {
-publicKey: {
-rp: {
-name: "example.com"
-},
-user: {
-name: "John Appleseed",
-id: Base64URL.parse(testUserhandleBase64),
-displayName: "John",
-},
-challenge: asciiToUint8Array("123456"),
-pubKeyCredParams: [{ type: "public-key", alg: -7 }],
-attestation: "direct",
-timeout: 10
-}
-};
-if (window.internals)
-internals.setMockWebAuthenticationConfiguration({ silentFailure: true, local: { userVerification: "yes", acc
[webkit-changes] [290744] trunk/Source/WebKit
Title: [290744] trunk/Source/WebKit Revision 290744 Author j_pas...@apple.com Date 2022-03-02 11:47:21 -0800 (Wed, 02 Mar 2022) Log Message [WebAuthn] Ensure presenter gets dismissed on iOS https://bugs.webkit.org/show_bug.cgi?id=237336 rdar://81609371 Reviewed by Brent Fulgham. Always call [m_presenter dismissWithError] to ensure presenter gets dismissed. * UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm: (WebKit::AuthenticatorPresenterCoordinator::dimissPresenter): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm Diff Modified: trunk/Source/WebKit/ChangeLog (290743 => 290744) --- trunk/Source/WebKit/ChangeLog 2022-03-02 19:39:49 UTC (rev 290743) +++ trunk/Source/WebKit/ChangeLog 2022-03-02 19:47:21 UTC (rev 290744) @@ -1,3 +1,16 @@ +2022-03-02 J Pascoe + +[WebAuthn] Ensure presenter gets dismissed on iOS +https://bugs.webkit.org/show_bug.cgi?id=237336 +rdar://81609371 + +Reviewed by Brent Fulgham. + +Always call [m_presenter dismissWithError] to ensure presenter gets dismissed. + +* UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm: +(WebKit::AuthenticatorPresenterCoordinator::dimissPresenter): + 2022-03-02 Chris Dumez Mousemove events double-firing in Safari Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm (290743 => 290744) --- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm 2022-03-02 19:39:49 UTC (rev 290743) +++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm 2022-03-02 19:47:21 UTC (rev 290744) @@ -244,7 +244,6 @@ // FIXME(219767): Replace the ASCAppleIDCredential with the upcoming WebAuthn credentials one. // This is just a place holder to tell the UI that the ceremony succeeds. m_credentialRequestHandler(adoptNS([WebKit::allocASCAppleIDCredentialInstance() initWithUser:@"" identityToken:adoptNS([[NSData alloc] init]).get() state:nil]).get(), nil); -return; } [m_presenter dismissWithError:nil]; ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290652] trunk/Tools
Title: [290652] trunk/Tools
Revision 290652
Author j_pas...@apple.com
Date 2022-03-01 09:40:35 -0800 (Tue, 01 Mar 2022)
Log Message
REGRESSION(r290539-r290538): [ iOS ] 3 TestWebKitAPI.WebAuthenticationPanel.* tests are constantly failing/crashing.
https://bugs.webkit.org/show_bug.cgi?id=237285
rdar://problem/89579460
Reviewed by Brent Fulgham.
Remove obsolete API test and ensure another has clean state.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Modified Paths
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Tools/ChangeLog (290651 => 290652)
--- trunk/Tools/ChangeLog 2022-03-01 17:17:45 UTC (rev 290651)
+++ trunk/Tools/ChangeLog 2022-03-01 17:40:35 UTC (rev 290652)
@@ -1,3 +1,16 @@
+2022-03-01 J Pascoe
+
+REGRESSION(r290539-r290538): [ iOS ] 3 TestWebKitAPI.WebAuthenticationPanel.* tests are constantly failing/crashing.
+https://bugs.webkit.org/show_bug.cgi?id=237285
+rdar://problem/89579460
+
+Reviewed by Brent Fulgham.
+
+Remove obsolete API test and ensure another has clean state.
+
+* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+(TestWebKitAPI::TEST):
+
2022-03-01 Commit Queue
Unreviewed, reverting r290325.
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (290651 => 290652)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-03-01 17:17:45 UTC (rev 290651)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-03-01 17:40:35 UTC (rev 290652)
@@ -1384,6 +1384,9 @@
TEST(WebAuthenticationPanel, LANoCredential)
{
reset();
+// In case this wasn't cleaned up by another test.
+cleanUpKeychain("");
+
RetainPtr testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-la" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
@@ -1471,33 +1474,6 @@
[webView waitForMessage:@"This request has been cancelled by the user."];
}
-TEST(WebAuthenticationPanel, LAMakeCredentialRollBackCredential)
-{
-reset();
-RetainPtr testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-la-no-attestation" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
-
-auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
-[[configuration preferences] _setEnabled:NO forExperimentalFeature:webAuthenticationModernExperimentalFeature()];
-
-auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
-auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
-[webView setUIDelegate:delegate.get()];
-[webView focus];
-
-localAuthenticatorPolicy = _WKLocalAuthenticatorPolicyAllow;
-[webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
-[webView waitForMessage:@"Couldn't attest: The operation couldn't complete."];
-
-NSDictionary *query = @{
-(id)kSecClass: (id)kSecClassKey,
-(id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate,
-(id)kSecAttrLabel: @"",
-(id)kSecUseDataProtectionKeychain: @YES
-};
-OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, nullptr);
-EXPECT_EQ(status, errSecItemNotFound);
-}
-
#if PLATFORM(MAC)
TEST(WebAuthenticationPanel, LAGetAssertion)
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290539] trunk
Title: [290539] trunk
Revision 290539
Author j_pas...@apple.com
Date 2022-02-25 17:47:04 -0800 (Fri, 25 Feb 2022)
Log Message
[WebAuthn] Fallback to attestation=none whenever attestation fails
https://bugs.webkit.org/show_bug.cgi?id=237223
rdar://88767812
Reviewed by Brent Fulgham.
Source/WebKit:
Whenever attestation is requested by a RP and it fails to complete,
we previously errored out of the registration. The more correct platform
behavior in this case is to provide attestation=none.
Created API test for this behavior.
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested):
Tools:
Add test for local authenticator attestation fallback behavior.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (290538 => 290539)
--- trunk/Source/WebKit/ChangeLog 2022-02-26 01:19:30 UTC (rev 290538)
+++ trunk/Source/WebKit/ChangeLog 2022-02-26 01:47:04 UTC (rev 290539)
@@ -1,3 +1,20 @@
+2022-02-25 J Pascoe
+
+[WebAuthn] Fallback to attestation=none whenever attestation fails
+https://bugs.webkit.org/show_bug.cgi?id=237223
+rdar://88767812
+
+Reviewed by Brent Fulgham.
+
+Whenever attestation is requested by a RP and it fails to complete,
+we previously errored out of the registration. The more correct platform
+behavior in this case is to provide attestation=none.
+
+Created API test for this behavior.
+
+* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+(WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested):
+
2022-02-25 Per Arne Vollan
[macOS] Add access to required mach service in the Network process
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (290538 => 290539)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-02-26 01:19:30 UTC (rev 290538)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-02-26 01:47:04 UTC (rev 290539)
@@ -465,7 +465,9 @@
auto& creationOptions = std::get(requestData().options);
if (error) {
-receiveException({ UnknownError, makeString("Couldn't attest: ", String(error.localizedDescription)) });
+LOG_ERROR("Couldn't attest: %s", String(error.localizedDescription).utf8().data());
+auto attestationObject = buildAttestationObject(WTFMove(authData), "", { }, AttestationConveyancePreference::None);
+receiveRespond(AuthenticatorAttestationResponse::create(credentialId, attestationObject, AuthenticatorAttachment::Platform));
return;
}
// Attestation Certificate and Attestation Issuing CA
Modified: trunk/Tools/ChangeLog (290538 => 290539)
--- trunk/Tools/ChangeLog 2022-02-26 01:19:30 UTC (rev 290538)
+++ trunk/Tools/ChangeLog 2022-02-26 01:47:04 UTC (rev 290539)
@@ -1,3 +1,16 @@
+2022-02-25 J Pascoe
+
+[WebAuthn] Fallback to attestation=none whenever attestation fails
+https://bugs.webkit.org/show_bug.cgi?id=237223
+rdar://88767812
+
+Reviewed by Brent Fulgham.
+
+Add test for local authenticator attestation fallback behavior.
+
+* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+(TestWebKitAPI::TEST):
+
2022-02-25 Brent Fulgham
WebKit continues to render PDF images in Captive Portal mode
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (290538 => 290539)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-02-26 01:19:30 UTC (rev 290538)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2022-02-26 01:47:04 UTC (rev 290539)
@@ -1928,6 +1928,39 @@
}];
Util::run(&webAuthenticationPanelRan);
}
+
+TEST(WebAuthenticationPanel, MakeCredentialLAAttestationFalback)
+{
+reset();
+
+uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+uint8_t hash[] = { 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04 };
+NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+auto nsHash = adoptNS([[NSData alloc] initWithBytes:hash length:sizeof(hash)]);
+auto parameters = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-7]);
+
+auto rp = adoptNS([[_WKPublicKeyCredentialRelyingPartyEntity alloc] initWithName:@"example.com"]);
+[rp setIdentifier:@"example.com"];
+auto user = adoptNS([[_WKPublicKeyCredentialUserEntity alloc] initWithName:@"ja
[webkit-changes] [290515] trunk
Title: [290515] trunk
Revision 290515
Author j_pas...@apple.com
Date 2022-02-25 10:44:20 -0800 (Fri, 25 Feb 2022)
Log Message
[WebAuthn] Use default pubKeyCredParams if empty in makeCredential
https://bugs.webkit.org/show_bug.cgi?id=237109
rdar://problem/89376484
Reviewed by Brent Fulgham.
Source/WebCore:
The Web Authentication level 2 spec was updated to clarify that
a set of default pubKeyCredParams should be used if the list
supplied by the RP is empty. This patch starts using
the default and updates associated tests.
* Modules/webauthn/AuthenticatorCoordinator.cpp:
(WebCore::AuthenticatorCoordinator::create const):
* Modules/webauthn/PublicKeyCredentialCreationOptions.h:
* Modules/webauthn/WebAuthenticationConstants.h:
LayoutTests:
Update tests to take in account using default pubKeyCredParams.
* http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt:
* http/wpt/webauthn/public-key-credential-create-failure.https.html:
* http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt:
* http/wpt/webauthn/public-key-credential-create-success-hid.https.html:
Modified Paths
trunk/LayoutTests/ChangeLog
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https.html
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp
trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h
Diff
Modified: trunk/LayoutTests/ChangeLog (290514 => 290515)
--- trunk/LayoutTests/ChangeLog 2022-02-25 17:23:52 UTC (rev 290514)
+++ trunk/LayoutTests/ChangeLog 2022-02-25 18:44:20 UTC (rev 290515)
@@ -1,3 +1,18 @@
+2022-02-25 J Pascoe
+
+[WebAuthn] Use default pubKeyCredParams if empty in makeCredential
+https://bugs.webkit.org/show_bug.cgi?id=237109
+rdar://problem/89376484
+
+Reviewed by Brent Fulgham.
+
+Update tests to take in account using default pubKeyCredParams.
+
+* http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt:
+* http/wpt/webauthn/public-key-credential-create-failure.https.html:
+* http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt:
+* http/wpt/webauthn/public-key-credential-create-success-hid.https.html:
+
2022-02-25 Alan Bujtas
[Tables] Incorrect table sizing when colgroup comes after tbody
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt (290514 => 290515)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt 2022-02-25 17:23:52 UTC (rev 290514)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt 2022-02-25 18:44:20 UTC (rev 290515)
@@ -7,7 +7,6 @@
PASS PublicKeyCredential's [[create]] with timeout
PASS PublicKeyCredential's [[create]] with a mismatched RP ID
-PASS PublicKeyCredential's [[create]] with an empty pubKeyCredParams
PASS PublicKeyCredential's [[create]] with two consecutive requests
PASS PublicKeyCredential's [[create]] with two consecutive requests (2)
PASS PublicKeyCredential's [[create]] with new requests in a new page
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html (290514 => 290515)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html 2022-02-25 17:23:52 UTC (rev 290514)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html 2022-02-25 18:44:20 UTC (rev 290515)
@@ -54,27 +54,6 @@
const options = {
publicKey: {
rp: {
-name: "localhost",
-id: "localhost"
-},
-user: {
-name: "John Appleseed",
-id: asciiToUint8Array("123456"),
-displayName: "Appleseed",
-},
-challenge: asciiToUint8Array("123456"),
-pubKeyCredParams: [ ],
-}
-};
-
-return promiseRejects(t, "NotSupportedError",
-navigator.credentials.create(options), "Unable to create credential because options.pubKeyCredParams is empty.");
-}, "PublicKeyCredential's [[create]] with an empty pubKeyCredParams");
-
-promise_test(function(t) {
-const options = {
-publicKey: {
-rp: {
name: "example.com"
},
user: {
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt (290514 => 2905
[webkit-changes] [290441] trunk/Tools
Title: [290441] trunk/Tools Revision 290441 Author j_pas...@apple.com Date 2022-02-24 10:02:18 -0800 (Thu, 24 Feb 2022) Log Message Add myself (John Pascoe) to watchlist for authentication and WebCrypto https://bugs.webkit.org/show_bug.cgi?id=237121 rdar://problem/89385797 Reviewed by Alexey Proskuryakov. * Scripts/webkitpy/common/config/watchlist: Modified Paths trunk/Tools/ChangeLog trunk/Tools/Scripts/webkitpy/common/config/watchlist Diff Modified: trunk/Tools/ChangeLog (290440 => 290441) --- trunk/Tools/ChangeLog 2022-02-24 17:55:51 UTC (rev 290440) +++ trunk/Tools/ChangeLog 2022-02-24 18:02:18 UTC (rev 290441) @@ -1,3 +1,13 @@ +2022-02-24 J Pascoe + +Add myself (John Pascoe) to watchlist for authentication and WebCrypto +https://bugs.webkit.org/show_bug.cgi?id=237121 +rdar://problem/89385797 + +Reviewed by Alexey Proskuryakov. + +* Scripts/webkitpy/common/config/watchlist: + 2022-02-22 Jonathan Bedard [run-webkit-tests] Use Python 3 (Part 2) Modified: trunk/Tools/Scripts/webkitpy/common/config/watchlist (290440 => 290441) --- trunk/Tools/Scripts/webkitpy/common/config/watchlist 2022-02-24 17:55:51 UTC (rev 290440) +++ trunk/Tools/Scripts/webkitpy/common/config/watchlist 2022-02-24 18:02:18 UTC (rev 290441) @@ -476,9 +476,9 @@ "WebSocket": [ "yu...@chromium.org", "toyos...@chromium.org" ], "webkitperl": [ "jbed...@apple.com" ], "webkitpy": [ "gl...@skynav.com", "jbed...@apple.com" ], -"AppSSO": [ "jiewen_...@apple.com" ], -"WebAuthenticationAPI": [ "jiewen_...@apple.com" ], -"WebCryptoAPI": [ "jiewen_...@apple.com" ], +"AppSSO": [ "j_pas...@apple.com" ], +"WebAuthenticationAPI": [ "j_pas...@apple.com" ], +"WebCryptoAPI": [ "j_pas...@apple.com" ], "WebGPU": [ "mmaxfi...@apple.com", "changs...@webkit.org" ], "WebRTC": [ "eric.carl...@apple.com" ], "WHLSL": [ "mmaxfi...@apple.com" ], ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290392] trunk
Title: [290392] trunk
Revision 290392
Author j_pas...@apple.com
Date 2022-02-23 14:33:42 -0800 (Wed, 23 Feb 2022)
Log Message
[WebAuthn] Improve error message for missing pubKeyCredParams
https://bugs.webkit.org/show_bug.cgi?id=235421
rdar://87884875
Reviewed by Brent Fulgham.
Source/WebCore:
We have seen confusion from library authors around the language
used in this error not indicating enough information about what
the problem is. This patch adds additional information, useful
to developers seeing this error.
* Modules/webauthn/AuthenticatorCoordinator.cpp:
(WebCore::AuthenticatorCoordinator::create const):
LayoutTests:
Update test to reflect new error message.
* http/wpt/webauthn/public-key-credential-create-failure.https.html:
Modified Paths
trunk/LayoutTests/ChangeLog
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp
Diff
Modified: trunk/LayoutTests/ChangeLog (290391 => 290392)
--- trunk/LayoutTests/ChangeLog 2022-02-23 21:40:10 UTC (rev 290391)
+++ trunk/LayoutTests/ChangeLog 2022-02-23 22:33:42 UTC (rev 290392)
@@ -1,3 +1,15 @@
+2022-02-23 J Pascoe
+
+[WebAuthn] Improve error message for missing pubKeyCredParams
+https://bugs.webkit.org/show_bug.cgi?id=235421
+rdar://87884875
+
+Reviewed by Brent Fulgham.
+
+Update test to reflect new error message.
+
+* http/wpt/webauthn/public-key-credential-create-failure.https.html:
+
2022-02-23 Alan Bujtas
[Subpixel] imported/w3c/web-platform-tests/css/css-flexbox/auto-margins-001.html fails at certain font sizes
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html (290391 => 290392)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html 2022-02-23 21:40:10 UTC (rev 290391)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html 2022-02-23 22:33:42 UTC (rev 290392)
@@ -68,7 +68,7 @@
};
return promiseRejects(t, "NotSupportedError",
-navigator.credentials.create(options), "No desired properties of the to be created credential are provided.");
+navigator.credentials.create(options), "Unable to create credential because options.pubKeyCredParams is empty.");
}, "PublicKeyCredential's [[create]] with an empty pubKeyCredParams");
promise_test(function(t) {
Modified: trunk/Source/WebCore/ChangeLog (290391 => 290392)
--- trunk/Source/WebCore/ChangeLog 2022-02-23 21:40:10 UTC (rev 290391)
+++ trunk/Source/WebCore/ChangeLog 2022-02-23 22:33:42 UTC (rev 290392)
@@ -1,3 +1,19 @@
+2022-02-23 J Pascoe
+
+[WebAuthn] Improve error message for missing pubKeyCredParams
+https://bugs.webkit.org/show_bug.cgi?id=235421
+rdar://87884875
+
+Reviewed by Brent Fulgham.
+
+We have seen confusion from library authors around the language
+used in this error not indicating enough information about what
+the problem is. This patch adds additional information, useful
+to developers seeing this error.
+
+* Modules/webauthn/AuthenticatorCoordinator.cpp:
+(WebCore::AuthenticatorCoordinator::create const):
+
2022-02-23 Alan Bujtas
[IFC][Integration] LineLayout::firstLinePhysicalBaseline/lastLineLogicalBaseline should flip box baseline value for vertical-lr
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp (290391 => 290392)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2022-02-23 21:40:10 UTC (rev 290391)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2022-02-23 22:33:42 UTC (rev 290392)
@@ -141,7 +141,7 @@
// Most of the jobs are done by bindings. However, we can't know if the JSValue of options.pubKeyCredParams
// is empty or not. Return NotSupportedError as long as it is empty.
if (options.pubKeyCredParams.isEmpty()) {
-promise.reject(Exception { NotSupportedError, "No desired properties of the to be created credential are provided."_s });
+promise.reject(Exception { NotSupportedError, "Unable to create credential because options.pubKeyCredParams is empty."_s });
return;
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290384] trunk/Source
Title: [290384] trunk/Source
Revision 290384
Author j_pas...@apple.com
Date 2022-02-23 11:02:54 -0800 (Wed, 23 Feb 2022)
Log Message
Prevent use of PDFKit when using PDF.js
https://bugs.webkit.org/show_bug.cgi?id=237052
rdar://89251696
Reviewed by Tim Horton.
Source/WebCore:
Add WEBCORE_EXPORT in order to use isPDFMIMEType.
* platform/MIMETypeRegistry.h:
Source/WebKit:
PDFKit was still being used by embeds, this patch fixes that issue by treating
pdf embeds as frames if PDF.js is enabled and also prevents the loading of
the PDFKit plugin entirely by modifying shouldUsePDFPlugin.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::objectContentType):
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::shouldUsePDFPlugin const):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/platform/MIMETypeRegistry.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm
Diff
Modified: trunk/Source/WebCore/ChangeLog (290383 => 290384)
--- trunk/Source/WebCore/ChangeLog 2022-02-23 18:36:23 UTC (rev 290383)
+++ trunk/Source/WebCore/ChangeLog 2022-02-23 19:02:54 UTC (rev 290384)
@@ -1,3 +1,15 @@
+2022-02-23 J Pascoe
+
+Prevent use of PDFKit when using PDF.js
+https://bugs.webkit.org/show_bug.cgi?id=237052
+rdar://89251696
+
+Reviewed by Tim Horton.
+
+Add WEBCORE_EXPORT in order to use isPDFMIMEType.
+
+* platform/MIMETypeRegistry.h:
+
2022-02-23 Alan Bujtas
[IFC][Integration] LineLayout::firstInlineBoxRect should flip the rect coordinates for vertical-rl
Modified: trunk/Source/WebCore/platform/MIMETypeRegistry.h (290383 => 290384)
--- trunk/Source/WebCore/platform/MIMETypeRegistry.h 2022-02-23 18:36:23 UTC (rev 290383)
+++ trunk/Source/WebCore/platform/MIMETypeRegistry.h 2022-02-23 19:02:54 UTC (rev 290384)
@@ -105,7 +105,7 @@
static bool isApplicationPluginMIMEType(const String& mimeType);
// Check to see if a MIME type is one of the common PDF/PS types.
-static bool isPDFMIMEType(const String& mimeType);
+WEBCORE_EXPORT static bool isPDFMIMEType(const String& mimeType);
static bool isPostScriptMIMEType(const String& mimeType);
WEBCORE_EXPORT static bool isPDFOrPostScriptMIMEType(const String& mimeType);
Modified: trunk/Source/WebKit/ChangeLog (290383 => 290384)
--- trunk/Source/WebKit/ChangeLog 2022-02-23 18:36:23 UTC (rev 290383)
+++ trunk/Source/WebKit/ChangeLog 2022-02-23 19:02:54 UTC (rev 290384)
@@ -1,5 +1,22 @@
2022-02-23 J Pascoe
+Prevent use of PDFKit when using PDF.js
+https://bugs.webkit.org/show_bug.cgi?id=237052
+rdar://89251696
+
+Reviewed by Tim Horton.
+
+PDFKit was still being used by embeds, this patch fixes that issue by treating
+pdf embeds as frames if PDF.js is enabled and also prevents the loading of
+the PDFKit plugin entirely by modifying shouldUsePDFPlugin.
+
+* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+(WebKit::WebFrameLoaderClient::objectContentType):
+* WebProcess/WebPage/mac/WebPageMac.mm:
+(WebKit::WebPage::shouldUsePDFPlugin const):
+
+2022-02-23 J Pascoe
+
[WebAuthn] userHandle not marked nullable in _WKWebAuthenticationAssertionResponse
https://bugs.webkit.org/show_bug.cgi?id=237043
rdar://89317740
Modified: trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (290383 => 290384)
--- trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2022-02-23 18:36:23 UTC (rev 290383)
+++ trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2022-02-23 19:02:54 UTC (rev 290384)
@@ -1704,6 +1704,10 @@
return ObjectContentType::Frame;
}
}
+if (auto* webPage = m_frame->page()) {
+if (webPage->corePage()->settings().pdfJSViewerEnabled() && MIMETypeRegistry::isPDFMIMEType(mimeType))
+return ObjectContentType::Frame;
+}
if (MIMETypeRegistry::isSupportedImageMIMEType(mimeType))
return ObjectContentType::Image;
Modified: trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm (290383 => 290384)
--- trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm 2022-02-23 18:36:23 UTC (rev 290383)
+++ trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm 2022-02-23 19:02:54 UTC (rev 290384)
@@ -206,6 +206,7 @@
bool WebPage::shouldUsePDFPlugin(const String& contentType, StringView path) const
{
return pdfPluginEnabled()
+&& !corePage()->settings().pdfJSViewerEnabled()
&& getPDFLayerControllerClass()
&& (MIMETypeRegistry::isPDFOrPostScriptMIMEType(contentType)
|| (contentType.isEmpty()
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mail
[webkit-changes] [290381] trunk
Title: [290381] trunk
Revision 290381
Author j_pas...@apple.com
Date 2022-02-23 10:19:54 -0800 (Wed, 23 Feb 2022)
Log Message
[WebAuthn] userHandle not marked nullable in _WKWebAuthenticationAssertionResponse
https://bugs.webkit.org/show_bug.cgi?id=237043
rdar://89317740
Reviewed by Brent Fulgham.
Source/WebCore:
The userHandle is a nullable field on UserEntity. This patch changes
various API/SPI to allow passing null userHandle.
* Modules/webauthn/AuthenticatorAssertionResponse.cpp:
(WebCore::AuthenticatorAssertionResponse::create):
(WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse):
* Modules/webauthn/AuthenticatorAssertionResponse.h:
Source/WebKit:
The userHandle is a nullable field on UserEntity. This patch changes
various API/SPI to allow passing null userHandle.
* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
Update forward declared SPI, reflecting userHandle as nullable.
* UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h:
Update userHandle property to null.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(getAllLocalAuthenticatorCredentialsImpl):
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticatorInternal::getExistingCredentials):
Tools:
Create tests to check for null userHandle.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp
trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebCore/ChangeLog (290380 => 290381)
--- trunk/Source/WebCore/ChangeLog 2022-02-23 18:14:59 UTC (rev 290380)
+++ trunk/Source/WebCore/ChangeLog 2022-02-23 18:19:54 UTC (rev 290381)
@@ -1,3 +1,19 @@
+2022-02-23 J Pascoe
+
+[WebAuthn] userHandle not marked nullable in _WKWebAuthenticationAssertionResponse
+https://bugs.webkit.org/show_bug.cgi?id=237043
+rdar://89317740
+
+Reviewed by Brent Fulgham.
+
+The userHandle is a nullable field on UserEntity. This patch changes
+various API/SPI to allow passing null userHandle.
+
+* Modules/webauthn/AuthenticatorAssertionResponse.cpp:
+(WebCore::AuthenticatorAssertionResponse::create):
+(WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse):
+* Modules/webauthn/AuthenticatorAssertionResponse.h:
+
2022-02-23 Antti Koivisto
[CSS Container Queries] offsetWidth/Height and similar should update layout for container queries
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp (290380 => 290381)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp 2022-02-23 18:14:59 UTC (rev 290380)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp 2022-02-23 18:19:54 UTC (rev 290381)
@@ -48,7 +48,7 @@
return create(ArrayBuffer::create(rawId.data(), rawId.size()), ArrayBuffer::create(authenticatorData.data(), authenticatorData.size()), ArrayBuffer::create(signature.data(), signature.size()), WTFMove(userhandleBuffer), std::nullopt, attachment);
}
-Ref AuthenticatorAssertionResponse::create(Ref&& rawId, Ref&& userHandle, String&& name, SecAccessControlRef accessControl, AuthenticatorAttachment attachment)
+Ref AuthenticatorAssertionResponse::create(Ref&& rawId, RefPtr&& userHandle, String&& name, SecAccessControlRef accessControl, AuthenticatorAttachment attachment)
{
return adoptRef(*new AuthenticatorAssertionResponse(WTFMove(rawId), WTFMove(userHandle), WTFMove(name), accessControl, attachment));
}
@@ -66,7 +66,7 @@
{
}
-AuthenticatorAssertionResponse::AuthenticatorAssertionResponse(Ref&& rawId, Ref&& userHandle, String&& name, SecAccessControlRef accessControl, AuthenticatorAttachment attachment)
+AuthenticatorAssertionResponse::AuthenticatorAssertionResponse(Ref&& rawId, RefPtr&& userHandle, String&& name, SecAccessControlRef accessControl, AuthenticatorAttachment attachment)
: AuthenticatorResponse(WTFMove(rawId), attachment)
, m_userHandle(WTFMove(userHandle))
, m_name(WTFMove(name))
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h (290380 => 290381)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h 2022-02-23 18:14:59 UTC (rev 290380)
+++ trunk/So
[webkit-changes] [290317] trunk/Source/WebKit
Title: [290317] trunk/Source/WebKit
Revision 290317
Author j_pas...@apple.com
Date 2022-02-22 10:21:24 -0800 (Tue, 22 Feb 2022)
Log Message
[WebAuthn] Fix lifetime issue on iOS
https://bugs.webkit.org/show_bug.cgi?id=237018
rdar://89206950
Reviewed by Brent Fulgham.
Lifetime issues introduced in a recent refactor of performRequest were causing
replies from WebAuthenticatorCoordinatorProxy_MakeCredentialReply not to make it
back to the web content process. This patch fixes these, allowing requests to proceed.
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::continueAfterRequest):
(WebKit::WebAuthenticatorCoordinatorProxy::performRequest): Deleted.
(WebKit::WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable): Deleted.
(WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable): Deleted.
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h
Diff
Modified: trunk/Source/WebKit/ChangeLog (290316 => 290317)
--- trunk/Source/WebKit/ChangeLog 2022-02-22 17:55:54 UTC (rev 290316)
+++ trunk/Source/WebKit/ChangeLog 2022-02-22 18:21:24 UTC (rev 290317)
@@ -1,3 +1,22 @@
+2022-02-22 J Pascoe
+
+[WebAuthn] Fix lifetime issue on iOS
+https://bugs.webkit.org/show_bug.cgi?id=237018
+rdar://89206950
+
+Reviewed by Brent Fulgham.
+
+Lifetime issues introduced in a recent refactor of performRequest were causing
+replies from WebAuthenticatorCoordinatorProxy_MakeCredentialReply not to make it
+back to the web content process. This patch fixes these, allowing requests to proceed.
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::continueAfterRequest):
+(WebKit::WebAuthenticatorCoordinatorProxy::performRequest): Deleted.
+(WebKit::WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable): Deleted.
+(WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable): Deleted.
+* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
+
2022-02-22 Brent Fulgham
Remove an unneeded IOKit property
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (290316 => 290317)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-02-22 17:55:54 UTC (rev 290316)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-02-22 18:21:24 UTC (rev 290317)
@@ -307,101 +307,107 @@
return result;
}
-void WebAuthenticatorCoordinatorProxy::performRequest(RetainPtr requestContext, RequestCompletionHandler&& handler)
+static inline void continueAfterRequest(RetainPtr> credential, RetainPtr error, RequestCompletionHandler&& handler)
{
-auto proxy = adoptNS([allocASCAgentProxyInstance() init]);
+AuthenticatorResponseData response = { };
+AuthenticatorAttachment attachment;
+ExceptionData exceptionData = { };
-auto completionHandler = makeBlockPtr([handler = WTFMove(handler)](id credential, NSError *error) mutable {
-ensureOnMainRunLoop([handler = WTFMove(handler), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
-AuthenticatorResponseData response;
-AuthenticatorAttachment attachment;
-ExceptionData exceptionData;
+if ([credential isKindOfClass:getASCPlatformPublicKeyCredentialRegistrationClass()]) {
+attachment = AuthenticatorAttachment::Platform;
+response.isAuthenticatorAttestationResponse = true;
-if ([credential isKindOfClass:getASCPlatformPublicKeyCredentialRegistrationClass()]) {
-attachment = AuthenticatorAttachment::Platform;
-response.isAuthenticatorAttestationResponse = true;
+ASCPlatformPublicKeyCredentialRegistration *registrationCredential = credential.get();
+response.rawId = toArrayBuffer(registrationCredential.credentialID);
+response.attestationObject = toArrayBuffer(registrationCredential.attestationObject);
+} else if ([credential isKindOfClass:getASCSecurityKeyPublicKeyCredentialRegistrationClass()]) {
+attachment = AuthenticatorAttachment::CrossPlatform;
+response.isAuthenticatorAttestationResponse = true;
-ASCPlatformPublicKeyCredentialRegistration *registrationCredential = credential.get();
-response.rawId = toArrayBuffer(registrationCredential.credentialID);
-response.attestationObject = toArrayBuffer(registrationCredential.attestationObject);
-} else if ([credential isKindOfClass:getASCSecurityKeyPublicKeyCredential
[webkit-changes] [290184] trunk/Source
Title: [290184] trunk/Source Revision 290184 Author j_pas...@apple.com Date 2022-02-18 16:28:13 -0800 (Fri, 18 Feb 2022) Log Message [WebAuthn] Support for conditional mediation https://bugs.webkit.org/show_bug.cgi?id=236820 rdar://84821947 Reviewed by Brent Fulgham and Chris Dumez. This patch adds support for conditional mediation, as defined in the credentials management spec: https://w3c.github.io/webappsec-credential-management/#dom-credentialmediationrequirement-conditional Source/WebCore: * Modules/credentialmanagement/BasicCredential.cpp: (WebCore::BasicCredential::isConditionalMediationAvailable): * Modules/credentialmanagement/BasicCredential.h: * Modules/credentialmanagement/BasicCredential.idl: * Modules/credentialmanagement/CredentialRequestOptions.h: * Modules/credentialmanagement/CredentialRequestOptions.idl: * Modules/credentialmanagement/CredentialsContainer.cpp: (WebCore::CredentialsContainer::get): * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): (WebCore::AuthenticatorCoordinator::isConditionalMediationAvailable const): * Modules/webauthn/AuthenticatorCoordinator.h: * Modules/webauthn/AuthenticatorCoordinatorClient.h: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configurationAssertionRequestContext): (WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest): (WebKit::WebAuthenticatorCoordinatorProxy::performRequest): (WebKit::WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable): * UIProcess/WebAuthentication/WebAuthenticationRequestData.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::makeCredential): (WebKit::WebAuthenticatorCoordinatorProxy::getAssertion): (WebKit::WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: (WebKit::WebAuthenticatorCoordinator::getAssertion): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.h trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.idl trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.idl trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h Diff Modified: trunk/Source/WebCore/ChangeLog (290183 => 290184) --- trunk/Source/WebCore/ChangeLog 2022-02-19 00:27:04 UTC (rev 290183) +++ trunk/Source/WebCore/ChangeLog 2022-02-19 00:28:13 UTC (rev 290184) @@ -1,3 +1,29 @@ +2022-02-18 J Pascoe + +[WebAuthn] Support for conditional mediation +https://bugs.webkit.org/show_bug.cgi?id=236820 +rdar://84821947 + +Reviewed by Brent Fulgham and Chris Dumez. + +This patch adds support for conditional mediation, as defined in the +credentials management spec: https://w3c.github.io/webappsec-credential-management/#dom-credentialmediationrequirement-conditional + +* Modules/credentialmanagement/BasicCredential.cpp: +(WebCore::BasicCredential::isConditionalMediationAvailable): +* Modules/credentialmanagement/BasicCredential.h: +* Modules/credentialmanagement/BasicCredential.idl: +* Modules/credentialmanagement/CredentialRequestOptions.h: +* Modules/credentialmanagement/CredentialRequestOptions.idl: +* Modules/credentialmanagement/Credential
[webkit-changes] [290154] trunk
Title: [290154] trunk
Revision 290154
Author j_pas...@apple.com
Date 2022-02-18 12:37:00 -0800 (Fri, 18 Feb 2022)
Log Message
[WebAuthn] Add credentialID to _WKWebAuthenticationAssertionResponse and userHandle in getAllLocalAuthenticatorCredentials
https://bugs.webkit.org/show_bug.cgi?id=236657
rdar://problem/88979279
Reviewed by Brent Fulgham.
Source/WebKit:
Modified API tests to verify new fields present and populated.
* UIProcess/API/APIWebAuthenticationAssertionResponse.cpp:
(API::WebAuthenticationAssertionResponse::credentialID const):
* UIProcess/API/APIWebAuthenticationAssertionResponse.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:
(-[_WKWebAuthenticationAssertionResponse credentialID]):
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(getAllLocalAuthenticatorCredentialsImpl):
Tools:
Adjusted existing API tests, GetAllCredential and MultipleAccounts, to test for new fields
being returned and that they match the values expected. These values stem from testUserEntityBundleBase64
and testAssertionMessageLongBase64.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(-[TestWebAuthenticationPanelDelegate panel:selectAssertionResponse:source:completionHandler:]):
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.cpp
trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (290153 => 290154)
--- trunk/Source/WebKit/ChangeLog 2022-02-18 20:30:09 UTC (rev 290153)
+++ trunk/Source/WebKit/ChangeLog 2022-02-18 20:37:00 UTC (rev 290154)
@@ -1,3 +1,23 @@
+2022-02-18 J Pascoe
+
+[WebAuthn] Add credentialID to _WKWebAuthenticationAssertionResponse and userHandle in getAllLocalAuthenticatorCredentials
+https://bugs.webkit.org/show_bug.cgi?id=236657
+rdar://problem/88979279
+
+Reviewed by Brent Fulgham.
+
+Modified API tests to verify new fields present and populated.
+
+* UIProcess/API/APIWebAuthenticationAssertionResponse.cpp:
+(API::WebAuthenticationAssertionResponse::credentialID const):
+* UIProcess/API/APIWebAuthenticationAssertionResponse.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:
+(-[_WKWebAuthenticationAssertionResponse credentialID]):
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(getAllLocalAuthenticatorCredentialsImpl):
+
2022-02-18 Tim Horton
Client-set minimum effective device width is not respected if AllowViewportShrinkToFitContent is enabled
Modified: trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.cpp (290153 => 290154)
--- trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.cpp 2022-02-18 20:30:09 UTC (rev 290153)
+++ trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.cpp 2022-02-18 20:37:00 UTC (rev 290154)
@@ -58,6 +58,18 @@
return data;
}
+RefPtr WebAuthenticationAssertionResponse::credentialID() const
+{
+RefPtr data;
+if (auto* rawId = m_response->rawId()) {
+rawId->ref();
+data = "" char*>(rawId->data()), rawId->byteLength(), [] (unsigned char*, const void* data) {
+static_cast(const_cast(data))->deref();
+}, rawId);
+}
+return data;
+}
+
} // namespace API
#endif // ENABLE(WEB_AUTHN)
Modified: trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.h (290153 => 290154)
--- trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.h 2022-02-18 20:30:09 UTC (rev 290153)
+++ trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.h 2022-02-18 20:37:00 UTC (rev 290154)
@@ -44,6 +44,7 @@
RefPtr userHandle() const;
bool synchronizable() const { return m_response->synchronizable(); }
const WTF::String& group() const { return m_response->group(); }
+RefPtr credentialID() const;
void setLAContext(LAContext *context) { m_response->setLAContext(context); }
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h (290153 => 290154)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h 2022-02-18 20:30:09 UTC (rev 290153)
+++ trunk/Source/WebKit/UIProce
[webkit-changes] [290089] trunk/Source/WebCore
Title: [290089] trunk/Source/WebCore
Revision 290089
Author j_pas...@apple.com
Date 2022-02-17 16:27:59 -0800 (Thu, 17 Feb 2022)
Log Message
PDF.js viewer should work for all kinds of URLs
https://bugs.webkit.org/show_bug.cgi?id=236525
rdar://problem/88832961
Reviewed by Tim Nguyen.
This patch starts loading the pdf as an array buffer after it's recieved
by calling the PDFJS viewer's open function through the content script's
wrapper. More work is needed to potentially present the data as a
PDFDataRangeTransport.
* Modules/pdfjs-extras/content-script.js:
(const.PDFJSContentScript.init):
(const.PDFJSContentScript.open):
* html/PDFDocument.cpp:
(WebCore::PDFDocumentEventListener::handleEvent):
(WebCore::PDFDocument::createDocumentStructure):
(WebCore::PDFDocument::updateDuringParsing):
(WebCore::PDFDocument::finishedParsing):
(WebCore::PDFDocument::sendPDFArrayBuffer):
(WebCore::PDFDocument::injectContentScript):
* html/PDFDocument.h:
(WebCore::PDFDocumentEventListener::handleEvent):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/pdfjs-extras/content-script.js
trunk/Source/WebCore/html/PDFDocument.cpp
trunk/Source/WebCore/html/PDFDocument.h
Diff
Modified: trunk/Source/WebCore/ChangeLog (290088 => 290089)
--- trunk/Source/WebCore/ChangeLog 2022-02-18 00:14:59 UTC (rev 290088)
+++ trunk/Source/WebCore/ChangeLog 2022-02-18 00:27:59 UTC (rev 290089)
@@ -1,3 +1,29 @@
+2022-02-17 J Pascoe
+
+PDF.js viewer should work for all kinds of URLs
+https://bugs.webkit.org/show_bug.cgi?id=236525
+rdar://problem/88832961
+
+Reviewed by Tim Nguyen.
+
+This patch starts loading the pdf as an array buffer after it's recieved
+by calling the PDFJS viewer's open function through the content script's
+wrapper. More work is needed to potentially present the data as a
+PDFDataRangeTransport.
+
+* Modules/pdfjs-extras/content-script.js:
+(const.PDFJSContentScript.init):
+(const.PDFJSContentScript.open):
+* html/PDFDocument.cpp:
+(WebCore::PDFDocumentEventListener::handleEvent):
+(WebCore::PDFDocument::createDocumentStructure):
+(WebCore::PDFDocument::updateDuringParsing):
+(WebCore::PDFDocument::finishedParsing):
+(WebCore::PDFDocument::sendPDFArrayBuffer):
+(WebCore::PDFDocument::injectContentScript):
+* html/PDFDocument.h:
+(WebCore::PDFDocumentEventListener::handleEvent):
+
2022-02-17 Chris Dumez
Pass registrable domain to CoreLocation API
Modified: trunk/Source/WebCore/Modules/pdfjs-extras/content-script.js (290088 => 290089)
--- trunk/Source/WebCore/Modules/pdfjs-extras/content-script.js 2022-02-18 00:14:59 UTC (rev 290088)
+++ trunk/Source/WebCore/Modules/pdfjs-extras/content-script.js 2022-02-18 00:27:59 UTC (rev 290089)
@@ -31,6 +31,9 @@
},
init() {
this.injectStyle();
+},
+open(data) {
+PDFViewerApplication.open(data);
}
};
Modified: trunk/Source/WebCore/html/PDFDocument.cpp (290088 => 290089)
--- trunk/Source/WebCore/html/PDFDocument.cpp 2022-02-18 00:14:59 UTC (rev 290088)
+++ trunk/Source/WebCore/html/PDFDocument.cpp 2022-02-18 00:27:59 UTC (rev 290089)
@@ -107,12 +107,14 @@
void PDFDocumentEventListener::handleEvent(ScriptExecutionContext&, Event& event)
{
-auto* iframe = dynamicDowncast(event.target());
-ASSERT(iframe, "Should have event target");
-
-if (event.type() == eventNames().loadEvent) {
-m_document->injectContentScript(*iframe->contentDocument());
-}
+if (is(event.target()) && event.type() == eventNames().loadEvent) {
+m_document->injectContentScript();
+} else if (is(event.target()) && event.type() == eventNames().loadEvent) {
+m_document->setContentScriptLoaded(true);
+if (m_document->isFinishedParsing())
+m_document->sendPDFArrayBuffer();
+} else
+ASSERT_NOT_REACHED();
}
bool PDFDocumentEventListener::operator==(const EventListener& other) const
@@ -135,6 +137,7 @@
void PDFDocument::createDocumentStructure()
{
+// The empty file parameter prevents default pdf from loading.
auto viewerURL = "webkit-pdfjs-viewer://pdfjs/web/viewer.html?file=";
auto rootElement = HTMLHtmlElement::create(*this);
appendChild(rootElement);
@@ -146,35 +149,68 @@
body->setAttribute(styleAttr, AtomString("margin: 0px;height: 100vh;", AtomString::ConstructFromLiteral));
rootElement->appendChild(body);
-auto iframe = HTMLIFrameElement::create(HTMLNames::iframeTag, *this);
-iframe->setAttribute(srcAttr, makeString(viewerURL, encodeWithURLEscapeSequences(url().string(;
-iframe->setAttribute(styleAttr, AtomString("width: 100%; height: 100%; border: 0; display: block;", AtomString::ConstructFromLiteral));
-body->appendChild(iframe);
+m_iframe = HTMLIFrameElement::create(HTMLNames::iframeTag, *this);
+m_iframe->setAttribu
[webkit-changes] [289817] trunk/Source/WebKit
Title: [289817] trunk/Source/WebKit
Revision 289817
Author j_pas...@apple.com
Date 2022-02-15 09:03:54 -0800 (Tue, 15 Feb 2022)
Log Message
Modify getAllLocalAuthenticatorCredentials according to internal requirements
https://bugs.webkit.org/show_bug.cgi?id=236364
rdar://88585418
Reviewed by Brent Fulgham.
This patch modifies the getAllLocalAuthenticatorCredentials SPI to return additional
fields according to internal needs.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(updateCredentialIfNessesary):
(getAllLocalAuthenticatorCredentialsImpl):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (289816 => 289817)
--- trunk/Source/WebKit/ChangeLog 2022-02-15 16:03:16 UTC (rev 289816)
+++ trunk/Source/WebKit/ChangeLog 2022-02-15 17:03:54 UTC (rev 289817)
@@ -1,3 +1,19 @@
+2022-02-15 J Pascoe
+
+Modify getAllLocalAuthenticatorCredentials according to internal requirements
+https://bugs.webkit.org/show_bug.cgi?id=236364
+rdar://88585418
+
+Reviewed by Brent Fulgham.
+
+This patch modifies the getAllLocalAuthenticatorCredentials SPI to return additional
+fields according to internal needs.
+
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(updateCredentialIfNessesary):
+(getAllLocalAuthenticatorCredentialsImpl):
+
2022-02-15 Carlos Garcia Campos
[GTK][WPE] Move WebPage::platformInitialize and WebPage::platformDetach() to WebPageGLib.cpp
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (289816 => 289817)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-02-15 16:03:16 UTC (rev 289816)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-02-15 17:03:54 UTC (rev 289817)
@@ -92,6 +92,8 @@
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialRelyingPartyIDKey;
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialLastModificationDateKey;
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialCreationDateKey;
+WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialGroupKey;
+WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialSynchronizableKey;
@protocol _WKWebAuthenticationPanelDelegate
@@ -114,10 +116,13 @@
+ (NSArray *)getAllLocalAuthenticatorCredentials WK_API_AVAILABLE(macos(12.0), ios(15.0));
+ (void)deleteLocalAuthenticatorCredentialWithID:(NSData *)credentialID WK_API_AVAILABLE(macos(12.0), ios(15.0));
++ (void)deleteLocalAuthenticatorCredentialWithGroupAndID:(NSString * _Nullable)group credential:(NSData *)credentialID WK_API_AVAILABLE(macos(12.0), ios(15.0));
+ (void)clearAllLocalAuthenticatorCredentials WK_API_AVAILABLE(macos(12.0), ios(15.0));
+ (void)setUsernameForLocalCredentialWithID:(NSData *)credentialID username: (NSString *)username WK_API_AVAILABLE(macos(12.0), ios(15.0));
++ (void)setUsernameForLocalCredentialWithGroupAndID:(NSString * _Nullable)group credential:(NSData *)credentialID username: (NSString *)username WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (NSData *)exportLocalAuthenticatorCredentialWithID:(NSData *)credentialID error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (NSData *)exportLocalAuthenticatorCredentialWithGroupAndID:(NSString * _Nullable)group credential:(NSData *)credentialID error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (NSData *)importLocalAuthenticatorCredential:(NSData *)credentialBlob error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (NSData *)importLocalAuthenticatorWithAccessGroup:(NSString *)accessGroup credential:(NSData *)credentialBlob error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (289816 => 289817)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-15 16:03:16 UTC (rev 289816)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-15 17:03:54 UTC (rev 289817)
@@ -71,6 +71,12 @@
static void updateQueryIfNecessary(NSMutableDictionary *)
{
}
+static inline void updateCredentialIfNecessary(NSMutableDictionary *credential, NSDictionary *attributes)
+{
+}
+static inline void updateQueryForGroupIfNecessary(NSMutableDictionary *dictionary, NSString *group)
+{
+}
#endif
static RetainPtr produceClientDataJson(_WKWebAuthenticationType type, NSData *challenge, NSString *origin)
@@ -105,6 +111,8 @@
NSString * const _WKLocalAuthenticatorCredentialRelyingPartyIDKey = @"_WKLocalAuthenticatorCredentialRelyingPartyIDKey";
NSString * const _W
[webkit-changes] [289760] trunk
Title: [289760] trunk
Revision 289760
Author j_pas...@apple.com
Date 2022-02-14 13:10:50 -0800 (Mon, 14 Feb 2022)
Log Message
[WebAuthn] Access group not set in add query for importLocalAuthenticatorCredential
https://bugs.webkit.org/show_bug.cgi?id=236469
rdar://problem/88783447
Reviewed by Brent Fulgham.
Source/WebKit:
In Bug 236311 we added support setting accessGroup, but did not properly set it
on the addQuery. This patch fixes that.
Updated API test to use non-standard accessGroup.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(+[_WKWebAuthenticationPanel importLocalAuthenticatorWithAccessGroup:credential:error:]):
Tools:
Updated API test to use non-standard access group.
* TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements:
* TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements:
* TestWebKitAPI/Configurations/TestWebKitAPI-macOS.entitlements:
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements
trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements
trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS.entitlements
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (289759 => 289760)
--- trunk/Source/WebKit/ChangeLog 2022-02-14 21:09:48 UTC (rev 289759)
+++ trunk/Source/WebKit/ChangeLog 2022-02-14 21:10:50 UTC (rev 289760)
@@ -1,5 +1,21 @@
2022-02-14 J Pascoe
+[WebAuthn] Access group not set in add query for importLocalAuthenticatorCredential
+https://bugs.webkit.org/show_bug.cgi?id=236469
+rdar://problem/88783447
+
+Reviewed by Brent Fulgham.
+
+In Bug 236311 we added support setting accessGroup, but did not properly set it
+on the addQuery. This patch fixes that.
+
+Updated API test to use non-standard accessGroup.
+
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(+[_WKWebAuthenticationPanel importLocalAuthenticatorWithAccessGroup:credential:error:]):
+
+2022-02-14 J Pascoe
+
[WebAuthn] Modify _WKWebAuthenticationAssertionResponse according to internal needs
https://bugs.webkit.org/show_bug.cgi?id=236369
rdar://88585811
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (289759 => 289760)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-14 21:09:48 UTC (rev 289759)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-14 21:10:50 UTC (rev 289760)
@@ -510,7 +510,7 @@
updateQueryIfNecessary(addQuery.get());
if (accessGroup != nil)
-[query setObject:accessGroup forKey:(__bridge id)kSecAttrAccessGroup];
+[addQuery setObject:accessGroup forKey:(__bridge id)kSecAttrAccessGroup];
status = SecItemAdd(bridge_cast(addQuery.get()), NULL);
if (status) {
Modified: trunk/Tools/ChangeLog (289759 => 289760)
--- trunk/Tools/ChangeLog 2022-02-14 21:09:48 UTC (rev 289759)
+++ trunk/Tools/ChangeLog 2022-02-14 21:10:50 UTC (rev 289760)
@@ -1,3 +1,19 @@
+2022-02-14 J Pascoe
+
+[WebAuthn] Access group not set in add query for importLocalAuthenticatorCredential
+https://bugs.webkit.org/show_bug.cgi?id=236469
+rdar://problem/88783447
+
+Reviewed by Brent Fulgham.
+
+Updated API test to use non-standard access group.
+
+* TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements:
+* TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements:
+* TestWebKitAPI/Configurations/TestWebKitAPI-macOS.entitlements:
+* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+(TestWebKitAPI::TEST):
+
2022-02-14 Jonathan Bedard
[EWS] Rebase PRs on tip of branch (Follow-up fix)
Modified: trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements (289759 => 289760)
--- trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements 2022-02-14 21:09:48 UTC (rev 289759)
+++ trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements 2022-02-14 21:10:50 UTC (rev 289760)
@@ -4,6 +4,7 @@
keychain-access-groups
+ com.apple.TestWebKitAPIAlternate
com.apple.TestWebKitAPI
com.apple.developer.WebKit.ServiceWorkers
Modified: trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements (289759 => 289760)
--- trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements 2022-02-14 21:09:48 UTC (rev 289759)
+++ trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements 2022-02-14 21:10:50 UTC (rev 289760)
@@ -14,6 +14,7 @@
keychain-access-groups
+ com.apple.Tes
[webkit-changes] [289739] trunk/Source
Title: [289739] trunk/Source
Revision 289739
Author j_pas...@apple.com
Date 2022-02-14 09:58:13 -0800 (Mon, 14 Feb 2022)
Log Message
[WebAuthn] Modify _WKWebAuthenticationAssertionResponse according to internal needs
https://bugs.webkit.org/show_bug.cgi?id=236369
rdar://88585811
Reviewed by Brent Fulgham.
Source/WebCore:
This patch modifies AuthenticatorAssertionResponse with additional
fields and populates them according to internal needs.
* Modules/webauthn/AuthenticatorAssertionResponse.h:
(WebCore::AuthenticatorAssertionResponse::group const):
(WebCore::AuthenticatorAssertionResponse::synchronizable const):
(WebCore::AuthenticatorAssertionResponse::setGroup):
(WebCore::AuthenticatorAssertionResponse::setSynchronizable):
Source/WebKit:
This patch modifies the _WKWebAuthenticationAssertionResponse API object with additional
fields and populates them according to internal needs.
* UIProcess/API/APIWebAuthenticationAssertionResponse.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:
(-[_WKWebAuthenticationAssertionResponse synchronizable]):
(-[_WKWebAuthenticationAssertionResponse group]):
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(groupForAttributes):
(WebKit::LocalAuthenticatorInternal::getExistingCredentials):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationAssertionResponse.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Diff
Modified: trunk/Source/WebCore/ChangeLog (289738 => 289739)
--- trunk/Source/WebCore/ChangeLog 2022-02-14 17:07:17 UTC (rev 289738)
+++ trunk/Source/WebCore/ChangeLog 2022-02-14 17:58:13 UTC (rev 289739)
@@ -1,3 +1,20 @@
+2022-02-14 J Pascoe
+
+[WebAuthn] Modify _WKWebAuthenticationAssertionResponse according to internal needs
+https://bugs.webkit.org/show_bug.cgi?id=236369
+rdar://88585811
+
+Reviewed by Brent Fulgham.
+
+This patch modifies AuthenticatorAssertionResponse with additional
+fields and populates them according to internal needs.
+
+* Modules/webauthn/AuthenticatorAssertionResponse.h:
+(WebCore::AuthenticatorAssertionResponse::group const):
+(WebCore::AuthenticatorAssertionResponse::synchronizable const):
+(WebCore::AuthenticatorAssertionResponse::setGroup):
+(WebCore::AuthenticatorAssertionResponse::setSynchronizable):
+
2022-02-14 Frédéric Wang
Nullptr crash in CompositeEditCommand::splitTreeToNode via InsertParagraphSeparatorCommand::doApply
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h (289738 => 289739)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h 2022-02-14 17:07:17 UTC (rev 289738)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h 2022-02-14 17:58:13 UTC (rev 289739)
@@ -49,6 +49,8 @@
const String& displayName() const { return m_displayName; }
size_t numberOfCredentials() const { return m_numberOfCredentials; }
SecAccessControlRef accessControl() const { return m_accessControl.get(); }
+const String& group() const { return m_group; }
+bool synchronizable() const { return m_synchronizable; }
LAContext * laContext() const { return m_laContext.get(); }
WEBCORE_EXPORT void setAuthenticatorData(Vector&&);
@@ -56,6 +58,8 @@
void setName(const String& name) { m_name = name; }
void setDisplayName(const String& displayName) { m_displayName = displayName; }
void setNumberOfCredentials(size_t numberOfCredentials) { m_numberOfCredentials = numberOfCredentials; }
+void setGroup(const String& group) { m_group = group; }
+void setSynchronizable(bool synchronizable) { m_synchronizable = synchronizable; }
void setLAContext(LAContext *context) { m_laContext = context; }
private:
@@ -71,6 +75,8 @@
String m_name;
String m_displayName;
+String m_group;
+bool m_synchronizable;
size_t m_numberOfCredentials { 0 };
RetainPtr m_accessControl;
RetainPtr m_laContext;
Modified: trunk/Source/WebKit/ChangeLog (289738 => 289739)
--- trunk/Source/WebKit/ChangeLog 2022-02-14 17:07:17 UTC (rev 289738)
+++ trunk/Source/WebKit/ChangeLog 2022-02-14 17:58:13 UTC (rev 289739)
@@ -1,3 +1,23 @@
+2022-02-14 J Pascoe
+
+[WebAuthn] Modify _WKWebAuthenticationAssertionResponse according to internal needs
+https://bugs.webkit.org/show_bug.cgi?id=236369
+rdar://88585811
+
+Reviewed by Brent Fulgham.
+
+This patch modifies the _WKWebAuthenticationAssertionResponse API object with additional
+fields and po
[webkit-changes] [289482] trunk
Title: [289482] trunk
Revision 289482
Author j_pas...@apple.com
Date 2022-02-09 10:17:43 -0800 (Wed, 09 Feb 2022)
Log Message
[WebAuthn] Specify LocalAuthenticatorAccessGroup when importing credentials
https://bugs.webkit.org/show_bug.cgi?id=236311
rdar://88394179
Reviewed by Brent Fulgham.
Source/WebKit:
Tested on device and added check for accessGroup in API test.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(+[_WKWebAuthenticationPanel importLocalAuthenticatorCredential:error:]):
(+[_WKWebAuthenticationPanel importLocalAuthenticatorWithAccessGroup:credential:error:]):
Tools:
Added check for accessGroup to API test.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::WebCore::addKeyToKeychain):
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (289481 => 289482)
--- trunk/Source/WebKit/ChangeLog 2022-02-09 18:16:32 UTC (rev 289481)
+++ trunk/Source/WebKit/ChangeLog 2022-02-09 18:17:43 UTC (rev 289482)
@@ -1,3 +1,18 @@
+2022-02-09 J Pascoe
+
+[WebAuthn] Specify LocalAuthenticatorAccessGroup when importing credentials
+https://bugs.webkit.org/show_bug.cgi?id=236311
+rdar://88394179
+
+Reviewed by Brent Fulgham.
+
+Tested on device and added check for accessGroup in API test.
+
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(+[_WKWebAuthenticationPanel importLocalAuthenticatorCredential:error:]):
+(+[_WKWebAuthenticationPanel importLocalAuthenticatorWithAccessGroup:credential:error:]):
+
2022-02-09 Sihui Liu
Manage IndexedDB storage by origin
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (289481 => 289482)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-02-09 18:16:32 UTC (rev 289481)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-02-09 18:17:43 UTC (rev 289482)
@@ -119,6 +119,7 @@
+ (NSData *)exportLocalAuthenticatorCredentialWithID:(NSData *)credentialID error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (NSData *)importLocalAuthenticatorCredential:(NSData *)credentialBlob error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (NSData *)importLocalAuthenticatorWithAccessGroup:(NSString *)accessGroup credential:(NSData *)credentialBlob error:(NSError **)error WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (BOOL)isUserVerifyingPlatformAuthenticatorAvailable WK_API_AVAILABLE(macos(12.0), ios(15.0));
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (289481 => 289482)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-09 18:16:32 UTC (rev 289481)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-09 18:17:43 UTC (rev 289482)
@@ -398,6 +398,11 @@
+ (NSData *)importLocalAuthenticatorCredential:(NSData *)credentialBlob error:(NSError **)error
{
+return [self importLocalAuthenticatorWithAccessGroup:@(WebCore::LocalAuthenticatorAccessGroup) credential:credentialBlob error:error];
+}
+
++ (NSData *)importLocalAuthenticatorWithAccessGroup:(NSString *)accessGroup credential:(NSData *)credentialBlob error:(NSError **)error
+{
#if ENABLE(WEB_AUTHN)
auto credential = cbor::CBORReader::read(vectorFromNSData(credentialBlob));
if (!credential || !credential->isMap()) {
@@ -481,6 +486,9 @@
]);
updateQueryIfNecessary(query.get());
+if (accessGroup != nil)
+[query setObject:accessGroup forKey:(__bridge id)kSecAttrAccessGroup];
+
OSStatus status = SecItemCopyMatching(bridge_cast(query.get()), nullptr);
if (!status) {
// Credential with same id already exists, duplicate key.
@@ -489,15 +497,22 @@
}
auto secAttrApplicationTag = adoptNS([[NSData alloc] initWithBytes:keyTag->data() length:keyTag->size()]);
-NSDictionary *addQuery = @{
-(id)kSecValueRef: (id)key.get(),
-(id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate,
-(id)kSecAttrLabel: rp,
-(id)kSecAttrApplicationTag: secAttrApplicationTag.get(),
-(id)kSecUseDataProtectionKeychain: @YES,
-(id)kSecAttrAccessible: (id)kSecAttrAccessibleAfterFirstUnlock
-};
-status = SecItemAdd(bridge_cast(addQuery), NULL);
+
+auto addQuery = adoptNS([[NSMutableDictionary alloc] initWithObjectsAndKeys:
+(id)key.get(), (id)kSecValueRef,
+(id)kSecAttrKeyClassPrivate, (id)kSecAttrKeyClass,
+(id)rp, (id)kSecAttrLabel,
+secAttrApplicatio
[webkit-changes] [289436] trunk/Source/WebKit
Title: [289436] trunk/Source/WebKit
Revision 289436
Author j_pas...@apple.com
Date 2022-02-08 14:43:55 -0800 (Tue, 08 Feb 2022)
Log Message
[WebAuthn] Use AuthenticationServicesAgent for WebAuthn calls on iOS
https://bugs.webkit.org/show_bug.cgi?id=236151
rdar://87908259
Reviewed by Brent Fulgham.
This patch starts using the ASC apis to make WebAuthn calls on iOS the
same way they are made on macOS. Some cleanup work will be needed to
deprecate the WebAuthn process after this change is made.
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::WebAuthenticatorCoordinatorProxy::performRequest): Deleted.
(WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable): Deleted.
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (289435 => 289436)
--- trunk/Source/WebKit/ChangeLog 2022-02-08 22:35:37 UTC (rev 289435)
+++ trunk/Source/WebKit/ChangeLog 2022-02-08 22:43:55 UTC (rev 289436)
@@ -1,3 +1,19 @@
+2022-02-08 J Pascoe
+
+[WebAuthn] Use AuthenticationServicesAgent for WebAuthn calls on iOS
+https://bugs.webkit.org/show_bug.cgi?id=236151
+rdar://87908259
+
+Reviewed by Brent Fulgham.
+
+This patch starts using the ASC apis to make WebAuthn calls on iOS the
+same way they are made on macOS. Some cleanup work will be needed to
+deprecate the WebAuthn process after this change is made.
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::WebAuthenticatorCoordinatorProxy::performRequest): Deleted.
+(WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable): Deleted.
+
2022-02-08 Chris Dumez
http/tests/cache-storage/cache-origins.https.html is flaky
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (289435 => 289436)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-02-08 22:35:37 UTC (rev 289435)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-02-08 22:43:55 UTC (rev 289436)
@@ -309,6 +309,10 @@
{
auto proxy = adoptNS([allocASCAgentProxyInstance() init]);
+#if PLATFORM(IOS)
+[proxy performAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([handler = WTFMove(handler), proxy = WTFMove(proxy)](id credential, NSError *error) mutable {
+callOnMainRunLoop([handler = WTFMove(handler), proxy = WTFMove(proxy), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
+#elif PLATFORM(MAC)
RetainPtr window = m_webPageProxy.platformWindow();
[proxy performAuthorizationRequestsForContext:requestContext.get() withClearanceHandler:makeBlockPtr([weakThis = WeakPtr { *this }, handler = WTFMove(handler), window = WTFMove(window), proxy = WTFMove(proxy)](NSXPCListenerEndpoint *daemonEndpoint, NSError *error) mutable {
callOnMainRunLoop([weakThis, handler = WTFMove(handler), window = WTFMove(window), proxy = WTFMove(proxy), daemonEndpoint = retainPtr(daemonEndpoint), error = retainPtr(error)] () mutable {
@@ -319,7 +323,10 @@
}
weakThis->m_presenter = adoptNS([allocASCAuthorizationRemotePresenterInstance() init]);
-[weakThis->m_presenter presentWithWindow:window.get() daemonEndpoint:daemonEndpoint.get() completionHandler:makeBlockPtr([handler = WTFMove(handler), proxy = WTFMove(proxy)](id credential, NSError *error) mutable {
+[weakThis->m_presenter presentWithWindow:window.get() daemonEndpoint:daemonEndpoint.get() completionHandler:makeBlockPtr([handler = WTFMove(handler), proxy = WTFMove(proxy)](id credentialNotRetain, NSError *errorNotRetain) mutable {
+auto credential = retainPtr(credentialNotRetain);
+auto error = retainPtr(errorNotRetain);
+#endif
AuthenticatorResponseData response = { };
AuthenticatorAttachment attachment;
ExceptionData exceptionData = { };
@@ -328,7 +335,7 @@
attachment = AuthenticatorAttachment::Platform;
response.isAuthenticatorAttestationResponse = true;
-ASCPlatformPublicKeyCredentialRegistration *registrationCredential = credential;
+ASCPlatformPublicKeyCredentialRegistration *registrationCredential = credential.get();
response.rawId = toArrayBuffer(registrationCredential.credentialID);
response.attestationObject = toArrayBuffer(registrationCredential.attestationObject);
} else if ([credential isKindOfClass:getASCSecurityKeyPublicKeyCredentialRegistrationClass()]) {
@@ -335,7 +342,7 @@
attachment = Auth
[webkit-changes] [289096] trunk/Source/WebCore
Title: [289096] trunk/Source/WebCore Revision 289096 Author j_pas...@apple.com Date 2022-02-03 18:09:58 -0800 (Thu, 03 Feb 2022) Log Message [WebAuthn] Remove misspelled constant "LocalAuthenticatiorAccessGroup" https://bugs.webkit.org/show_bug.cgi?id=235894 rdar://88104045 Reviewed by Darin Adler. This change removes a constant with a misspelled variable name after all downstream usage is removed. * Modules/webauthn/WebAuthenticationConstants.h: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h Diff Modified: trunk/Source/WebCore/ChangeLog (289095 => 289096) --- trunk/Source/WebCore/ChangeLog 2022-02-04 01:41:57 UTC (rev 289095) +++ trunk/Source/WebCore/ChangeLog 2022-02-04 02:09:58 UTC (rev 289096) @@ -1,3 +1,16 @@ +2022-02-03 J Pascoe + +[WebAuthn] Remove misspelled constant "LocalAuthenticatiorAccessGroup" +https://bugs.webkit.org/show_bug.cgi?id=235894 +rdar://88104045 + +Reviewed by Darin Adler. + +This change removes a constant with a misspelled variable name after all +downstream usage is removed. + +* Modules/webauthn/WebAuthenticationConstants.h: + 2022-02-03 Michael Saboff WebKit projects have incorrect install name for the frameworks for Catalyst builds with the system content path Modified: trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h (289095 => 289096) --- trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-02-04 01:41:57 UTC (rev 289095) +++ trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-02-04 02:09:58 UTC (rev 289096) @@ -77,9 +77,6 @@ Get }; -// rdar://88104045 - Remove once staged change completed -const char LocalAuthenticatiorAccessGroup[] = "com.apple.webkit.webauthn"; - constexpr const char LocalAuthenticatorAccessGroup[] = "com.apple.webkit.webauthn"; // Credential serialization ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [289059] trunk
Title: [289059] trunk
Revision 289059
Author j_pas...@apple.com
Date 2022-02-03 10:01:45 -0800 (Thu, 03 Feb 2022)
Log Message
[WebAuthn] Allow use of hardware-fixed credentials while using alternate store
https://bugs.webkit.org/show_bug.cgi?id=235923
rdar://88102108
Reviewed by Brent Fulgham.
Source/WebKit:
This patch allows use of credentials created before a user started using
the alternate credential store by searching regardless of status when
querying credentials.
Added API test + tested manually.
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticatorInternal::getExistingCredentials):
(WebKit::LocalAuthenticator::continueGetAssertionAfterUserVerification):
Tools:
Add new test for querying credentials created both before and after enabling
alternative credential store.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::WebCore::addKeyToKeychain):
(TestWebKitAPI::WebCore::cleanUpKeychain):
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (289058 => 289059)
--- trunk/Source/WebKit/ChangeLog 2022-02-03 17:58:13 UTC (rev 289058)
+++ trunk/Source/WebKit/ChangeLog 2022-02-03 18:01:45 UTC (rev 289059)
@@ -1,3 +1,21 @@
+2022-02-03 J Pascoe
+
+[WebAuthn] Allow use of hardware-fixed credentials while using alternate store
+https://bugs.webkit.org/show_bug.cgi?id=235923
+rdar://88102108
+
+Reviewed by Brent Fulgham.
+
+This patch allows use of credentials created before a user started using
+the alternate credential store by searching regardless of status when
+querying credentials.
+
+Added API test + tested manually.
+
+* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+(WebKit::LocalAuthenticatorInternal::getExistingCredentials):
+(WebKit::LocalAuthenticator::continueGetAssertionAfterUserVerification):
+
2022-02-03 Per Arne Vollan
[iOS][WP] Add file-ioctl telemetry
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (289058 => 289059)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-02-03 17:58:13 UTC (rev 289058)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2022-02-03 18:01:45 UTC (rev 289059)
@@ -120,19 +120,18 @@
static std::optional>> getExistingCredentials(const String& rpId)
{
// Search Keychain for existing credential matched the RP ID.
-auto query = adoptNS([[NSMutableDictionary alloc] init]);
-[query setDictionary:@{
+NSDictionary *query = @{
(id)kSecClass: (id)kSecClassKey,
(id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate,
+(id)kSecAttrSynchronizable: (id)kSecAttrSynchronizableAny,
(id)kSecAttrLabel: rpId,
(id)kSecReturnAttributes: @YES,
(id)kSecMatchLimit: (id)kSecMatchLimitAll,
(id)kSecUseDataProtectionKeychain: @YES
-}];
-updateQueryIfNecessary(query.get());
+};
CFTypeRef attributesArrayRef = nullptr;
-OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query.get(), &attributesArrayRef);
+OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, &attributesArrayRef);
if (status && status != errSecItemNotFound)
return std::nullopt;
auto retainAttributesArray = adoptCF(attributesArrayRef);
@@ -599,6 +598,7 @@
NSMutableDictionary *queryDictionary = [@{
(id)kSecClass: (id)kSecClassKey,
(id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate,
+(id)kSecAttrSynchronizable: (id)kSecAttrSynchronizableAny,
(id)kSecAttrApplicationLabel: nsCredentialId.get(),
(id)kSecReturnRef: @YES,
(id)kSecUseDataProtectionKeychain: @YES
@@ -608,7 +608,6 @@
queryDictionary[(id)kSecUseAuthenticationContext] = context;
auto query = adoptNS(queryDictionary);
-updateQueryIfNecessary(query.get());
CFTypeRef privateKeyRef = nullptr;
OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query.get(), &privateKeyRef);
@@ -633,19 +632,18 @@
// Extra step: update the Keychain item with the same value to update its modification date such that LRU can be used
// for selectAssertionResponse
-auto query = adoptNS([[NSMutableDictionary alloc] init]);
-[query setDictionary:@{
+NSDictionary *query = @{
(id)kSecClass: (id)kSecClassKey,
(id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate,
+(id)kSecAttrSynchronizable: (id)kSecAttrSynchronizableAny,
(id)kSecAttrApplicationLabel: nsCredentialId.get(),
(id)kSecUseDataProtectionKeychain: @YES
-}];
-up
[webkit-changes] [288816] trunk
Title: [288816] trunk
Revision 288816
Author j_pas...@apple.com
Date 2022-01-31 08:55:49 -0800 (Mon, 31 Jan 2022)
Log Message
[WebAuthn] Provide SPI to export/import local credentials
https://bugs.webkit.org/show_bug.cgi?id=234112
rdar://84822000
Reviewed by Brent Fulgham.
Source/WebCore:
This change adds SPI to _WKWebAuthenticationPanel to provide the ability
to import / export local credentials. Constants are used during serialization
as keys.
* Modules/webauthn/WebAuthenticationConstants.h: constants for credential serialization
Source/WebKit:
Covered by new API tests.
This patch adds new SPI to _WKWebAuthenticationPanel.h to import and export local
webauthn credentials. CBOR is used for serialization. WKErrors are used to differentiate
between malformed vs duplicate keys during import.
* UIProcess/API/Cocoa/WKError.h:
* UIProcess/API/Cocoa/WKError.mm:
(localizedDescriptionForErrorCode):
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(+[_WKWebAuthenticationPanel importLocalAuthenticatorCredential:error:]):
(+[_WKWebAuthenticationPanel exportLocalAuthenticatorCredentialWithID:error:]):
Tools:
Add tests for SPI to import / export local webauthn credentials.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST): New tests for import/export
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/WKError.h
trunk/Source/WebKit/UIProcess/API/Cocoa/WKError.mm
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalConnection.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebCore/ChangeLog (288815 => 288816)
--- trunk/Source/WebCore/ChangeLog 2022-01-31 16:05:31 UTC (rev 288815)
+++ trunk/Source/WebCore/ChangeLog 2022-01-31 16:55:49 UTC (rev 288816)
@@ -1,3 +1,17 @@
+2022-01-31 J Pascoe
+
+[WebAuthn] Provide SPI to export/import local credentials
+https://bugs.webkit.org/show_bug.cgi?id=234112
+rdar://84822000
+
+Reviewed by Brent Fulgham.
+
+This change adds SPI to _WKWebAuthenticationPanel to provide the ability
+to import / export local credentials. Constants are used during serialization
+as keys.
+
+* Modules/webauthn/WebAuthenticationConstants.h: constants for credential serialization
+
2022-01-31 Antti Koivisto
[CSS Container Queries] Check for query containers when matching rules
Modified: trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h (288815 => 288816)
--- trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-01-31 16:05:31 UTC (rev 288815)
+++ trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h 2022-01-31 16:55:49 UTC (rev 288816)
@@ -77,8 +77,18 @@
Get
};
+// rdar://88104045 - Remove once staged change completed
const char LocalAuthenticatiorAccessGroup[] = "com.apple.webkit.webauthn";
+constexpr const char LocalAuthenticatorAccessGroup[] = "com.apple.webkit.webauthn";
+
+// Credential serialization
+constexpr const char privateKeyKey[] = "priv";
+constexpr const char keyTypeKey[] = "key_type";
+constexpr const char keySizeKey[] = "key_size";
+constexpr const char relyingPartyKey[] = "rp";
+constexpr const char applicationTagKey[] = "tag";
+
} // namespace WebCore
namespace WebAuthn {
Modified: trunk/Source/WebKit/ChangeLog (288815 => 288816)
--- trunk/Source/WebKit/ChangeLog 2022-01-31 16:05:31 UTC (rev 288815)
+++ trunk/Source/WebKit/ChangeLog 2022-01-31 16:55:49 UTC (rev 288816)
@@ -1,3 +1,25 @@
+2022-01-31 J Pascoe
+
+[WebAuthn] Provide SPI to export/import local credentials
+https://bugs.webkit.org/show_bug.cgi?id=234112
+rdar://84822000
+
+Reviewed by Brent Fulgham.
+
+Covered by new API tests.
+
+This patch adds new SPI to _WKWebAuthenticationPanel.h to import and export local
+webauthn credentials. CBOR is used for serialization. WKErrors are used to differentiate
+between malformed vs duplicate keys during import.
+
+* UIProcess/API/Cocoa/WKError.h:
+* UIProcess/API/Cocoa/WKError.mm:
+(localizedDescriptionForErrorCode):
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(+[_WKWebAuthenticationPanel importLocalAuthenticatorCredential:error:]):
+(+[_WKWebAuthenticationPanel exportLocalAuthenticatorCredentialWithID:error:]):
+
2022-01-31 Alexander Mikhaylenko
REGRESSION(r288644): [GTK4] Criticals when using pinch zoom
Mod
[webkit-changes] [288652] trunk/Source/WebKit
Title: [288652] trunk/Source/WebKit
Revision 288652
Author j_pas...@apple.com
Date 2022-01-26 16:03:15 -0800 (Wed, 26 Jan 2022)
Log Message
[WebAuthn] We should pass extensions to ASC if possible
https://bugs.webkit.org/show_bug.cgi?id=235533
rdar://87169406
Reviewed by Brent Fulgham.
This patch starts passing WebAuthn extensions to ASC if possible,
in order to support the googleLegacyAppidSupport extension, which
is required to register security keys on google.com. It also starts
passing the attestationPreference option, which was not being passed before.
Tested manually. Previous version of patch contained
TestWebKitAPI.WebAuthenticationPanel.PublicKeyCredentialRequestOptionsASC
and TestWebKitAPI.WebAuthenticationPanel.PublicKeyCredentialCreationOptionsASC,
but were removed due to difficulty softlinking from tests.
* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
* UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(authenticationExtensionsClientInputs):
* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h:
* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm:
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
(WebKit::toNSString):
(WebKit::toASCExtensions):
(WebKit::configureRegistrationRequestContext):
(WebKit::configurationAssertionRequestContext):
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
* WebKit.xcodeproj/project.pbxproj:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h
Diff
Modified: trunk/Source/WebKit/ChangeLog (288651 => 288652)
--- trunk/Source/WebKit/ChangeLog 2022-01-26 23:56:19 UTC (rev 288651)
+++ trunk/Source/WebKit/ChangeLog 2022-01-27 00:03:15 UTC (rev 288652)
@@ -1,3 +1,35 @@
+2022-01-26 J Pascoe
+
+[WebAuthn] We should pass extensions to ASC if possible
+https://bugs.webkit.org/show_bug.cgi?id=235533
+rdar://87169406
+
+Reviewed by Brent Fulgham.
+
+This patch starts passing WebAuthn extensions to ASC if possible,
+in order to support the googleLegacyAppidSupport extension, which
+is required to register security keys on google.com. It also starts
+passing the attestationPreference option, which was not being passed before.
+
+Tested manually. Previous version of patch contained
+TestWebKitAPI.WebAuthenticationPanel.PublicKeyCredentialRequestOptionsASC
+and TestWebKitAPI.WebAuthenticationPanel.PublicKeyCredentialCreationOptionsASC,
+but were removed due to difficulty softlinking from tests.
+
+* Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
+* UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(authenticationExtensionsClientInputs):
+* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h:
+* UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm:
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+(WebKit::toNSString):
+(WebKit::toASCExtensions):
+(WebKit::configureRegistrationRequestContext):
+(WebKit::configurationAssertionRequestContext):
+* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
+* WebKit.xcodeproj/project.pbxproj:
+
2022-01-26 Alexander Mikhaylenko
[GTK3] Pinch zooming from a link activates it
Modified: trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h (288651 => 288652)
--- trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-01-26 23:56:19 UTC (rev 288651)
+++ trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-01-27 00:03:15 UTC (rev 288652)
@@ -133,6 +133,17 @@
@end
+@class ASCWebAuthenticationExtensionsClientInputs;
+
+@interface ASCWebAuthenticationExtensionsClientInputs : NSObject
+
+- (instancetype)initWithAppID:(NSString * _Nullable)appID isGoogleLegacyAppIDSupport:(BOOL)isGoogleLegacyAppIDSupport NS_DESIGNATED_INITIALIZER;
+
+@property (nonatomic, nullable, copy) NSString *appID;
+@property (nonatomic) BOOL isGoogleLegacyAppIDSupport;
+
+@end
+
@class ASCPublicKeyCredentialDescriptor;
typedef NS_ENUM(NSUInteger, ASCPublicKeyCredentialKind) {
@@ -152,6 +163,7 @@
// If clientDataHash is n
[webkit-changes] [288622] trunk
Title: [288622] trunk
Revision 288622
Author j_pas...@apple.com
Date 2022-01-26 08:59:14 -0800 (Wed, 26 Jan 2022)
Log Message
[WebAuthn] Add authenticator attachment used during authentication to credential payload
https://bugs.webkit.org/show_bug.cgi?id=235621
rdar://86538235
Reviewed by Dean Jackson.
Source/WebCore:
This patch adds the authenticator attachment used to the credential response in get/create
webauthn calls as described in the merged PR to the spec: https://github.com/w3c/webauthn/pull/1668/files
Modified layout tests to check for authenticator attachment = (cross-platform/platform) where appropriate
and verified response in manual calls.
* Modules/webauthn/PublicKeyCredential.cpp:
(WebCore::PublicKeyCredential::authenticatorAttachment const):
* Modules/webauthn/PublicKeyCredential.h:
* Modules/webauthn/PublicKeyCredential.idl:
LayoutTests:
Modify webauthn layout tests to check for new authenticatorAttachment field.
* http/wpt/webauthn/public-key-credential-get-success-local.https.html:
* http/wpt/webauthn/resources/util.js:
Modified Paths
trunk/LayoutTests/ChangeLog
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-get-success-local.https.html
trunk/LayoutTests/http/wpt/webauthn/resources/util.js
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp
trunk/Source/WebCore/Modules/webauthn/PublicKeyCredential.h
trunk/Source/WebCore/Modules/webauthn/PublicKeyCredential.idl
Diff
Modified: trunk/LayoutTests/ChangeLog (288621 => 288622)
--- trunk/LayoutTests/ChangeLog 2022-01-26 16:49:09 UTC (rev 288621)
+++ trunk/LayoutTests/ChangeLog 2022-01-26 16:59:14 UTC (rev 288622)
@@ -1,3 +1,15 @@
+2022-01-26 J Pascoe
+
+[WebAuthn] Add authenticator attachment used during authentication to credential payload
+https://bugs.webkit.org/show_bug.cgi?id=235621
+rdar://86538235
+
+Reviewed by Dean Jackson.
+
+Modify webauthn layout tests to check for new authenticatorAttachment field.
+* http/wpt/webauthn/public-key-credential-get-success-local.https.html:
+* http/wpt/webauthn/resources/util.js:
+
2022-01-26 Wenson Hsieh
Data detectors sometimes show up in the wrong place when resizing images with Live Text
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-get-success-local.https.html (288621 => 288622)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-get-success-local.https.html 2022-01-26 16:49:09 UTC (rev 288621)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-get-success-local.https.html 2022-01-26 16:59:14 UTC (rev 288622)
@@ -16,6 +16,7 @@
assert_equals(bytesToASCIIString(credential.response.clientDataJSON), '{"type":"webauthn.get","challenge":"MTIzNDU2","origin":"https://localhost:9443"}');
assert_array_equals(new Uint8Array(credential.response.userHandle), Base64URL.parse(testUserhandleBase64));
assert_not_own_property(credential.getClientExtensionResults(), "appid");
+assert_equals(credential.authenticatorAttachment, 'platform');
// Check authData
const authData = decodeAuthData(new Uint8Array(credential.response.authenticatorData));
Modified: trunk/LayoutTests/http/wpt/webauthn/resources/util.js (288621 => 288622)
--- trunk/LayoutTests/http/wpt/webauthn/resources/util.js 2022-01-26 16:49:09 UTC (rev 288621)
+++ trunk/LayoutTests/http/wpt/webauthn/resources/util.js 2022-01-26 16:59:14 UTC (rev 288622)
@@ -425,6 +425,7 @@
// Check respond
assert_array_equals(Base64URL.parse(credential.id), Base64URL.parse(testHidCredentialIdBase64));
assert_equals(credential.type, 'public-key');
+assert_equals(credential.authenticatorAttachment, 'cross-platform')
assert_array_equals(new Uint8Array(credential.rawId), Base64URL.parse(testHidCredentialIdBase64));
assert_equals(bytesToASCIIString(credential.response.clientDataJSON), '{"type":"webauthn.get","challenge":"MTIzNDU2","origin":"https://localhost:9443"}');
if (userHandleBase64 == null)
Modified: trunk/Source/WebCore/ChangeLog (288621 => 288622)
--- trunk/Source/WebCore/ChangeLog 2022-01-26 16:49:09 UTC (rev 288621)
+++ trunk/Source/WebCore/ChangeLog 2022-01-26 16:59:14 UTC (rev 288622)
@@ -1,3 +1,22 @@
+2022-01-26 J Pascoe
+
+[WebAuthn] Add authenticator attachment used during authentication to credential payload
+https://bugs.webkit.org/show_bug.cgi?id=235621
+rdar://86538235
+
+Reviewed by Dean Jackson.
+
+This patch adds the authenticator attachment used to the credential response in get/create
+webauthn calls as described in the merged PR to the spec: https://github.com/w3c/webauthn/pull/1668/files
+
+Modified layout tests to check for authenticator attachment = (cross-platform/platform) where appropriate
+and verified response in manual calls.
+
+* Modules/webauthn/PublicKeyCredential.cpp:
+
[webkit-changes] [288333] trunk/Source/WebKit
Title: [288333] trunk/Source/WebKit
Revision 288333
Author j_pas...@apple.com
Date 2022-01-20 16:34:40 -0800 (Thu, 20 Jan 2022)
Log Message
[WebAuthn] Support all valid FIDO NFC tag types
https://bugs.webkit.org/show_bug.cgi?id=234616
rdar://85871173
Reviewed by Darin Adler.
This patch modifies a check when looking for FIDO nfc tags
to support all valid FIDO tag types.
Tested using physical NFC tags provided for this bug.
* Platform/spi/Cocoa/NearFieldSPI.h:
* UIProcess/WebAuthentication/Cocoa/NfcConnection.mm:
(WebKit::NfcConnection::didDetectTags):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/spi/Cocoa/NearFieldSPI.h
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/NfcConnection.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (288332 => 288333)
--- trunk/Source/WebKit/ChangeLog 2022-01-21 00:17:44 UTC (rev 288332)
+++ trunk/Source/WebKit/ChangeLog 2022-01-21 00:34:40 UTC (rev 288333)
@@ -1,3 +1,20 @@
+2022-01-20 J Pascoe
+
+[WebAuthn] Support all valid FIDO NFC tag types
+https://bugs.webkit.org/show_bug.cgi?id=234616
+rdar://85871173
+
+Reviewed by Darin Adler.
+
+This patch modifies a check when looking for FIDO nfc tags
+to support all valid FIDO tag types.
+
+Tested using physical NFC tags provided for this bug.
+
+* Platform/spi/Cocoa/NearFieldSPI.h:
+* UIProcess/WebAuthentication/Cocoa/NfcConnection.mm:
+(WebKit::NfcConnection::didDetectTags):
+
2022-01-20 Kimmo Kinnunen
Implement WebGL GPU buffer texture upload path for Cocoa getUserMedia camera streams
Modified: trunk/Source/WebKit/Platform/spi/Cocoa/NearFieldSPI.h (288332 => 288333)
--- trunk/Source/WebKit/Platform/spi/Cocoa/NearFieldSPI.h 2022-01-21 00:17:44 UTC (rev 288332)
+++ trunk/Source/WebKit/Platform/spi/Cocoa/NearFieldSPI.h 2022-01-21 00:34:40 UTC (rev 288333)
@@ -36,8 +36,10 @@
};
typedef NS_ENUM(uint32_t, NFTagType) {
-NFTagTypeUnknown= 0,
-NFTagTypeGeneric4A = 3,
+NFTagTypeUnknown= 0,
+NFTagTypeGeneric4A = 3,
+NFTagTypeGeneric4B = 6,
+NFTagTypeMiFareDESFire = 16,
};
typedef NS_OPTIONS(uint32_t, NFTechnology) {
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/NfcConnection.mm (288332 => 288333)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/NfcConnection.mm 2022-01-21 00:17:44 UTC (rev 288332)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/NfcConnection.mm 2022-01-21 00:34:40 UTC (rev 288333)
@@ -119,10 +119,10 @@
return;
}
-// FIXME(203234): Tell users to switch to a different tag if the tag is not of type NFTagTypeGeneric4A
-// or can't speak U2F/FIDO2.
+// FIXME(203234): Tell users to switch to a different tag if the tag is not supported or can't speak U2F/FIDO2.
for (NFTag *tag : tags) {
-if (tag.type != NFTagTypeGeneric4A || ![m_session connectTag:tag])
+// FIDO tag is ISO-DEP which can be Tag4A, Tag4B, and DESFIRE (Tag4A).
+if ((tag.type != NFTagTypeGeneric4A && tag.type != NFTagTypeGeneric4B && tag.type != NFTagTypeMiFareDESFire) || ![m_session connectTag:tag])
continue;
if (!trySelectFidoApplet(m_session.get())) {
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [288010] trunk
Title: [288010] trunk
Revision 288010
Author j_pas...@apple.com
Date 2022-01-14 00:02:17 -0800 (Fri, 14 Jan 2022)
Log Message
Expose way to encode CTAP commands with only the hash of ClientDataJSON
https://bugs.webkit.org/show_bug.cgi?id=235191
Reviewed by Brent Fulgham.
Source/WebKit:
CTAP command encoding covered by existing tests (see CtapRequestTest) and the SPI
in new API tests.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(+[_WKWebAuthenticationPanel encodeMakeCredentialCommandWithClientDataHash:options:userVerificationAvailability:]):
(+[_WKWebAuthenticationPanel encodeGetAssertionCommandWithClientDataHash:options:userVerificationAvailability:]):
Tools:
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Tests for new SPIs.
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (288009 => 288010)
--- trunk/Source/WebKit/ChangeLog 2022-01-14 07:51:35 UTC (rev 288009)
+++ trunk/Source/WebKit/ChangeLog 2022-01-14 08:02:17 UTC (rev 288010)
@@ -1,3 +1,19 @@
+2022-01-14 J Pascoe
+
+Expose way to encode CTAP commands with only the hash of ClientDataJSON
+https://bugs.webkit.org/show_bug.cgi?id=235191
+
+
+Reviewed by Brent Fulgham.
+
+CTAP command encoding covered by existing tests (see CtapRequestTest) and the SPI
+in new API tests.
+
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(+[_WKWebAuthenticationPanel encodeMakeCredentialCommandWithClientDataHash:options:userVerificationAvailability:]):
+(+[_WKWebAuthenticationPanel encodeGetAssertionCommandWithClientDataHash:options:userVerificationAvailability:]):
+
2022-01-13 Elliott Williams
[XCBuild] Add "product dependencies" which influence workspace build order
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (288009 => 288010)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-01-14 07:51:35 UTC (rev 288009)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2022-01-14 08:02:17 UTC (rev 288010)
@@ -123,6 +123,9 @@
+ (NSData *)encodeMakeCredentialCommandWithClientDataJSON:(NSData *)clientDataJSON options:(_WKPublicKeyCredentialCreationOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+ (NSData *)encodeGetAssertionCommandWithClientDataJSON:(NSData *)clientDataJSON options:(_WKPublicKeyCredentialRequestOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (NSData *)encodeMakeCredentialCommandWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialCreationOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (NSData *)encodeGetAssertionCommandWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialRequestOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+
- (instancetype)init;
// FIXME: Adds detailed NSError.
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (288009 => 288010)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-01-14 07:51:35 UTC (rev 288009)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-01-14 08:02:17 UTC (rev 288010)
@@ -711,6 +711,29 @@
return encodedCommand.autorelease();
}
+
++ (NSData *)encodeMakeCredentialCommandWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialCreationOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability
+{
+RetainPtr encodedCommand;
+#if ENABLE(WEB_AUTHN)
+auto encodedVector = fido::encodeMakeCredenitalRequestAsCBOR(vectorFromNSData(clientDataHash), [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], coreUserVerificationAvailability(userVerificationAvailability), std::nullopt);
+encodedCommand = adoptNS([[NSData alloc] initWithBytes:encodedVector.data() length:encodedVector.size()]);
+#endif
+
+return encodedCommand.autorelease();
+}
+
++ (NSData *)encodeGetAssertionCommandWithClientDataHash:(NSData *)clientDataHash optio
[webkit-changes] [287957] trunk
Title: [287957] trunk
Revision 287957
Author j_pas...@apple.com
Date 2022-01-12 15:45:51 -0800 (Wed, 12 Jan 2022)
Log Message
[WebAuthn] Fix freebie call without user gesture not being given
https://bugs.webkit.org/show_bug.cgi?id=235078
rdar://87327557
Reviewed by Brent Fulgham.
Source/WebKit:
This logic was previously always requiring a user gesture. The desired
behavior of giving pages a single "freebie" webauthn call without gesture
was lost in a refactor.
Tested manually on iOS device with webauthn.me.
* WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
(WebKit::WebAuthenticatorCoordinator::processingUserGesture):
Tools:
Updated API test to reflect user gesture freebie.
* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html
Diff
Modified: trunk/Source/WebKit/ChangeLog (287956 => 287957)
--- trunk/Source/WebKit/ChangeLog 2022-01-12 23:36:57 UTC (rev 287956)
+++ trunk/Source/WebKit/ChangeLog 2022-01-12 23:45:51 UTC (rev 287957)
@@ -1,3 +1,20 @@
+2022-01-12 J Pascoe
+
+[WebAuthn] Fix freebie call without user gesture not being given
+https://bugs.webkit.org/show_bug.cgi?id=235078
+rdar://87327557
+
+Reviewed by Brent Fulgham.
+
+This logic was previously always requiring a user gesture. The desired
+behavior of giving pages a single "freebie" webauthn call without gesture
+was lost in a refactor.
+
+Tested manually on iOS device with webauthn.me.
+
+* WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
+(WebKit::WebAuthenticatorCoordinator::processingUserGesture):
+
2022-01-12 Brandon Stewart
[macOS] Add required system call
Modified: trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp (287956 => 287957)
--- trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2022-01-12 23:36:57 UTC (rev 287956)
+++ trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2022-01-12 23:45:51 UTC (rev 287957)
@@ -126,13 +126,15 @@
bool WebAuthenticatorCoordinator::processingUserGesture(const Frame& frame, const FrameIdentifier& frameID)
{
auto processingUserGesture = UserGestureIndicator::processingUserGestureForMedia();
-if (!processingUserGesture && m_requireUserGesture)
+bool processingUserGestureOrFreebie = processingUserGesture || !m_requireUserGesture;
+if (!processingUserGestureOrFreebie)
m_webPage.addConsoleMessage(frameID, MessageSource::Other, MessageLevel::Warning, "User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events."_s);
+
if (processingUserGesture && m_requireUserGesture)
m_requireUserGesture = false;
-else
+else if (!processingUserGesture)
m_requireUserGesture = true;
-return processingUserGesture || !m_requireUserGesture;
+return processingUserGestureOrFreebie;
}
} // namespace WebKit
Modified: trunk/Tools/ChangeLog (287956 => 287957)
--- trunk/Tools/ChangeLog 2022-01-12 23:36:57 UTC (rev 287956)
+++ trunk/Tools/ChangeLog 2022-01-12 23:45:51 UTC (rev 287957)
@@ -1,3 +1,15 @@
+2022-01-12 J Pascoe
+
+[WebAuthn] Fix freebie call without user gesture not being given
+https://bugs.webkit.org/show_bug.cgi?id=235078
+rdar://87327557
+
+Reviewed by Brent Fulgham.
+
+Updated API test to reflect user gesture freebie.
+
+* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html:
+
2022-01-12 Elliott Williams
[Xcode] Configure each project for the legacy build system
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html (287956 => 287957)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html 2022-01-12 23:36:57 UTC (rev 287956)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html 2022-01-12 23:45:51 UTC (rev 287957)
@@ -20,10 +20,14 @@
};
navigator.credentials.create(options).then(credential => {
-// console.log("Succeeded!");
window.webkit.messageHandlers.testHandler.postMessage("Succeeded!");
}, error => {
-// console.log(error.message);
+// The first call will consume the freebie, the second will give the no user gesture error.
+navigator.credentials.create(options).then(credential => {
+window.webkit.messageHandlers.testHandler.postMessage("Succeeded!");
+}, error => {
+window.webkit.messageHandlers.testHandler.postMessage(erro
[webkit-changes] [287360] trunk
Title: [287360] trunk
Revision 287360
Author j_pas...@apple.com
Date 2021-12-22 09:59:28 -0800 (Wed, 22 Dec 2021)
Log Message
[WebAuthn] Set Web Authentication experimental feature flag as default true
https://bugs.webkit.org/show_bug.cgi?id=234533
Reviewed by Brent Fulgham.
Source/WTF:
The Web Authentication feature has been shipping for a while. Default value
for experimental feature flag should be true.
* Scripts/Preferences/WebPreferencesExperimental.yaml:
Tools:
The Web Authentication feature has been shipping for a while. Default value for
experimental feature flag should be true.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
(TestWebKitAPI::WebCore::webAuthenticationExperimentalFeature): Deleted.
Modified Paths
trunk/Source/WTF/ChangeLog
trunk/Source/WTF/Scripts/Preferences/WebPreferencesExperimental.yaml
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WTF/ChangeLog (287359 => 287360)
--- trunk/Source/WTF/ChangeLog 2021-12-22 17:41:42 UTC (rev 287359)
+++ trunk/Source/WTF/ChangeLog 2021-12-22 17:59:28 UTC (rev 287360)
@@ -1,3 +1,16 @@
+2021-12-22 J Pascoe
+
+[WebAuthn] Set Web Authentication experimental feature flag as default true
+https://bugs.webkit.org/show_bug.cgi?id=234533
+
+
+Reviewed by Brent Fulgham.
+
+The Web Authentication feature has been shipping for a while. Default value
+for experimental feature flag should be true.
+
+* Scripts/Preferences/WebPreferencesExperimental.yaml:
+
2021-12-21 Brady Eidson
Make Notification identifiers be a UUID string instead of a uint64_t
Modified: trunk/Source/WTF/Scripts/Preferences/WebPreferencesExperimental.yaml (287359 => 287360)
--- trunk/Source/WTF/Scripts/Preferences/WebPreferencesExperimental.yaml 2021-12-22 17:41:42 UTC (rev 287359)
+++ trunk/Source/WTF/Scripts/Preferences/WebPreferencesExperimental.yaml 2021-12-22 17:59:28 UTC (rev 287360)
@@ -1555,9 +1555,9 @@
WebKitLegacy:
default: false
WebKit:
- default: false
+ default: true
WebCore:
- default: false
+ default: true
# FIXME: Is this implemented for WebKitLegacy? If not, this should be excluded from WebKitLegacy entirely.
WebAuthenticationModernEnabled:
Modified: trunk/Tools/ChangeLog (287359 => 287360)
--- trunk/Tools/ChangeLog 2021-12-22 17:41:42 UTC (rev 287359)
+++ trunk/Tools/ChangeLog 2021-12-22 17:59:28 UTC (rev 287360)
@@ -1,3 +1,18 @@
+2021-12-22 J Pascoe
+
+[WebAuthn] Set Web Authentication experimental feature flag as default true
+https://bugs.webkit.org/show_bug.cgi?id=234533
+
+
+Reviewed by Brent Fulgham.
+
+The Web Authentication feature has been shipping for a while. Default value for
+experimental feature flag should be true.
+
+* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+(TestWebKitAPI::TEST):
+(TestWebKitAPI::WebCore::webAuthenticationExperimentalFeature): Deleted.
+
2021-12-22 Alex Christensen
Re-enable PrivateClickMeasurement.EphemeralWithAttributedBundleIdentifier API test
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (287359 => 287360)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-22 17:41:42 UTC (rev 287359)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-22 17:59:28 UTC (rev 287360)
@@ -297,22 +297,6 @@
""
"";
-static _WKExperimentalFeature *webAuthenticationExperimentalFeature()
-{
-static RetainPtr<_WKExperimentalFeature> theFeature;
-if (theFeature)
-return theFeature.get();
-
-NSArray *features = [WKPreferences _experimentalFeatures];
-for (_WKExperimentalFeature *feature in features) {
-if ([feature.key isEqual:@"WebAuthenticationEnabled"]) {
-theFeature = feature;
-break;
-}
-}
-return theFeature.get();
-}
-
static _WKExperimentalFeature *webAuthenticationModernExperimentalFeature()
{
static RetainPtr<_WKExperimentalFeature> theFeature;
@@ -430,7 +414,6 @@
RetainPtr testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-nfc" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
-[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
[webView focus];
@@ -445,7 +428,6 @@
RetainPtr testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-hid" withExtension:@"html" subdirectory:@"TestWebKitAPI.reso
[webkit-changes] [287315] trunk
Title: [287315] trunk
Revision 287315
Author j_pas...@apple.com
Date 2021-12-21 08:09:07 -0800 (Tue, 21 Dec 2021)
Log Message
[WebAuthn] Authenticator is not falling back to clientPIN after internal verification fails and is blocked.
https://bugs.webkit.org/show_bug.cgi?id=232501
Reviewed by Darin Adler.
Whenever internal uv gets blocked, the user agent should fall back to using a pin for user verification. This
Source/WebKit:
patch starts doing that by going into the pin flow whenever the authenticator returns the pin required error
code.
Added API test for fallback.
* UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
(WebKit::CtapAuthenticator::makeCredential):
(WebKit::CtapAuthenticator::getAssertion):
(WebKit::CtapAuthenticator::tryRestartPin):
Tools:
adds an API test to verify this behavior.
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Added Paths
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-hid-internal-uv-pin-fallback.html
Diff
Modified: trunk/Source/WebKit/ChangeLog (287314 => 287315)
--- trunk/Source/WebKit/ChangeLog 2021-12-21 16:01:13 UTC (rev 287314)
+++ trunk/Source/WebKit/ChangeLog 2021-12-21 16:09:07 UTC (rev 287315)
@@ -1,3 +1,22 @@
+2021-12-21 J Pascoe
+
+[WebAuthn] Authenticator is not falling back to clientPIN after internal verification fails and is blocked.
+https://bugs.webkit.org/show_bug.cgi?id=232501
+
+
+Reviewed by Darin Adler.
+
+Whenever internal uv gets blocked, the user agent should fall back to using a pin for user verification. This
+patch starts doing that by going into the pin flow whenever the authenticator returns the pin required error
+code.
+
+Added API test for fallback.
+
+* UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
+(WebKit::CtapAuthenticator::makeCredential):
+(WebKit::CtapAuthenticator::getAssertion):
+(WebKit::CtapAuthenticator::tryRestartPin):
+
2021-12-21 Kimmo Kinnunen
IPC streams should not accept 0-length stream buffers
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp (287314 => 287315)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2021-12-21 16:01:13 UTC (rev 287314)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2021-12-21 16:09:07 UTC (rev 287315)
@@ -73,6 +73,7 @@
case CtapDeviceResponseCode::kCtap2ErrPinAuthBlocked:
case CtapDeviceResponseCode::kCtap2ErrPinInvalid:
case CtapDeviceResponseCode::kCtap2ErrPinBlocked:
+case CtapDeviceResponseCode::kCtap2ErrPinRequired:
return true;
default:
return false;
@@ -96,7 +97,7 @@
auto& options = std::get(requestData().options);
auto internalUVAvailability = m_info.options().userVerificationAvailability();
// If UV is required, then either built-in uv or a pin will work.
-if (internalUVAvailability == UVAvailability::kSupportedAndConfigured && (!options.authenticatorSelection || options.authenticatorSelection->userVerification != UserVerificationRequirement::Discouraged))
+if (internalUVAvailability == UVAvailability::kSupportedAndConfigured && (!options.authenticatorSelection || options.authenticatorSelection->userVerification != UserVerificationRequirement::Discouraged) && m_pinAuth.isEmpty())
cborCmd = encodeMakeCredenitalRequestAsCBOR(requestData().hash, options, internalUVAvailability);
else if (m_info.options().clientPinAvailability() == AuthenticatorSupportedOptions::ClientPinAvailability::kSupportedAndPinSet)
cborCmd = encodeMakeCredenitalRequestAsCBOR(requestData().hash, options, internalUVAvailability, PinParameters { pin::kProtocolVersion, m_pinAuth });
@@ -141,7 +142,7 @@
auto& options = std::get(requestData().options);
auto internalUVAvailability = m_info.options().userVerificationAvailability();
// If UV is required, then either built-in uv or a pin will work.
-if (internalUVAvailability == UVAvailability::kSupportedAndConfigured && options.userVerification != UserVerificationRequirement::Discouraged)
+if (internalUVAvailability == UVAvailability::kSupportedAndConfigured && options.userVerification != UserVerificationRequirement::Discouraged && m_pinAuth.isEmpty())
cborCmd = encodeGetAssertionRequestAsCBOR(requestData().hash, options, internalUVAvailability);
else if (m_info.options().clientPinAvailability() == AuthenticatorSupportedOptions::ClientPinAvailability::kSupportedAndPinSet && options.userVerification
[webkit-changes] [287278] trunk/Tools
Title: [287278] trunk/Tools
Revision 287278
Author j_pas...@apple.com
Date 2021-12-20 14:11:53 -0800 (Mon, 20 Dec 2021)
Log Message
[WebAuthn] Add option to change requestWebAuthenticationNoGesture delegate for api tests.
https://bugs.webkit.org/show_bug.cgi?id=23
rdar://86644642
Reviewed by Brent Fulgham.
These test a lack of user gesture in local authenticator. Recently we made a change to
change user gesture behavior, causing these tests to call out to an agent that cannot be called
from TWAPI. To restore test behavior, we add an option to change the return value of the
requestWebAuthenticationNoGesture delegate in tests.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(-[TestWebAuthenticationPanelUIDelegate _webView:requestWebAuthenticationNoGestureForOrigin:completionHandler:]):
(TestWebKitAPI::WebCore::reset):
(TestWebKitAPI::TEST):
Modified Paths
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Tools/ChangeLog (287277 => 287278)
--- trunk/Tools/ChangeLog 2021-12-20 22:09:35 UTC (rev 287277)
+++ trunk/Tools/ChangeLog 2021-12-20 22:11:53 UTC (rev 287278)
@@ -1,5 +1,23 @@
2021-12-20 J Pascoe
+[WebAuthn] Add option to change requestWebAuthenticationNoGesture delegate for api tests.
+https://bugs.webkit.org/show_bug.cgi?id=23
+rdar://86644642
+
+Reviewed by Brent Fulgham.
+
+These test a lack of user gesture in local authenticator. Recently we made a change to
+change user gesture behavior, causing these tests to call out to an agent that cannot be called
+from TWAPI. To restore test behavior, we add an option to change the return value of the
+requestWebAuthenticationNoGesture delegate in tests.
+
+* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+(-[TestWebAuthenticationPanelUIDelegate _webView:requestWebAuthenticationNoGestureForOrigin:completionHandler:]):
+(TestWebKitAPI::WebCore::reset):
+(TestWebKitAPI::TEST):
+
+2021-12-20 J Pascoe
+
[WebAuthn] Only run WebAuthn test process on platform it is used
https://bugs.webkit.org/show_bug.cgi?id=234445
rdar://86646638
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (287277 => 287278)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-20 22:09:35 UTC (rev 287277)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-20 22:11:53 UTC (rev 287278)
@@ -72,6 +72,7 @@
static bool webAuthenticationPanelUpdateLAExcludeCredentialsMatched = false;
static bool webAuthenticationPanelUpdateLANoCredential = false;
static bool webAuthenticationPanelCancelImmediately = false;
+static bool webAuthenticationPanelRequestNoGesture = true;
static _WKLocalAuthenticatorPolicy localAuthenticatorPolicy = _WKLocalAuthenticatorPolicyDisallow;
static String webAuthenticationPanelPin;
static BOOL webAuthenticationPanelNullUserHandle = NO;
@@ -233,7 +234,7 @@
- (void)_webView:(WKWebView *)webView requestWebAuthenticationNoGestureForOrigin:(WKSecurityOrigin *)orgin completionHandler:(void (^)(BOOL))completionHandler
{
-completionHandler(true);
+completionHandler(webAuthenticationPanelRequestNoGesture);
}
- (void)_webView:(WKWebView *)webView runWebAuthenticationPanel:(_WKWebAuthenticationPanel *)panel initiatedByFrame:(WKFrameInfo *)frame completionHandler:(void (^)(_WKWebAuthenticationPanelResult))completionHandler
@@ -342,6 +343,7 @@
webAuthenticationPanelUpdateLAExcludeCredentialsMatched = false;
webAuthenticationPanelUpdateLANoCredential = false;
webAuthenticationPanelCancelImmediately = false;
+webAuthenticationPanelRequestNoGesture = true;
webAuthenticationPanelPin = emptyString();
webAuthenticationPanelNullUserHandle = NO;
localAuthenticatorPolicy = _WKLocalAuthenticatorPolicyDisallow;
@@ -1493,6 +1495,7 @@
TEST(WebAuthenticationPanel, LAMakeCredentialNoMockNoUserGesture)
{
reset();
+webAuthenticationPanelRequestNoGesture = false;
RetainPtr testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
@@ -1562,6 +1565,7 @@
TEST(WebAuthenticationPanel, LAGetAssertionNoMockNoUserGesture)
{
reset();
+webAuthenticationPanelRequestNoGesture = false;
RetainPtr testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
___
[webkit-changes] [287277] trunk/Tools
Title: [287277] trunk/Tools
Revision 287277
Author j_pas...@apple.com
Date 2021-12-20 14:09:35 -0800 (Mon, 20 Dec 2021)
Log Message
[WebAuthn] Only run WebAuthn test process on platform it is used
https://bugs.webkit.org/show_bug.cgi?id=234445
rdar://86646638
Reviewed by Brent Fulgham.
Add PLATFORM(IOS) macro around webauthn process test.
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
Modified Paths
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Tools/ChangeLog (287276 => 287277)
--- trunk/Tools/ChangeLog 2021-12-20 22:04:20 UTC (rev 287276)
+++ trunk/Tools/ChangeLog 2021-12-20 22:09:35 UTC (rev 287277)
@@ -1,3 +1,15 @@
+2021-12-20 J Pascoe
+
+[WebAuthn] Only run WebAuthn test process on platform it is used
+https://bugs.webkit.org/show_bug.cgi?id=234445
+rdar://86646638
+
+Reviewed by Brent Fulgham.
+
+Add PLATFORM(IOS) macro around webauthn process test.
+
+* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+
2021-12-20 Alex Christensen
Prevent test functionality in AdAttributionDaemon when not running tests
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (287276 => 287277)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-20 22:04:20 UTC (rev 287276)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-20 22:09:35 UTC (rev 287277)
@@ -2258,6 +2258,7 @@
}
#endif // USE(APPLE_INTERNAL_SDK) || PLATFORM(IOS)
+#if PLATFORM(IOS)
TEST(WebAuthenticationPanel, RecoverAfterAuthNProcessCrash)
{
TestWebKitAPI::HTTPServer server({
@@ -2308,6 +2309,7 @@
Util::run(&gotMessage);
}
+#endif // PLATFORM(IOS)
} // namespace TestWebKitAPI
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [287116] trunk
Title: [287116] trunk Revision 287116 Author j_pas...@apple.com Date 2021-12-15 16:52:57 -0800 (Wed, 15 Dec 2021) Log Message [WebAuthn] Allow same-site, cross-origin iframe get() https://bugs.webkit.org/show_bug.cgi?id=234309 rdar://problem/86486313 Reviewed by Brent Fulgham. Source/WebCore: The Web Authentication level 2 specifies a feature policy to allow get calls in cross-origin i-frames. This patch implements this feature policy partially. Only same-site, cross-origin i-frames are supported instead. This is for tracking prevention purposes. https://w3c.github.io/webauthn/#sctn-iframe-guidance This patch also starts passing ClientDataJSON hashes to ASC to avoid the situation where WebKit includes crossOrigin or other fields in ClientDataJSON that ASC is unaware of when generating ClientDataJSON. Added layout test cases for same-site, cross-origin get calls. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::doesHaveSameSiteAsAncestors): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/WebAuthenticationUtils.cpp: (WebCore::buildClientDataJson): * Modules/webauthn/WebAuthenticationUtils.h: * html/FeaturePolicy.cpp: (WebCore::policyTypeName): (WebCore::FeaturePolicy::parse): (WebCore::FeaturePolicy::allows const): * html/FeaturePolicy.h: Source/WebKit: The Web Authentication level 2 specifies a feature policy to allow get calls in cross-origin i-frames. This patch implements this feature policy partially. Only same-site, cross-origin i-frames are supported instead. This is for tracking prevention purposes. https://w3c.github.io/webauthn/#sctn-iframe-guidance This patch also starts passing ClientDataJSON hashes to ASC to avoid the situation where WebKit includes crossOrigin or other fields in ClientDataJSON that ASC is unaware of when generating ClientDataJSON. Added layout test cases for same-site, cross-origin get calls. * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (produceClientDataJson): * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureRegistrationRequestContext): (WebKit::configurationAssertionRequestContext): (WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest): LayoutTests: Add layout test for WebAuthn get assertions on cross-site, same-sites i-frames with publickey-credentials-get feature policy. * http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt: * http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html: * http/wpt/webauthn/resources/util.js: Modified Paths trunk/LayoutTests/ChangeLog trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html trunk/LayoutTests/http/wpt/webauthn/resources/util.js trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h trunk/Source/WebCore/html/FeaturePolicy.cpp trunk/Source/WebCore/html/FeaturePolicy.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm Added Paths trunk/LayoutTests/http/wpt/webauthn/resources/samesite-iframe.html Diff Modified: trunk/LayoutTests/ChangeLog (287115 => 287116) --- trunk/LayoutTests/ChangeLog 2021-12-16 00:51:44 UTC (rev 287115) +++ trunk/LayoutTests/ChangeLog 2021-12-16 00:52:57 UTC (rev 287116) @@ -1,3 +1,18 @@ +2021-12-15 J Pascoe + +[WebAuthn] Allow same-site, cross-origin iframe get() +https://bugs.webkit.org/show_bug.cgi?id=234309 +rdar://problem/86486313 + +Reviewed by Brent Fulgham. + +Add layout test for WebAuthn get assertions on cross-site, same-sites i-frames with +publickey-credentials-get feature policy. + +* http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt: +* http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html: +* http/wpt/webauthn/resources/util.js: + 2021-12-15 Ryan Haddad PCM: Remove old DB update and migration code, and add a unit test for destination token DB columns Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.tx
[webkit-changes] [287002] trunk
Title: [287002] trunk
Revision 287002
Author j_pas...@apple.com
Date 2021-12-13 18:42:38 -0800 (Mon, 13 Dec 2021)
Log Message
Unreviewed, reverting r286993.
https://bugs.webkit.org/show_bug.cgi?id=234283
Reverted changeset:
"[WebAuthn] Allow same-site, cross-origin iframe get()"
https://bugs.webkit.org/show_bug.cgi?id=234180
https://commits.webkit.org/r286993
Patch by Commit Queue on 2021-12-13
Modified Paths
trunk/LayoutTests/ChangeLog
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html
trunk/LayoutTests/http/wpt/webauthn/resources/util.js
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp
trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h
trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp
trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h
trunk/Source/WebCore/html/FeaturePolicy.cpp
trunk/Source/WebCore/html/FeaturePolicy.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
Removed Paths
trunk/LayoutTests/http/wpt/webauthn/resources/samesite-iframe.html
Diff
Modified: trunk/LayoutTests/ChangeLog (287001 => 287002)
--- trunk/LayoutTests/ChangeLog 2021-12-14 02:20:20 UTC (rev 287001)
+++ trunk/LayoutTests/ChangeLog 2021-12-14 02:42:38 UTC (rev 287002)
@@ -1,3 +1,15 @@
+2021-12-13 Commit Queue
+
+Unreviewed, reverting r286993.
+https://bugs.webkit.org/show_bug.cgi?id=234283
+
+
+Reverted changeset:
+
+"[WebAuthn] Allow same-site, cross-origin iframe get()"
+https://bugs.webkit.org/show_bug.cgi?id=234180
+https://commits.webkit.org/r286993
+
2021-12-13 Christopher Reid
[Curl] Improve curl's cookie conformance in WPT
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt (287001 => 287002)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt 2021-12-14 02:20:20 UTC (rev 287001)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt 2021-12-14 02:42:38 UTC (rev 287002)
@@ -2,7 +2,4 @@
PASS Tests that a frame that doesn't share the same origin with all its ancestors could not access the API.
PASS Tests that a frame that doesn't share the same origin with all its ancestors could not access the API. 2
-PASS Tests that a frame that is same-site, cross-origin without publickey-credentials-get feature policy cannot use get().
-PASS Tests that a frame that is same-site, cross-origin with publickey-credentials-get feature policy can use get().
-PASS Tests that a frame that is cross-origin, NOT same-site with publickey-credentials-get feature policy cannot use get().
Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html (287001 => 287002)
--- trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html 2021-12-14 02:20:20 UTC (rev 287001)
+++ trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html 2021-12-14 02:42:38 UTC (rev 287002)
@@ -22,24 +22,6 @@
assert_equals(message.data, "PASS.");
});
}, "Tests that a frame that doesn't share the same origin with all its ancestors could not access the API. 2");
-
-promise_test(t => {
-return withSameSiteIframe("samesite-iframe.html").then((message) => {
-assert_equals(message.data, "Throw NotAllowedError: The origin of the document is not the same as its ancestors.");
-});
-}, "Tests that a frame that is same-site, cross-origin without publickey-credentials-get feature policy cannot use get().");
-
-promise_test(t => {
-return withSameSiteIframe("samesite-iframe.html", "publickey-credentials-get").then((message) => {
-assert_equals(message.data, "PASS!");
-});
-}, "Tests that a frame that is same-site, cross-origin with publickey-credentials-get feature policy can use get().");
-
-promise_test(t => {
-return withCrossOriginIframe("samesite-iframe.html", "publickey-credentials-get").then((message) => {
-assert_equals(message.data, "Throw NotAllowedError: The origin of the document is not the same as its ancestors.");
-});
-}, "Tests that a
[webkit-changes] [286993] trunk
Title: [286993] trunk Revision 286993 Author j_pas...@apple.com Date 2021-12-13 15:58:25 -0800 (Mon, 13 Dec 2021) Log Message [WebAuthn] Allow same-site, cross-origin iframe get() https://bugs.webkit.org/show_bug.cgi?id=234180 rdar://85161142 Reviewed by Brent Fulgham. Source/WebCore: The Web Authentication level 2 specifies a feature policy to allow get calls in cross-origin i-frames. This patch implements this feature policy partially. Only same-site, cross-origin i-frames are supported instead. This is for tracking prevention purposes. https://w3c.github.io/webauthn/#sctn-iframe-guidance This patch also starts passing ClientDataJSON hashes to ASC to avoid the situation where WebKit includes crossOrigin or other fields in ClientDataJSON that ASC is unaware of when generating ClientDataJSON. Added layout test cases for same-site, cross-origin get calls. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::doesHaveSameSiteAsAncestors): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/WebAuthenticationUtils.cpp: (WebCore::buildClientDataJson): * Modules/webauthn/WebAuthenticationUtils.h: * html/FeaturePolicy.cpp: (WebCore::policyTypeName): (WebCore::FeaturePolicy::parse): (WebCore::FeaturePolicy::allows const): * html/FeaturePolicy.h: Source/WebKit: The Web Authentication level 2 specifies a feature policy to allow get calls in cross-origin i-frames. This patch implements this feature policy partially. Only same-site, cross-origin i-frames are supported instead. This is for tracking prevention purposes. https://w3c.github.io/webauthn/#sctn-iframe-guidance This patch also starts passing ClientDataJSON hashes to ASC to avoid the situation where WebKit includes crossOrigin or other fields in ClientDataJSON that ASC is unaware of when generating ClientDataJSON. Added layout test cases for same-site, cross-origin get calls. * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (produceClientDataJson): * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureRegistrationRequestContext): (WebKit::configurationAssertionRequestContext): (WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest): LayoutTests: Add layout test for WebAuthn get assertions on cross-site, same-sites i-frames with publickey-credentials-get feature policy. * http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt: * http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html: * http/wpt/webauthn/resources/util.js: Modified Paths trunk/LayoutTests/ChangeLog trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html trunk/LayoutTests/http/wpt/webauthn/resources/util.js trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h trunk/Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h trunk/Source/WebCore/html/FeaturePolicy.cpp trunk/Source/WebCore/html/FeaturePolicy.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm Added Paths trunk/LayoutTests/http/wpt/webauthn/resources/samesite-iframe.html Diff Modified: trunk/LayoutTests/ChangeLog (286992 => 286993) --- trunk/LayoutTests/ChangeLog 2021-12-13 23:56:13 UTC (rev 286992) +++ trunk/LayoutTests/ChangeLog 2021-12-13 23:58:25 UTC (rev 286993) @@ -1,3 +1,18 @@ +2021-12-13 J Pascoe + +[WebAuthn] Allow same-site, cross-origin iframe get() +https://bugs.webkit.org/show_bug.cgi?id=234180 +rdar://85161142 + +Reviewed by Brent Fulgham. + +Add layout test for WebAuthn get assertions on cross-site, same-sites i-frames with +publickey-credentials-get feature policy. + +* http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt: +* http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https.html: +* http/wpt/webauthn/resources/util.js: + 2021-12-13 Ryan Haddad Unreviewed test gardening for rdar://80334322, rebaseline tests for Monterey. Modified: trunk/LayoutTests/http/wpt/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt (286992 => 286993) --- trunk/Layou
[webkit-changes] [286785] trunk
Title: [286785] trunk Revision 286785 Author j_pas...@apple.com Date 2021-12-09 09:53:22 -0800 (Thu, 09 Dec 2021) Log Message [WebAuthn] Remove user gesture requirement for using platform authenticator on the web https://bugs.webkit.org/show_bug.cgi?id=230893 Reviewed by Brent Fulgham. Source/WebCore: Remove web authentication user gesture bypass quirk as it's no longer used. * page/Quirks.cpp: (WebCore::Quirks::shouldBypassUserGestureRequirementForWebAuthn const): Deleted. * page/Quirks.h: Source/WebKit: This patch loosens the user gesture requirement around using WebAuthn with respect to user gestures by removing the Quirks.h allowlist of sites that get a freebie. Instead the new behavior is all sites get one freebie, then on subsequent attempts they show a non-modal consent dialog. * UIProcess/API/APIUIClient.h: (API::UIClient::requestWebAuthenticationNoGesture): * UIProcess/API/C/WKPage.cpp: (WKPageSetPageUIClient): * UIProcess/API/C/WKPageUIClient.h: * UIProcess/API/Cocoa/WKUIDelegatePrivate.h: * UIProcess/Cocoa/UIDelegate.h: * UIProcess/Cocoa/UIDelegate.mm: (WebKit::UIDelegate::setDelegate): (WebKit::UIDelegate::UIClient::requestWebAuthenticationNoGesture): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: (WebKit::WebAuthenticatorCoordinator::processingUserGesture): Tools: This patch removes the Quirks allowlist of the freebie web authentication use without a gesture and replaces it with one freebie, then a consent sheet. * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: (-[TestWebAuthenticationPanelUIDelegate _webView:requestWebAuthenticationNoGestureForOrigin:completionHandler:]): Test delegate LayoutTests: Modify layout tests to reflect new WebAuthn user gesture console message. * http/wpt/credential-management/credentialscontainer-store-basics.https-expected.txt: * http/wpt/webauthn/ctap-hid-failure.https-expected.txt: * http/wpt/webauthn/ctap-hid-success.https-expected.txt: * http/wpt/webauthn/ctap-nfc-failure.https-expected.txt: * http/wpt/webauthn/idl.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-hid-silent.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-hid.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-nfc.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure-u2f.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-success-local.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-success-nfc.https-expected.txt: * http/wpt/webauthn/public-key-credential-create-success-u2f.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure-hid-silent.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure-hid.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure-local-silent.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure-local.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure-nfc.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure-u2f.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-failure.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-success-hid.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-success-local.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-success-nfc.https-expected.txt: * http/wpt/webauthn/public-key-credential-get-success-u2f.https-expected.txt: Modified Paths trunk/LayoutTests/ChangeLog trunk/LayoutTests/http/wpt/credential-management/credentialscontainer-store-basics.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/ctap-hid-failure.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/ctap-hid-success.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/ctap-nfc-failure.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/idl.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-hid-silent.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-hid.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local-silent.https-expected.txt trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt trunk/LayoutTests/http
[webkit-changes] [286746] trunk
Title: [286746] trunk Revision 286746 Author j_pas...@apple.com Date 2021-12-08 15:49:16 -0800 (Wed, 08 Dec 2021) Log Message [WebAuthn] Consider support for the displayName for FIDO authenticator https://bugs.webkit.org/show_bug.cgi?id=233389 rdar://84938707 Reviewed by Brent Fulgham. Source/WebKit: Start storing the displayName field with the platform authenticator and add them to the getAllLocalAuthenticatorCredentials SPI. The displayName is part of the WebAuthn level 2 spec: https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialuserentity-displayname * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (getAllLocalAuthenticatorCredentialsImpl): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): Tools: Add test for new field stored with platform authenticator: displayName * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: (TestWebKitAPI::TEST): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm trunk/Tools/ChangeLog trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm Diff Modified: trunk/Source/WebKit/ChangeLog (286745 => 286746) --- trunk/Source/WebKit/ChangeLog 2021-12-08 23:27:48 UTC (rev 286745) +++ trunk/Source/WebKit/ChangeLog 2021-12-08 23:49:16 UTC (rev 286746) @@ -1,3 +1,23 @@ +2021-12-08 J Pascoe + +[WebAuthn] Consider support for the displayName for FIDO authenticator +https://bugs.webkit.org/show_bug.cgi?id=233389 +rdar://84938707 + +Reviewed by Brent Fulgham. + +Start storing the displayName field with the platform authenticator +and add them to the getAllLocalAuthenticatorCredentials SPI. + +The displayName is part of the WebAuthn level 2 spec: +https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialuserentity-displayname + +* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h: +* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: +(getAllLocalAuthenticatorCredentialsImpl): +* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: +(WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): + 2021-12-08 Truitt Savell Unreviewed, reverting r286596. Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (286745 => 286746) --- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-12-08 23:27:48 UTC (rev 286745) +++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-12-08 23:49:16 UTC (rev 286746) @@ -87,6 +87,7 @@ } WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA)); WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialNameKey; +WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialDisplayNameKey; WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialIDKey; WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialRelyingPartyIDKey; WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialLastModificationDateKey; Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (286745 => 286746) --- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-12-08 23:27:48 UTC (rev 286745) +++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-12-08 23:49:16 UTC (rev 286746) @@ -100,6 +100,7 @@ #endif NSString * const _WKLocalAuthenticatorCredentialNameKey = @"_WKLocalAuthenticatorCredentialNameKey"; +NSString * const _WKLocalAuthenticatorCredentialDisplayNameKey = @"_WKLocalAuthenticatorCredentialDisplayNameKey"; NSString * const _WKLocalAuthenticatorCredentialIDKey = @"_WKLocalAuthenticatorCredentialIDKey"; NSString * const _WKLocalAuthenticatorCredentialRelyingPartyIDKey = @"_WKLocalAuthenticatorCredentialRelyingPartyIDKey"; NSString * const _WKLocalAuthenticatorCredentialLastModificationDateKey = @"_WKLocalAuthenticatorCredentialLastModificationDateKey"; @@ -265,14 +266,20 @@ return nullptr; } auto& username = it->second.getString(); +auto credential = adoptNS([[NSMutableDictionary alloc] initWithObjectsAndKeys: +username, _WKLocalAuthenticatorCredentialNameKey, +attributes[bridge_cast(kSecAttrApplicationLabel)], _WKLocalAuthenticatorCredentialIDKey, +attributes[bridge_cast(kSecAttrLabel)], _WKLocalAuthenticatorCredentialRelyingPartyIDKey, +attributes[bridge_cast(kSecAttrModificationDate)], _WKLocalAuthenticatorCredentialLastModificationDateKey, +attributes[bridge_cast(kSecAttrCreationDate)], _WKLocalAuthenticatorCredentialCreationDateKey, +nil +]); -
[webkit-changes] [286370] trunk/Source/WTF
Title: [286370] trunk/Source/WTF Revision 286370 Author j_pas...@apple.com Date 2021-12-01 11:01:35 -0800 (Wed, 01 Dec 2021) Log Message Fix NEAR_FIELD macro to support iOS devices again https://bugs.webkit.org/show_bug.cgi?id=233671 rdar://85318070 In a previous change, https://bugs.webkit.org/show_bug.cgi?id=231085, the definition for the NEAR_FIELD macro removed support for iOS. This change adds it back, fixing NFC webauthn support. Reviewed by Brent Fulgham. Tested manually on an iPhone. * wtf/PlatformHave.h: Modified Paths trunk/Source/WTF/ChangeLog trunk/Source/WTF/wtf/PlatformHave.h Diff Modified: trunk/Source/WTF/ChangeLog (286369 => 286370) --- trunk/Source/WTF/ChangeLog 2021-12-01 18:36:08 UTC (rev 286369) +++ trunk/Source/WTF/ChangeLog 2021-12-01 19:01:35 UTC (rev 286370) @@ -1,3 +1,19 @@ +2021-12-01 J Pascoe + +Fix NEAR_FIELD macro to support iOS devices again +https://bugs.webkit.org/show_bug.cgi?id=233671 +rdar://85318070 + +In a previous change, https://bugs.webkit.org/show_bug.cgi?id=231085, the definition for +the NEAR_FIELD macro removed support for iOS. This change adds it back, fixing +NFC webauthn support. + +Reviewed by Brent Fulgham. + +Tested manually on an iPhone. + +* wtf/PlatformHave.h: + 2021-12-01 Philippe Normand [GStreamer] requestVideoFrameCallback support Modified: trunk/Source/WTF/wtf/PlatformHave.h (286369 => 286370) --- trunk/Source/WTF/wtf/PlatformHave.h 2021-12-01 18:36:08 UTC (rev 286369) +++ trunk/Source/WTF/wtf/PlatformHave.h 2021-12-01 19:01:35 UTC (rev 286370) @@ -537,7 +537,7 @@ #define HAVE_COOKIE_CHANGE_LISTENER_API 1 #endif -#if PLATFORM(MAC) && !PLATFORM(IOS_FAMILY_SIMULATOR) +#if PLATFORM(MAC) || (PLATFORM(IOS_FAMILY) && !PLATFORM(IOS_FAMILY_SIMULATOR)) #define HAVE_NEAR_FIELD 1 #endif ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [286078] trunk
Title: [286078] trunk
Revision 286078
Author j_pas...@apple.com
Date 2021-11-19 14:19:52 -0800 (Fri, 19 Nov 2021)
Log Message
[WebAuthn] Add headers for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] and [_WKWebAuthenticationPanel getAssertionWithClientDataHash]
https://bugs.webkit.org/show_bug.cgi?id=233371
Source/WebKit:
Reviewed by Brent Fulgham.
These SPIs were added in https://bugs.webkit.org/show_bug.cgi?id=233216, but were not added to the header
file _WKWebAuthenticationPanel.h, this change adds them.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
Tools:
Reviewed by Brent Fulgham.
Add tests for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] and
[_WKWebAuthenticationPanel getAssertionWithClientDataHash].
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (286077 => 286078)
--- trunk/Source/WebKit/ChangeLog 2021-11-19 22:05:29 UTC (rev 286077)
+++ trunk/Source/WebKit/ChangeLog 2021-11-19 22:19:52 UTC (rev 286078)
@@ -1,3 +1,16 @@
+2021-11-19 J Pascoe
+
+[WebAuthn] Add headers for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] and [_WKWebAuthenticationPanel getAssertionWithClientDataHash]
+https://bugs.webkit.org/show_bug.cgi?id=233371
+
+
+Reviewed by Brent Fulgham.
+
+These SPIs were added in https://bugs.webkit.org/show_bug.cgi?id=233216, but were not added to the header
+file _WKWebAuthenticationPanel.h, this change adds them.
+
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+
2021-11-19 Myles C. Maxfield
[WebGPU] Add converters from serializable descriptors to interface descriptors
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (286077 => 286078)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-11-19 22:05:29 UTC (rev 286077)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-11-19 22:19:52 UTC (rev 286078)
@@ -126,7 +126,9 @@
// FIXME: Adds detailed NSError.
- (void)makeCredentialWithChallenge:(NSData *)challenge origin:(NSString *)origin options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler WK_API_AVAILABLE(macos(12.0), ios(15.0));
+- (void)makeCredentialWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
- (void)getAssertionWithChallenge:(NSData *)challenge origin:(NSString *)origin options:(_WKPublicKeyCredentialRequestOptions *)options completionHandler:(void (^)(_WKAuthenticatorAssertionResponse *, NSError *))handler WK_API_AVAILABLE(macos(12.0), ios(15.0));
+- (void)getAssertionWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialRequestOptions *)options completionHandler:(void (^)(_WKAuthenticatorAssertionResponse *, NSError *))handler WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
- (void)cancel;
// FIXME: Deprecate the following properties.
Modified: trunk/Tools/ChangeLog (286077 => 286078)
--- trunk/Tools/ChangeLog 2021-11-19 22:05:29 UTC (rev 286077)
+++ trunk/Tools/ChangeLog 2021-11-19 22:19:52 UTC (rev 286078)
@@ -1,3 +1,17 @@
+2021-11-19 J Pascoe
+
+[WebAuthn] Add headers for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] and [_WKWebAuthenticationPanel getAssertionWithClientDataHash]
+https://bugs.webkit.org/show_bug.cgi?id=233371
+
+
+Reviewed by Brent Fulgham.
+
+Add tests for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] and
+[_WKWebAuthenticationPanel getAssertionWithClientDataHash].
+
+* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+(TestWebKitAPI::TEST):
+
2021-11-18 Jonathan Bedard
[webkitcorepy] Indicate to user the default option
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (286077 => 286078)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-11-19 22:05:29 UTC (rev 286077)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-11-19 22:19:52 UTC (rev 286078)
@@ -1898,6 +1898,44 @@
}];
Util::run(&webAuthenticationPanelRan);
}
+
+TEST(WebAuthenticationPanel, MakeCredentialLAClientDataHash)
+{
+reset();
+
+uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+uint8_t hash[] = { 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03,
[webkit-changes] [285965] trunk/Source/WebKit
Title: [285965] trunk/Source/WebKit
Revision 285965
Author j_pas...@apple.com
Date 2021-11-17 16:10:02 -0800 (Wed, 17 Nov 2021)
Log Message
[WebAuthn] Add SPI for makeCredential / getAssertion using clientDataHash
https://bugs.webkit.org/show_bug.cgi?id=233216
Reviewed by Brent Fulgham.
In order to avoid needing to make and coordinate changes to ASC to support new fields or changes
within ClientDataJSON and to maintain a single source of truth, calls to ASC from WebKit
will contain a precomputed ClientDataHash. This change creates new SPIs that will be called
from ASC using the ClientDataHash.
* UIProcess/API/Cocoa/_WKAuthenticatorResponse.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(-[_WKWebAuthenticationPanel makeCredentialWithClientDataHash:options:completionHandler:]):
(-[_WKWebAuthenticationPanel getAssertionWithClientDataHash:options:completionHandler:]):
New functions to take in ClientDataHash instead of the data needed to construct it.
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebKit/ChangeLog (285964 => 285965)
--- trunk/Source/WebKit/ChangeLog 2021-11-17 23:55:47 UTC (rev 285964)
+++ trunk/Source/WebKit/ChangeLog 2021-11-18 00:10:02 UTC (rev 285965)
@@ -1,3 +1,22 @@
+2021-11-17 J Pascoe
+
+[WebAuthn] Add SPI for makeCredential / getAssertion using clientDataHash
+https://bugs.webkit.org/show_bug.cgi?id=233216
+
+
+Reviewed by Brent Fulgham.
+
+In order to avoid needing to make and coordinate changes to ASC to support new fields or changes
+within ClientDataJSON and to maintain a single source of truth, calls to ASC from WebKit
+will contain a precomputed ClientDataHash. This change creates new SPIs that will be called
+from ASC using the ClientDataHash.
+
+* UIProcess/API/Cocoa/_WKAuthenticatorResponse.h:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+(-[_WKWebAuthenticationPanel makeCredentialWithClientDataHash:options:completionHandler:]):
+(-[_WKWebAuthenticationPanel getAssertionWithClientDataHash:options:completionHandler:]):
+New functions to take in ClientDataHash instead of the data needed to construct it.
+
2021-11-17 Per Arne Vollan
[macOS] Add message filter guard in the GPU process' sandbox
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h (285964 => 285965)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h 2021-11-17 23:55:47 UTC (rev 285964)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h 2021-11-18 00:10:02 UTC (rev 285965)
@@ -38,7 +38,7 @@
@interface _WKAuthenticatorResponse : NSObject
@property (nonatomic, readonly) _WKAuthenticatorAttachment attachment;
-@property (nonatomic, readonly) NSData *clientDataJSON;
+@property (nullable, nonatomic, readonly) NSData *clientDataJSON;
@property (nonatomic, readonly) NSData *rawId;
@property (nullable, nonatomic, readonly, strong) _WKAuthenticationExtensionsClientOutputs *extensions;
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (285964 => 285965)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-11-17 23:55:47 UTC (rev 285964)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-11-18 00:10:02 UTC (rev 285965)
@@ -580,6 +580,20 @@
#endif
}
+- (void)makeCredentialWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler
+{
+#if ENABLE(WEB_AUTHN)
+auto callback = [handler = makeBlockPtr(handler)] (std::variant, WebCore::ExceptionData>&& result) mutable {
+WTF::switchOn(result, [&](const Ref& response) {
+handler(wkAuthenticatorAttestationResponse(response->data(), nullptr, response->attachment()).get(), nil);
+}, [&](const WebCore::ExceptionData& exception) {
+handler(nil, [NSError errorWithDomain:WKErrorDomain code:exception.code userInfo:@{ NSLocalizedDescriptionKey: exception.message }]);
+});
+};
+_panel->handleRequest({ vectorFromNSData(clientDataHash), [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr }, WTFMove(callback));
+#endif
+}
+
+ (WebCore::PublicKeyCredentialRequestOptions)convertToCoreRequestOptionsWithOptions:(_WKPublicKeyCredentialRequestOptions *)options
{
WebCore::PublicKeyCredentialRequestOptions result;
@@ -630,6 +644,20 @@
#endif
}
+- (void)getAssertionWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialRequestOptions *)options completionHandler:(void (^)(_WKAuthentic
[webkit-changes] [285864] trunk/Source/WebKit
Title: [285864] trunk/Source/WebKit
Revision 285864
Author j_pas...@apple.com
Date 2021-11-16 08:47:40 -0800 (Tue, 16 Nov 2021)
Log Message
[WebAuthn] WebKitTestRunner/TWAPI lacks an entitlement and bundle identifier to use required [ASCAgent performAuthorizationRequestsForContext]
https://bugs.webkit.org/show_bug.cgi?id=232846
rdar://problem/85170633
Reviewed by Brent Fulgham.
Covered by existing tests.
Calling to ASC requires converting WebAuthenticationRequestData to ASCCredentialRequestContext and then making
a call to _WKAuthenticatorAssertionResponse, while also requiring entitlements currently unavailable in OpenSource.
This change avoids calling out to ASC in tests using mock / virtual authenticators to avoid this problem, the
serialization to and from ASCAgent can be tested seperately.
* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
Refactor creation of ASCCredentialRequestContext.
(WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable):
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
(WebKit::WebAuthenticatorCoordinatorProxy::handleRequest):
Refactor use of ASC and add clarifying comment about flow.
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h
Diff
Modified: trunk/Source/WebKit/ChangeLog (285863 => 285864)
--- trunk/Source/WebKit/ChangeLog 2021-11-16 16:38:52 UTC (rev 285863)
+++ trunk/Source/WebKit/ChangeLog 2021-11-16 16:47:40 UTC (rev 285864)
@@ -1,3 +1,25 @@
+2021-11-16 J Pascoe
+
+[WebAuthn] WebKitTestRunner/TWAPI lacks an entitlement and bundle identifier to use required [ASCAgent performAuthorizationRequestsForContext]
+https://bugs.webkit.org/show_bug.cgi?id=232846
+rdar://problem/85170633
+
+Reviewed by Brent Fulgham.
+
+Covered by existing tests.
+
+Calling to ASC requires converting WebAuthenticationRequestData to ASCCredentialRequestContext and then making
+a call to _WKAuthenticatorAssertionResponse, while also requiring entitlements currently unavailable in OpenSource.
+This change avoids calling out to ASC in tests using mock / virtual authenticators to avoid this problem, the
+serialization to and from ASCAgent can be tested seperately.
+
+* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+Refactor creation of ASCCredentialRequestContext.
+(WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable):
+* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
+(WebKit::WebAuthenticatorCoordinatorProxy::handleRequest):
+Refactor use of ASC and add clarifying comment about flow.
+
2021-11-16 Kimmo Kinnunen
RemoteGraphicsContextGLCocoa::m_swapChain is unused
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (285863 => 285864)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-16 16:38:52 UTC (rev 285863)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-16 16:47:40 UTC (rev 285864)
@@ -238,18 +238,17 @@
return requestContext;
}
-void WebAuthenticatorCoordinatorProxy::makeCredential(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector&& hash, PublicKeyCredentialCreationOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
+RetainPtr WebAuthenticatorCoordinatorProxy::contextForRequest(WebAuthenticationRequestData&& requestData)
{
-auto requestContext = configureRegistrationRequestContext(options);
-performRequest(requestContext, WTFMove(handler));
+RetainPtr result;
+WTF::switchOn(requestData.options, [&](const PublicKeyCredentialCreationOptions& options) {
+result = configureRegistrationRequestContext(options);
+}, [&](const PublicKeyCredentialRequestOptions& options) {
+result = configurationAssertionRequestContext(options);
+});
+return result;
}
-void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector&& hash, PublicKeyCredentialRequestOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
-{
-auto requestContext = configurationAssertionRequestContext(options);
-performRequest(requestContext, WTFMove(handler));
-}
-
void WebAuthenticatorCoordinatorProxy::performRequest(RetainPtr requestContext, RequestCompletionHandler&& handler)
{
auto proxy = adoptNS([allocASCAgentProxyInstance() init]);
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp (285863 => 2
[webkit-changes] [285617] trunk
Title: [285617] trunk
Revision 285617
Author j_pas...@apple.com
Date 2021-11-10 18:52:01 -0800 (Wed, 10 Nov 2021)
Log Message
[WebAuthn] Unify _WKWebAuthenticationPanel SPI and AuthenticatorCoordinator's ClientDataJson generation
https://bugs.webkit.org/show_bug.cgi?id=232965
Reviewed by Brent Fulgham.
Source/WebCore:
The _WKWebAuthenticationPanel SPI and AuthenticatorCoordinator use different methods of generating
clientDataJson, which results in strings with the keys in a different order. This change abstracts
the clientDataJson generation out of AuthenticatorCoordinator and into WebAuthenticationUtils.
* Modules/webauthn/AuthenticatorCoordinator.cpp:
(WebCore::AuthenticatorCoordinator::create const):
(WebCore::AuthenticatorCoordinator::discoverFromExternalSource const):
(WebCore::AuthenticatorCoordinatorInternal::produceClientDataJson): Deleted.
(WebCore::AuthenticatorCoordinatorInternal::produceClientDataJsonHash): Deleted.
* Modules/webauthn/WebAuthenticationUtils.cpp:
(WebCore::buildClientDataJson):
(WebCore::buildClientDataJsonHash):
* Modules/webauthn/WebAuthenticationUtils.h:
Source/WebKit:
The _WKWebAuthenticationPanel SPI and AuthenticatorCoordinator use different methods of generating
clientDataJson, which results in strings with the keys in a different order. This causes problems
because when generating asserts via ASC ui, the hash signed and the client data json used to generate
that hash are different from the client data json returned to js.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(produceClientDataJson):
Tools:
Update api tests to reflect different clientDataJson format from WebAuthenticationUtils
* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
(TestWebKitAPI::TEST):
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp
trunk/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
Diff
Modified: trunk/Source/WebCore/ChangeLog (285616 => 285617)
--- trunk/Source/WebCore/ChangeLog 2021-11-11 02:20:02 UTC (rev 285616)
+++ trunk/Source/WebCore/ChangeLog 2021-11-11 02:52:01 UTC (rev 285617)
@@ -1,3 +1,25 @@
+2021-11-10 J Pascoe
+
+[WebAuthn] Unify _WKWebAuthenticationPanel SPI and AuthenticatorCoordinator's ClientDataJson generation
+https://bugs.webkit.org/show_bug.cgi?id=232965
+
+
+Reviewed by Brent Fulgham.
+
+The _WKWebAuthenticationPanel SPI and AuthenticatorCoordinator use different methods of generating
+clientDataJson, which results in strings with the keys in a different order. This change abstracts
+the clientDataJson generation out of AuthenticatorCoordinator and into WebAuthenticationUtils.
+
+* Modules/webauthn/AuthenticatorCoordinator.cpp:
+(WebCore::AuthenticatorCoordinator::create const):
+(WebCore::AuthenticatorCoordinator::discoverFromExternalSource const):
+(WebCore::AuthenticatorCoordinatorInternal::produceClientDataJson): Deleted.
+(WebCore::AuthenticatorCoordinatorInternal::produceClientDataJsonHash): Deleted.
+* Modules/webauthn/WebAuthenticationUtils.cpp:
+(WebCore::buildClientDataJson):
+(WebCore::buildClientDataJsonHash):
+* Modules/webauthn/WebAuthenticationUtils.h:
+
2021-11-10 Tim Nguyen
Remove non-standard -webkit-border-fit CSS property
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp (285616 => 285617)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2021-11-11 02:20:02 UTC (rev 285616)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2021-11-11 02:52:01 UTC (rev 285617)
@@ -41,43 +41,15 @@
#include "PublicKeyCredentialRequestOptions.h"
#include "RegistrableDomain.h"
#include "LegacySchemeRegistry.h"
-#include "SecurityOrigin.h"
#include "WebAuthenticationConstants.h"
+#include "WebAuthenticationUtils.h"
#include
-#include
#include
-#include
namespace WebCore {
namespace AuthenticatorCoordinatorInternal {
-// FIXME(181948): Add token binding ID.
-static Ref produceClientDataJson(ClientDataType type, const BufferSource& challenge, const SecurityOrigin& origin)
-{
-auto object = JSON::Object::create();
-switch (type) {
-case ClientDataType::Create:
-object->setString("type"_s, "webauthn.create"_s);
-break;
-case ClientDataType::Get:
-object->setString("type"_s, "webauthn.get"_s);
-break;
-}
-object->setString("challenge"_s, base64URLEncodeToString(challenge.data(), challenge.length()));
-object->setString("origin"_s, origin.toRawString());
-
-auto utf8JSONString = object->toJSONString().utf8();
-
[webkit-changes] [285537] trunk/Source/WebKit
Title: [285537] trunk/Source/WebKit Revision 285537 Author j_pas...@apple.com Date 2021-11-09 15:02:32 -0800 (Tue, 09 Nov 2021) Log Message [WebAuthn] User handle is not saved on create via ASC https://bugs.webkit.org/show_bug.cgi?id=232900 rdar://85216105 Reviewed by Brent Fulgham. This value is required to be stored along the credential on create calls such that it can be returned via get calls. Currently, it is always read as empty because user.id is empty after ipc, while the id is decoded to idVector. * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureRegistrationRequestContext): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm Diff Modified: trunk/Source/WebKit/ChangeLog (285536 => 285537) --- trunk/Source/WebKit/ChangeLog 2021-11-09 22:58:40 UTC (rev 285536) +++ trunk/Source/WebKit/ChangeLog 2021-11-09 23:02:32 UTC (rev 285537) @@ -1,3 +1,19 @@ +2021-11-09 J Pascoe + +[WebAuthn] User handle is not saved on create via ASC +https://bugs.webkit.org/show_bug.cgi?id=232900 +rdar://85216105 + +Reviewed by Brent Fulgham. + +This value is required to be stored along the credential on create calls +such that it can be returned via get calls. Currently, it is always read +as empty because user.id is empty after ipc, while the id is decoded to +idVector. + +* UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: +(WebKit::configureRegistrationRequestContext): + 2021-10-28 Darin Adler [CF] Reduce duplication and unneeded buffer allocations and copying in URL code, also remove unused methods and functions Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (285536 => 285537) --- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-09 22:58:40 UTC (rev 285536) +++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-09 23:02:32 UTC (rev 285537) @@ -181,7 +181,7 @@ [credentialCreationOptions setChallenge:toNSData(options.challengeVector).get()]; [credentialCreationOptions setRelyingPartyIdentifier:options.rp.id]; [credentialCreationOptions setUserName:options.user.name]; -[credentialCreationOptions setUserIdentifier:toNSData(options.user.id).get()]; +[credentialCreationOptions setUserIdentifier:toNSData(options.user.idVector).get()]; [credentialCreationOptions setUserDisplayName:options.user.displayName]; [credentialCreationOptions setUserVerificationPreference:userVerification.get()]; [credentialCreationOptions setShouldRequireResidentKey:shouldRequireResidentKey]; ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [285535] trunk
Title: [285535] trunk
Revision 285535
Author j_pas...@apple.com
Date 2021-11-09 14:25:51 -0800 (Tue, 09 Nov 2021)
Log Message
Add j_pascoe to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=232904
Unreviewed.
* metadata/contributors.json:
Modified Paths
trunk/ChangeLog
trunk/metadata/contributors.json
Diff
Modified: trunk/ChangeLog (285534 => 285535)
--- trunk/ChangeLog 2021-11-09 22:19:54 UTC (rev 285534)
+++ trunk/ChangeLog 2021-11-09 22:25:51 UTC (rev 285535)
@@ -1,3 +1,13 @@
+2021-11-09 J Pascoe
+
+Add j_pascoe to contributors.json
+https://bugs.webkit.org/show_bug.cgi?id=232904
+
+
+Unreviewed.
+
+* metadata/contributors.json:
+
2021-11-08 Myles C. Maxfield
Make WebGPU.xcodeproj and WebGPU.framework
Modified: trunk/metadata/contributors.json (285534 => 285535)
--- trunk/metadata/contributors.json 2021-11-09 22:19:54 UTC (rev 285534)
+++ trunk/metadata/contributors.json 2021-11-09 22:25:51 UTC (rev 285535)
@@ -2976,6 +2976,17 @@
},
{
"emails" : [
+ "j_pas...@apple.com"
+ ],
+ "github" : "pascoej",
+ "name" : "J Pascoe",
+ "nicks" : [
+ "j_pascoe"
+ ],
+ "status" : "committer"
+ },
+ {
+ "emails" : [
"jfbast...@apple.com",
"j...@chromium.org"
],
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [285475] trunk
Title: [285475] trunk Revision 285475 Author j_pas...@apple.com Date 2021-11-08 17:37:58 -0800 (Mon, 08 Nov 2021) Log Message [WebAuthn] challenge does not get passed to -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] https://bugs.webkit.org/show_bug.cgi?id=232836 rdar://85163927 Reviewed by Brent Fulgham. -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] receives Source/WebCore: an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI. This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is. * Modules/webauthn/PublicKeyCredentialCreationOptions.h: (WebCore::PublicKeyCredentialCreationOptions::encode const): (WebCore::PublicKeyCredentialCreationOptions::decode): * Modules/webauthn/PublicKeyCredentialRequestOptions.h: (WebCore::PublicKeyCredentialRequestOptions::encode const): (WebCore::PublicKeyCredentialRequestOptions::decode): Add new challengeVector field to both options structs and include it in decoding / encoding. Source/WebKit: an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI. This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is. * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureRegistrationRequestContext): (WebKit::configurationAssertionRequestContext): Use challengeVector instead of challenge as it's available after being passed via xpc. Tools: an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI. This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is. This change also adds an empty value for tests. * TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp: (TestWebKitAPI::TEST): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm trunk/Tools/ChangeLog trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp Diff Modified: trunk/Source/WebCore/ChangeLog (285474 => 285475) --- trunk/Source/WebCore/ChangeLog 2021-11-09 01:29:21 UTC (rev 285474) +++ trunk/Source/WebCore/ChangeLog 2021-11-09 01:37:58 UTC (rev 285475) @@ -1,3 +1,26 @@ +2021-11-08 J Pascoe + +[WebAuthn] challenge does not get passed to -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] +https://bugs.webkit.org/show_bug.cgi?id=232836 +rdar://85163927 + +Reviewed by Brent Fulgham. + +-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] receives +an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI. + +This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this +field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is. + +* Modules/webauthn/PublicKeyCredentialCreationOptions.h: +(WebCore::PublicKeyCredentialCreationOptions::encode const): +(WebCore::PublicKeyCredentialCreationOptions::decode): +* Modules/webauthn/PublicKeyCredentialRequestOptions.h: +(WebCore::PublicKeyCredentialRequestOptions::encode const): +(WebCore::PublicKeyCredentialRequestOptions::decode): +Add new challengeVector field to both options structs and include it +in decoding / encoding. + 2021-11-08 Chris Dumez REGRESSION (r283935): [ macOS wk1 ] imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-autofocus-multiple-times.html is a flaky failure Modified: trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h (285474 => 285475) --- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-11-09 01:29:21 UTC (rev 285474) +++ trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-11-09 01:37:58 UTC (rev 285475) @@ -76,7 +76,7 @@ RpEntity rp; UserEntity user; -BufferSource challenge; +BufferSource challenge; // challenge becomes challengeVector once it is passed to UIProcess. Vector pubKeyCredParams; std::optional timeout; @@ -85,6 +85,8 @@ AttestationConveyancePreference attestation; mutable std::optional extensions; +Vector challengeVector; + template void encode(Encoder&) const; template st
