Diff
Modified: trunk/Source/WebKit/ChangeLog (286745 => 286746)
--- trunk/Source/WebKit/ChangeLog 2021-12-08 23:27:48 UTC (rev 286745)
+++ trunk/Source/WebKit/ChangeLog 2021-12-08 23:49:16 UTC (rev 286746)
@@ -1,3 +1,23 @@
+2021-12-08 J Pascoe <j_pas...@apple.com>
+
+ [WebAuthn] Consider support for the displayName for FIDO authenticator
+ https://bugs.webkit.org/show_bug.cgi?id=233389
+ rdar://84938707
+
+ Reviewed by Brent Fulgham.
+
+ Start storing the displayName field with the platform authenticator
+ and add them to the getAllLocalAuthenticatorCredentials SPI.
+
+ The displayName is part of the WebAuthn level 2 spec:
+ https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialuserentity-displayname
+
+ * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+ * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+ (getAllLocalAuthenticatorCredentialsImpl):
+ * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+ (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
+
2021-12-08 Truitt Savell <tsav...@apple.com>
Unreviewed, reverting r286596.
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (286745 => 286746)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-12-08 23:27:48 UTC (rev 286745)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-12-08 23:49:16 UTC (rev 286746)
@@ -87,6 +87,7 @@
} WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialNameKey;
+WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialDisplayNameKey;
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialIDKey;
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialRelyingPartyIDKey;
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialLastModificationDateKey;
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (286745 => 286746)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-12-08 23:27:48 UTC (rev 286745)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-12-08 23:49:16 UTC (rev 286746)
@@ -100,6 +100,7 @@
#endif
NSString * const _WKLocalAuthenticatorCredentialNameKey = @"_WKLocalAuthenticatorCredentialNameKey";
+NSString * const _WKLocalAuthenticatorCredentialDisplayNameKey = @"_WKLocalAuthenticatorCredentialDisplayNameKey";
NSString * const _WKLocalAuthenticatorCredentialIDKey = @"_WKLocalAuthenticatorCredentialIDKey";
NSString * const _WKLocalAuthenticatorCredentialRelyingPartyIDKey = @"_WKLocalAuthenticatorCredentialRelyingPartyIDKey";
NSString * const _WKLocalAuthenticatorCredentialLastModificationDateKey = @"_WKLocalAuthenticatorCredentialLastModificationDateKey";
@@ -265,14 +266,20 @@
return nullptr;
}
auto& username = it->second.getString();
+ auto credential = adoptNS([[NSMutableDictionary alloc] initWithObjectsAndKeys:
+ username, _WKLocalAuthenticatorCredentialNameKey,
+ attributes[bridge_cast(kSecAttrApplicationLabel)], _WKLocalAuthenticatorCredentialIDKey,
+ attributes[bridge_cast(kSecAttrLabel)], _WKLocalAuthenticatorCredentialRelyingPartyIDKey,
+ attributes[bridge_cast(kSecAttrModificationDate)], _WKLocalAuthenticatorCredentialLastModificationDateKey,
+ attributes[bridge_cast(kSecAttrCreationDate)], _WKLocalAuthenticatorCredentialCreationDateKey,
+ nil
+ ]);
- [result addObject:@{
- _WKLocalAuthenticatorCredentialNameKey: username,
- _WKLocalAuthenticatorCredentialIDKey: attributes[bridge_cast(kSecAttrApplicationLabel)],
- _WKLocalAuthenticatorCredentialRelyingPartyIDKey: attributes[bridge_cast(kSecAttrLabel)],
- _WKLocalAuthenticatorCredentialLastModificationDateKey: attributes[bridge_cast(kSecAttrModificationDate)],
- _WKLocalAuthenticatorCredentialCreationDateKey: attributes[bridge_cast(kSecAttrCreationDate)]
- }];
+ it = responseMap.find(cbor::CBORValue(fido::kDisplayNameMapKey));
+ if (it != responseMap.end() && it->second.isString())
+ [credential setObject:it->second.getString() forKey:_WKLocalAuthenticatorCredentialDisplayNameKey];
+
+ [result addObject:credential.get()];
}
return result;
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (286745 => 286746)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2021-12-08 23:27:48 UTC (rev 286745)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2021-12-08 23:49:16 UTC (rev 286746)
@@ -347,14 +347,17 @@
// Here is the keychain schema.
// kSecAttrLabel: RP ID
// kSecAttrApplicationLabel: Credential ID (auto-gen by Keychain)
- // kSecAttrApplicationTag: { "id": UserEntity.id, "name": UserEntity.name } (CBOR encoded)
+ // kSecAttrApplicationTag: { "id": UserEntity.id, "name": UserEntity.name, "displayName": UserEntity.name} (CBOR encoded)
// Noted, the vale of kSecAttrApplicationLabel is automatically generated by the Keychain, which is a SHA-1 hash of
// the public key.
const auto& secAttrLabel = creationOptions.rp.id;
+ // id, name, and displayName are required in PublicKeyCredentialUserEntity
+ // https://www.w3.org/TR/webauthn-2/#dictdef-publickeycredentialuserentity
cbor::CBORValue::MapValue userEntityMap;
userEntityMap[cbor::CBORValue(fido::kEntityIdMapKey)] = cbor::CBORValue(creationOptions.user.id);
userEntityMap[cbor::CBORValue(fido::kEntityNameMapKey)] = cbor::CBORValue(creationOptions.user.name);
+ userEntityMap[cbor::CBORValue(fido::kDisplayNameMapKey)] = cbor::CBORValue(creationOptions.user.displayName);
auto userEntity = cbor::CBORWriter::write(cbor::CBORValue(WTFMove(userEntityMap)));
ASSERT(userEntity);
auto secAttrApplicationTag = toNSData(*userEntity);
Modified: trunk/Tools/ChangeLog (286745 => 286746)
--- trunk/Tools/ChangeLog 2021-12-08 23:27:48 UTC (rev 286745)
+++ trunk/Tools/ChangeLog 2021-12-08 23:49:16 UTC (rev 286746)
@@ -1,3 +1,16 @@
+2021-12-08 J Pascoe <j_pas...@apple.com>
+
+ [WebAuthn] Consider support for the displayName for FIDO authenticator
+ https://bugs.webkit.org/show_bug.cgi?id=233389
+ rdar://84938707
+
+ Reviewed by Brent Fulgham.
+
+ Add test for new field stored with platform authenticator: displayName
+
+ * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+ (TestWebKitAPI::TEST):
+
2021-12-08 Truitt Savell <tsav...@apple.com>
Unreviewed, reverting r286596.
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (286745 => 286746)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-08 23:27:48 UTC (rev 286745)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-12-08 23:49:16 UTC (rev 286746)
@@ -2193,6 +2193,26 @@
cleanUpKeychain("example.com");
}
+TEST(WebAuthenticationPanel, GetAllCredentialWithDisplayName)
+{
+ reset();
+
+ // {"id": h'00010203040506070809', "name": "John", "displayName": "Johnny"}
+ ASSERT_TRUE(addKeyToKeychain(testES256PrivateKeyBase64, "example.com", "o2JpZEoAAQIDBAUGBwgJZG5hbWVkSm9obmtkaXNwbGF5TmFtZWZKb2hubnk="));
+
+ auto after = adoptNS([[NSDate alloc] init]);
+
+ auto *credentials = [_WKWebAuthenticationPanel getAllLocalAuthenticatorCredentialsWithAccessGroup:@"com.apple.TestWebKitAPI"];
+ EXPECT_NOT_NULL(credentials);
+ EXPECT_EQ([credentials count], 1lu);
+
+ EXPECT_NOT_NULL([credentials firstObject]);
+ EXPECT_WK_STREQ([credentials firstObject][_WKLocalAuthenticatorCredentialNameKey], "John");
+ EXPECT_WK_STREQ([credentials firstObject][_WKLocalAuthenticatorCredentialDisplayNameKey], "Johnny");
+
+ cleanUpKeychain("example.com");
+}
+
TEST(WebAuthenticationPanel, UpdateCredentialUsername)
{
reset();