Diff
Modified: trunk/Source/WebKit/ChangeLog (246828 => 246829)
--- trunk/Source/WebKit/ChangeLog 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/ChangeLog 2019-06-26 03:11:36 UTC (rev 246829)
@@ -1,3 +1,37 @@
+2019-06-25 Jiewen Tan <jiewen_...@apple.com>
+
+ Implement a new SPI to inform clients about AppSSO
+ https://bugs.webkit.org/show_bug.cgi?id=199085
+ <rdar://problem/50028246>
+
+ Reviewed by Geoffrey Garen.
+
+ This patch implements a new SPI to inform clients about incoming AppSSO interceptions during
+ navigations. Therefore, clients can make an informed decision about whether this is the right
+ moment to do the interception as interceptions often show native UI. Also, the SPI is designed
+ to pass along a human readable name for the extension such that clients can do whatever they
+ want to inform users about what's going on.
+
+ Here is the new SPI:
+ - (void)_webView:(WKWebView *)webView decidePolicyForSOAuthorizationLoadWithCurrentPolicy:(_WKSOAuthorizationLoadPolicy)policy forExtension:(NSString *)extension completionHandler:(void (^)(_WKSOAuthorizationLoadPolicy policy))completionHandler;
+
+ * UIProcess/API/APINavigationClient.h:
+ (API::NavigationClient::decidePolicyForSOAuthorizationLoad):
+ * UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h:
+ * UIProcess/Cocoa/NavigationState.h:
+ * UIProcess/Cocoa/NavigationState.mm:
+ (WebKit::NavigationState::setNavigationDelegate):
+ (WebKit::soAuthorizationLoadPolicy):
+ (WebKit::wkSOAuthorizationLoadPolicy):
+ (WebKit::NavigationState::NavigationClient::decidePolicyForSOAuthorizationLoad):
+ * UIProcess/Cocoa/SOAuthorization/SOAuthorizationLoadPolicy.h: Added.
+ * UIProcess/Cocoa/SOAuthorization/SOAuthorizationSession.mm:
+ (WebKit::SOAuthorizationSession::start):
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::decidePolicyForSOAuthorizationLoad):
+ * UIProcess/WebPageProxy.h:
+ * WebKit.xcodeproj/project.pbxproj:
+
2019-06-25 Simon Fraser <simon.fra...@apple.com>
[iOS WK2 Debug] scrollingcoordinator/scrolling-tree/scroller-with-negative-z-child.html asserts
Modified: trunk/Source/WebKit/UIProcess/API/APINavigationClient.h (246828 => 246829)
--- trunk/Source/WebKit/UIProcess/API/APINavigationClient.h 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/UIProcess/API/APINavigationClient.h 2019-06-26 03:11:36 UTC (rev 246829)
@@ -40,6 +40,10 @@
#include <WebCore/LayoutMilestone.h>
#include <wtf/Forward.h>
+#if HAVE(APP_SSO)
+#include "SOAuthorizationLoadPolicy.h"
+#endif
+
namespace WebCore {
struct ContentRuleListResults;
class ResourceError;
@@ -140,6 +144,13 @@
virtual void didEndNavigationGesture(WebKit::WebPageProxy&, bool willNavigate, WebKit::WebBackForwardListItem&) { }
virtual void didRemoveNavigationGestureSnapshot(WebKit::WebPageProxy&) { }
virtual bool didChangeBackForwardList(WebKit::WebPageProxy&, WebKit::WebBackForwardListItem*, const Vector<Ref<WebKit::WebBackForwardListItem>>&) { return false; }
+
+#if HAVE(APP_SSO)
+ virtual void decidePolicyForSOAuthorizationLoad(WebKit::WebPageProxy&, WebKit::SOAuthorizationLoadPolicy currentSOAuthorizationLoadPolicy, const WTF::String&, CompletionHandler<void(WebKit::SOAuthorizationLoadPolicy)>&& completionHandler)
+ {
+ completionHandler(currentSOAuthorizationLoadPolicy);
+ }
+#endif
};
} // namespace API
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h (246828 => 246829)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h 2019-06-26 03:11:36 UTC (rev 246829)
@@ -54,6 +54,11 @@
_WKProcessTerminationReasonCrash,
} WK_API_AVAILABLE(macos(10.14), ios(12.0));
+typedef NS_ENUM(NSInteger, _WKSOAuthorizationLoadPolicy) {
+ _WKSOAuthorizationLoadPolicyAllow,
+ _WKSOAuthorizationLoadPolicyIgnore,
+} WK_API_AVAILABLE(macos(10.15), ios(13.0));
+
static const WKNavigationActionPolicy _WKNavigationActionPolicyDownload = (WKNavigationActionPolicy)(WKNavigationActionPolicyAllow + 1);
static const WKNavigationActionPolicy WK_API_AVAILABLE(macos(10.11), ios(9.0)) _WKNavigationActionPolicyAllowWithoutTryingAppLink = (WKNavigationActionPolicy)(_WKNavigationActionPolicyDownload + 1);
static const WKNavigationActionPolicy WK_API_AVAILABLE(macos(10.14.4), ios(12.2)) _WKNavigationActionPolicyAllowInNewProcess = (WKNavigationActionPolicy)(_WKNavigationActionPolicyAllowWithoutTryingAppLink + 1);
@@ -111,4 +116,6 @@
- (void)_webView:(WKWebView *)webView backForwardListItemAdded:(WKBackForwardListItem *)itemAdded removed:(NSArray<WKBackForwardListItem *> *)itemsRemoved WK_API_AVAILABLE(macos(10.13.4));
#endif
+- (void)_webView:(WKWebView *)webView decidePolicyForSOAuthorizationLoadWithCurrentPolicy:(_WKSOAuthorizationLoadPolicy)policy forExtension:(NSString *)extension completionHandler:(void (^)(_WKSOAuthorizationLoadPolicy policy))completionHandler WK_API_AVAILABLE(macos(10.15), ios(13.0));
+
@end
Modified: trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.h (246828 => 246829)
--- trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.h 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.h 2019-06-26 03:11:36 UTC (rev 246829)
@@ -139,6 +139,10 @@
void decidePolicyForNavigationAction(WebPageProxy&, Ref<API::NavigationAction>&&, Ref<WebFramePolicyListenerProxy>&&, API::Object* userData) override;
void decidePolicyForNavigationResponse(WebPageProxy&, Ref<API::NavigationResponse>&&, Ref<WebFramePolicyListenerProxy>&&, API::Object* userData) override;
+#if HAVE(APP_SSO)
+ void decidePolicyForSOAuthorizationLoad(WebPageProxy&, SOAuthorizationLoadPolicy, const String&, CompletionHandler<void(SOAuthorizationLoadPolicy)>&&) override;
+#endif
+
NavigationState& m_navigationState;
};
@@ -238,6 +242,10 @@
bool webViewWillGoToBackForwardListItemInPageCache : 1;
bool webViewDecidePolicyForPluginLoadWithCurrentPolicyPluginInfoCompletionHandler : 1;
#endif
+
+#if HAVE(APP_SSO)
+ bool webViewDecidePolicyForSOAuthorizationLoadWithCurrentPolicyForExtensionCompletionHandler : 1;
+#endif
} m_navigationDelegateMethods;
WeakObjCPtr<id <WKHistoryDelegatePrivate> > m_historyDelegate;
Modified: trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.mm (246828 => 246829)
--- trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.mm 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.mm 2019-06-26 03:11:36 UTC (rev 246829)
@@ -196,6 +196,9 @@
m_navigationDelegateMethods.webViewBackForwardListItemAddedRemoved = [delegate respondsToSelector:@selector(_webView:backForwardListItemAdded:removed:)];
m_navigationDelegateMethods.webViewDecidePolicyForPluginLoadWithCurrentPolicyPluginInfoCompletionHandler = [delegate respondsToSelector:@selector(_webView:decidePolicyForPluginLoadWithCurrentPolicy:pluginInfo:completionHandler:)];
#endif
+#if HAVE(APP_SSO)
+ m_navigationDelegateMethods.webViewDecidePolicyForSOAuthorizationLoadWithCurrentPolicyForExtensionCompletionHandler = [delegate respondsToSelector:@selector(_webView:decidePolicyForSOAuthorizationLoadWithCurrentPolicy:forExtension:completionHandler:)];
+#endif
}
RetainPtr<id <WKHistoryDelegatePrivate> > NavigationState::historyDelegate()
@@ -1101,6 +1104,54 @@
}
#endif
+#if HAVE(APP_SSO)
+static SOAuthorizationLoadPolicy soAuthorizationLoadPolicy(_WKSOAuthorizationLoadPolicy policy)
+{
+ switch (policy) {
+ case _WKSOAuthorizationLoadPolicyAllow:
+ return SOAuthorizationLoadPolicy::Allow;
+ case _WKSOAuthorizationLoadPolicyIgnore:
+ return SOAuthorizationLoadPolicy::Ignore;
+ }
+ ASSERT_NOT_REACHED();
+ return SOAuthorizationLoadPolicy::Allow;
+}
+
+static _WKSOAuthorizationLoadPolicy wkSOAuthorizationLoadPolicy(SOAuthorizationLoadPolicy policy)
+{
+ switch (policy) {
+ case SOAuthorizationLoadPolicy::Allow:
+ return _WKSOAuthorizationLoadPolicyAllow;
+ case SOAuthorizationLoadPolicy::Ignore:
+ return _WKSOAuthorizationLoadPolicyIgnore;
+ }
+ ASSERT_NOT_REACHED();
+ return _WKSOAuthorizationLoadPolicyAllow;
+}
+
+void NavigationState::NavigationClient::decidePolicyForSOAuthorizationLoad(WebPageProxy&, SOAuthorizationLoadPolicy currentSOAuthorizationLoadPolicy, const String& extension, CompletionHandler<void(SOAuthorizationLoadPolicy)>&& completionHandler)
+{
+ if (!m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForSOAuthorizationLoadWithCurrentPolicyForExtensionCompletionHandler) {
+ completionHandler(currentSOAuthorizationLoadPolicy);
+ return;
+ }
+
+ auto navigationDelegate = m_navigationState.m_navigationDelegate.get();
+ if (!navigationDelegate) {
+ completionHandler(currentSOAuthorizationLoadPolicy);
+ return;
+ }
+
+ auto checker = CompletionHandlerCallChecker::create(navigationDelegate.get(), @selector(_webView:decidePolicyForSOAuthorizationLoadWithCurrentPolicy:forExtension:completionHandler:));
+ [(id <WKNavigationDelegatePrivate>)navigationDelegate _webView:m_navigationState.m_webView decidePolicyForSOAuthorizationLoadWithCurrentPolicy:wkSOAuthorizationLoadPolicy(currentSOAuthorizationLoadPolicy) forExtension:extension completionHandler:makeBlockPtr([completionHandler = WTFMove(completionHandler), checker = WTFMove(checker)](_WKSOAuthorizationLoadPolicy policy) mutable {
+ if (checker->completionHandlerHasBeenCalled())
+ return;
+ checker->didCallCompletionHandler();
+ completionHandler(soAuthorizationLoadPolicy(policy));
+ }).get()];
+}
+#endif
+
// HistoryDelegatePrivate support
NavigationState::HistoryClient::HistoryClient(NavigationState& navigationState)
Added: trunk/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SOAuthorizationLoadPolicy.h (0 => 246829)
--- trunk/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SOAuthorizationLoadPolicy.h (rev 0)
+++ trunk/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SOAuthorizationLoadPolicy.h 2019-06-26 03:11:36 UTC (rev 246829)
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2019 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if HAVE(APP_SSO)
+
+namespace WebKit {
+
+enum class SOAuthorizationLoadPolicy : uint8_t {
+ Allow,
+ Ignore
+};
+
+} // namespace WebKit
+
+#endif // HAVE(APP_SSO)
Modified: trunk/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SOAuthorizationSession.mm (246828 => 246829)
--- trunk/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SOAuthorizationSession.mm 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SOAuthorizationSession.mm 2019-06-26 03:11:36 UTC (rev 246829)
@@ -32,6 +32,7 @@
#import "APINavigation.h"
#import "APINavigationAction.h"
#import "APIUIClient.h"
+#import "SOAuthorizationLoadPolicy.h"
#import "WKUIDelegate.h"
#import "WebPageProxy.h"
#import "WebSiteDataStore.h"
@@ -102,24 +103,35 @@
{
ASSERT((m_state == State::Idle || m_state == State::Waiting) && m_page && m_navigationAction);
m_state = State::Active;
- if (!m_soAuthorization)
- return;
- // FIXME<rdar://problem/48909336>: Replace the below with AppSSO constants.
- auto initiatorOrigin = emptyString();
- if (m_navigationAction->sourceFrame())
- initiatorOrigin = m_navigationAction->sourceFrame()->securityOrigin().securityOrigin().toString();
- if (m_action == InitiatingAction::SubFrame && m_page->mainFrame())
- initiatorOrigin = WebCore::SecurityOrigin::create(m_page->mainFrame()->url())->toString();
- NSDictionary *authorizationOptions = @{
- SOAuthorizationOptionUserActionInitiated: @(m_navigationAction->isProcessingUserGesture()),
- @"initiatorOrigin": (NSString *)initiatorOrigin,
- @"initiatingAction": @(static_cast<NSInteger>(m_action))
- };
- [m_soAuthorization setAuthorizationOptions:authorizationOptions];
+ m_page->decidePolicyForSOAuthorizationLoad(emptyString(), [this, weakThis = makeWeakPtr(*this)] (SOAuthorizationLoadPolicy policy) {
+ if (!weakThis)
+ return;
- auto *nsRequest = m_navigationAction->request().nsURLRequest(WebCore::HTTPBodyUpdatePolicy::UpdateHTTPBody);
- [m_soAuthorization beginAuthorizationWithURL:nsRequest.URL httpHeaders:nsRequest.allHTTPHeaderFields httpBody:nsRequest.HTTPBody];
+ if (policy == SOAuthorizationLoadPolicy::Ignore) {
+ fallBackToWebPath();
+ return;
+ }
+
+ if (!m_soAuthorization || !m_page || !m_navigationAction)
+ return;
+
+ // FIXME: <rdar://problem/48909336> Replace the below with AppSSO constants.
+ auto initiatorOrigin = emptyString();
+ if (m_navigationAction->sourceFrame())
+ initiatorOrigin = m_navigationAction->sourceFrame()->securityOrigin().securityOrigin().toString();
+ if (m_action == InitiatingAction::SubFrame && m_page->mainFrame())
+ initiatorOrigin = WebCore::SecurityOrigin::create(m_page->mainFrame()->url())->toString();
+ NSDictionary *authorizationOptions = @{
+ SOAuthorizationOptionUserActionInitiated: @(m_navigationAction->isProcessingUserGesture()),
+ @"initiatorOrigin": (NSString *)initiatorOrigin,
+ @"initiatingAction": @(static_cast<NSInteger>(m_action))
+ };
+ [m_soAuthorization setAuthorizationOptions:authorizationOptions];
+
+ auto *nsRequest = m_navigationAction->request().nsURLRequest(WebCore::HTTPBodyUpdatePolicy::UpdateHTTPBody);
+ [m_soAuthorization beginAuthorizationWithURL:nsRequest.URL httpHeaders:nsRequest.allHTTPHeaderFields httpBody:nsRequest.HTTPBody];
+ });
}
void SOAuthorizationSession::fallBackToWebPath()
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (246828 => 246829)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-06-26 03:11:36 UTC (rev 246829)
@@ -9247,6 +9247,13 @@
#endif
}
+#if HAVE(APP_SSO)
+void WebPageProxy::decidePolicyForSOAuthorizationLoad(const String& extension, CompletionHandler<void(SOAuthorizationLoadPolicy)>&& completionHandler)
+{
+ m_navigationClient->decidePolicyForSOAuthorizationLoad(*this, SOAuthorizationLoadPolicy::Allow, extension, WTFMove(completionHandler));
+}
+#endif
+
} // namespace WebKit
#undef MERGE_WHEEL_EVENTS
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.h (246828 => 246829)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.h 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.h 2019-06-26 03:11:36 UTC (rev 246829)
@@ -141,6 +141,10 @@
#include <WebCore/WebMediaSessionManagerClient.h>
#endif
+#if HAVE(APP_SSO)
+#include "SOAuthorizationLoadPolicy.h"
+#endif
+
#if ENABLE(MEDIA_SESSION)
namespace WebCore {
class MediaSessionMetadata;
@@ -1545,6 +1549,7 @@
#if HAVE(APP_SSO)
void setShouldSuppressSOAuthorizationInAllNavigationPolicyDecision() { m_shouldSuppressSOAuthorizationInAllNavigationPolicyDecision = true; }
void setShouldSuppressSOAuthorizationInNextNavigationPolicyDecision() { m_shouldSuppressSOAuthorizationInNextNavigationPolicyDecision = true; }
+ void decidePolicyForSOAuthorizationLoad(const String&, CompletionHandler<void(SOAuthorizationLoadPolicy)>&&);
#endif
Logger& logger();
Modified: trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj (246828 => 246829)
--- trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2019-06-26 03:11:36 UTC (rev 246829)
@@ -1042,6 +1042,7 @@
578DC2982155A0020074E815 /* LocalAuthenticationSoftLink.h in Headers */ = {isa = PBXBuildFile; fileRef = 578DC2972155A0010074E815 /* LocalAuthenticationSoftLink.h */; };
57AC8F50217FEED90055438C /* HidConnection.h in Headers */ = {isa = PBXBuildFile; fileRef = 57AC8F4E217FEED90055438C /* HidConnection.h */; };
57B4B46020B504AC00D4AD79 /* ClientCertificateAuthenticationXPCConstants.h in Headers */ = {isa = PBXBuildFile; fileRef = 57B4B45E20B504AB00D4AD79 /* ClientCertificateAuthenticationXPCConstants.h */; };
+ 57BBEA6D22BC0BFE00273995 /* SOAuthorizationLoadPolicy.h in Headers */ = {isa = PBXBuildFile; fileRef = 57BBEA6C22BC0BFE00273995 /* SOAuthorizationLoadPolicy.h */; };
57DCED6E2142EE5E0016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57DCED6B2142EAE20016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp */; };
57DCED6F2142EE630016B847 /* WebAuthenticatorCoordinatorMessages.h in Headers */ = {isa = PBXBuildFile; fileRef = 57DCED6A2142EAE20016B847 /* WebAuthenticatorCoordinatorMessages.h */; };
57DCED702142EE680016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57DCED6C2142EAF90016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp */; };
@@ -3480,6 +3481,7 @@
57AC8F4F217FEED90055438C /* HidConnection.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = HidConnection.mm; sourceTree = "<group>"; };
57B4B45D20B504AB00D4AD79 /* AuthenticationManagerCocoa.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = AuthenticationManagerCocoa.mm; sourceTree = "<group>"; };
57B4B45E20B504AB00D4AD79 /* ClientCertificateAuthenticationXPCConstants.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ClientCertificateAuthenticationXPCConstants.h; sourceTree = "<group>"; };
+ 57BBEA6C22BC0BFE00273995 /* SOAuthorizationLoadPolicy.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SOAuthorizationLoadPolicy.h; sourceTree = "<group>"; };
57DCED6A2142EAE20016B847 /* WebAuthenticatorCoordinatorMessages.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = WebAuthenticatorCoordinatorMessages.h; path = DerivedSources/WebKit2/WebAuthenticatorCoordinatorMessages.h; sourceTree = BUILT_PRODUCTS_DIR; };
57DCED6B2142EAE20016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = WebAuthenticatorCoordinatorMessageReceiver.cpp; path = DerivedSources/WebKit2/WebAuthenticatorCoordinatorMessageReceiver.cpp; sourceTree = BUILT_PRODUCTS_DIR; };
57DCED6C2142EAF90016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = WebAuthenticatorCoordinatorProxyMessageReceiver.cpp; path = DerivedSources/WebKit2/WebAuthenticatorCoordinatorProxyMessageReceiver.cpp; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -7040,6 +7042,7 @@
57FD317A22B3514A008D0E8B /* RedirectSOAuthorizationSession.mm */,
57FD317222B35148008D0E8B /* SOAuthorizationCoordinator.h */,
57FD317922B35149008D0E8B /* SOAuthorizationCoordinator.mm */,
+ 57BBEA6C22BC0BFE00273995 /* SOAuthorizationLoadPolicy.h */,
57FD317322B35148008D0E8B /* SOAuthorizationNSURLExtras.h */,
57FD317622B35149008D0E8B /* SOAuthorizationNSURLExtras.mm */,
57FD317C22B3514A008D0E8B /* SOAuthorizationSession.h */,
@@ -9636,11 +9639,12 @@
83F9644E1FA0F76E00C47750 /* SharedStringHashTableReadOnly.h in Headers */,
1D67B339212E1F6100FAA786 /* ShareSheetCallbackID.h in Headers */,
7A41E9FB21F81DAD00B88CDB /* ShouldGrandfatherStatistics.h in Headers */,
- 576CA9D722B862180030143C /* SOAuthorizationNSURLExtras.h in Headers */,
995226D6207D184600F78420 /* SimulatedInputDispatcher.h in Headers */,
2DAF06D618BD1A470081CEB1 /* SmartMagnificationController.h in Headers */,
2DE6943E18BD2A68005C15E5 /* SmartMagnificationControllerMessages.h in Headers */,
57FD318322B35162008D0E8B /* SOAuthorizationCoordinator.h in Headers */,
+ 57BBEA6D22BC0BFE00273995 /* SOAuthorizationLoadPolicy.h in Headers */,
+ 576CA9D722B862180030143C /* SOAuthorizationNSURLExtras.h in Headers */,
57FD318522B35169008D0E8B /* SOAuthorizationSession.h in Headers */,
5272B28B1406985D0096A5D0 /* StatisticsData.h in Headers */,
514BDED316C98EDD00E4E25E /* StatisticsRequest.h in Headers */,
Modified: trunk/Tools/ChangeLog (246828 => 246829)
--- trunk/Tools/ChangeLog 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Tools/ChangeLog 2019-06-26 03:11:36 UTC (rev 246829)
@@ -1,3 +1,17 @@
+2019-06-25 Jiewen Tan <jiewen_...@apple.com>
+
+ Implement a new SPI to inform clients about AppSSO
+ https://bugs.webkit.org/show_bug.cgi?id=199085
+ <rdar://problem/50028246>
+
+ Reviewed by Geoffrey Garen.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm:
+ (-[TestSOAuthorizationBasicDelegate webView:didFinishNavigation:]):
+ (-[TestSOAuthorizationNavigationDelegate init]):
+ (-[TestSOAuthorizationNavigationDelegate _webView:decidePolicyForSOAuthorizationLoadWithCurrentPolicy:forExtension:completionHandler:]):
+ (TestWebKitAPI::TEST):
+
2019-06-25 Aakash Jain <aakash_j...@apple.com>
[ews-build] Retry Layout test in case of failures
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm (246828 => 246829)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm 2019-06-26 02:59:02 UTC (rev 246828)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm 2019-06-26 03:11:36 UTC (rev 246829)
@@ -120,9 +120,25 @@
"</script>"
"</html>";
+@interface TestSOAuthorizationBasicDelegate : NSObject <WKNavigationDelegate>
+@end
+
+@implementation TestSOAuthorizationBasicDelegate
+
+- (void)webView:(WKWebView *)webView didFinishNavigation:(WKNavigation *)navigation
+{
+ EXPECT_FALSE(navigationCompleted);
+ navigationCompleted = true;
+ finalURL = navigation._request.URL.absoluteString;
+}
+
+@end
+
@interface TestSOAuthorizationNavigationDelegate : NSObject <WKNavigationDelegate, WKUIDelegate>
@property bool isDefaultPolicy;
@property bool shouldOpenExternalSchemes;
+@property bool allowSOAuthorizationLoad;
+@property bool isAsyncExecution;
- (instancetype)init;
@end
@@ -133,6 +149,8 @@
if (self = [super init]) {
self.isDefaultPolicy = true;
self.shouldOpenExternalSchemes = false;
+ self.allowSOAuthorizationLoad = true;
+ self.isAsyncExecution = false;
}
return self;
}
@@ -163,6 +181,27 @@
return gNewWindow.get();
}
+- (void)_webView:(WKWebView *)webView decidePolicyForSOAuthorizationLoadWithCurrentPolicy:(_WKSOAuthorizationLoadPolicy)policy forExtension:(NSString *)extension completionHandler:(void (^)(_WKSOAuthorizationLoadPolicy policy))completionHandler
+{
+ EXPECT_EQ(policy, _WKSOAuthorizationLoadPolicyAllow);
+ EXPECT_TRUE([extension isEqual:@""]);
+ if (!self.isAsyncExecution) {
+ if (self.allowSOAuthorizationLoad)
+ completionHandler(policy);
+ else
+ completionHandler(_WKSOAuthorizationLoadPolicyIgnore);
+ return;
+ }
+
+ auto allowSOAuthorizationLoad = self.allowSOAuthorizationLoad;
+ dispatch_async(dispatch_get_main_queue(), ^() {
+ if (allowSOAuthorizationLoad)
+ completionHandler(_WKSOAuthorizationLoadPolicyAllow);
+ else
+ completionHandler(_WKSOAuthorizationLoadPolicyIgnore);
+ });
+}
+
@end
#if PLATFORM(MAC)
@@ -416,8 +455,8 @@
RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"simple" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
- auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
- configureSOAuthorizationWebView(webView.get(), delegate.get(), OpenExternalSchemesPolicy::Allow);
+ auto delegate = adoptNS([[TestSOAuthorizationBasicDelegate alloc] init]);
+ [webView setNavigationDelegate:delegate.get()];
[webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
Util::run(&authorizationPerformed);
@@ -443,8 +482,8 @@
InstanceMethodSwizzler swizzler3(PAL::getSOAuthorizationClass(), @selector(beginAuthorizationWithURL:httpHeaders:httpBody:), reinterpret_cast<IMP>(overrideBeginAuthorizationWithURL));
auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
- auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
- configureSOAuthorizationWebView(webView.get(), delegate.get(), OpenExternalSchemesPolicy::Allow);
+ auto delegate = adoptNS([[TestSOAuthorizationBasicDelegate alloc] init]);
+ [webView setNavigationDelegate:delegate.get()];
// Force App Links with a request.URL that has a different host than the current one (empty host) and ShouldOpenExternalURLsPolicy::ShouldAllow.
auto testURL = URL(URL(), "https://www.example.com");
@@ -957,6 +996,72 @@
[gDelegate authorization:gAuthorization didCompleteWithHTTPResponse:response.get() httpBody:adoptNS([[NSData alloc] init]).get()];
}
+TEST(SOAuthorizationRedirect, SOAuthorizationLoadPolicyIgnore)
+{
+ resetState();
+ ClassMethodSwizzler swizzler(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+
+ RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"simple" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get(), OpenExternalSchemesPolicy::Allow);
+ [delegate setAllowSOAuthorizationLoad:false];
+
+ [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
+ Util::run(&navigationCompleted);
+
+ EXPECT_WK_STREQ(testURL.get().absoluteString, finalURL);
+}
+
+TEST(SOAuthorizationRedirect, SOAuthorizationLoadPolicyAllowAsync)
+{
+ resetState();
+ ClassMethodSwizzler swizzler1(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+ InstanceMethodSwizzler swizzler2(PAL::getSOAuthorizationClass(), @selector(setDelegate:), reinterpret_cast<IMP>(overrideSetDelegate));
+ InstanceMethodSwizzler swizzler3(PAL::getSOAuthorizationClass(), @selector(beginAuthorizationWithURL:httpHeaders:httpBody:), reinterpret_cast<IMP>(overrideBeginAuthorizationWithURL));
+
+ RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"simple" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get(), OpenExternalSchemesPolicy::Allow);
+
+ [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
+ Util::run(&authorizationPerformed);
+ checkAuthorizationOptions(false, "", 0);
+
+ RetainPtr<NSURL> redirectURL = [[NSBundle mainBundle] URLForResource:@"simple2" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
+ auto response = adoptNS([[NSHTTPURLResponse alloc] initWithURL:testURL.get() statusCode:302 HTTPVersion:@"HTTP/1.1" headerFields:@{ @"Location" : [redirectURL absoluteString] }]);
+ [gDelegate authorization:gAuthorization didCompleteWithHTTPResponse:response.get() httpBody:adoptNS([[NSData alloc] init]).get()];
+ Util::run(&navigationCompleted);
+#if PLATFORM(IOS)
+ navigationCompleted = false;
+ Util::run(&navigationCompleted);
+#endif
+ EXPECT_WK_STREQ(redirectURL.get().absoluteString, finalURL);
+}
+
+TEST(SOAuthorizationRedirect, SOAuthorizationLoadPolicyIgnoreAsync)
+{
+ resetState();
+ ClassMethodSwizzler swizzler(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+
+ RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"simple" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get(), OpenExternalSchemesPolicy::Allow);
+ [delegate setAllowSOAuthorizationLoad:false];
+ [delegate setIsAsyncExecution:true];
+
+ [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
+ Util::run(&navigationCompleted);
+
+ EXPECT_WK_STREQ(testURL.get().absoluteString, finalURL);
+}
+
+
// FIXME(175204): Enable the iOS tests once the bug is fixed.
#if PLATFORM(MAC)
TEST(SOAuthorizationRedirect, InterceptionSucceedWithUI)
@@ -1654,6 +1759,95 @@
checkAuthorizationOptions(true, "http://www.webkit.org", 1);
}
+TEST(SOAuthorizationPopUp, SOAuthorizationLoadPolicyIgnore)
+{
+ resetState();
+ ClassMethodSwizzler swizzler(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+
+ auto testURL = URL(URL(), "http://www.example.com");
+ auto testHtml = generateHtml(openerTemplate, testURL.string());
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get());
+ [delegate setAllowSOAuthorizationLoad:false];
+
+ [webView loadHTMLString:testHtml baseURL:(NSURL *)URL(URL(), "http://www.webkit.org")];
+ Util::run(&navigationCompleted);
+
+#if PLATFORM(MAC)
+ [webView sendClicksAtPoint:NSMakePoint(200, 200) numberOfClicks:1];
+#elif PLATFORM(IOS)
+ [webView evaluateJavaScript: @"clickMe()" completionHandler:nil];
+#endif
+ Util::run(&newWindowCreated);
+ EXPECT_FALSE(authorizationPerformed);
+}
+
+TEST(SOAuthorizationPopUp, SOAuthorizationLoadPolicyAllowAsync)
+{
+ resetState();
+ ClassMethodSwizzler swizzler1(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+ InstanceMethodSwizzler swizzler2(PAL::getSOAuthorizationClass(), @selector(setDelegate:), reinterpret_cast<IMP>(overrideSetDelegate));
+ InstanceMethodSwizzler swizzler3(PAL::getSOAuthorizationClass(), @selector(beginAuthorizationWithURL:httpHeaders:httpBody:), reinterpret_cast<IMP>(overrideBeginAuthorizationWithURL));
+
+ RetainPtr<NSURL> baseURL = [[NSBundle mainBundle] URLForResource:@"simple2" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
+ auto testURL = URL(URL(), "http://www.example.com");
+ auto testHtml = generateHtml(openerTemplate, testURL.string());
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 400, 400)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get());
+ [delegate setIsAsyncExecution:true];
+
+ [webView loadHTMLString:testHtml baseURL:baseURL.get()];
+ Util::run(&navigationCompleted);
+
+#if PLATFORM(MAC)
+ [webView sendClicksAtPoint:NSMakePoint(200, 200) numberOfClicks:1];
+#elif PLATFORM(IOS)
+ [webView evaluateJavaScript: @"clickMe()" completionHandler:nil];
+#endif
+ Util::run(&authorizationPerformed);
+ checkAuthorizationOptions(true, "file://", 1);
+
+ auto response = adoptNS([[NSHTTPURLResponse alloc] initWithURL:testURL statusCode:200 HTTPVersion:@"HTTP/1.1" headerFields:nil]);
+ auto resonseHtmlCString = generateHtml(newWindowResponseTemplate, "window.close();").utf8(); // The pop up closes itself.
+ // The secret WKWebView needs to be destroyed right the way.
+ @autoreleasepool {
+ [gDelegate authorization:gAuthorization didCompleteWithHTTPResponse:response.get() httpBody:adoptNS([[NSData alloc] initWithBytes:resonseHtmlCString.data() length:resonseHtmlCString.length()]).get()];
+ }
+ [webView waitForMessage:@"Hello."];
+ [webView waitForMessage:@"WindowClosed."];
+}
+
+
+TEST(SOAuthorizationPopUp, SOAuthorizationLoadPolicyIgnoreAsync)
+{
+ resetState();
+ ClassMethodSwizzler swizzler(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+
+ auto testURL = URL(URL(), "http://www.example.com");
+ auto testHtml = generateHtml(openerTemplate, testURL.string());
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get());
+ [delegate setAllowSOAuthorizationLoad:false];
+ [delegate setIsAsyncExecution:true];
+
+ [webView loadHTMLString:testHtml baseURL:(NSURL *)URL(URL(), "http://www.webkit.org")];
+ Util::run(&navigationCompleted);
+
+#if PLATFORM(MAC)
+ [webView sendClicksAtPoint:NSMakePoint(200, 200) numberOfClicks:1];
+#elif PLATFORM(IOS)
+ [webView evaluateJavaScript: @"clickMe()" completionHandler:nil];
+#endif
+ Util::run(&newWindowCreated);
+ EXPECT_FALSE(authorizationPerformed);
+}
+
TEST(SOAuthorizationSubFrame, NoInterceptions)
{
resetState();
@@ -1861,6 +2055,75 @@
checkAuthorizationOptions(false, "http://www.apple.com", 2);
}
+TEST(SOAuthorizationSubFrame, SOAuthorizationLoadPolicyIgnore)
+{
+ resetState();
+ ClassMethodSwizzler swizzler(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+
+ auto testURL = URL(URL(), "http://www.example.com");
+ auto testHtml = generateHtml(parentTemplate, testURL.string());
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get());
+ [delegate setAllowSOAuthorizationLoad:false];
+
+ [webView loadHTMLString:testHtml baseURL:(NSURL *)URL(URL(), "http://www.apple.com")];
+ // Try to wait until the iframe load is finished.
+ Util::sleep(0.5);
+ // Make sure we don't intercept the iframe.
+ EXPECT_FALSE(authorizationPerformed);
+}
+
+TEST(SOAuthorizationSubFrame, SOAuthorizationLoadPolicyAllowAsync)
+{
+ resetState();
+ ClassMethodSwizzler swizzler1(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+ InstanceMethodSwizzler swizzler2(PAL::getSOAuthorizationClass(), @selector(setDelegate:), reinterpret_cast<IMP>(overrideSetDelegate));
+ InstanceMethodSwizzler swizzler3(PAL::getSOAuthorizationClass(), @selector(beginAuthorizationWithURL:httpHeaders:httpBody:), reinterpret_cast<IMP>(overrideBeginAuthorizationWithURL));
+ ClassMethodSwizzler swizzler4([AKAuthorizationController class], @selector(isURLFromAppleOwnedDomain:), reinterpret_cast<IMP>(overrideIsURLFromAppleOwnedDomain));
+
+ auto testURL = URL(URL(), "http://www.example.com");
+ auto testHtml = generateHtml(parentTemplate, testURL.string());
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get());
+ [delegate setIsAsyncExecution:true];
+
+ [webView loadHTMLString:testHtml baseURL:nil];
+ [webView waitForMessage:@"http://www.example.com"];
+ [webView waitForMessage:@"SOAuthorizationDidStart"];
+ checkAuthorizationOptions(false, "null", 2);
+
+ auto response = adoptNS([[NSHTTPURLResponse alloc] initWithURL:testURL statusCode:200 HTTPVersion:@"HTTP/1.1" headerFields:nil]);
+ auto iframeHtmlCString = generateHtml(iframeTemplate, "").utf8();
+ [gDelegate authorization:gAuthorization didCompleteWithHTTPResponse:response.get() httpBody:adoptNS([[NSData alloc] initWithBytes:iframeHtmlCString.data() length:iframeHtmlCString.length()]).get()];
+ [webView waitForMessage:@"http://www.example.com"];
+ [webView waitForMessage:@"Hello."];
+}
+
+TEST(SOAuthorizationSubFrame, SOAuthorizationLoadPolicyIgnoreAsync)
+{
+ resetState();
+ ClassMethodSwizzler swizzler(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL));
+
+ auto testURL = URL(URL(), "http://www.example.com");
+ auto testHtml = generateHtml(parentTemplate, testURL.string());
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]);
+ auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]);
+ configureSOAuthorizationWebView(webView.get(), delegate.get());
+ [delegate setAllowSOAuthorizationLoad:false];
+ [delegate setIsAsyncExecution:true];
+
+ [webView loadHTMLString:testHtml baseURL:(NSURL *)URL(URL(), "http://www.apple.com")];
+ // Try to wait until the iframe load is finished.
+ Util::sleep(0.5);
+ // Make sure we don't intercept the iframe.
+ EXPECT_FALSE(authorizationPerformed);
+}
+
} // namespace TestWebKitAPI
#endif