Title: [285763] trunk/Source/WebKit
- Revision
- 285763
- Author
- commit-qu...@webkit.org
- Date
- 2021-11-12 16:55:20 -0800 (Fri, 12 Nov 2021)
Log Message
_WKWebAuthenticationPanel should expose a way to encode CTAP commands
https://bugs.webkit.org/show_bug.cgi?id=232977
<rdar://85279329>
Patch by Garrett Davidson <davidson.garre...@gmail.com> on 2021-11-12
Reviewed by David Kilzer.
Expose the existing CTAP command encoding through _WKWebAuthenticationPanel.
Covered by existing tests.
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(coreUserVerificationAvailability):
(+[_WKWebAuthenticationPanel getClientDataJSONForAuthenticationType:challenge:origin:])
(+[_WKWebAuthenticationPanel encodeMakeCredentialCommandWithClientDataJSON:options:userVerificationAvailability:]):
(+[_WKWebAuthenticationPanel encodeGetAssertionCommandWithClientDataJSON:options:userVerificationAvailability:]):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (285762 => 285763)
--- trunk/Source/WebKit/ChangeLog 2021-11-13 00:11:43 UTC (rev 285762)
+++ trunk/Source/WebKit/ChangeLog 2021-11-13 00:55:20 UTC (rev 285763)
@@ -1,3 +1,22 @@
+2021-11-12 Garrett Davidson <davidson.garre...@gmail.com>
+
+ _WKWebAuthenticationPanel should expose a way to encode CTAP commands
+ https://bugs.webkit.org/show_bug.cgi?id=232977
+ <rdar://85279329>
+
+ Reviewed by David Kilzer.
+
+ Expose the existing CTAP command encoding through _WKWebAuthenticationPanel.
+
+ Covered by existing tests.
+
+ * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+ * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+ (coreUserVerificationAvailability):
+ (+[_WKWebAuthenticationPanel getClientDataJSONForAuthenticationType:challenge:origin:])
+ (+[_WKWebAuthenticationPanel encodeMakeCredentialCommandWithClientDataJSON:options:userVerificationAvailability:]):
+ (+[_WKWebAuthenticationPanel encodeGetAssertionCommandWithClientDataJSON:options:userVerificationAvailability:]):
+
2021-11-12 Per Arne Vollan <pvol...@apple.com>
[iOS][GPUP] Allow access to syscalls
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (285762 => 285763)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-11-13 00:11:43 UTC (rev 285762)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h 2021-11-13 00:55:20 UTC (rev 285763)
@@ -80,6 +80,12 @@
_WKWebAuthenticationSourceExternal,
} WK_API_AVAILABLE(macos(11.0), ios(14.0));
+typedef NS_ENUM(NSInteger, _WKWebAuthenticationUserVerificationAvailability) {
+ _WKWebAuthenticationUserVerificationAvailabilitySupportedAndConfigured,
+ _WKWebAuthenticationUserVerificationAvailabilitySupportedButNotConfigured,
+ _WKWebAuthenticationUserVerificationAvailabilityNotSupported,
+} WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialNameKey;
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialIDKey;
WK_EXPORT extern NSString * const _WKLocalAuthenticatorCredentialRelyingPartyIDKey;
@@ -112,6 +118,10 @@
+ (BOOL)isUserVerifyingPlatformAuthenticatorAvailable WK_API_AVAILABLE(macos(12.0), ios(15.0));
++ (NSData *)getClientDataJSONForAuthenticationType:(_WKWebAuthenticationType)type challenge:(NSData *)challenge origin:(NSString *)origin WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (NSData *)encodeMakeCredentialCommandWithClientDataJSON:(NSData *)clientDataJSON options:(_WKPublicKeyCredentialCreationOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (NSData *)encodeGetAssertionCommandWithClientDataJSON:(NSData *)clientDataJSON options:(_WKPublicKeyCredentialRequestOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+
- (instancetype)init;
// FIXME: <rdar://problem/71509485> Adds detailed NSError.
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (285762 => 285763)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-11-13 00:11:43 UTC (rev 285762)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-11-13 00:55:20 UTC (rev 285763)
@@ -48,6 +48,7 @@
#import <WebCore/BufferSource.h>
#import <WebCore/CBORReader.h>
#import <WebCore/CBORWriter.h>
+#import <WebCore/DeviceRequestConverter.h>
#import <WebCore/FidoConstants.h>
#import <WebCore/MockWebAuthenticationConfiguration.h>
#import <WebCore/PublicKeyCredentialCreationOptions.h>
@@ -194,6 +195,21 @@
}
}
+static fido::AuthenticatorSupportedOptions::UserVerificationAvailability coreUserVerificationAvailability(_WKWebAuthenticationUserVerificationAvailability wkAvailability)
+{
+ switch (wkAvailability) {
+ case _WKWebAuthenticationUserVerificationAvailabilitySupportedAndConfigured:
+ return fido::AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedAndConfigured;
+ case _WKWebAuthenticationUserVerificationAvailabilitySupportedButNotConfigured:
+ return fido::AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedButNotConfigured;
+ case _WKWebAuthenticationUserVerificationAvailabilityNotSupported:
+ return fido::AuthenticatorSupportedOptions::UserVerificationAvailability::kNotSupported;
+ }
+
+ ASSERT_NOT_REACHED();
+ return fido::AuthenticatorSupportedOptions::UserVerificationAvailability::kNotSupported;
+}
+
- (_WKWebAuthenticationType)type
{
return wkWebAuthenticationType(_panel->clientDataType());
@@ -623,6 +639,43 @@
#endif
}
++ (NSData *)getClientDataJSONForAuthenticationType:(_WKWebAuthenticationType)type challenge:(NSData *)challenge origin:(NSString *)origin
+{
+ RetainPtr<NSData> clientDataJSON;
+
+#if ENABLE(WEB_AUTHN)
+ clientDataJSON = produceClientDataJson(type, challenge, origin);
+#endif
+
+ return clientDataJSON.autorelease();
+}
+
++ (NSData *)encodeMakeCredentialCommandWithClientDataJSON:(NSData *)clientDataJSON options:(_WKPublicKeyCredentialCreationOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability
+{
+ RetainPtr<NSData> encodedCommand;
+#if ENABLE(WEB_AUTHN)
+ auto hash = produceClientDataJsonHash(clientDataJSON);
+
+ auto encodedVector = fido::encodeMakeCredenitalRequestAsCBOR(hash, [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], coreUserVerificationAvailability(userVerificationAvailability), std::nullopt);
+ encodedCommand = adoptNS([[NSData alloc] initWithBytes:encodedVector.data() length:encodedVector.size()]);
+#endif
+
+ return encodedCommand.autorelease();
+}
+
++ (NSData *)encodeGetAssertionCommandWithClientDataJSON:(NSData *)clientDataJSON options:(_WKPublicKeyCredentialRequestOptions *)options userVerificationAvailability:(_WKWebAuthenticationUserVerificationAvailability)userVerificationAvailability
+{
+ RetainPtr<NSData> encodedCommand;
+#if ENABLE(WEB_AUTHN)
+ auto hash = produceClientDataJsonHash(clientDataJSON);
+
+ auto encodedVector = fido::encodeGetAssertionRequestAsCBOR(hash, [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options], coreUserVerificationAvailability(userVerificationAvailability), std::nullopt);
+ encodedCommand = adoptNS([[NSData alloc] initWithBytes:encodedVector.data() length:encodedVector.size()]);
+#endif
+
+ return encodedCommand.autorelease();
+}
+
- (void)setMockConfiguration:(NSDictionary *)configuration
{
#if ENABLE(WEB_AUTHN)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
