Diff
Modified: trunk/Source/WebCore/ChangeLog (290183 => 290184)
--- trunk/Source/WebCore/ChangeLog 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/ChangeLog 2022-02-19 00:28:13 UTC (rev 290184)
@@ -1,3 +1,29 @@
+2022-02-18 J Pascoe <j_pas...@apple.com>
+
+ [WebAuthn] Support for conditional mediation
+ https://bugs.webkit.org/show_bug.cgi?id=236820
+ rdar://84821947
+
+ Reviewed by Brent Fulgham and Chris Dumez.
+
+ This patch adds support for conditional mediation, as defined in the
+ credentials management spec: https://w3c.github.io/webappsec-credential-management/#dom-credentialmediationrequirement-conditional
+
+ * Modules/credentialmanagement/BasicCredential.cpp:
+ (WebCore::BasicCredential::isConditionalMediationAvailable):
+ * Modules/credentialmanagement/BasicCredential.h:
+ * Modules/credentialmanagement/BasicCredential.idl:
+ * Modules/credentialmanagement/CredentialRequestOptions.h:
+ * Modules/credentialmanagement/CredentialRequestOptions.idl:
+ * Modules/credentialmanagement/CredentialsContainer.cpp:
+ (WebCore::CredentialsContainer::get):
+ * Modules/webauthn/AuthenticatorCoordinator.cpp:
+ (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const):
+ (WebCore::AuthenticatorCoordinator::isConditionalMediationAvailable const):
+ * Modules/webauthn/AuthenticatorCoordinator.h:
+ * Modules/webauthn/AuthenticatorCoordinatorClient.h:
+ * WebCore.xcodeproj/project.pbxproj:
+
2022-02-18 Robert Jenner <jen...@apple.com>
Unreviewed, reverting r290149.
Modified: trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp (290183 => 290184)
--- trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp 2022-02-19 00:28:13 UTC (rev 290184)
@@ -26,6 +26,8 @@
#include "config.h"
#include "BasicCredential.h"
+#include "AuthenticatorCoordinator.h"
+
#if ENABLE(WEB_AUTHN)
namespace WebCore {
@@ -50,6 +52,14 @@
return emptyString();
}
+void BasicCredential::isConditionalMediationAvailable(Document& document, DOMPromiseDeferred<IDLBoolean>&& promise)
+{
+ if (auto* page = document.page())
+ page->authenticatorCoordinator().isConditionalMediationAvailable(WTFMove(promise));
+ else
+ promise.reject(Exception { InvalidStateError });
+}
+
} // namespace WebCore
#endif // ENABLE(WEB_AUTHN)
Modified: trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.h (290183 => 290184)
--- trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -53,6 +53,8 @@
String type() const;
Discovery discovery() const { return m_discovery; }
+ static void isConditionalMediationAvailable(Document&, DOMPromiseDeferred<IDLBoolean>&&);
+
private:
String m_id;
Type m_type;
Modified: trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.idl (290183 => 290184)
--- trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.idl 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/credentialmanagement/BasicCredential.idl 2022-02-19 00:28:13 UTC (rev 290184)
@@ -33,4 +33,6 @@
] interface BasicCredential {
readonly attribute USVString id;
readonly attribute DOMString type;
+
+ [CallWith=CurrentDocument] static Promise<boolean> isConditionalMediationAvailable();
};
Modified: trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h (290183 => 290184)
--- trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -35,8 +35,10 @@
class AbortSignal;
+enum class MediationRequirement : uint8_t { Silent, Optional, Required, Conditional };
+
struct CredentialRequestOptions {
- enum class MediationRequirement { Silent, Optional, Required };
+ using MediationRequirement = MediationRequirement;
MediationRequirement mediation;
RefPtr<AbortSignal> signal;
@@ -45,4 +47,19 @@
} // namespace WebCore
+namespace WTF {
+
+template<> struct EnumTraits<WebCore::CredentialRequestOptions::MediationRequirement> {
+ using values = EnumValues<
+ WebCore::CredentialRequestOptions::MediationRequirement,
+ WebCore::CredentialRequestOptions::MediationRequirement::Silent,
+ WebCore::CredentialRequestOptions::MediationRequirement::Optional,
+ WebCore::CredentialRequestOptions::MediationRequirement::Required,
+ WebCore::CredentialRequestOptions::MediationRequirement::Conditional
+ >;
+};
+
+} // namespace WTF
+
+
#endif // ENABLE(WEB_AUTHN)
Modified: trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.idl (290183 => 290184)
--- trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.idl 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.idl 2022-02-19 00:28:13 UTC (rev 290184)
@@ -29,7 +29,8 @@
] enum CredentialMediationRequirement {
"silent",
"optional",
- "required"
+ "required",
+ "conditional"
};
[
Modified: trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp (290183 => 290184)
--- trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp 2022-02-19 00:28:13 UTC (rev 290184)
@@ -98,7 +98,7 @@
return;
}
- m_document->page()->authenticatorCoordinator().discoverFromExternalSource(*m_document, options.publicKey.value(), scope(), WTFMove(options.signal), WTFMove(promise));
+ m_document->page()->authenticatorCoordinator().discoverFromExternalSource(*m_document, WTFMove(options), scope(), WTFMove(promise));
}
void CredentialsContainer::store(const BasicCredential&, CredentialPromise&& promise)
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp (290183 => 290184)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2022-02-19 00:28:13 UTC (rev 290184)
@@ -36,6 +36,7 @@
#include "Document.h"
#include "FeaturePolicy.h"
#include "JSBasicCredential.h"
+#include "JSCredentialRequestOptions.h"
#include "JSDOMPromiseDeferred.h"
#include "PublicKeyCredential.h"
#include "PublicKeyCredentialCreationOptions.h"
@@ -176,12 +177,13 @@
m_client->makeCredential(*frame, callerOrigin, clientDataJsonHash, options, WTFMove(callback));
}
-void AuthenticatorCoordinator::discoverFromExternalSource(const Document& document, const PublicKeyCredentialRequestOptions& options, WebAuthn::Scope scope, RefPtr<AbortSignal>&& abortSignal, CredentialPromise&& promise) const
+void AuthenticatorCoordinator::discoverFromExternalSource(const Document& document, CredentialRequestOptions&& requestOptions, WebAuthn::Scope scope, CredentialPromise&& promise) const
{
using namespace AuthenticatorCoordinatorInternal;
auto& callerOrigin = document.securityOrigin();
auto* frame = document.frame();
+ const auto& options = requestOptions.publicKey.value();
ASSERT(frame);
// The following implements https://www.w3.org/TR/webauthn/#createCredential as of 5 December 2017.
// Step 1, 3, 13 are handled by the caller.
@@ -230,7 +232,7 @@
return;
}
- auto callback = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), abortSignal = WTFMove(abortSignal)] (AuthenticatorResponseData&& data, AuthenticatorAttachment attachment, ExceptionData&& exception) mutable {
+ auto callback = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), abortSignal = WTFMove(requestOptions.signal)] (AuthenticatorResponseData&& data, AuthenticatorAttachment attachment, ExceptionData&& exception) mutable {
if (abortSignal && abortSignal->aborted()) {
promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s });
return;
@@ -245,7 +247,7 @@
promise.reject(exception.toException());
};
// Async operations are dispatched and handled in the messenger.
- m_client->getAssertion(*frame, callerOrigin, clientDataJsonHash, options, WTFMove(callback));
+ m_client->getAssertion(*frame, callerOrigin, clientDataJsonHash, options, requestOptions.mediation, WTFMove(callback));
}
void AuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&& promise) const
@@ -266,6 +268,21 @@
m_client->isUserVerifyingPlatformAuthenticatorAvailable(WTFMove(completionHandler));
}
+
+void AuthenticatorCoordinator::isConditionalMediationAvailable(DOMPromiseDeferred<IDLBoolean>&& promise) const
+{
+ if (!m_client) {
+ promise.reject(Exception { UnknownError, "Unknown internal error."_s });
+ return;
+ }
+
+ auto completionHandler = [promise = WTFMove(promise)] (bool result) mutable {
+ promise.resolve(result);
+ };
+ // Async operations are dispatched and handled in the messenger.
+ m_client->isConditionalMediationAvailable(WTFMove(completionHandler));
+}
+
void AuthenticatorCoordinator::resetUserGestureRequirement()
{
m_client->resetUserGestureRequirement();
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h (290183 => 290184)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -44,6 +44,7 @@
struct PublicKeyCredentialCreationOptions;
struct PublicKeyCredentialRequestOptions;
+struct CredentialRequestOptions;
template<typename IDLType> class DOMPromiseDeferred;
@@ -58,8 +59,9 @@
// The following methods implement static methods of PublicKeyCredential.
void create(const Document&, const PublicKeyCredentialCreationOptions&, WebAuthn::Scope, RefPtr<AbortSignal>&&, CredentialPromise&&) const;
- void discoverFromExternalSource(const Document&, const PublicKeyCredentialRequestOptions&, WebAuthn::Scope, RefPtr<AbortSignal>&&, CredentialPromise&&) const;
+ void discoverFromExternalSource(const Document&, CredentialRequestOptions&&, WebAuthn::Scope, CredentialPromise&&) const;
void isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&&) const;
+ void isConditionalMediationAvailable(DOMPromiseDeferred<IDLBoolean>&&) const;
void resetUserGestureRequirement();
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h (290183 => 290184)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -38,6 +38,7 @@
class SecurityOrigin;
enum class AuthenticatorAttachment;
+enum class MediationRequirement : uint8_t;
struct AuthenticatorResponseData;
struct PublicKeyCredentialCreationOptions;
@@ -46,7 +47,7 @@
using RequestCompletionHandler = CompletionHandler<void(WebCore::AuthenticatorResponseData&&, WebCore::AuthenticatorAttachment, WebCore::ExceptionData&&)>;
using QueryCompletionHandler = CompletionHandler<void(bool)>;
-class WEBCORE_EXPORT AuthenticatorCoordinatorClient : public CanMakeWeakPtr<AuthenticatorCoordinatorClient> {
+class AuthenticatorCoordinatorClient : public CanMakeWeakPtr<AuthenticatorCoordinatorClient> {
WTF_MAKE_FAST_ALLOCATED;
WTF_MAKE_NONCOPYABLE(AuthenticatorCoordinatorClient);
public:
@@ -53,9 +54,10 @@
AuthenticatorCoordinatorClient() = default;
virtual ~AuthenticatorCoordinatorClient() = default;
- virtual void makeCredential(const Frame&, const SecurityOrigin&, const Vector<uint8_t>&, const PublicKeyCredentialCreationOptions&, RequestCompletionHandler&&) { };
- virtual void getAssertion(const Frame&, const SecurityOrigin&, const Vector<uint8_t>&, const PublicKeyCredentialRequestOptions&, RequestCompletionHandler&&) { };
- virtual void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&) { };
+ virtual void makeCredential(const Frame&, const SecurityOrigin&, const Vector<uint8_t>&, const PublicKeyCredentialCreationOptions&, RequestCompletionHandler&&) = 0;
+ virtual void getAssertion(const Frame&, const SecurityOrigin&, const Vector<uint8_t>&, const PublicKeyCredentialRequestOptions&, MediationRequirement, RequestCompletionHandler&&) = 0;
+ virtual void isConditionalMediationAvailable(QueryCompletionHandler&&) = 0;
+ virtual void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&) = 0;
virtual void resetUserGestureRequirement() { }
};
Modified: trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj (290183 => 290184)
--- trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2022-02-19 00:28:13 UTC (rev 290184)
@@ -2374,7 +2374,7 @@
77A17AA712F28B2A004E02F6 /* JSOESVertexArrayObject.h in Headers */ = {isa = PBXBuildFile; fileRef = 77A17AA312F28B2A004E02F6 /* JSOESVertexArrayObject.h */; };
77D510041ED4F71E00DA4C87 /* JSCredentialRequestOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 77D50FFF1ED4F70C00DA4C87 /* JSCredentialRequestOptions.h */; };
77D510061ED4F72500DA4C87 /* JSCredentialCreationOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 77D50FFD1ED4F70C00DA4C87 /* JSCredentialCreationOptions.h */; };
- 77D5100B1ED5E28800DA4C87 /* CredentialRequestOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 77D50FFB1ED4F16C00DA4C87 /* CredentialRequestOptions.h */; };
+ 77D5100B1ED5E28800DA4C87 /* CredentialRequestOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 77D50FFB1ED4F16C00DA4C87 /* CredentialRequestOptions.h */; settings = {ATTRIBUTES = (Private, ); }; };
77D5100D1ED5E29500DA4C87 /* CredentialCreationOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 77AAD6851ECFBD3900BFA2D1 /* CredentialCreationOptions.h */; };
77D510171ED6022200DA4C87 /* CredentialsContainer.h in Headers */ = {isa = PBXBuildFile; fileRef = 77D510161ED6021B00DA4C87 /* CredentialsContainer.h */; };
77D5101C1ED722BF00DA4C87 /* JSCredentialsContainer.h in Headers */ = {isa = PBXBuildFile; fileRef = 77D5101B1ED722B500DA4C87 /* JSCredentialsContainer.h */; };
Modified: trunk/Source/WebKit/ChangeLog (290183 => 290184)
--- trunk/Source/WebKit/ChangeLog 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/ChangeLog 2022-02-19 00:28:13 UTC (rev 290184)
@@ -1,3 +1,31 @@
+2022-02-18 J Pascoe <j_pas...@apple.com>
+
+ [WebAuthn] Support for conditional mediation
+ https://bugs.webkit.org/show_bug.cgi?id=236820
+ rdar://84821947
+
+ Reviewed by Brent Fulgham and Chris Dumez.
+
+ This patch adds support for conditional mediation, as defined in the
+ credentials management spec: https://w3c.github.io/webappsec-credential-management/#dom-credentialmediationrequirement-conditional
+
+ * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
+ * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+ (WebKit::configurationAssertionRequestContext):
+ (WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest):
+ (WebKit::WebAuthenticatorCoordinatorProxy::performRequest):
+ (WebKit::WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable):
+ * UIProcess/WebAuthentication/WebAuthenticationRequestData.h:
+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
+ (WebKit::WebAuthenticatorCoordinatorProxy::makeCredential):
+ (WebKit::WebAuthenticatorCoordinatorProxy::getAssertion):
+ (WebKit::WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable):
+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:
+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
+ (WebKit::WebAuthenticatorCoordinator::getAssertion):
+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h:
+
2022-02-18 Per Arne Vollan <pvol...@apple.com>
Remove unneeded sandbox extension code
Modified: trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h (290183 => 290184)
--- trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -229,6 +229,11 @@
@end
+typedef NS_ENUM(NSInteger, ASCredentialRequestStyle) {
+ ASCredentialRequestStyleModal,
+ ASCredentialRequestStyleAutoFill,
+};
+
@interface ASCCredentialRequestContext : NSObject <NSSecureCoding>
- (instancetype)init NS_UNAVAILABLE;
@@ -245,6 +250,8 @@
@property (nonatomic, nullable, copy) ASCPublicKeyCredentialAssertionOptions *platformKeyCredentialAssertionOptions;
@property (nonatomic, nullable, copy) ASCPublicKeyCredentialAssertionOptions *securityKeyCredentialAssertionOptions;
+@property (nonatomic) ASCredentialRequestStyle requestStyle;
+
@end
@protocol ASCCredentialProtocol <NSObject, NSSecureCoding>
@@ -320,6 +327,8 @@
- (void)userSelectedLoginChoice:(id <ASCLoginChoiceProtocol>)loginChoice authenticatedContext:(LAContext *)context completionHandler:(void (^)(id <ASCCredentialProtocol> _Nullable, NSError * _Nullable))completionHandler;
- (void)requestCompletedWithCredential:(nullable id<ASCCredentialProtocol>)credential error:(nullable NSError *)error;
+
+- (void)performAutoFillAuthorizationRequestsForContext:(ASCCredentialRequestContext *)context withCompletionHandler:(void (^)(id <ASCCredentialProtocol> _Nullable credential, NSError * _Nullable error))completionHandler;
#endif
@end
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (290183 => 290184)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2022-02-19 00:28:13 UTC (rev 290184)
@@ -823,7 +823,7 @@
handler(nil, [NSError errorWithDomain:WKErrorDomain code:exception.code userInfo:@{ NSLocalizedDescriptionKey: exception.message }]);
});
};
- _panel->handleRequest({ WTFMove(hash), [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr }, WTFMove(callback));
+ _panel->handleRequest({ WTFMove(hash), [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr, std::nullopt }, WTFMove(callback));
#endif
}
@@ -837,7 +837,7 @@
handler(nil, [NSError errorWithDomain:WKErrorDomain code:exception.code userInfo:@{ NSLocalizedDescriptionKey: exception.message }]);
});
};
- _panel->handleRequest({ vectorFromNSData(clientDataHash), [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr }, WTFMove(callback));
+ _panel->handleRequest({ vectorFromNSData(clientDataHash), [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr, std::nullopt }, WTFMove(callback));
#endif
}
@@ -887,7 +887,7 @@
handler(nil, [NSError errorWithDomain:WKErrorDomain code:WKErrorUnknown userInfo:nil]);
});
};
- _panel->handleRequest({ WTFMove(hash), [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr }, WTFMove(callback));
+ _panel->handleRequest({ WTFMove(hash), [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr, std::nullopt }, WTFMove(callback));
#endif
}
@@ -901,7 +901,7 @@
handler(nil, [NSError errorWithDomain:WKErrorDomain code:WKErrorUnknown userInfo:nil]);
});
};
- _panel->handleRequest({ vectorFromNSData(clientDataHash), [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr }, WTFMove(callback));
+ _panel->handleRequest({ vectorFromNSData(clientDataHash), [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, true, String(), nullptr, std::nullopt }, WTFMove(callback));
#endif
}
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (290183 => 290184)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2022-02-19 00:28:13 UTC (rev 290184)
@@ -236,7 +236,7 @@
return requestContext;
}
-static RetainPtr<ASCCredentialRequestContext> configurationAssertionRequestContext(const PublicKeyCredentialRequestOptions& options, Vector<uint8_t> hash)
+static RetainPtr<ASCCredentialRequestContext> configurationAssertionRequestContext(const PublicKeyCredentialRequestOptions& options, Vector<uint8_t> hash, std::optional<WebCore::MediationRequirement> mediation)
{
ASCCredentialRequestTypes requestTypes = ASCCredentialRequestTypePlatformPublicKeyAssertion | ASCCredentialRequestTypeSecurityKeyPublicKeyAssertion;
@@ -260,6 +260,8 @@
auto requestContext = adoptNS([allocASCCredentialRequestContextInstance() initWithRequestTypes:requestTypes]);
[requestContext setRelyingPartyIdentifier:options.rpId];
+ if (mediation == MediationRequirement::Conditional && [requestContext respondsToSelector:@selector(setRequestStyle:)])
+ requestContext.get().requestStyle = ASCredentialRequestStyleAutoFill;
if (requestTypes & ASCCredentialRequestTypePlatformPublicKeyAssertion) {
auto assertionOptions = adoptNS(allocASCPublicKeyCredentialAssertionOptionsInstance());
@@ -300,7 +302,7 @@
WTF::switchOn(requestData.options, [&](const PublicKeyCredentialCreationOptions& options) {
result = configureRegistrationRequestContext(options, requestData.hash);
}, [&](const PublicKeyCredentialRequestOptions& options) {
- result = configurationAssertionRequestContext(options, requestData.hash);
+ result = configurationAssertionRequestContext(options, requestData.hash, requestData.mediation);
});
return result;
}
@@ -309,87 +311,102 @@
{
auto proxy = adoptNS([allocASCAgentProxyInstance() init]);
+ auto completionHandler = makeBlockPtr([handler = WTFMove(handler)](id <ASCCredentialProtocol> credential, NSError *error) mutable {
+ ensureOnMainRunLoop([handler = WTFMove(handler), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
+ AuthenticatorResponseData response;
+ AuthenticatorAttachment attachment;
+ ExceptionData exceptionData;
+
+ if ([credential isKindOfClass:getASCPlatformPublicKeyCredentialRegistrationClass()]) {
+ attachment = AuthenticatorAttachment::Platform;
+ response.isAuthenticatorAttestationResponse = true;
+
+ ASCPlatformPublicKeyCredentialRegistration *registrationCredential = credential.get();
+ response.rawId = toArrayBuffer(registrationCredential.credentialID);
+ response.attestationObject = toArrayBuffer(registrationCredential.attestationObject);
+ } else if ([credential isKindOfClass:getASCSecurityKeyPublicKeyCredentialRegistrationClass()]) {
+ attachment = AuthenticatorAttachment::CrossPlatform;
+ response.isAuthenticatorAttestationResponse = true;
+
+ ASCSecurityKeyPublicKeyCredentialRegistration *registrationCredential = credential.get();
+ response.rawId = toArrayBuffer(registrationCredential.credentialID);
+ response.attestationObject = toArrayBuffer(registrationCredential.attestationObject);
+ } else if ([credential isKindOfClass:getASCPlatformPublicKeyCredentialAssertionClass()]) {
+ attachment = AuthenticatorAttachment::Platform;
+ response.isAuthenticatorAttestationResponse = false;
+
+ ASCPlatformPublicKeyCredentialAssertion *assertionCredential = credential.get();
+ response.rawId = toArrayBuffer(assertionCredential.credentialID);
+ response.authenticatorData = toArrayBuffer(assertionCredential.authenticatorData);
+ response.signature = toArrayBuffer(assertionCredential.signature);
+ response.userHandle = toArrayBuffer(assertionCredential.userHandle);
+ } else if ([credential isKindOfClass:getASCSecurityKeyPublicKeyCredentialAssertionClass()]) {
+ attachment = AuthenticatorAttachment::CrossPlatform;
+ response.isAuthenticatorAttestationResponse = false;
+
+ ASCSecurityKeyPublicKeyCredentialAssertion *assertionCredential = credential.get();
+ response.rawId = toArrayBuffer(assertionCredential.credentialID);
+ response.authenticatorData = toArrayBuffer(assertionCredential.authenticatorData);
+ response.signature = toArrayBuffer(assertionCredential.signature);
+ response.userHandle = toArrayBuffer(assertionCredential.userHandle);
+ } else {
+ attachment = (AuthenticatorAttachment) 0;
+ ExceptionCode exceptionCode;
+ NSString *errorMessage = nil;
+ if ([error.get().domain isEqualToString:WKErrorDomain]) {
+ exceptionCode = toExceptionCode(error.get().code);
+ errorMessage = error.get().userInfo[NSLocalizedDescriptionKey];
+ } else {
+ exceptionCode = NotAllowedError;
+
+ if ([error.get().domain isEqualToString:ASCAuthorizationErrorDomain] && error.get().code == ASCAuthorizationErrorUserCanceled)
+ errorMessage = @"This request has been cancelled by the user.";
+ else
+ errorMessage = @"Operation failed.";
+ }
+
+ exceptionData = { exceptionCode, errorMessage };
+ }
+
+ handler(response, attachment, exceptionData);
+ });
+ });
+
+ if ([requestContext respondsToSelector:@selector(requestStyle)] && requestContext.get().requestStyle == ASCredentialRequestStyleAutoFill) {
+ [proxy performAutoFillAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([proxy = WTFMove(proxy), completionHandler = WTFMove(completionHandler)](id <ASCCredentialProtocol> credential, NSError *error) mutable {
+ completionHandler(credential, error);
+ }).get()];
+ return;
+ }
+
#if PLATFORM(IOS)
- [proxy performAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([handler = WTFMove(handler), proxy = WTFMove(proxy)](id <ASCCredentialProtocol> credential, NSError *error) mutable {
- callOnMainRunLoop([handler = WTFMove(handler), proxy = WTFMove(proxy), credential = retainPtr(credential), error = retainPtr(error)] () mutable {
+ [proxy performAuthorizationRequestsForContext:requestContext.get() withCompletionHandler:makeBlockPtr([proxy = WTFMove(proxy), completionHandler = WTFMove(completionHandler)](id <ASCCredentialProtocol> credential, NSError *error) mutable {
+ completionHandler(credential, error);
+ }).get()];
#elif PLATFORM(MAC)
RetainPtr<NSWindow> window = m_webPageProxy.platformWindow();
- [proxy performAuthorizationRequestsForContext:requestContext.get() withClearanceHandler:makeBlockPtr([weakThis = WeakPtr { *this }, handler = WTFMove(handler), window = WTFMove(window), proxy = WTFMove(proxy)](NSXPCListenerEndpoint *daemonEndpoint, NSError *error) mutable {
- callOnMainRunLoop([weakThis, handler = WTFMove(handler), window = WTFMove(window), proxy = WTFMove(proxy), daemonEndpoint = retainPtr(daemonEndpoint), error = retainPtr(error)] () mutable {
+ [proxy performAuthorizationRequestsForContext:requestContext.get() withClearanceHandler:makeBlockPtr([weakThis = WeakPtr { *this }, completionHandler = WTFMove(completionHandler), window = WTFMove(window), proxy = WTFMove(proxy)](NSXPCListenerEndpoint *daemonEndpoint, NSError *error) mutable {
+ callOnMainRunLoop([weakThis, completionHandler = WTFMove(completionHandler), window = WTFMove(window), proxy = WTFMove(proxy), daemonEndpoint = retainPtr(daemonEndpoint), error = retainPtr(error)] () mutable {
if (!weakThis || !daemonEndpoint) {
LOG_ERROR("Could not connect to authorization daemon: %@\n", error.get());
- handler({ }, (AuthenticatorAttachment)0, ExceptionData { NotAllowedError, "Operation failed." });
+ completionHandler({ }, error.get());
return;
}
weakThis->m_presenter = adoptNS([allocASCAuthorizationRemotePresenterInstance() init]);
- [weakThis->m_presenter presentWithWindow:window.get() daemonEndpoint:daemonEndpoint.get() completionHandler:makeBlockPtr([handler = WTFMove(handler), proxy = WTFMove(proxy)](id <ASCCredentialProtocol> credentialNotRetain, NSError *errorNotRetain) mutable {
- auto credential = retainPtr(credentialNotRetain);
- auto error = retainPtr(errorNotRetain);
-#endif
- AuthenticatorResponseData response = { };
- AuthenticatorAttachment attachment;
- ExceptionData exceptionData = { };
-
- if ([credential isKindOfClass:getASCPlatformPublicKeyCredentialRegistrationClass()]) {
- attachment = AuthenticatorAttachment::Platform;
- response.isAuthenticatorAttestationResponse = true;
-
- ASCPlatformPublicKeyCredentialRegistration *registrationCredential = credential.get();
- response.rawId = toArrayBuffer(registrationCredential.credentialID);
- response.attestationObject = toArrayBuffer(registrationCredential.attestationObject);
- } else if ([credential isKindOfClass:getASCSecurityKeyPublicKeyCredentialRegistrationClass()]) {
- attachment = AuthenticatorAttachment::CrossPlatform;
- response.isAuthenticatorAttestationResponse = true;
-
- ASCSecurityKeyPublicKeyCredentialRegistration *registrationCredential = credential.get();
- response.rawId = toArrayBuffer(registrationCredential.credentialID);
- response.attestationObject = toArrayBuffer(registrationCredential.attestationObject);
- } else if ([credential isKindOfClass:getASCPlatformPublicKeyCredentialAssertionClass()]) {
- attachment = AuthenticatorAttachment::Platform;
- response.isAuthenticatorAttestationResponse = false;
-
- ASCPlatformPublicKeyCredentialAssertion *assertionCredential = credential.get();
- response.rawId = toArrayBuffer(assertionCredential.credentialID);
- response.authenticatorData = toArrayBuffer(assertionCredential.authenticatorData);
- response.signature = toArrayBuffer(assertionCredential.signature);
- response.userHandle = toArrayBuffer(assertionCredential.userHandle);
- } else if ([credential isKindOfClass:getASCSecurityKeyPublicKeyCredentialAssertionClass()]) {
- attachment = AuthenticatorAttachment::CrossPlatform;
- response.isAuthenticatorAttestationResponse = false;
-
- ASCSecurityKeyPublicKeyCredentialAssertion *assertionCredential = credential.get();
- response.rawId = toArrayBuffer(assertionCredential.credentialID);
- response.authenticatorData = toArrayBuffer(assertionCredential.authenticatorData);
- response.signature = toArrayBuffer(assertionCredential.signature);
- response.userHandle = toArrayBuffer(assertionCredential.userHandle);
- } else {
- attachment = (AuthenticatorAttachment) 0;
- ExceptionCode exceptionCode;
- NSString *errorMessage = nil;
- if ([error.get().domain isEqualToString:WKErrorDomain]) {
- exceptionCode = toExceptionCode(error.get().code);
- errorMessage = error.get().userInfo[NSLocalizedDescriptionKey];
- } else {
- exceptionCode = NotAllowedError;
-
- if ([error.get().domain isEqualToString:ASCAuthorizationErrorDomain] && error.get().code == ASCAuthorizationErrorUserCanceled)
- errorMessage = @"This request has been cancelled by the user.";
- else
- errorMessage = @"Operation failed.";
- }
-
- exceptionData = { exceptionCode, errorMessage };
- }
-
- handler(response, attachment, exceptionData);
-#if PLATFORM(MAC)
+ [weakThis->m_presenter presentWithWindow:window.get() daemonEndpoint:daemonEndpoint.get() completionHandler:makeBlockPtr([proxy = WTFMove(proxy), completionHandler = WTFMove(completionHandler)](id <ASCCredentialProtocol> credential, NSError *error) mutable {
+ completionHandler(credential, error);
}).get()];
-#endif
});
}).get()];
+#endif // PLATFORM(MAC)
}
+void WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable(QueryCompletionHandler&& handler)
+{
+ handler([getASCWebKitSPISupportClass() shouldUseAlternateCredentialStore]);
+}
+
void WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler)
{
if ([getASCWebKitSPISupportClass() shouldUseAlternateCredentialStore]) {
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h (290183 => 290184)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -30,6 +30,7 @@
#include "APIWebAuthenticationPanel.h"
#include "FrameInfoData.h"
#include "WebAuthenticationFlags.h"
+#include <WebCore/CredentialRequestOptions.h>
#include <WebCore/GlobalFrameIdentifier.h>
#include <WebCore/PublicKeyCredentialCreationOptions.h>
#include <WebCore/PublicKeyCredentialRequestOptions.h>
@@ -56,6 +57,7 @@
bool processingUserGesture;
String cachedPin; // Only used to improve NFC Client PIN experience.
WeakPtr<API::WebAuthenticationPanel> weakPanel;
+ std::optional<WebCore::MediationRequirement> mediation;
};
WebCore::ClientDataType getClientDataType(const std::variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp (290183 => 290184)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp 2022-02-19 00:28:13 UTC (rev 290184)
@@ -58,12 +58,12 @@
void WebAuthenticatorCoordinatorProxy::makeCredential(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialCreationOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
{
- handleRequest({ WTFMove(hash), WTFMove(options), m_webPageProxy, WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture, String(), nullptr }, WTFMove(handler));
+ handleRequest({ WTFMove(hash), WTFMove(options), m_webPageProxy, WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture, String(), nullptr, std::nullopt }, WTFMove(handler));
}
-void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialRequestOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
+void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialRequestOptions&& options, MediationRequirement mediation, bool processingUserGesture, RequestCompletionHandler&& handler)
{
- handleRequest({ WTFMove(hash), WTFMove(options), m_webPageProxy, WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture, String(), nullptr }, WTFMove(handler));
+ handleRequest({ WTFMove(hash), WTFMove(options), m_webPageProxy, WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture, String(), nullptr, mediation }, WTFMove(handler));
}
void WebAuthenticatorCoordinatorProxy::handleRequest(WebAuthenticationRequestData&& data, RequestCompletionHandler&& handler)
@@ -106,6 +106,11 @@
{
handler(LocalService::isAvailable());
}
+
+void WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable(QueryCompletionHandler&& handler)
+{
+ handler(false);
+}
#endif // !HAVE(UNIFIED_ASC_AUTH_UI)
} // namespace WebKit
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h (290183 => 290184)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -28,6 +28,7 @@
#if ENABLE(WEB_AUTHN)
#include "MessageReceiver.h"
+#include <WebCore/CredentialRequestOptions.h>
#include <WebCore/FrameIdentifier.h>
#include <wtf/Forward.h>
#include <wtf/Noncopyable.h>
@@ -69,8 +70,9 @@
// Receivers.
void makeCredential(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialCreationOptions&&, bool processingUserGesture, RequestCompletionHandler&&);
- void getAssertion(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialRequestOptions&&, bool processingUserGesture, RequestCompletionHandler&&);
+ void getAssertion(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialRequestOptions&&, WebCore::CredentialRequestOptions::MediationRequirement, bool processingUserGesture, RequestCompletionHandler&&);
void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&);
+ void isConditionalMediationAvailable(QueryCompletionHandler&&);
void handleRequest(WebAuthenticationRequestData&&, RequestCompletionHandler&&);
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in (290183 => 290184)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in 2022-02-19 00:28:13 UTC (rev 290184)
@@ -27,7 +27,8 @@
messages -> WebAuthenticatorCoordinatorProxy NotRefCounted {
MakeCredential(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async
- GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async
+ GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, enum:uint8_t WebCore::CredentialRequestOptions::MediationRequirement mediation, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async
+ isConditionalMediationAvailable() -> (bool result) Async
IsUserVerifyingPlatformAuthenticatorAvailable() -> (bool result) Async
}
Modified: trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp (290183 => 290184)
--- trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp 2022-02-19 00:28:13 UTC (rev 290184)
@@ -96,12 +96,12 @@
void WebAuthnConnectionToWebProcess::makeCredential(Vector<uint8_t>&& hash, PublicKeyCredentialCreationOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
{
- handleRequest({ WTFMove(hash), WTFMove(options), nullptr, WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, processingUserGesture, String(), nullptr }, WTFMove(handler));
+ handleRequest({ WTFMove(hash), WTFMove(options), nullptr, WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, processingUserGesture, String(), nullptr, std::nullopt }, WTFMove(handler));
}
void WebAuthnConnectionToWebProcess::getAssertion(Vector<uint8_t>&& hash, PublicKeyCredentialRequestOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
{
- handleRequest({ WTFMove(hash), WTFMove(options), nullptr, WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, processingUserGesture, String(), nullptr }, WTFMove(handler));
+ handleRequest({ WTFMove(hash), WTFMove(options), nullptr, WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, processingUserGesture, String(), nullptr, std::nullopt }, WTFMove(handler));
}
void WebAuthnConnectionToWebProcess::handleRequest(WebAuthenticationRequestData&& data, RequestCompletionHandler&& handler)
Modified: trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp (290183 => 290184)
--- trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2022-02-19 00:28:13 UTC (rev 290184)
@@ -84,7 +84,7 @@
WebProcess::singleton().ensureWebAuthnProcessConnection().connection().sendWithAsyncReply(Messages::WebAuthnConnectionToWebProcess::MakeCredential(hash, options, isProcessingUserGesture), WTFMove(handler));
}
-void WebAuthenticatorCoordinator::getAssertion(const Frame& frame, const SecurityOrigin&, const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions& options, RequestCompletionHandler&& handler)
+void WebAuthenticatorCoordinator::getAssertion(const Frame& frame, const SecurityOrigin&, const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions& options, MediationRequirement mediation, RequestCompletionHandler&& handler)
{
auto* webFrame = WebFrame::fromCoreFrame(frame);
if (!webFrame)
@@ -97,7 +97,7 @@
bool useWebAuthnProcess = RuntimeEnabledFeatures::sharedFeatures().webAuthenticationModernEnabled();
#endif
if (!useWebAuthnProcess) {
- m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::GetAssertion(webFrame->frameID(), webFrame->info(), hash, options, isProcessingUserGesture), WTFMove(handler));
+ m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::GetAssertion(webFrame->frameID(), webFrame->info(), hash, options, mediation, isProcessingUserGesture), WTFMove(handler));
return;
}
@@ -106,6 +106,11 @@
WebProcess::singleton().ensureWebAuthnProcessConnection().connection().sendWithAsyncReply(Messages::WebAuthnConnectionToWebProcess::GetAssertion(hash, options, isProcessingUserGesture), WTFMove(handler));
}
+void WebAuthenticatorCoordinator::isConditionalMediationAvailable(QueryCompletionHandler&& handler)
+{
+ m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::isConditionalMediationAvailable(), WTFMove(handler));
+};
+
void WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler)
{
#if HAVE(UNIFIED_ASC_AUTH_UI)
Modified: trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h (290183 => 290184)
--- trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h 2022-02-19 00:27:04 UTC (rev 290183)
+++ trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h 2022-02-19 00:28:13 UTC (rev 290184)
@@ -41,7 +41,8 @@
private:
// WebCore::AuthenticatorCoordinatorClient
void makeCredential(const WebCore::Frame&, const WebCore::SecurityOrigin&, const Vector<uint8_t>&, const WebCore::PublicKeyCredentialCreationOptions&, WebCore::RequestCompletionHandler&&) final;
- void getAssertion(const WebCore::Frame&, const WebCore::SecurityOrigin&, const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions&, WebCore::RequestCompletionHandler&&) final;
+ void getAssertion(const WebCore::Frame&, const WebCore::SecurityOrigin&, const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions&, WebCore::MediationRequirement, WebCore::RequestCompletionHandler&&) final;
+ void isConditionalMediationAvailable(WebCore::QueryCompletionHandler&&) final;
void isUserVerifyingPlatformAuthenticatorAvailable(WebCore::QueryCompletionHandler&&) final;
void resetUserGestureRequirement() final { m_requireUserGesture = false; }