Log Message
[WebAuthn] challenge does not get passed to -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] https://bugs.webkit.org/show_bug.cgi?id=232836 rdar://85163927
Reviewed by Brent Fulgham. -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] receives Source/WebCore: an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI. This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is. * Modules/webauthn/PublicKeyCredentialCreationOptions.h: (WebCore::PublicKeyCredentialCreationOptions::encode const): (WebCore::PublicKeyCredentialCreationOptions::decode): * Modules/webauthn/PublicKeyCredentialRequestOptions.h: (WebCore::PublicKeyCredentialRequestOptions::encode const): (WebCore::PublicKeyCredentialRequestOptions::decode): Add new challengeVector field to both options structs and include it in decoding / encoding. Source/WebKit: an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI. This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is. * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::configureRegistrationRequestContext): (WebKit::configurationAssertionRequestContext): Use challengeVector instead of challenge as it's available after being passed via xpc. Tools: an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI. This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is. This change also adds an empty value for tests. * TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp: (TestWebKitAPI::TEST):
Modified Paths
- trunk/Source/WebCore/ChangeLog
- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h
- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h
- trunk/Source/WebKit/ChangeLog
- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
- trunk/Tools/ChangeLog
- trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp
Diff
Modified: trunk/Source/WebCore/ChangeLog (285474 => 285475)
--- trunk/Source/WebCore/ChangeLog 2021-11-09 01:29:21 UTC (rev 285474)
+++ trunk/Source/WebCore/ChangeLog 2021-11-09 01:37:58 UTC (rev 285475)
@@ -1,3 +1,26 @@
+2021-11-08 J Pascoe <[email protected]>
+
+ [WebAuthn] challenge does not get passed to -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]
+ https://bugs.webkit.org/show_bug.cgi?id=232836
+ rdar://85163927
+
+ Reviewed by Brent Fulgham.
+
+ -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] receives
+ an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI.
+
+ This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this
+ field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is.
+
+ * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
+ (WebCore::PublicKeyCredentialCreationOptions::encode const):
+ (WebCore::PublicKeyCredentialCreationOptions::decode):
+ * Modules/webauthn/PublicKeyCredentialRequestOptions.h:
+ (WebCore::PublicKeyCredentialRequestOptions::encode const):
+ (WebCore::PublicKeyCredentialRequestOptions::decode):
+ Add new challengeVector field to both options structs and include it
+ in decoding / encoding.
+
2021-11-08 Chris Dumez <[email protected]>
REGRESSION (r283935): [ macOS wk1 ] imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-autofocus-multiple-times.html is a flaky failure
Modified: trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h (285474 => 285475)
--- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-11-09 01:29:21 UTC (rev 285474)
+++ trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-11-09 01:37:58 UTC (rev 285475)
@@ -76,7 +76,7 @@
RpEntity rp;
UserEntity user;
- BufferSource challenge;
+ BufferSource challenge; // challenge becomes challengeVector once it is passed to UIProcess.
Vector<Parameters> pubKeyCredParams;
std::optional<unsigned> timeout;
@@ -85,6 +85,8 @@
AttestationConveyancePreference attestation;
mutable std::optional<AuthenticationExtensionsClientInputs> extensions;
+ Vector<uint8_t> challengeVector;
+
template<class Encoder> void encode(Encoder&) const;
template<class Decoder> static std::optional<PublicKeyCredentialCreationOptions> decode(Decoder&);
#endif // ENABLE(WEB_AUTHN)
@@ -144,6 +146,8 @@
encoder << static_cast<uint64_t>(user.id.length());
encoder.encodeFixedLengthData(user.id.data(), user.id.length(), 1);
encoder << user.displayName << user.name << user.icon << pubKeyCredParams << timeout << excludeCredentials << authenticatorSelection << attestation << extensions;
+ encoder << static_cast<uint64_t>(challenge.length());
+ encoder.encodeFixedLengthData(challenge.data(), challenge.length(), 1);
}
template<class Decoder>
@@ -194,6 +198,9 @@
return std::nullopt;
result.extensions = WTFMove(*extensions);
+ if (!decoder.decode(result.challengeVector))
+ return std::nullopt;
+
return result;
}
#endif // ENABLE(WEB_AUTHN)
Modified: trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h (285474 => 285475)
--- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h 2021-11-09 01:29:21 UTC (rev 285474)
+++ trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h 2021-11-09 01:37:58 UTC (rev 285475)
@@ -38,7 +38,7 @@
struct PublicKeyCredentialRequestOptions {
#if ENABLE(WEB_AUTHN)
- BufferSource challenge;
+ BufferSource challenge; // challenge becomes challengeVector once it is passed to UIProcess.
std::optional<unsigned> timeout;
mutable String rpId;
Vector<PublicKeyCredentialDescriptor> allowCredentials;
@@ -46,6 +46,8 @@
std::optional<AuthenticatorAttachment> authenticatorAttachment;
mutable std::optional<AuthenticationExtensionsClientInputs> extensions;
+ Vector<uint8_t> challengeVector;
+
template<class Encoder> void encode(Encoder&) const;
template<class Decoder> static std::optional<PublicKeyCredentialRequestOptions> decode(Decoder&);
#endif // ENABLE(WEB_AUTHN)
@@ -57,6 +59,8 @@
void PublicKeyCredentialRequestOptions::encode(Encoder& encoder) const
{
encoder << timeout << rpId << allowCredentials << userVerification << extensions;
+ encoder << static_cast<uint64_t>(challenge.length());
+ encoder.encodeFixedLengthData(challenge.data(), challenge.length(), 1);
}
template<class Decoder>
@@ -87,6 +91,9 @@
return std::nullopt;
result.extensions = WTFMove(*extensions);
+ if (!decoder.decode(result.challengeVector))
+ return std::nullopt;
+
return result;
}
#endif // ENABLE(WEB_AUTHN)
Modified: trunk/Source/WebKit/ChangeLog (285474 => 285475)
--- trunk/Source/WebKit/ChangeLog 2021-11-09 01:29:21 UTC (rev 285474)
+++ trunk/Source/WebKit/ChangeLog 2021-11-09 01:37:58 UTC (rev 285475)
@@ -1,3 +1,22 @@
+2021-11-08 J Pascoe <[email protected]>
+
+ [WebAuthn] challenge does not get passed to -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]
+ https://bugs.webkit.org/show_bug.cgi?id=232836
+ rdar://85163927
+
+ Reviewed by Brent Fulgham.
+
+ -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] receives
+ an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI.
+
+ This change encodes/decodes challenge in PublicKeyCredentialRequestOptions.
+ Before this field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is.
+
+ * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+ (WebKit::configureRegistrationRequestContext):
+ (WebKit::configurationAssertionRequestContext):
+ Use challengeVector instead of challenge as it's available after being passed via xpc.
+
2021-11-08 Devin Rousso <[email protected]>
[Payment Request] Add a new payment method for showing AMS UI
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (285474 => 285475)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-09 01:29:21 UTC (rev 285474)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-09 01:37:58 UTC (rev 285475)
@@ -178,7 +178,7 @@
auto credentialCreationOptions = adoptNS([allocASCPublicKeyCredentialCreationOptionsInstance() init]);
- [credentialCreationOptions setChallenge:toNSData(options.challenge).get()];
+ [credentialCreationOptions setChallenge:toNSData(options.challengeVector).get()];
[credentialCreationOptions setRelyingPartyIdentifier:options.rp.id];
[credentialCreationOptions setUserName:options.user.name];
[credentialCreationOptions setUserIdentifier:toNSData(options.user.id).get()];
@@ -236,7 +236,7 @@
auto requestContext = adoptNS([allocASCCredentialRequestContextInstance() initWithRequestTypes:requestTypes]);
[requestContext setRelyingPartyIdentifier:options.rpId];
- auto challenge = toNSData(options.challenge);
+ auto challenge = toNSData(options.challengeVector);
if (requestTypes & ASCCredentialRequestTypePlatformPublicKeyAssertion)
[requestContext setPlatformKeyCredentialAssertionOptions:[allocASCPublicKeyCredentialAssertionOptionsInstance() initWithKind:ASCPublicKeyCredentialKindPlatform relyingPartyIdentifier:options.rpId challenge:challenge.get() userVerificationPreference:userVerification.get() allowedCredentials:allowedCredentials.get()]];
Modified: trunk/Tools/ChangeLog (285474 => 285475)
--- trunk/Tools/ChangeLog 2021-11-09 01:29:21 UTC (rev 285474)
+++ trunk/Tools/ChangeLog 2021-11-09 01:37:58 UTC (rev 285475)
@@ -1,3 +1,21 @@
+2021-11-08 J Pascoe <[email protected]>
+
+ [WebAuthn] challenge does not get passed to -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]
+ https://bugs.webkit.org/show_bug.cgi?id=232836
+ rdar://85163927
+
+ Reviewed by Brent Fulgham.
+
+ -[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:] receives
+ an empty challenge, causing _WKWebAuthenticationPanel to immediately close when using the new UNIFIED_ASC_AUTH_UI.
+
+ This change encodes/decodes challenge in PublicKeyCredentialRequestOptions. Before this
+ field was not used after xpc, but with the new UNIFIED_ASC_AUTH_UI it is.
+ This change also adds an empty value for tests.
+
+ * TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp:
+ (TestWebKitAPI::TEST):
+
2021-11-08 Alex Christensen <[email protected]>
Parse redirect and modify-headers actions for WKContentRuleList
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp (285474 => 285475)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp 2021-11-09 01:29:21 UTC (rev 285474)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp 2021-11-09 01:37:58 UTC (rev 285475)
@@ -62,7 +62,7 @@
Vector<PublicKeyCredentialCreationOptions::Parameters> params { { PublicKeyCredentialType::PublicKey, 7 }, { PublicKeyCredentialType::PublicKey, 257 } };
PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria selection { AuthenticatorAttachment::Platform, true, UserVerificationRequirement::Preferred };
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedAndConfigured);
@@ -85,7 +85,7 @@
Vector<PublicKeyCredentialCreationOptions::Parameters> params { { PublicKeyCredentialType::PublicKey, 7 }, { PublicKeyCredentialType::PublicKey, 257 } };
PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria selection { AuthenticatorAttachment::Platform, false, UserVerificationRequirement::Discouraged };
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedAndConfigured);
@@ -108,7 +108,7 @@
Vector<PublicKeyCredentialCreationOptions::Parameters> params { { PublicKeyCredentialType::PublicKey, 7 }, { PublicKeyCredentialType::PublicKey, 257 } };
PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria selection { AuthenticatorAttachment::Platform, false, UserVerificationRequirement::Required };
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kNotSupported);
@@ -135,7 +135,7 @@
pin.protocol = pin::kProtocolVersion;
pin.auth.append(TestData::kCtap2PinAuth, sizeof(TestData::kCtap2PinAuth));
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedAndConfigured, pin);
_______________________________________________ webkit-changes mailing list [email protected] https://lists.webkit.org/mailman/listinfo/webkit-changes
