WebKit Bugzilla
Attachment 349336 Details for
Bug 189277
: [WebAuthN] Polish AuthenticatorManager and rename it to AuthenticatorCoordinator
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for landing
bug-189277-20180910152919.patch (text/plain), 271.29 KB, created by
Jiewen Tan
on 2018-09-10 15:29:20 PDT
(
hide
)
Description:
Patch for landing
Filename:
MIME Type:
Creator:
Jiewen Tan
Created:
2018-09-10 15:29:20 PDT
Size:
271.29 KB
patch
obsolete
>Subversion Revision: 235833 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 8375217f8686e250bb3a23429f0200fb573ffe7e..739a2210116bcfa6b243edfdad41e915d9e77cfa 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,110 @@ >+2018-09-08 Jiewen Tan <jiewen_tan@apple.com> >+ >+ [WebAuthN] Polish AuthenticatorManager and rename it to AuthenticatorCoordinator >+ https://bugs.webkit.org/show_bug.cgi?id=189277 >+ <rdar://problem/44115936> >+ >+ Reviewed by Chris Dumez. >+ >+ This patch aims to polish AuthenticatorManager such that: >+ 1) It is no longer a singleton. Instead, it will live with Page. It was a singleton simply because static >+ PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable() have to access it. However, this request >+ can be fulfilled by adding an attribute [CallWith=Document] to the IDL defination. Therefore, there is no >+ such need. Also, the singleton is illy implemented as it owns a single IPC proxy to UI Process which means >+ different web pages will talk to the same web page proxy. Anyway, making it live with Page should fix everything. >+ 2) Since we are now planning to support external authenticators, the manager of all authenticators will then >+ have to live in UI Process which makes this AuthenticatorManager obsolete. Instead, rename it to AuthenticatorCoordinator. >+ 3) Rename CredentialsMessenger to AuthenticatorCoordinatorClient to tight it to WebAuthN. Also, simplify the >+ message reply model as PublicKeyCredentialCreationOptions/PublicKeyCredentialRequestOptions => >+ ExceptionData/PublicKeyCredentialData for makeCredential/getAssertion operations. >+ 4) Restrict one request per time, i.e. makeCredential/getAssertion for a single page. >+ 5) Unifying makeCredentialReply/getAssertionReply/exceptionReply into requestReply for IPC. Correspondingly, >+ unify callback and exceptionCallback into callback as well for LocalAuthenticator. >+ 6) Enhance PublicKeyCredentialCreationOptions encoding/decoding with encoder.encodeFixedLengthData/decoder.decodeFixedLengthData. >+ >+ Covered by existing tests. >+ >+ * DerivedSources.make: >+ * Modules/credentialmanagement/CredentialsContainer.cpp: >+ (WebCore::CredentialsContainer::get): >+ (WebCore::CredentialsContainer::isCreate): >+ * Modules/credentialmanagement/CredentialsContainer.h: >+ * Modules/credentialmanagement/CredentialsMessenger.cpp: Removed. >+ * Modules/credentialmanagement/CredentialsMessenger.h: Removed. >+ * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Removed. >+ * Modules/webauthn/AuthenticatorAssertionResponse.h: >+ (WebCore::AuthenticatorAssertionResponse::create): >+ (WebCore::AuthenticatorAssertionResponse::authenticatorData const): >+ (WebCore::AuthenticatorAssertionResponse::signature const): >+ (WebCore::AuthenticatorAssertionResponse::userHandle const): >+ (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): >+ * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Removed. >+ * Modules/webauthn/AuthenticatorAttestationResponse.h: >+ (WebCore::AuthenticatorAttestationResponse::create): >+ (WebCore::AuthenticatorAttestationResponse::attestationObject const): >+ (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): >+ * Modules/webauthn/AuthenticatorCoordinator.cpp: Renamed from Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp. >+ (WebCore::AuthenticatorCoordinatorInternal::produceClientDataJson): >+ (WebCore::AuthenticatorCoordinatorInternal::produceClientDataJsonHash): >+ (WebCore::AuthenticatorCoordinatorInternal::initTimeoutTimer): >+ (WebCore::AuthenticatorCoordinatorInternal::didTimeoutTimerFire): >+ (WebCore::AuthenticatorCoordinator::AuthenticatorCoordinator): >+ (WebCore::AuthenticatorCoordinator::setClient): >+ (WebCore::AuthenticatorCoordinator::create const): >+ (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): >+ (WebCore::AuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable const): >+ * Modules/webauthn/AuthenticatorCoordinator.h: Renamed from Source/WebCore/Modules/webauthn/AuthenticatorManager.h. >+ * Modules/webauthn/AuthenticatorCoordinatorClient.cpp: Added. >+ (WebCore::AuthenticatorCoordinatorClient::~AuthenticatorCoordinatorClient): >+ (WebCore::AuthenticatorCoordinatorClient::requestReply): >+ (WebCore::AuthenticatorCoordinatorClient::isUserVerifyingPlatformAuthenticatorAvailableReply): >+ (WebCore::AuthenticatorCoordinatorClient::setRequestCompletionHandler): >+ (WebCore::AuthenticatorCoordinatorClient::addQueryCompletionHandler): >+ * Modules/webauthn/AuthenticatorCoordinatorClient.h: Copied from Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.h. >+ * Modules/webauthn/AuthenticatorResponse.cpp: Removed. >+ * Modules/webauthn/AuthenticatorResponse.h: >+ (WebCore::AuthenticatorResponse::AuthenticatorResponse): >+ (WebCore::AuthenticatorResponse::clientDataJSON const): >+ * Modules/webauthn/PublicKeyCredential.cpp: >+ (WebCore::PublicKeyCredential::create): >+ (WebCore::PublicKeyCredential::tryCreate): >+ (WebCore::PublicKeyCredential::PublicKeyCredential): >+ (WebCore::PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable): >+ * Modules/webauthn/PublicKeyCredential.h: >+ * Modules/webauthn/PublicKeyCredential.idl: >+ * Modules/webauthn/PublicKeyCredentialCreationOptions.h: >+ (WebCore::PublicKeyCredentialCreationOptions::encode const): >+ (WebCore::PublicKeyCredentialCreationOptions::decode): >+ * Modules/webauthn/PublicKeyCredentialData.h: Added. >+ (WebCore::PublicKeyCredentialData::encode const): >+ (WebCore::PublicKeyCredentialData::decode): >+ * Modules/webauthn/cocoa/LocalAuthenticator.h: >+ * Modules/webauthn/cocoa/LocalAuthenticator.mm: >+ (WebCore::LocalAuthenticator::makeCredential): >+ (WebCore::LocalAuthenticator::getAssertion): >+ * Sources.txt: >+ * WebCore.xcodeproj/project.pbxproj: >+ * page/Page.cpp: >+ * page/Page.h: >+ (WebCore::Page::authenticatorCoordinator const): >+ * page/PageConfiguration.cpp: >+ * page/PageConfiguration.h: >+ * testing/Internals.cpp: >+ (WebCore::Internals::Internals): >+ (WebCore::Internals::mockAuthenticatorCoordinator const): >+ (WebCore::Internals::mockCredentialsMessenger const): Deleted. >+ * testing/Internals.h: >+ * testing/Internals.idl: >+ * testing/MockAuthenticatorCoordinator.cpp: Added. >+ (WebCore::MockAuthenticatorCoordinator::setCreationReturnBundle): >+ (WebCore::MockAuthenticatorCoordinator::setAssertionReturnBundle): >+ (WebCore::MockAuthenticatorCoordinator::makeCredential): >+ (WebCore::MockAuthenticatorCoordinator::getAssertion): >+ (WebCore::MockAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable): >+ * testing/MockAuthenticatorCoordinator.h: Renamed from Source/WebCore/testing/MockCredentialsMessenger.h. >+ * testing/MockAuthenticatorCoordinator.idl: Renamed from Source/WebCore/testing/MockCredentialsMessenger.idl. >+ * testing/MockCredentialsMessenger.cpp: Removed. >+ > 2018-09-08 Andy Estes <aestes@apple.com> > > [Apple Pay] Dispatch a paymentmethodchange event when the payment method changes >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 5e9e188983a7632bd156e87cab47c1d81ddcfb8b..7c6c86be60e6f5b4c148b42a8f46f67d0e491d92 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,43 @@ >+2018-09-08 Jiewen Tan <jiewen_tan@apple.com> >+ >+ [WebAuthN] Polish AuthenticatorManager and rename it to AuthenticatorCoordinator >+ https://bugs.webkit.org/show_bug.cgi?id=189277 >+ <rdar://problem/44115936> >+ >+ Reviewed by Chris Dumez. >+ >+ * DerivedSources.make: >+ * SourcesCocoa.txt: >+ * UIProcess/CredentialManagement/WebCredentialsMessengerProxy.cpp: Removed. >+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: Added. >+ (WebKit::WebAuthenticatorCoordinatorProxy::WebAuthenticatorCoordinatorProxy): >+ (WebKit::WebAuthenticatorCoordinatorProxy::~WebAuthenticatorCoordinatorProxy): >+ (WebKit::WebAuthenticatorCoordinatorProxy::makeCredential): >+ (WebKit::WebAuthenticatorCoordinatorProxy::getAssertion): >+ (WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable): >+ (WebKit::WebAuthenticatorCoordinatorProxy::requestReply): >+ (WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailableReply): >+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: Renamed from Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.h. >+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: Renamed from Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.messages.in. >+ * UIProcess/WebPageProxy.cpp: >+ (WebKit::m_resetRecentCrashCountTimer): >+ (WebKit::WebPageProxy::reattachToWebProcess): >+ * UIProcess/WebPageProxy.h: >+ * WebKit.xcodeproj/project.pbxproj: >+ * WebProcess/CredentialManagement/WebCredentialsMessenger.cpp: Removed. >+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Added. >+ (WebKit::WebAuthenticatorCoordinator::WebAuthenticatorCoordinator): >+ (WebKit::WebAuthenticatorCoordinator::~WebAuthenticatorCoordinator): >+ (WebKit::WebAuthenticatorCoordinator::makeCredential): >+ (WebKit::WebAuthenticatorCoordinator::getAssertion): >+ (WebKit::WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable): >+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h: Renamed from Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.h. >+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.messages.in: Renamed from Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.messages.in. >+ * WebProcess/WebPage/WebPage.cpp: >+ (WebKit::m_cpuLimit): >+ (WebKit::m_credentialsMessenger): Deleted. >+ * WebProcess/WebPage/WebPage.h: >+ > 2018-09-08 Tim Horton <timothy_horton@apple.com> > > Unify most of the WebKit Objective-C API sources >diff --git a/Source/WebCore/DerivedSources.make b/Source/WebCore/DerivedSources.make >index d23648c500c794d7c393e38b71eda28c9d4d3b5d..5db30145aa726f5b3b0ad3accf74720c4a212641 100644 >--- a/Source/WebCore/DerivedSources.make >+++ b/Source/WebCore/DerivedSources.make >@@ -962,9 +962,9 @@ JS_BINDING_IDLS = \ > $(WebCore)/testing/Internals.idl \ > $(WebCore)/testing/MallocStatistics.idl \ > $(WebCore)/testing/MemoryInfo.idl \ >+ $(WebCore)/testing/MockAuthenticatorCoordinator.idl \ > $(WebCore)/testing/MockCDMFactory.idl \ > $(WebCore)/testing/MockContentFilterSettings.idl \ >- $(WebCore)/testing/MockCredentialsMessenger.idl \ > $(WebCore)/testing/MockPageOverlay.idl \ > $(WebCore)/testing/MockPaymentAddress.idl \ > $(WebCore)/testing/MockPaymentCoordinator.idl \ >diff --git a/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp b/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp >index 14707ae11aedaa64f0ebc72d8b23b2169f8928e3..cb2760c1aa74e914745350e00f1f7163f03b3a12 100644 >--- a/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp >+++ b/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp >@@ -35,6 +35,7 @@ > #include "Document.h" > #include "ExceptionOr.h" > #include "JSDOMPromiseDeferred.h" >+#include "Page.h" > #include "SecurityOrigin.h" > > namespace WebCore { >@@ -63,7 +64,7 @@ void CredentialsContainer::get(CredentialRequestOptions&& options, CredentialPro > { > // The following implements https://www.w3.org/TR/credential-management-1/#algorithm-request as of 4 August 2017 > // with enhancement from 14 November 2017 Editor's Draft. >- if (!m_document) { >+ if (!m_document || !m_document->page()) { > promise.reject(Exception { NotSupportedError }); > return; > } >@@ -82,8 +83,7 @@ void CredentialsContainer::get(CredentialRequestOptions&& options, CredentialPro > return; > } > >- // Async operations are dispatched/handled in (Web)CredentialMessenger, which exchanges messages between WebProcess and UIProcess. >- AuthenticatorManager::singleton().discoverFromExternalSource(m_document->securityOrigin(), options.publicKey.value(), doesHaveSameOriginAsItsAncestors(), WTFMove(options.signal), WTFMove(promise)); >+ m_document->page()->authenticatorCoordinator().discoverFromExternalSource(m_document->securityOrigin(), options.publicKey.value(), doesHaveSameOriginAsItsAncestors(), WTFMove(options.signal), WTFMove(promise)); > } > > void CredentialsContainer::store(const BasicCredential&, CredentialPromise&& promise) >@@ -95,7 +95,7 @@ void CredentialsContainer::isCreate(CredentialCreationOptions&& options, Credent > { > // The following implements https://www.w3.org/TR/credential-management-1/#algorithm-create as of 4 August 2017 > // with enhancement from 14 November 2017 Editor's Draft. >- if (!m_document) { >+ if (!m_document || !m_document->page()) { > promise.reject(Exception { NotSupportedError }); > return; > } >@@ -112,8 +112,7 @@ void CredentialsContainer::isCreate(CredentialCreationOptions&& options, Credent > return; > } > >- // Async operations are dispatched/handled in (Web)CredentialMessenger, which exchanges messages between WebProcess and UIProcess. >- AuthenticatorManager::singleton().create(m_document->securityOrigin(), options.publicKey.value(), doesHaveSameOriginAsItsAncestors(), WTFMove(options.signal), WTFMove(promise)); >+ m_document->page()->authenticatorCoordinator().create(m_document->securityOrigin(), options.publicKey.value(), doesHaveSameOriginAsItsAncestors(), WTFMove(options.signal), WTFMove(promise)); > } > > void CredentialsContainer::preventSilentAccess(DOMPromiseDeferred<void>&& promise) const >diff --git a/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h b/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h >index 2d5b38b56717f3de8b90141c785661fee06fe174..4e1bb4e5be5e5255a37786f8ef69b8a77daf53c7 100644 >--- a/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h >+++ b/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h >@@ -28,7 +28,7 @@ > > #if ENABLE(WEB_AUTHN) > >-#include "AuthenticatorManager.h" >+#include "AuthenticatorCoordinator.h" > #include <wtf/RefCounted.h> > #include <wtf/WeakPtr.h> > >diff --git a/Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.cpp b/Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.cpp >deleted file mode 100644 >index b46bd074af47e89cc9cc75b41eac62da26462bfc..0000000000000000000000000000000000000000 >--- a/Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.cpp >+++ /dev/null >@@ -1,109 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "CredentialsMessenger.h" >- >-#if ENABLE(WEB_AUTHN) >- >-namespace WebCore { >- >-namespace CredentialsMessengerInternal { >- >-const uint64_t maxMessageId = 0xFFFFFFFFFFFFFF; // 56 bits >-const size_t callBackClassifierOffset = 56; >- >-} >- >-void CredentialsMessenger::exceptionReply(uint64_t messageId, const ExceptionData& exception) >-{ >- using namespace CredentialsMessengerInternal; >- >- if (!(messageId >> callBackClassifierOffset ^ CallBackClassifier::Creation)) { >- auto handler = takeCreationCompletionHandler(messageId); >- handler(exception.toException()); >- return; >- } >- if (!(messageId >> callBackClassifierOffset ^ CallBackClassifier::Request)) { >- auto handler = takeRequestCompletionHandler(messageId); >- handler(exception.toException()); >- return; >- } >-} >- >-uint64_t CredentialsMessenger::addCreationCompletionHandler(CreationCompletionHandler&& handler) >-{ >- using namespace CredentialsMessengerInternal; >- >- uint64_t messageId = m_accumulatedMessageId++; >- ASSERT(messageId <= maxMessageId); >- messageId = messageId | CallBackClassifier::Creation << callBackClassifierOffset; >- auto addResult = m_pendingCreationCompletionHandlers.add(messageId, WTFMove(handler)); >- ASSERT_UNUSED(addResult, addResult.isNewEntry); >- return messageId; >-} >- >-CreationCompletionHandler CredentialsMessenger::takeCreationCompletionHandler(uint64_t messageId) >-{ >- return m_pendingCreationCompletionHandlers.take(messageId); >-} >- >-uint64_t CredentialsMessenger::addRequestCompletionHandler(RequestCompletionHandler&& handler) >-{ >- using namespace CredentialsMessengerInternal; >- >- uint64_t messageId = m_accumulatedMessageId++; >- ASSERT(messageId <= maxMessageId); >- messageId = messageId | CallBackClassifier::Request << callBackClassifierOffset; >- auto addResult = m_pendingRequestCompletionHandlers.add(messageId, WTFMove(handler)); >- ASSERT_UNUSED(addResult, addResult.isNewEntry); >- return messageId; >-} >- >-RequestCompletionHandler CredentialsMessenger::takeRequestCompletionHandler(uint64_t messageId) >-{ >- return m_pendingRequestCompletionHandlers.take(messageId); >-} >- >-uint64_t CredentialsMessenger::addQueryCompletionHandler(QueryCompletionHandler&& handler) >-{ >- using namespace CredentialsMessengerInternal; >- >- uint64_t messageId = m_accumulatedMessageId++; >- ASSERT(messageId < maxMessageId); >- messageId = messageId | CallBackClassifier::Query << callBackClassifierOffset; >- auto addResult = m_pendingQueryCompletionHandlers.add(messageId, WTFMove(handler)); >- ASSERT_UNUSED(addResult, addResult.isNewEntry); >- return messageId; >-} >- >-QueryCompletionHandler CredentialsMessenger::takeQueryCompletionHandler(uint64_t messageId) >-{ >- return m_pendingQueryCompletionHandlers.take(messageId); >-} >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h b/Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h >deleted file mode 100644 >index f28af95c16abff9cbeea1583666b05959abbe8ea..0000000000000000000000000000000000000000 >--- a/Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h >+++ /dev/null >@@ -1,115 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#pragma once >- >-#if ENABLE(WEB_AUTHN) >- >-#include "ExceptionData.h" >-#include "ExceptionOr.h" >-#include <JavaScriptCore/ArrayBuffer.h> >-#include <wtf/CompletionHandler.h> >-#include <wtf/HashMap.h> >-#include <wtf/WeakPtr.h> >- >-namespace WebCore { >- >-class DeferredPromise; >- >-struct PublicKeyCredentialCreationOptions; >-struct PublicKeyCredentialRequestOptions; >- >-struct CreationReturnBundle { >- CreationReturnBundle(Ref<ArrayBuffer>&& credentialId, Ref<ArrayBuffer>&& attestationObject) >- : credentialId(WTFMove(credentialId)) >- , attestationObject(WTFMove(attestationObject)) >- { >- } >- >- Ref<ArrayBuffer> credentialId; >- Ref<ArrayBuffer> attestationObject; >-}; >-struct AssertionReturnBundle { >- AssertionReturnBundle(Ref<ArrayBuffer>&& credentialId, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, Ref<ArrayBuffer>&& userHandle) >- : credentialId(WTFMove(credentialId)) >- , authenticatorData(WTFMove(authenticatorData)) >- , signature(WTFMove(signature)) >- , userHandle(WTFMove(userHandle)) >- { >- } >- >- Ref<ArrayBuffer> credentialId; >- Ref<ArrayBuffer> authenticatorData; >- Ref<ArrayBuffer> signature; >- Ref<ArrayBuffer> userHandle; >-}; >- >-using CreationCompletionHandler = CompletionHandler<void(ExceptionOr<CreationReturnBundle>&&)>; >-using RequestCompletionHandler = CompletionHandler<void(ExceptionOr<AssertionReturnBundle>&&)>; >-using QueryCompletionHandler = CompletionHandler<void(bool)>; >- >-class CredentialsMessenger : public CanMakeWeakPtr<CredentialsMessenger> { >- WTF_MAKE_FAST_ALLOCATED; >- WTF_MAKE_NONCOPYABLE(CredentialsMessenger); >-public: >- CredentialsMessenger() = default; >- >- // Senders. >- virtual void makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions&, CreationCompletionHandler&&) = 0; >- virtual void getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions&, RequestCompletionHandler&&) = 0; >- virtual void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&) = 0; >- >- // Receivers. >- WEBCORE_EXPORT void exceptionReply(uint64_t messageId, const ExceptionData&); >- virtual void makeCredentialReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject) = 0; >- virtual void getAssertionReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle) = 0; >- virtual void isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool) = 0; >- >-protected: >- virtual ~CredentialsMessenger() = default; >- >- WEBCORE_EXPORT uint64_t addCreationCompletionHandler(CreationCompletionHandler&&); >- WEBCORE_EXPORT CreationCompletionHandler takeCreationCompletionHandler(uint64_t); >- WEBCORE_EXPORT uint64_t addRequestCompletionHandler(RequestCompletionHandler&&); >- WEBCORE_EXPORT RequestCompletionHandler takeRequestCompletionHandler(uint64_t); >- WEBCORE_EXPORT uint64_t addQueryCompletionHandler(QueryCompletionHandler&&); >- WEBCORE_EXPORT QueryCompletionHandler takeQueryCompletionHandler(uint64_t); >- >-private: >- enum CallBackClassifier : uint64_t { >- Creation = 0x01, >- Request = 0x02, >- Query = 0x03, >- }; >- // The most significant byte is reserved as callback classifier. >- uint64_t m_accumulatedMessageId { 1 }; >- HashMap<uint64_t, CreationCompletionHandler> m_pendingCreationCompletionHandlers; >- HashMap<uint64_t, RequestCompletionHandler> m_pendingRequestCompletionHandlers; >- HashMap<uint64_t, QueryCompletionHandler> m_pendingQueryCompletionHandlers; >-}; >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp b/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp >deleted file mode 100644 >index 332a2cb237d20ba4bec980b1448f4d9fe6b5b6d7..0000000000000000000000000000000000000000 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp >+++ /dev/null >@@ -1,58 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "AuthenticatorAssertionResponse.h" >- >-#if ENABLE(WEB_AUTHN) >- >-namespace WebCore { >- >-AuthenticatorAssertionResponse::AuthenticatorAssertionResponse(RefPtr<ArrayBuffer>&& clientDataJSON, RefPtr<ArrayBuffer>&& authenticatorData, RefPtr<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle) >- : AuthenticatorResponse(WTFMove(clientDataJSON)) >- , m_authenticatorData(WTFMove(authenticatorData)) >- , m_signature(WTFMove(signature)) >- , m_userHandle(WTFMove(userHandle)) >-{ >-} >- >-ArrayBuffer* AuthenticatorAssertionResponse::authenticatorData() const >-{ >- return m_authenticatorData.get(); >-} >- >-ArrayBuffer* AuthenticatorAssertionResponse::signature() const >-{ >- return m_signature.get(); >-} >- >-ArrayBuffer* AuthenticatorAssertionResponse::userHandle() const >-{ >- return m_userHandle.get(); >-} >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h b/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h >index 4451f2531a4393e1898ed6cf30a2de8d994a5e50..cf28c1acae19ccee3722f4f0292229119814d1bd 100644 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h >+++ b/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h >@@ -33,25 +33,31 @@ namespace WebCore { > > class AuthenticatorAssertionResponse : public AuthenticatorResponse { > public: >- static Ref<AuthenticatorAssertionResponse> create(RefPtr<ArrayBuffer>&& clientDataJSON, RefPtr<ArrayBuffer>&& authenticatorData, RefPtr<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle) >+ static Ref<AuthenticatorAssertionResponse> create(Ref<ArrayBuffer>&& clientDataJSON, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, Ref<ArrayBuffer>&& userHandle) > { > return adoptRef(*new AuthenticatorAssertionResponse(WTFMove(clientDataJSON), WTFMove(authenticatorData), WTFMove(signature), WTFMove(userHandle))); > } > > virtual ~AuthenticatorAssertionResponse() = default; > >- ArrayBuffer* authenticatorData() const; >- ArrayBuffer* signature() const; >- ArrayBuffer* userHandle() const; >+ ArrayBuffer* authenticatorData() const { return m_authenticatorData.ptr(); } >+ ArrayBuffer* signature() const { return m_signature.ptr(); } >+ ArrayBuffer* userHandle() const { return m_userHandle.ptr(); } > > private: >- AuthenticatorAssertionResponse(RefPtr<ArrayBuffer>&& clientDataJSON, RefPtr<ArrayBuffer>&& authenticatorData, RefPtr<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle); >+ AuthenticatorAssertionResponse(Ref<ArrayBuffer>&& clientDataJSON, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, Ref<ArrayBuffer>&& userHandle) >+ : AuthenticatorResponse(WTFMove(clientDataJSON)) >+ , m_authenticatorData(WTFMove(authenticatorData)) >+ , m_signature(WTFMove(signature)) >+ , m_userHandle(WTFMove(userHandle)) >+ { >+ } > > Type type() const final { return Type::Assertion; } > >- RefPtr<ArrayBuffer> m_authenticatorData; >- RefPtr<ArrayBuffer> m_signature; >- RefPtr<ArrayBuffer> m_userHandle; >+ Ref<ArrayBuffer> m_authenticatorData; >+ Ref<ArrayBuffer> m_signature; >+ Ref<ArrayBuffer> m_userHandle; > }; > > } // namespace WebCore >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.cpp b/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.cpp >deleted file mode 100644 >index 8f06c4386f23f109366022929859117c71ca5b42..0000000000000000000000000000000000000000 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.cpp >+++ /dev/null >@@ -1,46 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "AuthenticatorAttestationResponse.h" >- >-#if ENABLE(WEB_AUTHN) >- >-namespace WebCore { >- >-AuthenticatorAttestationResponse::AuthenticatorAttestationResponse(RefPtr<ArrayBuffer>&& clientDataJSON, RefPtr<ArrayBuffer>&& attestationObject) >- : AuthenticatorResponse(WTFMove(clientDataJSON)) >- , m_attestationObject(WTFMove(attestationObject)) >-{ >-} >- >-ArrayBuffer* AuthenticatorAttestationResponse::attestationObject() const >-{ >- return m_attestationObject.get(); >-} >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h b/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h >index 480707b6f71f258328d968720b38d0dfe3817adc..0537d97c3bd206f9fbd2716ed35409b67e3ee69a 100644 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h >+++ b/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h >@@ -33,21 +33,25 @@ namespace WebCore { > > class AuthenticatorAttestationResponse : public AuthenticatorResponse { > public: >- static Ref<AuthenticatorAttestationResponse> create(RefPtr<ArrayBuffer>&& clientDataJSON, RefPtr<ArrayBuffer>&& attestationObject) >+ static Ref<AuthenticatorAttestationResponse> create(Ref<ArrayBuffer>&& clientDataJSON, Ref<ArrayBuffer>&& attestationObject) > { > return adoptRef(*new AuthenticatorAttestationResponse(WTFMove(clientDataJSON), WTFMove(attestationObject))); > } > > virtual ~AuthenticatorAttestationResponse() = default; > >- ArrayBuffer* attestationObject() const; >+ ArrayBuffer* attestationObject() const { return m_attestationObject.ptr(); } > > private: >- AuthenticatorAttestationResponse(RefPtr<ArrayBuffer>&& clientDataJSON, RefPtr<ArrayBuffer>&& attestationObject); >+ AuthenticatorAttestationResponse(Ref<ArrayBuffer>&& clientDataJSON, Ref<ArrayBuffer>&& attestationObject) >+ : AuthenticatorResponse(WTFMove(clientDataJSON)) >+ , m_attestationObject(WTFMove(attestationObject)) >+ { >+ } > > Type type() const final { return Type::Attestation; } > >- RefPtr<ArrayBuffer> m_attestationObject; >+ Ref<ArrayBuffer> m_attestationObject; > }; > > } // namespace WebCore >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp >new file mode 100644 >index 0000000000000000000000000000000000000000..cd4a51fd2ae9dffe7d2013785802d0fe6effe5f3 >--- /dev/null >+++ b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp >@@ -0,0 +1,268 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include "config.h" >+#include "AuthenticatorCoordinator.h" >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "AbortSignal.h" >+#include "AuthenticatorAssertionResponse.h" >+#include "AuthenticatorAttestationResponse.h" >+#include "AuthenticatorCoordinatorClient.h" >+#include "JSBasicCredential.h" >+#include "PublicKeyCredential.h" >+#include "PublicKeyCredentialCreationOptions.h" >+#include "PublicKeyCredentialData.h" >+#include "PublicKeyCredentialRequestOptions.h" >+#include "SecurityOrigin.h" >+#include "Timer.h" >+#include <pal/crypto/CryptoDigest.h> >+#include <wtf/JSONValues.h> >+#include <wtf/NeverDestroyed.h> >+#include <wtf/text/Base64.h> >+ >+namespace WebCore { >+ >+namespace AuthenticatorCoordinatorInternal { >+ >+enum class ClientDataType { >+ Create, >+ Get >+}; >+ >+// FIXME(181948): Add token binding ID and extensions. >+static Ref<ArrayBuffer> produceClientDataJson(ClientDataType type, const BufferSource& challenge, const SecurityOrigin& origin) >+{ >+ auto object = JSON::Object::create(); >+ switch (type) { >+ case ClientDataType::Create: >+ object->setString("type"_s, "webauthn.create"_s); >+ break; >+ case ClientDataType::Get: >+ object->setString("type"_s, "webauthn.get"_s); >+ break; >+ } >+ object->setString("challenge"_s, WTF::base64URLEncode(challenge.data(), challenge.length())); >+ object->setString("origin"_s, origin.toRawString()); >+ // FIXME: This might be platform dependent. >+ object->setString("hashAlgorithm"_s, "SHA-256"_s); >+ >+ auto utf8JSONString = object->toJSONString().utf8(); >+ return ArrayBuffer::create(utf8JSONString.data(), utf8JSONString.length()); >+} >+ >+static Vector<uint8_t> produceClientDataJsonHash(const ArrayBuffer& clientDataJson) >+{ >+ // FIXME: This might be platform dependent. >+ auto crypto = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_256); >+ crypto->addBytes(clientDataJson.data(), clientDataJson.byteLength()); >+ return crypto->computeHash(); >+} >+ >+// FIXME(181947): We should probably trim timeOutInMs to some max allowable number. >+static std::unique_ptr<Timer> initTimeoutTimer(std::optional<unsigned long> timeOutInMs, const CredentialPromise& promise) >+{ >+ if (!timeOutInMs) >+ return nullptr; >+ >+ auto timer = std::make_unique<Timer>([promise = promise] () mutable { >+ promise.reject(Exception { NotAllowedError, "Operation timed out."_s }); >+ }); >+ timer->startOneShot(Seconds::fromMilliseconds(*timeOutInMs)); >+ return timer; >+} >+ >+static bool didTimeoutTimerFire(Timer* timer) >+{ >+ if (!timer) >+ return false; >+ if (!timer->isActive()) >+ return true; >+ timer->stop(); >+ return false; >+} >+ >+} // namespace AuthenticatorCoordinatorInternal >+ >+AuthenticatorCoordinator::AuthenticatorCoordinator(std::unique_ptr<AuthenticatorCoordinatorClient>&& client) >+ : m_client(WTFMove(client)) >+{ >+} >+ >+void AuthenticatorCoordinator::setClient(std::unique_ptr<AuthenticatorCoordinatorClient>&& client) >+{ >+ m_client = WTFMove(client); >+} >+ >+void AuthenticatorCoordinator::create(const SecurityOrigin& callerOrigin, const PublicKeyCredentialCreationOptions& options, bool sameOriginWithAncestors, RefPtr<AbortSignal>&& abortSignal, CredentialPromise&& promise) const >+{ >+ using namespace AuthenticatorCoordinatorInternal; >+ >+ // The following implements https://www.w3.org/TR/webauthn/#createCredential as of 5 December 2017. >+ // FIXME: Extensions are not supported yet. Skip Step 11-12. >+ // Step 1, 3, 16 are handled by the caller. >+ // Step 2. >+ if (!sameOriginWithAncestors) { >+ promise.reject(Exception { NotAllowedError, "The origin of the document is not the same as its ancestors."_s }); >+ return; >+ } >+ >+ // Step 4 & 17. >+ std::unique_ptr<Timer> timeoutTimer = initTimeoutTimer(options.timeout, promise); >+ >+ // Step 5-7. >+ // FIXME(181950): We lack fundamental support from SecurityOrigin to determine if a host is a valid domain or not. >+ // Step 6 is therefore skipped. Also, we lack the support to determine whether a domain is a registrable >+ // domain suffix of another domain. Hence restrict the comparison to equal in Step 7. >+ if (!options.rp.id.isEmpty() && callerOrigin.host() != options.rp.id) { >+ promise.reject(Exception { SecurityError, "The origin of the document is not a registrable domain suffix of the provided RP ID."_s }); >+ return; >+ } >+ if (options.rp.id.isEmpty()) >+ options.rp.id = callerOrigin.host(); >+ >+ // Step 8-10. >+ // Most of the jobs are done by bindings. However, we can't know if the JSValue of options.pubKeyCredParams >+ // is empty or not. Return NotSupportedError as long as it is empty. >+ if (options.pubKeyCredParams.isEmpty()) { >+ promise.reject(Exception { NotSupportedError, "No desired properties of the to be created credential are provided."_s }); >+ return; >+ } >+ >+ // Step 13-15. >+ auto clientDataJson = produceClientDataJson(ClientDataType::Create, options.challenge, callerOrigin); >+ auto clientDataJsonHash = produceClientDataJsonHash(clientDataJson); >+ >+ // Step 18-21. >+ // Only platform attachments will be supported at this stage. Assuming one authenticator per device. >+ // Also, resident keys, user verifications and direct attestation are enforced at this tage. >+ // For better performance, transports of options.excludeCredentials are checked in LocalAuthenticator. >+ if (!m_client) { >+ promise.reject(Exception { UnknownError, "Unknown internal error."_s }); >+ return; >+ } >+ >+ auto completionHandler = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), timeoutTimer = WTFMove(timeoutTimer), abortSignal = WTFMove(abortSignal)] (const WebCore::PublicKeyCredentialData& data, const WebCore::ExceptionData& exception) mutable { >+ if (didTimeoutTimerFire(timeoutTimer.get())) >+ return; >+ if (abortSignal && abortSignal->aborted()) { >+ promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s }); >+ return; >+ } >+ >+ data.clientDataJSON = WTFMove(clientDataJson); >+ if (auto publicKeyCredential = PublicKeyCredential::tryCreate(data)) { >+ promise.resolve(publicKeyCredential.get()); >+ return; >+ } >+ ASSERT(!exception.message.isNull()); >+ promise.reject(exception.toException()); >+ }; >+ // Async operations are dispatched and handled in the messenger. >+ m_client->makeCredential(clientDataJsonHash, options, WTFMove(completionHandler)); >+} >+ >+void AuthenticatorCoordinator::discoverFromExternalSource(const SecurityOrigin& callerOrigin, const PublicKeyCredentialRequestOptions& options, bool sameOriginWithAncestors, RefPtr<AbortSignal>&& abortSignal, CredentialPromise&& promise) const >+{ >+ using namespace AuthenticatorCoordinatorInternal; >+ >+ // The following implements https://www.w3.org/TR/webauthn/#createCredential as of 5 December 2017. >+ // FIXME: Extensions are not supported yet. Skip Step 8-9. >+ // Step 1, 3, 13 are handled by the caller. >+ // Step 2. >+ if (!sameOriginWithAncestors) { >+ promise.reject(Exception { NotAllowedError, "The origin of the document is not the same as its ancestors."_s }); >+ return; >+ } >+ >+ // Step 4 & 16. >+ std::unique_ptr<Timer> timeoutTimer = initTimeoutTimer(options.timeout, promise); >+ >+ // Step 5-7. >+ // FIXME(181950): We lack fundamental support from SecurityOrigin to determine if a host is a valid domain or not. >+ // Step 6 is therefore skipped. Also, we lack the support to determine whether a domain is a registrable >+ // domain suffix of another domain. Hence restrict the comparison to equal in Step 7. >+ if (!options.rpId.isEmpty() && callerOrigin.host() != options.rpId) { >+ promise.reject(Exception { SecurityError, "The origin of the document is not a registrable domain suffix of the provided RP ID."_s }); >+ return; >+ } >+ if (options.rpId.isEmpty()) >+ options.rpId = callerOrigin.host(); >+ >+ // Step 10-12. >+ auto clientDataJson = produceClientDataJson(ClientDataType::Get, options.challenge, callerOrigin); >+ auto clientDataJsonHash = produceClientDataJsonHash(clientDataJson); >+ >+ // Step 14-15, 17-19. >+ // Only platform attachments will be supported at this stage. Assuming one authenticator per device. >+ // Also, resident keys, user verifications and direct attestation are enforced at this tage. >+ // For better performance, filtering of options.allowCredentials is done in LocalAuthenticator. >+ if (!m_client) { >+ promise.reject(Exception { UnknownError, "Unknown internal error."_s }); >+ return; >+ } >+ >+ auto completionHandler = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), timeoutTimer = WTFMove(timeoutTimer), abortSignal = WTFMove(abortSignal)] (const WebCore::PublicKeyCredentialData& data, const WebCore::ExceptionData& exception) mutable { >+ if (didTimeoutTimerFire(timeoutTimer.get())) >+ return; >+ if (abortSignal && abortSignal->aborted()) { >+ promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s }); >+ return; >+ } >+ >+ data.clientDataJSON = WTFMove(clientDataJson); >+ if (auto publicKeyCredential = PublicKeyCredential::tryCreate(data)) { >+ promise.resolve(publicKeyCredential.get()); >+ return; >+ } >+ ASSERT(!exception.message.isNull()); >+ promise.reject(exception.toException()); >+ }; >+ // Async operations are dispatched and handled in the messenger. >+ m_client->getAssertion(clientDataJsonHash, options, WTFMove(completionHandler)); >+} >+ >+void AuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&& promise) const >+{ >+ // The following implements https://www.w3.org/TR/webauthn/#isUserVerifyingPlatformAuthenticatorAvailable >+ // as of 5 December 2017. >+ if (!m_client) { >+ promise.reject(Exception { UnknownError, "Unknown internal error."_s }); >+ return; >+ } >+ >+ // FIXME(182767): We should consider more on the assessment of the return value. Right now, we return true/false >+ // immediately according to platform specific procedures. >+ auto completionHandler = [promise = WTFMove(promise)] (bool result) mutable { >+ promise.resolve(result); >+ }; >+ // Async operation are dispatched and handled in the messenger. >+ m_client->isUserVerifyingPlatformAuthenticatorAvailable(WTFMove(completionHandler)); >+} >+ >+} // namespace WebCore >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h >new file mode 100644 >index 0000000000000000000000000000000000000000..b1c49db523b936b0a4ec221041b77da7cc1478fd >--- /dev/null >+++ b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.h >@@ -0,0 +1,65 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "JSDOMPromiseDeferred.h" >+#include <wtf/Forward.h> >+#include <wtf/Noncopyable.h> >+ >+namespace WebCore { >+ >+class AbortSignal; >+class AuthenticatorCoordinatorClient; >+class BasicCredential; >+class SecurityOrigin; >+ >+struct PublicKeyCredentialCreationOptions; >+struct PublicKeyCredentialRequestOptions; >+ >+using CredentialPromise = DOMPromiseDeferred<IDLNullable<IDLInterface<BasicCredential>>>; >+ >+class AuthenticatorCoordinator { >+ WTF_MAKE_NONCOPYABLE(AuthenticatorCoordinator); >+public: >+ WEBCORE_EXPORT explicit AuthenticatorCoordinator(std::unique_ptr<AuthenticatorCoordinatorClient>&&); >+ WEBCORE_EXPORT void setClient(std::unique_ptr<AuthenticatorCoordinatorClient>&&); >+ >+ // The following methods implement static methods of PublicKeyCredential. >+ void create(const SecurityOrigin&, const PublicKeyCredentialCreationOptions&, bool sameOriginWithAncestors, RefPtr<AbortSignal>&&, CredentialPromise&&) const; >+ void discoverFromExternalSource(const SecurityOrigin&, const PublicKeyCredentialRequestOptions&, bool sameOriginWithAncestors, RefPtr<AbortSignal>&&, CredentialPromise&&) const; >+ void isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&&) const; >+ >+private: >+ AuthenticatorCoordinator() = default; >+ >+ std::unique_ptr<AuthenticatorCoordinatorClient> m_client; >+}; >+ >+} // namespace WebCore >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.cpp b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.cpp >new file mode 100644 >index 0000000000000000000000000000000000000000..c0c80ca77cf721e083b6460d0b96e1fdb81f46f0 >--- /dev/null >+++ b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.cpp >@@ -0,0 +1,76 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include "config.h" >+#include "AuthenticatorCoordinatorClient.h" >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "PublicKeyCredentialData.h" >+ >+namespace WebCore { >+ >+AuthenticatorCoordinatorClient::~AuthenticatorCoordinatorClient() >+{ >+ // Just to call handlers to avoid any assertion failures. >+ if (m_pendingCompletionHandler) >+ m_pendingCompletionHandler({ }, { NotAllowedError, "Operation timed out."_s }); >+ for (auto itr = m_pendingQueryCompletionHandlers.begin(); itr != m_pendingQueryCompletionHandlers.end(); ++itr) >+ itr->value(false); >+} >+ >+void AuthenticatorCoordinatorClient::requestReply(const WebCore::PublicKeyCredentialData& data, const WebCore::ExceptionData& exception) >+{ >+ m_pendingCompletionHandler(data, exception); >+} >+ >+void AuthenticatorCoordinatorClient::isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool result) >+{ >+ auto handler = m_pendingQueryCompletionHandlers.take(messageId); >+ handler(result); >+} >+ >+bool AuthenticatorCoordinatorClient::setRequestCompletionHandler(RequestCompletionHandler&& handler) >+{ >+ if (m_pendingCompletionHandler) { >+ handler({ }, { NotAllowedError, "A request is pending."_s }); >+ return false; >+ } >+ >+ m_pendingCompletionHandler = WTFMove(handler); >+ return true; >+} >+ >+uint64_t AuthenticatorCoordinatorClient::addQueryCompletionHandler(QueryCompletionHandler&& handler) >+{ >+ uint64_t messageId = m_accumulatedMessageId++; >+ auto addResult = m_pendingQueryCompletionHandlers.add(messageId, WTFMove(handler)); >+ ASSERT_UNUSED(addResult, addResult.isNewEntry); >+ return messageId; >+} >+ >+} // namespace WebCore >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h >new file mode 100644 >index 0000000000000000000000000000000000000000..eba3d91d650f40d646b31f61a0681ee555eba14c >--- /dev/null >+++ b/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h >@@ -0,0 +1,76 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "ExceptionData.h" >+#include <wtf/CompletionHandler.h> >+#include <wtf/HashMap.h> >+#include <wtf/WeakPtr.h> >+ >+namespace WebCore { >+ >+class DeferredPromise; >+ >+struct PublicKeyCredentialCreationOptions; >+struct PublicKeyCredentialData; >+struct PublicKeyCredentialRequestOptions; >+ >+using RequestCompletionHandler = CompletionHandler<void(const WebCore::PublicKeyCredentialData&, const WebCore::ExceptionData&)>; >+using QueryCompletionHandler = CompletionHandler<void(bool)>; >+ >+class WEBCORE_EXPORT AuthenticatorCoordinatorClient : public CanMakeWeakPtr<AuthenticatorCoordinatorClient> { >+ WTF_MAKE_FAST_ALLOCATED; >+ WTF_MAKE_NONCOPYABLE(AuthenticatorCoordinatorClient); >+public: >+ AuthenticatorCoordinatorClient() = default; >+ virtual ~AuthenticatorCoordinatorClient(); >+ >+ // Senders. >+ virtual void makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions&, RequestCompletionHandler&&) = 0; >+ virtual void getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions&, RequestCompletionHandler&&) = 0; >+ virtual void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&) = 0; >+ >+ // Receivers. >+ void requestReply(const WebCore::PublicKeyCredentialData&, const WebCore::ExceptionData&); >+ void isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool); >+ >+protected: >+ // Only one request is allowed at one time. It returns false whenever there is an existing pending request. >+ // And invokes the provided handler with NotAllowedError. >+ bool setRequestCompletionHandler(RequestCompletionHandler&&); >+ uint64_t addQueryCompletionHandler(QueryCompletionHandler&&); >+ >+private: >+ RequestCompletionHandler m_pendingCompletionHandler; >+ uint64_t m_accumulatedMessageId { 1 }; >+ HashMap<uint64_t, QueryCompletionHandler> m_pendingQueryCompletionHandlers; >+}; >+ >+} // namespace WebCore >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp b/Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp >deleted file mode 100644 >index 59d601621f1911795b17e4de766fd639696f6154..0000000000000000000000000000000000000000 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp >+++ /dev/null >@@ -1,267 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "AuthenticatorManager.h" >- >-#if ENABLE(WEB_AUTHN) >- >-#include "AbortSignal.h" >-#include "AuthenticatorAssertionResponse.h" >-#include "AuthenticatorAttestationResponse.h" >-#include "CredentialsMessenger.h" >-#include "JSBasicCredential.h" >-#include "PublicKeyCredential.h" >-#include "PublicKeyCredentialCreationOptions.h" >-#include "PublicKeyCredentialRequestOptions.h" >-#include "SecurityOrigin.h" >-#include "Timer.h" >-#include <pal/crypto/CryptoDigest.h> >-#include <wtf/JSONValues.h> >-#include <wtf/NeverDestroyed.h> >-#include <wtf/text/Base64.h> >- >-namespace WebCore { >- >-namespace AuthenticatorManagerInternal { >- >-enum class ClientDataType { >- Create, >- Get >-}; >- >-// FIXME(181948): Add token binding ID and extensions. >-static Ref<ArrayBuffer> produceClientDataJson(ClientDataType type, const BufferSource& challenge, const SecurityOrigin& origin) >-{ >- auto object = JSON::Object::create(); >- switch (type) { >- case ClientDataType::Create: >- object->setString("type"_s, "webauthn.create"_s); >- break; >- case ClientDataType::Get: >- object->setString("type"_s, "webauthn.get"_s); >- break; >- } >- object->setString("challenge"_s, WTF::base64URLEncode(challenge.data(), challenge.length())); >- object->setString("origin"_s, origin.toRawString()); >- // FIXME: This might be platform dependent. >- object->setString("hashAlgorithm"_s, "SHA-256"_s); >- >- auto utf8JSONString = object->toJSONString().utf8(); >- return ArrayBuffer::create(utf8JSONString.data(), utf8JSONString.length()); >-} >- >-static Vector<uint8_t> produceClientDataJsonHash(const ArrayBuffer& clientDataJson) >-{ >- // FIXME: This might be platform dependent. >- auto crypto = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_256); >- crypto->addBytes(clientDataJson.data(), clientDataJson.byteLength()); >- return crypto->computeHash(); >-} >- >-// FIXME(181947): We should probably trim timeOutInMs to some max allowable number. >-static std::unique_ptr<Timer> initTimeoutTimer(std::optional<unsigned long> timeOutInMs, const CredentialPromise& promise) >-{ >- if (!timeOutInMs) >- return nullptr; >- >- auto timer = std::make_unique<Timer>([promise = promise] () mutable { >- promise.reject(Exception { NotAllowedError, "Operation timed out."_s }); >- }); >- timer->startOneShot(Seconds::fromMilliseconds(*timeOutInMs)); >- return timer; >-} >- >-static bool didTimeoutTimerFire(Timer* timer) >-{ >- if (!timer) >- return false; >- if (!timer->isActive()) >- return true; >- timer->stop(); >- return false; >-} >- >-} // namespace AuthenticatorManagerInternal >- >-AuthenticatorManager& AuthenticatorManager::singleton() >-{ >- ASSERT(isMainThread()); >- static NeverDestroyed<AuthenticatorManager> authenticator; >- return authenticator; >-} >- >-void AuthenticatorManager::setMessenger(CredentialsMessenger& messenger) >-{ >- m_messenger = makeWeakPtr(messenger); >-} >- >-void AuthenticatorManager::create(const SecurityOrigin& callerOrigin, const PublicKeyCredentialCreationOptions& options, bool sameOriginWithAncestors, RefPtr<AbortSignal>&& abortSignal, CredentialPromise&& promise) const >-{ >- using namespace AuthenticatorManagerInternal; >- >- // The following implements https://www.w3.org/TR/webauthn/#createCredential as of 5 December 2017. >- // FIXME: Extensions are not supported yet. Skip Step 11-12. >- // Step 1, 3, 16 are handled by the caller. >- // Step 2. >- if (!sameOriginWithAncestors) { >- promise.reject(Exception { NotAllowedError, "The origin of the document is not the same as its ancestors."_s }); >- return; >- } >- >- // Step 4 & 17. >- std::unique_ptr<Timer> timeoutTimer = initTimeoutTimer(options.timeout, promise); >- >- // Step 5-7. >- // FIXME(181950): We lack fundamental support from SecurityOrigin to determine if a host is a valid domain or not. >- // Step 6 is therefore skipped. Also, we lack the support to determine whether a domain is a registrable >- // domain suffix of another domain. Hence restrict the comparison to equal in Step 7. >- if (!options.rp.id.isEmpty() && callerOrigin.host() != options.rp.id) { >- promise.reject(Exception { SecurityError, "The origin of the document is not a registrable domain suffix of the provided RP ID."_s }); >- return; >- } >- if (options.rp.id.isEmpty()) >- options.rp.id = callerOrigin.host(); >- >- // Step 8-10. >- // Most of the jobs are done by bindings. However, we can't know if the JSValue of options.pubKeyCredParams >- // is empty or not. Return NotSupportedError as long as it is empty. >- if (options.pubKeyCredParams.isEmpty()) { >- promise.reject(Exception { NotSupportedError, "No desired properties of the to be created credential are provided."_s }); >- return; >- } >- >- // Step 13-15. >- auto clientDataJson = produceClientDataJson(ClientDataType::Create, options.challenge, callerOrigin); >- auto clientDataJsonHash = produceClientDataJsonHash(clientDataJson); >- >- // Step 18-21. >- // Only platform attachments will be supported at this stage. Assuming one authenticator per device. >- // Also, resident keys, user verifications and direct attestation are enforced at this tage. >- // For better performance, transports of options.excludeCredentials are checked in LocalAuthenticator. >- if (!m_messenger) { >- promise.reject(Exception { UnknownError, "Unknown internal error."_s }); >- return; >- } >- >- auto completionHandler = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), timeoutTimer = WTFMove(timeoutTimer), abortSignal = WTFMove(abortSignal)] (ExceptionOr<CreationReturnBundle>&& result) mutable { >- if (didTimeoutTimerFire(timeoutTimer.get())) >- return; >- if (abortSignal && abortSignal->aborted()) { >- promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s }); >- return; >- } >- if (result.hasException()) { >- promise.reject(result.exception()); >- return; >- } >- >- auto bundle = result.releaseReturnValue(); >- promise.resolve(PublicKeyCredential::create(WTFMove(bundle.credentialId), AuthenticatorAttestationResponse::create(WTFMove(clientDataJson), ArrayBuffer::create(WTFMove(bundle.attestationObject)))).ptr()); >- }; >- // Async operations are dispatched and handled in the messenger. >- m_messenger->makeCredential(clientDataJsonHash, options, WTFMove(completionHandler)); >-} >- >-void AuthenticatorManager::discoverFromExternalSource(const SecurityOrigin& callerOrigin, const PublicKeyCredentialRequestOptions& options, bool sameOriginWithAncestors, RefPtr<AbortSignal>&& abortSignal, CredentialPromise&& promise) const >-{ >- using namespace AuthenticatorManagerInternal; >- >- // The following implements https://www.w3.org/TR/webauthn/#createCredential as of 5 December 2017. >- // FIXME: Extensions are not supported yet. Skip Step 8-9. >- // Step 1, 3, 13 are handled by the caller. >- // Step 2. >- if (!sameOriginWithAncestors) { >- promise.reject(Exception { NotAllowedError, "The origin of the document is not the same as its ancestors."_s }); >- return; >- } >- >- // Step 4 & 16. >- std::unique_ptr<Timer> timeoutTimer = initTimeoutTimer(options.timeout, promise); >- >- // Step 5-7. >- // FIXME(181950): We lack fundamental support from SecurityOrigin to determine if a host is a valid domain or not. >- // Step 6 is therefore skipped. Also, we lack the support to determine whether a domain is a registrable >- // domain suffix of another domain. Hence restrict the comparison to equal in Step 7. >- if (!options.rpId.isEmpty() && callerOrigin.host() != options.rpId) { >- promise.reject(Exception { SecurityError, "The origin of the document is not a registrable domain suffix of the provided RP ID."_s }); >- return; >- } >- if (options.rpId.isEmpty()) >- options.rpId = callerOrigin.host(); >- >- // Step 10-12. >- auto clientDataJson = produceClientDataJson(ClientDataType::Get, options.challenge, callerOrigin); >- auto clientDataJsonHash = produceClientDataJsonHash(clientDataJson); >- >- // Step 14-15, 17-19. >- // Only platform attachments will be supported at this stage. Assuming one authenticator per device. >- // Also, resident keys, user verifications and direct attestation are enforced at this tage. >- // For better performance, filtering of options.allowCredentials is done in LocalAuthenticator. >- if (!m_messenger) { >- promise.reject(Exception { UnknownError, "Unknown internal error."_s }); >- return; >- } >- >- auto completionHandler = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), timeoutTimer = WTFMove(timeoutTimer), abortSignal = WTFMove(abortSignal)] (ExceptionOr<AssertionReturnBundle>&& result) mutable { >- if (didTimeoutTimerFire(timeoutTimer.get())) >- return; >- if (abortSignal && abortSignal->aborted()) { >- promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s }); >- return; >- } >- if (result.hasException()) { >- promise.reject(result.exception()); >- return; >- } >- >- auto bundle = result.releaseReturnValue(); >- promise.resolve(PublicKeyCredential::create(WTFMove(bundle.credentialId), AuthenticatorAssertionResponse::create(WTFMove(clientDataJson), WTFMove(bundle.authenticatorData), WTFMove(bundle.signature), WTFMove(bundle.userHandle))).ptr()); >- }; >- // Async operations are dispatched and handled in the messenger. >- m_messenger->getAssertion(clientDataJsonHash, options, WTFMove(completionHandler)); >-} >- >-void AuthenticatorManager::isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&& promise) const >-{ >- // The following implements https://www.w3.org/TR/webauthn/#isUserVerifyingPlatformAuthenticatorAvailable >- // as of 5 December 2017. >- if (!m_messenger) { >- promise.reject(Exception { UnknownError, "Unknown internal error."_s }); >- return; >- } >- >- // FIXME(182767): We should consider more on the assessment of the return value. Right now, we return true/false >- // immediately according to platform specific procedures. >- auto completionHandler = [promise = WTFMove(promise)] (bool result) mutable { >- promise.resolve(result); >- }; >- // Async operation are dispatched and handled in the messenger. >- m_messenger->isUserVerifyingPlatformAuthenticatorAvailable(WTFMove(completionHandler)); >-} >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorManager.h b/Source/WebCore/Modules/webauthn/AuthenticatorManager.h >deleted file mode 100644 >index 637276dde678c23b0c92198d1ff79dab35f6ca5a..0000000000000000000000000000000000000000 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorManager.h >+++ /dev/null >@@ -1,67 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#pragma once >- >-#if ENABLE(WEB_AUTHN) >- >-#include "JSDOMPromiseDeferred.h" >-#include <wtf/Forward.h> >-#include <wtf/Noncopyable.h> >-#include <wtf/WeakPtr.h> >- >-namespace WebCore { >- >-class AbortSignal; >-class BasicCredential; >-class CredentialsMessenger; >-class SecurityOrigin; >- >-struct PublicKeyCredentialCreationOptions; >-struct PublicKeyCredentialRequestOptions; >- >-using CredentialPromise = DOMPromiseDeferred<IDLNullable<IDLInterface<BasicCredential>>>; >- >-class AuthenticatorManager { >- WTF_MAKE_NONCOPYABLE(AuthenticatorManager); >- friend class NeverDestroyed<AuthenticatorManager>; >-public: >- WEBCORE_EXPORT static AuthenticatorManager& singleton(); >- WEBCORE_EXPORT void setMessenger(CredentialsMessenger&); >- >- // The following methods implement static methods of PublicKeyCredential. >- void create(const SecurityOrigin&, const PublicKeyCredentialCreationOptions&, bool sameOriginWithAncestors, RefPtr<AbortSignal>&&, CredentialPromise&&) const; >- void discoverFromExternalSource(const SecurityOrigin&, const PublicKeyCredentialRequestOptions&, bool sameOriginWithAncestors, RefPtr<AbortSignal>&&, CredentialPromise&&) const; >- void isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&&) const; >- >-private: >- AuthenticatorManager() = default; >- >- WeakPtr<CredentialsMessenger> m_messenger; >-}; >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp b/Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp >deleted file mode 100644 >index db8f0946dc3e00d4e38499256cc1d923272d075f..0000000000000000000000000000000000000000 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp >+++ /dev/null >@@ -1,45 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "AuthenticatorResponse.h" >- >-#if ENABLE(WEB_AUTHN) >- >-namespace WebCore { >- >-AuthenticatorResponse::AuthenticatorResponse(RefPtr<ArrayBuffer>&& clientDataJSON) >- : m_clientDataJSON(WTFMove(clientDataJSON)) >-{ >-} >- >-ArrayBuffer* AuthenticatorResponse::clientDataJSON() const >-{ >- return m_clientDataJSON.get(); >-} >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/AuthenticatorResponse.h b/Source/WebCore/Modules/webauthn/AuthenticatorResponse.h >index 5528c03034f521c54c31412d5e63b76ea7e8faac..cb7e07e52ec94d4e14204e16633596b95b100e9f 100644 >--- a/Source/WebCore/Modules/webauthn/AuthenticatorResponse.h >+++ b/Source/WebCore/Modules/webauthn/AuthenticatorResponse.h >@@ -40,15 +40,18 @@ public: > Attestation > }; > >- explicit AuthenticatorResponse(RefPtr<ArrayBuffer>&&); >+ explicit AuthenticatorResponse(Ref<ArrayBuffer>&& clientDataJSON) >+ : m_clientDataJSON(WTFMove(clientDataJSON)) >+ { >+ } > virtual ~AuthenticatorResponse() = default; > > virtual Type type() const = 0; > >- ArrayBuffer* clientDataJSON() const; >+ ArrayBuffer* clientDataJSON() const { return m_clientDataJSON.ptr(); } > > private: >- RefPtr<ArrayBuffer> m_clientDataJSON; >+ Ref<ArrayBuffer> m_clientDataJSON; > }; > > } // namespace WebCore >diff --git a/Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp b/Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp >index 112f40a6342f62c76c5465bfeae8c7bc565e7a10..21f700cf0f36cea779638f440be0cda587214867 100644 >--- a/Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp >+++ b/Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp >@@ -28,13 +28,39 @@ > > #if ENABLE(WEB_AUTHN) > >-#include "AuthenticatorManager.h" >+#include "AuthenticatorCoordinator.h" >+#include "Document.h" > #include "JSDOMPromiseDeferred.h" >+#include "Page.h" >+#include "PublicKeyCredentialData.h" > #include <wtf/text/Base64.h> > > namespace WebCore { > >-PublicKeyCredential::PublicKeyCredential(RefPtr<ArrayBuffer>&& id, RefPtr<AuthenticatorResponse>&& response) >+Ref<PublicKeyCredential> PublicKeyCredential::create(Ref<ArrayBuffer>&& id, Ref<AuthenticatorResponse>&& response) >+{ >+ return adoptRef(*new PublicKeyCredential(WTFMove(id), WTFMove(response))); >+} >+ >+RefPtr<PublicKeyCredential> PublicKeyCredential::tryCreate(const PublicKeyCredentialData& data) >+{ >+ if (!data.rawId || !data.clientDataJSON) >+ return nullptr; >+ >+ if (data.isAuthenticatorAttestationResponse) { >+ if (!data.attestationObject) >+ return nullptr; >+ >+ return adoptRef(*new PublicKeyCredential(data.rawId.releaseNonNull(), AuthenticatorAttestationResponse::create(data.clientDataJSON.releaseNonNull(), data.attestationObject.releaseNonNull()))); >+ } >+ >+ if (!data.authenticatorData || !data.signature || !data.userHandle) >+ return nullptr; >+ >+ return adoptRef(*new PublicKeyCredential(data.rawId.releaseNonNull(), AuthenticatorAssertionResponse::create(data.clientDataJSON.releaseNonNull(), data.authenticatorData.releaseNonNull(), data.signature.releaseNonNull(), data.userHandle.releaseNonNull()))); >+} >+ >+PublicKeyCredential::PublicKeyCredential(Ref<ArrayBuffer>&& id, Ref<AuthenticatorResponse>&& response) > : BasicCredential(WTF::base64URLEncode(id->data(), id->byteLength()), Type::PublicKey, Discovery::Remote) > , m_rawId(WTFMove(id)) > , m_response(WTFMove(response)) >@@ -46,9 +72,9 @@ ExceptionOr<bool> PublicKeyCredential::getClientExtensionResults() const > return Exception { NotSupportedError }; > } > >-void PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&& promise) >+void PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable(Document& document, DOMPromiseDeferred<IDLBoolean>&& promise) > { >- AuthenticatorManager::singleton().isUserVerifyingPlatformAuthenticatorAvailable(WTFMove(promise)); >+ document.page()->authenticatorCoordinator().isUserVerifyingPlatformAuthenticatorAvailable(WTFMove(promise)); > } > > } // namespace WebCore >diff --git a/Source/WebCore/Modules/webauthn/PublicKeyCredential.h b/Source/WebCore/Modules/webauthn/PublicKeyCredential.h >index fdedc589b30341157dae3bb7baa4274fb6fa9ba4..30fce4202bebaf0a982eca8ff3e9ec3b89bd729a 100644 >--- a/Source/WebCore/Modules/webauthn/PublicKeyCredential.h >+++ b/Source/WebCore/Modules/webauthn/PublicKeyCredential.h >@@ -36,28 +36,29 @@ > namespace WebCore { > > class AuthenticatorResponse; >+class Document; >+ >+struct PublicKeyCredentialData; > > class PublicKeyCredential final : public BasicCredential { > public: >- static Ref<PublicKeyCredential> create(RefPtr<ArrayBuffer>&& id, RefPtr<AuthenticatorResponse>&& response) >- { >- return adoptRef(*new PublicKeyCredential(WTFMove(id), WTFMove(response))); >- } >+ static Ref<PublicKeyCredential> create(Ref<ArrayBuffer>&& id, Ref<AuthenticatorResponse>&&); >+ static RefPtr<PublicKeyCredential> tryCreate(const PublicKeyCredentialData&); > >- ArrayBuffer* rawId() const { return m_rawId.get(); } >- AuthenticatorResponse* response() const { return m_response.get(); } >+ ArrayBuffer* rawId() const { return m_rawId.ptr(); } >+ AuthenticatorResponse* response() const { return m_response.ptr(); } > // Not support yet. Always throws. > ExceptionOr<bool> getClientExtensionResults() const; > >- static void isUserVerifyingPlatformAuthenticatorAvailable(DOMPromiseDeferred<IDLBoolean>&&); >+ static void isUserVerifyingPlatformAuthenticatorAvailable(Document&, DOMPromiseDeferred<IDLBoolean>&&); > > private: >- PublicKeyCredential(RefPtr<ArrayBuffer>&& id, RefPtr<AuthenticatorResponse>&&); >+ PublicKeyCredential(Ref<ArrayBuffer>&& id, Ref<AuthenticatorResponse>&&); > > Type credentialType() const final { return Type::PublicKey; } > >- RefPtr<ArrayBuffer> m_rawId; >- RefPtr<AuthenticatorResponse> m_response; >+ Ref<ArrayBuffer> m_rawId; >+ Ref<AuthenticatorResponse> m_response; > }; > > } // namespace WebCore >diff --git a/Source/WebCore/Modules/webauthn/PublicKeyCredential.idl b/Source/WebCore/Modules/webauthn/PublicKeyCredential.idl >index 77b1b7240b591b243dea987920d47420efbc56ad..d51f06d40dd9e4ec3c6a2897672620fe2b85f971 100644 >--- a/Source/WebCore/Modules/webauthn/PublicKeyCredential.idl >+++ b/Source/WebCore/Modules/webauthn/PublicKeyCredential.idl >@@ -35,5 +35,5 @@ typedef boolean AuthenticationExtensions; > [SameObject] readonly attribute AuthenticatorResponse response; > [MayThrowException] AuthenticationExtensions getClientExtensionResults(); > >- static Promise<boolean> isUserVerifyingPlatformAuthenticatorAvailable(); >+ [CallWith=Document] static Promise<boolean> isUserVerifyingPlatformAuthenticatorAvailable(); > }; >diff --git a/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h b/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h >index 760e8fda5f1e75177cefef751586eab4940433c8..341397cb2c66e1dee2b03691504da2b22e25c6fb 100644 >--- a/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h >+++ b/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h >@@ -94,9 +94,9 @@ template<class Encoder> > void PublicKeyCredentialCreationOptions::encode(Encoder& encoder) const > { > encoder << rp.id << rp.name << rp.icon; >- Vector<uint8_t> idVector; >- idVector.append(user.id.data(), user.id.length()); >- encoder << idVector << user.displayName << user.name << user.icon << pubKeyCredParams << excludeCredentials; >+ encoder << static_cast<uint64_t>(user.id.length()); >+ encoder.encodeFixedLengthData(user.id.data(), user.id.length(), 1); >+ encoder << user.displayName << user.name << user.icon << pubKeyCredParams << excludeCredentials; > } > > template<class Decoder> >@@ -109,8 +109,15 @@ std::optional<PublicKeyCredentialCreationOptions> PublicKeyCredentialCreationOpt > return std::nullopt; > if (!decoder.decode(result.rp.icon)) > return std::nullopt; >- if (!decoder.decode(result.user.idVector)) >+ >+ std::optional<uint64_t> userIdLength; >+ decoder >> userIdLength; >+ if (!userIdLength) >+ return std::nullopt; >+ result.user.idVector.reserveCapacity(userIdLength.value()); >+ if (!decoder.decodeFixedLengthData(result.user.idVector.data(), userIdLength.value(), 1)) > return std::nullopt; >+ > if (!decoder.decode(result.user.displayName)) > return std::nullopt; > if (!decoder.decode(result.user.name)) >diff --git a/Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h b/Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h >new file mode 100644 >index 0000000000000000000000000000000000000000..229fb87f780a5bf52c02b02c569c07dac5035874 >--- /dev/null >+++ b/Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h >@@ -0,0 +1,144 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include <JavaScriptCore/ArrayBuffer.h> >+#include <wtf/Forward.h> >+ >+namespace WebCore { >+ >+class AuthenticatorResponse; >+ >+struct PublicKeyCredentialData { >+ mutable RefPtr<ArrayBuffer> rawId; >+ >+ // AuthenticatorResponse >+ bool isAuthenticatorAttestationResponse; >+ mutable RefPtr<ArrayBuffer> clientDataJSON; >+ >+ // AuthenticatorAttestationResponse >+ mutable RefPtr<ArrayBuffer> attestationObject; >+ >+ // AuthenticatorAssertionResponse >+ mutable RefPtr<ArrayBuffer> authenticatorData; >+ mutable RefPtr<ArrayBuffer> signature; >+ mutable RefPtr<ArrayBuffer> userHandle; >+ >+ template<class Encoder> void encode(Encoder&) const; >+ template<class Decoder> static std::optional<PublicKeyCredentialData> decode(Decoder&); >+}; >+ >+// Noted: clientDataJSON is never encoded or decoded as it is never sent across different processes. >+template<class Encoder> >+void PublicKeyCredentialData::encode(Encoder& encoder) const >+{ >+ encoder << static_cast<uint64_t>(rawId->byteLength()); >+ encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(rawId->data()), rawId->byteLength(), 1); >+ >+ encoder << isAuthenticatorAttestationResponse; >+ >+ if (isAuthenticatorAttestationResponse) { >+ encoder << static_cast<uint64_t>(attestationObject->byteLength()); >+ encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(attestationObject->data()), attestationObject->byteLength(), 1); >+ return; >+ } >+ >+ encoder << static_cast<uint64_t>(authenticatorData->byteLength()); >+ encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(authenticatorData->data()), authenticatorData->byteLength(), 1); >+ encoder << static_cast<uint64_t>(signature->byteLength()); >+ encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(signature->data()), signature->byteLength(), 1); >+ encoder << static_cast<uint64_t>(userHandle->byteLength()); >+ encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(userHandle->data()), userHandle->byteLength(), 1); >+} >+ >+template<class Decoder> >+std::optional<PublicKeyCredentialData> PublicKeyCredentialData::decode(Decoder& decoder) >+{ >+ PublicKeyCredentialData result; >+ >+ std::optional<uint64_t> rawIdLength; >+ decoder >> rawIdLength; >+ if (!rawIdLength) >+ return std::nullopt; >+ >+ result.rawId = ArrayBuffer::create(rawIdLength.value(), sizeof(uint8_t)); >+ if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(result.rawId->data()), rawIdLength.value(), 1)) >+ return std::nullopt; >+ >+ std::optional<bool> isAuthenticatorAttestationResponse; >+ decoder >> isAuthenticatorAttestationResponse; >+ if (!isAuthenticatorAttestationResponse) >+ return std::nullopt; >+ result.isAuthenticatorAttestationResponse = isAuthenticatorAttestationResponse.value(); >+ >+ if (result.isAuthenticatorAttestationResponse) { >+ std::optional<uint64_t> attestationObjectLength; >+ decoder >> attestationObjectLength; >+ if (!attestationObjectLength) >+ return std::nullopt; >+ >+ result.attestationObject = ArrayBuffer::create(attestationObjectLength.value(), sizeof(uint8_t)); >+ if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(result.attestationObject->data()), attestationObjectLength.value(), 1)) >+ return std::nullopt; >+ >+ return result; >+ } >+ >+ std::optional<uint64_t> authenticatorDataLength; >+ decoder >> authenticatorDataLength; >+ if (!authenticatorDataLength) >+ return std::nullopt; >+ >+ result.authenticatorData = ArrayBuffer::create(authenticatorDataLength.value(), sizeof(uint8_t)); >+ if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(result.authenticatorData->data()), authenticatorDataLength.value(), 1)) >+ return std::nullopt; >+ >+ std::optional<uint64_t> signatureLength; >+ decoder >> signatureLength; >+ if (!signatureLength) >+ return std::nullopt; >+ >+ result.signature = ArrayBuffer::create(signatureLength.value(), sizeof(uint8_t)); >+ if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(result.signature->data()), signatureLength.value(), 1)) >+ return std::nullopt; >+ >+ std::optional<uint64_t> userHandleLength; >+ decoder >> userHandleLength; >+ if (!userHandleLength) >+ return std::nullopt; >+ >+ result.userHandle = ArrayBuffer::create(userHandleLength.value(), sizeof(uint8_t)); >+ if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(result.userHandle->data()), userHandleLength.value(), 1)) >+ return std::nullopt; >+ >+ return result; >+} >+ >+} // namespace WebCore >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.h b/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.h >index 2ae4035e982e2b6fd83058991201761ac2e1225d..25c46bcea16092509de99d311a3d8a70a5c08c80 100644 >--- a/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.h >+++ b/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.h >@@ -35,11 +35,10 @@ namespace WebCore { > > struct ExceptionData; > struct PublicKeyCredentialCreationOptions; >+struct PublicKeyCredentialData; > struct PublicKeyCredentialRequestOptions; > >-using CreationCallback = Function<void(const Vector<uint8_t>&, const Vector<uint8_t>&)>; >-using RequestCallback = Function<void(const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&)>; >-using ExceptionCallback = Function<void(const WebCore::ExceptionData&)>; >+using Callback = Function<void(Variant<PublicKeyCredentialData, ExceptionData>&&)>; > > typedef void (^CompletionBlock)(SecKeyRef _Nullable referenceKey, NSArray * _Nullable certificates, NSError * _Nullable error); > >@@ -50,8 +49,8 @@ public: > LocalAuthenticator(); > virtual ~LocalAuthenticator() = default; > >- void makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions&, CreationCallback&&, ExceptionCallback&&); >- void getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions&, RequestCallback&&, ExceptionCallback&&); >+ void makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions&, Callback&&); >+ void getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions&, Callback&&); > bool isAvailable() const; > > protected: >diff --git a/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.mm b/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.mm >index 40c8631ef002b600d7d3da79b9a93b414b53923c..965d1f28a732968fac516bf704b354a233fa35c1 100644 >--- a/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.mm >+++ b/Source/WebCore/Modules/webauthn/cocoa/LocalAuthenticator.mm >@@ -32,6 +32,7 @@ > #import "COSEConstants.h" > #import "ExceptionData.h" > #import "PublicKeyCredentialCreationOptions.h" >+#import "PublicKeyCredentialData.h" > #import "PublicKeyCredentialRequestOptions.h" > #import <Security/SecItem.h> > #import <pal/crypto/CryptoDigest.h> >@@ -115,7 +116,7 @@ LocalAuthenticator::LocalAuthenticator() > RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanAccessCredentials)); > } > >-void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions& options, CreationCallback&& callback, ExceptionCallback&& exceptionCallback) >+void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions& options, Callback&& callback) > { > using namespace LocalAuthenticatorInternal; > >@@ -124,7 +125,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > ASSERT_UNUSED(hash, hash == hash); > ASSERT_UNUSED(options, !options.rp.id.isEmpty()); > ASSERT_UNUSED(callback, callback); >- exceptionCallback({ NotAllowedError, "No avaliable authenticators."_s }); >+ callback(ExceptionData { NotAllowedError, "No avaliable authenticators."_s }); > #else > // The following implements https://www.w3.org/TR/webauthn/#op-make-cred as of 5 December 2017. > // Skip Step 4-5 as requireResidentKey and requireUserVerification are enforced. >@@ -139,7 +140,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > } > } > if (!canFullfillPubKeyCredParams) { >- exceptionCallback({ NotSupportedError, "The platform attached authenticator doesn't support any provided PublicKeyCredentialParameters."_s }); >+ callback(ExceptionData { NotSupportedError, "The platform attached authenticator doesn't support any provided PublicKeyCredentialParameters."_s }); > return; > } > >@@ -158,7 +159,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, &attributesArrayRef); > if (status && status != errSecItemNotFound) { > LOG_ERROR("Couldn't query Keychain: %d", status); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > auto retainAttributesArray = adoptCF(attributesArrayRef); >@@ -166,7 +167,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > for (NSDictionary *nsAttributes in (NSArray *)attributesArrayRef) { > NSData *nsCredentialId = nsAttributes[(id)kSecAttrApplicationLabel]; > if (excludeCredentialIds.contains(String(reinterpret_cast<const char*>(nsCredentialId.bytes), nsCredentialId.length))) { >- exceptionCallback({ NotAllowedError, "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator."_s }); >+ callback(ExceptionData { NotAllowedError, "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator."_s }); > return; > } > } >@@ -180,17 +181,17 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > if (![context canEvaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&error]) { > LOG_ERROR("Couldn't evaluate authentication with biometrics policy: %@", error); > // FIXME(182767) >- exceptionCallback({ NotAllowedError, "No avaliable authenticators."_s }); >+ callback(ExceptionData { NotAllowedError, "No avaliable authenticators."_s }); > return; > } > > NSString *reason = [NSString stringWithFormat:@"Allow %@ to create a public key credential for %@", (id)options.rp.id, (id)options.user.name]; > // FIXME(183534): Optimize the following nested callbacks and threading. >- [context evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics localizedReason:reason reply:BlockPtr<void(BOOL, NSError *)>::fromCallable([weakThis = makeWeakPtr(*this), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), options = crossThreadCopy(options), hash] (BOOL success, NSError *error) mutable { >+ [context evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics localizedReason:reason reply:BlockPtr<void(BOOL, NSError *)>::fromCallable([weakThis = makeWeakPtr(*this), callback = WTFMove(callback), options = crossThreadCopy(options), hash] (BOOL success, NSError *error) mutable { > ASSERT(!isMainThread()); > if (!success || error) { > LOG_ERROR("Couldn't authenticate with biometrics: %@", error); >- exceptionCallback({ NotAllowedError, "Couldn't get user consent."_s }); >+ callback(ExceptionData { NotAllowedError, "Couldn't get user consent."_s }); > return; > } > >@@ -205,7 +206,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > OSStatus status = SecItemDelete((__bridge CFDictionaryRef)deleteQuery); > if (status && status != errSecItemNotFound) { > LOG_ERROR("Couldn't detele older credential: %d", status); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > >@@ -213,11 +214,11 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > // FIXME(183534) > if (!weakThis) > return; >- weakThis->issueClientCertificate(options.rp.id, options.user.name, hash, BlockPtr<void(SecKeyRef, NSArray *, NSError *)>::fromCallable([callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), options = crossThreadCopy(options)] (_Nullable SecKeyRef privateKey, NSArray * _Nullable certificates, NSError * _Nullable error) { >+ weakThis->issueClientCertificate(options.rp.id, options.user.name, hash, BlockPtr<void(SecKeyRef, NSArray *, NSError *)>::fromCallable([callback = WTFMove(callback), options = crossThreadCopy(options)] (_Nullable SecKeyRef privateKey, NSArray * _Nullable certificates, NSError * _Nullable error) { > ASSERT(!isMainThread()); > if (error) { > LOG_ERROR("Couldn't attest: %@", error); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > // Attestation Certificate and Attestation Issuing CA >@@ -250,7 +251,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)credentialIdQuery, &attributesRef); > if (status) { > LOG_ERROR("Couldn't get Credential ID: %d", status); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > auto retainAttributes = adoptCF(attributesRef); >@@ -271,7 +272,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > status = SecItemUpdate((__bridge CFDictionaryRef)updateQuery, (__bridge CFDictionaryRef)updateParams); > if (status) { > LOG_ERROR("Couldn't update the Keychain item: %d", status); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > } >@@ -304,7 +305,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > auto retainError = adoptCF(errorRef); > if (errorRef) { > LOG_ERROR("Couldn't export the public key: %@", (NSError*)errorRef); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > ASSERT(((NSData *)publicKeyDataRef.get()).length == (1 + 2 * ES256KeySizeInBytes)); // 04 | X | Y >@@ -325,7 +326,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > auto cosePublicKey = cbor::CBORWriter::write(cbor::CBORValue(WTFMove(publicKeyMap))); > if (!cosePublicKey) { > LOG_ERROR("Couldn't encode the public key into COSE binaries."); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > attestedCredentialData.appendVector(cosePublicKey.value()); >@@ -347,7 +348,7 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > auto retainError = adoptCF(errorRef); > if (errorRef) { > LOG_ERROR("Couldn't generate the signature: %@", (NSError*)errorRef); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > auto nsSignature = (NSData *)signatureRef.get(); >@@ -374,17 +375,17 @@ void LocalAuthenticator::makeCredential(const Vector<uint8_t>& hash, const Publi > auto attestationObject = cbor::CBORWriter::write(cbor::CBORValue(WTFMove(attestationObjectMap))); > if (!attestationObject) { > LOG_ERROR("Couldn't encode the attestation object."); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > >- callback(credentialId, attestationObject.value()); >+ callback(PublicKeyCredentialData { ArrayBuffer::create(credentialId.data(), credentialId.size()), true, nullptr, ArrayBuffer::create(attestationObject.value().data(), attestationObject.value().size()), nullptr, nullptr, nullptr }); > }).get()); > }).get()]; > #endif // !PLATFORM(IOS) > } > >-void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions& options, RequestCallback&& callback, ExceptionCallback&& exceptionCallback) >+void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions& options, Callback&& callback) > { > using namespace LocalAuthenticatorInternal; > >@@ -393,7 +394,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > ASSERT_UNUSED(hash, hash == hash); > ASSERT_UNUSED(options, !options.rpId.isEmpty()); > ASSERT_UNUSED(callback, callback); >- exceptionCallback({ NotAllowedError, "No avaliable authenticators."_s }); >+ callback(ExceptionData { NotAllowedError, "No avaliable authenticators."_s }); > #else > // The following implements https://www.w3.org/TR/webauthn/#op-get-assertion as of 5 December 2017. > // Skip Step 2 as requireUserVerification is enforced. >@@ -402,7 +403,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > // Step 3-5. Unlike the spec, if an allow list is provided and there is no intersection between existing ones and the allow list, we always return NotAllowedError. > HashSet<String> allowCredentialIds = produceHashSet(options.allowCredentials); > if (!options.allowCredentials.isEmpty() && allowCredentialIds.isEmpty()) { >- exceptionCallback({ NotAllowedError, "No matched credentials are found in the platform attached authenticator."_s }); >+ callback(ExceptionData { NotAllowedError, "No matched credentials are found in the platform attached authenticator."_s }); > return; > } > >@@ -418,7 +419,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, &attributesArrayRef); > if (status && status != errSecItemNotFound) { > LOG_ERROR("Couldn't query Keychain: %d", status); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > auto retainAttributesArray = adoptCF(attributesArrayRef); >@@ -436,7 +437,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > intersectedCredentialsAttributes = result; > } > if (!intersectedCredentialsAttributes.count) { >- exceptionCallback({ NotAllowedError, "No matched credentials are found in the platform attached authenticator."_s }); >+ callback(ExceptionData { NotAllowedError, "No matched credentials are found in the platform attached authenticator."_s }); > return; > } > >@@ -452,7 +453,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > auto retainContext = adoptNS(context); > LOG_ERROR("Couldn't evaluate authentication with biometrics policy: %@", error); > // FIXME(182767) >- exceptionCallback({ NotAllowedError, "No avaliable authenticators."_s }); >+ callback(ExceptionData { NotAllowedError, "No avaliable authenticators."_s }); > return; > } > >@@ -462,11 +463,11 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > Vector<uint8_t> userhandle; > NSData *nsUserhandle = selectedCredentialAttributes[(id)kSecAttrApplicationTag]; > userhandle.append(reinterpret_cast<const uint8_t*>(nsUserhandle.bytes), nsUserhandle.length); >- auto reply = BlockPtr<void(BOOL, NSError *)>::fromCallable([callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), rpId = options.rpId.isolatedCopy(), hash, credentialId = WTFMove(credentialId), userhandle = WTFMove(userhandle), context = adoptNS(context)] (BOOL success, NSError *error) mutable { >+ auto reply = BlockPtr<void(BOOL, NSError *)>::fromCallable([callback = WTFMove(callback), rpId = options.rpId.isolatedCopy(), hash, credentialId = WTFMove(credentialId), userhandle = WTFMove(userhandle), context = adoptNS(context)] (BOOL success, NSError *error) mutable { > ASSERT(!isMainThread()); > if (!success || error) { > LOG_ERROR("Couldn't authenticate with biometrics: %@", error); >- exceptionCallback({ NotAllowedError, "Couldn't get user consent."_s }); >+ callback(ExceptionData { NotAllowedError, "Couldn't get user consent."_s }); > return; > } > >@@ -490,7 +491,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, &privateKeyRef); > if (status) { > LOG_ERROR("Couldn't get the private key reference: %d", status); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > auto privateKey = adoptCF(privateKeyRef); >@@ -504,7 +505,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > auto retainError = adoptCF(errorRef); > if (errorRef) { > LOG_ERROR("Couldn't generate the signature: %@", (NSError*)errorRef); >- exceptionCallback({ UnknownError, "Unknown internal error."_s }); >+ callback(ExceptionData { UnknownError, "Unknown internal error."_s }); > return; > } > auto nsSignature = (NSData *)signatureRef.get(); >@@ -512,7 +513,7 @@ void LocalAuthenticator::getAssertion(const Vector<uint8_t>& hash, const PublicK > } > > // Step 13. >- callback(credentialId, authData, signature, userhandle); >+ callback(PublicKeyCredentialData { ArrayBuffer::create(credentialId.data(), credentialId.size()), false, nullptr, nullptr, ArrayBuffer::create(authData.data(), authData.size()), ArrayBuffer::create(signature.data(), signature.size()), ArrayBuffer::create(userhandle.data(), userhandle.size()) }); > }); > > // FIXME(183533): Use userhandle instead of username due to the stated Keychain limitations. >diff --git a/Source/WebCore/Sources.txt b/Source/WebCore/Sources.txt >index b065ff85f2798d1b1fb64140fe3d371880c5c64c..6e59f0e73159ef2f966699037efacdbe3ec1134f 100644 >--- a/Source/WebCore/Sources.txt >+++ b/Source/WebCore/Sources.txt >@@ -45,7 +45,6 @@ Modules/cache/WorkerGlobalScopeCaches.cpp > > Modules/credentialmanagement/BasicCredential.cpp > Modules/credentialmanagement/CredentialsContainer.cpp >-Modules/credentialmanagement/CredentialsMessenger.cpp > Modules/credentialmanagement/NavigatorCredentials.cpp > > Modules/entriesapi/ErrorCallback.cpp >@@ -247,10 +246,8 @@ Modules/webaudio/WaveShaperDSPKernel.cpp > Modules/webaudio/WaveShaperNode.cpp > Modules/webaudio/WaveShaperProcessor.cpp > >-Modules/webauthn/AuthenticatorAssertionResponse.cpp >-Modules/webauthn/AuthenticatorAttestationResponse.cpp >-Modules/webauthn/AuthenticatorManager.cpp >-Modules/webauthn/AuthenticatorResponse.cpp >+Modules/webauthn/AuthenticatorCoordinator.cpp >+Modules/webauthn/AuthenticatorCoordinatorClient.cpp > Modules/webauthn/PublicKeyCredential.cpp > Modules/webauthn/cbor/CBORReader.cpp > Modules/webauthn/cbor/CBORValue.cpp >diff --git a/Source/WebCore/WebCore.xcodeproj/project.pbxproj b/Source/WebCore/WebCore.xcodeproj/project.pbxproj >index 99c6b6b9d05a3cc44fb979383a15cda6ac43ecd8..a58940fb8cee3e44a8a459edf20877555ef2fd64 100644 >--- a/Source/WebCore/WebCore.xcodeproj/project.pbxproj >+++ b/Source/WebCore/WebCore.xcodeproj/project.pbxproj >@@ -1754,7 +1754,7 @@ > 57303C222009AF0300355965 /* JSAuthenticatorAttestationResponse.h in Headers */ = {isa = PBXBuildFile; fileRef = 57303C212009AEF600355965 /* JSAuthenticatorAttestationResponse.h */; }; > 57303C2C2009B4A800355965 /* AuthenticatorAssertionResponse.h in Headers */ = {isa = PBXBuildFile; fileRef = 57303C272009B2FC00355965 /* AuthenticatorAssertionResponse.h */; }; > 57303C2F2009B7E100355965 /* JSAuthenticatorAssertionResponse.h in Headers */ = {isa = PBXBuildFile; fileRef = 57303C2D2009B7D900355965 /* JSAuthenticatorAssertionResponse.h */; }; >- 57303C4620105D2F00355965 /* AuthenticatorManager.h in Headers */ = {isa = PBXBuildFile; fileRef = 57303C4320105B3D00355965 /* AuthenticatorManager.h */; settings = {ATTRIBUTES = (Private, ); }; }; >+ 57303C4620105D2F00355965 /* AuthenticatorCoordinator.h in Headers */ = {isa = PBXBuildFile; fileRef = 57303C4320105B3D00355965 /* AuthenticatorCoordinator.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 573489391DAC6B6E00DC0667 /* CryptoAlgorithmParameters.h in Headers */ = {isa = PBXBuildFile; fileRef = 573489381DAC6B6D00DC0667 /* CryptoAlgorithmParameters.h */; }; > 5739E12F1DAC7F7800E14383 /* JSCryptoAlgorithmParameters.h in Headers */ = {isa = PBXBuildFile; fileRef = 5739E12E1DAC7F7800E14383 /* JSCryptoAlgorithmParameters.h */; }; > 574F55E0204F3ACE002948C6 /* LocalAuthenticator.h in Headers */ = {isa = PBXBuildFile; fileRef = 574F55DE204F3744002948C6 /* LocalAuthenticator.h */; settings = {ATTRIBUTES = (Private, ); }; }; >@@ -1764,11 +1764,9 @@ > 5750A9821E6A150800705C4A /* JSEcKeyParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 5750A9801E6A150800705C4A /* JSEcKeyParams.h */; }; > 5750A9871E6A216800705C4A /* CryptoAlgorithmECDH.h in Headers */ = {isa = PBXBuildFile; fileRef = 5750A9851E6A216800705C4A /* CryptoAlgorithmECDH.h */; }; > 5754719F1ECE628300DD63B2 /* JSRsaPssParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 575471991ECE5D2A00DD63B2 /* JSRsaPssParams.h */; }; >- 5760827220215A5500116678 /* CredentialsMessenger.h in Headers */ = {isa = PBXBuildFile; fileRef = 576082702021513F00116678 /* CredentialsMessenger.h */; settings = {ATTRIBUTES = (Private, ); }; }; >- 5760827A2024EA5C00116678 /* MockCredentialsMessenger.h in Headers */ = {isa = PBXBuildFile; fileRef = 5760827820244DAB00116678 /* MockCredentialsMessenger.h */; }; >- 5760827B2024ED2900116678 /* MockCredentialsMessenger.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5760827920244DAC00116678 /* MockCredentialsMessenger.cpp */; }; >- 5760828620256AFA00116678 /* JSMockCredentialsMessenger.h in Headers */ = {isa = PBXBuildFile; fileRef = 576082822025679700116678 /* JSMockCredentialsMessenger.h */; }; >- 5760828820256AFD00116678 /* JSMockCredentialsMessenger.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 576082812025679600116678 /* JSMockCredentialsMessenger.cpp */; }; >+ 5760827220215A5500116678 /* AuthenticatorCoordinatorClient.h in Headers */ = {isa = PBXBuildFile; fileRef = 576082702021513F00116678 /* AuthenticatorCoordinatorClient.h */; settings = {ATTRIBUTES = (Private, ); }; }; >+ 5760827A2024EA5C00116678 /* MockAuthenticatorCoordinator.h in Headers */ = {isa = PBXBuildFile; fileRef = 5760827820244DAB00116678 /* MockAuthenticatorCoordinator.h */; }; >+ 5760827B2024ED2900116678 /* MockAuthenticatorCoordinator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5760827920244DAC00116678 /* MockAuthenticatorCoordinator.cpp */; }; > 5768142A1E6F99C100E77754 /* CryptoAlgorithmEcdhKeyDeriveParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 576814291E6F99C100E77754 /* CryptoAlgorithmEcdhKeyDeriveParams.h */; }; > 576814411E709FA400E77754 /* JSEcdhKeyDeriveParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 5768143E1E709C3600E77754 /* JSEcdhKeyDeriveParams.h */; }; > 576814451E70CB1F00E77754 /* JSAesKeyParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 576814431E70CB1000E77754 /* JSAesKeyParams.h */; }; >@@ -1784,12 +1782,15 @@ > 57B5F7F91E5BE84000F34F90 /* CryptoAlgorithmAES_GCM.h in Headers */ = {isa = PBXBuildFile; fileRef = 57B5F7F71E5BE84000F34F90 /* CryptoAlgorithmAES_GCM.h */; }; > 57B5F8091E5D1A9800F34F90 /* CryptoAlgorithmAesGcmParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 57B5F8081E5D1A9800F34F90 /* CryptoAlgorithmAesGcmParams.h */; }; > 57B5F8101E5E2A4E00F34F90 /* JSAesGcmParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 57B5F80B1E5D22DA00F34F90 /* JSAesGcmParams.h */; }; >- 57C7A68C1E56967500C67D71 /* BasicCredential.h in Headers */ = {isa = PBXBuildFile; fileRef = 57C7A68B1E56967500C67D71 /* BasicCredential.h */; }; >+ 57C7A68C1E56967500C67D71 /* BasicCredential.h in Headers */ = {isa = PBXBuildFile; fileRef = 57C7A68B1E56967500C67D71 /* BasicCredential.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 57C7A69F1E57917800C67D71 /* JSBasicCredential.h in Headers */ = {isa = PBXBuildFile; fileRef = 57C7A69D1E57910D00C67D71 /* JSBasicCredential.h */; }; > 57D0018D1DD5413200ED19D9 /* JSCryptoKeyUsage.h in Headers */ = {isa = PBXBuildFile; fileRef = 57D0018C1DD5413200ED19D9 /* JSCryptoKeyUsage.h */; }; > 57D846281FE8960500CA3682 /* NavigatorCredentials.h in Headers */ = {isa = PBXBuildFile; fileRef = 57D846261FE895F800CA3682 /* NavigatorCredentials.h */; }; >- 57D8462E1FEAF69900CA3682 /* PublicKeyCredential.h in Headers */ = {isa = PBXBuildFile; fileRef = 57D8462B1FEAF68F00CA3682 /* PublicKeyCredential.h */; }; >+ 57D8462E1FEAF69900CA3682 /* PublicKeyCredential.h in Headers */ = {isa = PBXBuildFile; fileRef = 57D8462B1FEAF68F00CA3682 /* PublicKeyCredential.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 57D846351FEAFCD300CA3682 /* JSPublicKeyCredential.h in Headers */ = {isa = PBXBuildFile; fileRef = 57D846301FEAFC2F00CA3682 /* JSPublicKeyCredential.h */; }; >+ 57DCED672140775B0016B847 /* JSMockAuthenticatorCoordinator.h in Headers */ = {isa = PBXBuildFile; fileRef = 57DCED622140763C0016B847 /* JSMockAuthenticatorCoordinator.h */; }; >+ 57DCED69214077640016B847 /* JSMockAuthenticatorCoordinator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57DCED632140763C0016B847 /* JSMockAuthenticatorCoordinator.cpp */; }; >+ 57DCED74214305F00016B847 /* PublicKeyCredentialData.h in Headers */ = {isa = PBXBuildFile; fileRef = 57DCED72214305F00016B847 /* PublicKeyCredentialData.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 57E1E5A31E8C91B500EE37C9 /* CryptoAlgorithmAES_CTR.h in Headers */ = {isa = PBXBuildFile; fileRef = 57E1E5A11E8C91B500EE37C9 /* CryptoAlgorithmAES_CTR.h */; }; > 57E1E5A71E8DBD3E00EE37C9 /* CryptoAlgorithmAesCtrParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 57E1E5A61E8DBD3E00EE37C9 /* CryptoAlgorithmAesCtrParams.h */; }; > 57E1E5AD1E8DD09B00EE37C9 /* JSAesCtrParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 57E1E5AB1E8DD09B00EE37C9 /* JSAesCtrParams.h */; }; >@@ -8458,7 +8459,6 @@ > 57303BBE2006E00400355965 /* CBORReader.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CBORReader.cpp; sourceTree = "<group>"; }; > 57303BBF2006E00C00355965 /* CBORReader.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CBORReader.h; sourceTree = "<group>"; }; > 57303BCF20087A8300355965 /* AuthenticatorResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AuthenticatorResponse.h; sourceTree = "<group>"; }; >- 57303BD020087A8300355965 /* AuthenticatorResponse.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = AuthenticatorResponse.cpp; sourceTree = "<group>"; }; > 57303BD120087A8300355965 /* AuthenticatorResponse.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = AuthenticatorResponse.idl; sourceTree = "<group>"; }; > 57303BDD20095B2600355965 /* JSAuthenticatorResponse.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSAuthenticatorResponse.h; sourceTree = "<group>"; }; > 57303BDE20095B2700355965 /* JSAuthenticatorResponse.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSAuthenticatorResponse.cpp; sourceTree = "<group>"; }; >@@ -8479,17 +8479,15 @@ > 57303C132009A25700355965 /* JSPublicKeyCredentialCreationOptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSPublicKeyCredentialCreationOptions.h; sourceTree = "<group>"; }; > 57303C142009A25700355965 /* JSPublicKeyCredentialCreationOptions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSPublicKeyCredentialCreationOptions.cpp; sourceTree = "<group>"; }; > 57303C1B2009A98600355965 /* AuthenticatorAttestationResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AuthenticatorAttestationResponse.h; sourceTree = "<group>"; }; >- 57303C1C2009A98600355965 /* AuthenticatorAttestationResponse.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = AuthenticatorAttestationResponse.cpp; sourceTree = "<group>"; }; > 57303C1D2009A98600355965 /* AuthenticatorAttestationResponse.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = AuthenticatorAttestationResponse.idl; sourceTree = "<group>"; }; > 57303C202009AEF500355965 /* JSAuthenticatorAttestationResponse.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSAuthenticatorAttestationResponse.cpp; sourceTree = "<group>"; }; > 57303C212009AEF600355965 /* JSAuthenticatorAttestationResponse.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSAuthenticatorAttestationResponse.h; sourceTree = "<group>"; }; > 57303C272009B2FC00355965 /* AuthenticatorAssertionResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AuthenticatorAssertionResponse.h; sourceTree = "<group>"; }; >- 57303C282009B2FC00355965 /* AuthenticatorAssertionResponse.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = AuthenticatorAssertionResponse.cpp; sourceTree = "<group>"; }; > 57303C292009B2FC00355965 /* AuthenticatorAssertionResponse.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = AuthenticatorAssertionResponse.idl; sourceTree = "<group>"; }; > 57303C2D2009B7D900355965 /* JSAuthenticatorAssertionResponse.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSAuthenticatorAssertionResponse.h; sourceTree = "<group>"; }; > 57303C2E2009B7DA00355965 /* JSAuthenticatorAssertionResponse.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSAuthenticatorAssertionResponse.cpp; sourceTree = "<group>"; }; >- 57303C4320105B3D00355965 /* AuthenticatorManager.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AuthenticatorManager.h; sourceTree = "<group>"; }; >- 57303C4420105B3D00355965 /* AuthenticatorManager.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = AuthenticatorManager.cpp; sourceTree = "<group>"; }; >+ 57303C4320105B3D00355965 /* AuthenticatorCoordinator.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AuthenticatorCoordinator.h; sourceTree = "<group>"; }; >+ 57303C4420105B3D00355965 /* AuthenticatorCoordinator.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = AuthenticatorCoordinator.cpp; sourceTree = "<group>"; }; > 573489381DAC6B6D00DC0667 /* CryptoAlgorithmParameters.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoAlgorithmParameters.h; sourceTree = "<group>"; }; > 5739E12E1DAC7F7800E14383 /* JSCryptoAlgorithmParameters.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSCryptoAlgorithmParameters.h; sourceTree = "<group>"; }; > 5739E1301DAC7FD100E14383 /* JSCryptoAlgorithmParameters.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSCryptoAlgorithmParameters.cpp; sourceTree = "<group>"; }; >@@ -8512,13 +8510,11 @@ > 5754719A1ECE5D2A00DD63B2 /* JSRsaPssParams.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSRsaPssParams.cpp; sourceTree = "<group>"; }; > 5760824F20118D8D00116678 /* JSBasicCredentialCustom.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = JSBasicCredentialCustom.cpp; sourceTree = "<group>"; }; > 576082562011BE0200116678 /* JSAuthenticatorResponseCustom.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = JSAuthenticatorResponseCustom.cpp; sourceTree = "<group>"; }; >- 576082702021513F00116678 /* CredentialsMessenger.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CredentialsMessenger.h; sourceTree = "<group>"; }; >- 5760827820244DAB00116678 /* MockCredentialsMessenger.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MockCredentialsMessenger.h; sourceTree = "<group>"; }; >- 5760827920244DAC00116678 /* MockCredentialsMessenger.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = MockCredentialsMessenger.cpp; sourceTree = "<group>"; }; >- 57608280202556F400116678 /* MockCredentialsMessenger.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = MockCredentialsMessenger.idl; sourceTree = "<group>"; }; >- 576082812025679600116678 /* JSMockCredentialsMessenger.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSMockCredentialsMessenger.cpp; sourceTree = "<group>"; }; >- 576082822025679700116678 /* JSMockCredentialsMessenger.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSMockCredentialsMessenger.h; sourceTree = "<group>"; }; >- 57608293202BA95300116678 /* CredentialsMessenger.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CredentialsMessenger.cpp; sourceTree = "<group>"; }; >+ 576082702021513F00116678 /* AuthenticatorCoordinatorClient.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AuthenticatorCoordinatorClient.h; sourceTree = "<group>"; }; >+ 5760827820244DAB00116678 /* MockAuthenticatorCoordinator.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MockAuthenticatorCoordinator.h; sourceTree = "<group>"; }; >+ 5760827920244DAC00116678 /* MockAuthenticatorCoordinator.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = MockAuthenticatorCoordinator.cpp; sourceTree = "<group>"; }; >+ 57608280202556F400116678 /* MockAuthenticatorCoordinator.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = MockAuthenticatorCoordinator.idl; sourceTree = "<group>"; }; >+ 57608293202BA95300116678 /* AuthenticatorCoordinatorClient.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = AuthenticatorCoordinatorClient.cpp; sourceTree = "<group>"; }; > 576814281E6F98AD00E77754 /* EcdhKeyDeriveParams.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = EcdhKeyDeriveParams.idl; sourceTree = "<group>"; }; > 576814291E6F99C100E77754 /* CryptoAlgorithmEcdhKeyDeriveParams.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoAlgorithmEcdhKeyDeriveParams.h; sourceTree = "<group>"; }; > 576814341E6FE3E800E77754 /* CryptoAlgorithmECDHMac.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CryptoAlgorithmECDHMac.cpp; sourceTree = "<group>"; }; >@@ -8572,6 +8568,9 @@ > 57D8462D1FEAF68F00CA3682 /* PublicKeyCredential.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = PublicKeyCredential.idl; sourceTree = "<group>"; }; > 57D846301FEAFC2F00CA3682 /* JSPublicKeyCredential.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSPublicKeyCredential.h; sourceTree = "<group>"; }; > 57D846311FEAFC2F00CA3682 /* JSPublicKeyCredential.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSPublicKeyCredential.cpp; sourceTree = "<group>"; }; >+ 57DCED622140763C0016B847 /* JSMockAuthenticatorCoordinator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSMockAuthenticatorCoordinator.h; sourceTree = "<group>"; }; >+ 57DCED632140763C0016B847 /* JSMockAuthenticatorCoordinator.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSMockAuthenticatorCoordinator.cpp; sourceTree = "<group>"; }; >+ 57DCED72214305F00016B847 /* PublicKeyCredentialData.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = PublicKeyCredentialData.h; sourceTree = "<group>"; }; > 57E1E5A01E8C91B500EE37C9 /* CryptoAlgorithmAES_CTR.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CryptoAlgorithmAES_CTR.cpp; sourceTree = "<group>"; }; > 57E1E5A11E8C91B500EE37C9 /* CryptoAlgorithmAES_CTR.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoAlgorithmAES_CTR.h; sourceTree = "<group>"; }; > 57E1E5A61E8DBD3E00EE37C9 /* CryptoAlgorithmAesCtrParams.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoAlgorithmAesCtrParams.h; sourceTree = "<group>"; }; >@@ -16919,6 +16918,9 @@ > A7BE7EDE14C9175A0014489D /* MallocStatistics.idl */, > CD5393CB175DCCE600C07123 /* MemoryInfo.h */, > CD5393CC175DCCE600C07123 /* MemoryInfo.idl */, >+ 5760827920244DAC00116678 /* MockAuthenticatorCoordinator.cpp */, >+ 5760827820244DAB00116678 /* MockAuthenticatorCoordinator.h */, >+ 57608280202556F400116678 /* MockAuthenticatorCoordinator.idl */, > CDF4B7211E03BF8100E235A2 /* MockCDMFactory.cpp */, > CDF4B7221E03BF8100E235A2 /* MockCDMFactory.h */, > CDF4B71F1E03BF6F00E235A2 /* MockCDMFactory.idl */, >@@ -16927,9 +16929,6 @@ > A1B5B29C1AAA846E008B6042 /* MockContentFilterSettings.cpp */, > A1B5B29D1AAA846E008B6042 /* MockContentFilterSettings.h */, > A19AEA1C1AAA7C4900B52B25 /* MockContentFilterSettings.idl */, >- 5760827920244DAC00116678 /* MockCredentialsMessenger.cpp */, >- 5760827820244DAB00116678 /* MockCredentialsMessenger.h */, >- 57608280202556F400116678 /* MockCredentialsMessenger.idl */, > 51058AD71D679257009A538C /* MockGamepad.cpp */, > 51058AD81D679257009A538C /* MockGamepad.h */, > 51058AD91D679257009A538C /* MockGamepadProvider.cpp */, >@@ -16976,12 +16975,12 @@ > A7B4EA6914C9348400C8F5BF /* JSMallocStatistics.h */, > CD5393D1175E018600C07123 /* JSMemoryInfo.cpp */, > CD5393D2175E018600C07123 /* JSMemoryInfo.h */, >+ 57DCED632140763C0016B847 /* JSMockAuthenticatorCoordinator.cpp */, >+ 57DCED622140763C0016B847 /* JSMockAuthenticatorCoordinator.h */, > CDF4B72D1E03CA4A00E235A2 /* JSMockCDMFactory.cpp */, > CDF4B72E1E03CA4A00E235A2 /* JSMockCDMFactory.h */, > A19AEA1D1AAA806E00B52B25 /* JSMockContentFilterSettings.cpp */, > A19AEA1E1AAA806E00B52B25 /* JSMockContentFilterSettings.h */, >- 576082812025679600116678 /* JSMockCredentialsMessenger.cpp */, >- 576082822025679700116678 /* JSMockCredentialsMessenger.h */, > 2D6F3E921C1F85550061DBD4 /* JSMockPageOverlay.cpp */, > 2D6F3E931C1F85550061DBD4 /* JSMockPageOverlay.h */, > A146D3201F99CA3E00D29196 /* JSMockPaymentAddress.cpp */, >@@ -18710,8 +18709,6 @@ > 77D510181ED7159900DA4C87 /* CredentialsContainer.cpp */, > 77D510161ED6021B00DA4C87 /* CredentialsContainer.h */, > 57D846291FE99F6300CA3682 /* CredentialsContainer.idl */, >- 57608293202BA95300116678 /* CredentialsMessenger.cpp */, >- 576082702021513F00116678 /* CredentialsMessenger.h */, > 57D846241FE895F500CA3682 /* NavigatorCredentials.cpp */, > 57D846261FE895F800CA3682 /* NavigatorCredentials.h */, > 57D846251FE895F600CA3682 /* NavigatorCredentials.idl */, >@@ -18741,15 +18738,14 @@ > children = ( > 57303BB32006C6ED00355965 /* cbor */, > 574F55DD204F3744002948C6 /* cocoa */, >- 57303C282009B2FC00355965 /* AuthenticatorAssertionResponse.cpp */, > 57303C272009B2FC00355965 /* AuthenticatorAssertionResponse.h */, > 57303C292009B2FC00355965 /* AuthenticatorAssertionResponse.idl */, >- 57303C1C2009A98600355965 /* AuthenticatorAttestationResponse.cpp */, > 57303C1B2009A98600355965 /* AuthenticatorAttestationResponse.h */, > 57303C1D2009A98600355965 /* AuthenticatorAttestationResponse.idl */, >- 57303C4420105B3D00355965 /* AuthenticatorManager.cpp */, >- 57303C4320105B3D00355965 /* AuthenticatorManager.h */, >- 57303BD020087A8300355965 /* AuthenticatorResponse.cpp */, >+ 57303C4420105B3D00355965 /* AuthenticatorCoordinator.cpp */, >+ 57303C4320105B3D00355965 /* AuthenticatorCoordinator.h */, >+ 57608293202BA95300116678 /* AuthenticatorCoordinatorClient.cpp */, >+ 576082702021513F00116678 /* AuthenticatorCoordinatorClient.h */, > 57303BCF20087A8300355965 /* AuthenticatorResponse.h */, > 57303BD120087A8300355965 /* AuthenticatorResponse.idl */, > 574F55DC204F3732002948C6 /* COSEConstants.h */, >@@ -18758,6 +18754,7 @@ > 57D8462D1FEAF68F00CA3682 /* PublicKeyCredential.idl */, > 57303BE62009747A00355965 /* PublicKeyCredentialCreationOptions.h */, > 57303BE82009747A00355965 /* PublicKeyCredentialCreationOptions.idl */, >+ 57DCED72214305F00016B847 /* PublicKeyCredentialData.h */, > 57303BEC200980BF00355965 /* PublicKeyCredentialDescriptor.h */, > 57303BEE200980BF00355965 /* PublicKeyCredentialDescriptor.idl */, > 57303C06200998F800355965 /* PublicKeyCredentialRequestOptions.h */, >@@ -26998,18 +26995,18 @@ > 53ED3FDF167A88E7006762E6 /* JSInternalSettingsGenerated.h in Headers */, > A740B59514C935AB00A77FA4 /* JSMallocStatistics.h in Headers */, > CD5393D4175E018600C07123 /* JSMemoryInfo.h in Headers */, >+ 57DCED672140775B0016B847 /* JSMockAuthenticatorCoordinator.h in Headers */, > 538EC9331F99B9F7004D22A8 /* JSMockCDMFactory.h in Headers */, > A19AEA211AAA808600B52B25 /* JSMockContentFilterSettings.h in Headers */, >- 5760828620256AFA00116678 /* JSMockCredentialsMessenger.h in Headers */, > 538EC9341F99B9F7004D22A8 /* JSMockPageOverlay.h in Headers */, > A146D3231F99D0EF00D29196 /* JSMockPaymentAddress.h in Headers */, > A146D31B1F99BCFB00D29196 /* JSMockPaymentCoordinator.h in Headers */, > 427DA71E13735DFA007C57FB /* JSServiceWorkerInternals.h in Headers */, > EBF5121D1696496C0056BD25 /* JSTypeConversions.h in Headers */, > CDC26B41160A8CCE0026757B /* LegacyMockCDM.h in Headers */, >+ 5760827A2024EA5C00116678 /* MockAuthenticatorCoordinator.h in Headers */, > A1BF6B831AA96C7D00AF4A8A /* MockContentFilter.h in Headers */, > A1B5B29F1AAA846F008B6042 /* MockContentFilterSettings.h in Headers */, >- 5760827A2024EA5C00116678 /* MockCredentialsMessenger.h in Headers */, > 51058ADC1D6792C1009A538C /* MockGamepad.h in Headers */, > 51058ADE1D6792C1009A538C /* MockGamepadProvider.h in Headers */, > 4157EBFB1E3AB67F00AC9FE9 /* MockLibWebRTCPeerConnection.h in Headers */, >@@ -27199,7 +27196,8 @@ > 514C764C0CE9234E007EF3CD /* AuthenticationMac.h in Headers */, > 57303C2C2009B4A800355965 /* AuthenticatorAssertionResponse.h in Headers */, > 57303C1F2009AB4200355965 /* AuthenticatorAttestationResponse.h in Headers */, >- 57303C4620105D2F00355965 /* AuthenticatorManager.h in Headers */, >+ 57303C4620105D2F00355965 /* AuthenticatorCoordinator.h in Headers */, >+ 5760827220215A5500116678 /* AuthenticatorCoordinatorClient.h in Headers */, > 57303BD220087A8300355965 /* AuthenticatorResponse.h in Headers */, > A501920E132EBF2E008BFE55 /* Autocapitalize.h in Headers */, > A5A7AA43132F0ECC00D3A3C2 /* AutocapitalizeTypes.h in Headers */, >@@ -27464,7 +27462,6 @@ > 77D5100D1ED5E29500DA4C87 /* CredentialCreationOptions.h in Headers */, > 77D5100B1ED5E28800DA4C87 /* CredentialRequestOptions.h in Headers */, > 77D510171ED6022200DA4C87 /* CredentialsContainer.h in Headers */, >- 5760827220215A5500116678 /* CredentialsMessenger.h in Headers */, > 51A052331058774F00CC9E95 /* CredentialStorage.h in Headers */, > 2D481F02146B5C5500AA7834 /* CrossfadeGeneratedImage.h in Headers */, > E1C416120F6562FD0092D2FB /* CrossOriginAccessControl.h in Headers */, >@@ -29795,6 +29792,7 @@ > FF945ECC161F7F3600971BC8 /* PseudoElement.h in Headers */, > 57D8462E1FEAF69900CA3682 /* PublicKeyCredential.h in Headers */, > 57303BE92009748D00355965 /* PublicKeyCredentialCreationOptions.h in Headers */, >+ 57DCED74214305F00016B847 /* PublicKeyCredentialData.h in Headers */, > 57303BEF200980C600355965 /* PublicKeyCredentialDescriptor.h in Headers */, > 57303C0A20099BAD00355965 /* PublicKeyCredentialRequestOptions.h in Headers */, > 57303BEB20097F4000355965 /* PublicKeyCredentialType.h in Headers */, >@@ -31408,19 +31406,19 @@ > 53ED3FDE167A88E7006762E6 /* JSInternalSettingsGenerated.cpp in Sources */, > 538EC9321F99B9F7004D22A8 /* JSMallocStatistics.cpp in Sources */, > CD5393D3175E018600C07123 /* JSMemoryInfo.cpp in Sources */, >+ 57DCED69214077640016B847 /* JSMockAuthenticatorCoordinator.cpp in Sources */, > CDF4B7321E03D06000E235A2 /* JSMockCDMFactory.cpp in Sources */, > A19AEA221AAA808A00B52B25 /* JSMockContentFilterSettings.cpp in Sources */, >- 5760828820256AFD00116678 /* JSMockCredentialsMessenger.cpp in Sources */, > 2D4150DE1C1F868C000A3BA2 /* JSMockPageOverlay.cpp in Sources */, > A146D3221F99D0EC00D29196 /* JSMockPaymentAddress.cpp in Sources */, > A146D31A1F99BCF800D29196 /* JSMockPaymentCoordinator.cpp in Sources */, > 427DA71D13735DFA007C57FB /* JSServiceWorkerInternals.cpp in Sources */, > EBF5121C1696496C0056BD25 /* JSTypeConversions.cpp in Sources */, > CDC26B40160A8CC60026757B /* LegacyMockCDM.cpp in Sources */, >+ 5760827B2024ED2900116678 /* MockAuthenticatorCoordinator.cpp in Sources */, > CDF4B7311E03D00700E235A2 /* MockCDMFactory.cpp in Sources */, > A1BF6B821AA96C7D00AF4A8A /* MockContentFilter.cpp in Sources */, > A1B5B29E1AAA846E008B6042 /* MockContentFilterSettings.cpp in Sources */, >- 5760827B2024ED2900116678 /* MockCredentialsMessenger.cpp in Sources */, > 51058ADB1D6792C1009A538C /* MockGamepad.cpp in Sources */, > 51058ADD1D6792C1009A538C /* MockGamepadProvider.cpp in Sources */, > 4157EBFA1E3AB67900AC9FE9 /* MockLibWebRTCPeerConnection.cpp in Sources */, >diff --git a/Source/WebCore/page/Page.cpp b/Source/WebCore/page/Page.cpp >index 344607b726ac3a0fb13ad2ed6f8d56ad2ca3228f..f3ac3458efc505ec02ff174927e2c975b835f9fb 100644 >--- a/Source/WebCore/page/Page.cpp >+++ b/Source/WebCore/page/Page.cpp >@@ -24,6 +24,7 @@ > #include "AlternativeTextClient.h" > #include "ApplicationCacheStorage.h" > #include "ApplicationStateChangeListener.h" >+#include "AuthenticatorCoordinator.h" > #include "BackForwardClient.h" > #include "BackForwardController.h" > #include "CSSAnimationController.h" >@@ -255,6 +256,9 @@ Page::Page(PageConfiguration&& pageConfiguration) > #if ENABLE(APPLE_PAY) > , m_paymentCoordinator(std::make_unique<PaymentCoordinator>(*pageConfiguration.paymentCoordinatorClient)) > #endif >+#if ENABLE(WEB_AUTHN) >+ , m_authenticatorCoordinator(makeUniqueRef<AuthenticatorCoordinator>(WTFMove(pageConfiguration.authenticatorCoordinatorClient))) >+#endif > #if ENABLE(APPLICATION_MANIFEST) > , m_applicationManifest(pageConfiguration.applicationManifest) > #endif >diff --git a/Source/WebCore/page/Page.h b/Source/WebCore/page/Page.h >index dba4f0f08271eb75b9f36b5c4d031f8e8d6f3946..a78cca499bbcbd30b60e527794821f380a605c1c 100644 >--- a/Source/WebCore/page/Page.h >+++ b/Source/WebCore/page/Page.h >@@ -76,6 +76,7 @@ class IDBConnectionToServer; > > class AlternativeTextClient; > class ApplicationCacheStorage; >+class AuthenticatorCoordinator; > class BackForwardController; > class BackForwardClient; > class CacheStorageProvider; >@@ -410,6 +411,10 @@ public: > WEBCORE_EXPORT void setPaymentCoordinator(std::unique_ptr<PaymentCoordinator>&&); > #endif > >+#if ENABLE(WEB_AUTHN) >+ AuthenticatorCoordinator& authenticatorCoordinator() { return m_authenticatorCoordinator.get(); } >+#endif >+ > #if ENABLE(APPLICATION_MANIFEST) > const std::optional<ApplicationManifest>& applicationManifest() const { return m_applicationManifest; } > #endif >@@ -901,6 +906,10 @@ private: > std::unique_ptr<PaymentCoordinator> m_paymentCoordinator; > #endif > >+#if ENABLE(WEB_AUTHN) >+ UniqueRef<AuthenticatorCoordinator> m_authenticatorCoordinator; >+#endif >+ > #if ENABLE(APPLICATION_MANIFEST) > std::optional<ApplicationManifest> m_applicationManifest; > #endif >diff --git a/Source/WebCore/page/PageConfiguration.cpp b/Source/WebCore/page/PageConfiguration.cpp >index cd4005b56373c8843ce97126bb3fe301271894ff..14c99159ddd730977977e16ac41d4b616b33c0b0 100644 >--- a/Source/WebCore/page/PageConfiguration.cpp >+++ b/Source/WebCore/page/PageConfiguration.cpp >@@ -42,6 +42,10 @@ > #include "VisitedLinkStore.h" > #include "WebGLStateTracker.h" > >+#if ENABLE(WEB_AUTHN) >+#include "AuthenticatorCoordinatorClient.h" >+#endif >+ > namespace WebCore { > > PageConfiguration::PageConfiguration(UniqueRef<EditorClient>&& editorClient, Ref<SocketProvider>&& socketProvider, UniqueRef<LibWebRTCProvider>&& libWebRTCProvider, Ref<CacheStorageProvider>&& cacheStorageProvider) >diff --git a/Source/WebCore/page/PageConfiguration.h b/Source/WebCore/page/PageConfiguration.h >index 3a734576d40a2cd4bda14c4ebe0332aa356e21e4..60bdec7d3fc181765bea21ba14656e5df090f437 100644 >--- a/Source/WebCore/page/PageConfiguration.h >+++ b/Source/WebCore/page/PageConfiguration.h >@@ -38,6 +38,7 @@ namespace WebCore { > > class AlternativeTextClient; > class ApplicationCacheStorage; >+class AuthenticatorCoordinatorClient; > class BackForwardClient; > class CacheStorageProvider; > class ChromeClient; >@@ -80,6 +81,10 @@ public: > PaymentCoordinatorClient* paymentCoordinatorClient { nullptr }; > #endif > >+#if ENABLE(WEB_AUTHN) >+ std::unique_ptr<AuthenticatorCoordinatorClient> authenticatorCoordinatorClient; >+#endif >+ > #if ENABLE(APPLICATION_MANIFEST) > std::optional<ApplicationManifest> applicationManifest; > #endif >diff --git a/Source/WebCore/testing/Internals.cpp b/Source/WebCore/testing/Internals.cpp >index f75ab245ae7009a43813884dc4fc25741639bc0b..80d5bd87abfffd4418c6215500238fd4346b3c87 100644 >--- a/Source/WebCore/testing/Internals.cpp >+++ b/Source/WebCore/testing/Internals.cpp >@@ -267,8 +267,8 @@ > #endif > > #if ENABLE(WEB_AUTHN) >-#include "AuthenticatorManager.h" >-#include "MockCredentialsMessenger.h" >+#include "AuthenticatorCoordinator.h" >+#include "MockAuthenticatorCoordinator.h" > #endif > > using JSC::CallData; >@@ -549,8 +549,11 @@ Internals::Internals(Document& document) > #endif > > #if ENABLE(WEB_AUTHN) >- m_mockCredentialsMessenger = std::make_unique<MockCredentialsMessenger>(*this); >- AuthenticatorManager::singleton().setMessenger(*m_mockCredentialsMessenger); >+ if (document.page()) { >+ auto mockAuthenticatorCoordinator = std::make_unique<MockAuthenticatorCoordinator>(); >+ m_mockAuthenticatorCoordinator = makeWeakPtr(mockAuthenticatorCoordinator.get()); >+ document.page()->authenticatorCoordinator().setClient(WTFMove(mockAuthenticatorCoordinator)); >+ } > #endif > } > >@@ -4620,9 +4623,9 @@ MockPaymentCoordinator& Internals::mockPaymentCoordinator() const > #endif > > #if ENABLE(WEB_AUTHN) >-MockCredentialsMessenger& Internals::mockCredentialsMessenger() const >+MockAuthenticatorCoordinator& Internals::mockAuthenticatorCoordinator() const > { >- return *m_mockCredentialsMessenger; >+ return *m_mockAuthenticatorCoordinator; > } > #endif > >diff --git a/Source/WebCore/testing/Internals.h b/Source/WebCore/testing/Internals.h >index b4a50ba7d110b7a257b09a1b1224222dd00b3270..2417ee8521975268efec2a8f8925338b0c611546 100644 >--- a/Source/WebCore/testing/Internals.h >+++ b/Source/WebCore/testing/Internals.h >@@ -77,7 +77,7 @@ class MediaStreamTrack; > class MemoryInfo; > class MockCDMFactory; > class MockContentFilterSettings; >-class MockCredentialsMessenger; >+class MockAuthenticatorCoordinator; > class MockPageOverlay; > class MockPaymentCoordinator; > class NodeList; >@@ -697,7 +697,7 @@ public: > void testIncomingSyncIPCMessageWhileWaitingForSyncReply(); > > #if ENABLE(WEB_AUTHN) >- MockCredentialsMessenger& mockCredentialsMessenger() const; >+ MockAuthenticatorCoordinator& mockAuthenticatorCoordinator() const; > #endif > > bool isSystemPreviewLink(Element&) const; >@@ -763,7 +763,7 @@ private: > #endif > > #if ENABLE(WEB_AUTHN) >- std::unique_ptr<MockCredentialsMessenger> m_mockCredentialsMessenger; >+ WeakPtr<MockAuthenticatorCoordinator> m_mockAuthenticatorCoordinator; > #endif > }; > >diff --git a/Source/WebCore/testing/Internals.idl b/Source/WebCore/testing/Internals.idl >index 078846ee8b2ea7fdb5072b244c6a676acfd5cf54..2184fd21dd1ac188dbf041885805c873e1b61f8f 100644 >--- a/Source/WebCore/testing/Internals.idl >+++ b/Source/WebCore/testing/Internals.idl >@@ -646,7 +646,7 @@ enum CompositingPolicy { > [EnabledAtRuntime=WebAnimations] void pauseTimeline(AnimationTimeline timeline); > [EnabledAtRuntime=WebAnimations] void setTimelineCurrentTime(AnimationTimeline timeline, double currentTime); > [Conditional=APPLE_PAY] readonly attribute MockPaymentCoordinator mockPaymentCoordinator; >- [Conditional=WEB_AUTHN] readonly attribute MockCredentialsMessenger mockCredentialsMessenger; >+ [Conditional=WEB_AUTHN] readonly attribute MockAuthenticatorCoordinator mockAuthenticatorCoordinator; > > boolean isSystemPreviewLink(Element element); > boolean isSystemPreviewImage(Element element); >diff --git a/Source/WebCore/testing/MockAuthenticatorCoordinator.cpp b/Source/WebCore/testing/MockAuthenticatorCoordinator.cpp >new file mode 100644 >index 0000000000000000000000000000000000000000..cd7d69a62d60ad986477ad6a32d486b04b54cf91 >--- /dev/null >+++ b/Source/WebCore/testing/MockAuthenticatorCoordinator.cpp >@@ -0,0 +1,115 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include "config.h" >+#include "MockAuthenticatorCoordinator.h" >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "Internals.h" >+#include <WebCore/PublicKeyCredentialData.h> >+#include <wtf/Vector.h> >+ >+namespace WebCore { >+ >+void MockAuthenticatorCoordinator::setCreationReturnBundle(const BufferSource& credentialId, const BufferSource& attestationObject) >+{ >+ ASSERT(!m_credentialId && !m_attestationObject); >+ m_credentialId = ArrayBuffer::create(credentialId.data(), credentialId.length()); >+ m_attestationObject = ArrayBuffer::create(attestationObject.data(), attestationObject.length()); >+} >+ >+void MockAuthenticatorCoordinator::setAssertionReturnBundle(const BufferSource& credentialId, const BufferSource& authenticatorData, const BufferSource& signature, const BufferSource& userHandle) >+{ >+ ASSERT(!m_credentialId && !m_authenticatorData && !m_signature && !m_userHandle); >+ m_credentialId = ArrayBuffer::create(credentialId.data(), credentialId.length()); >+ m_authenticatorData = ArrayBuffer::create(authenticatorData.data(), authenticatorData.length()); >+ m_signature = ArrayBuffer::create(signature.data(), signature.length()); >+ m_userHandle = ArrayBuffer::create(userHandle.data(), userHandle.length()); >+} >+ >+void MockAuthenticatorCoordinator::makeCredential(const Vector<uint8_t>&, const PublicKeyCredentialCreationOptions&, RequestCompletionHandler&& handler) >+{ >+ if (!setRequestCompletionHandler(WTFMove(handler))) >+ return; >+ >+ if (m_didTimeOut) { >+ m_didTimeOut = false; >+ return; >+ } >+ if (m_didUserCancel) { >+ m_didUserCancel = false; >+ requestReply({ }, { NotAllowedError, "User cancelled."_s }); >+ return; >+ } >+ if (m_credentialId) { >+ ASSERT(m_attestationObject); >+ requestReply(PublicKeyCredentialData { WTFMove(m_credentialId), true, nullptr, WTFMove(m_attestationObject), nullptr, nullptr, nullptr }, { }); >+ m_credentialId = nullptr; >+ m_attestationObject = nullptr; >+ return; >+ } >+ ASSERT_NOT_REACHED(); >+} >+ >+void MockAuthenticatorCoordinator::getAssertion(const Vector<uint8_t>&, const PublicKeyCredentialRequestOptions&, RequestCompletionHandler&& handler) >+{ >+ if (!setRequestCompletionHandler(WTFMove(handler))) >+ return; >+ >+ if (m_didTimeOut) { >+ m_didTimeOut = false; >+ return; >+ } >+ if (m_didUserCancel) { >+ m_didUserCancel = false; >+ requestReply({ }, { NotAllowedError, "User cancelled."_s }); >+ return; >+ } >+ if (m_credentialId) { >+ ASSERT(m_authenticatorData && m_signature && m_userHandle); >+ requestReply(PublicKeyCredentialData { WTFMove(m_credentialId), false, nullptr, nullptr, WTFMove(m_authenticatorData), WTFMove(m_signature), WTFMove(m_userHandle) }, { }); >+ m_credentialId = nullptr; >+ m_authenticatorData = nullptr; >+ m_signature = nullptr; >+ m_userHandle = nullptr; >+ return; >+ } >+ ASSERT_NOT_REACHED(); >+} >+ >+void MockAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler) >+{ >+ auto messageId = addQueryCompletionHandler(WTFMove(handler)); >+ if (m_didUserVerifyingPlatformAuthenticatorPresent) { >+ isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, true); >+ m_didUserVerifyingPlatformAuthenticatorPresent = false; >+ } else >+ isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, false); >+} >+ >+} // namespace WebCore >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/testing/MockAuthenticatorCoordinator.h b/Source/WebCore/testing/MockAuthenticatorCoordinator.h >new file mode 100644 >index 0000000000000000000000000000000000000000..94ac45ea2ff34575ea464b951bcd136a4512babe >--- /dev/null >+++ b/Source/WebCore/testing/MockAuthenticatorCoordinator.h >@@ -0,0 +1,68 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "AuthenticatorCoordinatorClient.h" >+#include "BufferSource.h" >+#include <wtf/Forward.h> >+ >+namespace WebCore { >+ >+class Internals; >+ >+class MockAuthenticatorCoordinator final : public AuthenticatorCoordinatorClient { >+public: >+ void setDidTimeOut() { m_didTimeOut = true; } >+ void setDidUserCancel() { m_didUserCancel = true; } >+ void setDidUserVerifyingPlatformAuthenticatorPresent() { m_didUserVerifyingPlatformAuthenticatorPresent = true; } >+ void setCreationReturnBundle(const BufferSource& credentialId, const BufferSource& attestationObject); >+ void setAssertionReturnBundle(const BufferSource& credentialId, const BufferSource& authenticatorData, const BufferSource& signature, const BufferSource& userHandle); >+ >+ // RefCounted is required for JS wrapper. Therefore, fake them to compile. >+ void ref() const { } >+ void deref() const { } >+ >+private: >+ void makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions&, RequestCompletionHandler&&) final; >+ void getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions&, RequestCompletionHandler&&) final; >+ void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&) final; >+ >+ // All following fields are disposable. >+ bool m_didTimeOut { false }; >+ bool m_didUserCancel { false }; >+ bool m_didUserVerifyingPlatformAuthenticatorPresent { false }; >+ RefPtr<ArrayBuffer> m_credentialId; >+ RefPtr<ArrayBuffer> m_attestationObject; >+ RefPtr<ArrayBuffer> m_authenticatorData; >+ RefPtr<ArrayBuffer> m_signature; >+ RefPtr<ArrayBuffer> m_userHandle; >+}; >+ >+} // namespace WebCore >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/testing/MockAuthenticatorCoordinator.idl b/Source/WebCore/testing/MockAuthenticatorCoordinator.idl >new file mode 100644 >index 0000000000000000000000000000000000000000..eac5cb2ef820b5026a2598cfd2fccb657533ed92 >--- /dev/null >+++ b/Source/WebCore/testing/MockAuthenticatorCoordinator.idl >@@ -0,0 +1,35 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+[ >+ Conditional=WEB_AUTHN, >+ NoInterfaceObject, >+] interface MockAuthenticatorCoordinator { >+ void setDidTimeOut(); >+ void setDidUserCancel(); >+ void setDidUserVerifyingPlatformAuthenticatorPresent(); >+ void setCreationReturnBundle(BufferSource credentialId, BufferSource attestationObject); >+ void setAssertionReturnBundle(BufferSource credentialId, BufferSource authenticatorData, BufferSource signature, BufferSource userHandle); >+}; >diff --git a/Source/WebCore/testing/MockCredentialsMessenger.cpp b/Source/WebCore/testing/MockCredentialsMessenger.cpp >deleted file mode 100644 >index 102e33b5c5b88a81f1e2a64b7ce0fe3f55014a3f..0000000000000000000000000000000000000000 >--- a/Source/WebCore/testing/MockCredentialsMessenger.cpp >+++ /dev/null >@@ -1,152 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "MockCredentialsMessenger.h" >- >-#if ENABLE(WEB_AUTHN) >- >-#include "Internals.h" >-#include <wtf/Vector.h> >- >-namespace WebCore { >- >-MockCredentialsMessenger::MockCredentialsMessenger(Internals& internals) >- : m_internals(internals) >-{ >-} >- >-MockCredentialsMessenger::~MockCredentialsMessenger() >-{ >- // Have no effects to original promises. Just to call handlers to avoid any assertion failures. >- for (auto messageId : m_timeOutMessageIds) >- exceptionReply(messageId, ExceptionData { NotAllowedError, "Operation timed out."_s }); >-} >- >-void MockCredentialsMessenger::setCreationReturnBundle(const BufferSource& credentialId, const BufferSource& attestationObject) >-{ >- ASSERT(m_credentialId.isEmpty() && m_attestationObject.isEmpty()); >- m_credentialId.append(credentialId.data(), credentialId.length()); >- m_attestationObject.append(attestationObject.data(), attestationObject.length()); >-} >- >-void MockCredentialsMessenger::setAssertionReturnBundle(const BufferSource& credentialId, const BufferSource& authenticatorData, const BufferSource& signature, const BufferSource& userHandle) >-{ >- ASSERT(m_credentialId.isEmpty() && m_authenticatorData.isEmpty() && m_signature.isEmpty() && m_userHandle.isEmpty()); >- m_credentialId.append(credentialId.data(), credentialId.length()); >- m_authenticatorData.append(authenticatorData.data(), authenticatorData.length()); >- m_signature.append(signature.data(), signature.length()); >- m_userHandle.append(userHandle.data(), userHandle.length()); >-} >- >-void MockCredentialsMessenger::ref() >-{ >- m_internals.ref(); >-} >- >-void MockCredentialsMessenger::deref() >-{ >- m_internals.deref(); >-} >- >-void MockCredentialsMessenger::makeCredential(const Vector<uint8_t>&, const PublicKeyCredentialCreationOptions&, CreationCompletionHandler&& handler) >-{ >- auto messageId = addCreationCompletionHandler(WTFMove(handler)); >- if (m_didTimeOut) { >- m_didTimeOut = false; >- m_timeOutMessageIds.append(messageId); >- return; >- } >- if (m_didUserCancel) { >- m_didUserCancel = false; >- exceptionReply(messageId, ExceptionData { NotAllowedError, "User cancelled."_s }); >- return; >- } >- if (!m_credentialId.isEmpty()) { >- ASSERT(!m_attestationObject.isEmpty()); >- makeCredentialReply(messageId, m_credentialId, m_attestationObject); >- m_credentialId.clear(); >- m_attestationObject.clear(); >- return; >- } >- ASSERT_NOT_REACHED(); >-} >- >-void MockCredentialsMessenger::getAssertion(const Vector<uint8_t>&, const PublicKeyCredentialRequestOptions&, RequestCompletionHandler&& handler) >-{ >- auto messageId = addRequestCompletionHandler(WTFMove(handler)); >- if (m_didTimeOut) { >- m_didTimeOut = false; >- m_timeOutMessageIds.append(messageId); >- return; >- } >- if (m_didUserCancel) { >- m_didUserCancel = false; >- exceptionReply(messageId, ExceptionData { NotAllowedError, "User cancelled."_s }); >- return; >- } >- if (!m_credentialId.isEmpty()) { >- ASSERT(!m_authenticatorData.isEmpty() && !m_signature.isEmpty() && !m_userHandle.isEmpty()); >- getAssertionReply(messageId, m_credentialId, m_authenticatorData, m_signature, m_userHandle); >- m_credentialId.clear(); >- m_authenticatorData.clear(); >- m_signature.clear(); >- m_userHandle.clear(); >- return; >- } >- ASSERT_NOT_REACHED(); >-} >- >-void MockCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler) >-{ >- auto messageId = addQueryCompletionHandler(WTFMove(handler)); >- if (m_didUserVerifyingPlatformAuthenticatorPresent) { >- isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, true); >- m_didUserVerifyingPlatformAuthenticatorPresent = false; >- } else >- isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, false); >-} >- >-void MockCredentialsMessenger::makeCredentialReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject) >-{ >- auto handler = takeCreationCompletionHandler(messageId); >- handler(CreationReturnBundle(ArrayBuffer::create(credentialId.data(), credentialId.size()), ArrayBuffer::create(attestationObject.data(), attestationObject.size()))); >-} >- >-void MockCredentialsMessenger::getAssertionReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle) >-{ >- auto handler = takeRequestCompletionHandler(messageId); >- handler(AssertionReturnBundle(ArrayBuffer::create(credentialId.data(), credentialId.size()), ArrayBuffer::create(authenticatorData.data(), authenticatorData.size()), ArrayBuffer::create(signature.data(), signature.size()), ArrayBuffer::create(userHandle.data(), userHandle.size()))); >-} >- >-void MockCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool result) >-{ >- auto handler = takeQueryCompletionHandler(messageId); >- handler(result); >-} >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/testing/MockCredentialsMessenger.h b/Source/WebCore/testing/MockCredentialsMessenger.h >deleted file mode 100644 >index b4b08df4eaa0848e11191e9a86e404a2bc51182f..0000000000000000000000000000000000000000 >--- a/Source/WebCore/testing/MockCredentialsMessenger.h >+++ /dev/null >@@ -1,77 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#pragma once >- >-#if ENABLE(WEB_AUTHN) >- >-#include "BufferSource.h" >-#include "CredentialsMessenger.h" >-#include <wtf/Forward.h> >- >-namespace WebCore { >- >-class Internals; >- >-class MockCredentialsMessenger final : public CredentialsMessenger { >-public: >- explicit MockCredentialsMessenger(Internals&); >- ~MockCredentialsMessenger(); >- >- void setDidTimeOut() { m_didTimeOut = true; } >- void setDidUserCancel() { m_didUserCancel = true; } >- void setDidUserVerifyingPlatformAuthenticatorPresent() { m_didUserVerifyingPlatformAuthenticatorPresent = true; } >- void setCreationReturnBundle(const BufferSource& credentialId, const BufferSource& attestationObject); >- void setAssertionReturnBundle(const BufferSource& credentialId, const BufferSource& authenticatorData, const BufferSource& signature, const BufferSource& userHandle); >- >- void ref(); >- void deref(); >- >-private: >- void makeCredential(const Vector<uint8_t>&, const PublicKeyCredentialCreationOptions&, CreationCompletionHandler&&) final; >- void getAssertion(const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions&, RequestCompletionHandler&&) final; >- void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&) final; >- void makeCredentialReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject) final; >- void getAssertionReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle) final; >- void isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool) final; >- >- Internals& m_internals; >- // All following fields are disposable. >- bool m_didTimeOut { false }; >- bool m_didUserCancel { false }; >- bool m_didUserVerifyingPlatformAuthenticatorPresent { false }; >- Vector<uint8_t> m_attestationObject; >- Vector<uint8_t> m_credentialId; // Overlapped between CreationReturnBundle and AssertionReturnBundle. >- Vector<uint8_t> m_authenticatorData; >- Vector<uint8_t> m_signature; >- Vector<uint8_t> m_userHandle; >- >- // To clean up completion handlers. >- Vector<uint64_t> m_timeOutMessageIds; >-}; >- >-} // namespace WebCore >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebCore/testing/MockCredentialsMessenger.idl b/Source/WebCore/testing/MockCredentialsMessenger.idl >deleted file mode 100644 >index 31e126a92bf119a3c45fae5eb28a8b9ab958d980..0000000000000000000000000000000000000000 >--- a/Source/WebCore/testing/MockCredentialsMessenger.idl >+++ /dev/null >@@ -1,35 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-[ >- Conditional=WEB_AUTHN, >- NoInterfaceObject, >-] interface MockCredentialsMessenger { >- void setDidTimeOut(); >- void setDidUserCancel(); >- void setDidUserVerifyingPlatformAuthenticatorPresent(); >- void setCreationReturnBundle(BufferSource credentialId, BufferSource attestationObject); >- void setAssertionReturnBundle(BufferSource credentialId, BufferSource authenticatorData, BufferSource signature, BufferSource userHandle); >-}; >diff --git a/Source/WebKit/DerivedSources.make b/Source/WebKit/DerivedSources.make >index 1e4cc51d8f90f4c33e3b8c840f653533baccbe45..bdec2831b6510a780fed6bb42611bc92f47873a0 100644 >--- a/Source/WebKit/DerivedSources.make >+++ b/Source/WebKit/DerivedSources.make >@@ -43,7 +43,6 @@ VPATH = \ > $(WebKit2)/WebProcess/ApplicationCache \ > $(WebKit2)/WebProcess/Automation \ > $(WebKit2)/WebProcess/Cache \ >- $(WebKit2)/WebProcess/CredentialManagement \ > $(WebKit2)/WebProcess/Databases/IndexedDB \ > $(WebKit2)/WebProcess/FullScreen \ > $(WebKit2)/WebProcess/Geolocation \ >@@ -58,6 +57,7 @@ VPATH = \ > $(WebKit2)/WebProcess/ResourceCache \ > $(WebKit2)/WebProcess/Storage \ > $(WebKit2)/WebProcess/UserContent \ >+ $(WebKit2)/WebProcess/WebAuthentication \ > $(WebKit2)/WebProcess/WebCoreSupport \ > $(WebKit2)/WebProcess/WebPage \ > $(WebKit2)/WebProcess/WebPage/RemoteLayerTree \ >@@ -69,7 +69,6 @@ VPATH = \ > $(WebKit2)/UIProcess/ApplePay \ > $(WebKit2)/UIProcess/Automation \ > $(WebKit2)/UIProcess/Cocoa \ >- $(WebKit2)/UIProcess/CredentialManagement \ > $(WebKit2)/UIProcess/Databases \ > $(WebKit2)/UIProcess/Downloads \ > $(WebKit2)/UIProcess/MediaStream \ >@@ -80,6 +79,7 @@ VPATH = \ > $(WebKit2)/UIProcess/RemoteLayerTree \ > $(WebKit2)/UIProcess/Storage \ > $(WebKit2)/UIProcess/UserContent \ >+ $(WebKit2)/UIProcess/WebAuthentication \ > $(WebKit2)/UIProcess/WebStorage \ > $(WebKit2)/UIProcess/mac \ > $(WebKit2)/UIProcess/ios \ >@@ -149,8 +149,8 @@ MESSAGE_RECEIVERS = \ > WebConnection \ > WebCookieManager \ > WebCookieManagerProxy \ >- WebCredentialsMessenger \ >- WebCredentialsMessengerProxy \ >+ WebAuthenticatorCoordinator \ >+ WebAuthenticatorCoordinatorProxy \ > WebFullScreenManager \ > WebFullScreenManagerProxy \ > WebGeolocationManager \ >diff --git a/Source/WebKit/SourcesCocoa.txt b/Source/WebKit/SourcesCocoa.txt >index 026da52e9ed83c4a8dbd4a8ce217f388d312998b..16d07ba033ce87cfe3769ab3de8f82960ba72986 100644 >--- a/Source/WebKit/SourcesCocoa.txt >+++ b/Source/WebKit/SourcesCocoa.txt >@@ -344,8 +344,6 @@ UIProcess/Cocoa/WebViewImpl.mm > UIProcess/Cocoa/WKReloadFrameErrorRecoveryAttempter.mm > UIProcess/Cocoa/WKWebViewContentProviderRegistry.mm > >-UIProcess/CredentialManagement/WebCredentialsMessengerProxy.cpp >- > UIProcess/Gamepad/cocoa/UIGamepadProviderCocoa.mm > UIProcess/Gamepad/ios/UIGamepadProviderIOS.mm > UIProcess/Gamepad/mac/UIGamepadProviderMac.mm >@@ -456,6 +454,8 @@ UIProcess/RemoteLayerTree/RemoteLayerTreeScrollingPerformanceData.mm > UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.cpp > UIProcess/RemoteLayerTree/RemoteScrollingTree.cpp > >+UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp >+ > UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm > > UIProcess/WebStorage/StorageManager.cpp >@@ -464,8 +464,6 @@ UIProcess/WebStorage/ios/LocalStorageDatabaseTrackerIOS.mm > > WebProcess/ApplePay/WebPaymentCoordinator.cpp > >-WebProcess/CredentialManagement/WebCredentialsMessenger.cpp >- > WebProcess/cocoa/PlaybackSessionManager.mm > WebProcess/cocoa/UserMediaCaptureManager.cpp > WebProcess/cocoa/VideoFullscreenManager.mm >@@ -510,6 +508,8 @@ WebProcess/Plugins/PDF/PDFPluginChoiceAnnotation.mm > WebProcess/Plugins/PDF/PDFPluginPasswordField.mm > WebProcess/Plugins/PDF/PDFPluginTextAnnotation.mm > >+WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp >+ > WebProcess/WebCoreSupport/WebDataListSuggestionPicker.cpp > WebProcess/WebCoreSupport/WebPasteboardOverrides.cpp > WebProcess/WebCoreSupport/WebValidationMessageClient.cpp >diff --git a/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.cpp b/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.cpp >deleted file mode 100644 >index 9cbcfbf2cd9041af48d09c2d0e6f0e4de2020568..0000000000000000000000000000000000000000 >--- a/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.cpp >+++ /dev/null >@@ -1,125 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "WebCredentialsMessengerProxy.h" >- >-#if ENABLE(WEB_AUTHN) >- >-#include "WebCredentialsMessengerMessages.h" >-#include "WebCredentialsMessengerProxyMessages.h" >-#include "WebPageProxy.h" >-#include "WebProcessProxy.h" >-#include <WebCore/ExceptionData.h> >-#include <WebCore/LocalAuthenticator.h> >- >-namespace WebKit { >- >-WebCredentialsMessengerProxy::WebCredentialsMessengerProxy(WebPageProxy& webPageProxy) >- : m_webPageProxy(webPageProxy) >-{ >- m_webPageProxy.process().addMessageReceiver(Messages::WebCredentialsMessengerProxy::messageReceiverName(), m_webPageProxy.pageID(), *this); >- m_authenticator = std::make_unique<WebCore::LocalAuthenticator>(); >-} >- >-WebCredentialsMessengerProxy::~WebCredentialsMessengerProxy() >-{ >- m_webPageProxy.process().removeMessageReceiver(Messages::WebCredentialsMessengerProxy::messageReceiverName(), m_webPageProxy.pageID()); >-} >- >-void WebCredentialsMessengerProxy::makeCredential(uint64_t messageId, const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialCreationOptions& options) >-{ >- // FIXME(182767) >- if (!m_authenticator) { >- exceptionReply(messageId, { WebCore::NotAllowedError, "No avaliable authenticators."_s }); >- return; >- } >- // FIXME(183534): Weak pointers doesn't work in another thread because of race condition. >- // FIXME(183534): Unify callbacks. >- auto weakThis = makeWeakPtr(*this); >- auto callback = [weakThis, messageId] (const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject) { >- if (!weakThis) >- return; >- weakThis->makeCredentialReply(messageId, credentialId, attestationObject); >- }; >- auto exceptionCallback = [weakThis, messageId] (const WebCore::ExceptionData& exception) { >- if (!weakThis) >- return; >- weakThis->exceptionReply(messageId, exception); >- }; >- m_authenticator->makeCredential(hash, options, WTFMove(callback), WTFMove(exceptionCallback)); >-} >- >-void WebCredentialsMessengerProxy::getAssertion(uint64_t messageId, const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions& options) >-{ >- // FIXME(182767) >- if (!m_authenticator) >- exceptionReply(messageId, { WebCore::NotAllowedError, "No avaliable authenticators."_s }); >- // FIXME(183534): Weak pointers doesn't work in another thread because of race condition. >- // FIXME(183534): Unify callbacks. >- auto weakThis = makeWeakPtr(*this); >- auto callback = [weakThis, messageId] (const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle) { >- if (weakThis) >- weakThis->getAssertionReply(messageId, credentialId, authenticatorData, signature, userHandle); >- }; >- auto exceptionCallback = [weakThis, messageId] (const WebCore::ExceptionData& exception) { >- if (weakThis) >- weakThis->exceptionReply(messageId, exception); >- }; >- m_authenticator->getAssertion(hash, options, WTFMove(callback), WTFMove(exceptionCallback)); >-} >- >-void WebCredentialsMessengerProxy::isUserVerifyingPlatformAuthenticatorAvailable(uint64_t messageId) >-{ >- if (!m_authenticator) { >- isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, false); >- return; >- } >- isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, m_authenticator->isAvailable()); >-} >- >-void WebCredentialsMessengerProxy::exceptionReply(uint64_t messageId, const WebCore::ExceptionData& exception) >-{ >- m_webPageProxy.send(Messages::WebCredentialsMessenger::ExceptionReply(messageId, exception)); >-} >- >-void WebCredentialsMessengerProxy::makeCredentialReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject) >-{ >- m_webPageProxy.send(Messages::WebCredentialsMessenger::MakeCredentialReply(messageId, credentialId, attestationObject)); >-} >- >-void WebCredentialsMessengerProxy::getAssertionReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle) >-{ >- m_webPageProxy.send(Messages::WebCredentialsMessenger::GetAssertionReply(messageId, credentialId, authenticatorData, signature, userHandle)); >-} >- >-void WebCredentialsMessengerProxy::isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool result) >-{ >- m_webPageProxy.send(Messages::WebCredentialsMessenger::IsUserVerifyingPlatformAuthenticatorAvailableReply(messageId, result)); >-} >- >-} // namespace WebKit >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.h b/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.h >deleted file mode 100644 >index 9d74c97270b783e87e4f8e52f28da0ea290c70c0..0000000000000000000000000000000000000000 >--- a/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.h >+++ /dev/null >@@ -1,74 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#pragma once >- >-#if ENABLE(WEB_AUTHN) >- >-#include "MessageReceiver.h" >-#include <wtf/Forward.h> >-#include <wtf/Noncopyable.h> >-#include <wtf/WeakPtr.h> >- >-namespace WebCore { >-class LocalAuthenticator; >- >-struct ExceptionData; >-struct PublicKeyCredentialCreationOptions; >-struct PublicKeyCredentialRequestOptions; >-} >- >-namespace WebKit { >- >-class WebPageProxy; >- >-class WebCredentialsMessengerProxy : private IPC::MessageReceiver, public CanMakeWeakPtr<WebCredentialsMessengerProxy> { >- WTF_MAKE_NONCOPYABLE(WebCredentialsMessengerProxy); >-public: >- explicit WebCredentialsMessengerProxy(WebPageProxy&); >- ~WebCredentialsMessengerProxy(); >- >-private: >- // IPC::MessageReceiver. >- void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override; >- >- // Receivers. >- void makeCredential(uint64_t messageId, const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialCreationOptions&); >- void getAssertion(uint64_t messageId, const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions&); >- void isUserVerifyingPlatformAuthenticatorAvailable(uint64_t messageId); >- >- // Senders. >- void exceptionReply(uint64_t messageId, const WebCore::ExceptionData&); >- void makeCredentialReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject); >- void getAssertionReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle); >- void isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool); >- >- WebPageProxy& m_webPageProxy; >- std::unique_ptr<WebCore::LocalAuthenticator> m_authenticator; >-}; >- >-} // namespace WebKit >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.messages.in b/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.messages.in >deleted file mode 100644 >index a58bbae6f014b0bbb6ce978a849aff538f33260d..0000000000000000000000000000000000000000 >--- a/Source/WebKit/UIProcess/CredentialManagement/WebCredentialsMessengerProxy.messages.in >+++ /dev/null >@@ -1,34 +0,0 @@ >-# Copyright (C) 2018 Apple Inc. All rights reserved. >-# >-# Redistribution and use in source and binary forms, with or without >-# modification, are permitted provided that the following conditions >-# are met: >-# 1. Redistributions of source code must retain the above copyright >-# notice, this list of conditions and the following disclaimer. >-# 2. Redistributions in binary form must reproduce the above copyright >-# notice, this list of conditions and the following disclaimer in the >-# documentation and/or other materials provided with the distribution. >-# >-# THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >-# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >-# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >-# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >-# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >-# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >-# THE POSSIBILITY OF SUCH DAMAGE. >-#/ >- >-#if ENABLE(WEB_AUTHN) >- >-messages -> WebCredentialsMessengerProxy { >- >- MakeCredential(uint64_t messageId, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options); >- GetAssertion(uint64_t messageId, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options); >- IsUserVerifyingPlatformAuthenticatorAvailable(uint64_t messageId); >-} >- >-#endif >diff --git a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp >new file mode 100644 >index 0000000000000000000000000000000000000000..1223948ee180018cd2d0591ad620cbfd8e7b96c7 >--- /dev/null >+++ b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp >@@ -0,0 +1,114 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include "config.h" >+#include "WebAuthenticatorCoordinatorProxy.h" >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "WebAuthenticatorCoordinatorMessages.h" >+#include "WebAuthenticatorCoordinatorProxyMessages.h" >+#include "WebPageProxy.h" >+#include "WebProcessProxy.h" >+#include <WebCore/ExceptionData.h> >+#include <WebCore/LocalAuthenticator.h> >+#include <WebCore/PublicKeyCredentialData.h> >+ >+namespace WebKit { >+ >+WebAuthenticatorCoordinatorProxy::WebAuthenticatorCoordinatorProxy(WebPageProxy& webPageProxy) >+ : m_webPageProxy(webPageProxy) >+{ >+ m_webPageProxy.process().addMessageReceiver(Messages::WebAuthenticatorCoordinatorProxy::messageReceiverName(), m_webPageProxy.pageID(), *this); >+ m_authenticator = std::make_unique<WebCore::LocalAuthenticator>(); >+} >+ >+WebAuthenticatorCoordinatorProxy::~WebAuthenticatorCoordinatorProxy() >+{ >+ m_webPageProxy.process().removeMessageReceiver(Messages::WebAuthenticatorCoordinatorProxy::messageReceiverName(), m_webPageProxy.pageID()); >+} >+ >+void WebAuthenticatorCoordinatorProxy::makeCredential(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialCreationOptions& options) >+{ >+ // FIXME(182767) >+ if (!m_authenticator) { >+ requestReply({ }, { WebCore::NotAllowedError, "No avaliable authenticators."_s }); >+ return; >+ } >+ // FIXME(183534): Weak pointers doesn't work in another thread because of race condition. >+ auto callback = [weakThis = makeWeakPtr(*this)] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ if (!weakThis) >+ return; >+ >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData& data) { >+ weakThis->requestReply(data, { }); >+ }, [&](const WebCore::ExceptionData& exception) { >+ weakThis->requestReply({ }, exception); >+ }); >+ }; >+ m_authenticator->makeCredential(hash, options, WTFMove(callback)); >+} >+ >+void WebAuthenticatorCoordinatorProxy::getAssertion(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions& options) >+{ >+ // FIXME(182767) >+ if (!m_authenticator) >+ requestReply({ }, { WebCore::NotAllowedError, "No avaliable authenticators."_s }); >+ // FIXME(183534): Weak pointers doesn't work in another thread because of race condition. >+ auto callback = [weakThis = makeWeakPtr(*this)] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ if (!weakThis) >+ return; >+ >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData& data) { >+ weakThis->requestReply(data, { }); >+ }, [&](const WebCore::ExceptionData& exception) { >+ weakThis->requestReply({ }, exception); >+ }); >+ }; >+ m_authenticator->getAssertion(hash, options, WTFMove(callback)); >+} >+ >+void WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable(uint64_t messageId) >+{ >+ if (!m_authenticator) { >+ isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, false); >+ return; >+ } >+ isUserVerifyingPlatformAuthenticatorAvailableReply(messageId, m_authenticator->isAvailable()); >+} >+ >+void WebAuthenticatorCoordinatorProxy::requestReply(const WebCore::PublicKeyCredentialData& data, const WebCore::ExceptionData& exception) >+{ >+ m_webPageProxy.send(Messages::WebAuthenticatorCoordinator::RequestReply(data, exception)); >+} >+ >+void WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool result) >+{ >+ m_webPageProxy.send(Messages::WebAuthenticatorCoordinator::IsUserVerifyingPlatformAuthenticatorAvailableReply(messageId, result)); >+} >+ >+} // namespace WebKit >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h >new file mode 100644 >index 0000000000000000000000000000000000000000..0175aace0306b6bd5bcd12383efb2aa0945f5d95 >--- /dev/null >+++ b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h >@@ -0,0 +1,73 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "MessageReceiver.h" >+#include <wtf/Forward.h> >+#include <wtf/Noncopyable.h> >+#include <wtf/WeakPtr.h> >+ >+namespace WebCore { >+class LocalAuthenticator; >+ >+struct ExceptionData; >+struct PublicKeyCredentialCreationOptions; >+struct PublicKeyCredentialData; >+struct PublicKeyCredentialRequestOptions; >+} >+ >+namespace WebKit { >+ >+class WebPageProxy; >+ >+class WebAuthenticatorCoordinatorProxy : private IPC::MessageReceiver, public CanMakeWeakPtr<WebAuthenticatorCoordinatorProxy> { >+ WTF_MAKE_NONCOPYABLE(WebAuthenticatorCoordinatorProxy); >+public: >+ explicit WebAuthenticatorCoordinatorProxy(WebPageProxy&); >+ ~WebAuthenticatorCoordinatorProxy(); >+ >+private: >+ // IPC::MessageReceiver. >+ void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override; >+ >+ // Receivers. >+ void makeCredential(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialCreationOptions&); >+ void getAssertion(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions&); >+ void isUserVerifyingPlatformAuthenticatorAvailable(uint64_t messageId); >+ >+ // Senders. >+ void requestReply(const WebCore::PublicKeyCredentialData&, const WebCore::ExceptionData&); >+ void isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool); >+ >+ WebPageProxy& m_webPageProxy; >+ std::unique_ptr<WebCore::LocalAuthenticator> m_authenticator; >+}; >+ >+} // namespace WebKit >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in >new file mode 100644 >index 0000000000000000000000000000000000000000..87c66776e61a05b1bad5292dd115213aafa3abe1 >--- /dev/null >+++ b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in >@@ -0,0 +1,34 @@ >+# Copyright (C) 2018 Apple Inc. All rights reserved. >+# >+# Redistribution and use in source and binary forms, with or without >+# modification, are permitted provided that the following conditions >+# are met: >+# 1. Redistributions of source code must retain the above copyright >+# notice, this list of conditions and the following disclaimer. >+# 2. Redistributions in binary form must reproduce the above copyright >+# notice, this list of conditions and the following disclaimer in the >+# documentation and/or other materials provided with the distribution. >+# >+# THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+# THE POSSIBILITY OF SUCH DAMAGE. >+#/ >+ >+#if ENABLE(WEB_AUTHN) >+ >+messages -> WebAuthenticatorCoordinatorProxy { >+ >+ MakeCredential(Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options); >+ GetAssertion(Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options); >+ IsUserVerifyingPlatformAuthenticatorAvailable(uint64_t messageId); >+} >+ >+#endif >diff --git a/Source/WebKit/UIProcess/WebPageProxy.cpp b/Source/WebKit/UIProcess/WebPageProxy.cpp >index e28310ba60a928337a08f7693d8edc9156eba436..01b1bbbbeedf7e435a9e78581bf04367c9ca8ace 100644 >--- a/Source/WebKit/UIProcess/WebPageProxy.cpp >+++ b/Source/WebKit/UIProcess/WebPageProxy.cpp >@@ -211,7 +211,7 @@ > #endif > > #if ENABLE(WEB_AUTHN) >-#include "WebCredentialsMessengerProxy.h" >+#include "WebAuthenticatorCoordinatorProxy.h" > #endif > > #if HAVE(CFNETWORK_STORAGE_PARTITIONING) >@@ -461,7 +461,7 @@ WebPageProxy::WebPageProxy(PageClient& pageClient, WebProcessProxy& process, uin > #endif > > #if ENABLE(WEB_AUTHN) >- m_credentialsMessenger = std::make_unique<WebCredentialsMessengerProxy>(*this); >+ m_credentialsMessenger = std::make_unique<WebAuthenticatorCoordinatorProxy>(*this); > #endif > > m_process->addMessageReceiver(Messages::WebPageProxy::messageReceiverName(), m_pageID, *this); >@@ -779,7 +779,7 @@ void WebPageProxy::reattachToWebProcess(Ref<WebProcessProxy>&& process, API::Nav > #endif > > #if ENABLE(WEB_AUTHN) >- m_credentialsMessenger = std::make_unique<WebCredentialsMessengerProxy>(*this); >+ m_credentialsMessenger = std::make_unique<WebAuthenticatorCoordinatorProxy>(*this); > #endif > > initializeWebPage(); >diff --git a/Source/WebKit/UIProcess/WebPageProxy.h b/Source/WebKit/UIProcess/WebPageProxy.h >index a98fd72eee4bf7a05086b585abbe73a1d66355eb..41933a149ccd5c9d3feb7e5831ba2408381b9bb8 100644 >--- a/Source/WebKit/UIProcess/WebPageProxy.h >+++ b/Source/WebKit/UIProcess/WebPageProxy.h >@@ -236,7 +236,7 @@ class WebFullScreenManagerProxy; > class PlaybackSessionManagerProxy; > class WebNavigationState; > class VideoFullscreenManagerProxy; >-class WebCredentialsMessengerProxy; >+class WebAuthenticatorCoordinatorProxy; > class WebKeyboardEvent; > class WebURLSchemeHandler; > class WebMouseEvent; >@@ -1917,7 +1917,7 @@ private: > #endif > > #if ENABLE(WEB_AUTHN) >- std::unique_ptr<WebCredentialsMessengerProxy> m_credentialsMessenger; >+ std::unique_ptr<WebAuthenticatorCoordinatorProxy> m_credentialsMessenger; > #endif > > CallbackMap m_callbacks; >diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >index 7bdac60fc32b60737e6ed11f6177941050f7570a..3f9da68ee665962b0a68e230f589e93979992b12 100644 >--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj >+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >@@ -1028,11 +1028,11 @@ > 53BA47D11DC2EF5E004DF4AD /* NetworkDataTaskBlob.h in Headers */ = {isa = PBXBuildFile; fileRef = 539EB5471DC2EE40009D48CF /* NetworkDataTaskBlob.h */; }; > 53DEA3661DDE423100E82648 /* json.hpp in Headers */ = {isa = PBXBuildFile; fileRef = 53DEA3651DDE422E00E82648 /* json.hpp */; }; > 570AB8F320AE3BD700B8BE87 /* SecKeyProxyStore.h in Headers */ = {isa = PBXBuildFile; fileRef = 570AB8F220AE3BD700B8BE87 /* SecKeyProxyStore.h */; }; >- 5760829C202D2C3C00116678 /* WebCredentialsMessengerMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5760829020298FBD00116678 /* WebCredentialsMessengerMessageReceiver.cpp */; }; >- 5760829D202D2C4000116678 /* WebCredentialsMessengerMessages.h in Headers */ = {isa = PBXBuildFile; fileRef = 5760828F20298FBD00116678 /* WebCredentialsMessengerMessages.h */; }; >- 5760829E202D2C4300116678 /* WebCredentialsMessengerProxyMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5760829A202BEE5A00116678 /* WebCredentialsMessengerProxyMessageReceiver.cpp */; }; >- 5760829F202D2C4600116678 /* WebCredentialsMessengerProxyMessages.h in Headers */ = {isa = PBXBuildFile; fileRef = 5760829B202BEE5A00116678 /* WebCredentialsMessengerProxyMessages.h */; }; > 57B4B46020B504AC00D4AD79 /* ClientCertificateAuthenticationXPCConstants.h in Headers */ = {isa = PBXBuildFile; fileRef = 57B4B45E20B504AB00D4AD79 /* ClientCertificateAuthenticationXPCConstants.h */; }; >+ 57DCED6E2142EE5E0016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57DCED6B2142EAE20016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp */; }; >+ 57DCED6F2142EE630016B847 /* WebAuthenticatorCoordinatorMessages.h in Headers */ = {isa = PBXBuildFile; fileRef = 57DCED6A2142EAE20016B847 /* WebAuthenticatorCoordinatorMessages.h */; }; >+ 57DCED702142EE680016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57DCED6C2142EAF90016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp */; }; >+ 57DCED712142EE6C0016B847 /* WebAuthenticatorCoordinatorProxyMessages.h in Headers */ = {isa = PBXBuildFile; fileRef = 57DCED6D2142EAFA0016B847 /* WebAuthenticatorCoordinatorProxyMessages.h */; }; > 5C0B17781E7C880E00E9123C /* NetworkSocketStreamMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5C0B17741E7C879C00E9123C /* NetworkSocketStreamMessageReceiver.cpp */; }; > 5C0B17791E7C882100E9123C /* WebSocketStreamMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5C0B17761E7C879C00E9123C /* WebSocketStreamMessageReceiver.cpp */; }; > 5C1426ED1C23F80900D41183 /* NetworkProcessCreationParameters.h in Headers */ = {isa = PBXBuildFile; fileRef = 5C1426E31C23F80500D41183 /* NetworkProcessCreationParameters.h */; }; >@@ -3368,18 +3368,18 @@ > 570AB90320B2541C00B8BE87 /* SecKeyProxyStore.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = SecKeyProxyStore.mm; sourceTree = "<group>"; }; > 575075A720AB763600693EA9 /* WebCredentialMac.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = WebCredentialMac.mm; sourceTree = "<group>"; }; > 5750F32A2032D4E500389347 /* LocalAuthentication.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = LocalAuthentication.framework; path = System/Library/Frameworks/LocalAuthentication.framework; sourceTree = SDKROOT; }; >- 5760828B2029854200116678 /* WebCredentialsMessenger.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebCredentialsMessenger.h; sourceTree = "<group>"; }; >- 5760828C2029854200116678 /* WebCredentialsMessenger.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = WebCredentialsMessenger.cpp; sourceTree = "<group>"; }; >- 5760828D202987E600116678 /* WebCredentialsMessenger.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = WebCredentialsMessenger.messages.in; sourceTree = "<group>"; }; >- 5760828F20298FBD00116678 /* WebCredentialsMessengerMessages.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebCredentialsMessengerMessages.h; sourceTree = "<group>"; }; >- 5760829020298FBD00116678 /* WebCredentialsMessengerMessageReceiver.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = WebCredentialsMessengerMessageReceiver.cpp; sourceTree = "<group>"; }; >- 57608295202BD8BA00116678 /* WebCredentialsMessengerProxy.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebCredentialsMessengerProxy.h; sourceTree = "<group>"; }; >- 57608296202BD8BA00116678 /* WebCredentialsMessengerProxy.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = WebCredentialsMessengerProxy.cpp; sourceTree = "<group>"; }; >- 57608299202BDAE200116678 /* WebCredentialsMessengerProxy.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = WebCredentialsMessengerProxy.messages.in; sourceTree = "<group>"; }; >- 5760829A202BEE5A00116678 /* WebCredentialsMessengerProxyMessageReceiver.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = WebCredentialsMessengerProxyMessageReceiver.cpp; sourceTree = "<group>"; }; >- 5760829B202BEE5A00116678 /* WebCredentialsMessengerProxyMessages.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebCredentialsMessengerProxyMessages.h; sourceTree = "<group>"; }; >+ 5760828B2029854200116678 /* WebAuthenticatorCoordinator.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebAuthenticatorCoordinator.h; sourceTree = "<group>"; }; >+ 5760828C2029854200116678 /* WebAuthenticatorCoordinator.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = WebAuthenticatorCoordinator.cpp; sourceTree = "<group>"; }; >+ 5760828D202987E600116678 /* WebAuthenticatorCoordinator.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = WebAuthenticatorCoordinator.messages.in; sourceTree = "<group>"; }; >+ 57608295202BD8BA00116678 /* WebAuthenticatorCoordinatorProxy.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebAuthenticatorCoordinatorProxy.h; sourceTree = "<group>"; }; >+ 57608296202BD8BA00116678 /* WebAuthenticatorCoordinatorProxy.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = WebAuthenticatorCoordinatorProxy.cpp; sourceTree = "<group>"; }; >+ 57608299202BDAE200116678 /* WebAuthenticatorCoordinatorProxy.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = WebAuthenticatorCoordinatorProxy.messages.in; sourceTree = "<group>"; }; > 57B4B45D20B504AB00D4AD79 /* AuthenticationManagerCocoa.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = AuthenticationManagerCocoa.mm; path = Authentication/cocoa/AuthenticationManagerCocoa.mm; sourceTree = "<group>"; }; > 57B4B45E20B504AB00D4AD79 /* ClientCertificateAuthenticationXPCConstants.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ClientCertificateAuthenticationXPCConstants.h; path = Authentication/cocoa/ClientCertificateAuthenticationXPCConstants.h; sourceTree = "<group>"; }; >+ 57DCED6A2142EAE20016B847 /* WebAuthenticatorCoordinatorMessages.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebAuthenticatorCoordinatorMessages.h; sourceTree = "<group>"; }; >+ 57DCED6B2142EAE20016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebAuthenticatorCoordinatorMessageReceiver.cpp; sourceTree = "<group>"; }; >+ 57DCED6C2142EAF90016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebAuthenticatorCoordinatorProxyMessageReceiver.cpp; sourceTree = "<group>"; }; >+ 57DCED6D2142EAFA0016B847 /* WebAuthenticatorCoordinatorProxyMessages.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebAuthenticatorCoordinatorProxyMessages.h; sourceTree = "<group>"; }; > 5C0B17741E7C879C00E9123C /* NetworkSocketStreamMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NetworkSocketStreamMessageReceiver.cpp; sourceTree = "<group>"; }; > 5C0B17751E7C879C00E9123C /* NetworkSocketStreamMessages.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NetworkSocketStreamMessages.h; sourceTree = "<group>"; }; > 5C0B17761E7C879C00E9123C /* WebSocketStreamMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebSocketStreamMessageReceiver.cpp; sourceTree = "<group>"; }; >@@ -6721,24 +6721,24 @@ > name = Frameworks; > sourceTree = "<group>"; > }; >- 5760828A202984C900116678 /* CredentialManagement */ = { >+ 5760828A202984C900116678 /* WebAuthentication */ = { > isa = PBXGroup; > children = ( >- 5760828C2029854200116678 /* WebCredentialsMessenger.cpp */, >- 5760828B2029854200116678 /* WebCredentialsMessenger.h */, >- 5760828D202987E600116678 /* WebCredentialsMessenger.messages.in */, >+ 5760828C2029854200116678 /* WebAuthenticatorCoordinator.cpp */, >+ 5760828B2029854200116678 /* WebAuthenticatorCoordinator.h */, >+ 5760828D202987E600116678 /* WebAuthenticatorCoordinator.messages.in */, > ); >- path = CredentialManagement; >+ path = WebAuthentication; > sourceTree = "<group>"; > }; >- 57608294202BD84900116678 /* CredentialManagement */ = { >+ 57608294202BD84900116678 /* WebAuthentication */ = { > isa = PBXGroup; > children = ( >- 57608296202BD8BA00116678 /* WebCredentialsMessengerProxy.cpp */, >- 57608295202BD8BA00116678 /* WebCredentialsMessengerProxy.h */, >- 57608299202BDAE200116678 /* WebCredentialsMessengerProxy.messages.in */, >+ 57608296202BD8BA00116678 /* WebAuthenticatorCoordinatorProxy.cpp */, >+ 57608295202BD8BA00116678 /* WebAuthenticatorCoordinatorProxy.h */, >+ 57608299202BDAE200116678 /* WebAuthenticatorCoordinatorProxy.messages.in */, > ); >- path = CredentialManagement; >+ path = WebAuthentication; > sourceTree = "<group>"; > }; > 57B4B45C20B5048B00D4AD79 /* cocoa */ = { >@@ -7033,7 +7033,6 @@ > 1C0A19431C8FF1A800FE0EBB /* Automation */, > 41D129D81F3D101400D15E47 /* Cache */, > 7C6E70F818B2D47E00F24E2E /* cocoa */, >- 5760828A202984C900116678 /* CredentialManagement */, > 512A9754180DF9270039A149 /* Databases */, > BCACC43B16B24C5D00B6E092 /* EntryPoint */, > E170876D16D6CA7200F99226 /* FileAPI */, >@@ -7048,6 +7047,7 @@ > 1A6FB7AA11E64B4900DB1371 /* Plugins */, > 5118E9981F295259003EF9F5 /* Storage */, > 1AAF08AA1926930B00B6390C /* UserContent */, >+ 5760828A202984C900116678 /* WebAuthentication */, > BC032D5D10F437220058C15A /* WebCoreSupport */, > BC032D5E10F4372B0058C15A /* WebPage */, > 1AAC4DDE16B1CBF6009425E3 /* WebStorage */, >@@ -7193,7 +7193,6 @@ > 512F588D12A8836F00629530 /* Authentication */, > 9955A6E81C79809000EB6A93 /* Automation */, > 1ABC3DF21899E415004F0626 /* Cocoa */, >- 57608294202BD84900116678 /* CredentialManagement */, > 1AB7D4C71288AA9A00CFD08C /* Downloads */, > 515BE17B1D54EF5A00DD7C68 /* Gamepad */, > 2DA944A81884E9AB00ED86DB /* ios */, >@@ -7205,6 +7204,7 @@ > 2D1551A91F5A9B420006E3FE /* RemoteLayerTree */, > 517DD5BB180DA7C40081660B /* Storage */, > 1AAF089E192681AC00B6390C /* UserContent */, >+ 57608294202BD84900116678 /* WebAuthentication */, > 1A53C2A31A325691004E8C70 /* WebsiteData */, > 1A44B95816B73F8C00B7BBD8 /* WebStorage */, > 7CD102D91866770600ED429D /* AutoCorrectionCallback.h */, >@@ -8344,6 +8344,10 @@ > 1A60224B18C16B9F00C3E8C9 /* VisitedLinkStoreMessages.h */, > 1A8E7D3A18C15149005A702A /* VisitedLinkTableControllerMessageReceiver.cpp */, > 1A8E7D3B18C15149005A702A /* VisitedLinkTableControllerMessages.h */, >+ 57DCED6B2142EAE20016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp */, >+ 57DCED6A2142EAE20016B847 /* WebAuthenticatorCoordinatorMessages.h */, >+ 57DCED6C2142EAF90016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp */, >+ 57DCED6D2142EAFA0016B847 /* WebAuthenticatorCoordinatorProxyMessages.h */, > 1C0A19551C90068F00FE0EBB /* WebAutomationSessionMessageReceiver.cpp */, > 1C0A19561C90068F00FE0EBB /* WebAutomationSessionMessages.h */, > 1C0A19511C8FFDFB00FE0EBB /* WebAutomationSessionProxyMessageReceiver.cpp */, >@@ -8356,10 +8360,6 @@ > 330934441315B9220097A7BC /* WebCookieManagerMessages.h */, > 330934451315B9220097A7BC /* WebCookieManagerProxyMessageReceiver.cpp */, > 330934461315B9220097A7BC /* WebCookieManagerProxyMessages.h */, >- 5760829020298FBD00116678 /* WebCredentialsMessengerMessageReceiver.cpp */, >- 5760828F20298FBD00116678 /* WebCredentialsMessengerMessages.h */, >- 5760829A202BEE5A00116678 /* WebCredentialsMessengerProxyMessageReceiver.cpp */, >- 5760829B202BEE5A00116678 /* WebCredentialsMessengerProxyMessages.h */, > CD73BA48131ACD8E00EEDED2 /* WebFullScreenManagerMessageReceiver.cpp */, > CD73BA49131ACD8E00EEDED2 /* WebFullScreenManagerMessages.h */, > CD73BA45131ACC8800EEDED2 /* WebFullScreenManagerProxyMessageReceiver.cpp */, >@@ -9223,6 +9223,8 @@ > 1AF4CEF018BC481800BC2D34 /* VisitedLinkTableController.h in Headers */, > 1A8E7D3D18C15149005A702A /* VisitedLinkTableControllerMessages.h in Headers */, > CEDA12E3152CD1B300D9E08D /* WebAlternativeTextClient.h in Headers */, >+ 57DCED6F2142EE630016B847 /* WebAuthenticatorCoordinatorMessages.h in Headers */, >+ 57DCED712142EE6C0016B847 /* WebAuthenticatorCoordinatorProxyMessages.h in Headers */, > 9955A6EC1C7980C200EB6A93 /* WebAutomationSession.h in Headers */, > 99C3AE2D1DADA6AD00AF5C16 /* WebAutomationSessionMacros.h in Headers */, > 1C0A19581C90068F00FE0EBB /* WebAutomationSessionMessages.h in Headers */, >@@ -9263,8 +9265,6 @@ > 3309344A1315B9220097A7BC /* WebCookieManagerProxyMessages.h in Headers */, > BC1DD7B2114DC396005ADAF3 /* WebCoreArgumentCoders.h in Headers */, > 512F589B12A8838800629530 /* WebCredential.h in Headers */, >- 5760829D202D2C4000116678 /* WebCredentialsMessengerMessages.h in Headers */, >- 5760829F202D2C4600116678 /* WebCredentialsMessengerProxyMessages.h in Headers */, > 1AA83F6D1A5B63FF00026EC6 /* WebDatabaseProvider.h in Headers */, > E52CF55220A35C3A00DADA27 /* WebDataListSuggestionPicker.h in Headers */, > E568B91F20A3AB2F00E3C856 /* WebDataListSuggestionsDropdown.h in Headers */, >@@ -10900,6 +10900,8 @@ > 2684055218B86ED60022C38B /* ViewUpdateDispatcherMessageReceiver.cpp in Sources */, > 1A60224C18C16B9F00C3E8C9 /* VisitedLinkStoreMessageReceiver.cpp in Sources */, > 1A8E7D3C18C15149005A702A /* VisitedLinkTableControllerMessageReceiver.cpp in Sources */, >+ 57DCED6E2142EE5E0016B847 /* WebAuthenticatorCoordinatorMessageReceiver.cpp in Sources */, >+ 57DCED702142EE680016B847 /* WebAuthenticatorCoordinatorProxyMessageReceiver.cpp in Sources */, > 1C0A19571C90068F00FE0EBB /* WebAutomationSessionMessageReceiver.cpp in Sources */, > 1C0A19531C8FFDFB00FE0EBB /* WebAutomationSessionProxyMessageReceiver.cpp in Sources */, > 517CF0E3163A486C00C2950D /* WebCacheStorageConnectionMessageReceiver.cpp in Sources */, >@@ -10907,8 +10909,6 @@ > 330934471315B9220097A7BC /* WebCookieManagerMessageReceiver.cpp in Sources */, > 330934491315B9220097A7BC /* WebCookieManagerProxyMessageReceiver.cpp in Sources */, > 2D92A788212B6AB100F493FD /* WebCoreArgumentCoders.cpp in Sources */, >- 5760829C202D2C3C00116678 /* WebCredentialsMessengerMessageReceiver.cpp in Sources */, >- 5760829E202D2C4300116678 /* WebCredentialsMessengerProxyMessageReceiver.cpp in Sources */, > 2D92A789212B6AB100F493FD /* WebEvent.cpp in Sources */, > CD73BA4E131ACDB700EEDED2 /* WebFullScreenManagerMessageReceiver.cpp in Sources */, > CD73BA47131ACC9A00EEDED2 /* WebFullScreenManagerProxyMessageReceiver.cpp in Sources */, >diff --git a/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.cpp b/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.cpp >deleted file mode 100644 >index 2279d7efe1eba3160dbfc8d01de320ee4d1e1a4a..0000000000000000000000000000000000000000 >--- a/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.cpp >+++ /dev/null >@@ -1,90 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "WebCredentialsMessenger.h" >- >-#if ENABLE(WEB_AUTHN) >- >-#include "WebCredentialsMessengerMessages.h" >-#include "WebCredentialsMessengerProxyMessages.h" >-#include "WebPage.h" >-#include "WebProcess.h" >-#include <WebCore/PublicKeyCredentialCreationOptions.h> >-#include <WebCore/PublicKeyCredentialRequestOptions.h> >- >-namespace WebKit { >- >-WebCredentialsMessenger::WebCredentialsMessenger(WebPage& webPage) >- : m_webPage(webPage) >-{ >- WebProcess::singleton().addMessageReceiver(Messages::WebCredentialsMessenger::messageReceiverName(), m_webPage.pageID(), *this); >-} >- >-WebCredentialsMessenger::~WebCredentialsMessenger() >-{ >- WebProcess::singleton().removeMessageReceiver(*this); >-} >- >-void WebCredentialsMessenger::makeCredential(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialCreationOptions& options, WebCore::CreationCompletionHandler&& handler) >-{ >- auto messageId = addCreationCompletionHandler(WTFMove(handler)); >- m_webPage.send(Messages::WebCredentialsMessengerProxy::MakeCredential(messageId, hash, options)); >-} >- >-void WebCredentialsMessenger::getAssertion(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions& options, WebCore::RequestCompletionHandler&& handler) >-{ >- auto messageId = addRequestCompletionHandler(WTFMove(handler)); >- m_webPage.send(Messages::WebCredentialsMessengerProxy::GetAssertion(messageId, hash, options)); >-} >- >-void WebCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailable(WebCore::QueryCompletionHandler&& handler) >-{ >- auto messageId = addQueryCompletionHandler(WTFMove(handler)); >- m_webPage.send(Messages::WebCredentialsMessengerProxy::IsUserVerifyingPlatformAuthenticatorAvailable(messageId)); >-} >- >-void WebCredentialsMessenger::makeCredentialReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject) >-{ >- auto handler = takeCreationCompletionHandler(messageId); >- handler(WebCore::CreationReturnBundle(ArrayBuffer::create(credentialId.data(), credentialId.size()), ArrayBuffer::create(attestationObject.data(), attestationObject.size()))); >-} >- >-void WebCredentialsMessenger::getAssertionReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle) >-{ >- auto handler = takeRequestCompletionHandler(messageId); >- handler(WebCore::AssertionReturnBundle(ArrayBuffer::create(credentialId.data(), credentialId.size()), ArrayBuffer::create(authenticatorData.data(), authenticatorData.size()), ArrayBuffer::create(signature.data(), signature.size()), ArrayBuffer::create(userHandle.data(), userHandle.size()))); >-} >- >-void WebCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool result) >-{ >- auto handler = takeQueryCompletionHandler(messageId); >- handler(result); >-} >- >- >-} // namespace WebKit >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.h b/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.h >deleted file mode 100644 >index a0ca7e52e5415c3e3cbf5f3f4d584b491c82c2ff..0000000000000000000000000000000000000000 >--- a/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.h >+++ /dev/null >@@ -1,62 +0,0 @@ >-/* >- * Copyright (C) 2018 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >- * THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#pragma once >- >-#if ENABLE(WEB_AUTHN) >- >-#include "MessageReceiver.h" >-#include <WebCore/CredentialsMessenger.h> >- >-namespace WebKit { >- >-class WebPage; >- >-class WebCredentialsMessenger final : public WebCore::CredentialsMessenger, private IPC::MessageReceiver { >-public: >- explicit WebCredentialsMessenger(WebPage&); >- ~WebCredentialsMessenger(); >- >-private: >- // WebCore::CredentialsMessenger >- // Senders. >- void makeCredential(const Vector<uint8_t>&, const WebCore::PublicKeyCredentialCreationOptions&, WebCore::CreationCompletionHandler&&) final; >- void getAssertion(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions&, WebCore::RequestCompletionHandler&&) final; >- void isUserVerifyingPlatformAuthenticatorAvailable(WebCore::QueryCompletionHandler&&) final; >- >- // Receivers. >- void makeCredentialReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObject) final; >- void getAssertionReply(uint64_t messageId, const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle) final; >- void isUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool) final; >- >- // IPC::MessageReceiver. >- void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override; >- >- WebPage& m_webPage; >-}; >- >-} // namespace WebKit >- >-#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.messages.in b/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.messages.in >deleted file mode 100644 >index a6c8eeca7c473440184ff1991909f325bc6e7d1c..0000000000000000000000000000000000000000 >--- a/Source/WebKit/WebProcess/CredentialManagement/WebCredentialsMessenger.messages.in >+++ /dev/null >@@ -1,35 +0,0 @@ >-# Copyright (C) 2018 Apple Inc. All rights reserved. >-# >-# Redistribution and use in source and binary forms, with or without >-# modification, are permitted provided that the following conditions >-# are met: >-# 1. Redistributions of source code must retain the above copyright >-# notice, this list of conditions and the following disclaimer. >-# 2. Redistributions in binary form must reproduce the above copyright >-# notice, this list of conditions and the following disclaimer in the >-# documentation and/or other materials provided with the distribution. >-# >-# THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >-# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >-# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >-# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >-# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >-# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >-# THE POSSIBILITY OF SUCH DAMAGE. >-#/ >- >-#if ENABLE(WEB_AUTHN) >- >-messages -> WebCredentialsMessenger { >- >- ExceptionReply(uint64_t messageId, struct WebCore::ExceptionData exception); >- MakeCredentialReply(uint64_t messageId, Vector<uint8_t> credentialId, Vector<uint8_t> attestationObject); >- GetAssertionReply(uint64_t messageId, Vector<uint8_t> credentialId, Vector<uint8_t> authenticatorData, Vector<uint8_t> signature, Vector<uint8_t> userHandle); >- IsUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool result); >-} >- >-#endif >diff --git a/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp b/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp >new file mode 100644 >index 0000000000000000000000000000000000000000..90ba4c57c6414a878af27bdb583a07e5a424a8f2 >--- /dev/null >+++ b/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp >@@ -0,0 +1,75 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include "config.h" >+#include "WebAuthenticatorCoordinator.h" >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "WebAuthenticatorCoordinatorMessages.h" >+#include "WebAuthenticatorCoordinatorProxyMessages.h" >+#include "WebPage.h" >+#include "WebProcess.h" >+#include <WebCore/PublicKeyCredentialCreationOptions.h> >+#include <WebCore/PublicKeyCredentialRequestOptions.h> >+ >+namespace WebKit { >+ >+WebAuthenticatorCoordinator::WebAuthenticatorCoordinator(WebPage& webPage) >+ : m_webPage(webPage) >+{ >+ WebProcess::singleton().addMessageReceiver(Messages::WebAuthenticatorCoordinator::messageReceiverName(), m_webPage.pageID(), *this); >+} >+ >+WebAuthenticatorCoordinator::~WebAuthenticatorCoordinator() >+{ >+ WebProcess::singleton().removeMessageReceiver(*this); >+} >+ >+void WebAuthenticatorCoordinator::makeCredential(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialCreationOptions& options, WebCore::RequestCompletionHandler&& handler) >+{ >+ if (!setRequestCompletionHandler(WTFMove(handler))) >+ return; >+ >+ m_webPage.send(Messages::WebAuthenticatorCoordinatorProxy::MakeCredential(hash, options)); >+} >+ >+void WebAuthenticatorCoordinator::getAssertion(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions& options, WebCore::RequestCompletionHandler&& handler) >+{ >+ if (!setRequestCompletionHandler(WTFMove(handler))) >+ return; >+ >+ m_webPage.send(Messages::WebAuthenticatorCoordinatorProxy::GetAssertion(hash, options)); >+} >+ >+void WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(WebCore::QueryCompletionHandler&& handler) >+{ >+ auto messageId = addQueryCompletionHandler(WTFMove(handler)); >+ m_webPage.send(Messages::WebAuthenticatorCoordinatorProxy::IsUserVerifyingPlatformAuthenticatorAvailable(messageId)); >+} >+ >+} // namespace WebKit >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h b/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h >new file mode 100644 >index 0000000000000000000000000000000000000000..6bbc6b66ac578469ce385a997ba7650542377f4f >--- /dev/null >+++ b/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h >@@ -0,0 +1,57 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#if ENABLE(WEB_AUTHN) >+ >+#include "MessageReceiver.h" >+#include <WebCore/AuthenticatorCoordinatorClient.h> >+ >+namespace WebKit { >+ >+class WebPage; >+ >+class WebAuthenticatorCoordinator final : public WebCore::AuthenticatorCoordinatorClient, private IPC::MessageReceiver { >+public: >+ explicit WebAuthenticatorCoordinator(WebPage&); >+ ~WebAuthenticatorCoordinator(); >+ >+private: >+ // WebCore::AuthenticatorCoordinatorClient >+ // Senders. >+ void makeCredential(const Vector<uint8_t>&, const WebCore::PublicKeyCredentialCreationOptions&, WebCore::RequestCompletionHandler&&) final; >+ void getAssertion(const Vector<uint8_t>& hash, const WebCore::PublicKeyCredentialRequestOptions&, WebCore::RequestCompletionHandler&&) final; >+ void isUserVerifyingPlatformAuthenticatorAvailable(WebCore::QueryCompletionHandler&&) final; >+ >+ // IPC::MessageReceiver. >+ void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override; >+ >+ WebPage& m_webPage; >+}; >+ >+} // namespace WebKit >+ >+#endif // ENABLE(WEB_AUTHN) >diff --git a/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.messages.in b/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.messages.in >new file mode 100644 >index 0000000000000000000000000000000000000000..53ec1935199ffbd93e6c5b9f3966252275fafee1 >--- /dev/null >+++ b/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.messages.in >@@ -0,0 +1,33 @@ >+# Copyright (C) 2018 Apple Inc. All rights reserved. >+# >+# Redistribution and use in source and binary forms, with or without >+# modification, are permitted provided that the following conditions >+# are met: >+# 1. Redistributions of source code must retain the above copyright >+# notice, this list of conditions and the following disclaimer. >+# 2. Redistributions in binary form must reproduce the above copyright >+# notice, this list of conditions and the following disclaimer in the >+# documentation and/or other materials provided with the distribution. >+# >+# THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+# THE POSSIBILITY OF SUCH DAMAGE. >+#/ >+ >+#if ENABLE(WEB_AUTHN) >+ >+messages -> WebAuthenticatorCoordinator { >+ >+ RequestReply(struct WebCore::PublicKeyCredentialData data, struct WebCore::ExceptionData exception); >+ IsUserVerifyingPlatformAuthenticatorAvailableReply(uint64_t messageId, bool result); >+} >+ >+#endif >diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp >index 44deff1340f59ad9701e93b32a94d4f6d761a640..eb96588ec0cf0d35074fd5af3fe1d2a237b940e7 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebPage.cpp >+++ b/Source/WebKit/WebProcess/WebPage/WebPage.cpp >@@ -278,8 +278,8 @@ > #endif > > #if ENABLE(WEB_AUTHN) >-#include "WebCredentialsMessenger.h" >-#include <WebCore/AuthenticatorManager.h> >+#include "WebAuthenticatorCoordinator.h" >+#include <WebCore/AuthenticatorCoordinator.h> > #endif > > namespace WebKit { >@@ -392,9 +392,6 @@ WebPage::WebPage(uint64_t pageID, WebPageCreationParameters&& parameters) > , m_userInterfaceLayoutDirection(parameters.userInterfaceLayoutDirection) > , m_overrideContentSecurityPolicy { parameters.overrideContentSecurityPolicy } > , m_cpuLimit(parameters.cpuLimit) >-#if ENABLE(WEB_AUTHN) >- , m_credentialsMessenger(std::make_unique<WebCredentialsMessenger>(*this)) >-#endif > { > ASSERT(m_pageID); > >@@ -448,6 +445,10 @@ WebPage::WebPage(uint64_t pageID, WebPageCreationParameters&& parameters) > pageConfiguration.paymentCoordinatorClient = new WebPaymentCoordinator(*this); > #endif > >+#if ENABLE(WEB_AUTHN) >+ pageConfiguration.authenticatorCoordinatorClient = std::make_unique<WebAuthenticatorCoordinator>(*this); >+#endif >+ > #if ENABLE(APPLICATION_MANIFEST) > pageConfiguration.applicationManifest = parameters.applicationManifest; > #endif >@@ -605,10 +606,6 @@ WebPage::WebPage(uint64_t pageID, WebPageCreationParameters&& parameters) > #endif > #endif > >-#if ENABLE(WEB_AUTHN) >- WebCore::AuthenticatorManager::singleton().setMessenger(*m_credentialsMessenger); >-#endif >- > for (auto iterator : parameters.urlSchemeHandlers) > registerURLSchemeHandler(iterator.value, iterator.key); > >diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.h b/Source/WebKit/WebProcess/WebPage/WebPage.h >index 14499480293c5e42eaee87b75a435ee8d1fe508e..1ebb6d9e2462403c077c59b8291457afe2ce3031 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebPage.h >+++ b/Source/WebKit/WebProcess/WebPage/WebPage.h >@@ -226,7 +226,6 @@ class WebUserContentController; > class VideoFullscreenManager; > class WebWheelEvent; > class WebTouchEvent; >-class WebCredentialsMessenger; > class RemoteLayerTreeTransaction; > > enum class DeviceAccessState; >@@ -1735,10 +1734,6 @@ private: > HashMap<uint64_t, uint64_t> m_applicationManifestFetchCallbackMap; > #endif > >-#if ENABLE(WEB_AUTHN) >- std::unique_ptr<WebCredentialsMessenger> m_credentialsMessenger; >-#endif >- > bool m_isSuspended { false }; > }; > >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index 6debc2979c6634b7661a4858c15a2b64753da7f8..e8094c33ca6072cd2825bfc642b2e22a02be88df 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,14 @@ >+2018-09-08 Jiewen Tan <jiewen_tan@apple.com> >+ >+ [WebAuthN] Polish AuthenticatorManager and rename it to AuthenticatorCoordinator >+ https://bugs.webkit.org/show_bug.cgi?id=189277 >+ <rdar://problem/44115936> >+ >+ Reviewed by Chris Dumez. >+ >+ * TestWebKitAPI/Tests/ios/LocalAuthenticator.mm: >+ (TestWebKitAPI::TEST): >+ > 2018-09-02 Darin Adler <darin@apple.com> > > [Cocoa] Turn on ARC for WebKitTestRunner >diff --git a/Tools/TestWebKitAPI/Tests/ios/LocalAuthenticator.mm b/Tools/TestWebKitAPI/Tests/ios/LocalAuthenticator.mm >index 855b14fccdc74e3959f5d12d1442149e3313f2d7..cd63d739f64e42c6da16be7e7a168e6892bd7d3d 100644 >--- a/Tools/TestWebKitAPI/Tests/ios/LocalAuthenticator.mm >+++ b/Tools/TestWebKitAPI/Tests/ios/LocalAuthenticator.mm >@@ -38,6 +38,7 @@ > #import <WebCore/ExceptionData.h> > #import <WebCore/LocalAuthenticator.h> > #import <WebCore/PublicKeyCredentialCreationOptions.h> >+#import <WebCore/PublicKeyCredentialData.h> > #import <WebCore/PublicKeyCredentialRequestOptions.h> > #import <wtf/BlockPtr.h> > #import <wtf/text/Base64.h> >@@ -266,16 +267,17 @@ TEST(LocalAuthenticator, MakeCredentialNotSupportedPubKeyCredParams) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotSupportedError, exception.code); >- EXPECT_STREQ("The platform attached authenticator doesn't support any provided PublicKeyCredentialParameters.", exception.message.ascii().data()); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotSupportedError, exception.code); >+ EXPECT_STREQ("The platform attached authenticator doesn't support any provided PublicKeyCredentialParameters.", exception.message.ascii().data()); >+ done = true; >+ }); > }; >- authenticator->makeCredential({ }, creationOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->makeCredential({ }, creationOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -294,18 +296,19 @@ TEST(LocalAuthenticator, MakeCredentialExcludeCredentialsMatch) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- cleanUpKeychain(); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator.", exception.message.ascii().data()); >- cleanUpKeychain(); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ cleanUpKeychain(); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator.", exception.message.ascii().data()); >+ cleanUpKeychain(); >+ done = true; >+ }); > }; >- authenticator->makeCredential({ }, creationOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->makeCredential({ }, creationOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -319,16 +322,17 @@ TEST(LocalAuthenticator, MakeCredentialBiometricsNotEnrolled) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("No avaliable authenticators.", exception.message.ascii().data()); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("No avaliable authenticators.", exception.message.ascii().data()); >+ done = true; >+ }); > }; >- authenticator->makeCredential({ }, creationOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->makeCredential({ }, creationOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -343,16 +347,17 @@ TEST(LocalAuthenticator, MakeCredentialBiometricsNotAuthenticated) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("Couldn't get user consent.", exception.message.ascii().data()); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("Couldn't get user consent.", exception.message.ascii().data()); >+ done = true; >+ }); > }; >- authenticator->makeCredential({ }, creationOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->makeCredential({ }, creationOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -368,16 +373,17 @@ TEST(LocalAuthenticator, MakeCredentialNotAttestated) > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); > authenticator->setFailureFlag(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::UnknownError, exception.code); >- EXPECT_STREQ("Unknown internal error.", exception.message.ascii().data()); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::UnknownError, exception.code); >+ EXPECT_STREQ("Unknown internal error.", exception.message.ascii().data()); >+ done = true; >+ }); > }; >- authenticator->makeCredential({ }, creationOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->makeCredential({ }, creationOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -399,22 +405,23 @@ TEST(LocalAuthenticator, MakeCredentialDeleteOlderCredenital) > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); > authenticator->setFailureFlag(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData&) mutable { >- NSDictionary *query = @{ >- (id)kSecClass: (id)kSecClassKey, >- (id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate, >- (id)kSecAttrLabel: testRpId, >- (id)kSecAttrApplicationTag: [NSData dataWithBytes:testUserhandle length:sizeof(testUserhandle)], >- }; >- OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, NULL); >- EXPECT_EQ(errSecItemNotFound, status); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ NSDictionary *query = @{ >+ (id)kSecClass: (id)kSecClassKey, >+ (id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate, >+ (id)kSecAttrLabel: testRpId, >+ (id)kSecAttrApplicationTag: [NSData dataWithBytes:testUserhandle length:sizeof(testUserhandle)], >+ }; >+ OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, NULL); >+ EXPECT_EQ(errSecItemNotFound, status); >+ done = true; >+ }); > }; >- authenticator->makeCredential({ }, creationOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->makeCredential({ }, creationOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -432,103 +439,109 @@ TEST(LocalAuthenticator, MakeCredentialPassedWithSelfAttestation) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>& credentialId, const Vector<uint8_t>& attestationObjet) { >- // Check Keychain >- NSDictionary *query = @{ >- (id)kSecClass: (id)kSecClassKey, >- (id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate, >- (id)kSecAttrLabel: testRpId, >- (id)kSecAttrApplicationLabel: adoptNS([[NSData alloc] initWithBase64EncodedString:testCredentialIdBase64 options:NSDataBase64DecodingIgnoreUnknownCharacters]).get(), >- (id)kSecAttrApplicationTag: [NSData dataWithBytes:testUserhandle length:sizeof(testUserhandle)], >- }; >- OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, NULL); >- EXPECT_FALSE(status); >- >- // Check Credential ID >- EXPECT_TRUE(WTF::base64Encode(credentialId.data(), credentialId.size()) == testCredentialIdBase64); >- >- // Check Attestation Object >- auto attestationObjectMap = cbor::CBORReader::read(attestationObjet); >- ASSERT_TRUE(!!attestationObjectMap); >- >- // Check Authenticator Data. >- auto& authData = attestationObjectMap->getMap().find(cbor::CBORValue("authData"))->second.getByteString(); >- size_t pos = 0; >- uint8_t expectedRpIdHash[] = { >- 0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68, >- 0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b, >- 0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7, >- 0x99, 0x5c, 0xf3, 0xba, 0x83, 0x1d, 0x97, 0x63 >- }; >- EXPECT_FALSE(memcmp(authData.data() + pos, expectedRpIdHash, sizeof(expectedRpIdHash))); >- pos += sizeof(expectedRpIdHash); >- >- // FLAGS >- EXPECT_EQ(69, authData[pos]); >- pos++; >- >- uint32_t counter = -1; >- memcpy(&counter, authData.data() + pos, sizeof(uint32_t)); >- EXPECT_EQ(0u, counter); >- pos += sizeof(uint32_t); >- >- uint8_t expectedAAGUID[] = { >- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, >- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 >- }; >- EXPECT_FALSE(memcmp(authData.data() + pos, expectedAAGUID, sizeof(expectedAAGUID))); >- pos += sizeof(expectedAAGUID); >- >- uint16_t l = -1; >- memcpy(&l, authData.data() + pos, sizeof(uint16_t)); >- EXPECT_EQ(20u, l); >- pos += sizeof(uint16_t); >- >- EXPECT_FALSE(memcmp(authData.data() + pos, credentialId.data(), l)); >- pos += l; >- >- // Credential Public Key >- // FIXME(183536): The CBOR reader doesn't support negative integer as map key. Thus we couldn't utilzie it. >- EXPECT_STREQ("pQECAyYgASFYIDj/zxSkzKgaBuS3cdWDF558of8AaIpgFpsjF/Qm1749IlggVBJPgqUIwfhWHJ91nb7UPH76c0+WFOzZKslPyyFse4g=", WTF::base64Encode(authData.data() + pos, authData.size() - pos).ascii().data()); >- >- // Check Self Attestation >- EXPECT_STREQ("Apple", attestationObjectMap->getMap().find(cbor::CBORValue("fmt"))->second.getString().ascii().data()); >- >- auto& attStmt = attestationObjectMap->getMap().find(cbor::CBORValue("attStmt"))->second.getMap(); >- EXPECT_EQ(COSE::ES256, attStmt.find(cbor::CBORValue("alg"))->second.getNegative()); >- >- auto& sig = attStmt.find(cbor::CBORValue("sig"))->second.getByteString(); >- auto privateKey = getTestKey(); >- EXPECT_TRUE(SecKeyVerifySignature(SecKeyCopyPublicKey(privateKey.get()), kSecKeyAlgorithmECDSASignatureMessageX962SHA256, (__bridge CFDataRef)[NSData dataWithBytes:authData.data() length:authData.size()], (__bridge CFDataRef)[NSData dataWithBytes:sig.data() length:sig.size()], NULL)); >- >- // Check certificates >- auto& x5c = attStmt.find(cbor::CBORValue("x5c"))->second.getArray(); >- auto& attestationCertificateData = x5c[0].getByteString(); >- auto attestationCertificate = adoptCF(SecCertificateCreateWithData(NULL, (__bridge CFDataRef)[NSData dataWithBytes:attestationCertificateData.data() length:attestationCertificateData.size()])); >- CFStringRef commonName = nullptr; >- status = SecCertificateCopyCommonName(attestationCertificate.get(), &commonName); >- auto retainCommonName = adoptCF(commonName); >- ASSERT(!status); >- EXPECT_STREQ("00008010-000A49A230A0213A", [(NSString *)commonName cStringUsingEncoding: NSASCIIStringEncoding]); >- >- auto& attestationIssuingCACertificateData = x5c[1].getByteString(); >- auto attestationIssuingCACertificate = adoptCF(SecCertificateCreateWithData(NULL, (__bridge CFDataRef)[NSData dataWithBytes:attestationIssuingCACertificateData.data() length:attestationIssuingCACertificateData.size()])); >- commonName = nullptr; >- status = SecCertificateCopyCommonName(attestationIssuingCACertificate.get(), &commonName); >- retainCommonName = adoptCF(commonName); >- ASSERT(!status); >- EXPECT_STREQ("Basic Attestation User Sub CA1", [(NSString *)commonName cStringUsingEncoding: NSASCIIStringEncoding]); >- >- cleanUpKeychain(); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData&) mutable { >- EXPECT_FALSE(true); >- cleanUpKeychain(); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData& data) { >+ Vector<uint8_t> credentialId; >+ credentialId.append(reinterpret_cast<uint8_t*>(data.rawId->data()), data.rawId->byteLength()); >+ Vector<uint8_t> attestationObject; >+ attestationObject.append(reinterpret_cast<uint8_t*>(data.attestationObject->data()), data.attestationObject->byteLength()); >+ >+ // Check Keychain >+ NSDictionary *query = @{ >+ (id)kSecClass: (id)kSecClassKey, >+ (id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate, >+ (id)kSecAttrLabel: testRpId, >+ (id)kSecAttrApplicationLabel: adoptNS([[NSData alloc] initWithBase64EncodedString:testCredentialIdBase64 options:NSDataBase64DecodingIgnoreUnknownCharacters]).get(), >+ (id)kSecAttrApplicationTag: [NSData dataWithBytes:testUserhandle length:sizeof(testUserhandle)], >+ }; >+ OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, NULL); >+ EXPECT_FALSE(status); >+ >+ // Check Credential ID >+ EXPECT_TRUE(WTF::base64Encode(credentialId.data(), credentialId.size()) == testCredentialIdBase64); >+ >+ // Check Attestation Object >+ auto attestationObjectMap = cbor::CBORReader::read(attestationObject); >+ ASSERT_TRUE(!!attestationObjectMap); >+ >+ // Check Authenticator Data. >+ auto& authData = attestationObjectMap->getMap().find(cbor::CBORValue("authData"))->second.getByteString(); >+ size_t pos = 0; >+ uint8_t expectedRpIdHash[] = { >+ 0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68, >+ 0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b, >+ 0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7, >+ 0x99, 0x5c, 0xf3, 0xba, 0x83, 0x1d, 0x97, 0x63 >+ }; >+ EXPECT_FALSE(memcmp(authData.data() + pos, expectedRpIdHash, sizeof(expectedRpIdHash))); >+ pos += sizeof(expectedRpIdHash); >+ >+ // FLAGS >+ EXPECT_EQ(69, authData[pos]); >+ pos++; >+ >+ uint32_t counter = -1; >+ memcpy(&counter, authData.data() + pos, sizeof(uint32_t)); >+ EXPECT_EQ(0u, counter); >+ pos += sizeof(uint32_t); >+ >+ uint8_t expectedAAGUID[] = { >+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, >+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 >+ }; >+ EXPECT_FALSE(memcmp(authData.data() + pos, expectedAAGUID, sizeof(expectedAAGUID))); >+ pos += sizeof(expectedAAGUID); >+ >+ uint16_t l = -1; >+ memcpy(&l, authData.data() + pos, sizeof(uint16_t)); >+ EXPECT_EQ(20u, l); >+ pos += sizeof(uint16_t); >+ >+ EXPECT_FALSE(memcmp(authData.data() + pos, credentialId.data(), l)); >+ pos += l; >+ >+ // Credential Public Key >+ // FIXME(183536): The CBOR reader doesn't support negative integer as map key. Thus we couldn't utilzie it. >+ EXPECT_STREQ("pQECAyYgASFYIDj/zxSkzKgaBuS3cdWDF558of8AaIpgFpsjF/Qm1749IlggVBJPgqUIwfhWHJ91nb7UPH76c0+WFOzZKslPyyFse4g=", WTF::base64Encode(authData.data() + pos, authData.size() - pos).ascii().data()); >+ >+ // Check Self Attestation >+ EXPECT_STREQ("Apple", attestationObjectMap->getMap().find(cbor::CBORValue("fmt"))->second.getString().ascii().data()); >+ >+ auto& attStmt = attestationObjectMap->getMap().find(cbor::CBORValue("attStmt"))->second.getMap(); >+ EXPECT_EQ(COSE::ES256, attStmt.find(cbor::CBORValue("alg"))->second.getNegative()); >+ >+ auto& sig = attStmt.find(cbor::CBORValue("sig"))->second.getByteString(); >+ auto privateKey = getTestKey(); >+ EXPECT_TRUE(SecKeyVerifySignature(SecKeyCopyPublicKey(privateKey.get()), kSecKeyAlgorithmECDSASignatureMessageX962SHA256, (__bridge CFDataRef)[NSData dataWithBytes:authData.data() length:authData.size()], (__bridge CFDataRef)[NSData dataWithBytes:sig.data() length:sig.size()], NULL)); >+ >+ // Check certificates >+ auto& x5c = attStmt.find(cbor::CBORValue("x5c"))->second.getArray(); >+ auto& attestationCertificateData = x5c[0].getByteString(); >+ auto attestationCertificate = adoptCF(SecCertificateCreateWithData(NULL, (__bridge CFDataRef)[NSData dataWithBytes:attestationCertificateData.data() length:attestationCertificateData.size()])); >+ CFStringRef commonName = nullptr; >+ status = SecCertificateCopyCommonName(attestationCertificate.get(), &commonName); >+ auto retainCommonName = adoptCF(commonName); >+ ASSERT(!status); >+ EXPECT_STREQ("00008010-000A49A230A0213A", [(NSString *)commonName cStringUsingEncoding: NSASCIIStringEncoding]); >+ >+ auto& attestationIssuingCACertificateData = x5c[1].getByteString(); >+ auto attestationIssuingCACertificate = adoptCF(SecCertificateCreateWithData(NULL, (__bridge CFDataRef)[NSData dataWithBytes:attestationIssuingCACertificateData.data() length:attestationIssuingCACertificateData.size()])); >+ commonName = nullptr; >+ status = SecCertificateCopyCommonName(attestationIssuingCACertificate.get(), &commonName); >+ retainCommonName = adoptCF(commonName); >+ ASSERT(!status); >+ EXPECT_STREQ("Basic Attestation User Sub CA1", [(NSString *)commonName cStringUsingEncoding: NSASCIIStringEncoding]); >+ >+ cleanUpKeychain(); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_FALSE(true); >+ cleanUpKeychain(); >+ done = true; >+ }); > }; > Vector<uint8_t> hash(32); >- authenticator->makeCredential(hash, creationOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->makeCredential(hash, creationOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -544,16 +557,17 @@ TEST(LocalAuthenticator, GetAssertionAllowCredentialsMismatch1) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("No matched credentials are found in the platform attached authenticator.", exception.message.ascii().data()); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("No matched credentials are found in the platform attached authenticator.", exception.message.ascii().data()); >+ done = true; >+ }); > }; >- authenticator->getAssertion({ }, requestOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->getAssertion({ }, requestOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -566,16 +580,17 @@ TEST(LocalAuthenticator, GetAssertionAllowCredentialsMismatch2) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("No matched credentials are found in the platform attached authenticator.", exception.message.ascii().data()); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("No matched credentials are found in the platform attached authenticator.", exception.message.ascii().data()); >+ done = true; >+ }); > }; >- authenticator->getAssertion({ }, requestOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->getAssertion({ }, requestOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -595,18 +610,19 @@ TEST(LocalAuthenticator, GetAssertionAllowCredentialsMismatch3) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- cleanUpKeychain(); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("No matched credentials are found in the platform attached authenticator.", exception.message.ascii().data()); >- cleanUpKeychain(); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ cleanUpKeychain(); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("No matched credentials are found in the platform attached authenticator.", exception.message.ascii().data()); >+ cleanUpKeychain(); >+ done = true; >+ }); > }; >- authenticator->getAssertion({ }, requestOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->getAssertion({ }, requestOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -622,18 +638,19 @@ TEST(LocalAuthenticator, GetAssertionBiometricsNotEnrolled) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- cleanUpKeychain(); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("No avaliable authenticators.", exception.message.ascii().data()); >- cleanUpKeychain(); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ cleanUpKeychain(); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("No avaliable authenticators.", exception.message.ascii().data()); >+ cleanUpKeychain(); >+ done = true; >+ }); > }; >- authenticator->getAssertion({ }, requestOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->getAssertion({ }, requestOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -650,18 +667,19 @@ TEST(LocalAuthenticator, GetAssertionBiometricsNotAuthenticated) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done] (const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&, const Vector<uint8_t>&) { >- EXPECT_FALSE(true); >- cleanUpKeychain(); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_EQ(WebCore::NotAllowedError, exception.code); >- EXPECT_STREQ("Couldn't get user consent.", exception.message.ascii().data()); >- cleanUpKeychain(); >- done = true; >+ auto callback = [&done] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData&) { >+ EXPECT_FALSE(true); >+ cleanUpKeychain(); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_EQ(WebCore::NotAllowedError, exception.code); >+ EXPECT_STREQ("Couldn't get user consent.", exception.message.ascii().data()); >+ cleanUpKeychain(); >+ done = true; >+ }); > }; >- authenticator->getAssertion({ }, requestOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->getAssertion({ }, requestOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >@@ -680,48 +698,58 @@ TEST(LocalAuthenticator, GetAssertionPassed) > > bool done = false; > std::unique_ptr<TestLocalAuthenticator> authenticator = std::make_unique<TestLocalAuthenticator>(); >- auto callback = [&done, hash] (const Vector<uint8_t>& credentialId, const Vector<uint8_t>& authData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userhandle) { >- // Check Credential ID >- EXPECT_TRUE(WTF::base64Encode(credentialId.data(), credentialId.size()) == testCredentialIdBase64); >- >- // Check Authenticator Data. >- size_t pos = 0; >- uint8_t expectedRpIdHash[] = { >- 0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68, >- 0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b, >- 0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7, >- 0x99, 0x5c, 0xf3, 0xba, 0x83, 0x1d, 0x97, 0x63 >- }; >- EXPECT_FALSE(memcmp(authData.data() + pos, expectedRpIdHash, sizeof(expectedRpIdHash))); >- pos += sizeof(expectedRpIdHash); >- >- // FLAGS >- EXPECT_EQ(5, authData[pos]); >- pos++; >- >- uint32_t counter = -1; >- memcpy(&counter, authData.data() + pos, sizeof(uint32_t)); >- EXPECT_EQ(0u, counter); >- >- // Check signature >- auto privateKey = getTestKey(); >- Vector<uint8_t> dataToSign(authData); >- dataToSign.appendVector(hash); >- EXPECT_TRUE(SecKeyVerifySignature(SecKeyCopyPublicKey(privateKey.get()), kSecKeyAlgorithmECDSASignatureMessageX962SHA256, (__bridge CFDataRef)[NSData dataWithBytes:dataToSign.data() length:dataToSign.size()], (__bridge CFDataRef)[NSData dataWithBytes:signature.data() length:signature.size()], NULL)); >- >- // Check User Handle >- EXPECT_EQ(userhandle.size(), sizeof(testUserhandle)); >- EXPECT_FALSE(memcmp(userhandle.data(), testUserhandle, sizeof(testUserhandle))); >- >- cleanUpKeychain(); >- done = true; >- }; >- auto exceptionCallback = [&done] (const WebCore::ExceptionData& exception) mutable { >- EXPECT_FALSE(true); >- cleanUpKeychain(); >- done = true; >+ auto callback = [&done, hash] (Variant<WebCore::PublicKeyCredentialData, WebCore::ExceptionData>&& result) { >+ WTF::switchOn(result, [&](const WebCore::PublicKeyCredentialData& data) { >+ Vector<uint8_t> credentialId; >+ credentialId.append(reinterpret_cast<uint8_t*>(data.rawId->data()), data.rawId->byteLength()); >+ Vector<uint8_t> authData; >+ authData.append(reinterpret_cast<uint8_t*>(data.authenticatorData->data()), data.authenticatorData->byteLength()); >+ Vector<uint8_t> signature; >+ signature.append(reinterpret_cast<uint8_t*>(data.signature->data()), data.signature->byteLength()); >+ Vector<uint8_t> userhandle; >+ userhandle.append(reinterpret_cast<uint8_t*>(data.userHandle->data()), data.userHandle->byteLength()); >+ >+ // Check Credential ID >+ EXPECT_TRUE(WTF::base64Encode(credentialId.data(), credentialId.size()) == testCredentialIdBase64); >+ >+ // Check Authenticator Data. >+ size_t pos = 0; >+ uint8_t expectedRpIdHash[] = { >+ 0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68, >+ 0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b, >+ 0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7, >+ 0x99, 0x5c, 0xf3, 0xba, 0x83, 0x1d, 0x97, 0x63 >+ }; >+ EXPECT_FALSE(memcmp(authData.data() + pos, expectedRpIdHash, sizeof(expectedRpIdHash))); >+ pos += sizeof(expectedRpIdHash); >+ >+ // FLAGS >+ EXPECT_EQ(5, authData[pos]); >+ pos++; >+ >+ uint32_t counter = -1; >+ memcpy(&counter, authData.data() + pos, sizeof(uint32_t)); >+ EXPECT_EQ(0u, counter); >+ >+ // Check signature >+ auto privateKey = getTestKey(); >+ Vector<uint8_t> dataToSign(authData); >+ dataToSign.appendVector(hash); >+ EXPECT_TRUE(SecKeyVerifySignature(SecKeyCopyPublicKey(privateKey.get()), kSecKeyAlgorithmECDSASignatureMessageX962SHA256, (__bridge CFDataRef)[NSData dataWithBytes:dataToSign.data() length:dataToSign.size()], (__bridge CFDataRef)[NSData dataWithBytes:signature.data() length:signature.size()], NULL)); >+ >+ // Check User Handle >+ EXPECT_EQ(userhandle.size(), sizeof(testUserhandle)); >+ EXPECT_FALSE(memcmp(userhandle.data(), testUserhandle, sizeof(testUserhandle))); >+ >+ cleanUpKeychain(); >+ done = true; >+ }, [&](const WebCore::ExceptionData& exception) { >+ EXPECT_FALSE(true); >+ cleanUpKeychain(); >+ done = true; >+ }); > }; >- authenticator->getAssertion(hash, requestOptions, WTFMove(callback), WTFMove(exceptionCallback)); >+ authenticator->getAssertion(hash, requestOptions, WTFMove(callback)); > > TestWebKitAPI::Util::run(&done); > } >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 9caf072bc0c85baf1ae463b76050a7aa6738a3cd..69a9f667e5b6b878f5ee41b9f6eeac2557cbe4c7 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,19 @@ >+2018-09-08 Jiewen Tan <jiewen_tan@apple.com> >+ >+ [WebAuthN] Polish AuthenticatorManager and rename it to AuthenticatorCoordinator >+ https://bugs.webkit.org/show_bug.cgi?id=189277 >+ <rdar://problem/44115936> >+ >+ Reviewed by Chris Dumez. >+ >+ * http/wpt/credential-management/credentialscontainer-store-basics.https.html: >+ * http/wpt/webauthn/idl.https.html: >+ * http/wpt/webauthn/public-key-credential-create-failure.https.html: >+ * http/wpt/webauthn/public-key-credential-create-success.https.html: >+ * http/wpt/webauthn/public-key-credential-get-failure.https.html: >+ * http/wpt/webauthn/public-key-credential-get-success.https.html: >+ * http/wpt/webauthn/public-key-is-user-verifying-platform-authenticator-available.html: >+ > 2018-09-08 Andy Estes <aestes@apple.com> > > [Apple Pay] Dispatch a paymentmethodchange event when the payment method changes >diff --git a/LayoutTests/http/wpt/credential-management/credentialscontainer-store-basics.https.html b/LayoutTests/http/wpt/credential-management/credentialscontainer-store-basics.https.html >index 19888254730f16832a02599cc9d05be458604121..23691350c05ece0087e52ecdc8184e0ddfde79e5 100644 >--- a/LayoutTests/http/wpt/credential-management/credentialscontainer-store-basics.https.html >+++ b/LayoutTests/http/wpt/credential-management/credentialscontainer-store-basics.https.html >@@ -42,7 +42,7 @@ > } > }; > // A mock attestation object >- internals.mockCredentialsMessenger.setCreationReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01')); >+ internals.mockAuthenticatorCoordinator.setCreationReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01')); > const credential = await navigator.credentials.create(options); > > return promise_rejects(t, "NotSupportedError", >diff --git a/LayoutTests/http/wpt/webauthn/idl.https.html b/LayoutTests/http/wpt/webauthn/idl.https.html >index 9c2c7f3136481a7963252f5d9b3e76f83b925176..ce71885912e127df13279c6f4534bf2cc12aa7fa 100644 >--- a/LayoutTests/http/wpt/webauthn/idl.https.html >+++ b/LayoutTests/http/wpt/webauthn/idl.https.html >@@ -52,7 +52,7 @@ promise_test(async () => { > } > }; > // A mock attestation object >- internals.mockCredentialsMessenger.setCreationReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01')); >+ internals.mockAuthenticatorCoordinator.setCreationReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01')); > createdCredential = await navigator.credentials.create(creationOptions); > > >@@ -62,7 +62,7 @@ promise_test(async () => { > } > }; > // A mock assertion return bundle. >- internals.mockCredentialsMessenger.setAssertionReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01'), hexStringToUint8Array('02'), hexStringToUint8Array('03')); >+ internals.mockAuthenticatorCoordinator.setAssertionReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01'), hexStringToUint8Array('02'), hexStringToUint8Array('03')); > requestedCredential = await navigator.credentials.get(requestOptions); > > idlArray.add_objects({"PublicKeyCredential": ["createdCredential"], "AuthenticatorAttestationResponse": ["createdCredential.response"], "AuthenticatorAssertionResponse": ["requestedCredential.response"]}); >diff --git a/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html b/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html >index bb5548c90d0bcd0571b463ceedc987c535541fb3..45077a3cf9d3371fec6ff6b8bda5b27d2d8416d1 100644 >--- a/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html >+++ b/LayoutTests/http/wpt/webauthn/public-key-credential-create-failure.https.html >@@ -20,7 +20,7 @@ > timeout: 0, > } > }; >- internals.mockCredentialsMessenger.setDidTimeOut(); >+ internals.mockAuthenticatorCoordinator.setDidTimeOut(); > > return promise_rejects(t, "NotAllowedError", > navigator.credentials.create(options)); >@@ -82,7 +82,7 @@ > pubKeyCredParams: [{ type: "public-key", alg: -7 }], > } > }; >- internals.mockCredentialsMessenger.setDidUserCancel(); >+ internals.mockAuthenticatorCoordinator.setDidUserCancel(); > > return promise_rejects(t, "NotAllowedError", > navigator.credentials.create(options)); >diff --git a/LayoutTests/http/wpt/webauthn/public-key-credential-create-success.https.html b/LayoutTests/http/wpt/webauthn/public-key-credential-create-success.https.html >index ab4fcc082d1a0bcdfba82b0abcec3ff6da170680..69968c3f4edc1f1d6215bf2e9aebd956db358514 100644 >--- a/LayoutTests/http/wpt/webauthn/public-key-credential-create-success.https.html >+++ b/LayoutTests/http/wpt/webauthn/public-key-credential-create-success.https.html >@@ -20,7 +20,7 @@ > } > }; > // A mock attestation object >- internals.mockCredentialsMessenger.setCreationReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01')); >+ internals.mockAuthenticatorCoordinator.setCreationReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01')); > > return navigator.credentials.create(options).then(function(credential) { > assert_equals(credential.id, 'AA'); >diff --git a/LayoutTests/http/wpt/webauthn/public-key-credential-get-failure.https.html b/LayoutTests/http/wpt/webauthn/public-key-credential-get-failure.https.html >index 512bb2dad164cd238db142ef333488d070367e52..0d4c04525670352ef37c87f60df23321c3de72a3 100644 >--- a/LayoutTests/http/wpt/webauthn/public-key-credential-get-failure.https.html >+++ b/LayoutTests/http/wpt/webauthn/public-key-credential-get-failure.https.html >@@ -11,7 +11,7 @@ > timeout: 0, > } > }; >- internals.mockCredentialsMessenger.setDidTimeOut(); >+ internals.mockAuthenticatorCoordinator.setDidTimeOut(); > > return promise_rejects(t, "NotAllowedError", > navigator.credentials.get(options)); >@@ -35,7 +35,7 @@ > allowCredentials: [{ type: "public-key", id: asciiToUint8Array("123456") }], > } > }; >- internals.mockCredentialsMessenger.setDidUserCancel(); >+ internals.mockAuthenticatorCoordinator.setDidUserCancel(); > > return promise_rejects(t, "NotAllowedError", > navigator.credentials.get(options)); >diff --git a/LayoutTests/http/wpt/webauthn/public-key-credential-get-success.https.html b/LayoutTests/http/wpt/webauthn/public-key-credential-get-success.https.html >index 2e5ec88213c6e64e73f6c25e28bfa0dd73fd1cf4..f3fd1564aed4ee551131cc6852731fc828737a4a 100644 >--- a/LayoutTests/http/wpt/webauthn/public-key-credential-get-success.https.html >+++ b/LayoutTests/http/wpt/webauthn/public-key-credential-get-success.https.html >@@ -12,7 +12,7 @@ > } > }; > // A mock assertion return bundle. >- internals.mockCredentialsMessenger.setAssertionReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01'), hexStringToUint8Array('02'), hexStringToUint8Array('03')); >+ internals.mockAuthenticatorCoordinator.setAssertionReturnBundle(hexStringToUint8Array('00'), hexStringToUint8Array('01'), hexStringToUint8Array('02'), hexStringToUint8Array('03')); > > return navigator.credentials.get(options).then(function(credential) { > assert_equals(credential.id, 'AA'); >diff --git a/LayoutTests/http/wpt/webauthn/public-key-is-user-verifying-platform-authenticator-available.html b/LayoutTests/http/wpt/webauthn/public-key-is-user-verifying-platform-authenticator-available.html >index da8e5345960f9d4c6264edac3991d220554efe97..181d33a4f8f9843afd8a28385c9e898ce86c09ec 100644 >--- a/LayoutTests/http/wpt/webauthn/public-key-is-user-verifying-platform-authenticator-available.html >+++ b/LayoutTests/http/wpt/webauthn/public-key-is-user-verifying-platform-authenticator-available.html >@@ -4,7 +4,7 @@ > <script src="/resources/testharnessreport.js"></script> > <script> > promise_test(function(t) { >- internals.mockCredentialsMessenger; >+ internals.mockAuthenticatorCoordinator; > > return PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable().then(function(result) { > assert_equals(result, false); >@@ -12,7 +12,7 @@ > }, "PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable() without any available authenticators."); > > promise_test(function(t) { >- internals.mockCredentialsMessenger.setDidUserVerifyingPlatformAuthenticatorPresent(); >+ internals.mockAuthenticatorCoordinator.setDidUserVerifyingPlatformAuthenticatorPresent(); > > return PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable().then(function(result) { > assert_equals(result, true);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=349336">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 189277
:
349266
|
349274
|
349318
|
349336
|
349347