Changeset 227589 in webkit
- Timestamp:
- Jan 24, 2018 5:28:47 PM (6 years ago)
- Location:
- trunk
- Files:
-
- 8 added
- 15 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r227581 r227589 1 2018-01-24 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthN] Implement PublicKeyCredential’s [[DiscoverFromExternalSource]] with a dummy authenticator 4 https://bugs.webkit.org/show_bug.cgi?id=182032 5 <rdar://problem/36459922> 6 7 Reviewed by Brent Fulgham. 8 9 * http/tests/webauthn/public-key-credential-get-with-invalid-parameters.https-expected.txt: Added. 10 * http/tests/webauthn/public-key-credential-get-with-invalid-parameters.https.html: Added. 11 * http/tests/webauthn/public-key-credential-same-origin-with-ancestors-2.https-expected.txt: 12 * http/tests/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt: 13 * http/tests/webauthn/resources/last-layer-frame.https.html: 14 * http/wpt/credential-management/credentialscontainer-store-basics.https-expected.txt: Added. 15 * http/wpt/credential-management/credentialscontainer-store-basics.https.html: Added. 16 * http/wpt/webauthn/idl.https-expected.txt: 17 * http/wpt/webauthn/idl.https.html: 18 * http/wpt/webauthn/public-key-credential-create-success.https.html: 19 * http/wpt/webauthn/public-key-credential-get-failure.https-expected.txt: Added. 20 * http/wpt/webauthn/public-key-credential-get-failure.https.html: Added. 21 * http/wpt/webauthn/public-key-credential-get-success.https-expected.txt: Added. 22 * http/wpt/webauthn/public-key-credential-get-success.https.html: Added. 23 1 24 2018-01-24 Youenn Fablet <youenn@apple.com> 2 25 -
trunk/LayoutTests/http/tests/webauthn/public-key-credential-same-origin-with-ancestors-2.https-expected.txt
r227382 r227589 4 4 5 5 6 PASS Throw NotAllowedError .6 PASS Throw NotAllowedError for both PublicKeyCredential's [[create]] and [[get]]. 7 7 PASS successfullyParsed is true 8 8 -
trunk/LayoutTests/http/tests/webauthn/public-key-credential-same-origin-with-ancestors.https-expected.txt
r227382 r227589 4 4 5 5 6 PASS Throw NotAllowedError .6 PASS Throw NotAllowedError for both PublicKeyCredential's [[create]] and [[get]]. 7 7 PASS successfullyParsed is true 8 8 -
trunk/LayoutTests/http/tests/webauthn/resources/last-layer-frame.https.html
r227382 r227589 8 8 } 9 9 10 const options = {10 const makeOptions = { 11 11 publicKey: { 12 12 rp: { … … 16 16 name: "John Appleseed", 17 17 id: asciiToUint8Array("123456"), 18 displayName: " John",18 displayName: "Appleseed", 19 19 }, 20 20 challenge: asciiToUint8Array("123456"), … … 22 22 } 23 23 }; 24 navigator.credentials.create(options).then( 24 const requestOptions = { 25 publicKey: { 26 challenge: asciiToUint8Array("123456"), 27 } 28 }; 29 30 navigator.credentials.create(makeOptions).then( 25 31 function(value) { 26 32 messageToTop("Access granted. " + value); … … 28 34 function(exception) { 29 35 if (exception.name == "NotAllowedError") 30 messageToTop("PASS Throw NotAllowedError.");36 return navigator.credentials.get(requestOptions) 31 37 else 32 38 messageToTop("Throw " + exception.name + "."); 33 39 } 34 ); 40 ).then(function(value) { 41 messageToTop("Access granted. " + value); 42 }, 43 function(exception) { 44 if (exception.name == "NotAllowedError") 45 messageToTop("PASS Throw NotAllowedError for both PublicKeyCredential's [[create]] and [[get]]."); 46 else 47 messageToTop("Throw " + exception.name + "."); 48 }); 35 49 </script> 36 50 </head> -
trunk/LayoutTests/http/wpt/webauthn/idl.https-expected.txt
r227382 r227589 21 21 PASS PublicKeyCredential interface: operation getClientExtensionResults() 22 22 PASS PublicKeyCredential interface: operation isUserVerifyingPlatformAuthenticatorAvailable() 23 PASS PublicKeyCredential must be primary interface of cre dential24 PASS Stringification of cre dential25 PASS PublicKeyCredential interface: cre dential must inherit property "rawId" with the proper type26 PASS PublicKeyCredential interface: cre dential must inherit property "response" with the proper type27 PASS PublicKeyCredential interface: cre dential must inherit property "getClientExtensionResults()" with the proper type28 PASS PublicKeyCredential interface: cre dential must inherit property "isUserVerifyingPlatformAuthenticatorAvailable()" with the proper type29 PASS Credential interface: cre dential must inherit property "id" with the proper type30 PASS Credential interface: cre dential must inherit property "type" with the proper type23 PASS PublicKeyCredential must be primary interface of createdCredential 24 PASS Stringification of createdCredential 25 PASS PublicKeyCredential interface: createdCredential must inherit property "rawId" with the proper type 26 PASS PublicKeyCredential interface: createdCredential must inherit property "response" with the proper type 27 PASS PublicKeyCredential interface: createdCredential must inherit property "getClientExtensionResults()" with the proper type 28 PASS PublicKeyCredential interface: createdCredential must inherit property "isUserVerifyingPlatformAuthenticatorAvailable()" with the proper type 29 PASS Credential interface: createdCredential must inherit property "id" with the proper type 30 PASS Credential interface: createdCredential must inherit property "type" with the proper type 31 31 PASS AuthenticatorResponse interface: existence and properties of interface object 32 32 PASS AuthenticatorResponse interface object length … … 41 41 PASS AuthenticatorAttestationResponse interface: existence and properties of interface prototype object's "constructor" property 42 42 PASS AuthenticatorAttestationResponse interface: attribute attestationObject 43 PASS AuthenticatorAttestationResponse must be primary interface of cre dential.response44 PASS Stringification of cre dential.response45 PASS AuthenticatorAttestationResponse interface: cre dential.response must inherit property "attestationObject" with the proper type46 PASS AuthenticatorResponse interface: cre dential.response must inherit property "clientDataJSON" with the proper type43 PASS AuthenticatorAttestationResponse must be primary interface of createdCredential.response 44 PASS Stringification of createdCredential.response 45 PASS AuthenticatorAttestationResponse interface: createdCredential.response must inherit property "attestationObject" with the proper type 46 PASS AuthenticatorResponse interface: createdCredential.response must inherit property "clientDataJSON" with the proper type 47 47 PASS AuthenticatorAssertionResponse interface: existence and properties of interface object 48 48 PASS AuthenticatorAssertionResponse interface object length … … 53 53 PASS AuthenticatorAssertionResponse interface: attribute signature 54 54 PASS AuthenticatorAssertionResponse interface: attribute userHandle 55 PASS AuthenticatorAssertionResponse must be primary interface of requestedCredential.response 56 PASS Stringification of requestedCredential.response 57 PASS AuthenticatorAssertionResponse interface: requestedCredential.response must inherit property "authenticatorData" with the proper type 58 PASS AuthenticatorAssertionResponse interface: requestedCredential.response must inherit property "signature" with the proper type 59 PASS AuthenticatorAssertionResponse interface: requestedCredential.response must inherit property "userHandle" with the proper type 60 PASS AuthenticatorResponse interface: requestedCredential.response must inherit property "clientDataJSON" with the proper type 55 61 -
trunk/LayoutTests/http/wpt/webauthn/idl.https.html
r227382 r227589 36 36 idlArray.add_idls(idlText); 37 37 38 const options = {38 const creationOptions = { 39 39 publicKey: { 40 40 rp: { … … 50 50 } 51 51 }; 52 cre dential = await navigator.credentials.create(options);52 createdCredential = await navigator.credentials.create(creationOptions); 53 53 54 idlArray.add_objects({"PublicKeyCredential": ["credential"], "AuthenticatorAttestationResponse": ["credential.response"]}); 54 55 const requestOptions = { 56 publicKey: { 57 challenge: Base64URL.parse("MTIzNDU2"), 58 } 59 }; 60 requestedCredential = await navigator.credentials.get(requestOptions); 61 62 idlArray.add_objects({"PublicKeyCredential": ["createdCredential"], "AuthenticatorAttestationResponse": ["createdCredential.response"], "AuthenticatorAssertionResponse": ["requestedCredential.response"]}); 55 63 idlArray.test(); 56 64 }, "Setup for WebAuthN API IDL tests."); -
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-create-success.https.html
r227382 r227589 31 31 try { 32 32 assert_throws("NotSupportedError", credential.getClientExtensionResults()); 33 } catch { }33 } catch(error) { } 34 34 }); 35 35 }, "PublicKeyCredential's [[create]] with minimum options"); -
trunk/Source/WebCore/ChangeLog
r227588 r227589 1 2018-01-24 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthN] Implement PublicKeyCredential’s [[DiscoverFromExternalSource]] with a dummy authenticator 4 https://bugs.webkit.org/show_bug.cgi?id=182032 5 <rdar://problem/36459922> 6 7 Reviewed by Brent Fulgham. 8 9 This patch implements PublicKeyCredential's [[DiscoverFromExternalSource]] from 10 https://www.w3.org/TR/webauthn/#getAssertion as of 5 December 2017. In order to 11 do testing, a dummy authenticator is implemented to exercise a failure and a 12 pass path. A number of dependencies need to be resolved later in order to comply 13 with the spec, which are marked by FIXME in the patch and tracked by proper 14 bugs. Those dependencies will be addressed once the first prototype is finshed. 15 16 Tests: http/tests/webauthn/public-key-credential-get-with-invalid-parameters.https.html 17 http/wpt/credential-management/credentialscontainer-store-basics.https.html 18 http/wpt/webauthn/public-key-credential-get-failure.https.html 19 http/wpt/webauthn/public-key-credential-get-success.https.html 20 21 * Modules/credentialmanagement/CredentialsContainer.cpp: 22 (WebCore::CredentialsContainer::get): 23 (WebCore::CredentialsContainer::isCreate): 24 Fixes some minor issues. 25 * Modules/webauthn/Authenticator.cpp: 26 (WebCore::Authenticator::getAssertion const): 27 * Modules/webauthn/Authenticator.h: 28 (WebCore::Authenticator::AssertionReturnBundle::AssertionReturnBundle): 29 * Modules/webauthn/PublicKeyCredential.cpp: 30 (WebCore::PublicKeyCredential::collectFromCredentialStore): 31 Changed a parameter type. 32 (WebCore::PublicKeyCredential::discoverFromExternalSource): 33 (WebCore::PublicKeyCredential::create): 34 Improved some comments. 35 * Modules/webauthn/PublicKeyCredential.h: 36 * Modules/webauthn/PublicKeyCredentialRequestOptions.h: 37 (): Deleted. 38 * bindings/js/JSAuthenticatorResponseCustom.cpp: 39 (WebCore::toJSNewlyCreated): 40 1 41 2018-01-24 Dean Jackson <dino@apple.com> 2 42 -
trunk/Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp
r227382 r227589 72 72 } 73 73 74 // FIXME : Since the underlying authenticator model is not clear at this moment, the timer is moved to CredentialsContainer such that74 // FIXME(181946): Since the underlying authenticator model is not clear at this moment, the timer is moved to CredentialsContainer such that 75 75 // timer can stay with main thread and therefore can easily time out activities on the work queue. 76 // https://bugs.webkit.org/show_bug.cgi?id=181946. 77 // FIXME: The usages of AbortSignal are also moved here for the very same reason. Also the AbortSignal is kind of bogus at this moment 76 // FIXME(181945): The usages of AbortSignal are also moved here for the very same reason. Also the AbortSignal is kind of bogus at this moment 78 77 // since it doesn't support observers (or other means) to trigger the actual abort action. Enhancement to AbortSignal is needed. 79 // https://bugs.webkit.org/show_bug.cgi?id=181945.80 78 template<typename OperationType> 81 79 void CredentialsContainer::dispatchTask(OperationType&& operation, Ref<DeferredPromise>&& promise, std::optional<unsigned long> timeOutInMs) … … 87 85 auto* promiseIndex = promise.ptr(); 88 86 auto weakThis = m_weakPtrFactory.createWeakPtr(*this); 89 // FIXME: We should probably trim timeOutInMs to some max allowable number. 90 // https://bugs.webkit.org/show_bug.cgi?id=181947 87 // FIXME(181947): We should probably trim timeOutInMs to some max allowable number. 91 88 if (timeOutInMs) { 92 89 auto pendingPromise = PendingPromise::create(WTFMove(promise), std::make_unique<Timer>([promiseIndex, weakThis] () { … … 111 108 if (result.hasException()) 112 109 promise.value()->promise->reject(result.releaseException()); 113 else { 114 // FIXME: Got some crazy compile error when I was trying to pass RHS to the resolve method. 115 RefPtr<BasicCredential> credential = result.releaseReturnValue(); 116 promise.value()->promise->resolve<IDLNullable<IDLInterface<BasicCredential>>>(credential.get()); 117 } 110 else 111 promise.value()->promise->resolve<IDLNullable<IDLInterface<BasicCredential>>>(result.returnValue().get()); 118 112 } 119 113 } … … 125 119 void CredentialsContainer::get(CredentialRequestOptions&& options, Ref<DeferredPromise>&& promise) 126 120 { 121 // The following implements https://www.w3.org/TR/credential-management-1/#algorithm-request as of 4 August 2017 122 // with enhancement from 14 November 2017 Editor's Draft. 127 123 // FIXME: Optional options are passed with no contents. It should be std::optional. 128 124 if ((!options.signal && !options.publicKey) || !m_document) { … … 134 130 return; 135 131 } 132 // Step 1-2. 136 133 ASSERT(m_document->isSecureContext()); 137 134 138 // The followings is a shortcut to https://www.w3.org/TR/credential-management-1/#algorithm-request, 139 // as we only support PublicKeyCredential which can only be requested from [[discoverFromExternalSource]]. 135 // Step 3 is enhanced with doesHaveSameOriginAsItsAncestors. 136 // Step 4-6. Shortcut as we only support PublicKeyCredential which can only 137 // be requested from [[discoverFromExternalSource]]. 140 138 if (!options.publicKey) { 141 139 promise->reject(Exception { NotSupportedError }); … … 143 141 } 144 142 145 auto operation = [options = WTFMove(options)] (const SecurityOrigin& origin, bool isSameOriginWithItsAncestors) { 143 auto timeout = options.publicKey->timeout; 144 auto operation = [options = WTFMove(options.publicKey.value())] (const SecurityOrigin& origin, bool isSameOriginWithItsAncestors) { 146 145 return PublicKeyCredential::discoverFromExternalSource(origin, options, isSameOriginWithItsAncestors); 147 146 }; 148 dispatchTask(WTFMove(operation), WTFMove(promise), options.publicKey->timeout);147 dispatchTask(WTFMove(operation), WTFMove(promise), timeout); 149 148 } 150 149 … … 182 181 return PublicKeyCredential::create(origin, options, isSameOriginWithItsAncestors); 183 182 }; 184 dispatchTask(WTFMove(operation), WTFMove(promise), options.publicKey->timeout);183 dispatchTask(WTFMove(operation), WTFMove(promise), timeout); 185 184 } 186 185 -
trunk/Source/WebCore/Modules/webauthn/Authenticator.cpp
r227382 r227589 27 27 #include "Authenticator.h" 28 28 29 #include <AuthenticatorAttestationResponse.h> 30 #include <wtf/CurrentTime.h> 29 31 #include <wtf/NeverDestroyed.h> 30 32 … … 56 58 } 57 59 60 ExceptionOr<Authenticator::AssertionReturnBundle> Authenticator::getAssertion(const String&, const Vector<uint8_t>& hash, const Vector<PublicKeyCredentialDescriptor>& allowCredentialIds) const 61 { 62 // The followings is just a dummy implementaion to support initial development. 63 // User cancellation is effecively NotAllowedError. 64 if (!allowCredentialIds.isEmpty()) 65 return Exception { NotAllowedError }; 66 67 // FIXME: Delay processing for 0.1 seconds to simulate a timeout condition. This code will be removed 68 // when the full test infrastructure is set up. 69 WTF::sleep(0.1); 70 71 // Fill all parts with hash 72 return AssertionReturnBundle(ArrayBuffer::create(hash.data(), hash.size()), ArrayBuffer::create(hash.data(), hash.size()), ArrayBuffer::create(hash.data(), hash.size()), ArrayBuffer::create(hash.data(), hash.size())); 73 } 74 58 75 } // namespace WebCore -
trunk/Source/WebCore/Modules/webauthn/Authenticator.h
r227382 r227589 33 33 namespace WebCore { 34 34 35 // FIXME : Consider moving all static methods from PublicKeyCredential to here and making this35 // FIXME(181946): Consider moving all static methods from PublicKeyCredential to here and making this 36 36 // as an authenticator manager that controls all authenticator activities, mostly likely asnyc 37 37 // for attestations. … … 40 40 friend class NeverDestroyed<Authenticator>; 41 41 public: 42 // FIXME(181946): After moving all static methods from PublicKeyCredential to here, we will probably 43 // return PublicKeyCredential directly and get rid of the following return type. 44 struct AssertionReturnBundle { 45 AssertionReturnBundle(Ref<ArrayBuffer>&& id, Ref<ArrayBuffer>&& data, Ref<ArrayBuffer>&& sig, Ref<ArrayBuffer>&& handle) 46 : credentialID(WTFMove(id)) 47 , authenticatorData(WTFMove(data)) 48 , signature(WTFMove(sig)) 49 , userHandle(WTFMove(handle)) 50 { 51 } 52 53 Ref<ArrayBuffer> credentialID; 54 Ref<ArrayBuffer> authenticatorData; 55 Ref<ArrayBuffer> signature; 56 Ref<ArrayBuffer> userHandle; 57 }; 58 42 59 static Authenticator& singleton(); 43 60 44 61 // Omit requireResidentKey, requireUserPresence, and requireUserVerification as we always provide resident keys and require user verification. 45 62 ExceptionOr<Vector<uint8_t>> makeCredential(const Vector<uint8_t>& hash, const PublicKeyCredentialCreationOptions::RpEntity&, const PublicKeyCredentialCreationOptions::UserEntity&, const Vector<PublicKeyCredentialCreationOptions::Parameters>&, const Vector<PublicKeyCredentialDescriptor>& excludeCredentialIds) const; 63 ExceptionOr<AssertionReturnBundle> getAssertion(const String& rpId, const Vector<uint8_t>& hash, const Vector<PublicKeyCredentialDescriptor>& allowCredentialIds) const; 46 64 47 65 #if !COMPILER(MSVC) -
trunk/Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp
r227382 r227589 29 29 #include "Authenticator.h" 30 30 #include "AuthenticatorResponse.h" 31 #include "CredentialCreationOptions.h"32 31 #include "JSDOMPromiseDeferred.h" 32 #include "PublicKeyCredentialCreationOptions.h" 33 #include "PublicKeyCredentialRequestOptions.h" 33 34 #include "SecurityOrigin.h" 34 35 #include <pal/crypto/CryptoDigest.h> … … 51 52 }; 52 53 53 // FIXME: Add token binding ID and extensions. 54 // https://bugs.webkit.org/show_bug.cgi?id=181948 55 // https://bugs.webkit.org/show_bug.cgi?id=181949 54 // FIXME(181948): Add token binding ID and extensions. 56 55 static Ref<ArrayBuffer> produceClientDataJson(ClientDataType type, const BufferSource& challenge, const SecurityOrigin& origin) 57 56 { … … 101 100 } 102 101 103 Vector<Ref<BasicCredential>> PublicKeyCredential::collectFromCredentialStore( CredentialRequestOptions&&, bool)102 Vector<Ref<BasicCredential>> PublicKeyCredential::collectFromCredentialStore(PublicKeyCredentialRequestOptions&&, bool) 104 103 { 105 104 return { }; 106 105 } 107 106 108 ExceptionOr<RefPtr<BasicCredential>> PublicKeyCredential::discoverFromExternalSource(const SecurityOrigin&, const CredentialRequestOptions&, bool) 109 { 110 return Exception { NotSupportedError }; 111 } 112 113 RefPtr<BasicCredential> PublicKeyCredential::store(RefPtr<BasicCredential>&&, bool) 114 { 115 return nullptr; 116 } 117 118 ExceptionOr<RefPtr<BasicCredential>> PublicKeyCredential::create(const SecurityOrigin& callerOrigin, const PublicKeyCredentialCreationOptions& options, bool sameOriginWithAncestors) 107 ExceptionOr<RefPtr<BasicCredential>> PublicKeyCredential::discoverFromExternalSource(const SecurityOrigin& callerOrigin, const PublicKeyCredentialRequestOptions& options, bool sameOriginWithAncestors) 119 108 { 120 109 using namespace PublicKeyCredentialInternal; 121 110 122 111 // The following implements https://www.w3.org/TR/webauthn/#createCredential as of 5 December 2017. 123 // FIXME: Extensions are not supported yet. Skip Step 11-12.124 // Step 1, 3 , 4, 17are handled by the caller, including options sanitizing, timer and abort signal.112 // FIXME: Extensions are not supported yet. Skip Step 8-9. 113 // Step 1, 3-4, 13, 16 are handled by the caller, including options sanitizing, timer and abort signal. 125 114 // Step 2. 126 115 if (!sameOriginWithAncestors) … … 128 117 129 118 // Step 5-7. 130 // FIXME : We lack fundamental support from SecurityOrigin to determine if a host is a valid domain or not.119 // FIXME(181950): We lack fundamental support from SecurityOrigin to determine if a host is a valid domain or not. 131 120 // Step 6 is therefore skipped. Also, we lack the support to determine whether a domain is a registrable 132 121 // domain suffix of another domain. Hence restrict the comparison to equal in Step 7. 133 // https://bugs.webkit.org/show_bug.cgi?id=181950 122 if (!options.rpId.isEmpty() && !(callerOrigin.host() == options.rpId)) 123 return Exception { SecurityError }; 124 if (options.rpId.isEmpty()) 125 options.rpId = callerOrigin.host(); 126 127 // Step 10-12. 128 auto clientDataJson = produceClientDataJson(ClientDataType::Get, options.challenge, callerOrigin); 129 auto clientDataJsonHash = produceClientDataJsonHash(clientDataJson); 130 131 // Step 14-15, 17-19. 132 // Only platform attachments will be supported at this stage. Assuming one authenticator per device. 133 // Also, resident keys, user verifications and direct attestation are enforced at this tage. 134 // For better performance, no filtering is done here regarding to options.excludeCredentials. 135 // What's more, user cancellations effectively means NotAllowedError. Therefore, the below call 136 // will only returns either an exception or a PublicKeyCredential ref. 137 // FIXME(181946): The following operation might need to perform async. 138 auto result = Authenticator::singleton().getAssertion(options.rpId, clientDataJsonHash, options.allowCredentials); 139 if (result.hasException()) 140 return result.releaseException(); 141 142 auto bundle = result.releaseReturnValue(); 143 return ExceptionOr<RefPtr<BasicCredential>>(PublicKeyCredential::create(WTFMove(bundle.credentialID), AuthenticatorAssertionResponse::create(WTFMove(clientDataJson), WTFMove(bundle.authenticatorData), WTFMove(bundle.signature), WTFMove(bundle.userHandle)))); 144 } 145 146 RefPtr<BasicCredential> PublicKeyCredential::store(RefPtr<BasicCredential>&&, bool) 147 { 148 return nullptr; 149 } 150 151 ExceptionOr<RefPtr<BasicCredential>> PublicKeyCredential::create(const SecurityOrigin& callerOrigin, const PublicKeyCredentialCreationOptions& options, bool sameOriginWithAncestors) 152 { 153 using namespace PublicKeyCredentialInternal; 154 155 // The following implements https://www.w3.org/TR/webauthn/#createCredential as of 5 December 2017. 156 // FIXME: Extensions are not supported yet. Skip Step 11-12. 157 // Step 1, 3-4, 16-17 are handled by the caller, including options sanitizing, timer and abort signal. 158 // Step 2. 159 if (!sameOriginWithAncestors) 160 return Exception { NotAllowedError }; 161 162 // Step 5-7. 163 // FIXME(181950): We lack fundamental support from SecurityOrigin to determine if a host is a valid domain or not. 164 // Step 6 is therefore skipped. Also, we lack the support to determine whether a domain is a registrable 165 // domain suffix of another domain. Hence restrict the comparison to equal in Step 7. 134 166 if (!options.rp.id.isEmpty() && !(callerOrigin.host() == options.rp.id)) 135 167 return Exception { SecurityError }; … … 153 185 // What's more, user cancellations effectively means NotAllowedError. Therefore, the below call 154 186 // will only returns either an exception or a PublicKeyCredential ref. 155 // FIXME: The following operation might need to perform async. 156 // https://bugs.webkit.org/show_bug.cgi?id=181946 187 // FIXME(181946): The following operation might need to perform async. 157 188 auto result = Authenticator::singleton().makeCredential(clientDataJsonHash, options.rp, options.user, options.pubKeyCredParams, options.excludeCredentials); 158 189 if (result.hasException()) … … 160 191 161 192 auto attestationObject = result.releaseReturnValue(); 162 // FIXME: Got some crazy compile error when I was trying to return RHS directly. 163 RefPtr<BasicCredential> credential = PublicKeyCredential::create(getIdFromAttestationObject(attestationObject), AuthenticatorAttestationResponse::create(WTFMove(clientDataJson), ArrayBuffer::create(attestationObject.data(), attestationObject.size()))); 164 return WTFMove(credential); 193 return ExceptionOr<RefPtr<BasicCredential>>(PublicKeyCredential::create(getIdFromAttestationObject(attestationObject), AuthenticatorAttestationResponse::create(WTFMove(clientDataJson), ArrayBuffer::create(attestationObject.data(), attestationObject.size())))); 165 194 } 166 195 -
trunk/Source/WebCore/Modules/webauthn/PublicKeyCredential.h
r227382 r227589 38 38 39 39 struct PublicKeyCredentialCreationOptions; 40 struct CredentialRequestOptions;40 struct PublicKeyCredentialRequestOptions; 41 41 42 42 class PublicKeyCredential final : public BasicCredential { … … 47 47 } 48 48 49 static Vector<Ref<BasicCredential>> collectFromCredentialStore( CredentialRequestOptions&&, bool);50 static ExceptionOr<RefPtr<BasicCredential>> discoverFromExternalSource(const SecurityOrigin&, const CredentialRequestOptions&, bool sameOriginWithAncestors);49 static Vector<Ref<BasicCredential>> collectFromCredentialStore(PublicKeyCredentialRequestOptions&&, bool); 50 static ExceptionOr<RefPtr<BasicCredential>> discoverFromExternalSource(const SecurityOrigin&, const PublicKeyCredentialRequestOptions&, bool sameOriginWithAncestors); 51 51 static RefPtr<BasicCredential> store(RefPtr<BasicCredential>&&, bool); 52 52 static ExceptionOr<RefPtr<BasicCredential>> create(const SecurityOrigin&, const PublicKeyCredentialCreationOptions&, bool sameOriginWithAncestors); -
trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h
r227007 r227589 34 34 struct PublicKeyCredentialRequestOptions { 35 35 BufferSource challenge; 36 unsigned long timeout { 0 };37 String rpId;36 std::optional<unsigned long> timeout; 37 mutable String rpId; 38 38 Vector<PublicKeyCredentialDescriptor> allowCredentials; 39 39 }; -
trunk/Source/WebCore/bindings/js/JSAuthenticatorResponseCustom.cpp
r227382 r227589 27 27 #include "JSAuthenticatorResponse.h" 28 28 29 #include "JSAuthenticatorAssertionResponse.h" 29 30 #include "JSAuthenticatorAttestationResponse.h" 30 31 #include "JSDOMBinding.h" … … 37 38 if (is<AuthenticatorAttestationResponse>(response)) 38 39 return createWrapper<AuthenticatorAttestationResponse>(globalObject, WTFMove(response)); 40 if (is<AuthenticatorAssertionResponse>(response)) 41 return createWrapper<AuthenticatorAssertionResponse>(globalObject, WTFMove(response)); 39 42 return createWrapper<AuthenticatorResponse>(globalObject, WTFMove(response)); 40 43 }
Note: See TracChangeset
for help on using the changeset viewer.