Changeset 256062 in webkit
- Timestamp:
- Feb 7, 2020 2:16:54 PM (4 years ago)
- Location:
- trunk
- Files:
-
- 4 added
- 9 edited
- 3 copied
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r256057 r256062 1 2020-02-07 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] Report CTAP Client Pin Error to clients 4 https://bugs.webkit.org/show_bug.cgi?id=205837 5 <rdar://problem/58356872> 6 7 Reviewed by Brent Fulgham. 8 9 Authenticators could return four different errors { kCtap2ErrPinInvalid, kCtap2ErrPinBlocked, kCtap2ErrPinAuthInvalid, kCtap2ErrPinAuthBlocked } 10 during 1) GetPinToken or 2) MakeCredential/GetAssertion with PinAuth. 11 12 All errors should be reported to the client so that appropriate UI can be displayed to users. 13 For kCtap2ErrPinAuthInvalid and kCtap2ErrPinInvalid, we will restart the whole Pin process to get 14 another Pin from the user. 15 16 Covered by API tests. 17 18 * UIProcess/API/APIWebAuthenticationPanelClient.h: 19 * UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm: 20 (WebKit::wkWebAuthenticationPanelUpdate): 21 * UIProcess/WebAuthentication/WebAuthenticationFlags.h: 22 * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: 23 (WebKit::fido::toStatus): 24 (WebKit::fido::isPinError): 25 (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): 26 (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): 27 (WebKit::CtapAuthenticator::continueRequestAfterGetPinToken): 28 (WebKit::CtapAuthenticator::tryRestartPin): 29 * UIProcess/WebAuthentication/fido/CtapAuthenticator.h: 30 1 31 2020-02-07 Jonathan Bedard <jbedard@apple.com> 2 32 -
trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationPanelClient.h
r254554 r256062 38 38 39 39 namespace WebKit { 40 enum class WebAuthenticationStatus : bool;40 enum class WebAuthenticationStatus : uint8_t; 41 41 enum class WebAuthenticationResult : bool; 42 42 } -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm
r254554 r256062 60 60 if (status == WebAuthenticationStatus::NoCredentialsFound) 61 61 return _WKWebAuthenticationPanelUpdateNoCredentialsFound; 62 if (status == WebAuthenticationStatus::PinBlocked) 63 return _WKWebAuthenticationPanelUpdatePINBlocked; 64 if (status == WebAuthenticationStatus::PinAuthBlocked) 65 return _WKWebAuthenticationPanelUpdatePINAuthBlocked; 66 if (status == WebAuthenticationStatus::PinInvalid) 67 return _WKWebAuthenticationPanelUpdatePINInvalid; 62 68 ASSERT_NOT_REACHED(); 63 69 return _WKWebAuthenticationPanelUpdateMultipleNFCTagsPresent; -
trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationFlags.h
r251317 r256062 41 41 }; 42 42 43 enum class WebAuthenticationStatus : bool{43 enum class WebAuthenticationStatus : uint8_t { 44 44 MultipleNFCTagsPresent, 45 NoCredentialsFound 45 NoCredentialsFound, 46 PinBlocked, 47 PinAuthBlocked, 48 PinInvalid 46 49 }; 47 50 -
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
r256001 r256062 47 47 using namespace fido; 48 48 49 namespace { 50 WebAuthenticationStatus toStatus(const CtapDeviceResponseCode& error) 51 { 52 switch (error) { 53 case CtapDeviceResponseCode::kCtap2ErrPinAuthInvalid: 54 case CtapDeviceResponseCode::kCtap2ErrPinInvalid: 55 return WebAuthenticationStatus::PinInvalid; 56 case CtapDeviceResponseCode::kCtap2ErrPinAuthBlocked: 57 return WebAuthenticationStatus::PinAuthBlocked; 58 case CtapDeviceResponseCode::kCtap2ErrPinBlocked: 59 return WebAuthenticationStatus::PinBlocked; 60 default: 61 ASSERT_NOT_REACHED(); 62 return WebAuthenticationStatus::PinInvalid; 63 } 64 } 65 66 bool isPinError(const CtapDeviceResponseCode& error) 67 { 68 switch (error) { 69 case CtapDeviceResponseCode::kCtap2ErrPinAuthInvalid: 70 case CtapDeviceResponseCode::kCtap2ErrPinAuthBlocked: 71 case CtapDeviceResponseCode::kCtap2ErrPinInvalid: 72 case CtapDeviceResponseCode::kCtap2ErrPinBlocked: 73 return true; 74 default: 75 return false; 76 } 77 } 78 79 } // namespace 80 49 81 CtapAuthenticator::CtapAuthenticator(std::unique_ptr<CtapDriver>&& driver, AuthenticatorGetInfoResponse&& info) 50 82 : FidoAuthenticator(WTFMove(driver)) … … 77 109 if (!response) { 78 110 auto error = getResponseCode(data); 79 if (error == CtapDeviceResponseCode::kCtap2ErrCredentialExcluded) 111 112 if (error == CtapDeviceResponseCode::kCtap2ErrCredentialExcluded) { 80 113 receiveRespond(ExceptionData { InvalidStateError, "At least one credential matches an entry of the excludeCredentials list in the authenticator."_s }); 81 // FIXME(205837) 82 else if (error == CtapDeviceResponseCode::kCtap2ErrPinInvalid || error == CtapDeviceResponseCode::kCtap2ErrPinAuthInvalid) 83 getRetries(); 84 else 85 receiveRespond(ExceptionData { UnknownError, makeString("Unknown internal error. Error code: ", static_cast<uint8_t>(error)) }); 114 return; 115 } 116 117 if (isPinError(error)) { 118 if (!m_pinAuth.isEmpty()) // Skip the very first command that acts like wink. 119 observer()->authenticatorStatusUpdated(toStatus(error)); 120 if (tryRestartPin(error)) 121 return; 122 } 123 124 receiveRespond(ExceptionData { UnknownError, makeString("Unknown internal error. Error code: ", static_cast<uint8_t>(error)) }); 86 125 return; 87 126 } … … 111 150 if (!response) { 112 151 auto error = getResponseCode(data); 113 // FIXME(205837) 114 if (error == CtapDeviceResponseCode::kCtap2ErrPinInvalid || error == CtapDeviceResponseCode::kCtap2ErrPinAuthInvalid) { 115 getRetries(); 116 return; 117 } 118 if (error != CtapDeviceResponseCode::kCtap2ErrInvalidCBOR && tryDowngrade()) 119 return; 152 153 if (!isPinError(error) && tryDowngrade()) 154 return; 155 156 if (isPinError(error)) { 157 if (!m_pinAuth.isEmpty()) // Skip the very first command that acts like wink. 158 observer()->authenticatorStatusUpdated(toStatus(error)); 159 if (tryRestartPin(error)) 160 return; 161 } 162 120 163 if (error == CtapDeviceResponseCode::kCtap2ErrNoCredentials && observer()) 121 164 observer()->authenticatorStatusUpdated(WebAuthenticationStatus::NoCredentialsFound); 165 122 166 receiveRespond(ExceptionData { UnknownError, makeString("Unknown internal error. Error code: ", static_cast<uint8_t>(error)) }); 123 167 return; … … 250 294 if (!token) { 251 295 auto error = getResponseCode(data); 296 297 if (isPinError(error)) { 298 observer()->authenticatorStatusUpdated(toStatus(error)); 299 if (tryRestartPin(error)) 300 return; 301 } 302 252 303 receiveRespond(ExceptionData { UnknownError, makeString("Unknown internal error. Error code: ", static_cast<uint8_t>(error)) }); 253 304 return; … … 260 311 getAssertion(); 261 312 }); 313 } 314 315 bool CtapAuthenticator::tryRestartPin(const CtapDeviceResponseCode& error) 316 { 317 switch (error) { 318 case CtapDeviceResponseCode::kCtap2ErrPinAuthInvalid: 319 case CtapDeviceResponseCode::kCtap2ErrPinInvalid: 320 getRetries(); 321 return true; 322 default: 323 return false; 324 } 262 325 } 263 326 -
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.h
r254495 r256062 66 66 void continueGetPinTokenAfterRequestPin(const String& pin, const WebCore::CryptoKeyEC&); 67 67 void continueRequestAfterGetPinToken(Vector<uint8_t>&&, const fido::pin::TokenRequest&); 68 bool tryRestartPin(const fido::CtapDeviceResponseCode&); 68 69 69 70 bool tryDowngrade(); -
trunk/Tools/ChangeLog
r256059 r256062 1 2020-02-07 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] Report CTAP Client Pin Error to clients 4 https://bugs.webkit.org/show_bug.cgi?id=205837 5 <rdar://problem/58356872> 6 7 Reviewed by Brent Fulgham. 8 9 * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: 10 * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: 11 (-[TestWebAuthenticationPanelDelegate panel:updateWebAuthenticationPanel:]): 12 (TestWebKitAPI::TEST): 13 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-hid-pin-auth-blocked-error.html: Copied from Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-error.html. 14 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-hid-pin-invalid-error-retry.html: Added. 15 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-auth-blocked-error.html: Copied from Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-error.html. 16 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html: Copied from Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-error.html. 17 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html: Added. 18 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html: Renamed from Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-error.html. 19 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry.html: Added. 20 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-invalid-error-retry.html: Added. 21 1 22 2020-02-07 Jonathan Bedard <jbedard@apple.com> 2 23 -
trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
r256000 r256062 334 334 570D26F423C3CA6A00D5CF67 /* web-authentication-make-credential-hid-pin-get-key-agreement-error.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 570D26F323C3CA5500D5CF67 /* web-authentication-make-credential-hid-pin-get-key-agreement-error.html */; }; 335 335 570D26F623C3D33000D5CF67 /* web-authentication-make-credential-hid-pin.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 570D26F523C3D32700D5CF67 /* web-authentication-make-credential-hid-pin.html */; }; 336 570D26FA23C3F25100D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token- error.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 570D26F923C3F24500D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-error.html */; };336 570D26FA23C3F25100D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 570D26F923C3F24500D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html */; }; 337 337 570D26FC23C3F87000D5CF67 /* web-authentication-get-assertion-hid-pin.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 570D26FB23C3F86500D5CF67 /* web-authentication-get-assertion-hid-pin.html */; }; 338 338 5714ECB91CA8B5B000051AC8 /* DownloadRequestOriginalURL.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 5714ECB81CA8B58800051AC8 /* DownloadRequestOriginalURL.html */; }; … … 367 367 5778D05622110A2600899E3B /* LoadWebArchive.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5778D05522110A2600899E3B /* LoadWebArchive.mm */; }; 368 368 578CBD67204FB2C80083B9F2 /* LocalAuthentication.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 578CBD66204FB2C70083B9F2 /* LocalAuthentication.framework */; }; 369 578DA44223ECC7A000246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 578DA44123ECC76B00246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html */; }; 370 578DA44423ECCAE900246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 578DA44323ECC8A800246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry.html */; }; 371 578DA44623ECCC0A00246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 578DA44523ECCBD000246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html */; }; 372 578DA44823ECD09B00246010 /* web-authentication-make-credential-hid-pin-auth-blocked-error.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 578DA44723ECD01300246010 /* web-authentication-make-credential-hid-pin-auth-blocked-error.html */; }; 373 578DA44A23ECD18600246010 /* web-authentication-make-credential-hid-pin-invalid-error-retry.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 578DA44923ECD15500246010 /* web-authentication-make-credential-hid-pin-invalid-error-retry.html */; }; 374 578DA44C23ECD23000246010 /* web-authentication-get-assertion-hid-pin-auth-blocked-error.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 578DA44B23ECD20300246010 /* web-authentication-get-assertion-hid-pin-auth-blocked-error.html */; }; 375 578DA44E23ECD28B00246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 578DA44D23ECD26100246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html */; }; 369 376 57901FB11CAF142D00ED64F9 /* LoadInvalidURLRequest.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 57901FB01CAF141C00ED64F9 /* LoadInvalidURLRequest.html */; }; 370 377 579651E7216BFDED006EBFE5 /* FidoHidMessageTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 579651E6216BFD53006EBFE5 /* FidoHidMessageTest.cpp */; }; … … 1502 1509 579F1C0123C93AF500C7D4B4 /* web-authentication-get-assertion-hid-multiple-accounts.html in Copy Resources */, 1503 1510 577454D02359B378008E1ED7 /* web-authentication-get-assertion-hid-no-credentials.html in Copy Resources */, 1511 578DA44C23ECD23000246010 /* web-authentication-get-assertion-hid-pin-auth-blocked-error.html in Copy Resources */, 1512 578DA44E23ECD28B00246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html in Copy Resources */, 1504 1513 570D26FC23C3F87000D5CF67 /* web-authentication-get-assertion-hid-pin.html in Copy Resources */, 1505 1514 57663DEC234F1F9300E85E09 /* web-authentication-get-assertion-hid.html in Copy Resources */, … … 1508 1517 577454D22359BB01008E1ED7 /* web-authentication-get-assertion-u2f-no-credentials.html in Copy Resources */, 1509 1518 57C624502346C21E00383FE7 /* web-authentication-get-assertion.html in Copy Resources */, 1519 578DA44823ECD09B00246010 /* web-authentication-make-credential-hid-pin-auth-blocked-error.html in Copy Resources */, 1510 1520 570D26F423C3CA6A00D5CF67 /* web-authentication-make-credential-hid-pin-get-key-agreement-error.html in Copy Resources */, 1511 570D26FA23C3F25100D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-error.html in Copy Resources */, 1521 578DA44223ECC7A000246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html in Copy Resources */, 1522 578DA44623ECCC0A00246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html in Copy Resources */, 1523 570D26FA23C3F25100D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html in Copy Resources */, 1524 578DA44423ECCAE900246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry.html in Copy Resources */, 1512 1525 5758598423C3C3A400C74572 /* web-authentication-make-credential-hid-pin-get-retries-error.html in Copy Resources */, 1526 578DA44A23ECD18600246010 /* web-authentication-make-credential-hid-pin-invalid-error-retry.html in Copy Resources */, 1513 1527 570D26F623C3D33000D5CF67 /* web-authentication-make-credential-hid-pin.html in Copy Resources */, 1514 1528 5798337E236019A4008E5547 /* web-authentication-make-credential-hid.html in Copy Resources */, … … 1926 1940 570D26F323C3CA5500D5CF67 /* web-authentication-make-credential-hid-pin-get-key-agreement-error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-get-key-agreement-error.html"; sourceTree = "<group>"; }; 1927 1941 570D26F523C3D32700D5CF67 /* web-authentication-make-credential-hid-pin.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin.html"; sourceTree = "<group>"; }; 1928 570D26F923C3F24500D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token- error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-get-pin-token-error.html"; sourceTree = "<group>"; };1942 570D26F923C3F24500D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html"; sourceTree = "<group>"; }; 1929 1943 570D26FB23C3F86500D5CF67 /* web-authentication-get-assertion-hid-pin.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-get-assertion-hid-pin.html"; sourceTree = "<group>"; }; 1930 1944 5714ECB81CA8B58800051AC8 /* DownloadRequestOriginalURL.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = DownloadRequestOriginalURL.html; sourceTree = "<group>"; }; … … 1961 1975 5778D05522110A2600899E3B /* LoadWebArchive.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = LoadWebArchive.mm; sourceTree = "<group>"; }; 1962 1976 578CBD66204FB2C70083B9F2 /* LocalAuthentication.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = LocalAuthentication.framework; path = System/Library/Frameworks/LocalAuthentication.framework; sourceTree = SDKROOT; }; 1977 578DA44123ECC76B00246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html"; sourceTree = "<group>"; }; 1978 578DA44323ECC8A800246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry.html"; sourceTree = "<group>"; }; 1979 578DA44523ECCBD000246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html"; sourceTree = "<group>"; }; 1980 578DA44723ECD01300246010 /* web-authentication-make-credential-hid-pin-auth-blocked-error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-auth-blocked-error.html"; sourceTree = "<group>"; }; 1981 578DA44923ECD15500246010 /* web-authentication-make-credential-hid-pin-invalid-error-retry.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-invalid-error-retry.html"; sourceTree = "<group>"; }; 1982 578DA44B23ECD20300246010 /* web-authentication-get-assertion-hid-pin-auth-blocked-error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-get-assertion-hid-pin-auth-blocked-error.html"; sourceTree = "<group>"; }; 1983 578DA44D23ECD26100246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-get-assertion-hid-pin-invalid-error-retry.html"; sourceTree = "<group>"; }; 1963 1984 57901FAC1CAF12C200ED64F9 /* LoadInvalidURLRequest.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = LoadInvalidURLRequest.mm; sourceTree = "<group>"; }; 1964 1985 57901FAE1CAF137100ED64F9 /* LoadInvalidURLRequest.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = LoadInvalidURLRequest.mm; sourceTree = "<group>"; }; … … 3539 3560 579F1BFF23C92FD300C7D4B4 /* web-authentication-get-assertion-hid-multiple-accounts.html */, 3540 3561 577454CF2359B338008E1ED7 /* web-authentication-get-assertion-hid-no-credentials.html */, 3562 578DA44B23ECD20300246010 /* web-authentication-get-assertion-hid-pin-auth-blocked-error.html */, 3563 578DA44D23ECD26100246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html */, 3541 3564 570D26FB23C3F86500D5CF67 /* web-authentication-get-assertion-hid-pin.html */, 3542 3565 57663DEB234F1F8000E85E09 /* web-authentication-get-assertion-hid.html */, … … 3545 3568 577454D12359BAD5008E1ED7 /* web-authentication-get-assertion-u2f-no-credentials.html */, 3546 3569 57C6244F2346C1EC00383FE7 /* web-authentication-get-assertion.html */, 3570 578DA44723ECD01300246010 /* web-authentication-make-credential-hid-pin-auth-blocked-error.html */, 3547 3571 570D26F323C3CA5500D5CF67 /* web-authentication-make-credential-hid-pin-get-key-agreement-error.html */, 3548 570D26F923C3F24500D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-error.html */, 3572 578DA44123ECC76B00246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html */, 3573 578DA44523ECCBD000246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html */, 3574 570D26F923C3F24500D5CF67 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html */, 3575 578DA44323ECC8A800246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry.html */, 3549 3576 5758598323C3C36200C74572 /* web-authentication-make-credential-hid-pin-get-retries-error.html */, 3577 578DA44923ECD15500246010 /* web-authentication-make-credential-hid-pin-invalid-error-retry.html */, 3550 3578 570D26F523C3D32700D5CF67 /* web-authentication-make-credential-hid-pin.html */, 3551 3579 5798337D2360196D008E5547 /* web-authentication-make-credential-hid.html */, -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
r254554 r256062 47 47 static bool webAuthenticationPanelUpdateMultipleNFCTagsPresent = false; 48 48 static bool webAuthenticationPanelUpdateNoCredentialsFound = false; 49 static bool webAuthenticationPanelUpdatePINBlocked = false; 50 static bool webAuthenticationPanelUpdatePINAuthBlocked = false; 51 static bool webAuthenticationPanelUpdatePINInvalid = false; 49 52 static bool webAuthenticationPanelCancelImmediately = false; 50 53 static String webAuthenticationPanelPin; … … 68 71 if (update == _WKWebAuthenticationPanelUpdateNoCredentialsFound) { 69 72 webAuthenticationPanelUpdateNoCredentialsFound = true; 73 return; 74 } 75 if (update == _WKWebAuthenticationPanelUpdatePINBlocked) { 76 webAuthenticationPanelUpdatePINBlocked = true; 77 return; 78 } 79 if (update == _WKWebAuthenticationPanelUpdatePINAuthBlocked) { 80 webAuthenticationPanelUpdatePINAuthBlocked = true; 81 return; 82 } 83 if (update == _WKWebAuthenticationPanelUpdatePINInvalid) { 84 webAuthenticationPanelUpdatePINInvalid = true; 70 85 return; 71 86 } … … 222 237 webAuthenticationPanelFailed = false; 223 238 webAuthenticationPanelSucceded = false; 239 webAuthenticationPanelUpdateMultipleNFCTagsPresent = false; 240 webAuthenticationPanelUpdateNoCredentialsFound = false; 241 webAuthenticationPanelUpdatePINBlocked = false; 242 webAuthenticationPanelUpdatePINAuthBlocked = false; 243 webAuthenticationPanelUpdatePINInvalid = false; 224 244 webAuthenticationPanelCancelImmediately = false; 245 webAuthenticationPanelPin = emptyString(); 246 webAuthenticationPanelNullUserHandle = NO; 225 247 } 226 248 … … 839 861 } 840 862 841 TEST(WebAuthenticationPanel, PinGetPinToken Error)842 { 843 reset(); 844 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-get-pin-token- error" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];863 TEST(WebAuthenticationPanel, PinGetPinTokenPinBlockedError) 864 { 865 reset(); 866 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 845 867 846 868 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; … … 853 875 webAuthenticationPanelPin = "1234"; 854 876 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 855 [webView waitForMessage:@"Unknown internal error. Error code: 2"]; 877 [webView waitForMessage:@"Unknown internal error. Error code: 50"]; 878 EXPECT_FALSE(webAuthenticationPanelUpdatePINInvalid); 879 EXPECT_TRUE(webAuthenticationPanelUpdatePINBlocked); 880 } 881 882 TEST(WebAuthenticationPanel, PinGetPinTokenPinAuthBlockedError) 883 { 884 reset(); 885 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 886 887 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; 888 [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()]; 889 890 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 891 auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]); 892 [webView setUIDelegate:delegate.get()]; 893 894 webAuthenticationPanelPin = "1234"; 895 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 896 [webView waitForMessage:@"Unknown internal error. Error code: 52"]; 897 EXPECT_FALSE(webAuthenticationPanelUpdatePINInvalid); 898 EXPECT_TRUE(webAuthenticationPanelUpdatePINAuthBlocked); 899 } 900 901 TEST(WebAuthenticationPanel, PinGetPinTokenPinInvalidErrorAndRetry) 902 { 903 reset(); 904 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-get-pin-token-pin-invalid-error-retry" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 905 906 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; 907 [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()]; 908 909 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 910 auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]); 911 [webView setUIDelegate:delegate.get()]; 912 913 webAuthenticationPanelPin = "1234"; 914 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 915 [webView waitForMessage:@"Succeeded!"]; 916 EXPECT_TRUE(webAuthenticationPanelUpdatePINInvalid); 917 } 918 919 TEST(WebAuthenticationPanel, PinGetPinTokenPinAuthInvalidErrorAndRetry) 920 { 921 reset(); 922 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 923 924 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; 925 [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()]; 926 927 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 928 auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]); 929 [webView setUIDelegate:delegate.get()]; 930 931 webAuthenticationPanelPin = "1234"; 932 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 933 [webView waitForMessage:@"Succeeded!"]; 934 EXPECT_TRUE(webAuthenticationPanelUpdatePINInvalid); 856 935 } 857 936 … … 873 952 } 874 953 954 TEST(WebAuthenticationPanel, MakeCredentialPinAuthBlockedError) 955 { 956 reset(); 957 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-auth-blocked-error" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 958 959 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; 960 [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()]; 961 962 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 963 auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]); 964 [webView setUIDelegate:delegate.get()]; 965 966 webAuthenticationPanelPin = "1234"; 967 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 968 [webView waitForMessage:@"Unknown internal error. Error code: 52"]; 969 EXPECT_FALSE(webAuthenticationPanelUpdatePINInvalid); 970 EXPECT_TRUE(webAuthenticationPanelUpdatePINAuthBlocked); 971 } 972 973 TEST(WebAuthenticationPanel, MakeCredentialPinInvalidErrorAndRetry) 974 { 975 reset(); 976 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-invalid-error-retry" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 977 978 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; 979 [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()]; 980 981 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 982 auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]); 983 [webView setUIDelegate:delegate.get()]; 984 985 webAuthenticationPanelPin = "1234"; 986 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 987 [webView waitForMessage:@"Succeeded!"]; 988 EXPECT_TRUE(webAuthenticationPanelUpdatePINInvalid); 989 } 990 875 991 TEST(WebAuthenticationPanel, GetAssertionPin) 876 992 { … … 890 1006 } 891 1007 1008 TEST(WebAuthenticationPanel, GetAssertionPinAuthBlockedError) 1009 { 1010 reset(); 1011 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-hid-pin-auth-blocked-error" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 1012 1013 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; 1014 [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()]; 1015 1016 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 1017 auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]); 1018 [webView setUIDelegate:delegate.get()]; 1019 1020 webAuthenticationPanelPin = "1234"; 1021 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 1022 [webView waitForMessage:@"Unknown internal error. Error code: 52"]; 1023 EXPECT_FALSE(webAuthenticationPanelUpdatePINInvalid); 1024 EXPECT_TRUE(webAuthenticationPanelUpdatePINAuthBlocked); 1025 } 1026 1027 TEST(WebAuthenticationPanel, GetAssertionPinInvalidErrorAndRetry) 1028 { 1029 reset(); 1030 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-hid-pin-invalid-error-retry" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 1031 1032 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; 1033 [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()]; 1034 1035 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 1036 auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]); 1037 [webView setUIDelegate:delegate.get()]; 1038 1039 webAuthenticationPanelPin = "1234"; 1040 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 1041 [webView waitForMessage:@"Succeeded!"]; 1042 EXPECT_TRUE(webAuthenticationPanelUpdatePINInvalid); 1043 } 1044 892 1045 TEST(WebAuthenticationPanel, MultipleAccountsNullDelegate) 893 1046 { -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-hid-pin-auth-blocked-error.html
r256060 r256062 1 1 <input type="text" id="input"> 2 2 <script> 3 const testCtapPin InvalidErrorBase64 = "MQ==";3 const testCtapPinAuthInvalidErrorBase64 = "Mw=="; 4 4 const testPinGetRetriesResponseBase64 = "AKEDCA=="; 5 5 const testPinGetKeyAgreementResponseBase64 = "AKEBpQECAzgYIAEhWCDodiWJbuTkbcAydm6Ah5YvNt+d/otWfzdjAVsZkKYOFCJYICfeYS1mQYvaGVBYHrxcjB2tcQyxTCL4yXBF9GEvsgyR"; 6 const testCtapInvalidParameterErrorBase64 = "Ag=="; 6 const testPinGetPinTokenResponseBase64 = "AKECUBOk7rcOyRrqAB6TFvYeQfc="; 7 const testCtapPinAuthBlockedErrorBase64 = "NA=="; 7 8 if (window.internals) { 8 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPin InvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testCtapInvalidParameterErrorBase64] } });9 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPinAuthInvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testPinGetPinTokenResponseBase64, testCtapPinAuthBlockedErrorBase64] } }); 9 10 internals.withUserGesture(() => { input.focus(); }); 10 11 } … … 12 13 const options = { 13 14 publicKey: { 14 rp: {15 name: "localhost",16 },17 user: {18 name: "John Appleseed",19 id: new Uint8Array(16),20 displayName: "Appleseed",21 },22 15 challenge: new Uint8Array(16), 23 pubKeyCredParams: [{ type: "public-key", alg: -7 }]16 timeout: 100 24 17 } 25 18 }; 26 19 27 navigator.credentials. create(options).then(credential => {20 navigator.credentials.get(options).then(credential => { 28 21 // console.log("Succeeded!"); 29 22 window.webkit.messageHandlers.testHandler.postMessage("Succeeded!"); -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-auth-blocked-error.html
r256060 r256062 1 1 <input type="text" id="input"> 2 2 <script> 3 const testCtapPin InvalidErrorBase64 = "MQ==";3 const testCtapPinAuthInvalidErrorBase64 = "Mw=="; 4 4 const testPinGetRetriesResponseBase64 = "AKEDCA=="; 5 5 const testPinGetKeyAgreementResponseBase64 = "AKEBpQECAzgYIAEhWCDodiWJbuTkbcAydm6Ah5YvNt+d/otWfzdjAVsZkKYOFCJYICfeYS1mQYvaGVBYHrxcjB2tcQyxTCL4yXBF9GEvsgyR"; 6 const testCtapInvalidParameterErrorBase64 = "Ag=="; 6 const testPinGetPinTokenResponseBase64 = "AKECUBOk7rcOyRrqAB6TFvYeQfc="; 7 const testCtapPinAuthBlockedErrorBase64 = "NA=="; 7 8 if (window.internals) { 8 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPin InvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testCtapInvalidParameterErrorBase64] } });9 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPinAuthInvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testPinGetPinTokenResponseBase64, testCtapPinAuthBlockedErrorBase64, ] } }); 9 10 internals.withUserGesture(() => { input.focus(); }); 10 11 } -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html
r256060 r256062 4 4 const testPinGetRetriesResponseBase64 = "AKEDCA=="; 5 5 const testPinGetKeyAgreementResponseBase64 = "AKEBpQECAzgYIAEhWCDodiWJbuTkbcAydm6Ah5YvNt+d/otWfzdjAVsZkKYOFCJYICfeYS1mQYvaGVBYHrxcjB2tcQyxTCL4yXBF9GEvsgyR"; 6 const testCtap InvalidParameterErrorBase64 = "Ag==";6 const testCtapPinAuthBlockedErrorBase64 = "NA=="; 7 7 if (window.internals) { 8 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPinInvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testCtap InvalidParameterErrorBase64] } });8 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPinInvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testCtapPinAuthBlockedErrorBase64] } }); 9 9 internals.withUserGesture(() => { input.focus(); }); 10 10 } -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-pin-blocked-error.html
r256060 r256062 4 4 const testPinGetRetriesResponseBase64 = "AKEDCA=="; 5 5 const testPinGetKeyAgreementResponseBase64 = "AKEBpQECAzgYIAEhWCDodiWJbuTkbcAydm6Ah5YvNt+d/otWfzdjAVsZkKYOFCJYICfeYS1mQYvaGVBYHrxcjB2tcQyxTCL4yXBF9GEvsgyR"; 6 const testCtap InvalidParameterErrorBase64 = "Ag==";6 const testCtapPinBlockedErrorBase64 = "Mg=="; 7 7 if (window.internals) { 8 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPinInvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testCtap InvalidParameterErrorBase64] } });8 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testCtapPinInvalidErrorBase64, testPinGetRetriesResponseBase64, testPinGetKeyAgreementResponseBase64, testCtapPinBlockedErrorBase64] } }); 9 9 internals.withUserGesture(() => { input.focus(); }); 10 10 }
Note: See TracChangeset
for help on using the changeset viewer.