Changeset 263296 in webkit
- Timestamp:
- Jun 19, 2020 4:40:04 PM (4 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r263295 r263296 1 2020-06-19 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] Provide a _WKWebAuthenticationPanelUpdatePINInvalid update to UI clients if the returned PIN from the client is not valid 4 https://bugs.webkit.org/show_bug.cgi?id=213404 5 <rdar://problem/64543894> 6 7 Reviewed by Brent Fulgham. 8 9 Provide a _WKWebAuthenticationPanelUpdatePINInvalid update to UI clients if the returned PIN from the client is not valid such that clients can 10 reuse the same logic to handle invalid pin from the authenticator. This change makes their life easier. 11 12 Covered by API tests. 13 14 * UIProcess/API/APIWebAuthenticationPanelClient.h: 15 (API::WebAuthenticationPanelClient::requestPin const): 16 * UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm: 17 (WebKit::WebAuthenticationPanelClient::requestPin const): 18 Now, only null strings are intepreted as cancels. 19 20 * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: 21 (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): 22 (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): 23 (WebKit::CtapAuthenticator::continueGetPinTokenAfterRequestPin): 24 (WebKit::CtapAuthenticator::continueRequestAfterGetPinToken): 25 This patch also removes potential null pointer dereferences. 26 1 27 2020-06-19 Per Arne Vollan <pvollan@apple.com> 2 28 -
trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationPanelClient.h
r258020 r263296 50 50 virtual void updatePanel(WebKit::WebAuthenticationStatus) const { } 51 51 virtual void dismissPanel(WebKit::WebAuthenticationResult) const { } 52 virtual void requestPin(uint64_t, CompletionHandler<void(const WTF::String&)>&& completionHandler) const { completionHandler( emptyString()); }52 virtual void requestPin(uint64_t, CompletionHandler<void(const WTF::String&)>&& completionHandler) const { completionHandler(WTF::String()); } 53 53 virtual void selectAssertionResponse(Vector<Ref<WebCore::AuthenticatorAssertionResponse>>&&, WebKit::WebAuthenticationSource, CompletionHandler<void(WebCore::AuthenticatorAssertionResponse*)>&& completionHandler) const { completionHandler(nullptr); } 54 54 virtual void decidePolicyForLocalAuthenticator(CompletionHandler<void(WebKit::LocalAuthenticatorPolicy)>&& completionHandler) const { completionHandler(WebKit::LocalAuthenticatorPolicy::Disallow); } -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm
r257954 r263296 119 119 { 120 120 if (!m_delegateMethods.panelRequestPinWithRemainingRetriesCompletionHandler) { 121 completionHandler( emptyString());121 completionHandler(String()); 122 122 return; 123 123 } … … 125 125 auto delegate = m_delegate.get(); 126 126 if (!delegate) { 127 completionHandler( emptyString());127 completionHandler(String()); 128 128 return; 129 129 } -
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
r261588 r263296 116 116 117 117 if (isPinError(error)) { 118 if (!m_pinAuth.isEmpty() ) // Skip the very first command that acts like wink.118 if (!m_pinAuth.isEmpty() && observer()) // Skip the very first command that acts like wink. 119 119 observer()->authenticatorStatusUpdated(toStatus(error)); 120 120 if (tryRestartPin(error)) … … 155 155 156 156 if (isPinError(error)) { 157 if (!m_pinAuth.isEmpty() ) // Skip the very first command that acts like wink.157 if (!m_pinAuth.isEmpty() && observer()) // Skip the very first command that acts like wink. 158 158 observer()->authenticatorStatusUpdated(toStatus(error)); 159 159 if (tryRestartPin(error)) … … 275 275 void CtapAuthenticator::continueGetPinTokenAfterRequestPin(const String& pin, const CryptoKeyEC& peerKey) 276 276 { 277 if (pin.isNull()) { 278 receiveRespond(ExceptionData { UnknownError, "Pin is null."_s }); 279 return; 280 } 281 277 282 auto pinUtf8 = pin::validateAndConvertToUTF8(pin); 278 283 if (!pinUtf8) { 279 receiveRespond(ExceptionData { UnknownError, makeString("Pin is not valid: ", pin) }); 284 // Fake a pin invalid response from the authenticator such that clients could show some error to the user. 285 if (auto* observer = this->observer()) 286 observer->authenticatorStatusUpdated(WebAuthenticationStatus::PinInvalid); 287 tryRestartPin(CtapDeviceResponseCode::kCtap2ErrPinInvalid); 280 288 return; 281 289 } … … 302 310 303 311 if (isPinError(error)) { 304 observer()->authenticatorStatusUpdated(toStatus(error)); 312 if (auto* observer = this->observer()) 313 observer->authenticatorStatusUpdated(toStatus(error)); 305 314 if (tryRestartPin(error)) 306 315 return; -
trunk/Tools/ChangeLog
r263291 r263296 1 2020-06-19 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] Provide a _WKWebAuthenticationPanelUpdatePINInvalid update to UI clients if the returned PIN from the client is not valid 4 https://bugs.webkit.org/show_bug.cgi?id=213404 5 <rdar://problem/64543894> 6 7 Reviewed by Brent Fulgham. 8 9 * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: 10 * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm: 11 (TestWebKitAPI::TEST): 12 * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry.html: Added. 13 1 14 2020-06-19 Jonathan Bedard <jbedard@apple.com> 2 15 -
trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
r263112 r263296 372 372 5742178E2400D2DF002B303D /* web-authentication-make-credential-la.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 5742178D2400D26C002B303D /* web-authentication-make-credential-la.html */; }; 373 373 574F55D2204D47F0002948C6 /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 574F55D0204D471C002948C6 /* Security.framework */; }; 374 5751B28A249D5BC500664C2A /* web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 5751B289249D5B9900664C2A /* web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry.html */; }; 374 375 5758597F23A2527A00C74572 /* CtapPinTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5758597E23A2527A00C74572 /* CtapPinTest.cpp */; }; 375 376 5758598423C3C3A400C74572 /* web-authentication-make-credential-hid-pin-get-retries-error.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 5758598323C3C36200C74572 /* web-authentication-make-credential-hid-pin-get-retries-error.html */; }; … … 1226 1227 dstSubfolderSpec = 7; 1227 1228 files = ( 1229 5751B28A249D5BC500664C2A /* web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry.html in Copy Resources */, 1228 1230 55A817FF2181021A0004A39A /* 100x100-red.tga in Copy Resources */, 1229 1231 1A9E52C913E65EF4006917F5 /* 18-characters.html in Copy Resources */, … … 2055 2057 5742178D2400D26C002B303D /* web-authentication-make-credential-la.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la.html"; sourceTree = "<group>"; }; 2056 2058 574F55D0204D471C002948C6 /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = System/Library/Frameworks/Security.framework; sourceTree = SDKROOT; }; 2059 5751B289249D5B9900664C2A /* web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry.html"; sourceTree = "<group>"; }; 2057 2060 5758597D23A2527A00C74572 /* CtapPinTest.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CtapPinTest.h; sourceTree = "<group>"; }; 2058 2061 5758597E23A2527A00C74572 /* CtapPinTest.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CtapPinTest.cpp; sourceTree = "<group>"; }; … … 3742 3745 578DA44723ECD01300246010 /* web-authentication-make-credential-hid-pin-auth-blocked-error.html */, 3743 3746 570D26F323C3CA5500D5CF67 /* web-authentication-make-credential-hid-pin-get-key-agreement-error.html */, 3747 5751B289249D5B9900664C2A /* web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry.html */, 3744 3748 578DA44123ECC76B00246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-blocked-error.html */, 3745 3749 578DA44523ECCBD000246010 /* web-authentication-make-credential-hid-pin-get-pin-token-pin-auth-invalid-error-retry.html */, -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm
r261366 r263296 938 938 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]); 939 939 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 940 [webView waitForMessage:@"Pin is n ot valid:"];940 [webView waitForMessage:@"Pin is null."]; 941 941 } 942 942 … … 955 955 956 956 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 957 [webView waitForMessage:@"Pin is n ot valid:"];957 [webView waitForMessage:@"Pin is null."]; 958 958 } 959 959 … … 961 961 { 962 962 reset(); 963 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin " withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];963 RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-hid-pin-get-pin-token-fake-pin-invalid-error-retry" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]; 964 964 965 965 auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES]; … … 972 972 webAuthenticationPanelPin = "123"; 973 973 [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]]; 974 [webView waitForMessage:@"Pin is not valid: 123"]; 974 Util::run(&webAuthenticationPanelUpdatePINInvalid); 975 webAuthenticationPanelPin = "1234"; 976 [webView waitForMessage:@"Succeeded!"]; 975 977 } 976 978
Note: See TracChangeset
for help on using the changeset viewer.