Changeset 270142 in webkit

Timestamp:

Nov 21, 2020 12:11:34 AM (3 years ago)

Author:

jiewen_tan@apple.com

Message:

[WebAuthn] Implement SPI for AuthenticationServices.Framework
​https://bugs.webkit.org/show_bug.cgi?id=218893
<rdar://problem/71364731>

Reviewed by Alex Christensen.

Source/WebCore:

Covered by API tests.

• Modules/webauthn/PublicKeyCredentialCreationOptions.h:
• Modules/webauthn/PublicKeyCredentialRequestOptions.h:

Tweaks some macros to expose an empty struct for ports that have WebAuthn disabled.

Source/WebKit:

This patch implements the SPI for AuthenticationServices.Framework, which is more or less a direct
translation of the WebAuthn Web IDLs and a thin wrapper on top of functionalities of the WebAuthn
process.

It deprecates the existing _WKWebAuthenticationPanel SPI which is for Safari to show UI only. This
patch does not just repurpose the SPI but also modifies some of the implementations. The most noticeable one
is the change of ownerships. Prior to this change, AuthenticatorManager owns the APIWebAuthenticationPanel.
Now, it's the opposite way.

Since there will be a period of time that the deprecated implementation will coexist with the new implementation,
this path also marks things that are meant to deprecate in the future to reduce confusions.

• UIProcess/API/APIWebAuthenticationPanel.cpp:

(API::WebAuthenticationPanel::WebAuthenticationPanel):
(API::WebAuthenticationPanel::handleRequest):
(API::WebAuthenticationPanel::cancel const):

• UIProcess/API/APIWebAuthenticationPanel.h:

Implements the plumbing for the new SPI and owns the AuthenticatorManager now.

• UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
• UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:

(-[_WKAuthenticationExtensionsClientOutputs initWithAppid:]):
(-[_WKAuthenticatorResponse initWithRawId:extensions:]):
(-[_WKAuthenticatorAssertionResponse initWithRawId:extensions:authenticatorData:signature:userHandle:]):
(-[_WKAuthenticatorAttestationResponse initWithRawId:extensions:attestationObject:]):
(-[_WKAuthenticatorSelectionCriteria init]):
(-[_WKPublicKeyCredentialCreationOptions initWithRp:user:pubKeyCredParams:]):
(-[_WKPublicKeyCredentialDescriptor initWithType:identifier:]):
(-[_WKPublicKeyCredentialEntity initWithName:]):
(-[_WKPublicKeyCredentialParameters initWithType:alg:]):
(-[_WKPublicKeyCredentialRequestOptions init]):
(-[_WKPublicKeyCredentialRpEntity initWithName:]):
(-[_WKPublicKeyCredentialUserEntity initWithName:identifier:displayName:]):
(-[_WKWebAuthenticationPanel init]):
(vectorFromNSData):
(encodeEntity):
(publicKeyCredentialRpEntity):
(publicKeyCredentialUserEntity):
(publicKeyCredentialParameters):
(authenticatorTransport):
(authenticatorTransports):
(publicKeyCredentialDescriptors):
(authenticatorAttachment):
(userVerification):
(authenticatorSelectionCriteria):
(attestationConveyancePreference):
(authenticationExtensionsClientInputs):
(+[_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:]):
(wkAuthenticatorAttestationResponse):
(-[_WKWebAuthenticationPanel makeCredentialWithHash:options:completionHandler:]):
(+[_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:]):
(wkAuthenticatorAssertionResponse):
(-[_WKWebAuthenticationPanel getAssertionWithHash:options:completionHandler:]):
(+[_WKWebAuthenticationPanel isUserVerifyingPlatformAuthenticatorAvailable]):
Implements the SPI.

• UIProcess/WebAuthentication/WebAuthenticationRequestData.h:

Marks things as to deprecate.

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:

(TestWebKitAPI::TEST):
(): Deleted.

Location:

trunk

Files:

• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h (modified) (5 diffs)
• Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h (modified) (4 diffs)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/UIProcess/API/APIWebAuthenticationPanel.cpp (modified) (2 diffs)
• Source/WebKit/UIProcess/API/APIWebAuthenticationPanel.h (modified) (3 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientOutputs.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientOutputs.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientOutputsInternal.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialCreationOptions.h (added)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialCreationOptions.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialDescriptor.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialDescriptor.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialEntity.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialEntity.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialParameters.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialParameters.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRelyingPartyEntity.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRelyingPartyEntity.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRequestOptions.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRequestOptions.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialUserEntity.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialUserEntity.mm (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKUserVerificationRequirement.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h (modified) (3 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (modified) (3 diffs)
• Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanelForTesting.h (copied) (copied from trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h) (2 diffs)
• Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h (modified) (2 diffs)
• Source/WebKit/WebKit.xcodeproj/project.pbxproj (modified) (11 diffs)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (modified) (3 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2020-11-21  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebAuthn] Implement SPI for AuthenticationServices.Framework
+        https://bugs.webkit.org/show_bug.cgi?id=218893
+        <rdar://problem/71364731>
+
+        Reviewed by Alex Christensen.
+
+        Covered by API tests.
+
+        * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
+        * Modules/webauthn/PublicKeyCredentialRequestOptions.h:
+        Tweaks some macros to expose an empty struct for ports that have WebAuthn disabled.
+
 2020-11-20  Chris Dumez  <cdumez@apple.com>
 

trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h

@@ -27 +27 @@
 
 #if ENABLE(WEB_AUTHN)
-
 #include "AttestationConveyancePreference.h"
 #include "AuthenticationExtensionsClientInputs.h"
@@ -35 +34 @@
 #include "UserVerificationRequirement.h"
 #include <wtf/Forward.h>
+#endif // ENABLE(WEB_AUTHN)
 
 namespace WebCore {
 
 struct PublicKeyCredentialCreationOptions {
+#if ENABLE(WEB_AUTHN)
     enum class AuthenticatorAttachment {
         Platform,
@@ -90 +91 @@
     template<class Encoder> void encode(Encoder&) const;
     template<class Decoder> static Optional<PublicKeyCredentialCreationOptions> decode(Decoder&);
+#endif // ENABLE(WEB_AUTHN)
 };
 
+#if ENABLE(WEB_AUTHN)
 template<class Encoder>
 void PublicKeyCredentialCreationOptions::Parameters::encode(Encoder& encoder) const
@@ -197 +200 @@
     return result;
 }
+#endif // ENABLE(WEB_AUTHN)
 
 } // namespace WebCore
 
+#if ENABLE(WEB_AUTHN)
 namespace WTF {
 
@@ -211 +216 @@
 
 } // namespace WTF
-
-#endif // ENABLE(WEB_AUTHN)
+#endif // ENABLE(WEB_AUTHN)

trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h

@@ -27 +27 @@
 
 #if ENABLE(WEB_AUTHN)
-
 #include "AuthenticationExtensionsClientInputs.h"
 #include "BufferSource.h"
@@ -33 +32 @@
 #include "UserVerificationRequirement.h"
 #include <wtf/Forward.h>
+#endif // ENABLE(WEB_AUTHN)
 
 namespace WebCore {
 
 struct PublicKeyCredentialRequestOptions {
+#if ENABLE(WEB_AUTHN)
     BufferSource challenge;
     Optional<unsigned> timeout;
@@ -46 +47 @@
     template<class Encoder> void encode(Encoder&) const;
     template<class Decoder> static Optional<PublicKeyCredentialRequestOptions> decode(Decoder&);
+#endif // ENABLE(WEB_AUTHN)
 };
 
+#if ENABLE(WEB_AUTHN)
 // Not every member is encoded.
 template<class Encoder>
@@ -85 +88 @@
     return result;
 }
+#endif // ENABLE(WEB_AUTHN)
 
 } // namespace WebCore
-
-#endif // ENABLE(WEB_AUTHN)

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2020-11-21  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebAuthn] Implement SPI for AuthenticationServices.Framework
+        https://bugs.webkit.org/show_bug.cgi?id=218893
+        <rdar://problem/71364731>
+
+        Reviewed by Alex Christensen.
+
+        This patch implements the SPI for AuthenticationServices.Framework, which is more or less a direct
+        translation of the WebAuthn Web IDLs and a thin wrapper on top of functionalities of the WebAuthn
+        process.
+
+        It deprecates the existing _WKWebAuthenticationPanel SPI which is for Safari to show UI only. This
+        patch does not just repurpose the SPI but also modifies some of the implementations. The most noticeable one
+        is the change of ownerships. Prior to this change, AuthenticatorManager owns the APIWebAuthenticationPanel.
+        Now, it's the opposite way.
+
+        Since there will be a period of time that the deprecated implementation will coexist with the new implementation,
+        this path also marks things that are meant to deprecate in the future to reduce confusions.
+
+        * UIProcess/API/APIWebAuthenticationPanel.cpp:
+        (API::WebAuthenticationPanel::WebAuthenticationPanel):
+        (API::WebAuthenticationPanel::handleRequest):
+        (API::WebAuthenticationPanel::cancel const):
+        * UIProcess/API/APIWebAuthenticationPanel.h:
+        Implements the plumbing for the new SPI and owns the AuthenticatorManager now.
+
+        * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
+        * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+        (-[_WKAuthenticationExtensionsClientOutputs initWithAppid:]):
+        (-[_WKAuthenticatorResponse initWithRawId:extensions:]):
+        (-[_WKAuthenticatorAssertionResponse initWithRawId:extensions:authenticatorData:signature:userHandle:]):
+        (-[_WKAuthenticatorAttestationResponse initWithRawId:extensions:attestationObject:]):
+        (-[_WKAuthenticatorSelectionCriteria init]):
+        (-[_WKPublicKeyCredentialCreationOptions initWithRp:user:pubKeyCredParams:]):
+        (-[_WKPublicKeyCredentialDescriptor initWithType:identifier:]):
+        (-[_WKPublicKeyCredentialEntity initWithName:]):
+        (-[_WKPublicKeyCredentialParameters initWithType:alg:]):
+        (-[_WKPublicKeyCredentialRequestOptions init]):
+        (-[_WKPublicKeyCredentialRpEntity initWithName:]):
+        (-[_WKPublicKeyCredentialUserEntity initWithName:identifier:displayName:]):
+        (-[_WKWebAuthenticationPanel init]):
+        (vectorFromNSData):
+        (encodeEntity):
+        (publicKeyCredentialRpEntity):
+        (publicKeyCredentialUserEntity):
+        (publicKeyCredentialParameters):
+        (authenticatorTransport):
+        (authenticatorTransports):
+        (publicKeyCredentialDescriptors):
+        (authenticatorAttachment):
+        (userVerification):
+        (authenticatorSelectionCriteria):
+        (attestationConveyancePreference):
+        (authenticationExtensionsClientInputs):
+        (+[_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:]):
+        (wkAuthenticatorAttestationResponse):
+        (-[_WKWebAuthenticationPanel makeCredentialWithHash:options:completionHandler:]):
+        (+[_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:]):
+        (wkAuthenticatorAssertionResponse):
+        (-[_WKWebAuthenticationPanel getAssertionWithHash:options:completionHandler:]):
+        (+[_WKWebAuthenticationPanel isUserVerifyingPlatformAuthenticatorAvailable]):
+        Implements the SPI.
+
+        * UIProcess/WebAuthentication/WebAuthenticationRequestData.h:
+        Marks things as to deprecate.
+
 2020-11-20  Kate Cheney  <katherine_cheney@apple.com>
 

trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationPanel.cpp

@@ -42 +42 @@
 }
 
+WebAuthenticationPanel::WebAuthenticationPanel()
+    : m_manager(makeUnique<AuthenticatorManager>())
+    , m_client(makeUniqueRef<WebAuthenticationPanelClient>())
+{
+}
+
 WebAuthenticationPanel::WebAuthenticationPanel(const AuthenticatorManager& manager, const WTF::String& rpId, const TransportSet& transports, ClientDataType type)
-    : m_manager(makeWeakPtr(manager))
+    : m_client(makeUniqueRef<WebAuthenticationPanelClient>())
+    , m_weakManager(makeWeakPtr(manager))
     , m_rpId(rpId)
-    , m_client(WTF::makeUniqueRef<WebAuthenticationPanelClient>())
     , m_clientDataType(type)
 {
@@ -60 +66 @@
 WebAuthenticationPanel::~WebAuthenticationPanel() = default;
 
+void WebAuthenticationPanel::handleRequest(WebAuthenticationRequestData&& request, Callback&& callback)
+{
+    ASSERT(m_manager);
+    m_manager->handleRequest(WTFMove(request), WTFMove(callback));
+}
+
 void WebAuthenticationPanel::cancel() const
 {
-    if (m_manager)
-        m_manager->cancelRequest(*this);
+    if (m_weakManager)
+        m_weakManager->cancelRequest(*this);
 }
 

trunk/Source/WebKit/UIProcess/API/APIWebAuthenticationPanel.h

@@ -36 +36 @@
 namespace WebCore {
 enum class ClientDataType : bool;
+
+class AuthenticatorResponse;
+
+struct ExceptionData;
 }
 
 namespace WebKit {
 class AuthenticatorManager;
+
+struct WebAuthenticationRequestData;
 }
 
@@ -48 +54 @@
 class WebAuthenticationPanel final : public ObjectImpl<Object::Type::WebAuthenticationPanel>, public CanMakeWeakPtr<WebAuthenticationPanel> {
 public:
-    using TransportSet = HashSet<WebCore::AuthenticatorTransport, WTF::IntHash<WebCore::AuthenticatorTransport>, WTF::StrongEnumHashTraits<WebCore::AuthenticatorTransport>>;
+    using Response = Variant<Ref<WebCore::AuthenticatorResponse>, WebCore::ExceptionData>;
+    using Callback = CompletionHandler<void(Response&&)>;
 
-    static Ref<WebAuthenticationPanel> create(const WebKit::AuthenticatorManager&, const WTF::String& rpId, const TransportSet&, WebCore::ClientDataType);
+    WebAuthenticationPanel();
     ~WebAuthenticationPanel();
 
-    WTF::String rpId() const { return m_rpId; }
-    const Vector<WebCore::AuthenticatorTransport>& transports() const { return m_transports; }
-    WebCore::ClientDataType clientDataType() const { return m_clientDataType; }
+    void handleRequest(WebKit::WebAuthenticationRequestData&&, Callback&&);
     void cancel() const;
 
@@ -61 +66 @@
     void setClient(UniqueRef<WebAuthenticationPanelClient>&&);
 
+    // FIXME: <rdar://problem/71509848> Remove the following deprecated methods.
+    using TransportSet = HashSet<WebCore::AuthenticatorTransport, WTF::IntHash<WebCore::AuthenticatorTransport>, WTF::StrongEnumHashTraits<WebCore::AuthenticatorTransport>>;
+    static Ref<WebAuthenticationPanel> create(const WebKit::AuthenticatorManager&, const WTF::String& rpId, const TransportSet&, WebCore::ClientDataType);
+    WTF::String rpId() const { return m_rpId; }
+    const Vector<WebCore::AuthenticatorTransport>& transports() const { return m_transports; }
+    WebCore::ClientDataType clientDataType() const { return m_clientDataType; }
+
 private:
+    // FIXME: <rdar://problem/71509848> Remove the following deprecated method.
     WebAuthenticationPanel(const WebKit::AuthenticatorManager&, const WTF::String& rpId, const TransportSet&, WebCore::ClientDataType);
 
-    WeakPtr<WebKit::AuthenticatorManager> m_manager;
+    std::unique_ptr<WebKit::AuthenticatorManager> m_manager; // FIXME: <rdar://problem/71509848> Change to UniqueRef.
+    UniqueRef<WebAuthenticationPanelClient> m_client;
+
+    // FIXME: <rdar://problem/71509848> Remove the following deprecated fields.
+    WeakPtr<WebKit::AuthenticatorManager> m_weakManager;
     WTF::String m_rpId;
-    UniqueRef<WebAuthenticationPanelClient> m_client;
     Vector<WebCore::AuthenticatorTransport> m_transports;
     WebCore::ClientDataType m_clientDataType;

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKAuthenticationExtensionsClientInputs : NSObject
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+@property (nullable, nonatomic, copy) NSString *appid;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@end
 
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKAuthenticationExtensionsClientInputs.h"
 
-#if ENABLE(WEB_AUTHN)
-
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
-
-namespace WebKit {
-
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@implementation _WKAuthenticationExtensionsClientInputs
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientOutputs.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKAuthenticationExtensionsClientOutputs : NSObject
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+@property (nonatomic, readonly) BOOL appid;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@end
 
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientOutputs.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKAuthenticationExtensionsClientOutputs.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKAuthenticationExtensionsClientOutputs
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)initWithAppid:(BOOL)appid
+{
+    if (!(self = [super init]))
+        return nil;
 
-namespace WebKit {
+    _appid = appid;
+    return self;
+}
 
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientOutputsInternal.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKAuthenticationExtensionsClientOutputs.h"
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+@interface _WKAuthenticationExtensionsClientOutputs ()
 
-class WebPageProxy;
+- (instancetype)initWithAppid:(BOOL)appid;
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+@end
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/_WKAuthenticatorResponse.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKAuthenticatorAssertionResponse : _WKAuthenticatorResponse
 
-class WebPageProxy;
+@property (nonatomic, readonly) NSData *authenticatorData;
+@property (nonatomic, readonly) NSData *signature;
+@property (nullable, nonatomic, readonly) NSData *userHandle;
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+@end
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKAuthenticatorAssertionResponse.h"
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKAuthenticationExtensionsClientOutputs.h"
+#import "_WKAuthenticatorResponseInternal.h"
+#import <wtf/RetainPtr.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+@implementation _WKAuthenticatorAssertionResponse
 
-namespace WebKit {
+- (instancetype)initWithRawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions authenticatorData:(NSData *)authenticatorData signature:(NSData *)signature userHandle:(NSData *)userHandle
+{
+    if (!(self = [super initWithRawId:rawId extensions:WTFMove(extensions)]))
+        return nil;
 
-class WebPageProxy;
+    _authenticatorData = authenticatorData;
+    _signature = signature;
+    _userHandle = userHandle;
+    return self;
+}
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKAuthenticatorAssertionResponse.h"
+#import <wtf/RetainPtr.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+@class _WKAuthenticationExtensionsClientOutputs;
 
-class WebPageProxy;
+@interface _WKAuthenticatorAssertionResponse ()
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+- (instancetype)initWithRawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions authenticatorData:(NSData *)authenticatorData signature:(NSData *)signature userHandle:(NSData *)userHandle;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@end
 
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/_WKAuthenticatorResponse.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKAuthenticatorAttestationResponse : _WKAuthenticatorResponse
 
-class WebPageProxy;
+@property (nonatomic, readonly) NSData *attestationObject;
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+@end
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKAuthenticatorAttestationResponse.h"
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKAuthenticationExtensionsClientOutputs.h"
+#import "_WKAuthenticatorResponseInternal.h"
+#import <wtf/RetainPtr.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+@implementation _WKAuthenticatorAttestationResponse
 
-namespace WebKit {
+- (instancetype)initWithRawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attestationObject:(NSData *)attestationObject
+{
+    if (!(self = [super initWithRawId:rawId extensions:WTFMove(extensions)]))
+        return nil;
 
-class WebPageProxy;
+    _attestationObject = attestationObject;
+    return self;
+}
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKAuthenticatorAttestationResponse.h"
+#import <wtf/RetainPtr.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+@class _WKAuthenticationExtensionsClientOutputs;
 
-class WebPageProxy;
+@interface _WKAuthenticatorAttestationResponse ()
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+- (instancetype)initWithRawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attestationObject:(NSData *)attestationObject;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@end
 
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+@class _WKAuthenticationExtensionsClientOutputs;
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKAuthenticatorResponse : NSObject
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@property (nonatomic, readonly) NSData *rawId;
+@property (nullable, nonatomic, readonly, strong) _WKAuthenticationExtensionsClientOutputs *extensions;
 
-} // namespace WebKit
+@end
 
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKAuthenticatorResponseInternal.h"
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKAuthenticationExtensionsClientOutputs.h"
+#import <wtf/RetainPtr.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+@implementation _WKAuthenticatorResponse {
+    RetainPtr<_WKAuthenticationExtensionsClientOutputs> _extensions;
+}
 
-namespace WebKit {
+- (instancetype)initWithRawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions
+{
+    if (!(self = [super init]))
+        return nil;
 
-class WebPageProxy;
+    _rawId = rawId;
+    _extensions = extensions;
+    return self;
+}
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+- (_WKAuthenticationExtensionsClientOutputs *)extensions
+{
+    return _extensions.get();
+}
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKAuthenticatorResponse.h"
+#import <wtf/RetainPtr.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+@class _WKAuthenticationExtensionsClientOutputs;
 
-class WebPageProxy;
+@interface _WKAuthenticatorResponse ()
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+- (instancetype)initWithRawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@end
 
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
+#import <WebKit/_WKUserVerificationRequirement.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+typedef NS_ENUM(NSInteger, _WKAuthenticatorAttachment) {
+    _WKAuthenticatorAttachmentAll,
+    _WKAuthenticatorAttachmentPlatform,
+    _WKAuthenticatorAttachmentCrossPlatform,
+} WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKAuthenticatorSelectionCriteria : NSObject
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+/*!@discussion The default value is _WKAuthenticatorAttachmentAll.*/
+@property (nonatomic) _WKAuthenticatorAttachment authenticatorAttachment;
 
-} // namespace WebKit
+/*!@discussion The default value is NO.*/
+@property (nonatomic) BOOL requireResidentKey;
 
-#endif // ENABLE(WEB_AUTHN)
+/*!@discussion The default value is _WKUserVerificationRequirementPreferred.*/
+@property (nonatomic) _WKUserVerificationRequirement userVerification;
+
+@end
+
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorSelectionCriteria.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKAuthenticatorSelectionCriteria.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKAuthenticatorSelectionCriteria
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)init
+{
+    if (!(self = [super init]))
+        return nil;
 
-namespace WebKit {
+    self.authenticatorAttachment = _WKAuthenticatorAttachmentAll;
+    self.requireResidentKey = NO;
+    self.userVerification = _WKUserVerificationRequirementPreferred;
+    return self;
+}
 
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialCreationOptions.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKPublicKeyCredentialCreationOptions.h"
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKPublicKeyCredentialRelyingPartyEntity.h"
+#import "_WKPublicKeyCredentialUserEntity.h"
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+@implementation _WKPublicKeyCredentialCreationOptions
 
-namespace WebKit {
+- (instancetype)initWithRelyingParty:(_WKPublicKeyCredentialRelyingPartyEntity *)relyingParty user:(_WKPublicKeyCredentialUserEntity *)user publicKeyCredentialParamaters:(NSArray<_WKPublicKeyCredentialParameters *> *)publicKeyCredentialParamaters
+{
+    if (!(self = [super init]))
+        return nil;
 
-class WebPageProxy;
+    self.relyingParty = relyingParty;
+    self.user = user;
+    self.publicKeyCredentialParamaters = publicKeyCredentialParamaters;
+    return self;
+}
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialDescriptor.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKPublicKeyCredentialDescriptor : NSObject
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
++ (instancetype)new NS_UNAVAILABLE;
+- (instancetype)init NS_UNAVAILABLE;
+- (instancetype)initWithIdentifier:(NSData *)identifier;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@property (nonatomic, copy) NSData *identifier;
+@property (nullable, nonatomic, copy) NSArray<NSNumber *> *transports;
 
-} // namespace WebKit
+@end
 
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialDescriptor.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKPublicKeyCredentialDescriptor.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKPublicKeyCredentialDescriptor
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)initWithIdentifier:(NSData *)identifier
+{
+    if (!(self = [super init]))
+        return nil;
 
-namespace WebKit {
+    self.identifier = identifier;
+    return self;
+}
 
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialEntity.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKPublicKeyCredentialEntity : NSObject
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
++ (instancetype)new NS_UNAVAILABLE;
+- (instancetype)init NS_UNAVAILABLE;
+- (instancetype)initWithName:(NSString *)name;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@property (nonatomic, copy) NSString *name;
+@property (nullable, nonatomic, copy) NSString *icon;
 
-} // namespace WebKit
+@end
 
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialEntity.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKPublicKeyCredentialEntity.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKPublicKeyCredentialEntity
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)initWithName:(NSString *)name
+{
+    if (!(self = [super init]))
+        return nil;
 
-namespace WebKit {
+    self.name = name;
+    return self;
+}
 
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialParameters.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKPublicKeyCredentialParameters : NSObject
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
++ (instancetype)new NS_UNAVAILABLE;
+- (instancetype)init NS_UNAVAILABLE;
+- (instancetype)initWithAlgorithm:(NSNumber *)algorithm;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@property (nonatomic, copy) NSNumber *algorithm;
 
-} // namespace WebKit
+@end
 
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialParameters.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKPublicKeyCredentialParameters.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKPublicKeyCredentialParameters
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)initWithAlgorithm:(NSNumber *)algorithm
+{
+    if (!(self = [super init]))
+        return nil;
 
-namespace WebKit {
+    self.algorithm = algorithm;
+    return self;
+}
 
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRelyingPartyEntity.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/_WKPublicKeyCredentialEntity.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKPublicKeyCredentialRelyingPartyEntity : _WKPublicKeyCredentialEntity
 
-class WebPageProxy;
++ (instancetype)new NS_UNAVAILABLE;
+- (instancetype)init NS_UNAVAILABLE;
+- (instancetype)initWithName:(NSString *)name;
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+@property (nullable, nonatomic, copy) NSString *identifier;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@end
 
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRelyingPartyEntity.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKPublicKeyCredentialRelyingPartyEntity.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKPublicKeyCredentialRelyingPartyEntity
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)initWithName:(NSString *)name
+{
+    if (!(self = [super initWithName:name]))
+        return nil;
+    return self;
+}
 
-namespace WebKit {
-
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRequestOptions.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+#import <Foundation/Foundation.h>
+#import <WebKit/_WKUserVerificationRequirement.h>
 
-namespace WebKit {
+NS_ASSUME_NONNULL_BEGIN
 
-class WebPageProxy;
+@class _WKAuthenticationExtensionsClientInputs;
+@class _WKPublicKeyCredentialDescriptor;
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKPublicKeyCredentialRequestOptions : NSObject
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@property (nullable, nonatomic, copy) NSNumber *timeout;
+@property (nullable, nonatomic, copy) NSString *relyingPartyIdentifier;
+@property (nullable, nonatomic, copy) NSArray<_WKPublicKeyCredentialDescriptor *> *allowCredentials;
+/*!@discussion The default value is _WKUserVerificationRequirementPreferred.*/
+@property (nonatomic) _WKUserVerificationRequirement userVerification;
+@property (nullable, nonatomic, strong) _WKAuthenticationExtensionsClientInputs *extensions;
 
-} // namespace WebKit
+@end
 
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialRequestOptions.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKPublicKeyCredentialRequestOptions.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKPublicKeyCredentialRequestOptions
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)init
+{
+    if (!(self = [super init]))
+        return nil;
 
-namespace WebKit {
+    self.userVerification = _WKUserVerificationRequirementPreferred;
+    return self;
+}
 
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialUserEntity.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/_WKPublicKeyCredentialEntity.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+NS_ASSUME_NONNULL_BEGIN
 
-namespace WebKit {
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKPublicKeyCredentialUserEntity : _WKPublicKeyCredentialEntity
 
-class WebPageProxy;
++ (instancetype)new NS_UNAVAILABLE;
+- (instancetype)init NS_UNAVAILABLE;
+- (instancetype)initWithName:(NSString *)name NS_UNAVAILABLE;
+- (instancetype)initWithName:(NSString *)name identifier:(NSData *)identifier displayName:(NSString *)displayName;
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
+@property (nonatomic, copy) NSData *identifier;
+@property (nonatomic, copy) NSString *displayName;
 
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
+@end
 
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+NS_ASSUME_NONNULL_END

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKPublicKeyCredentialUserEntity.mm

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -24 +24 @@
  */
 
-#pragma once
+#import "config.h"
+#import "_WKPublicKeyCredentialUserEntity.h"
 
-#if ENABLE(WEB_AUTHN)
+@implementation _WKPublicKeyCredentialUserEntity
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+- (instancetype)initWithName:(NSString *)name identifier:(NSData *)identifier displayName:(NSString *)displayName
+{
+    if (!(self = [super initWithName:name]))
+        return nil;
 
-namespace WebKit {
+    self.identifier = identifier;
+    self.displayName = displayName;
+    return self;
+}
 
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKUserVerificationRequirement.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import <WebKit/WKFoundation.h>
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
-
-namespace WebKit {
-
-class WebPageProxy;
-
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+typedef NS_ENUM(NSInteger, _WKUserVerificationRequirement) {
+    _WKUserVerificationRequirementRequired,
+    _WKUserVerificationRequirementPreferred,
+    _WKUserVerificationRequirementDiscouraged,
+} WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h

@@ -29 +29 @@
 NS_ASSUME_NONNULL_BEGIN
 
-@class LAContext;
+@class _WKAuthenticatorAttestationResponse;
+@class _WKAuthenticatorAssertionResponse;
+@class _WKPublicKeyCredentialCreationOptions;
+@class _WKPublicKeyCredentialRequestOptions;
 @class _WKWebAuthenticationAssertionResponse;
 @class _WKWebAuthenticationPanel;
@@ -76 +79 @@
 } WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
 
+// FIXME: <rdar://problem/71509141> Optimize the delegate for the AuthenticationService.framework.
 @protocol _WKWebAuthenticationPanelDelegate <NSObject>
 
@@ -92 +96 @@
 
 @property (nullable, nonatomic, weak) id <_WKWebAuthenticationPanelDelegate> delegate;
+
++ (void)clearAllLocalAuthenticatorCredentials;
++ (BOOL)isUserVerifyingPlatformAuthenticatorAvailable;
+
+- (instancetype)init;
+
+// FIXME: <rdar://problem/71509394> Adds ClientDataJSON.
+// FIXME: <rdar://problem/71509485> Adds detailed NSError.
+- (void)makeCredentialWithHash:(NSData *)hash options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+- (void)getAssertionWithHash:(NSData *)hash options:(_WKPublicKeyCredentialRequestOptions *)options completionHandler:(void (^)(_WKAuthenticatorAssertionResponse *, NSError *))handler WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+- (void)cancel;
+
+// FIXME: <rdar://problem/71509848> Deprecate the following properties.
 @property (nonatomic, readonly, copy) NSString *relyingPartyID;
 @property (nonatomic, readonly, copy) NSSet *transports;
 @property (nonatomic, readonly) _WKWebAuthenticationType type;
 
-+ (void)clearAllLocalAuthenticatorCredentials;
-
-- (void)cancel;
-
 @end
 

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm

@@ -27 +27 @@
 #import "_WKWebAuthenticationPanelInternal.h"
 
+
 #import "LocalAuthenticator.h"
+#import "LocalService.h"
+#import "WKError.h"
 #import "WebAuthenticationPanelClient.h"
+#import "_WKAuthenticationExtensionsClientInputs.h"
+#import "_WKAuthenticationExtensionsClientOutputsInternal.h"
+#import "_WKAuthenticatorAssertionResponseInternal.h"
+#import "_WKAuthenticatorAttestationResponseInternal.h"
+#import "_WKAuthenticatorSelectionCriteria.h"
+#import "_WKPublicKeyCredentialCreationOptions.h"
+#import "_WKPublicKeyCredentialDescriptor.h"
+#import "_WKPublicKeyCredentialParameters.h"
+#import "_WKPublicKeyCredentialRequestOptions.h"
+#import "_WKPublicKeyCredentialRelyingPartyEntity.h"
+#import "_WKPublicKeyCredentialUserEntity.h"
+#import <WebCore/AuthenticatorResponse.h>
+#import <WebCore/AuthenticatorResponseData.h>
+#import <WebCore/PublicKeyCredentialCreationOptions.h>
+#import <WebCore/PublicKeyCredentialRequestOptions.h>
 #import <WebCore/WebAuthenticationConstants.h>
+#import <wtf/BlockPtr.h>
 #import <wtf/RetainPtr.h>
 
@@ -37 +56 @@
     RetainPtr<NSMutableSet> _transports;
 #endif
+}
+
+- (instancetype)init
+{
+    if (!(self = [super init]))
+        return nil;
+
+#if ENABLE(WEB_AUTHN)
+    API::Object::constructInWrapper<API::WebAuthenticationPanel>(self);
+#endif
+    return self;
 }
 
@@ -137 +167 @@
 
 #if ENABLE(WEB_AUTHN)
+static Vector<uint8_t> vectorFromNSData(NSData* data)
+{
+    Vector<uint8_t> result;
+    result.append((const uint8_t*)data.bytes, data.length);
+    return result;
+}
+
+static WebCore::PublicKeyCredentialCreationOptions::RpEntity publicKeyCredentialRpEntity(_WKPublicKeyCredentialRelyingPartyEntity *rpEntity)
+{
+    WebCore::PublicKeyCredentialCreationOptions::RpEntity result;
+    result.name = rpEntity.name;
+    result.icon = rpEntity.icon;
+    result.id = rpEntity.identifier;
+
+    return result;
+}
+
+static WebCore::PublicKeyCredentialCreationOptions::UserEntity publicKeyCredentialUserEntity(_WKPublicKeyCredentialUserEntity *userEntity)
+{
+    WebCore::PublicKeyCredentialCreationOptions::UserEntity result;
+    result.name = userEntity.name;
+    result.icon = userEntity.icon;
+    result.idVector = vectorFromNSData(userEntity.identifier);
+    result.displayName = userEntity.displayName;
+
+    return result;
+}
+
+static Vector<WebCore::PublicKeyCredentialCreationOptions::Parameters> publicKeyCredentialParameters(NSArray<_WKPublicKeyCredentialParameters *> *publicKeyCredentialParamaters)
+{
+    Vector<WebCore::PublicKeyCredentialCreationOptions::Parameters> result;
+    result.reserveInitialCapacity(publicKeyCredentialParamaters.count);
+
+    for (_WKPublicKeyCredentialParameters *param : publicKeyCredentialParamaters)
+        result.uncheckedAppend({ WebCore::PublicKeyCredentialType::PublicKey, param.algorithm.longLongValue });
+
+    return result;
+}
+
+static WebCore::AuthenticatorTransport authenticatorTransport(_WKWebAuthenticationTransport transport)
+{
+    switch (transport) {
+    case _WKWebAuthenticationTransportUSB:
+        return WebCore::AuthenticatorTransport::Usb;
+    case _WKWebAuthenticationTransportNFC:
+        return WebCore::AuthenticatorTransport::Nfc;
+    case _WKWebAuthenticationTransportInternal:
+        return WebCore::AuthenticatorTransport::Internal;
+    default:
+        ASSERT_NOT_REACHED();
+        return WebCore::AuthenticatorTransport::Usb;
+    }
+}
+
+static Vector<WebCore::AuthenticatorTransport> authenticatorTransports(NSArray<NSNumber *> *transports)
+{
+    Vector<WebCore::AuthenticatorTransport> result;
+    result.reserveInitialCapacity(transports.count);
+
+    for (NSNumber *transport : transports)
+        result.uncheckedAppend(authenticatorTransport((_WKWebAuthenticationTransport)transport.intValue));
+
+    return result;
+}
+
+static Vector<WebCore::PublicKeyCredentialDescriptor> publicKeyCredentialDescriptors(NSArray<_WKPublicKeyCredentialDescriptor *> *credentials)
+{
+    Vector<WebCore::PublicKeyCredentialDescriptor> result;
+    result.reserveInitialCapacity(credentials.count);
+
+    for (_WKPublicKeyCredentialDescriptor *credential : credentials)
+        result.uncheckedAppend({ WebCore::PublicKeyCredentialType::PublicKey, { }, vectorFromNSData(credential.identifier), authenticatorTransports(credential.transports) });
+
+    return result;
+}
+
+static Optional<WebCore::PublicKeyCredentialCreationOptions::AuthenticatorAttachment> authenticatorAttachment(_WKAuthenticatorAttachment attachment)
+{
+    switch (attachment) {
+    case _WKAuthenticatorAttachmentAll:
+        return WTF::nullopt;
+    case _WKAuthenticatorAttachmentPlatform:
+        return WebCore::PublicKeyCredentialCreationOptions::AuthenticatorAttachment::Platform;
+    case _WKAuthenticatorAttachmentCrossPlatform:
+        return WebCore::PublicKeyCredentialCreationOptions::AuthenticatorAttachment::CrossPlatform;
+    default:
+        ASSERT_NOT_REACHED();
+        return WTF::nullopt;
+    }
+}
+
+static WebCore::UserVerificationRequirement userVerification(_WKUserVerificationRequirement uv)
+{
+    switch (uv) {
+    case _WKUserVerificationRequirementRequired:
+        return WebCore::UserVerificationRequirement::Required;
+    case _WKUserVerificationRequirementPreferred:
+        return WebCore::UserVerificationRequirement::Preferred;
+    case _WKUserVerificationRequirementDiscouraged:
+        return WebCore::UserVerificationRequirement::Discouraged;
+    default:
+        ASSERT_NOT_REACHED();
+        return WebCore::UserVerificationRequirement::Preferred;
+    }
+}
+
+static WebCore::PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria authenticatorSelectionCriteria(_WKAuthenticatorSelectionCriteria *authenticatorSelection)
+{
+    WebCore::PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria result;
+    result.authenticatorAttachment = authenticatorAttachment(authenticatorSelection.authenticatorAttachment);
+    result.requireResidentKey = authenticatorSelection.requireResidentKey;
+    result.userVerification = userVerification(authenticatorSelection.userVerification);
+
+    return result;
+}
+
+static WebCore::AttestationConveyancePreference attestationConveyancePreference(_WKAttestationConveyancePreference attestation)
+{
+    switch (attestation) {
+    case _WKAttestationConveyancePreferenceNone:
+        return WebCore::AttestationConveyancePreference::None;
+    case _WKAttestationConveyancePreferenceIndirect:
+        return WebCore::AttestationConveyancePreference::Indirect;
+    case _WKAttestationConveyancePreferenceDirect:
+        return WebCore::AttestationConveyancePreference::Direct;
+    default:
+        ASSERT_NOT_REACHED();
+        return WebCore::AttestationConveyancePreference::None;
+    }
+}
+
+static WebCore::AuthenticationExtensionsClientInputs authenticationExtensionsClientInputs(_WKAuthenticationExtensionsClientInputs *extensions)
+{
+    WebCore::AuthenticationExtensionsClientInputs result;
+    result.appid = extensions.appid;
+    result.googleLegacyAppidSupport = false;
+
+    return result;
+}
+#endif
+
++ (WebCore::PublicKeyCredentialCreationOptions)convertToCoreCreationOptionsWithOptions:(_WKPublicKeyCredentialCreationOptions *)options
+{
+    WebCore::PublicKeyCredentialCreationOptions result;
+
+#if ENABLE(WEB_AUTHN)
+    result.rp = publicKeyCredentialRpEntity(options.relyingParty);
+    result.user = publicKeyCredentialUserEntity(options.user);
+
+    result.pubKeyCredParams = publicKeyCredentialParameters(options.publicKeyCredentialParamaters);
+
+    if (options.timeout)
+        result.timeout = options.timeout.unsignedIntValue;
+    if (options.excludeCredentials)
+        result.excludeCredentials = publicKeyCredentialDescriptors(options.excludeCredentials);
+    if (options.authenticatorSelection)
+        result.authenticatorSelection = authenticatorSelectionCriteria(options.authenticatorSelection);
+    result.attestation = attestationConveyancePreference(options.attestation);
+    result.extensions = authenticationExtensionsClientInputs(options.extensions);
+#endif
+
+    return result;
+}
+
+#if ENABLE(WEB_AUTHN)
+static RetainPtr<_WKAuthenticatorAttestationResponse> wkAuthenticatorAttestationResponse(const WebCore::AuthenticatorResponseData& data)
+{
+    return adoptNS([[_WKAuthenticatorAttestationResponse alloc] initWithRawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensions:nil attestationObject:[NSData dataWithBytes:data.attestationObject->data() length:data.attestationObject->byteLength()]]);
+}
+#endif
+
+- (void)makeCredentialWithHash:(NSData *)hash options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler
+{
+#if ENABLE(WEB_AUTHN)
+    auto callback = [handler = makeBlockPtr(handler)] (Variant<Ref<WebCore::AuthenticatorResponse>, WebCore::ExceptionData>&& result) mutable {
+        WTF::switchOn(result, [&](const Ref<WebCore::AuthenticatorResponse>& response) {
+            handler(wkAuthenticatorAttestationResponse(response->data()).get(), nil);
+        }, [&](const WebCore::ExceptionData& exception) {
+            handler(nil, [NSError errorWithDomain:WKErrorDomain code:WKErrorUnknown userInfo:nil]);
+        });
+    };
+    _panel->handleRequest({ vectorFromNSData(hash), [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, WTF::nullopt, { }, true, String() }, WTFMove(callback));
+#endif
+}
+
++ (WebCore::PublicKeyCredentialRequestOptions)convertToCoreRequestOptionsWithOptions:(_WKPublicKeyCredentialRequestOptions *)options
+{
+    WebCore::PublicKeyCredentialRequestOptions result;
+
+#if ENABLE(WEB_AUTHN)
+    if (options.timeout)
+        result.timeout = options.timeout.unsignedIntValue;
+    if (options.relyingPartyIdentifier)
+        result.rpId = options.relyingPartyIdentifier;
+    if (options.allowCredentials)
+        result.allowCredentials = publicKeyCredentialDescriptors(options.allowCredentials);
+    result.userVerification = userVerification(options.userVerification);
+    result.extensions = authenticationExtensionsClientInputs(options.extensions);
+#endif
+
+    return result;
+}
+
+#if ENABLE(WEB_AUTHN)
+static RetainPtr<_WKAuthenticatorAssertionResponse> wkAuthenticatorAssertionResponse(const WebCore::AuthenticatorResponseData& data)
+{
+    RetainPtr<_WKAuthenticationExtensionsClientOutputs> extensions;
+    if (data.appid)
+        extensions = adoptNS([[_WKAuthenticationExtensionsClientOutputs alloc] initWithAppid:data.appid.value()]);
+
+    NSData *userHandle = nil;
+    if (data.userHandle)
+        userHandle = [NSData dataWithBytes:data.userHandle->data() length:data.userHandle->byteLength()];
+
+    return adoptNS([[_WKAuthenticatorAssertionResponse alloc] initWithRawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensions:WTFMove(extensions) authenticatorData:[NSData dataWithBytes:data.authenticatorData->data() length:data.authenticatorData->byteLength()] signature:[NSData dataWithBytes:data.signature->data() length:data.signature->byteLength()] userHandle:userHandle]);
+}
+#endif
+
+- (void)getAssertionWithHash:(NSData *)hash options:(_WKPublicKeyCredentialRequestOptions *)options completionHandler:(void (^)(_WKAuthenticatorAssertionResponse *, NSError *))handler
+{
+#if ENABLE(WEB_AUTHN)
+    auto callback = [handler = makeBlockPtr(handler)] (Variant<Ref<WebCore::AuthenticatorResponse>, WebCore::ExceptionData>&& result) mutable {
+        WTF::switchOn(result, [&](const Ref<WebCore::AuthenticatorResponse>& response) {
+            handler(wkAuthenticatorAssertionResponse(response->data()).get(), nil);
+        }, [&](const WebCore::ExceptionData& exception) {
+            handler(nil, [NSError errorWithDomain:WKErrorDomain code:WKErrorUnknown userInfo:nil]);
+        });
+    };
+    _panel->handleRequest({ vectorFromNSData(hash), [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options], nullptr, WebKit::WebAuthenticationPanelResult::Unavailable, nullptr, WTF::nullopt, { }, true, String() }, WTFMove(callback));
+#endif
+}
+
++ (BOOL)isUserVerifyingPlatformAuthenticatorAvailable
+{
+#if ENABLE(WEB_AUTHN)
+    return WebKit::LocalService::isAvailable();
+#else
+    return NO;
+#endif
+}
+
+#if ENABLE(WEB_AUTHN)
 #pragma mark WKObject protocol implementation
 

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanelForTesting.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26 +26 @@
 #pragma once
 
-#if ENABLE(WEB_AUTHN)
+#import "_WKWebAuthenticationPanel.h"
 
-#include "APIWebAuthenticationPanel.h"
-#include "FrameInfoData.h"
-#include "WebAuthenticationFlags.h"
-#include <WebCore/GlobalFrameIdentifier.h>
-#include <WebCore/PublicKeyCredentialCreationOptions.h>
-#include <WebCore/PublicKeyCredentialRequestOptions.h>
-#include <WebCore/WebAuthenticationConstants.h>
-#include <wtf/Variant.h>
-#include <wtf/Vector.h>
-#include <wtf/WeakPtr.h>
+namespace WebCore {
+struct PublicKeyCredentialCreationOptions;
+struct PublicKeyCredentialRequestOptions;
+}
 
-namespace WebKit {
+WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
+@interface _WKWebAuthenticationPanel (WKTesting)
 
-class WebPageProxy;
+// FIXME: <rdar://problem/71509714> Introduces mock testing.
++ (WebCore::PublicKeyCredentialCreationOptions)convertToCoreCreationOptionsWithOptions:(_WKPublicKeyCredentialCreationOptions *)options WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
++ (WebCore::PublicKeyCredentialRequestOptions)convertToCoreRequestOptionsWithOptions:(_WKPublicKeyCredentialRequestOptions *)options WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
 
-struct WebAuthenticationRequestData {
-    Vector<uint8_t> hash;
-    Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
-    WeakPtr<WebPageProxy> page;
-    WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
-    RefPtr<API::WebAuthenticationPanel> panel;
-    WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
-    WebKit::FrameInfoData frameInfo;
-    bool processingUserGesture;
-    String cachedPin; // Only used to improve NFC Client PIN experience.
-};
-
-WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);
-
-} // namespace WebKit
-
-#endif // ENABLE(WEB_AUTHN)
+@end

trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h

@@ -46 +46 @@
     Vector<uint8_t> hash;
     Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions> options;
+
+    // FIXME<rdar://problem/71509848>: Remove the following deprecated fields.
     WeakPtr<WebPageProxy> page;
     WebAuthenticationPanelResult panelResult { WebAuthenticationPanelResult::Unavailable };
@@ -51 +53 @@
     WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
     WebKit::FrameInfoData frameInfo;
+
     bool processingUserGesture;
     String cachedPin; // Only used to improve NFC Client PIN experience.

trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj

@@ -1134 +1134 @@
                 577FF7852346ECAA004EDFB9 /* WebAuthenticationPanelClient.h in Headers */ = {isa = PBXBuildFile; fileRef = 577FF7832346ECAA004EDFB9 /* WebAuthenticationPanelClient.h */; };
                 578DC2982155A0020074E815 /* LocalAuthenticationSoftLink.h in Headers */ = {isa = PBXBuildFile; fileRef = 578DC2972155A0010074E815 /* LocalAuthenticationSoftLink.h */; };
+                5790A6532565DED30077C5A7 /* _WKWebAuthenticationPanelForTesting.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A6512565DE6A0077C5A7 /* _WKWebAuthenticationPanelForTesting.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A656256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A654256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A657256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A655256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.mm */; };
+                5790A65A25679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A65825679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A65B25679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A65925679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.mm */; };
+                5790A65E25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A65C25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A65F25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A65D25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.mm */; };
+                5790A66225679C860077C5A7 /* _WKPublicKeyCredentialParameters.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A66025679C860077C5A7 /* _WKPublicKeyCredentialParameters.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A66325679C860077C5A7 /* _WKPublicKeyCredentialParameters.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A66125679C860077C5A7 /* _WKPublicKeyCredentialParameters.mm */; };
+                5790A66625679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A66425679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A66725679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A66525679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.mm */; };
+                5790A66925679E000077C5A7 /* _WKUserVerificationRequirement.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A66825679E000077C5A7 /* _WKUserVerificationRequirement.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A66C25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A66A25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A66D25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A66B25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.mm */; };
+                5790A67025679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A66E25679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A67125679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A66F25679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.mm */; };
+                5790A67425679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A67225679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A67525679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A67325679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.mm */; };
+                5790A6782567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A6762567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A6792567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A6772567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.mm */; };
+                5790A67C2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A67A2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A67D2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A67B2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.mm */; };
+                5790A6802567A1AC0077C5A7 /* _WKAuthenticatorResponse.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A67E2567A1AC0077C5A7 /* _WKAuthenticatorResponse.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A6812567A1AC0077C5A7 /* _WKAuthenticatorResponse.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A67F2567A1AC0077C5A7 /* _WKAuthenticatorResponse.mm */; };
+                5790A6842567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A6822567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A6852567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A6832567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.mm */; };
+                5790A6882567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A6862567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                5790A6892567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5790A6872567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.mm */; };
+                5790A68B2567A4CC0077C5A7 /* _WKAuthenticatorResponseInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A68A2567A4CC0077C5A7 /* _WKAuthenticatorResponseInternal.h */; };
+                5790A68D2567B4490077C5A7 /* _WKAuthenticatorAttestationResponseInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A68C2567B4490077C5A7 /* _WKAuthenticatorAttestationResponseInternal.h */; };
+                5790A68F2567B4CF0077C5A7 /* _WKAuthenticatorAssertionResponseInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A68E2567B4CF0077C5A7 /* _WKAuthenticatorAssertionResponseInternal.h */; };
+                5790A6912567B5E00077C5A7 /* _WKAuthenticationExtensionsClientOutputsInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 5790A6902567B5E00077C5A7 /* _WKAuthenticationExtensionsClientOutputsInternal.h */; };
                 579F1BF623C80DB600C7D4B4 /* _WKWebAuthenticationAssertionResponse.h in Headers */ = {isa = PBXBuildFile; fileRef = 579F1BF423C80DB600C7D4B4 /* _WKWebAuthenticationAssertionResponse.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 579F1BF923C80EC600C7D4B4 /* _WKWebAuthenticationAssertionResponseInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 579F1BF823C80EC600C7D4B4 /* _WKWebAuthenticationAssertionResponseInternal.h */; };
@@ -4014 +4046 @@
                 577FF7842346ECAA004EDFB9 /* WebAuthenticationPanelClient.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = WebAuthenticationPanelClient.mm; sourceTree = "<group>"; };
                 578DC2972155A0010074E815 /* LocalAuthenticationSoftLink.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = LocalAuthenticationSoftLink.h; sourceTree = "<group>"; };
+                5790A6512565DE6A0077C5A7 /* _WKWebAuthenticationPanelForTesting.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKWebAuthenticationPanelForTesting.h; sourceTree = "<group>"; };
+                5790A654256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKPublicKeyCredentialEntity.h; sourceTree = "<group>"; };
+                5790A655256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKPublicKeyCredentialEntity.mm; sourceTree = "<group>"; };
+                5790A65825679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKPublicKeyCredentialRelyingPartyEntity.h; sourceTree = "<group>"; };
+                5790A65925679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKPublicKeyCredentialRelyingPartyEntity.mm; sourceTree = "<group>"; };
+                5790A65C25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKPublicKeyCredentialUserEntity.h; sourceTree = "<group>"; };
+                5790A65D25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKPublicKeyCredentialUserEntity.mm; sourceTree = "<group>"; };
+                5790A66025679C860077C5A7 /* _WKPublicKeyCredentialParameters.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKPublicKeyCredentialParameters.h; sourceTree = "<group>"; };
+                5790A66125679C860077C5A7 /* _WKPublicKeyCredentialParameters.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKPublicKeyCredentialParameters.mm; sourceTree = "<group>"; };
+                5790A66425679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticatorSelectionCriteria.h; sourceTree = "<group>"; };
+                5790A66525679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKAuthenticatorSelectionCriteria.mm; sourceTree = "<group>"; };
+                5790A66825679E000077C5A7 /* _WKUserVerificationRequirement.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKUserVerificationRequirement.h; sourceTree = "<group>"; };
+                5790A66A25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKPublicKeyCredentialDescriptor.h; sourceTree = "<group>"; };
+                5790A66B25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKPublicKeyCredentialDescriptor.mm; sourceTree = "<group>"; };
+                5790A66E25679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticationExtensionsClientInputs.h; sourceTree = "<group>"; };
+                5790A66F25679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKAuthenticationExtensionsClientInputs.mm; sourceTree = "<group>"; };
+                5790A67225679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKPublicKeyCredentialCreationOptions.h; sourceTree = "<group>"; };
+                5790A67325679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKPublicKeyCredentialCreationOptions.mm; sourceTree = "<group>"; };
+                5790A6762567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKPublicKeyCredentialRequestOptions.h; sourceTree = "<group>"; };
+                5790A6772567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKPublicKeyCredentialRequestOptions.mm; sourceTree = "<group>"; };
+                5790A67A2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticationExtensionsClientOutputs.h; sourceTree = "<group>"; };
+                5790A67B2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKAuthenticationExtensionsClientOutputs.mm; sourceTree = "<group>"; };
+                5790A67E2567A1AC0077C5A7 /* _WKAuthenticatorResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticatorResponse.h; sourceTree = "<group>"; };
+                5790A67F2567A1AC0077C5A7 /* _WKAuthenticatorResponse.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKAuthenticatorResponse.mm; sourceTree = "<group>"; };
+                5790A6822567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticatorAttestationResponse.h; sourceTree = "<group>"; };
+                5790A6832567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKAuthenticatorAttestationResponse.mm; sourceTree = "<group>"; };
+                5790A6862567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticatorAssertionResponse.h; sourceTree = "<group>"; };
+                5790A6872567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKAuthenticatorAssertionResponse.mm; sourceTree = "<group>"; };
+                5790A68A2567A4CC0077C5A7 /* _WKAuthenticatorResponseInternal.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticatorResponseInternal.h; sourceTree = "<group>"; };
+                5790A68C2567B4490077C5A7 /* _WKAuthenticatorAttestationResponseInternal.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticatorAttestationResponseInternal.h; sourceTree = "<group>"; };
+                5790A68E2567B4CF0077C5A7 /* _WKAuthenticatorAssertionResponseInternal.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticatorAssertionResponseInternal.h; sourceTree = "<group>"; };
+                5790A6902567B5E00077C5A7 /* _WKAuthenticationExtensionsClientOutputsInternal.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKAuthenticationExtensionsClientOutputsInternal.h; sourceTree = "<group>"; };
                 579F1BF423C80DB600C7D4B4 /* _WKWebAuthenticationAssertionResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKWebAuthenticationAssertionResponse.h; sourceTree = "<group>"; };
                 579F1BF523C80DB600C7D4B4 /* _WKWebAuthenticationAssertionResponse.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKWebAuthenticationAssertionResponse.mm; sourceTree = "<group>"; };
@@ -7374 +7438 @@
                                 F44291931FA59311002CC93E /* _WKAttachment.mm */,
                                 F44291951FA5942A002CC93E /* _WKAttachmentInternal.h */,
+                                5790A66E25679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.h */,
+                                5790A66F25679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.mm */,
+                                5790A67A2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.h */,
+                                5790A67B2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.mm */,
+                                5790A6902567B5E00077C5A7 /* _WKAuthenticationExtensionsClientOutputsInternal.h */,
+                                5790A6862567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.h */,
+                                5790A6872567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.mm */,
+                                5790A68E2567B4CF0077C5A7 /* _WKAuthenticatorAssertionResponseInternal.h */,
+                                5790A6822567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.h */,
+                                5790A6832567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.mm */,
+                                5790A68C2567B4490077C5A7 /* _WKAuthenticatorAttestationResponseInternal.h */,
+                                5790A67E2567A1AC0077C5A7 /* _WKAuthenticatorResponse.h */,
+                                5790A67F2567A1AC0077C5A7 /* _WKAuthenticatorResponse.mm */,
+                                5790A68A2567A4CC0077C5A7 /* _WKAuthenticatorResponseInternal.h */,
+                                5790A66425679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.h */,
+                                5790A66525679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.mm */,
                                 99E714C11C1249E600665B3A /* _WKAutomationDelegate.h */,
                                 990D28A71C6404B000986977 /* _WKAutomationSession.h */,
@@ -7446 +7526 @@
                                 1A43E827188F3CDC009E4D30 /* _WKProcessPoolConfiguration.mm */,
                                 7C89D2D61A6C6BE6003A5FDE /* _WKProcessPoolConfigurationInternal.h */,
+                                5790A67225679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.h */,
+                                5790A67325679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.mm */,
+                                5790A66A25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.h */,
+                                5790A66B25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.mm */,
+                                5790A654256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.h */,
+                                5790A655256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.mm */,
+                                5790A66025679C860077C5A7 /* _WKPublicKeyCredentialParameters.h */,
+                                5790A66125679C860077C5A7 /* _WKPublicKeyCredentialParameters.mm */,
+                                5790A65825679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.h */,
+                                5790A65925679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.mm */,
+                                5790A6762567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.h */,
+                                5790A6772567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.mm */,
+                                5790A65C25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.h */,
+                                5790A65D25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.mm */,
                                 A55BA80C1BA12BE1007CD33D /* _WKRemoteWebInspectorViewController.h */,
                                 A55BA80D1BA12BE1007CD33D /* _WKRemoteWebInspectorViewController.mm */,
@@ -7494 +7588 @@
                                 2D87861C1BDB54BF00D02ABB /* _WKUserStyleSheet.mm */,
                                 2D87861F1BDB57F500D02ABB /* _WKUserStyleSheetInternal.h */,
+                                5790A66825679E000077C5A7 /* _WKUserVerificationRequirement.h */,
                                 1A81B37F18BD66AD0007FDAC /* _WKVisitedLinkStore.h */,
                                 1A81B37E18BD66AD0007FDAC /* _WKVisitedLinkStore.mm */,
@@ -7502 +7597 @@
                                 574728CF23456E98001700AF /* _WKWebAuthenticationPanel.h */,
                                 574728D023456E98001700AF /* _WKWebAuthenticationPanel.mm */,
+                                5790A6512565DE6A0077C5A7 /* _WKWebAuthenticationPanelForTesting.h */,
                                 574728D3234570AE001700AF /* _WKWebAuthenticationPanelInternal.h */,
                                 1AE286761C7E76510069AC4F /* _WKWebsiteDataSize.h */,
@@ -10848 +10944 @@
                                 F44291921FA591C9002CC93E /* _WKAttachment.h in Headers */,
                                 F44291961FA5942A002CC93E /* _WKAttachmentInternal.h in Headers */,
+                                5790A67025679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.h in Headers */,
+                                5790A67C2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.h in Headers */,
+                                5790A6912567B5E00077C5A7 /* _WKAuthenticationExtensionsClientOutputsInternal.h in Headers */,
+                                5790A6882567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.h in Headers */,
+                                5790A68F2567B4CF0077C5A7 /* _WKAuthenticatorAssertionResponseInternal.h in Headers */,
+                                5790A6842567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.h in Headers */,
+                                5790A68D2567B4490077C5A7 /* _WKAuthenticatorAttestationResponseInternal.h in Headers */,
+                                5790A6802567A1AC0077C5A7 /* _WKAuthenticatorResponse.h in Headers */,
+                                5790A68B2567A4CC0077C5A7 /* _WKAuthenticatorResponseInternal.h in Headers */,
+                                5790A66625679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.h in Headers */,
                                 99E714C51C124A0400665B3A /* _WKAutomationDelegate.h in Headers */,
                                 990D28AB1C6420C600986977 /* _WKAutomationSession.h in Headers */,
@@ -10904 +11010 @@
                                 1A43E82A188F3CDC009E4D30 /* _WKProcessPoolConfiguration.h in Headers */,
                                 7C89D2D71A6C6BE6003A5FDE /* _WKProcessPoolConfigurationInternal.h in Headers */,
+                                5790A67425679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.h in Headers */,
+                                5790A66C25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.h in Headers */,
+                                5790A656256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.h in Headers */,
+                                5790A66225679C860077C5A7 /* _WKPublicKeyCredentialParameters.h in Headers */,
+                                5790A6782567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.h in Headers */,
+                                5790A65A25679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.h in Headers */,
+                                5790A65E25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.h in Headers */,
                                 1A9E328D182165A900F5D04C /* _WKRemoteObjectInterface.h in Headers */,
                                 1AABFE3A1829C1ED005B070E /* _WKRemoteObjectInterfaceInternal.h in Headers */,
@@ -10944 +11057 @@
                                 2D87861D1BDB54BF00D02ABB /* _WKUserStyleSheet.h in Headers */,
                                 2D8786201BDB57F500D02ABB /* _WKUserStyleSheetInternal.h in Headers */,
+                                5790A66925679E000077C5A7 /* _WKUserVerificationRequirement.h in Headers */,
                                 1A81B38118BD66AD0007FDAC /* _WKVisitedLinkStore.h in Headers */,
                                 1A81B38518BD673A0007FDAC /* _WKVisitedLinkStoreInternal.h in Headers */,
@@ -10949 +11063 @@
                                 579F1BF923C80EC600C7D4B4 /* _WKWebAuthenticationAssertionResponseInternal.h in Headers */,
                                 574728D123456E98001700AF /* _WKWebAuthenticationPanel.h in Headers */,
+                                5790A6532565DED30077C5A7 /* _WKWebAuthenticationPanelForTesting.h in Headers */,
                                 574728D4234570AE001700AF /* _WKWebAuthenticationPanelInternal.h in Headers */,
                                 1AE286781C7E76510069AC4F /* _WKWebsiteDataSize.h in Headers */,
@@ -13081 +13196 @@
                         buildActionMask = 2147483647;
                         files = (
+                                5790A67125679F1A0077C5A7 /* _WKAuthenticationExtensionsClientInputs.mm in Sources */,
+                                5790A67D2567A13E0077C5A7 /* _WKAuthenticationExtensionsClientOutputs.mm in Sources */,
+                                5790A6892567A28A0077C5A7 /* _WKAuthenticatorAssertionResponse.mm in Sources */,
+                                5790A6852567A21E0077C5A7 /* _WKAuthenticatorAttestationResponse.mm in Sources */,
+                                5790A6812567A1AC0077C5A7 /* _WKAuthenticatorResponse.mm in Sources */,
+                                5790A66725679CEA0077C5A7 /* _WKAuthenticatorSelectionCriteria.mm in Sources */,
                                 5CBD595C2280EDF4002B22AA /* _WKCustomHeaderFields.mm in Sources */,
+                                5790A67525679F740077C5A7 /* _WKPublicKeyCredentialCreationOptions.mm in Sources */,
+                                5790A66D25679EB70077C5A7 /* _WKPublicKeyCredentialDescriptor.mm in Sources */,
+                                5790A657256799DA0077C5A7 /* _WKPublicKeyCredentialEntity.mm in Sources */,
+                                5790A66325679C860077C5A7 /* _WKPublicKeyCredentialParameters.mm in Sources */,
+                                5790A6792567A0CD0077C5A7 /* _WKPublicKeyCredentialRequestOptions.mm in Sources */,
+                                5790A65B25679B260077C5A7 /* _WKPublicKeyCredentialRelyingPartyEntity.mm in Sources */,
+                                5790A65F25679C110077C5A7 /* _WKPublicKeyCredentialUserEntity.mm in Sources */,
                                 49FBEFFD239B011D00BD032F /* _WKResourceLoadStatisticsFirstParty.mm in Sources */,
                                 49FBEFFF239B012F00BD032F /* _WKResourceLoadStatisticsThirdParty.mm in Sources */,

trunk/Tools/ChangeLog

@@ +1 @@
+2020-11-21  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebAuthn] Implement SPI for AuthenticationServices.Framework
+        https://bugs.webkit.org/show_bug.cgi?id=218893
+        <rdar://problem/71364731>
+
+        Reviewed by Alex Christensen.
+
+        * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+        (TestWebKitAPI::TEST):
+        (): Deleted.
+
 2020-11-20  Kate Cheney  <katherine_cheney@apple.com>
 

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm

@@ -34 +34 @@
 #import "WKWebViewConfigurationExtras.h"
 #import <LocalAuthentication/LocalAuthentication.h>
+#import <WebCore/PublicKeyCredentialCreationOptions.h>
+#import <WebCore/PublicKeyCredentialRequestOptions.h>
 #import <WebKit/WKPreferencesPrivate.h>
 #import <WebKit/WKUIDelegatePrivate.h>
+#import <WebKit/_WKAuthenticationExtensionsClientInputs.h>
+#import <WebKit/_WKAuthenticationExtensionsClientOutputs.h>
+#import <WebKit/_WKAuthenticatorAssertionResponse.h>
+#import <WebKit/_WKAuthenticatorAttestationResponse.h>
+#import <WebKit/_WKAuthenticatorSelectionCriteria.h>
 #import <WebKit/_WKExperimentalFeature.h>
+#import <WebKit/_WKPublicKeyCredentialCreationOptions.h>
+#import <WebKit/_WKPublicKeyCredentialDescriptor.h>
+#import <WebKit/_WKPublicKeyCredentialParameters.h>
+#import <WebKit/_WKPublicKeyCredentialRequestOptions.h>
+#import <WebKit/_WKPublicKeyCredentialRelyingPartyEntity.h>
+#import <WebKit/_WKPublicKeyCredentialUserEntity.h>
 #import <WebKit/_WKWebAuthenticationAssertionResponse.h>
 #import <WebKit/_WKWebAuthenticationPanel.h>
+#import <WebKit/_WKWebAuthenticationPanelForTesting.h>
 #import <wtf/BlockPtr.h>
 #import <wtf/RandomNumber.h>
@@ -238 +252 @@
 
 namespace TestWebKitAPI {
+using namespace WebCore;
 
 namespace {
@@ -1433 +1448 @@
 #endif // USE(APPLE_INTERNAL_SDK) || PLATFORM(IOS)
 
+TEST(WebAuthenticationPanel, PublicKeyCredentialCreationOptionsMinimun)
+{
+    uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+    auto parameters = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-7]);
+
+    auto rp = adoptNS([[_WKPublicKeyCredentialRelyingPartyEntity alloc] initWithName:@"example.com"]);
+    auto user = adoptNS([[_WKPublicKeyCredentialUserEntity alloc] initWithName:@"jappleseed@example.com" identifier:nsIdentifier displayName:@"J Appleseed"]);
+    NSArray<_WKPublicKeyCredentialParameters *> *publicKeyCredentialParamaters = @[ parameters.get() ];
+
+    auto options = adoptNS([[_WKPublicKeyCredentialCreationOptions alloc] initWithRelyingParty:rp.get() user:user.get() publicKeyCredentialParamaters:publicKeyCredentialParamaters]);
+    auto result = [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options.get()];
+
+    EXPECT_WK_STREQ(result.rp.name, "example.com");
+    EXPECT_TRUE(result.rp.icon.isNull());
+    EXPECT_TRUE(result.rp.id.isNull());
+
+    EXPECT_WK_STREQ(result.user.name, "jappleseed@example.com");
+    EXPECT_TRUE(result.user.icon.isNull());
+    EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+    EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
+
+    EXPECT_EQ(result.pubKeyCredParams.size(), 1lu);
+    EXPECT_EQ(result.pubKeyCredParams[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.pubKeyCredParams[0].alg, -7);
+
+    EXPECT_EQ(result.timeout, WTF::nullopt);
+    EXPECT_EQ(result.excludeCredentials.size(), 0lu);
+    EXPECT_EQ(result.authenticatorSelection, WTF::nullopt);
+    EXPECT_EQ(result.attestation, AttestationConveyancePreference::None);
+    EXPECT_TRUE(result.extensions->appid.isNull());
+    EXPECT_EQ(result.extensions->googleLegacyAppidSupport, false);
+}
+
+TEST(WebAuthenticationPanel, PublicKeyCredentialCreationOptionsMaximumDefault)
+{
+    uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+    auto parameters1 = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-7]);
+    auto parameters2 = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-257]);
+    auto descriptor = adoptNS([[_WKPublicKeyCredentialDescriptor alloc] initWithIdentifier:nsIdentifier]);
+
+    auto rp = adoptNS([[_WKPublicKeyCredentialRelyingPartyEntity alloc] initWithName:@"example.com"]);
+    auto user = adoptNS([[_WKPublicKeyCredentialUserEntity alloc] initWithName:@"jappleseed@example.com" identifier:nsIdentifier displayName:@"J Appleseed"]);
+    NSArray<_WKPublicKeyCredentialParameters *> *publicKeyCredentialParamaters = @[ parameters1.get(), parameters2.get() ];
+    auto authenticatorSelection = adoptNS([[_WKAuthenticatorSelectionCriteria alloc] init]);
+    auto extensions = adoptNS([[_WKAuthenticationExtensionsClientInputs alloc] init]);
+
+    auto options = adoptNS([[_WKPublicKeyCredentialCreationOptions alloc] initWithRelyingParty:rp.get() user:user.get() publicKeyCredentialParamaters:publicKeyCredentialParamaters]);
+    [options setTimeout:@120];
+    [options setExcludeCredentials:@[ descriptor.get() ]];
+    [options setAuthenticatorSelection:authenticatorSelection.get()];
+    [options setExtensions:extensions.get()];
+
+    auto result = [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options.get()];
+
+    EXPECT_WK_STREQ(result.rp.name, "example.com");
+    EXPECT_TRUE(result.rp.icon.isNull());
+    EXPECT_TRUE(result.rp.id.isNull());
+
+    EXPECT_WK_STREQ(result.user.name, "jappleseed@example.com");
+    EXPECT_TRUE(result.user.icon.isNull());
+    EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+    EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
+
+    EXPECT_EQ(result.pubKeyCredParams.size(), 2lu);
+    EXPECT_EQ(result.pubKeyCredParams[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.pubKeyCredParams[0].alg, -7);
+    EXPECT_EQ(result.pubKeyCredParams[1].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.pubKeyCredParams[1].alg, -257);
+
+    EXPECT_EQ(result.timeout, 120u);
+
+    EXPECT_EQ(result.excludeCredentials.size(), 1lu);
+    EXPECT_EQ(result.excludeCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.excludeCredentials[0].idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.excludeCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+
+    EXPECT_EQ(result.authenticatorSelection->authenticatorAttachment, WTF::nullopt);
+    EXPECT_EQ(result.authenticatorSelection->requireResidentKey, false);
+    EXPECT_EQ(result.authenticatorSelection->userVerification, UserVerificationRequirement::Preferred);
+
+    EXPECT_EQ(result.attestation, AttestationConveyancePreference::None);
+    EXPECT_TRUE(result.extensions->appid.isNull());
+}
+
+TEST(WebAuthenticationPanel, PublicKeyCredentialCreationOptionsMaximum1)
+{
+    uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+    auto parameters1 = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-7]);
+    auto parameters2 = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-257]);
+
+    auto rp = adoptNS([[_WKPublicKeyCredentialRelyingPartyEntity alloc] initWithName:@"example.com"]);
+    [rp setIcon:@"https//www.example.com/icon.jpg"];
+    [rp setIdentifier:@"example.com"];
+
+    auto user = adoptNS([[_WKPublicKeyCredentialUserEntity alloc] initWithName:@"jappleseed@example.com" identifier:nsIdentifier displayName:@"J Appleseed"]);
+    [user setIcon:@"https//www.example.com/icon.jpg"];
+
+    NSArray<_WKPublicKeyCredentialParameters *> *publicKeyCredentialParamaters = @[ parameters1.get(), parameters2.get() ];
+
+    auto options = adoptNS([[_WKPublicKeyCredentialCreationOptions alloc] initWithRelyingParty:rp.get() user:user.get() publicKeyCredentialParamaters:publicKeyCredentialParamaters]);
+    [options setTimeout:@120];
+
+    auto usb = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportUSB]);
+    auto nfc = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportNFC]);
+    auto internal = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportInternal]);
+    auto credential = adoptNS([[_WKPublicKeyCredentialDescriptor alloc] initWithIdentifier:nsIdentifier]);
+    [credential setTransports:@[ usb.get(), nfc.get(), internal.get() ]];
+    [options setExcludeCredentials:@[ credential.get(), credential.get() ]];
+
+    auto authenticatorSelection = adoptNS([[_WKAuthenticatorSelectionCriteria alloc] init]);
+    [authenticatorSelection setAuthenticatorAttachment:_WKAuthenticatorAttachmentPlatform];
+    [authenticatorSelection setRequireResidentKey:YES];
+    [authenticatorSelection setUserVerification:_WKUserVerificationRequirementRequired];
+    [options setAuthenticatorSelection:authenticatorSelection.get()];
+
+    [options setAttestation:_WKAttestationConveyancePreferenceDirect];
+
+    auto result = [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options.get()];
+
+    EXPECT_WK_STREQ(result.rp.name, "example.com");
+    EXPECT_WK_STREQ(result.rp.icon, @"https//www.example.com/icon.jpg");
+    EXPECT_WK_STREQ(result.rp.id, "example.com");
+
+    EXPECT_WK_STREQ(result.user.name, "jappleseed@example.com");
+    EXPECT_WK_STREQ(result.user.icon, @"https//www.example.com/icon.jpg");
+    EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+    EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
+
+    EXPECT_EQ(result.pubKeyCredParams.size(), 2lu);
+    EXPECT_EQ(result.pubKeyCredParams[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.pubKeyCredParams[0].alg, -7);
+    EXPECT_EQ(result.pubKeyCredParams[1].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.pubKeyCredParams[1].alg, -257);
+
+    EXPECT_EQ(result.timeout, 120u);
+
+    EXPECT_EQ(result.excludeCredentials.size(), 2lu);
+    EXPECT_EQ(result.excludeCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.excludeCredentials[0].idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.excludeCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+    EXPECT_EQ(result.excludeCredentials[0].transports.size(), 3lu);
+    EXPECT_EQ(result.excludeCredentials[0].transports[0], AuthenticatorTransport::Usb);
+    EXPECT_EQ(result.excludeCredentials[0].transports[1], AuthenticatorTransport::Nfc);
+    EXPECT_EQ(result.excludeCredentials[0].transports[2], AuthenticatorTransport::Internal);
+
+    EXPECT_EQ(result.authenticatorSelection->authenticatorAttachment, PublicKeyCredentialCreationOptions::AuthenticatorAttachment::Platform);
+    EXPECT_EQ(result.authenticatorSelection->requireResidentKey, true);
+    EXPECT_EQ(result.authenticatorSelection->userVerification, UserVerificationRequirement::Required);
+
+    EXPECT_EQ(result.attestation, AttestationConveyancePreference::Direct);
+}
+
+TEST(WebAuthenticationPanel, PublicKeyCredentialCreationOptionsMaximum2)
+{
+    uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+    auto parameters1 = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-7]);
+    auto parameters2 = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-257]);
+
+    auto rp = adoptNS([[_WKPublicKeyCredentialRelyingPartyEntity alloc] initWithName:@"example.com"]);
+    [rp setIcon:@"https//www.example.com/icon.jpg"];
+    [rp setIdentifier:@"example.com"];
+
+    auto user = adoptNS([[_WKPublicKeyCredentialUserEntity alloc] initWithName:@"jappleseed@example.com" identifier:nsIdentifier displayName:@"J Appleseed"]);
+    [user setIcon:@"https//www.example.com/icon.jpg"];
+
+    NSArray<_WKPublicKeyCredentialParameters *> *publicKeyCredentialParamaters = @[ parameters1.get(), parameters2.get() ];
+
+    auto options = adoptNS([[_WKPublicKeyCredentialCreationOptions alloc] initWithRelyingParty:rp.get() user:user.get() publicKeyCredentialParamaters:publicKeyCredentialParamaters]);
+    [options setTimeout:@120];
+
+    auto usb = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportUSB]);
+    auto nfc = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportNFC]);
+    auto internal = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportInternal]);
+    auto credential = adoptNS([[_WKPublicKeyCredentialDescriptor alloc] initWithIdentifier:nsIdentifier]);
+    [credential setTransports:@[ usb.get(), nfc.get(), internal.get() ]];
+    [options setExcludeCredentials:@[ credential.get(), credential.get() ]];
+
+    auto authenticatorSelection = adoptNS([[_WKAuthenticatorSelectionCriteria alloc] init]);
+    [authenticatorSelection setAuthenticatorAttachment:_WKAuthenticatorAttachmentCrossPlatform]; //
+    [authenticatorSelection setRequireResidentKey:YES];
+    [authenticatorSelection setUserVerification:_WKUserVerificationRequirementDiscouraged]; //
+    [options setAuthenticatorSelection:authenticatorSelection.get()];
+
+    [options setAttestation:_WKAttestationConveyancePreferenceIndirect]; //
+
+    auto result = [_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:options.get()];
+
+    EXPECT_WK_STREQ(result.rp.name, "example.com");
+    EXPECT_WK_STREQ(result.rp.icon, @"https//www.example.com/icon.jpg");
+    EXPECT_WK_STREQ(result.rp.id, "example.com");
+
+    EXPECT_WK_STREQ(result.user.name, "jappleseed@example.com");
+    EXPECT_WK_STREQ(result.user.icon, @"https//www.example.com/icon.jpg");
+    EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+    EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
+
+    EXPECT_EQ(result.pubKeyCredParams.size(), 2lu);
+    EXPECT_EQ(result.pubKeyCredParams[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.pubKeyCredParams[0].alg, -7);
+    EXPECT_EQ(result.pubKeyCredParams[1].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.pubKeyCredParams[1].alg, -257);
+
+    EXPECT_EQ(result.timeout, 120u);
+
+    EXPECT_EQ(result.excludeCredentials.size(), 2lu);
+    EXPECT_EQ(result.excludeCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.excludeCredentials[0].idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.excludeCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+    EXPECT_EQ(result.excludeCredentials[0].transports.size(), 3lu);
+    EXPECT_EQ(result.excludeCredentials[0].transports[0], AuthenticatorTransport::Usb);
+    EXPECT_EQ(result.excludeCredentials[0].transports[1], AuthenticatorTransport::Nfc);
+    EXPECT_EQ(result.excludeCredentials[0].transports[2], AuthenticatorTransport::Internal);
+
+    EXPECT_EQ(result.authenticatorSelection->authenticatorAttachment, PublicKeyCredentialCreationOptions::AuthenticatorAttachment::CrossPlatform);
+    EXPECT_EQ(result.authenticatorSelection->requireResidentKey, true);
+    EXPECT_EQ(result.authenticatorSelection->userVerification, UserVerificationRequirement::Discouraged);
+
+    EXPECT_EQ(result.attestation, AttestationConveyancePreference::Indirect);
+}
+
+TEST(WebAuthenticationPanel, MakeCredentialSPITimeout)
+{
+    reset();
+
+    uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+    uint8_t hash[] = { 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+    NSData *nsHash = [NSData dataWithBytes:hash length:sizeof(hash)];
+    auto parameters = adoptNS([[_WKPublicKeyCredentialParameters alloc] initWithAlgorithm:@-7]);
+
+    auto rp = adoptNS([[_WKPublicKeyCredentialRelyingPartyEntity alloc] initWithName:@"example.com"]);
+    auto user = adoptNS([[_WKPublicKeyCredentialUserEntity alloc] initWithName:@"jappleseed@example.com" identifier:nsIdentifier displayName:@"J Appleseed"]);
+    NSArray<_WKPublicKeyCredentialParameters *> *publicKeyCredentialParamaters = @[ parameters.get() ];
+    auto options = adoptNS([[_WKPublicKeyCredentialCreationOptions alloc] initWithRelyingParty:rp.get() user:user.get() publicKeyCredentialParamaters:publicKeyCredentialParamaters]);
+    [options setTimeout:@120];
+
+    auto panel = adoptNS([[_WKWebAuthenticationPanel alloc] init]);
+    [panel makeCredentialWithHash:nsHash options:options.get() completionHandler:^(_WKAuthenticatorAttestationResponse *response, NSError *error) {
+        webAuthenticationPanelRan = true;
+
+        EXPECT_NULL(response);
+        EXPECT_EQ(error.domain, WKErrorDomain);
+        EXPECT_EQ(error.code, WKErrorUnknown);
+    }];
+    Util::run(&webAuthenticationPanelRan);
+}
+
+TEST(WebAuthenticationPanel, PublicKeyCredentialRequestOptionsMinimun)
+{
+    auto options = adoptNS([[_WKPublicKeyCredentialRequestOptions alloc] init]);
+    auto result = [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options.get()];
+
+    EXPECT_EQ(result.timeout, WTF::nullopt);
+    EXPECT_TRUE(result.rpId.isNull());
+    EXPECT_EQ(result.allowCredentials.size(), 0lu);
+    EXPECT_EQ(result.userVerification, UserVerificationRequirement::Preferred);
+    EXPECT_TRUE(result.extensions->appid.isNull());
+    EXPECT_EQ(result.extensions->googleLegacyAppidSupport, false);
+}
+
+TEST(WebAuthenticationPanel, PublicKeyCredentialRequestOptionsMaximumDefault)
+{
+    uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+    auto descriptor = adoptNS([[_WKPublicKeyCredentialDescriptor alloc] initWithIdentifier:nsIdentifier]);
+    auto extensions = adoptNS([[_WKAuthenticationExtensionsClientInputs alloc] init]);
+
+    auto options = adoptNS([[_WKPublicKeyCredentialRequestOptions alloc] init]);
+    [options setTimeout:@120];
+    [options setAllowCredentials:@[ descriptor.get() ]];
+    [options setExtensions:extensions.get()];
+
+    auto result = [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options.get()];
+
+    EXPECT_EQ(result.timeout, 120u);
+
+    EXPECT_EQ(result.allowCredentials.size(), 1lu);
+    EXPECT_EQ(result.allowCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.allowCredentials[0].idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.allowCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+
+    EXPECT_EQ(result.userVerification, UserVerificationRequirement::Preferred);
+    EXPECT_TRUE(result.extensions->appid.isNull());
+}
+
+TEST(WebAuthenticationPanel, PublicKeyCredentialRequestOptionsMaximum)
+{
+    uint8_t identifier[] = { 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsIdentifier = [NSData dataWithBytes:identifier length:sizeof(identifier)];
+
+    auto options = adoptNS([[_WKPublicKeyCredentialRequestOptions alloc] init]);
+    [options setTimeout:@120];
+
+    auto usb = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportUSB]);
+    auto nfc = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportNFC]);
+    auto internal = adoptNS([NSNumber numberWithInt:_WKWebAuthenticationTransportInternal]);
+    auto credential = adoptNS([[_WKPublicKeyCredentialDescriptor alloc] initWithIdentifier:nsIdentifier]);
+    [credential setTransports:@[ usb.get(), nfc.get(), internal.get() ]];
+    [options setAllowCredentials:@[ credential.get(), credential.get() ]];
+
+    [options setUserVerification:_WKUserVerificationRequirementRequired];
+
+    auto extensions = adoptNS([[_WKAuthenticationExtensionsClientInputs alloc] init]);
+    [extensions setAppid:@"https//www.example.com/fido"];
+    [options setExtensions:extensions.get()];
+
+    auto result = [_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:options.get()];
+
+    EXPECT_EQ(result.timeout, 120u);
+
+    EXPECT_EQ(result.allowCredentials.size(), 2lu);
+    EXPECT_EQ(result.allowCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
+    EXPECT_EQ(result.allowCredentials[0].idVector.size(), sizeof(identifier));
+    EXPECT_EQ(memcmp(result.allowCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+    EXPECT_EQ(result.allowCredentials[0].transports.size(), 3lu);
+    EXPECT_EQ(result.allowCredentials[0].transports[0], AuthenticatorTransport::Usb);
+    EXPECT_EQ(result.allowCredentials[0].transports[1], AuthenticatorTransport::Nfc);
+    EXPECT_EQ(result.allowCredentials[0].transports[2], AuthenticatorTransport::Internal);
+
+    EXPECT_EQ(result.userVerification, UserVerificationRequirement::Required);
+    EXPECT_WK_STREQ(result.extensions->appid, "https//www.example.com/fido");
+}
+
+TEST(WebAuthenticationPanel, GetAssertionSPITimeout)
+{
+    reset();
+
+    uint8_t hash[] = { 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04 };
+    NSData *nsHash = [NSData dataWithBytes:hash length:sizeof(hash)];
+
+    auto options = adoptNS([[_WKPublicKeyCredentialRequestOptions alloc] init]);
+    [options setTimeout:@120];
+
+    auto panel = adoptNS([[_WKWebAuthenticationPanel alloc] init]);
+    [panel getAssertionWithHash:nsHash options:options.get() completionHandler:^(_WKAuthenticatorAssertionResponse *response, NSError *error) {
+        webAuthenticationPanelRan = true;
+
+        EXPECT_NULL(response);
+        EXPECT_EQ(error.domain, WKErrorDomain);
+        EXPECT_EQ(error.code, WKErrorUnknown);
+    }];
+    Util::run(&webAuthenticationPanelRan);
+}
+
 } // namespace TestWebKitAPI