Changeset 271221 in webkit
- Timestamp:
- Jan 6, 2021 5:50:34 PM (3 years ago)
- Location:
- trunk/Source/WebKit
- Files:
-
- 10 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r271219 r271221 1 2021-01-06 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] Adopt new UI for the Client PIN and dismiss flow 4 https://bugs.webkit.org/show_bug.cgi?id=219712 5 <rdar://problem/72154935> 6 7 Reviewed by Brent Fulgham. 8 9 Covered by manual tests. 10 11 This patch does the following few things: 12 1. It tweaks the WebAuthn process as a UI view service to be able to run NearField in the background. 13 2. It adopts new SPI for security keys' client pin support. 14 3. It adopts new SPI to dismiss the UI when necessary. 15 16 * Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h: 17 (NS_ERROR_ENUM): 18 Adds new SPI. 19 20 * Scripts/process-entitlements.sh: 21 Tweaks WebAuthn process for NFC. 22 23 * UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h: 24 * UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm: 25 Paperwork. 26 27 * UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.h: 28 * UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm: 29 (WebKit::AuthenticatorPresenterCoordinator::~AuthenticatorPresenterCoordinator): 30 (WebKit::AuthenticatorPresenterCoordinator::updatePresenter): 31 (WebKit::AuthenticatorPresenterCoordinator::requestPin): 32 (WebKit::AuthenticatorPresenterCoordinator::dimissPresenter): 33 (WebKit::AuthenticatorPresenterCoordinator::setPin): 34 Adopts new SPIs. 35 36 * UIProcess/WebAuthentication/Cocoa/NfcService.mm: 37 (WebKit::NfcService::platformStartDiscovery): 38 Tweaks NFC. 39 40 * UIProcess/WebAuthentication/Cocoa/WKASCAuthorizationPresenterDelegate.mm: 41 (-[WKASCAuthorizationPresenterDelegate authorizationPresenter:credentialRequestedForLoginChoice:authenticatedContext:completionHandler:]): 42 (-[WKASCAuthorizationPresenterDelegate authorizationPresenter:validateUserEnteredPIN:completionHandler:]): 43 Adopts new SPIs. 44 1 45 2021-01-06 Jer Noble <jer.noble@apple.com> 2 46 -
trunk/Source/WebKit/Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h
r270917 r271221 72 72 - (void)presentAuthorizationWithContext:(ASCAuthorizationPresentationContext *)context completionHandler:(void (^)(id<ASCCredentialProtocol> _Nullable, NSError * _Nullable))completionHandler; 73 73 - (void)updateInterfaceWithLoginChoices:(NSArray<id <ASCLoginChoiceProtocol>> *)loginChoices; 74 - (void)presentPINEntryInterface; 75 - (void)dismissWithError:(nullable NSError *)error; 74 76 75 77 @property (nonatomic, weak) id <ASCAuthorizationPresenterDelegate> delegate; … … 159 161 @end 160 162 163 extern NSErrorDomain const ASCAuthorizationErrorDomain; 164 165 typedef NS_ERROR_ENUM(ASCAuthorizationErrorDomain, ASCAuthorizationError) { 166 ASCAuthorizationErrorUnknown, 167 ASCAuthorizationErrorFailed, 168 ASCAuthorizationErrorUserCanceled, 169 ASCAuthorizationErrorPINRequired, 170 }; 171 172 extern NSString * const ASCPINValidationResultKey; 173 174 typedef NS_ENUM(NSInteger, ASCPINValidationResult) { 175 ASCPINValidationResultPINBlocked, 176 ASCPINValidationResultPINAuthBlocked, 177 ASCPINValidationResultPINInvalid, 178 }; 179 161 180 NS_ASSUME_NONNULL_END 162 181 -
trunk/Source/WebKit/Platform/spi/Cocoa/NearFieldSPI.h
r260366 r271221 105 105 106 106 @interface NFHardwareManager : NSObject 107 + (instancetype)sharedHardwareManager ;107 + (instancetype)sharedHardwareManagerWithNoUI; 108 108 - (NSObject<NFSession> *)startReaderSession:(void(^)(NFReaderSession *session, NSError *error))theStartCallback; 109 109 - (BOOL)areFeaturesSupported:(NFFeature)featureMask outError:(NSError**)outError; -
trunk/Source/WebKit/Scripts/process-entitlements.sh
r270688 r271221 244 244 plistbuddy Add :com.apple.nfcd.hwmanager bool YES 245 245 plistbuddy Add :com.apple.nfcd.session.reader.internal bool YES 246 # FIXME(rdar://problem/72646664): Find a better way to invoke NearField in the background. 247 plistbuddy Add :com.apple.internal.nfc.allow.backgrounded.session bool YES 248 plistbuddy Add :com.apple.UIKit.vends-view-services bool YES 246 249 247 250 plistbuddy Add :keychain-access-groups array -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h
r270694 r271221 39 39 SOFT_LINK_CLASS_FOR_HEADER(WebKit, ASCAppleIDCredential); 40 40 41 SOFT_LINK_CONSTANT_FOR_HEADER(WebKit, AuthenticationServicesCore, ASCAuthorizationErrorDomain, NSErrorDomain); 42 #define ASCAuthorizationErrorDomain WebKit::get_AuthenticationServicesCore_ASCAuthorizationErrorDomain() 43 44 SOFT_LINK_CONSTANT_FOR_HEADER(WebKit, AuthenticationServicesCore, ASCPINValidationResultKey, NSString*); 45 #define ASCPINValidationResultKey WebKit::get_AuthenticationServicesCore_ASCPINValidationResultKey() 46 41 47 #endif // HAVE(ASC_AUTH_UI) -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm
r270694 r271221 39 39 SOFT_LINK_CLASS_FOR_SOURCE(WebKit, AuthenticationServicesCore, ASCAppleIDCredential); 40 40 41 SOFT_LINK_CONSTANT_FOR_SOURCE(WebKit, AuthenticationServicesCore, ASCAuthorizationErrorDomain, NSErrorDomain); 42 SOFT_LINK_CONSTANT_FOR_SOURCE(WebKit, AuthenticationServicesCore, ASCPINValidationResultKey, NSString*); 43 41 44 #endif // HAVE(ASC_AUTH_UI) -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.h
r270730 r271221 36 36 #include <wtf/WeakPtr.h> 37 37 38 OBJC_CLASS ASCAppleIDCredential; 38 39 OBJC_CLASS ASCAuthorizationPresentationContext; 39 40 OBJC_CLASS ASCAuthorizationPresenter; 40 41 OBJC_CLASS ASCLoginChoiceProtocol; 41 42 OBJC_CLASS LAContext; 43 OBJC_CLASS NSError; 42 44 OBJC_CLASS WKASCAuthorizationPresenterDelegate; 43 45 … … 51 53 public: 52 54 using TransportSet = HashSet<WebCore::AuthenticatorTransport, WTF::IntHash<WebCore::AuthenticatorTransport>, WTF::StrongEnumHashTraits<WebCore::AuthenticatorTransport>>; 53 using CredentialRequestHandler = Function<void( )>;55 using CredentialRequestHandler = Function<void(ASCAppleIDCredential *, NSError *)>; 54 56 55 57 AuthenticatorPresenterCoordinator(const AuthenticatorManager&, const String& rpId, const TransportSet&, WebCore::ClientDataType); … … 64 66 void setCredentialRequestHandler(CredentialRequestHandler&& handler) { m_credentialRequestHandler = WTFMove(handler); } 65 67 void setLAContext(LAContext *); 66 67 68 void didSelectAssertionResponse(ASCLoginChoiceProtocol *, LAContext *); 69 void setPin(const String&); 68 70 69 71 private: … … 80 82 CompletionHandler<void(WebCore::AuthenticatorAssertionResponse*)> m_responseHandler; 81 83 HashMap<ASCLoginChoiceProtocol *, RefPtr<WebCore::AuthenticatorAssertionResponse>> m_credentials; 84 85 CompletionHandler<void(const String&)> m_pinHandler; 82 86 }; 83 87 -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm
r270730 r271221 87 87 if (m_responseHandler) 88 88 m_responseHandler(nullptr); 89 } 90 91 void AuthenticatorPresenterCoordinator::updatePresenter(WebAuthenticationStatus) 92 { 93 // FIXME(219713): Adopt new UI for the update flow. 94 } 95 96 void AuthenticatorPresenterCoordinator::requestPin(uint64_t, CompletionHandler<void(const String&)>&&) 97 { 98 // FIXME(219712): Adopt new UI for the Client PIN flow. 89 if (m_pinHandler) 90 m_pinHandler(String()); 91 } 92 93 void AuthenticatorPresenterCoordinator::updatePresenter(WebAuthenticationStatus status) 94 { 95 #if HAVE(ASC_AUTH_UI) 96 switch (status) { 97 case WebAuthenticationStatus::PinBlocked: { 98 auto error = adoptNS([[NSError alloc] initWithDomain:ASCAuthorizationErrorDomain code:ASCAuthorizationErrorPINRequired userInfo:@{ ASCPINValidationResultKey: @(ASCPINValidationResultPINBlocked) }]); 99 m_credentialRequestHandler(nil, error.get()); 100 break; 101 } 102 case WebAuthenticationStatus::PinAuthBlocked: { 103 auto error = adoptNS([[NSError alloc] initWithDomain:ASCAuthorizationErrorDomain code:ASCAuthorizationErrorPINRequired userInfo:@{ ASCPINValidationResultKey: @(ASCPINValidationResultPINAuthBlocked) }]); 104 m_credentialRequestHandler(nil, error.get()); 105 break; 106 } 107 case WebAuthenticationStatus::PinInvalid: { 108 auto error = adoptNS([[NSError alloc] initWithDomain:ASCAuthorizationErrorDomain code:ASCAuthorizationErrorPINRequired userInfo:@{ ASCPINValidationResultKey: @(ASCPINValidationResultPINInvalid) }]); 109 m_credentialRequestHandler(nil, error.get()); 110 break; 111 } 112 default: 113 // FIXME(219713): Adopt new UI for the update flow. 114 break; 115 } 116 #endif // HAVE(ASC_AUTH_UI) 117 } 118 119 void AuthenticatorPresenterCoordinator::requestPin(uint64_t, CompletionHandler<void(const String&)>&& completionHandler) 120 { 121 #if HAVE(ASC_AUTH_UI) 122 m_pinHandler = WTFMove(completionHandler); 123 [m_presenter presentPINEntryInterface]; 124 #endif // HAVE(ASC_AUTH_UI) 99 125 } 100 126 … … 157 183 void AuthenticatorPresenterCoordinator::dimissPresenter(WebAuthenticationResult result) 158 184 { 185 #if HAVE(ASC_AUTH_UI) 159 186 if (result == WebAuthenticationResult::Succeeded && m_credentialRequestHandler) { 160 m_credentialRequestHandler(); 161 return; 162 } 163 // FIXME(219716): Adopt new UI for the dismiss flow. 187 // FIXME(219767): Replace the ASCAppleIDCredential with the upcoming WebAuthn credentials one. 188 // This is just a place holder to tell the UI that the ceremony succeeds. 189 m_credentialRequestHandler(adoptNS([WebKit::allocASCAppleIDCredentialInstance() initWithUser:@"" identityToken:adoptNS([[NSData alloc] init]).get()]).get(), nil); 190 return; 191 } 192 193 [m_presenter dismissWithError:nil]; 194 #endif // HAVE(ASC_AUTH_UI) 164 195 } 165 196 … … 186 217 } 187 218 219 void AuthenticatorPresenterCoordinator::setPin(const String& pin) 220 { 221 m_pinHandler(pin); 222 } 223 188 224 } // namespace WebKit 189 225 -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/NfcService.mm
r251762 r271221 53 53 { 54 54 #if HAVE(NEAR_FIELD) 55 return [[getNFHardwareManagerClass() sharedHardwareManager ] areFeaturesSupported:NFFeatureReaderMode outError:nil];55 return [[getNFHardwareManagerClass() sharedHardwareManagerWithNoUI] areFeaturesSupported:NFFeatureReaderMode outError:nil]; 56 56 #else 57 57 return false; … … 119 119 }); 120 120 }); 121 [[getNFHardwareManagerClass() sharedHardwareManager ] startReaderSession:callback.get()];121 [[getNFHardwareManagerClass() sharedHardwareManagerWithNoUI] startReaderSession:callback.get()]; 122 122 #endif // HAVE(NEAR_FIELD) 123 123 } -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WKASCAuthorizationPresenterDelegate.mm
r270730 r271221 48 48 - (void)authorizationPresenter:(ASCAuthorizationPresenter *)presenter credentialRequestedForLoginChoice:(id <ASCLoginChoiceProtocol>)loginChoice authenticatedContext:(nullable LAContext *)context completionHandler:(void (^)(id <ASCCredentialProtocol> _Nullable credential, NSError * _Nullable error))completionHandler 49 49 { 50 auto requestHandler = [completionHandler = makeBlockPtr(completionHandler)] { 51 // FIXME(219767): Replace the ASCAppleIDCredential with the upcoming WebAuthn credentials one. 52 // This is just a place holder to tell the UI that the ceremony succeeds. 53 completionHandler(adoptNS([WebKit::allocASCAppleIDCredentialInstance() initWithUser:@"" identityToken:adoptNS([[NSData alloc] init]).get()]).get(), nil); 50 auto requestHandler = [completionHandler = makeBlockPtr(completionHandler)] (ASCAppleIDCredential *credential, NSError *error) { 51 completionHandler(credential, error); 54 52 }; 55 53 [self dispatchCoordinatorCallback:[requestHandler = WTFMove(requestHandler)] (WebKit::AuthenticatorPresenterCoordinator& coordinator) mutable { … … 88 86 - (void)authorizationPresenter:(ASCAuthorizationPresenter *)presenter validateUserEnteredPIN:(NSString *)pin completionHandler:(void (^)(id <ASCCredentialProtocol> credential, NSError *error))completionHandler 89 87 { 90 // FIXME(219712): Adopt new UI for the Client PIN flow. 88 auto requestHandler = [completionHandler = makeBlockPtr(completionHandler)] (ASCAppleIDCredential *credential, NSError *error) { 89 completionHandler(credential, error); 90 }; 91 [self dispatchCoordinatorCallback:[requestHandler = WTFMove(requestHandler)] (WebKit::AuthenticatorPresenterCoordinator& coordinator) mutable { 92 coordinator.setCredentialRequestHandler(WTFMove(requestHandler)); 93 }]; 94 95 String pinString = pin; 96 [self dispatchCoordinatorCallback:[pinString = WTFMove(pinString)] (WebKit::AuthenticatorPresenterCoordinator& coordinator) mutable { 97 coordinator.setPin(pinString); 98 }]; 91 99 } 92 100
Note: See TracChangeset
for help on using the changeset viewer.