[WebAuthn] WebKitTestRunner/TWAPI lacks an entitlement and bundle ide…

…ntifier to use required [ASCAgent performAuthorizationRequestsForContext] https://bugs.webkit.org/show_bug.cgi?id=232846 rdar://problem/85170633 Reviewed by Brent Fulgham. Covered by existing tests. Calling to ASC requires converting WebAuthenticationRequestData to ASCCredentialRequestContext and then making a call to _WKAuthenticatorAssertionResponse, while also requiring entitlements currently unavailable in OpenSource. This change avoids calling out to ASC in tests using mock / virtual authenticators to avoid this problem, the serialization to and from ASCAgent can be tested seperately. * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: Refactor creation of ASCCredentialRequestContext. (WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): Refactor use of ASC and add clarifying comment about flow. Canonical link: https://commits.webkit.org/244290@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@285864 268f45cc-cd09-0410-ab3c-d52691b4dbfc
WebKit · Nov 16, 2021 · 1a2d7de · 1a2d7de
1 parent 7bf620f
commit 1a2d7de
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 13 deletions.
diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
@@ -1,3 +1,25 @@
+2021-11-16  J Pascoe  <j_pascoe@apple.com>
+
+        [WebAuthn] WebKitTestRunner/TWAPI lacks an entitlement and bundle identifier to use required [ASCAgent performAuthorizationRequestsForContext]
+        https://bugs.webkit.org/show_bug.cgi?id=232846
+        rdar://problem/85170633
+
+        Reviewed by Brent Fulgham.
+
+        Covered by existing tests.
+
+        Calling to ASC requires converting WebAuthenticationRequestData to ASCCredentialRequestContext and then making
+        a call to _WKAuthenticatorAssertionResponse, while also requiring entitlements currently unavailable in OpenSource.
+        This change avoids calling out to ASC in tests using mock / virtual authenticators to avoid this problem, the
+        serialization to and from ASCAgent can be tested seperately.
+
+        * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+        Refactor creation of ASCCredentialRequestContext.
+        (WebKit::WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable):
+        * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
+        (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest):
+        Refactor use of ASC and add clarifying comment about flow.
+
 2021-11-16  Kimmo Kinnunen  <kkinnunen@apple.com>
 
         RemoteGraphicsContextGLCocoa::m_swapChain is unused

diff --git a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm b/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
@@ -238,16 +238,15 @@ static inline ExceptionCode toExceptionCode(NSInteger nsErrorCode)
     return requestContext;
 }
 
-void WebAuthenticatorCoordinatorProxy::makeCredential(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialCreationOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
+RetainPtr<ASCCredentialRequestContext> WebAuthenticatorCoordinatorProxy::contextForRequest(WebAuthenticationRequestData&& requestData)
 {
-    auto requestContext = configureRegistrationRequestContext(options);
-    performRequest(requestContext, WTFMove(handler));
-}
-
-void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialRequestOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
-{
-    auto requestContext = configurationAssertionRequestContext(options);
-    performRequest(requestContext, WTFMove(handler));
+    RetainPtr<ASCCredentialRequestContext> result;
+    WTF::switchOn(requestData.options, [&](const PublicKeyCredentialCreationOptions& options) {
+        result = configureRegistrationRequestContext(options);
+    }, [&](const PublicKeyCredentialRequestOptions& options) {
+        result = configurationAssertionRequestContext(options);
+    });
+    return result;
 }
 
 void WebAuthenticatorCoordinatorProxy::performRequest(RetainPtr<ASCCredentialRequestContext> requestContext, RequestCompletionHandler&& handler)

diff --git a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp
@@ -55,7 +55,6 @@ WebAuthenticatorCoordinatorProxy::~WebAuthenticatorCoordinatorProxy()
     m_webPageProxy.process().removeMessageReceiver(Messages::WebAuthenticatorCoordinatorProxy::messageReceiverName(), m_webPageProxy.webPageID());
 }
 
-#if !HAVE(UNIFIED_ASC_AUTH_UI)
 void WebAuthenticatorCoordinatorProxy::makeCredential(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialCreationOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
 {
     handleRequest({ WTFMove(hash), WTFMove(options), m_webPageProxy, WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture, String(), nullptr }, WTFMove(handler));
@@ -65,10 +64,21 @@ void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, Fra
 {
     handleRequest({ WTFMove(hash), WTFMove(options), m_webPageProxy, WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture, String(), nullptr }, WTFMove(handler));
 }
-#endif
 
 void WebAuthenticatorCoordinatorProxy::handleRequest(WebAuthenticationRequestData&& data, RequestCompletionHandler&& handler)
 {
+    auto& authenticatorManager = m_webPageProxy.websiteDataStore().authenticatorManager();
+
+#if HAVE(UNIFIED_ASC_AUTH_UI)
+    if (!authenticatorManager.isMock() && !authenticatorManager.isVirtual()) {
+        auto context = contextForRequest(WTFMove(data));
+        // performRequest calls out to ASCAgent which will then call [_WKWebAuthenticationPanel makeCredential/getAssertionWithChallenge]
+        // which calls authenticatorManager.handleRequest(..)
+        performRequest(context, WTFMove(handler));
+        return;
+    }
+#endif // HAVE(UNIFIED_ASC_AUTH_UI)
+
     auto callback = [handler = WTFMove(handler)] (std::variant<Ref<AuthenticatorResponse>, ExceptionData>&& result) mutable {
         ASSERT(RunLoop::isMain());
         WTF::switchOn(result, [&](const Ref<AuthenticatorResponse>& response) {
@@ -77,15 +87,15 @@ void WebAuthenticatorCoordinatorProxy::handleRequest(WebAuthenticationRequestDat
             handler({ }, (AuthenticatorAttachment)0, exception);
         });
     };
-    m_webPageProxy.websiteDataStore().authenticatorManager().handleRequest(WTFMove(data), WTFMove(callback));
+    authenticatorManager.handleRequest(WTFMove(data), WTFMove(callback));
 }
 
 #if !HAVE(UNIFIED_ASC_AUTH_UI)
 void WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler)
 {
     handler(LocalService::isAvailable());
 }
-#endif
+#endif // !HAVE(UNIFIED_ASC_AUTH_UI)
 
 } // namespace WebKit
 

diff --git a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h b/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h
@@ -77,6 +77,7 @@ class WebAuthenticatorCoordinatorProxy : public IPC::MessageReceiver {
     WebPageProxy& m_webPageProxy;
 
 #if HAVE(UNIFIED_ASC_AUTH_UI)
+    RetainPtr<ASCCredentialRequestContext> contextForRequest(WebAuthenticationRequestData&&);
     void performRequest(RetainPtr<ASCCredentialRequestContext>, RequestCompletionHandler&&);
     RetainPtr<ASCAuthorizationRemotePresenter> m_presenter;
 #endif