Skip to content
Permalink
Browse files
[GTK][WPE] Expose support for client certificate auth
https://bugs.webkit.org/show_bug.cgi?id=200805

Reviewed by Michael Catanzaro.

.:

Bump libsoup3 required version.

* Source/cmake/OptionsGTK.cmake:
* Source/cmake/OptionsWPE.cmake:

Source/WebCore:

* platform/Soup.cmake:
* platform/SourcesSoup.txt:
* platform/network/Credential.h:
* platform/network/ProtectionSpaceBase.cpp:
(WebCore::ProtectionSpaceBase::isPasswordBased const):
* platform/network/ProtectionSpaceBase.h:
* platform/network/soup/AuthenticationChallenge.h:
* platform/network/soup/AuthenticationChallengeSoup.cpp:
(WebCore::protectionSpaceForClientCertificate):
(WebCore::AuthenticationChallenge::AuthenticationChallenge):
(WebCore::protectionSpaceForClientCertificatePassword):
(WebCore::AuthenticationChallenge::platformCompare):
* platform/network/soup/CertificateInfoSoup.cpp:
(WebCore::CertificateInfo::isolatedCopy const):
* platform/network/soup/CredentialSoup.cpp: Added.
(WebCore::Credential::Credential):
(WebCore::m_certificate):
(WebCore::Credential::isEmpty const):
(WebCore::Credential::platformCompare):
* platform/network/soup/CredentialSoup.h: Added.
(WebCore::Credential::Credential):
(WebCore::Credential::encodingRequiresPlatformData const):
(WebCore::Credential::certificate const):
* platform/network/soup/NetworkStorageSessionSoup.cpp:
(WebCore::authTypeFromProtectionSpaceAuthenticationScheme):

Source/WebKit:

Add new API to handle certificate and pin certificate authentication requests.

* NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::createRequest):
(WebKit::NetworkDataTaskSoup::completeAuthentication):
(WebKit::NetworkDataTaskSoup::cancelAuthentication):
(WebKit::NetworkDataTaskSoup::authenticate):
(WebKit::NetworkDataTaskSoup::continueAuthenticate):
(WebKit::NetworkDataTaskSoup::requestCertificateCallback):
(WebKit::NetworkDataTaskSoup::requestCertificatePasswordCallback):
* NetworkProcess/soup/NetworkDataTaskSoup.h:
* Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<AuthenticationChallenge>::encode):
(IPC::ArgumentCoder<AuthenticationChallenge>::decode):
* Shared/glib/ArgumentCodersGLib.cpp:
(IPC::ArgumentCoder<GRefPtr<GTlsCertificate>>::encode):
(IPC::ArgumentCoder<GRefPtr<GTlsCertificate>>::decode):
* Shared/soup/WebCoreArgumentCodersSoup.cpp:
(IPC::ArgumentCoder<Credential>::encodePlatformData):
(IPC::ArgumentCoder<Credential>::decodePlatformData):
* UIProcess/API/glib/WebKitAuthenticationRequest.cpp:
(webkit_authentication_request_get_certificate_pin_flags):
* UIProcess/API/glib/WebKitCredential.cpp:
(webkit_credential_new_for_certificate_pin):
(webkit_credential_new_for_certificate):
(webkit_credential_get_certificate):
* UIProcess/API/gtk/WebKitAuthenticationRequest.h:
* UIProcess/API/gtk/WebKitCredential.h:
* UIProcess/API/gtk/WebKitWebViewGtk.cpp:
(webkitWebViewAuthenticate):
* UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt:
* UIProcess/API/wpe/WebKitAuthenticationRequest.h:
* UIProcess/API/wpe/WebKitCredential.h:
* UIProcess/API/wpe/docs/wpe-1.0-sections.txt:

Tools:

Add a simple implementation in MiniBrowser using a file chooser to ask for the certificate from a file and unit
tests for the client certificate request. Unfortunately we can't easily test pin certificates.

* MiniBrowser/gtk/BrowserTab.c:
(certificateDialogResponse):
(webViewAuthenticate):
(browserTabConstructed):
* TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp:
(ClientSideCertificateTest::acceptCertificateCallback):
(ClientSideCertificateTest::requestStartedCallback):
(ClientSideCertificateTest::authenticateCallback):
(ClientSideCertificateTest::ClientSideCertificateTest):
(ClientSideCertificateTest::~ClientSideCertificateTest):
(ClientSideCertificateTest::authenticate):
(ClientSideCertificateTest::acceptCertificate):
(ClientSideCertificateTest::waitForAuthenticationRequest):
(testClientSideCertificate):
(beforeAll):
* TestWebKitAPI/Tests/WebKitGLib/WebExtensionTest.cpp:
* TestWebKitAPI/glib/WebKitGLib/WebKitTestServer.h:
(WebKitTestServer::soupServer const):

Canonical link: https://commits.webkit.org/239625@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@279872 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
carlosgcampos committed Jul 13, 2021
1 parent 9a834cb commit 1e5a9791388c8e05e165a8c9168f280440301fe3
Showing with 885 additions and 69 deletions.
  1. +12 −0 ChangeLog
  2. +33 −0 Source/WebCore/ChangeLog
  3. +1 −0 Source/WebCore/platform/Soup.cmake
  4. +1 −0 Source/WebCore/platform/SourcesSoup.txt
  5. +2 −0 Source/WebCore/platform/network/Credential.h
  6. +3 −0 Source/WebCore/platform/network/ProtectionSpaceBase.cpp
  7. +3 −0 Source/WebCore/platform/network/ProtectionSpaceBase.h
  8. +10 −0 Source/WebCore/platform/network/soup/AuthenticationChallenge.h
  9. +44 −0 Source/WebCore/platform/network/soup/AuthenticationChallengeSoup.cpp
  10. +35 −37 Source/WebCore/platform/network/soup/CertificateInfoSoup.cpp
  11. +53 −0 Source/WebCore/platform/network/soup/CredentialSoup.cpp
  12. +63 −0 Source/WebCore/platform/network/soup/CredentialSoup.h
  13. +2 −0 Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp
  14. +42 −0 Source/WebKit/ChangeLog
  15. +97 −3 Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp
  16. +4 −0 Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.h
  17. +14 −1 Source/WebKit/Shared/WebCoreArgumentCoders.cpp
  18. +27 −0 Source/WebKit/Shared/glib/ArgumentCodersGLib.cpp
  19. +17 −5 Source/WebKit/Shared/soup/WebCoreArgumentCodersSoup.cpp
  20. +19 −0 Source/WebKit/UIProcess/API/glib/WebKitAuthenticationRequest.cpp
  21. +65 −0 Source/WebKit/UIProcess/API/glib/WebKitCredential.cpp
  22. +5 −0 Source/WebKit/UIProcess/API/gtk/WebKitAuthenticationRequest.h
  23. +22 −10 Source/WebKit/UIProcess/API/gtk/WebKitCredential.h
  24. +18 −2 Source/WebKit/UIProcess/API/gtk/WebKitWebViewGtk.cpp
  25. +4 −0 Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt
  26. +5 −0 Source/WebKit/UIProcess/API/wpe/WebKitAuthenticationRequest.h
  27. +21 −9 Source/WebKit/UIProcess/API/wpe/WebKitCredential.h
  28. +4 −0 Source/WebKit/UIProcess/API/wpe/docs/wpe-1.0-sections.txt
  29. +1 −1 Source/cmake/OptionsGTK.cmake
  30. +1 −1 Source/cmake/OptionsWPE.cmake
  31. +29 −0 Tools/ChangeLog
  32. +56 −0 Tools/MiniBrowser/gtk/BrowserTab.c
  33. +168 −0 Tools/TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp
  34. +3 −0 Tools/TestWebKitAPI/Tests/WebKitGLib/WebExtensionTest.cpp
  35. +1 −0 Tools/TestWebKitAPI/glib/WebKitGLib/WebKitTestServer.h
@@ -1,3 +1,15 @@
2021-07-13 Carlos Garcia Campos <cgarcia@igalia.com>

[GTK][WPE] Expose support for client certificate auth
https://bugs.webkit.org/show_bug.cgi?id=200805

Reviewed by Michael Catanzaro.

Bump libsoup3 required version.

* Source/cmake/OptionsGTK.cmake:
* Source/cmake/OptionsWPE.cmake:

2021-06-24 Zan Dobersek <zdobersek@igalia.com>

REGRESSION(r236846): WPE shouldn't depend on OpenGL ES 3
@@ -1,3 +1,36 @@
2021-07-13 Carlos Garcia Campos <cgarcia@igalia.com>

[GTK][WPE] Expose support for client certificate auth
https://bugs.webkit.org/show_bug.cgi?id=200805

Reviewed by Michael Catanzaro.

* platform/Soup.cmake:
* platform/SourcesSoup.txt:
* platform/network/Credential.h:
* platform/network/ProtectionSpaceBase.cpp:
(WebCore::ProtectionSpaceBase::isPasswordBased const):
* platform/network/ProtectionSpaceBase.h:
* platform/network/soup/AuthenticationChallenge.h:
* platform/network/soup/AuthenticationChallengeSoup.cpp:
(WebCore::protectionSpaceForClientCertificate):
(WebCore::AuthenticationChallenge::AuthenticationChallenge):
(WebCore::protectionSpaceForClientCertificatePassword):
(WebCore::AuthenticationChallenge::platformCompare):
* platform/network/soup/CertificateInfoSoup.cpp:
(WebCore::CertificateInfo::isolatedCopy const):
* platform/network/soup/CredentialSoup.cpp: Added.
(WebCore::Credential::Credential):
(WebCore::m_certificate):
(WebCore::Credential::isEmpty const):
(WebCore::Credential::platformCompare):
* platform/network/soup/CredentialSoup.h: Added.
(WebCore::Credential::Credential):
(WebCore::Credential::encodingRequiresPlatformData const):
(WebCore::Credential::certificate const):
* platform/network/soup/NetworkStorageSessionSoup.cpp:
(WebCore::authTypeFromProtectionSpaceAuthenticationScheme):

2021-07-13 Martin Robinson <mrobinson@igalia.com>

RenderLayerScrollableArea::updateScrollPosition assumes that it can scroll to the targeted scroll position
@@ -9,6 +9,7 @@ list(APPEND WebCore_UNIFIED_SOURCE_LIST_FILES
list(APPEND WebCore_PRIVATE_FRAMEWORK_HEADERS
platform/network/soup/AuthenticationChallenge.h
platform/network/soup/CertificateInfo.h
platform/network/soup/CredentialSoup.h
platform/network/soup/GUniquePtrSoup.h
platform/network/soup/ResourceError.h
platform/network/soup/ResourceRequest.h
@@ -25,6 +25,7 @@ platform/network/soup/AuthenticationChallengeSoup.cpp
platform/network/soup/CertificateInfoSoup.cpp
platform/network/soup/CookieSoup.cpp
platform/network/soup/CookieStorageSoup.cpp
platform/network/soup/CredentialSoup.cpp
platform/network/soup/CredentialStorageSoup.cpp
platform/network/soup/NetworkStorageSessionSoup.cpp
platform/network/soup/ProxyServerSoup.cpp
@@ -30,6 +30,8 @@

#if PLATFORM(COCOA)
#include "CredentialCocoa.h"
#elif USE(SOUP)
#include "CredentialSoup.h"
#else

#include "CredentialBase.h"
@@ -109,6 +109,9 @@ bool ProtectionSpaceBase::isPasswordBased() const
case ProtectionSpaceAuthenticationSchemeNTLM:
case ProtectionSpaceAuthenticationSchemeNegotiate:
case ProtectionSpaceAuthenticationSchemeOAuth:
#if USE(GLIB)
case ProtectionSpaceAuthenticationSchemeClientCertificatePINRequested:
#endif
return true;
case ProtectionSpaceAuthenticationSchemeClientCertificateRequested:
case ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested:
@@ -53,6 +53,9 @@ enum ProtectionSpaceAuthenticationScheme {
ProtectionSpaceAuthenticationSchemeClientCertificateRequested = 7,
ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested = 8,
ProtectionSpaceAuthenticationSchemeOAuth = 9,
#if USE(GLIB)
ProtectionSpaceAuthenticationSchemeClientCertificatePINRequested = 10,
#endif
ProtectionSpaceAuthenticationSchemeUnknown = 100
};

@@ -28,6 +28,8 @@
#include "AuthenticationChallengeBase.h"
#include "AuthenticationClient.h"

typedef struct _GTlsClientConnection GTlsClientConnection;
typedef struct _GTlsPassword GTlsPassword;
typedef struct _SoupAuth SoupAuth;
typedef struct _SoupMessage SoupMessage;

@@ -45,13 +47,19 @@ class AuthenticationChallenge final : public AuthenticationChallengeBase {
}

AuthenticationChallenge(SoupMessage*, SoupAuth*, bool retrying);
AuthenticationChallenge(SoupMessage*, GTlsClientConnection*);
AuthenticationChallenge(SoupMessage*, GTlsPassword*);
AuthenticationClient* authenticationClient() const { RELEASE_ASSERT_NOT_REACHED(); }
#if USE(SOUP2)
SoupMessage* soupMessage() const { return m_soupMessage.get(); }
#endif
SoupAuth* soupAuth() const { return m_soupAuth.get(); }
GTlsPassword* tlsPassword() const { return m_tlsPassword.get(); }
void setProposedCredential(const Credential& credential) { m_proposedCredential = credential; }

uint32_t tlsPasswordFlags() const { return m_tlsPasswordFlags; }
void setTLSPasswordFlags(uint32_t tlsPasswordFlags) { m_tlsPasswordFlags = tlsPasswordFlags; }

private:
friend class AuthenticationChallengeBase;
static bool platformCompare(const AuthenticationChallenge&, const AuthenticationChallenge&);
@@ -60,6 +68,8 @@ class AuthenticationChallenge final : public AuthenticationChallengeBase {
GRefPtr<SoupMessage> m_soupMessage;
#endif
GRefPtr<SoupAuth> m_soupAuth;
GRefPtr<GTlsPassword> m_tlsPassword;
uint32_t m_tlsPasswordFlags { 0 };
};

} // namespace WebCore
@@ -90,11 +90,55 @@ AuthenticationChallenge::AuthenticationChallenge(SoupMessage* soupMessage, SoupA
{
}

static ProtectionSpace protectionSpaceForClientCertificate(const URL& url)
{
auto port = url.port();
if (!port)
port = defaultPortForProtocol(url.protocol());
return ProtectionSpace(url.host().toString(), static_cast<int>(port.value_or(0)), protectionSpaceServerTypeFromURL(url, false), { },
ProtectionSpaceAuthenticationSchemeClientCertificateRequested);
}

AuthenticationChallenge::AuthenticationChallenge(SoupMessage* soupMessage, GTlsClientConnection*)
: AuthenticationChallengeBase(protectionSpaceForClientCertificate(soupURIToURL(soup_message_get_uri(soupMessage)))
, Credential() // proposedCredentials
, 0 // previousFailureCount
, soupMessage // failureResponse
, ResourceError::authenticationError(soupMessage))
{
}

static ProtectionSpace protectionSpaceForClientCertificatePassword(GTlsPassword* tlsPassword, const URL& url)
{
auto port = url.port();
if (!port)
port = defaultPortForProtocol(url.protocol());
return ProtectionSpace(url.host().toString(), static_cast<int>(port.value_or(0)), protectionSpaceServerTypeFromURL(url, false),
String::fromUTF8(g_tls_password_get_description(tlsPassword)), ProtectionSpaceAuthenticationSchemeClientCertificatePINRequested);
}

AuthenticationChallenge::AuthenticationChallenge(SoupMessage* soupMessage, GTlsPassword* tlsPassword)
: AuthenticationChallengeBase(protectionSpaceForClientCertificatePassword(tlsPassword, soupURIToURL(soup_message_get_uri(soupMessage)))
, Credential() // proposedCredentials
, g_tls_password_get_flags(tlsPassword) & G_TLS_PASSWORD_RETRY ? 1 : 0 // previousFailureCount
, soupMessage // failureResponse
, ResourceError::authenticationError(soupMessage))
, m_tlsPassword(tlsPassword)
, m_tlsPasswordFlags(tlsPassword ? g_tls_password_get_flags(tlsPassword) : G_TLS_PASSWORD_NONE)
{
}

bool AuthenticationChallenge::platformCompare(const AuthenticationChallenge& a, const AuthenticationChallenge& b)
{
if (a.soupAuth() != b.soupAuth())
return false;

if (a.tlsPassword() != b.tlsPassword())
return false;

if (a.tlsPasswordFlags() != b.tlsPasswordFlags())
return false;

#if USE(SOUP2)
return a.soupMessage() == b.soupMessage();
#endif
@@ -62,45 +62,43 @@ CertificateInfo::CertificateInfo(GTlsCertificate* certificate, GTlsCertificateFl

CertificateInfo::~CertificateInfo() = default;

static GRefPtr<GTlsCertificate> createCertificate(GByteArray* bytes, GTlsCertificate* issuer)
{
gpointer cert = g_initable_new(g_tls_backend_get_certificate_type(g_tls_backend_get_default()),
nullptr, nullptr,
"certificate", bytes,
"issuer", issuer,
nullptr);
RELEASE_ASSERT(cert);
return adoptGRef(G_TLS_CERTIFICATE(cert));
}

CertificateInfo CertificateInfo::isolatedCopy() const
{
// We can only copy the public portions, so this can only be used for server certificates, not
// for client certificates. Sadly, other ports don't have this restriction, and there is no way
// to assert that we are not messing up here because we can't know how callers are using the
// certificate. So be careful?
//
// We should add g_tls_certificate_copy() to GLib so that we can copy the private portion too.

Vector<GRefPtr<GByteArray>> certificateBytes;
GTlsCertificate* cert = m_certificate.get();
if (!cert)
return CertificateInfo();

do {
GRefPtr<GByteArray> der;
g_object_get(cert, "certificate", &der.outPtr(), nullptr);

GRefPtr<GByteArray> copy = adoptGRef(g_byte_array_new());
g_byte_array_append(copy.get(), der->data, der->len);
certificateBytes.append(WTFMove(copy));
} while ((cert = g_tls_certificate_get_issuer(cert)));

auto finalCertificateIndex = certificateBytes.size() - 1;
GRefPtr<GTlsCertificate> copy = createCertificate(certificateBytes[finalCertificateIndex].get(), nullptr);
for (ssize_t i = finalCertificateIndex - 1; i >= 0; i--)
copy = createCertificate(certificateBytes[i].get(), copy.get());
return CertificateInfo(copy.get(), m_tlsErrors);
if (!m_certificate)
return { };

Vector<GUniquePtr<char>> certificatesDataList;
for (auto* nextCertificate = m_certificate.get(); nextCertificate; nextCertificate = g_tls_certificate_get_issuer(nextCertificate)) {
GUniqueOutPtr<char> certificateData;
g_object_get(nextCertificate, "certificate-pem", &certificateData.outPtr(), nullptr);
certificatesDataList.append(certificateData.release());
}

#if GLIB_CHECK_VERSION(2, 69, 0)
GUniqueOutPtr<char> privateKey;
GUniqueOutPtr<char> privateKeyPKCS11Uri;
g_object_get(m_certificate.get(), "private-key-pem", &privateKey.outPtr(), "private-key-pkcs11-uri", &privateKeyPKCS11Uri.outPtr(), nullptr);
#endif

GType certificateType = g_tls_backend_get_certificate_type(g_tls_backend_get_default());
GRefPtr<GTlsCertificate> certificate;
GTlsCertificate* issuer = nullptr;
while (!certificatesDataList.isEmpty()) {
auto certificateData = certificatesDataList.takeLast();
certificate = adoptGRef(G_TLS_CERTIFICATE(g_initable_new(
certificateType, nullptr, nullptr,
"certificate-pem", certificateData.get(),
"issuer", issuer,
#if GLIB_CHECK_VERSION(2, 69, 0)
"private-key-pem", certificatesDataList.isEmpty() ? privateKey.get() : nullptr,
"private-key-pkcs11-uri", certificatesDataList.isEmpty() ? privateKeyPKCS11Uri.get() : nullptr,
#endif
nullptr)));
RELEASE_ASSERT(certificate);
issuer = certificate.get();
}

return CertificateInfo(certificate.get(), m_tlsErrors);
}

std::optional<CertificateSummary> CertificateInfo::summary() const
@@ -0,0 +1,53 @@
/*
* Copyright (C) 2021 Igalia S.L.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGE.
*/

#include "config.h"
#include "CredentialSoup.h"

namespace WebCore {

Credential::Credential(const Credential& original, CredentialPersistence persistence)
: CredentialBase(original, persistence)
, m_certificate(original.certificate())
{
}

Credential::Credential(GTlsCertificate* certificate, CredentialPersistence persistence)
: CredentialBase({ }, { }, persistence)
, m_certificate(certificate)
{
}

bool Credential::isEmpty() const
{
return !m_certificate && CredentialBase::isEmpty();
}

bool Credential::platformCompare(const Credential& a, const Credential& b)
{
return a.certificate() == b.certificate();
}

} // namespace WebCore
@@ -0,0 +1,63 @@
/*
* Copyright (C) 2021 Igalia S.L.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGE.
*/

#pragma once

#include "CredentialBase.h"
#include <wtf/glib/GRefPtr.h>

typedef struct _GTlsCertificate GTlsCertificate;

namespace WebCore {

class Credential : public CredentialBase {
public:
Credential()
: CredentialBase()
{
}

Credential(const String& user, const String& password, CredentialPersistence persistence)
: CredentialBase(user, password, persistence)
{
}

Credential(const Credential&, CredentialPersistence);

WEBCORE_EXPORT Credential(GTlsCertificate*, CredentialPersistence);

WEBCORE_EXPORT bool isEmpty() const;

static bool platformCompare(const Credential&, const Credential&);

bool encodingRequiresPlatformData() const { return !!m_certificate; }

GTlsCertificate* certificate() const { return m_certificate.get(); }

private:
GRefPtr<GTlsCertificate> m_certificate;
};

} // namespace WebCore
@@ -125,6 +125,8 @@ static const char* authTypeFromProtectionSpaceAuthenticationScheme(ProtectionSpa
case ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested:
ASSERT_NOT_REACHED();
break;
case ProtectionSpaceAuthenticationSchemeClientCertificatePINRequested:
return "Certificate PIN";
case ProtectionSpaceAuthenticationSchemeOAuth:
return "OAuth";
case ProtectionSpaceAuthenticationSchemeUnknown:

0 comments on commit 1e5a979

Please sign in to comment.