Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[WebAuthn] Conditional passkey request presents conditional control e…
…ven after AbortController.abort()

https://bugs.webkit.org/show_bug.cgi?id=250589
rdar://99535627

Reviewed by Brent Fulgham.

Currently conditional mediation requests do not get cancelled whenever the abort controller for its
request is called. This patch changes that by calling cancel on the daemon whenever the abort controller
is called.

* Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp:
(WebCore::AuthenticatorCoordinator::discoverFromExternalSource):
* Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h:
* Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
(WebKit::WebAuthenticatorCoordinatorProxy::cancel):
* Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
* Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:
* Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
(WebKit::WebAuthenticatorCoordinator::cancel):
* Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.h:

Canonical link: https://commits.webkit.org/259754@main
  • Loading branch information
pascoej committed Feb 2, 2023
1 parent 7289c5d commit ba76ae8
Show file tree
Hide file tree
Showing 7 changed files with 21 additions and 1 deletion.
8 changes: 8 additions & 0 deletions Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp
Expand Up @@ -249,6 +249,14 @@ void AuthenticatorCoordinator::discoverFromExternalSource(const Document& docume
return;
}

if (requestOptions.signal) {
requestOptions.signal->addAlgorithm([weakThis = WeakPtr { *this }](JSC::JSValue) {
if (!weakThis)
return;
weakThis->m_client->cancel();
});
}

auto callback = [weakThis = WeakPtr { *this }, clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), abortSignal = WTFMove(requestOptions.signal)] (AuthenticatorResponseData&& data, AuthenticatorAttachment attachment, ExceptionData&& exception) mutable {
if (abortSignal && abortSignal->aborted()) {
promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s });
Expand Down
Expand Up @@ -64,6 +64,7 @@ class AuthenticatorCoordinatorClient : public CanMakeWeakPtr<AuthenticatorCoordi
virtual void getAssertion(const Frame&, const SecurityOrigin&, const Vector<uint8_t>&, const PublicKeyCredentialRequestOptions&, MediationRequirement, const ScopeAndCrossOriginParent&, RequestCompletionHandler&&) = 0;
virtual void isConditionalMediationAvailable(const SecurityOrigin&, QueryCompletionHandler&&) = 0;
virtual void isUserVerifyingPlatformAuthenticatorAvailable(const SecurityOrigin&, QueryCompletionHandler&&) = 0;
virtual void cancel() = 0;

virtual void resetUserGestureRequirement() { }
};
Expand Down
Expand Up @@ -119,6 +119,10 @@ void WebAuthenticatorCoordinatorProxy::handleRequest(WebAuthenticationRequestDat
}

#if !HAVE(UNIFIED_ASC_AUTH_UI)
void WebAuthenticatorCoordinatorProxy::cancel()
{
}

void WebAuthenticatorCoordinatorProxy::isUserVerifyingPlatformAuthenticatorAvailable(const SecurityOriginData&, QueryCompletionHandler&& handler)
{
handler(LocalService::isAvailable());
Expand Down
Expand Up @@ -75,13 +75,13 @@ class WebAuthenticatorCoordinatorProxy : public IPC::MessageReceiver {
void getAssertion(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialRequestOptions&&, WebCore::CredentialRequestOptions::MediationRequirement, std::optional<WebCore::SecurityOriginData>, bool processingUserGesture, RequestCompletionHandler&&);
void isUserVerifyingPlatformAuthenticatorAvailable(const WebCore::SecurityOriginData&, QueryCompletionHandler&&);
void isConditionalMediationAvailable(const WebCore::SecurityOriginData&, QueryCompletionHandler&&);
void cancel();

void handleRequest(WebAuthenticationRequestData&&, RequestCompletionHandler&&);

WebPageProxy& m_webPageProxy;

#if HAVE(UNIFIED_ASC_AUTH_UI)
void cancel();
RetainPtr<ASCCredentialRequestContext> contextForRequest(WebAuthenticationRequestData&&);
void performRequest(RetainPtr<ASCCredentialRequestContext>, RequestCompletionHandler&&);
RetainPtr<ASCAuthorizationRemotePresenter> m_presenter;
Expand Down
Expand Up @@ -30,6 +30,7 @@ messages -> WebAuthenticatorCoordinatorProxy NotRefCounted {
GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, enum:uint8_t WebCore::CredentialRequestOptions::MediationRequirement mediation, std::optional<WebCore::SecurityOriginData> parentOrigin, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:uint8_t WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception)
isConditionalMediationAvailable(struct WebCore::SecurityOriginData origin) -> (bool result)
IsUserVerifyingPlatformAuthenticatorAvailable(struct WebCore::SecurityOriginData origin) -> (bool result)
Cancel()
}

#endif
Expand Up @@ -96,6 +96,11 @@ void WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(
m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::IsUserVerifyingPlatformAuthenticatorAvailable(origin.data()), WTFMove(handler));
}

void WebAuthenticatorCoordinator::cancel()
{
m_webPage.send(Messages::WebAuthenticatorCoordinatorProxy::Cancel());
}

bool WebAuthenticatorCoordinator::processingUserGesture(const Frame& frame, const FrameIdentifier& frameID)
{
auto processingUserGesture = UserGestureIndicator::processingUserGestureForMedia();
Expand Down
Expand Up @@ -45,6 +45,7 @@ class WebAuthenticatorCoordinator final : public WebCore::AuthenticatorCoordinat
void isConditionalMediationAvailable(const WebCore::SecurityOrigin&, WebCore::QueryCompletionHandler&&) final;
void isUserVerifyingPlatformAuthenticatorAvailable(const WebCore::SecurityOrigin&, WebCore::QueryCompletionHandler&&) final;
void resetUserGestureRequirement() final { m_requireUserGesture = false; }
void cancel() final;

bool processingUserGesture(const WebCore::Frame&, const WebCore::FrameIdentifier&);

Expand Down

0 comments on commit ba76ae8

Please sign in to comment.