[webkit-changes] [WebKit/WebKit] 52a47c: [WebAuthn] Implement batching for checking allowCr...

Commit Queue noreply at github.com
Wed Aug 14 10:49:01 PDT 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 52a47cbac08b216dcff99d9743a3d10b1c7c5991
      https://github.com/WebKit/WebKit/commit/52a47cbac08b216dcff99d9743a3d10b1c7c5991
  Author: Pascoe <pascoe at apple.com>
  Date:   2024-08-14 (Wed, 14 Aug 2024)

  Changed paths:
    M LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-hid.https-expected.txt
    M LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-hid.https.html
    M LayoutTests/http/wpt/webauthn/public-key-credential-get-success-hid.https-expected.txt
    M LayoutTests/http/wpt/webauthn/public-key-credential-get-success-hid.https.html
    M Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.cpp
    M Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.h
    M Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
    M Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.h

  Log Message:
  -----------
  [WebAuthn] Implement batching for checking allowCredentials
rdar://133711978
https://bugs.webkit.org/show_bug.cgi?id=277979

Reviewed by Brent Fulgham.

This change implements checking the allowCredentials in batches as supported by
the authenticator during getAssertion. This is accomplished with smaller up=0,
get requests to determine if credentials are present on the authenticator.

Then if a credential is detected as present, it is included in the allowCredentials list
in the real request. If no credentials matched, then we already know the call will not
be able to succeed, so we just include the last batch.

Added layout tests for the new behaviors.

* LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-hid.https-expected.txt:
* LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-hid.https.html:
* LayoutTests/http/wpt/webauthn/public-key-credential-get-success-hid.https-expected.txt:
* LayoutTests/http/wpt/webauthn/public-key-credential-get-success-hid.https.html:
* Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
(WebKit::CtapAuthenticator::makeCredential):
(WebKit::CtapAuthenticator::continueSlientlyCheckCredentials):
(WebKit::CtapAuthenticator::continueMakeCredentialAfterCheckExcludedCredentials):
(WebKit::CtapAuthenticator::getAssertion):
(WebKit::CtapAuthenticator::continueGetAssertionAfterCheckAllowCredentials):
(WebKit::CtapAuthenticator::continueCheckExcludedCredentialsAfterResponseRecieved): Deleted.
* Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.h:

Canonical link: https://commits.webkit.org/282246@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list