[webkit-reviews] review denied: [Bug 181946] [WebAuthN] Revisit the whole async model of task dispatching, timeout and aborting : [Attachment 333145] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Feb 6 13:35:16 PST 2018
Chris Dumez <cdumez at apple.com> has denied Jiewen Tan <jiewen_tan at apple.com>'s
request for review:
Bug 181946: [WebAuthN] Revisit the whole async model of task dispatching,
timeout and aborting
https://bugs.webkit.org/show_bug.cgi?id=181946
Attachment 333145: Patch
https://bugs.webkit.org/attachment.cgi?id=333145&action=review
--- Comment #7 from Chris Dumez <cdumez at apple.com> ---
Comment on attachment 333145
--> https://bugs.webkit.org/attachment.cgi?id=333145
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=333145&action=review
> Source/WebCore/ChangeLog:12
> + threading model. To coperate that, a CredentialsMessenger class is
then created and
I don't think "coperate" is a word.
> Source/WebCore/ChangeLog:13
> + all task dispatching codes are moved thre.
typo: thre
also probably s/codes are/code is/
> Source/WebCore/ChangeLog:15
> + As an improvement over existing codes, static methods from
PublicKeyCredential are
s/codes/code
static functions
> Source/WebCore/ChangeLog:17
> + when static methods are called, they could reach the
CredentialsMessenger to interact
static functions
> Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp:-140
> - if (!options.publicKey) {
I liked it better is early return for error handling. This is a more usual
pattern.
> Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp:88
> + promise->reject(Exception { NotSupportedError });
It would be nice to provide a more detailed error message.
> Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp:113
> + if (options.publicKey) {
Liked it better with early return for error handling.
> Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp:119
> + promise->reject(Exception { NotSupportedError });
It would be nice to provide a more detailed error message.
> Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h:43
> + AssertionReturnBundle(Ref<ArrayBuffer>&& id, Ref<ArrayBuffer>&& data,
Ref<ArrayBuffer>&& sig, Ref<ArrayBuffer>&& handle)
What does sig mean? unless it is a well-established abbreviation in the spec, I
would avoid using abbreviations.
> Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h:57
> +using CreationCompletionHandler =
Function<void(ExceptionOr<Vector<uint8_t>>&&)>;
Based on their name, you may want to use WTF::CompletionHandler instead of
WTF::Function.
> Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h:58
> +using RequestCompletionHandler =
Function<void(ExceptionOr<AssertionReturnBundle>&&)>;
ditto.
> Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h:90
> + m_pendingCreationCompletionHandlers.add(m_accumulatedMessageId,
WTFMove(handler));
Would be nice to ASSERT that this is a new entry.
> Source/WebCore/Modules/credentialmanagement/CredentialsMessenger.h:99
> +inline uint64_t
CredentialsMessenger::addRequestCompletionHandler(RequestCompletionHandler&&
handler)
Would be nice to ASSERT that this is a new entry.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:49
> +namespace AuthenticatorManagerInternal {
Why this namespace. I do not believe this is a common pattern in WebKit.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:82
> +static Vector<uint8_t> produceClientDataJsonHash(const Ref<ArrayBuffer>&
clientDataJson)
We may want to use const ArrayBuffer& as parameter type.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:102
> +static std::unique_ptr<Timer> initTimer(std::optional<unsigned long>
timeOutInMs, const Ref<DeferredPromise>& promise)
We prefer to use Seconds type. May be nice to use DeferredPromise& as parameter
too.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:104
> + std::unique_ptr<Timer> timer = nullptr;
We prefer early return:
if (!timeOutInMs)
return nullptr;
...
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:107
> + promise->reject(Exception { NotAllowedError });
It would be nice to provide a more detailed error message. Also, is
NotAllowedError the right exception type for a timeout?
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:114
> +static bool didTimerFire(const std::unique_ptr<Timer>& timer)
May be nicer to pass a Timer* in.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:116
> + if (timer) {
if (!timer)
return false;
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:128
> + static NeverDestroyed<AuthenticatorManager> authenticator;
Can you please assert that: ASSERT(isMainThread()); ?
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:132
> +void AuthenticatorManager::setMessenger(WeakPtr<CredentialsMessenger>&&
messenger)
Can we pass in a CredentialsMessenger&, and have this method construct the
WeakPtr?
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:146
> + promise->reject(Exception { NotAllowedError });
It would be nice to provide a more detailed error message.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:157
> + if (!options.rp.id.isEmpty() && !(callerOrigin.host() == options.rp.id))
{
Why isn't this using && callerOrigin.host() != options.rp.id ?
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:158
> + promise->reject(Exception { SecurityError });
Would be nice to provide a more detailed error message.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:168
> + promise->reject(Exception { NotSupportedError });
Would be nice to provide a more detailed error message.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:181
> + promise->reject(Exception { UnknownError });
Would be nice to provide a more detailed error message. Should this be an
InvalidStateError?
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:189
> + promise->reject(Exception { AbortError });
Would be nice to provide a more detailed error message.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:197
> + auto attestationObject = result.returnValue();
This copies attestationObject unnecessarily. Either:
- Get rid of this local variable
or
- use auto&
You can also releaseReturnValue() if it is beneficial to transfer ownership.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:200
> + // Async operation are dispatched and handled in the messenger.
operations
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:213
> + promise->reject(Exception { NotAllowedError });
Would be nice to provide a more detailed error message.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:224
> + if (!options.rpId.isEmpty() && !(callerOrigin.host() == options.rpId)) {
Why not != ?
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:240
> + promise->reject(Exception { UnknownError });
Should this be an InvalidStateError?
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:248
> + promise->reject(Exception { AbortError });
Would be nice to provide a more detailed error message.
> Source/WebCore/Modules/webauthn/AuthenticatorManager.cpp:252
> + promise->reject(result.exception());
Would be nice to provide a more detailed error message.
> Source/WebCore/testing/Internals.cpp:536
> + m_mockCredentialsMessenger = new MockCredentialsMessenger();
Isn't this leaking? Should we use a unique_ptr?
> Source/WebCore/testing/MockCredentialsMessenger.cpp:50
> + auto messageId = addCreationCompletionHandler(WTFMove(handler));
Isn't the handler left in the map when m_timeOut is true or when
m_attestationObject.isEmpty()?
> Source/WebCore/testing/MockCredentialsMessenger.cpp:57
> + didMakeCredential(messageId, Exception { NotAllowedError });
Please provide a better exception message.
> Source/WebCore/testing/MockCredentialsMessenger.cpp:69
> + auto messageId = addRequestCompletionHandler(WTFMove(handler));
Isn't the handler left in the map when m_timeOut is true or when !m_bundle?
> Source/WebCore/testing/MockCredentialsMessenger.h:40
> + void setTimeOut() { m_timeOut = true; }
Bad naming
> Source/WebCore/testing/MockCredentialsMessenger.h:41
> + void setUserCancel() { m_userCancel = true; }
Bad naming
> Source/WebCore/testing/MockCredentialsMessenger.h:45
> + void ref() const { }
This looks really weird.
> Source/WebCore/testing/MockCredentialsMessenger.h:46
> + void deref() const { }
ditto.
> Source/WebCore/testing/MockCredentialsMessenger.h:55
> + bool m_timeOut { false };
m_timeOut is very confusingly named and not as per coding style. It needs a
prefix like "m_didTimeOut".
> Source/WebCore/testing/MockCredentialsMessenger.h:56
> + bool m_userCancel { false };
Bad naming as well.
> Source/WebCore/testing/MockCredentialsMessenger.idl:30
> + void setTimeOut();
bad naming
> Source/WebCore/testing/MockCredentialsMessenger.idl:31
> + void setUserCancel();
bad naming
More information about the webkit-reviews
mailing list