Bug 186870

Summary:

NSURLAuthenticationMethodOAuth challenges are surfaced to clients in -didReceiveAuthenticationChallenge as NSURLAuthenticationMethodDefault

Product:

WebKit

Reporter:

Ansh Shukla <ansh_shukla>

Component:

WebKit API

Assignee:

Alex Christensen <achristensen>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, beidson, cdumez, commit-queue, ews-watchlist, ggaren, realdawei, rniwa, ryanhaddad, tsavell, webkit-bug-importer, wenson_hsieh

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

All

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none
Patch	none
Archive of layout-test-results from ews103 for mac-sierra	none
Patch	none
Patch	none
Archive of layout-test-results from ews103 for mac-sierra	none
Fix layout test	none
Archive of layout-test-results from ews115 for mac-sierra	none
Archive of layout-test-results from ews104 for mac-sierra-wk2	none
Archive of layout-test-results from ews122 for ios-simulator-wk2	none
Patch	none
Archive of layout-test-results from ews103 for mac-sierra	none
Archive of layout-test-results from ews117 for mac-sierra	none
Patch	none

Ansh Shukla

Reported 2018-06-20 19:08:38 PDT

When WebKit receives an authentication request header of the form: WWW-Authenticate OAuth realm="https%3A%2F%2Fauthenticate.apple.com", it converts it to an internal representation of type ProtectionSpaceAuthenticationSchemeUnknown. However, when this authentication challenge is eventually sent to clients with -didReceiveAuthenticationChallenge, its cocoa representation has authentication type default because the implementation of nsSpace() doesn't handle the unknown case: default: break; ASSERT_NOT_REACHED(); } m_nsSpace = adoptNS(proxyType ? [[NSURLProtectionSpace alloc] initWithProxyHost:host() port:port() type:proxyType realm:realm() authenticationMethod:method] : [[NSURLProtectionSpace alloc] initWithHost:host() port:port() protocol:protocol realm:realm() authenticationMethod:method]); Passing in nil to the NSURLProtectionSpace initializer will give it type default. To clients, this manifests as an authentication challenge of type HTTP basic auth, since the protocol will be HTTP. In the WK2 C++ API, there was a custom object which did have the enum type: kWKProtectionSpaceAuthenticationSchemeUnknown.

Attachments
Patch (6.54 KB, patch) 2018-06-20 19:39 PDT, Ansh Shukla	no flags	Details Formatted Diff Diff
Patch (7.72 KB, patch) 2018-08-09 13:25 PDT, Ansh Shukla	no flags	Details Formatted Diff Diff
Patch (46.89 KB, patch) 2018-08-14 14:25 PDT, Ansh Shukla	no flags	Details Formatted Diff Diff
Patch (45.34 KB, patch) 2018-08-14 15:01 PDT, Ansh Shukla	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews103 for mac-sierra (2.59 MB, application/zip) 2018-08-14 15:56 PDT, EWS Watchlist	no flags	Details
Patch (42.03 KB, patch) 2018-08-14 16:42 PDT, Alex Christensen	no flags	Details Formatted Diff Diff
Patch (44.23 KB, patch) 2018-08-15 14:16 PDT, Alex Christensen	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews103 for mac-sierra (2.98 MB, application/zip) 2018-08-15 15:14 PDT, EWS Watchlist	no flags	Details
Fix layout test (44.00 KB, patch) 2018-08-15 15:56 PDT, Ansh Shukla	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews115 for mac-sierra (3.53 MB, application/zip) 2018-08-15 16:26 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews104 for mac-sierra-wk2 (3.22 MB, application/zip) 2018-08-15 16:31 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews122 for ios-simulator-wk2 (8.49 MB, application/zip) 2018-08-15 17:17 PDT, EWS Watchlist	no flags	Details
Patch (47.86 KB, patch) 2018-08-15 17:29 PDT, Alex Christensen	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews103 for mac-sierra (2.74 MB, application/zip) 2018-08-15 18:38 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews117 for mac-sierra (3.34 MB, application/zip) 2018-08-15 19:34 PDT, EWS Watchlist	no flags	Details
Patch (43.07 KB, patch) 2018-08-15 20:56 PDT, Alex Christensen	no flags	Details Formatted Diff Diff
Show Obsolete (15) View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2018-06-20 19:09:00 PDT

<rdar://problem/41314410>

Ansh Shukla

Comment 2 2018-06-20 19:39:50 PDT

Created attachment 343201 [details] Patch

Ansh Shukla

Comment 3 2018-08-09 13:25:22 PDT

Created attachment 346858 [details] Patch

Ansh Shukla

Comment 4 2018-08-09 13:25:51 PDT

New patch to see if it compiles with CFNetwork SPI.

Ansh Shukla

Comment 5 2018-08-14 14:25:33 PDT

Created attachment 347110 [details] Patch

Alex Christensen

Comment 6 2018-08-14 14:55:26 PDT

Comment on attachment 347110 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=347110&action=review > Source/WebCore/ChangeLog:17 > +2018-08-09 Ansh Shukla <ansh_shukla@apple.com> duplicate ChangeLog entry > Source/WebKit/ChangeLog:12 > +2018-08-09 Ansh Shukla <ansh_shukla@apple.com> ditto > Tools/WebKitTestRunner/TestController.cpp:1843 > + m_currentInvocation->outputText(String::format("canAuthenticateAgainstProtectionSpace: %s\n", toString(authenticationScheme))); You'll either need to remove this change and its log in your one expected file, or update all tests that log a canAuthenticateAgainstProtectionSpace message. I suggest the former.

Ansh Shukla

Comment 7 2018-08-14 15:01:38 PDT

Created attachment 347114 [details] Patch

EWS Watchlist

Comment 8 2018-08-14 15:56:33 PDT

Comment on attachment 347114 [details] Patch Attachment 347114 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/8860087 New failing tests: http/tests/loading/oauth.html

EWS Watchlist

Comment 9 2018-08-14 15:56:35 PDT

Created attachment 347120 [details] Archive of layout-test-results from ews103 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-sierra Platform: Mac OS X 10.12.6

Alex Christensen

Comment 10 2018-08-14 16:42:17 PDT

Created attachment 347128 [details] Patch

WebKit Commit Bot

Comment 11 2018-08-14 17:10:18 PDT

Comment on attachment 347128 [details] Patch Clearing flags on attachment: 347128 Committed r234870: <https://trac.webkit.org/changeset/234870>

WebKit Commit Bot

Comment 12 2018-08-14 17:10:20 PDT

All reviewed patches have been landed. Closing bug.

Dawei Fenton (:realdawei)

Comment 13 2018-08-15 09:19:02 PDT

test http/tests/loading/oauth.html has been pretty flaky since it was added: https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=http%2Ftests%2Floading%2Foauth.html sample diff: --- /Volumes/Data/slave/highsierra-debug-tests-wk2/build/layout-test-results/http/tests/loading/oauth-expected.txt +++ /Volumes/Data/slave/highsierra-debug-tests-wk2/build/layout-test-results/http/tests/loading/oauth-actual.txt @@ -2,7 +2,7 @@ main frame - didCommitLoadForFrame main frame - didFinishDocumentLoadForFrame main frame - didHandleOnloadEventsForFrame -main frame - didFinishLoadForFrame canAuthenticateAgainstProtectionSpace 127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeOAuth - Simulating cancelled authentication sheet +main frame - didFinishLoadForFrame

Ryan Haddad

Comment 14 2018-08-15 11:58:06 PDT

Also, as iOS-sim EWS predicted, http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.html is now failing on the bots. It looks like it just needs a rebaseline, though. https://build.webkit.org/results/Apple%20iOS%2011%20Simulator%20Release%20WK2%20(Tests)/r234889%20(6801)/results.html

Ryan Haddad

Comment 15 2018-08-15 13:22:19 PDT

Reverted r234870 for reason: The test introduced with this change is a flaky failure. Committed r234897: <https://trac.webkit.org/changeset/234897>

Alex Christensen

Comment 16 2018-08-15 14:16:36 PDT

Created attachment 347209 [details] Patch

EWS Watchlist

Comment 17 2018-08-15 15:14:20 PDT

Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/8872102 New failing tests: http/tests/loading/oauth.html http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.html

EWS Watchlist

Comment 18 2018-08-15 15:14:22 PDT

Created attachment 347213 [details] Archive of layout-test-results from ews103 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-sierra Platform: Mac OS X 10.12.6

Ansh Shukla

Comment 19 2018-08-15 15:33:58 PDT

I think ``runtest`` needs to have a capital 'T' in the onload attribute. We also need to re-baseline http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.

Ansh Shukla

Comment 20 2018-08-15 15:56:24 PDT

Created attachment 347217 [details] Fix layout test Fix layout test. Trailing slash test isn't failing locally for me.

EWS Watchlist

Comment 21 2018-08-15 16:26:31 PDT

Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass mac-debug-ews (mac): Output: https://webkit-queues.webkit.org/results/8872506 New failing tests: http/tests/loading/oauth.html http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.html

EWS Watchlist

Comment 22 2018-08-15 16:26:33 PDT

Created attachment 347221 [details] Archive of layout-test-results from ews115 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews115 Port: mac-sierra Platform: Mac OS X 10.12.6

EWS Watchlist

Comment 23 2018-08-15 16:31:56 PDT

Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass mac-wk2-ews (mac-wk2): Output: https://webkit-queues.webkit.org/results/8872859 New failing tests: http/tests/loading/oauth.html

EWS Watchlist

Comment 24 2018-08-15 16:31:58 PDT

Created attachment 347222 [details] Archive of layout-test-results from ews104 for mac-sierra-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews104 Port: mac-sierra-wk2 Platform: Mac OS X 10.12.6

EWS Watchlist

Comment 25 2018-08-15 17:17:37 PDT

Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass ios-sim-ews (ios-simulator-wk2): Output: https://webkit-queues.webkit.org/results/8873008 New failing tests: http/tests/loading/oauth.html

EWS Watchlist

Comment 26 2018-08-15 17:17:40 PDT

Created attachment 347230 [details] Archive of layout-test-results from ews122 for ios-simulator-wk2 The attached test failures were seen while running run-webkit-tests on the ios-sim-ews. Bot: ews122 Port: ios-simulator-wk2 Platform: Mac OS X 10.13.4

Alex Christensen

Comment 27 2018-08-15 17:29:25 PDT

Created attachment 347231 [details] Patch

EWS Watchlist

Comment 28 2018-08-15 18:38:50 PDT

Comment on attachment 347231 [details] Patch Attachment 347231 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/8874500 New failing tests: http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin.html http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/security/private-browsing-http-auth.html http/tests/security/basic-auth-subresource.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/loading/basic-auth-resend-wrong-credentials.html http/tests/misc/401-alternative-content.php http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials.html http/tests/xmlhttprequest/remember-bad-password.html http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin.html http/tests/security/401-logout/401-logout.php http/tests/xmlhttprequest/failed-auth.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html http/tests/media/video-auth.html http/tests/loading/basic-credentials-sent-automatically.html

EWS Watchlist

Comment 29 2018-08-15 18:38:52 PDT

Created attachment 347235 [details] Archive of layout-test-results from ews103 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-sierra Platform: Mac OS X 10.12.6

EWS Watchlist

Comment 30 2018-08-15 19:34:22 PDT

Comment on attachment 347231 [details] Patch Attachment 347231 [details] did not pass mac-debug-ews (mac): Output: https://webkit-queues.webkit.org/results/8874700 New failing tests: http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin.html http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/security/private-browsing-http-auth.html http/tests/security/basic-auth-subresource.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/loading/basic-auth-resend-wrong-credentials.html http/tests/misc/401-alternative-content.php http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials.html http/tests/xmlhttprequest/remember-bad-password.html http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin.html http/tests/security/401-logout/401-logout.php http/tests/xmlhttprequest/failed-auth.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html http/tests/media/video-auth.html http/tests/loading/basic-credentials-sent-automatically.html

EWS Watchlist

Comment 31 2018-08-15 19:34:24 PDT

Created attachment 347237 [details] Archive of layout-test-results from ews117 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews117 Port: mac-sierra Platform: Mac OS X 10.12.6

Alex Christensen

Comment 32 2018-08-15 20:56:31 PDT

Created attachment 347238 [details] Patch

WebKit Commit Bot

Comment 33 2018-08-15 22:38:46 PDT

Comment on attachment 347238 [details] Patch Clearing flags on attachment: 347238 Committed r234912: <https://trac.webkit.org/changeset/234912>

WebKit Commit Bot

Comment 34 2018-08-15 22:38:48 PDT

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.