Bug 236657

Summary: [WebAuthn] Add credentialID to _WKWebAuthenticationAssertionResponse and userHandle in getAllLocalAuthenticatorCredentials
Product: WebKit Reporter: pascoe <pascoe>
Component: WebKit Misc.Assignee: pascoe <pascoe>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

pascoe@apple.com
Reported 2022-02-15 11:53:10 PST
These fields are needed for internal needs.
Attachments
Patch (10.49 KB, patch)
2022-02-15 15:34 PST, pascoe@apple.com 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2022-02-15 11:53:19 PST
<rdar://problem/88979279>
pascoe@apple.com
Comment 2 2022-02-15 15:34:04 PST
Created attachment 452103 [details] Patch
Brent Fulgham
Comment 3 2022-02-18 11:20:18 PST
Comment on attachment 452103 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=452103&action=review r=me > Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:73 > + return wrapper(_response->credentialID()); Is it possible for _response to be nullptr?
Brent Fulgham
Comment 4 2022-02-18 11:21:41 PST
Comment on attachment 452103 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=452103&action=review >> Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:73 >> + return wrapper(_response->credentialID()); > > Is it possible for _response to be nullptr? Update: No, it's always dereferenced without checking.
pascoe@apple.com
Comment 5 2022-02-18 11:25:44 PST
Comment on attachment 452103 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=452103&action=review >> Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:73 >> + return wrapper(_response->credentialID()); > > Is it possible for _response to be nullptr? I don't believe so, this is similar to userHandle. The only way we initialize _WKWebAuthenticationAssertionResponse is via APIWebAuthenticationAssertionResponse, which populates the _response.
EWS
Comment 6 2022-02-18 12:38:14 PST
Committed r290154 (247493@main): <https://commits.webkit.org/247493@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 452103 [details].
Note You need to log in before you can comment on or make changes to this bug.