When WebKit receives an authentication request header of the form: WWW-Authenticate OAuth realm="https%3A%2F%2Fauthenticate.apple.com", it converts it to an internal representation of type ProtectionSpaceAuthenticationSchemeUnknown. However, when this authentication challenge is eventually sent to clients with -didReceiveAuthenticationChallenge, its cocoa representation has authentication type default because the implementation of nsSpace() doesn't handle the unknown case: default: break; ASSERT_NOT_REACHED(); } m_nsSpace = adoptNS(proxyType ? [[NSURLProtectionSpace alloc] initWithProxyHost:host() port:port() type:proxyType realm:realm() authenticationMethod:method] : [[NSURLProtectionSpace alloc] initWithHost:host() port:port() protocol:protocol realm:realm() authenticationMethod:method]); Passing in nil to the NSURLProtectionSpace initializer will give it type default. To clients, this manifests as an authentication challenge of type HTTP basic auth, since the protocol will be HTTP. In the WK2 C++ API, there was a custom object which did have the enum type: kWKProtectionSpaceAuthenticationSchemeUnknown.
<rdar://problem/41314410>
Created attachment 343201 [details] Patch
Created attachment 346858 [details] Patch
New patch to see if it compiles with CFNetwork SPI.
Created attachment 347110 [details] Patch
Comment on attachment 347110 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=347110&action=review > Source/WebCore/ChangeLog:17 > +2018-08-09 Ansh Shukla <ansh_shukla@apple.com> duplicate ChangeLog entry > Source/WebKit/ChangeLog:12 > +2018-08-09 Ansh Shukla <ansh_shukla@apple.com> ditto > Tools/WebKitTestRunner/TestController.cpp:1843 > + m_currentInvocation->outputText(String::format("canAuthenticateAgainstProtectionSpace: %s\n", toString(authenticationScheme))); You'll either need to remove this change and its log in your one expected file, or update all tests that log a canAuthenticateAgainstProtectionSpace message. I suggest the former.
Created attachment 347114 [details] Patch
Comment on attachment 347114 [details] Patch Attachment 347114 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/8860087 New failing tests: http/tests/loading/oauth.html
Created attachment 347120 [details] Archive of layout-test-results from ews103 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-sierra Platform: Mac OS X 10.12.6
Created attachment 347128 [details] Patch
Comment on attachment 347128 [details] Patch Clearing flags on attachment: 347128 Committed r234870: <https://trac.webkit.org/changeset/234870>
All reviewed patches have been landed. Closing bug.
test http/tests/loading/oauth.html has been pretty flaky since it was added: https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=http%2Ftests%2Floading%2Foauth.html sample diff: --- /Volumes/Data/slave/highsierra-debug-tests-wk2/build/layout-test-results/http/tests/loading/oauth-expected.txt +++ /Volumes/Data/slave/highsierra-debug-tests-wk2/build/layout-test-results/http/tests/loading/oauth-actual.txt @@ -2,7 +2,7 @@ main frame - didCommitLoadForFrame main frame - didFinishDocumentLoadForFrame main frame - didHandleOnloadEventsForFrame -main frame - didFinishLoadForFrame canAuthenticateAgainstProtectionSpace 127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeOAuth - Simulating cancelled authentication sheet +main frame - didFinishLoadForFrame
Also, as iOS-sim EWS predicted, http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.html is now failing on the bots. It looks like it just needs a rebaseline, though. https://build.webkit.org/results/Apple%20iOS%2011%20Simulator%20Release%20WK2%20(Tests)/r234889%20(6801)/results.html
Reverted r234870 for reason: The test introduced with this change is a flaky failure. Committed r234897: <https://trac.webkit.org/changeset/234897>
Created attachment 347209 [details] Patch
Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/8872102 New failing tests: http/tests/loading/oauth.html http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.html
Created attachment 347213 [details] Archive of layout-test-results from ews103 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-sierra Platform: Mac OS X 10.12.6
I think ``runtest`` needs to have a capital 'T' in the onload attribute. We also need to re-baseline http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.
Created attachment 347217 [details] Fix layout test Fix layout test. Trailing slash test isn't failing locally for me.
Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass mac-debug-ews (mac): Output: https://webkit-queues.webkit.org/results/8872506 New failing tests: http/tests/loading/oauth.html http/tests/loading/basic-auth-load-URL-with-consecutive-slashes.html
Created attachment 347221 [details] Archive of layout-test-results from ews115 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews115 Port: mac-sierra Platform: Mac OS X 10.12.6
Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass mac-wk2-ews (mac-wk2): Output: https://webkit-queues.webkit.org/results/8872859 New failing tests: http/tests/loading/oauth.html
Created attachment 347222 [details] Archive of layout-test-results from ews104 for mac-sierra-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews104 Port: mac-sierra-wk2 Platform: Mac OS X 10.12.6
Comment on attachment 347209 [details] Patch Attachment 347209 [details] did not pass ios-sim-ews (ios-simulator-wk2): Output: https://webkit-queues.webkit.org/results/8873008 New failing tests: http/tests/loading/oauth.html
Created attachment 347230 [details] Archive of layout-test-results from ews122 for ios-simulator-wk2 The attached test failures were seen while running run-webkit-tests on the ios-sim-ews. Bot: ews122 Port: ios-simulator-wk2 Platform: Mac OS X 10.13.4
Created attachment 347231 [details] Patch
Comment on attachment 347231 [details] Patch Attachment 347231 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/8874500 New failing tests: http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin.html http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/security/private-browsing-http-auth.html http/tests/security/basic-auth-subresource.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/loading/basic-auth-resend-wrong-credentials.html http/tests/misc/401-alternative-content.php http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials.html http/tests/xmlhttprequest/remember-bad-password.html http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin.html http/tests/security/401-logout/401-logout.php http/tests/xmlhttprequest/failed-auth.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html http/tests/media/video-auth.html http/tests/loading/basic-credentials-sent-automatically.html
Created attachment 347235 [details] Archive of layout-test-results from ews103 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-sierra Platform: Mac OS X 10.12.6
Comment on attachment 347231 [details] Patch Attachment 347231 [details] did not pass mac-debug-ews (mac): Output: https://webkit-queues.webkit.org/results/8874700 New failing tests: http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin.html http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/security/private-browsing-http-auth.html http/tests/security/basic-auth-subresource.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials.html http/tests/loading/basic-auth-resend-wrong-credentials.html http/tests/misc/401-alternative-content.php http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials.html http/tests/xmlhttprequest/remember-bad-password.html http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin.html http/tests/security/401-logout/401-logout.php http/tests/xmlhttprequest/failed-auth.html http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html http/tests/media/video-auth.html http/tests/loading/basic-credentials-sent-automatically.html
Created attachment 347237 [details] Archive of layout-test-results from ews117 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews117 Port: mac-sierra Platform: Mac OS X 10.12.6
Created attachment 347238 [details] Patch
Comment on attachment 347238 [details] Patch Clearing flags on attachment: 347238 Committed r234912: <https://trac.webkit.org/changeset/234912>