RESOLVED FIXED 190783
[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData
https://bugs.webkit.org/show_bug.cgi?id=190783
Summary [WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData
Jiewen Tan
Reported 2018-10-21 18:13:57 PDT
We probably should combine AuthenticatorResponse with PublicKeyCredentialData, and customize AuthenticatorResponse more to include fields like numberOfCredentials from FIDO CTAP authenticators. Thus, AuthenticatorResponse will not serve merely for IDL interfaces.
Attachments
Patch (108.37 KB, patch)
2019-12-09 21:44 PST, Jiewen Tan
bfulgham: review+
Patch for landing (106.67 KB, patch)
2019-12-11 14:33 PST, Jiewen Tan
no flags
Jiewen Tan
Comment 1 2019-05-13 17:56:02 PDT
The difficulty is that IPC can't serialize ref counted objects. Therefore, we might still need a separate AuthenticatorResponseData struct that can be passed around different processes.
Radar WebKit Bug Importer
Comment 2 2019-12-09 20:56:22 PST
Jiewen Tan
Comment 3 2019-12-09 21:44:46 PST
Jiewen Tan
Comment 4 2019-12-10 11:01:43 PST
The layout test failure doesn't seem to be related: http/tests/cache-storage/page-cache-domcache-pending-promise.html.
Brent Fulgham
Comment 5 2019-12-11 13:00:03 PST
Comment on attachment 385239 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=385239&action=review Looks good! r=me > Source/WebCore/ChangeLog:12 > + all different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion all THE different > Source/WebCore/ChangeLog:13 > + depends on numberOfCredentials member from authenticatorGetAssertion response to function, but depends on THE numberOfCredentials ... > Source/WebCore/ChangeLog:14 > + numberOfCredentials is not used anywhere else. Therefore, a polymorphism type is needed to Therefore, a POLYMORPHIC type is needed to ... > Source/WebCore/ChangeLog:19 > + IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept to be an intermediate type is kept AS an intermediate type ... > Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientOutputs.h:30 > +#include <wtf/text/WTFString.h> Is WTFString actually needed here? No string appears in the header. Seems more likely we would need <wtf/Optional.h> > Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp:45 > + RefPtr<ArrayBuffer> userhandle; I don't think it's wise to rely on case difference to distinguish between 'userhandle' and 'userHandle'. I suggest 'userHandleData' and 'userHandle'. > Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp:55 > +// FIXME: Find a way to reduce the unnecessary copies. You should file a bugzilla or we will never remember to do this! > Source/WebCore/Modules/webauthn/AuthenticatorResponse.h:55 > + void setClientDataJSON(Ref<ArrayBuffer>&&); Why isn't this inlined like 'setExtensions'? Seems like we should be consistent (all in the implementation file, or all in the header). > Source/WebCore/Modules/webauthn/AuthenticatorResponseData.h:2 > + * Copyright (C) 2018 Apple Inc. All rights reserved. 2019 maybe?
Jiewen Tan
Comment 6 2019-12-11 13:47:02 PST
Comment on attachment 385239 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=385239&action=review Thanks Brent for r+ this patch. >> Source/WebCore/ChangeLog:12 >> + all different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion > > all THE different Fixed. >> Source/WebCore/ChangeLog:13 >> + depends on numberOfCredentials member from authenticatorGetAssertion response to function, but > > depends on THE numberOfCredentials ... Fixed. >> Source/WebCore/ChangeLog:14 >> + numberOfCredentials is not used anywhere else. Therefore, a polymorphism type is needed to > > Therefore, a POLYMORPHIC type is needed to ... Fixed. >> Source/WebCore/ChangeLog:19 >> + IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept to be an intermediate type > > is kept AS an intermediate type ... Fixed. >> Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientOutputs.h:30 >> +#include <wtf/text/WTFString.h> > > Is WTFString actually needed here? No string appears in the header. > > Seems more likely we would need <wtf/Optional.h> Removed. >> Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp:45 >> + RefPtr<ArrayBuffer> userhandle; > > I don't think it's wise to rely on case difference to distinguish between 'userhandle' and 'userHandle'. > > I suggest 'userHandleData' and 'userHandle'. Right, I was somehow lazy. > Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h:42 > +struct AuthenticatorResponseData; Moved to the top. >> Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp:55 >> +// FIXME: Find a way to reduce the unnecessary copies. > > You should file a bugzilla or we will never remember to do this! I just removed the FIXME actually as I don't think it worths optimizing. >> Source/WebCore/Modules/webauthn/AuthenticatorResponse.h:55 >> + void setClientDataJSON(Ref<ArrayBuffer>&&); > > Why isn't this inlined like 'setExtensions'? Seems like we should be consistent (all in the implementation file, or all in the header). The considerations here is to limit the access to certain methods given this is a private header. I moved all to the implementations and use WEBCORE_EXPORT for rawId and setExtensions. >> Source/WebCore/Modules/webauthn/AuthenticatorResponseData.h:2 >> + * Copyright (C) 2018 Apple Inc. All rights reserved. > > 2019 maybe? Yes!
Jiewen Tan
Comment 7 2019-12-11 14:33:14 PST
Created attachment 385441 [details] Patch for landing
WebKit Commit Bot
Comment 8 2019-12-11 15:19:17 PST
Comment on attachment 385441 [details] Patch for landing Clearing flags on attachment: 385441 Committed r253398: <https://trac.webkit.org/changeset/253398>
Note You need to log in before you can comment on or make changes to this bug.