236657 – [WebAuthn] Add credentialID to _WKWebAuthenticationAssertionResponse and userHandle in getAllLocalAuthenticatorCredentials

RESOLVED FIXED 236657

[WebAuthn] Add credentialID to _WKWebAuthenticationAssertionResponse and userHandle in getAllLocalAuthenticatorCredentials

https://bugs.webkit.org/show_bug.cgi?id=236657

Summary [WebAuthn] Add credentialID to _WKWebAuthenticationAssertionResponse and user...

pascoe@apple.com

Reported 2022-02-15 11:53:10 PST

These fields are needed for internal needs.

Attachments
Patch (10.49 KB, patch) 2022-02-15 15:34 PST, pascoe@apple.com	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2022-02-15 11:53:19 PST

<rdar://problem/88979279>

pascoe@apple.com

Comment 2 2022-02-15 15:34:04 PST

Created attachment 452103 [details] Patch

Brent Fulgham

Comment 3 2022-02-18 11:20:18 PST

Comment on attachment 452103 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=452103&action=review r=me > Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:73 > + return wrapper(_response->credentialID()); Is it possible for _response to be nullptr?

Brent Fulgham

Comment 4 2022-02-18 11:21:41 PST

Comment on attachment 452103 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=452103&action=review >> Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:73 >> + return wrapper(_response->credentialID()); > > Is it possible for _response to be nullptr? Update: No, it's always dereferenced without checking.

pascoe@apple.com

Comment 5 2022-02-18 11:25:44 PST

Comment on attachment 452103 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=452103&action=review >> Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm:73 >> + return wrapper(_response->credentialID()); > > Is it possible for _response to be nullptr? I don't believe so, this is similar to userHandle. The only way we initialize _WKWebAuthenticationAssertionResponse is via APIWebAuthenticationAssertionResponse, which populates the _response.

EWS

Comment 6 2022-02-18 12:38:14 PST

Committed r290154 (247493@main): <https://commits.webkit.org/247493@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 452103 [details].

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKit Misc.

Assignee

pascoe@apple.com

Reported

2022-02-15 11:53 PST

Modified

2022-02-18 12:38 PST History

CC List

2 users Show

URL

Keywords InRadar

Depends on

Blocks