236820 – [WebAuthn] Support for conditional mediation

Bug 236820 - [WebAuthn] Support for conditional mediation

Summary: [WebAuthn] Support for conditional mediation

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	pascoe@apple.com

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2022-02-17 18:26 PST by pascoe@apple.com
Modified:	2022-02-18 16:31 PST (History)
CC List:	8 users (show)

See Also:

Attachments
Patch (43.45 KB, patch) 2022-02-17 18:33 PST, pascoe@apple.com	ews-feeder: commit-queue-	Details \| Formatted Diff \| Diff
Patch (47.52 KB, patch) 2022-02-17 19:10 PST, pascoe@apple.com	ews-feeder: commit-queue-	Details \| Formatted Diff \| Diff
Patch (53.23 KB, patch) 2022-02-17 21:56 PST, pascoe@apple.com	no flags	Details \| Formatted Diff \| Diff
Patch (47.93 KB, patch) 2022-02-18 11:34 PST, pascoe@apple.com	no flags	Details \| Formatted Diff \| Diff
Patch for landing (47.97 KB, patch) 2022-02-18 11:56 PST, pascoe@apple.com	ews-feeder: commit-queue-	Details \| Formatted Diff \| Diff
Patch for landing (48.00 KB, patch) 2022-02-18 12:07 PST, pascoe@apple.com	ews-feeder: commit-queue-	Details \| Formatted Diff \| Diff
[fast-cq]Patch for landing (49.78 KB, patch) 2022-02-18 12:33 PST, pascoe@apple.com	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (6) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description pascoe@apple.com 2022-02-17 18:26:04 PST

Conditional mediation was recently merged into the Credentials Management specification (https://w3c.github.io/webappsec-credential-management/#dom-credentialmediationrequirement-conditional). This bug is to add support for this mediation requirement.

Comment 1 pascoe@apple.com 2022-02-17 18:26:32 PST

rdar://84821947

Comment 2 pascoe@apple.com 2022-02-17 18:33:12 PST

Created attachment 452463 [details]
Patch

Comment 3 pascoe@apple.com 2022-02-17 19:10:02 PST

Created attachment 452466 [details]
Patch

Comment 4 pascoe@apple.com 2022-02-17 21:56:21 PST

Created attachment 452479 [details]
Patch

Comment 5 Chris Dumez 2022-02-18 08:56:55 PST

Comment on attachment 452479 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=452479&action=review

> Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp:57
> +    document.page()->authenticatorCoordinator().isConditionalMediationAvailable(WTFMove(promise));

Why should probably null check there page, there is a reason Document::page() returns a raw pointer.

> Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h:38
> +enum class MediationRequirement { Silent, Optional, Required, Conditional };

enum class MediationRequirement : uint8_t { ... }

> Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp:282
> +    // Async operation are dispatched and handled in the messenger.

operations

> Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h:59
> +    virtual void isConditionalMediationAvailable(QueryCompletionHandler&&) { };

Given that this takes a CompletionHandler as parameter, I think this virtual function should either be:
1. Pure virtual (= 0).
or
2. The default implementation should call the completion handler.

Otherwise, not overriding this (seemingly optional) virtual function will results in crashes in debug builds because completion handlers aren't called.

This comment seems to apply to other virtual functions in this file too.

> Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:263
> +    if (mediation && *mediation == MediationRequirement::Conditional && [requestContext respondsToSelector:@selector(setRequestStyle:)])

I believe you can you replace `mediation && *mediation == MediationRequirement::Conditional` with `mediation == MediationRequirement::Conditional`. std::optional's operator==() deals with this for you.

> Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:315
> +        callOnMainRunLoop([handler = WTFMove(handler), credential = retainPtr(credential), error = retainPtr(error)] () mutable {

May want to call ensureOnMainRunLoop() if there is any chance this gets called on the main thread.

> Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:316
> +            AuthenticatorResponseData response = { };

= { }; should not be necessary?

> Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:318
> +            ExceptionData exceptionData = { };

ditto.

> Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:30
> +    GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, enum:int WebCore::CredentialRequestOptions::MediationRequirement mediation, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async

`enum:uint8_t WebCore::CredentialRequestOptions::MediationRequirement`

> Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp:104
> +    handleRequest({ WTFMove(hash), WTFMove(options), nullptr, WebAuthenticationPanelResult::Unavailable, nullptr, std::nullopt, { }, processingUserGesture, String(), nullptr, std::nullopt }, WTFMove(handler));

This doesn't use mediation ?

Comment 6 pascoe@apple.com 2022-02-18 11:34:51 PST

Created attachment 452551 [details]
Patch

Comment 7 Brent Fulgham 2022-02-18 11:39:58 PST

Comment on attachment 452551 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=452551&action=review

r=me

> Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp:60
> +    page->authenticatorCoordinator().isConditionalMediationAvailable(WTFMove(promise));

I think this might be simpler using the old:
if (auto* page = document.page())
    page->authenticator...<<ETC>>

Since nothing else happens in this method if page is nullptr.

Comment 8 Chris Dumez 2022-02-18 11:42:57 PST

Comment on attachment 452551 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=452551&action=review

> Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp:59
> +        return;

Well, I would think we should reject the promise here..

Comment 9 pascoe@apple.com 2022-02-18 11:56:45 PST

Created attachment 452555 [details]
Patch for landing

Comment 10 Chris Dumez 2022-02-18 12:00:48 PST

Comment on attachment 452555 [details]
Patch for landing

View in context: https://bugs.webkit.org/attachment.cgi?id=452555&action=review

> Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp:60
> +        promise.reject(Exception { NotSupportedError });

No big deal but I think InvalidStateError applies better for such cases.

Comment 11 pascoe@apple.com 2022-02-18 12:07:56 PST

Created attachment 452557 [details]
Patch for landing

Comment 12 pascoe@apple.com 2022-02-18 12:33:53 PST

Created attachment 452561 [details]
[fast-cq]Patch for landing

Comment 13 EWS 2022-02-18 16:29:30 PST

Committed r290184 (247512@main): <https://commits.webkit.org/247512@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 452561 [details].

Comment 14 Aakash Jain 2022-02-18 16:31:01 PST

Please ignore the red color of commit-queue bubble, it was landed successfully, the color is incorrect (Bug 234644).