Attachment #393535 for bug #208703

View Details Raw Unified Return to Bug 208703

| Differences between



2020-03-13  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Customize a bit more on the macOS LocalAuthentication prompt
        https://bugs.webkit.org/show_bug.cgi?id=208703
        <rdar://problem/60136974>

        Reviewed by Darin Adler.

        * en.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::touchIDPromptTitle):
        * platform/LocalizedStrings.h:
        Adds a new formatted UI string to help with RP ID.

2020-03-13  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, reverting r258391.



2020-03-13  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Customize a bit more on the macOS LocalAuthentication prompt
        https://bugs.webkit.org/show_bug.cgi?id=208703
        <rdar://problem/60136974>

        Reviewed by Darin Adler.

        On macOS, LocalAuthentication prompt can be shown anywhere that is probably not on top of
        our UI clients. Therefore, add a RP ID to the dialog to help users to identify what has
        happened. In addition, it removes the password fallback button.

        * Platform/spi/Cocoa/LocalAuthenticationSPI.h:
        * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
        (WebKit::LocalAuthenticator::continueMakeCredentialAfterDecidePolicy):
        (WebKit::LocalAuthenticator::continueGetAssertionAfterResponseSelected):
        * UIProcess/WebAuthentication/Cocoa/LocalConnection.h:
        * UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:
        (WebKit::LocalConnection::verifyUser const):
        * UIProcess/WebAuthentication/Mock/MockLocalConnection.h:
        * UIProcess/WebAuthentication/Mock/MockLocalConnection.mm:
        (WebKit::MockLocalConnection::verifyUser const):

2020-03-13  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, reverting r258391.

Lines 39-45 ENABLE_ACCELERATED_2D_CANVAS = ; a/Source/JavaScriptCore/Configurations/FeatureDefines.xcconfig_sec1
- a/Source/JavaScriptCore/Configurations/FeatureDefines.xcconfig -1 / +1 lines
39		39
40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));	40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));
41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));	41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));
42	ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;	42	//ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;
43		43
44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));	44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));
45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;	45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;



#endif

#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)
#define HAVE_CFNETWORK_ALTERNATIVE_SERVICE 0
#endif

#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101500


#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)
#define HAVE_WEBP 1
#define HAVE_AVSAMPLEBUFFERVIDEOOUTPUT 0
#endif

#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600)
#define HAVE_INCREMENTAL_PDF_APIS 0
#endif

#if (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)

Lines 39-45 ENABLE_ACCELERATED_2D_CANVAS = ; a/Source/WebCore/Configurations/FeatureDefines.xcconfig_sec1
- a/Source/WebCore/Configurations/FeatureDefines.xcconfig -1 / +1 lines
39		39
40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));	40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));
41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));	41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));
42	ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;	42	//ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;
43		43
44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));	44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));
45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;	45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;

Lines 39-45 ENABLE_ACCELERATED_2D_CANVAS = ; a/Source/WebCore/PAL/Configurations/FeatureDefines.xcconfig_sec1
- a/Source/WebCore/PAL/Configurations/FeatureDefines.xcconfig -1 / +1 lines
39		39
40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));	40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));
41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));	41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));
42	ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;	42	//ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;
43		43
44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));	44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));
45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;	45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;

Lines 886-891 a/Source/WebCore/en.lproj/Localizable.strings_sec1
- a/Source/WebCore/en.lproj/Localizable.strings +3 lines
886	/* Use Touch ID to sign into this website */	886	/* Use Touch ID to sign into this website */
887	"Touch ID to sign into this website." = "Touch ID to sign into this website.";	887	"Touch ID to sign into this website." = "Touch ID to sign into this website.";
888		888
		889	/* Allow using Touch ID to sign into the specified website on this device */
		890	"Touch ID to allow signing into “%@” with Touch ID." = "Touch ID to allow signing into “%@” with Touch ID.";
		891
889	/* Transformations context sub-menu item */	892	/* Transformations context sub-menu item */
890	"Transformations" = "Transformations";	893	"Transformations" = "Transformations";
891		894



#endif

#if ENABLE(WEB_AUTHN)
String genericTouchIDPromptTitle()
{
    return WEB_UI_STRING("Touch ID to sign into this website.", "Use Touch ID to sign into this website");
}

String makeCredentialTouchIDPromptTitle(const String& domain)
{
    return formatLocalizedString(WEB_UI_CFSTRING("Touch ID to allow signing into “%@” with Touch ID.", "Allow using Touch ID to sign into the specified website on this device"), domain.createCFString().get());
}

String biometricFallbackPromptTitle()
{
    return WEB_UI_STRING("Enter passcode to sign into this website.", "Use passcode as a fallback to sign into this website");



#endif

#if ENABLE(WEB_AUTHN)
    WEBCORE_EXPORT String genericTouchIDPromptTitle();
    WEBCORE_EXPORT String makeCredentialTouchIDPromptTitle(const String& domain);
    WEBCORE_EXPORT String biometricFallbackPromptTitle();
#endif


Lines 39-45 ENABLE_ACCELERATED_2D_CANVAS = ; a/Source/WebKit/Configurations/FeatureDefines.xcconfig_sec1
- a/Source/WebKit/Configurations/FeatureDefines.xcconfig -1 / +1 lines
39		39
40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));	40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));
41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));	41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));
42	ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;	42	//ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;
43		43
44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));	44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));
45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;	45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;

Lines 36-41 a/Source/WebKit/Platform/spi/Cocoa/LocalAuthenticationSPI.h_sec1
- a/Source/WebKit/Platform/spi/Cocoa/LocalAuthenticationSPI.h +1 lines
36	typedef NS_ENUM(NSInteger, LAOption) {	36	typedef NS_ENUM(NSInteger, LAOption) {
37	LAOptionAuthenticationTitle,	37	LAOptionAuthenticationTitle,
38	LAOptionPasscodeTitle,	38	LAOptionPasscodeTitle,
		39	LAOptionFallbackVisible,
39	};	40	};
40		41
41	@interface LAContext(Private) <NSSecureCoding>	42	@interface LAContext(Private) <NSSecureCoding>

Lines 237-242 void LocalAuthenticator::continueMakeCredentialAfterDecidePolicy(LocalAuthentica a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm -2 / +6 lines
237	ASSERT(m_state == State::RequestReceived);	237	ASSERT(m_state == State::RequestReceived);
238	m_state = State::PolicyDecided;	238	m_state = State::PolicyDecided;
239		239
		240	auto& creationOptions = WTF::get<PublicKeyCredentialCreationOptions>(requestData().options);
		241
240	if (policy == LocalAuthenticatorPolicy::Disallow) {	242	if (policy == LocalAuthenticatorPolicy::Disallow) {
241	receiveRespond(ExceptionData { UnknownError, "Disallow local authenticator."_s });	243	receiveRespond(ExceptionData { UnknownError, "Disallow local authenticator."_s });
242	return;	244	return;
Lines 261-267 void LocalAuthenticator::continueMakeCredentialAfterDecidePolicy(LocalAuthentica a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm_sec2
261		263
262	weakThis->continueMakeCredentialAfterUserVerification(accessControl.get(), verification, context);	264	weakThis->continueMakeCredentialAfterUserVerification(accessControl.get(), verification, context);
263	};	265	};
264	m_connection->verifyUser(accessControlRef, WTFMove(callback));	266	m_connection->verifyUser(creationOptions.rp.id, accessControlRef, WTFMove(callback));
265	}	267	}
266		268
267	void LocalAuthenticator::continueMakeCredentialAfterUserVerification(SecAccessControlRef accessControlRef, LocalConnection::UserVerification verification, LAContext *context)	269	void LocalAuthenticator::continueMakeCredentialAfterUserVerification(SecAccessControlRef accessControlRef, LocalConnection::UserVerification verification, LAContext *context)
Lines 476-481 void LocalAuthenticator::continueGetAssertionAfterResponseSelected(Ref<WebCore:: a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm_sec3
476	ASSERT(m_state == State::RequestReceived);	478	ASSERT(m_state == State::RequestReceived);
477	m_state = State::ResponseSelected;	479	m_state = State::ResponseSelected;
478		480
		481	auto& requestOptions = WTF::get<PublicKeyCredentialRequestOptions>(requestData().options);
		482
479	auto accessControlRef = response->accessControl();	483	auto accessControlRef = response->accessControl();
480	auto callback = [	484	auto callback = [
481	weakThis = makeWeakPtr(*this),	485	weakThis = makeWeakPtr(*this),
Lines 487-493 void LocalAuthenticator::continueGetAssertionAfterResponseSelected(Ref<WebCore:: a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm_sec4
487		491
488	weakThis->continueGetAssertionAfterUserVerification(WTFMove(response), verification, context);	492	weakThis->continueGetAssertionAfterUserVerification(WTFMove(response), verification, context);
489	};	493	};
490	m_connection->verifyUser(accessControlRef, WTFMove(callback));	494	m_connection->verifyUser(requestOptions.rpId, accessControlRef, WTFMove(callback));
491	}	495	}
492		496
493	void LocalAuthenticator::continueGetAssertionAfterUserVerification(Ref<WebCore::AuthenticatorAssertionResponse>&& response, LocalConnection::UserVerification verification, LAContext *context)	497	void LocalAuthenticator::continueGetAssertionAfterUserVerification(Ref<WebCore::AuthenticatorAssertionResponse>&& response, LocalConnection::UserVerification verification, LAContext *context)

Lines 62-68 public: a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalConnection.h_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalConnection.h -1 / +1 lines
62	virtual ~LocalConnection() = default;	62	virtual ~LocalConnection() = default;
63		63
64	// Overrided by MockLocalConnection.	64	// Overrided by MockLocalConnection.
65	virtual void verifyUser(SecAccessControlRef, UserVerificationCallback&&) const;	65	virtual void verifyUser(const String& rpId, SecAccessControlRef, UserVerificationCallback&&) const;
66	virtual RetainPtr<SecKeyRef> createCredentialPrivateKey(LAContext , SecAccessControlRef, const String& secAttrLabel, NSData secAttrApplicationTag) const;	66	virtual RetainPtr<SecKeyRef> createCredentialPrivateKey(LAContext , SecAccessControlRef, const String& secAttrLabel, NSData secAttrApplicationTag) const;
67	virtual void getAttestation(SecKeyRef, NSData authData, NSData hash, AttestationCallback&&) const;	67	virtual void getAttestation(SecKeyRef, NSData authData, NSData hash, AttestationCallback&&) const;
68	virtual void filterResponses(HashSet<Ref<WebCore::AuthenticatorAssertionResponse>>&) const { };	68	virtual void filterResponses(HashSet<Ref<WebCore::AuthenticatorAssertionResponse>>&) const { };




namespace WebKit {

void LocalConnection::verifyUser(const String& rpId, SecAccessControlRef accessControl, UserVerificationCallback&& completionHandler) const
{
    auto context = adoptNS([allocLAContextInstance() init]);

    auto options = adoptNS([[NSMutableDictionary alloc] init]);
    if ([context biometryType] == LABiometryTypeTouchID) {
#if PLATFORM(IOS)
        [options setObject:WebCore::genericTouchIDPromptTitle() forKey:@(LAOptionAuthenticationTitle)];
        ASSERT_UNUSED(rpId, rpId);
#else
        [options setObject:WebCore::makeCredentialTouchIDPromptTitle(rpId) forKey:@(LAOptionAuthenticationTitle)];
#endif
        [options setObject:@NO forKey:@(LAOptionFallbackVisible)];
    }
#if PLATFORM(IOS)
    [options setObject:WebCore::biometricFallbackPromptTitle() forKey:@(LAOptionPasscodeTitle)];
#endif


Lines 37-43 public: a/Source/WebKit/UIProcess/WebAuthentication/Mock/MockLocalConnection.h_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/Mock/MockLocalConnection.h -1 / +1 lines
37	explicit MockLocalConnection(const WebCore::MockWebAuthenticationConfiguration&);	37	explicit MockLocalConnection(const WebCore::MockWebAuthenticationConfiguration&);
38		38
39	private:	39	private:
40	void verifyUser(SecAccessControlRef, UserVerificationCallback&&) const final;	40	void verifyUser(const String&, SecAccessControlRef, UserVerificationCallback&&) const final;
41	RetainPtr<SecKeyRef> createCredentialPrivateKey(LAContext , SecAccessControlRef, const String& secAttrLabel, NSData secAttrApplicationTag) const final;	41	RetainPtr<SecKeyRef> createCredentialPrivateKey(LAContext , SecAccessControlRef, const String& secAttrLabel, NSData secAttrApplicationTag) const final;
42	void getAttestation(SecKeyRef, NSData authData, NSData hash, AttestationCallback&&) const final;	42	void getAttestation(SecKeyRef, NSData authData, NSData hash, AttestationCallback&&) const final;
43	void filterResponses(HashSet<Ref<WebCore::AuthenticatorAssertionResponse>>&) const final;	43	void filterResponses(HashSet<Ref<WebCore::AuthenticatorAssertionResponse>>&) const final;

Lines 44-50 MockLocalConnection::MockLocalConnection(const WebCore::MockWebAuthenticationCon a/Source/WebKit/UIProcess/WebAuthentication/Mock/MockLocalConnection.mm_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/Mock/MockLocalConnection.mm -1 / +1 lines
44	{	44	{
45	}	45	}
46		46
47	void MockLocalConnection::verifyUser(SecAccessControlRef, UserVerificationCallback&& callback) const	47	void MockLocalConnection::verifyUser(const String&, SecAccessControlRef, UserVerificationCallback&& callback) const
48	{	48	{
49	// Mock async operations.	49	// Mock async operations.
50	RunLoop::main().dispatch([configuration = m_configuration, callback = WTFMove(callback)]() mutable {	50	RunLoop::main().dispatch([configuration = m_configuration, callback = WTFMove(callback)]() mutable {

Lines 39-45 ENABLE_ACCELERATED_2D_CANVAS = ; a/Source/WebKitLegacy/mac/Configurations/FeatureDefines.xcconfig_sec1
- a/Source/WebKitLegacy/mac/Configurations/FeatureDefines.xcconfig -1 / +1 lines
39		39
40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));	40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));
41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));	41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));
42	ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;	42	//ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;
43		43
44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));	44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));
45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;	45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;

Lines 39-45 ENABLE_ACCELERATED_2D_CANVAS = ; a/Tools/TestWebKitAPI/Configurations/FeatureDefines.xcconfig_sec1
- a/Tools/TestWebKitAPI/Configurations/FeatureDefines.xcconfig -1 / +1 lines
39		39
40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));	40	ENABLE_ACCESSIBILITY_ISOLATED_TREE = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE_$(WK_PLATFORM_NAME));
41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));	41	ENABLE_ACCESSIBILITY_ISOLATED_TREE_macosx = $(ENABLE_ACCESSIBILITY_ISOLATED_TREE$(WK_MACOS_1016));
42	ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;	42	//ENABLE_ACCESSIBILITY_ISOLATED_TREE_MACOS_SINCE_1016 = ENABLE_ACCESSIBILITY_ISOLATED_TREE;
43		43
44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));	44	ENABLE_APPLE_PAY = $(ENABLE_APPLE_PAY_$(WK_PLATFORM_NAME));
45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;	45	ENABLE_APPLE_PAY_iphoneos = ENABLE_APPLE_PAY;

Return to Bug 208703

Lines 445-451 a/Source/WTF/wtf/PlatformHave.h_sec1
- a/Source/WTF/wtf/PlatformHave.h -3 / +3 lines
445	#endif	445	#endif
446		446
447	#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) \|\| (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)	447	#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) \|\| (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)
448	#define HAVE_CFNETWORK_ALTERNATIVE_SERVICE 1	448	#define HAVE_CFNETWORK_ALTERNATIVE_SERVICE 0
449	#endif	449	#endif
450		450
451	#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101500	451	#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101500
Lines 600-610 a/Source/WTF/wtf/PlatformHave.h_sec2
600		600
601	#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) \|\| (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)	601	#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) \|\| (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)
602	#define HAVE_WEBP 1	602	#define HAVE_WEBP 1
603	#define HAVE_AVSAMPLEBUFFERVIDEOOUTPUT 1	603	#define HAVE_AVSAMPLEBUFFERVIDEOOUTPUT 0
604	#endif	604	#endif
605		605
606	#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600)	606	#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600)
607	#define HAVE_INCREMENTAL_PDF_APIS 1	607	#define HAVE_INCREMENTAL_PDF_APIS 0
608	#endif	608	#endif
609		609
610	#if (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)	610	#if (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)

Lines 1208-1218 String unacceptableTLSCertificate() a/Source/WebCore/platform/LocalizedStrings.cpp_sec1
- a/Source/WebCore/platform/LocalizedStrings.cpp -1 / +6 lines
1208	#endif	1208	#endif
1209		1209
1210	#if ENABLE(WEB_AUTHN)	1210	#if ENABLE(WEB_AUTHN)
1211	String touchIDPromptTitle()	1211	String genericTouchIDPromptTitle()
1212	{	1212	{
1213	return WEB_UI_STRING("Touch ID to sign into this website.", "Use Touch ID to sign into this website");	1213	return WEB_UI_STRING("Touch ID to sign into this website.", "Use Touch ID to sign into this website");
1214	}	1214	}
1215		1215
		1216	String makeCredentialTouchIDPromptTitle(const String& domain)
		1217	{
		1218	return formatLocalizedString(WEB_UI_CFSTRING("Touch ID to allow signing into “%@” with Touch ID.", "Allow using Touch ID to sign into the specified website on this device"), domain.createCFString().get());
		1219	}
		1220
1216	String biometricFallbackPromptTitle()	1221	String biometricFallbackPromptTitle()
1217	{	1222	{
1218	return WEB_UI_STRING("Enter passcode to sign into this website.", "Use passcode as a fallback to sign into this website");	1223	return WEB_UI_STRING("Enter passcode to sign into this website.", "Use passcode as a fallback to sign into this website");

Lines 340-346 namespace WebCore { a/Source/WebCore/platform/LocalizedStrings.h_sec1
- a/Source/WebCore/platform/LocalizedStrings.h -1 / +2 lines
340	#endif	340	#endif
341		341
342	#if ENABLE(WEB_AUTHN)	342	#if ENABLE(WEB_AUTHN)
343	WEBCORE_EXPORT String touchIDPromptTitle();	343	WEBCORE_EXPORT String genericTouchIDPromptTitle();
		344	WEBCORE_EXPORT String makeCredentialTouchIDPromptTitle(const String& domain);
344	WEBCORE_EXPORT String biometricFallbackPromptTitle();	345	WEBCORE_EXPORT String biometricFallbackPromptTitle();
345	#endif	346	#endif
346		347

Lines 1-3 a/Source/WebCore/ChangeLog_sec1
- a/Source/WebCore/ChangeLog +14 lines
		1	2020-03-13 Jiewen Tan <jiewen_tan@apple.com>
		2
		3	[WebAuthn] Customize a bit more on the macOS LocalAuthentication prompt
		4	https://bugs.webkit.org/show_bug.cgi?id=208703
		5	<rdar://problem/60136974>
		6
		7	Reviewed by Darin Adler.
		8
		9	* en.lproj/Localizable.strings:
		10	* platform/LocalizedStrings.cpp:
		11	(WebCore::touchIDPromptTitle):
		12	* platform/LocalizedStrings.h:
		13	Adds a new formatted UI string to help with RP ID.
		14
1	2020-03-13 Ryan Haddad <ryanhaddad@apple.com>	15	2020-03-13 Ryan Haddad <ryanhaddad@apple.com>
2		16
3	Unreviewed, reverting r258391.	17	Unreviewed, reverting r258391.

Lines 1-3 a/Source/WebKit/ChangeLog_sec1
- a/Source/WebKit/ChangeLog +23 lines
		1	2020-03-13 Jiewen Tan <jiewen_tan@apple.com>
		2
		3	[WebAuthn] Customize a bit more on the macOS LocalAuthentication prompt
		4	https://bugs.webkit.org/show_bug.cgi?id=208703
		5	<rdar://problem/60136974>
		6
		7	Reviewed by Darin Adler.
		8
		9	On macOS, LocalAuthentication prompt can be shown anywhere that is probably not on top of
		10	our UI clients. Therefore, add a RP ID to the dialog to help users to identify what has
		11	happened. In addition, it removes the password fallback button.
		12
		13	* Platform/spi/Cocoa/LocalAuthenticationSPI.h:
		14	* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
		15	(WebKit::LocalAuthenticator::continueMakeCredentialAfterDecidePolicy):
		16	(WebKit::LocalAuthenticator::continueGetAssertionAfterResponseSelected):
		17	* UIProcess/WebAuthentication/Cocoa/LocalConnection.h:
		18	* UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:
		19	(WebKit::LocalConnection::verifyUser const):
		20	* UIProcess/WebAuthentication/Mock/MockLocalConnection.h:
		21	* UIProcess/WebAuthentication/Mock/MockLocalConnection.mm:
		22	(WebKit::MockLocalConnection::verifyUser const):
		23
1	2020-03-13 Ryan Haddad <ryanhaddad@apple.com>	24	2020-03-13 Ryan Haddad <ryanhaddad@apple.com>
2		25
3	Unreviewed, reverting r258391.	26	Unreviewed, reverting r258391.

Lines 40-53 a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalConnection.mm_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalConnection.mm -4 / +11 lines
40		40
41	namespace WebKit {	41	namespace WebKit {
42		42
43	void LocalConnection::verifyUser(SecAccessControlRef accessControl, UserVerificationCallback&& completionHandler) const	43	void LocalConnection::verifyUser(const String& rpId, SecAccessControlRef accessControl, UserVerificationCallback&& completionHandler) const
44	{	44	{
45	auto context = adoptNS([allocLAContextInstance() init]);	45	auto context = adoptNS([allocLAContextInstance() init]);
46		46
47	auto options = adoptNS([[NSMutableDictionary alloc] init]);	47	auto options = adoptNS([[NSMutableDictionary alloc] init]);
48	if ([context biometryType] == LABiometryTypeTouchID)	48	if ([context biometryType] == LABiometryTypeTouchID) {
49	[options setObject:WebCore::touchIDPromptTitle() forKey:@(LAOptionAuthenticationTitle)];	49	#if PLATFORM(IOS)
50	#if PLATFORM(iOS)	50	[options setObject:WebCore::genericTouchIDPromptTitle() forKey:@(LAOptionAuthenticationTitle)];
		51	ASSERT_UNUSED(rpId, rpId);
		52	#else
		53	[options setObject:WebCore::makeCredentialTouchIDPromptTitle(rpId) forKey:@(LAOptionAuthenticationTitle)];
		54	#endif
		55	[options setObject:@NO forKey:@(LAOptionFallbackVisible)];
		56	}
		57	#if PLATFORM(IOS)
51	[options setObject:WebCore::biometricFallbackPromptTitle() forKey:@(LAOptionPasscodeTitle)];	58	[options setObject:WebCore::biometricFallbackPromptTitle() forKey:@(LAOptionPasscodeTitle)];
52	#endif	59	#endif
53		60