Attachment #398157 for bug #182893

View Details Raw Unified Return to Bug 182893

| Differences between



2020-04-29  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Require user gestures for LocalAuthenticator
        https://bugs.webkit.org/show_bug.cgi?id=182893
        <rdar://problem/43357293>

        Reviewed by Brent Fulgham.

        Covered by API tests.

        * UIProcess/WebAuthentication/AuthenticatorManager.cpp:
        (WebKit::AuthenticatorManager::filterTransports const):
        (WebKit::AuthenticatorManager::getTransports const):
        Checks UserGesture here. Since filterTransports will be overrided in mock testings,
        all mock tests don't require user gestures.

        * UIProcess/WebAuthentication/WebAuthenticationRequestData.h:
        * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
        (WebKit::WebAuthenticatorCoordinatorProxy::makeCredential):
        (WebKit::WebAuthenticatorCoordinatorProxy::getAssertion):
        * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
        * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:
        * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
        (WebKit::WebAuthenticatorCoordinator::makeCredential):
        (WebKit::WebAuthenticatorCoordinator::getAssertion):
        Adds user gesture corresponding fields.

2020-04-30  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION (r260932): ASSERTION FAILED: ok in webkit::SandboxExtension::consumePermanently for 3 tests

Lines 305-310 void AuthenticatorManager::filterTransports(TransportSet& transports) const a/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp -2 / +6 lines
305	transports.remove(AuthenticatorTransport::Nfc);	305	transports.remove(AuthenticatorTransport::Nfc);
306	if (!LocalService::isAvailable())	306	if (!LocalService::isAvailable())
307	transports.remove(AuthenticatorTransport::Internal);	307	transports.remove(AuthenticatorTransport::Internal);
		308
		309	if (!isFeatureEnabled(m_pendingRequestData.page.get(), WebPreferencesKey::webAuthenticationLocalAuthenticatorEnabledKey()))
		310	transports.remove(AuthenticatorTransport::Internal);
		311	// Local authenticator might invoke system UI which should definitely not be able to trigger by scripts automatically.
		312	if (!m_pendingRequestData.processingUserGesture)
		313	transports.remove(AuthenticatorTransport::Internal);
308	}	314	}
309		315
310	void AuthenticatorManager::startDiscovery(const TransportSet& transports)	316	void AuthenticatorManager::startDiscovery(const TransportSet& transports)
Lines 390-397 auto AuthenticatorManager::getTransports() const -> TransportSet a/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp_sec2
390	}, [&](const PublicKeyCredentialRequestOptions& options) {	396	}, [&](const PublicKeyCredentialRequestOptions& options) {
391	transports = collectTransports(options.allowCredentials);	397	transports = collectTransports(options.allowCredentials);
392	});	398	});
393	if (!isFeatureEnabled(m_pendingRequestData.page.get(), WebPreferencesKey::webAuthenticationLocalAuthenticatorEnabledKey()))
394	transports.remove(AuthenticatorTransport::Internal);
395	filterTransports(transports);	399	filterTransports(transports);
396	return transports;	400	return transports;
397	}	401	}

Lines 50-55 struct WebAuthenticationRequestData { a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h +1 lines
50	RefPtr<API::WebAuthenticationPanel> panel;	50	RefPtr<API::WebAuthenticationPanel> panel;
51	WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;	51	WTF::Optional<WebCore::GlobalFrameIdentifier> frameID;
52	WebKit::FrameInfoData frameInfo;	52	WebKit::FrameInfoData frameInfo;
		53	bool processingUserGesture;
53	};	54	};
54		55
55	WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);	56	WebCore::ClientDataType getClientDataType(const Variant<WebCore::PublicKeyCredentialCreationOptions, WebCore::PublicKeyCredentialRequestOptions>&);



    m_webPageProxy.process().removeMessageReceiver(Messages::WebAuthenticatorCoordinatorProxy::messageReceiverName(), m_webPageProxy.webPageID());
}

void WebAuthenticatorCoordinatorProxy::makeCredential(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialCreationOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
{
    handleRequest({ WTFMove(hash), WTFMove(options), makeWeakPtr(m_webPageProxy), WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture }, WTFMove(handler));
}

void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialRequestOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
{
    handleRequest({ WTFMove(hash), WTFMove(options), makeWeakPtr(m_webPageProxy), WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture }, WTFMove(handler));
}

void WebAuthenticatorCoordinatorProxy::handleRequest(WebAuthenticationRequestData&& data, RequestCompletionHandler&& handler)



    void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override;

    // Receivers.
    void makeCredential(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialCreationOptions&&, bool processingUserGesture, RequestCompletionHandler&&);
    void getAssertion(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialRequestOptions&&, bool processingUserGesture, RequestCompletionHandler&&);
    void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&);

    void handleRequest(WebAuthenticationRequestData&&, RequestCompletionHandler&&);




messages -> WebAuthenticatorCoordinatorProxy NotRefCounted {

    MakeCredential(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
    GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
    IsUserVerifyingPlatformAuthenticatorAvailable() -> (bool result) Async
}




#include <WebCore/PublicKeyCredentialCreationOptions.h>
#include <WebCore/PublicKeyCredentialRequestOptions.h>
#include <WebCore/SecurityOrigin.h>
#include <WebCore/UserGestureIndicator.h>

namespace WebKit {
using namespace WebCore;

    auto* webFrame = WebFrame::fromCoreFrame(frame);
    if (!webFrame)
        return;
    m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::MakeCredential(webFrame->frameID(), webFrame->info(), hash, options, UserGestureIndicator::processingUserGesture()), WTFMove(handler));
}

void WebAuthenticatorCoordinator::getAssertion(const Frame& frame, const SecurityOrigin&, const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions& options, RequestCompletionHandler&& handler)

    auto* webFrame = WebFrame::fromCoreFrame(frame);
    if (!webFrame)
        return;
    m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::GetAssertion(webFrame->frameID(), webFrame->info(), hash, options, UserGestureIndicator::processingUserGesture()), WTFMove(handler));
}

void WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler)



2020-04-29  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Require user gestures for LocalAuthenticator
        https://bugs.webkit.org/show_bug.cgi?id=182893
        <rdar://problem/43357293>

        Reviewed by Brent Fulgham.

        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
        * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
        (TestWebKitAPI::TEST):
        * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-la-no-mock.html: Added.
        * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html: Added.

2020-04-30  Alex Christensen  <achristensen@webkit.org>

        TestWebKitAPI.WebKit.DefaultDisplayName and TestWebKitAPI.WebKit.CustomDisplayName are flaky failures




    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);


    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);


    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);


    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);


    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);


    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);

    cleanUpKeychain("");
}

TEST(WebAuthenticationPanel, LANoMockDefaultOff)
{
    reset();
    RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];

    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
    [webView setUIDelegate:delegate.get()];

    [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
    Util::run(&webAuthenticationPanelRan);
    checkPanel([delegate panel], @"", @[adoptNS([[NSNumber alloc] initWithInt:_WKWebAuthenticationTransportUSB]).get()], _WKWebAuthenticationTypeCreate);
}

TEST(WebAuthenticationPanel, LAMakeCredentialNoMockNoUserGesture)
{
    reset();
    RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];

    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
    [webView setUIDelegate:delegate.get()];

    [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
    Util::run(&webAuthenticationPanelRan);
    checkPanel([delegate panel], @"", @[adoptNS([[NSNumber alloc] initWithInt:_WKWebAuthenticationTransportUSB]).get()], _WKWebAuthenticationTypeCreate);
}

// Skip the test because of <rdar://problem/59635486>.
#if PLATFORM(MAC)



    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);

    cleanUpKeychain("");
}

TEST(WebAuthenticationPanel, LAGetAssertionNoMockNoUserGesture)
{
    reset();
    RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];

    auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
    [[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];

    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
    auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
    [webView setUIDelegate:delegate.get()];

    [webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
    Util::run(&webAuthenticationPanelRan);
    checkPanel([delegate panel], @"", @[adoptNS([[NSNumber alloc] initWithInt:_WKWebAuthenticationTransportUSB]).get()], _WKWebAuthenticationTypeGet);
}

TEST(WebAuthenticationPanel, LAGetAssertionMultipleOrder)
{
    reset();

    cleanUpKeychain("");
}

#endif // PLATFORM(MAC)

#endif // USE(APPLE_INTERNAL_SDK) || PLATFORM(IOS)




<input type="text" id="input">
<script>
    if (window.internals)
        internals.withUserGesture(() => { input.focus(); });

    const options = {
        publicKey: {
            challenge: new Uint8Array(16),
            timeout: 100
        }
    };

    navigator.credentials.get(options).then(credential => {
        // console.log("Succeeded!");
        window.webkit.messageHandlers.testHandler.postMessage("Succeeded!");
    }, error => {
        // console.log(error.message);
        window.webkit.messageHandlers.testHandler.postMessage(error.message);
    });
</script>



<input type="text" id="input">
<script>
    if (window.internals)
        internals.withUserGesture(() => { input.focus(); });

    const options = {
        publicKey: {
            rp: {
                name: "localhost",
            },
            user: {
                name: "John Appleseed",
                id: new Uint8Array(16),
                displayName: "Appleseed",
            },
            challenge: new Uint8Array(16),
            pubKeyCredParams: [{ type: "public-key", alg: -7 }],
            timeout: 100,
        }
    };

    navigator.credentials.create(options).then(credential => {
        // console.log("Succeeded!");
        window.webkit.messageHandlers.testHandler.postMessage("Succeeded!");
    }, error => {
        // console.log(error.message);
        window.webkit.messageHandlers.testHandler.postMessage(error.message);
    });
</script>

Return to Bug 182893

Lines 1201-1207 TEST(WebAuthenticationPanel, LAError) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec1
- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm -8 / +54 lines
1201		1201
1202	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];	1202	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
1203	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];	1203	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
1204	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
1205		1204
1206	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);	1205	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
1207	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);	1206	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
Lines 1218-1224 TEST(WebAuthenticationPanel, LADuplicateCredential) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec2
1218		1217
1219	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];	1218	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
1220	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];	1219	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
1221	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
1222		1220
1223	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);	1221	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
1224	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);	1222	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
Lines 1237-1243 TEST(WebAuthenticationPanel, LANoCredential) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec3
1237		1235
1238	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];	1236	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
1239	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];	1237	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
1240	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
1241		1238
1242	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);	1239	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
1243	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);	1240	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
Lines 1254-1260 TEST(WebAuthenticationPanel, LAMakeCredentialNullDelegate) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec4
1254		1251
1255	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];	1252	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
1256	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];	1253	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
1257	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
1258		1254
1259	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);	1255	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
1260	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);	1256	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
Lines 1272-1278 TEST(WebAuthenticationPanel, LAMakeCredentialDisallowLocalAuthenticator) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec5
1272		1268
1273	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];	1269	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
1274	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];	1270	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
1275	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
1276		1271
1277	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);	1272	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
1278	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);	1273	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
Lines 1289-1295 TEST(WebAuthenticationPanel, LAMakeCredentialAllowLocalAuthenticator) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec6
1289		1284
1290	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];	1285	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
1291	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];	1286	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
1292	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
1293		1287
1294	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);	1288	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
1295	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);	1289	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
Lines 1302-1307 TEST(WebAuthenticationPanel, LAMakeCredentialAllowLocalAuthenticator) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec7
1302	cleanUpKeychain("");	1296	cleanUpKeychain("");
1303	}	1297	}
1304		1298
		1299	TEST(WebAuthenticationPanel, LANoMockDefaultOff)
		1300	{
		1301	reset();
		1302	RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
		1303
		1304	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
		1305	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
		1306
		1307	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
		1308	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
		1309	[webView setUIDelegate:delegate.get()];
		1310
		1311	[webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
		1312	Util::run(&webAuthenticationPanelRan);
		1313	checkPanel([delegate panel], @"", @[adoptNS([[NSNumber alloc] initWithInt:_WKWebAuthenticationTransportUSB]).get()], _WKWebAuthenticationTypeCreate);
		1314	}
		1315
		1316	TEST(WebAuthenticationPanel, LAMakeCredentialNoMockNoUserGesture)
		1317	{
		1318	reset();
		1319	RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-make-credential-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
		1320
		1321	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
		1322	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
		1323	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
		1324
		1325	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
		1326	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
		1327	[webView setUIDelegate:delegate.get()];
		1328
		1329	[webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
		1330	Util::run(&webAuthenticationPanelRan);
		1331	checkPanel([delegate panel], @"", @[adoptNS([[NSNumber alloc] initWithInt:_WKWebAuthenticationTransportUSB]).get()], _WKWebAuthenticationTypeCreate);
		1332	}
		1333
1305	// Skip the test because of <rdar://problem/59635486>.	1334	// Skip the test because of <rdar://problem/59635486>.
1306	#if PLATFORM(MAC)	1335	#if PLATFORM(MAC)
1307		1336
Lines 1312-1318 TEST(WebAuthenticationPanel, LAGetAssertion) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec8
1312		1341
1313	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];	1342	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
1314	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];	1343	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
1315	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
1316		1344
1317	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);	1345	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
1318	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);	1346	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
Lines 1325-1330 TEST(WebAuthenticationPanel, LAGetAssertion) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec9
1325	cleanUpKeychain("");	1353	cleanUpKeychain("");
1326	}	1354	}
1327		1355
		1356	TEST(WebAuthenticationPanel, LAGetAssertionNoMockNoUserGesture)
		1357	{
		1358	reset();
		1359	RetainPtr<NSURL> testURL = [[NSBundle mainBundle] URLForResource:@"web-authentication-get-assertion-la-no-mock" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"];
		1360
		1361	auto *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals" configureJSCForTesting:YES];
		1362	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationExperimentalFeature()];
		1363	[[configuration preferences] _setEnabled:YES forExperimentalFeature:webAuthenticationLocalAuthenticatorExperimentalFeature()];
		1364
		1365	auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSZeroRect configuration:configuration]);
		1366	auto delegate = adoptNS([[TestWebAuthenticationPanelUIDelegate alloc] init]);
		1367	[webView setUIDelegate:delegate.get()];
		1368
		1369	[webView loadRequest:[NSURLRequest requestWithURL:testURL.get()]];
		1370	Util::run(&webAuthenticationPanelRan);
		1371	checkPanel([delegate panel], @"", @[adoptNS([[NSNumber alloc] initWithInt:_WKWebAuthenticationTransportUSB]).get()], _WKWebAuthenticationTypeGet);
		1372	}
		1373
1328	TEST(WebAuthenticationPanel, LAGetAssertionMultipleOrder)	1374	TEST(WebAuthenticationPanel, LAGetAssertionMultipleOrder)
1329	{	1375	{
1330	reset();	1376	reset();
Lines 1352-1358 TEST(WebAuthenticationPanel, LAGetAssertionMultipleOrder) a/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm_sec10
1352	cleanUpKeychain("");	1398	cleanUpKeychain("");
1353	}	1399	}
1354		1400
1355	#endif	1401	#endif // PLATFORM(MAC)
1356		1402
1357	#endif // USE(APPLE_INTERNAL_SDK) \|\| PLATFORM(IOS)	1403	#endif // USE(APPLE_INTERNAL_SDK) \|\| PLATFORM(IOS)
1358		1404

Lines 1-3 a/Source/WebKit/ChangeLog_sec1
- a/Source/WebKit/ChangeLog +27 lines
		1	2020-04-29 Jiewen Tan <jiewen_tan@apple.com>
		2
		3	[WebAuthn] Require user gestures for LocalAuthenticator
		4	https://bugs.webkit.org/show_bug.cgi?id=182893
		5	<rdar://problem/43357293>
		6
		7	Reviewed by Brent Fulgham.
		8
		9	Covered by API tests.
		10
		11	* UIProcess/WebAuthentication/AuthenticatorManager.cpp:
		12	(WebKit::AuthenticatorManager::filterTransports const):
		13	(WebKit::AuthenticatorManager::getTransports const):
		14	Checks UserGesture here. Since filterTransports will be overrided in mock testings,
		15	all mock tests don't require user gestures.
		16
		17	* UIProcess/WebAuthentication/WebAuthenticationRequestData.h:
		18	* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
		19	(WebKit::WebAuthenticatorCoordinatorProxy::makeCredential):
		20	(WebKit::WebAuthenticatorCoordinatorProxy::getAssertion):
		21	* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
		22	* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:
		23	* WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
		24	(WebKit::WebAuthenticatorCoordinator::makeCredential):
		25	(WebKit::WebAuthenticatorCoordinator::getAssertion):
		26	Adds user gesture corresponding fields.
		27
1	2020-04-30 Brent Fulgham <bfulgham@apple.com>	28	2020-04-30 Brent Fulgham <bfulgham@apple.com>
2		29
3	REGRESSION (r260932): ASSERTION FAILED: ok in webkit::SandboxExtension::consumePermanently for 3 tests	30	REGRESSION (r260932): ASSERTION FAILED: ok in webkit::SandboxExtension::consumePermanently for 3 tests

Lines 55-68 WebAuthenticatorCoordinatorProxy::~WebAuthenticatorCoordinatorProxy() a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp -4 / +4 lines
55	m_webPageProxy.process().removeMessageReceiver(Messages::WebAuthenticatorCoordinatorProxy::messageReceiverName(), m_webPageProxy.webPageID());	55	m_webPageProxy.process().removeMessageReceiver(Messages::WebAuthenticatorCoordinatorProxy::messageReceiverName(), m_webPageProxy.webPageID());
56	}	56	}
57		57
58	void WebAuthenticatorCoordinatorProxy::makeCredential(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialCreationOptions&& options, RequestCompletionHandler&& handler)	58	void WebAuthenticatorCoordinatorProxy::makeCredential(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialCreationOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
59	{	59	{
60	handleRequest({ WTFMove(hash), WTFMove(options), makeWeakPtr(m_webPageProxy), WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo) }, WTFMove(handler));	60	handleRequest({ WTFMove(hash), WTFMove(options), makeWeakPtr(m_webPageProxy), WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture }, WTFMove(handler));
61	}	61	}
62		62
63	void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialRequestOptions&& options, RequestCompletionHandler&& handler)	63	void WebAuthenticatorCoordinatorProxy::getAssertion(FrameIdentifier frameId, FrameInfoData&& frameInfo, Vector<uint8_t>&& hash, PublicKeyCredentialRequestOptions&& options, bool processingUserGesture, RequestCompletionHandler&& handler)
64	{	64	{
65	handleRequest({ WTFMove(hash), WTFMove(options), makeWeakPtr(m_webPageProxy), WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo) }, WTFMove(handler));	65	handleRequest({ WTFMove(hash), WTFMove(options), makeWeakPtr(m_webPageProxy), WebAuthenticationPanelResult::Unavailable, nullptr, GlobalFrameIdentifier { m_webPageProxy.webPageID(), frameId }, WTFMove(frameInfo), processingUserGesture }, WTFMove(handler));
66	}	66	}
67		67
68	void WebAuthenticatorCoordinatorProxy::handleRequest(WebAuthenticationRequestData&& data, RequestCompletionHandler&& handler)	68	void WebAuthenticatorCoordinatorProxy::handleRequest(WebAuthenticationRequestData&& data, RequestCompletionHandler&& handler)

Lines 62-69 private: a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h -2 / +2 lines
62	void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override;	62	void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override;
63		63
64	// Receivers.	64	// Receivers.
65	void makeCredential(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialCreationOptions&&, RequestCompletionHandler&&);	65	void makeCredential(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialCreationOptions&&, bool processingUserGesture, RequestCompletionHandler&&);
66	void getAssertion(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialRequestOptions&&, RequestCompletionHandler&&);	66	void getAssertion(WebCore::FrameIdentifier, FrameInfoData&&, Vector<uint8_t>&& hash, WebCore::PublicKeyCredentialRequestOptions&&, bool processingUserGesture, RequestCompletionHandler&&);
67	void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&);	67	void isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&&);
68		68
69	void handleRequest(WebAuthenticationRequestData&&, RequestCompletionHandler&&);	69	void handleRequest(WebAuthenticationRequestData&&, RequestCompletionHandler&&);

Lines 26-33 a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in_sec1
- a/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in -2 / +2 lines
26		26
27	messages -> WebAuthenticatorCoordinatorProxy NotRefCounted {	27	messages -> WebAuthenticatorCoordinatorProxy NotRefCounted {
28		28
29	MakeCredential(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async	29	MakeCredential(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
30	GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async	30	GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
31	IsUserVerifyingPlatformAuthenticatorAvailable() -> (bool result) Async	31	IsUserVerifyingPlatformAuthenticatorAvailable() -> (bool result) Async
32	}	32	}
33		33

Lines 36-41 a/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp_sec1
- a/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp -2 / +3 lines
36	#include <WebCore/PublicKeyCredentialCreationOptions.h>	36	#include <WebCore/PublicKeyCredentialCreationOptions.h>
37	#include <WebCore/PublicKeyCredentialRequestOptions.h>	37	#include <WebCore/PublicKeyCredentialRequestOptions.h>
38	#include <WebCore/SecurityOrigin.h>	38	#include <WebCore/SecurityOrigin.h>
		39	#include <WebCore/UserGestureIndicator.h>
39		40
40	namespace WebKit {	41	namespace WebKit {
41	using namespace WebCore;	42	using namespace WebCore;
Lines 50-56 void WebAuthenticatorCoordinator::makeCredential(const Frame& frame, const Secur a/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp_sec2
50	auto* webFrame = WebFrame::fromCoreFrame(frame);	51	auto* webFrame = WebFrame::fromCoreFrame(frame);
51	if (!webFrame)	52	if (!webFrame)
52	return;	53	return;
53	m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::MakeCredential(webFrame->frameID(), webFrame->info(), hash, options), WTFMove(handler));	54	m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::MakeCredential(webFrame->frameID(), webFrame->info(), hash, options, UserGestureIndicator::processingUserGesture()), WTFMove(handler));
54	}	55	}
55		56
56	void WebAuthenticatorCoordinator::getAssertion(const Frame& frame, const SecurityOrigin&, const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions& options, RequestCompletionHandler&& handler)	57	void WebAuthenticatorCoordinator::getAssertion(const Frame& frame, const SecurityOrigin&, const Vector<uint8_t>& hash, const PublicKeyCredentialRequestOptions& options, RequestCompletionHandler&& handler)
Lines 58-64 void WebAuthenticatorCoordinator::getAssertion(const Frame& frame, const Securit a/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp_sec3
58	auto* webFrame = WebFrame::fromCoreFrame(frame);	59	auto* webFrame = WebFrame::fromCoreFrame(frame);
59	if (!webFrame)	60	if (!webFrame)
60	return;	61	return;
61	m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::GetAssertion(webFrame->frameID(), webFrame->info(), hash, options), WTFMove(handler));	62	m_webPage.sendWithAsyncReply(Messages::WebAuthenticatorCoordinatorProxy::GetAssertion(webFrame->frameID(), webFrame->info(), hash, options, UserGestureIndicator::processingUserGesture()), WTFMove(handler));
62	}	63	}
63		64
64	void WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler)	65	void WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable(QueryCompletionHandler&& handler)

Lines 1-3 a/Tools/ChangeLog_sec1
- a/Tools/ChangeLog +14 lines
		1	2020-04-29 Jiewen Tan <jiewen_tan@apple.com>
		2
		3	[WebAuthn] Require user gestures for LocalAuthenticator
		4	https://bugs.webkit.org/show_bug.cgi?id=182893
		5	<rdar://problem/43357293>
		6
		7	Reviewed by Brent Fulgham.
		8
		9	* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
		10	* TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
		11	(TestWebKitAPI::TEST):
		12	* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-la-no-mock.html: Added.
		13	* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html: Added.
		14
1	2020-04-30 Alex Christensen <achristensen@webkit.org>	15	2020-04-30 Alex Christensen <achristensen@webkit.org>
2		16
3	TestWebKitAPI.WebKit.DefaultDisplayName and TestWebKitAPI.WebKit.CustomDisplayName are flaky failures	17	TestWebKitAPI.WebKit.DefaultDisplayName and TestWebKitAPI.WebKit.CustomDisplayName are flaky failures

Lines 394-399 a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj_sec1
- a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj -2 / +8 lines
394	57C3FA661F7C248F009D4B80 /* WeakPtr.cpp in Sources / = {isa = PBXBuildFile; fileRef = 1CB9BC371A67482300FE5678 / WeakPtr.cpp */; };	394	57C3FA661F7C248F009D4B80 /* WeakPtr.cpp in Sources / = {isa = PBXBuildFile; fileRef = 1CB9BC371A67482300FE5678 / WeakPtr.cpp */; };
395	57C6244E2346BCFA00383FE7 /* _WKWebAuthenticationPanel.mm in Sources / = {isa = PBXBuildFile; fileRef = 57C6244D2346BCFA00383FE7 / _WKWebAuthenticationPanel.mm */; };	395	57C6244E2346BCFA00383FE7 /* _WKWebAuthenticationPanel.mm in Sources / = {isa = PBXBuildFile; fileRef = 57C6244D2346BCFA00383FE7 / _WKWebAuthenticationPanel.mm */; };
396	57C624502346C21E00383FE7 /* web-authentication-get-assertion.html in Copy Resources / = {isa = PBXBuildFile; fileRef = 57C6244F2346C1EC00383FE7 / web-authentication-get-assertion.html */; };	396	57C624502346C21E00383FE7 /* web-authentication-get-assertion.html in Copy Resources / = {isa = PBXBuildFile; fileRef = 57C6244F2346C1EC00383FE7 / web-authentication-get-assertion.html */; };
		397	57EDFC5C245A1A3F00959521 /* web-authentication-make-credential-la-no-mock.html in Copy Resources / = {isa = PBXBuildFile; fileRef = 57EDFC5B245A18F500959521 / web-authentication-make-credential-la-no-mock.html */; };
		398	57EDFC60245A299C00959521 /* web-authentication-get-assertion-la-no-mock.html in Copy Resources / = {isa = PBXBuildFile; fileRef = 57EDFC5F245A279900959521 / web-authentication-get-assertion-la-no-mock.html */; };
397	57F4AAA0208FAEF000A68E9E /* SSLKeyGenerator.mm in Sources / = {isa = PBXBuildFile; fileRef = 57F4AA9F208FA83D00A68E9E / SSLKeyGenerator.mm */; };	399	57F4AAA0208FAEF000A68E9E /* SSLKeyGenerator.mm in Sources / = {isa = PBXBuildFile; fileRef = 57F4AA9F208FA83D00A68E9E / SSLKeyGenerator.mm */; };
398	57F56A5C1C7F8CC100F31D7E /* IsNavigationActionTrusted.html in Copy Resources / = {isa = PBXBuildFile; fileRef = 57F56A5B1C7F8A4000F31D7E / IsNavigationActionTrusted.html */; };	400	57F56A5C1C7F8CC100F31D7E /* IsNavigationActionTrusted.html in Copy Resources / = {isa = PBXBuildFile; fileRef = 57F56A5B1C7F8A4000F31D7E / IsNavigationActionTrusted.html */; };
399	5C0160C121A132460077FA32 /* JITEnabled.mm in Sources / = {isa = PBXBuildFile; fileRef = 5C0160C021A132320077FA32 / JITEnabled.mm */; };	401	5C0160C121A132460077FA32 /* JITEnabled.mm in Sources / = {isa = PBXBuildFile; fileRef = 5C0160C021A132320077FA32 / JITEnabled.mm */; };
Lines 1550-1555 a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj_sec2
1550	578DA44E23ECD28B00246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html in Copy Resources */,	1552	578DA44E23ECD28B00246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html in Copy Resources */,
1551	570D26FC23C3F87000D5CF67 /* web-authentication-get-assertion-hid-pin.html in Copy Resources */,	1553	570D26FC23C3F87000D5CF67 /* web-authentication-get-assertion-hid-pin.html in Copy Resources */,
1552	57663DEC234F1F9300E85E09 /* web-authentication-get-assertion-hid.html in Copy Resources */,	1554	57663DEC234F1F9300E85E09 /* web-authentication-get-assertion-hid.html in Copy Resources */,
		1555	57EDFC60245A299C00959521 /* web-authentication-get-assertion-la-no-mock.html in Copy Resources */,
1553	572CEF71240F874700C412A2 /* web-authentication-get-assertion-la.html in Copy Resources */,	1556	572CEF71240F874700C412A2 /* web-authentication-get-assertion-la.html in Copy Resources */,
1554	579833922368FA37008E5547 /* web-authentication-get-assertion-nfc-multiple-tags.html in Copy Resources */,	1557	579833922368FA37008E5547 /* web-authentication-get-assertion-nfc-multiple-tags.html in Copy Resources */,
1555	57663DEA234EA66D00E85E09 /* web-authentication-get-assertion-nfc.html in Copy Resources */,	1558	57663DEA234EA66D00E85E09 /* web-authentication-get-assertion-nfc.html in Copy Resources */,
Lines 1567-1572 a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj_sec3
1567	5798337E236019A4008E5547 /* web-authentication-make-credential-hid.html in Copy Resources */,	1570	5798337E236019A4008E5547 /* web-authentication-make-credential-hid.html in Copy Resources */,
1568	5742178A2400AED8002B303D /* web-authentication-make-credential-la-duplicate-credential.html in Copy Resources */,	1571	5742178A2400AED8002B303D /* web-authentication-make-credential-la-duplicate-credential.html in Copy Resources */,
1569	574217882400AC25002B303D /* web-authentication-make-credential-la-error.html in Copy Resources */,	1572	574217882400AC25002B303D /* web-authentication-make-credential-la-error.html in Copy Resources */,
		1573	57EDFC5C245A1A3F00959521 /* web-authentication-make-credential-la-no-mock.html in Copy Resources */,
1570	5742178E2400D2DF002B303D /* web-authentication-make-credential-la.html in Copy Resources */,	1574	5742178E2400D2DF002B303D /* web-authentication-make-credential-la.html in Copy Resources */,
1571	1C2B81861C89259D00A5529F /* webfont.html in Copy Resources */,	1575	1C2B81861C89259D00A5529F /* webfont.html in Copy Resources */,
1572	51714EB41CF8C78C004723C4 /* WebProcessKillIDBCleanup-1.html in Copy Resources */,	1576	51714EB41CF8C78C004723C4 /* WebProcessKillIDBCleanup-1.html in Copy Resources */,
Lines 2008-2014 a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj_sec4
2008	574217872400ABFD002B303D /* web-authentication-make-credential-la-error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la-error.html"; sourceTree = "<group>"; };	2012	574217872400ABFD002B303D /* web-authentication-make-credential-la-error.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la-error.html"; sourceTree = "<group>"; };
2009	574217892400AED0002B303D /* web-authentication-make-credential-la-duplicate-credential.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la-duplicate-credential.html"; sourceTree = "<group>"; };	2013	574217892400AED0002B303D /* web-authentication-make-credential-la-duplicate-credential.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la-duplicate-credential.html"; sourceTree = "<group>"; };
2010	5742178D2400D26C002B303D /* web-authentication-make-credential-la.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la.html"; sourceTree = "<group>"; };	2014	5742178D2400D26C002B303D /* web-authentication-make-credential-la.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la.html"; sourceTree = "<group>"; };
2011	5742178F2400D54D002B303D /* web-authentication-make-credential.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential.html"; sourceTree = "<group>"; };
2012	574F55D0204D471C002948C6 /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = System/Library/Frameworks/Security.framework; sourceTree = SDKROOT; };	2015	574F55D0204D471C002948C6 /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = System/Library/Frameworks/Security.framework; sourceTree = SDKROOT; };
2013	5758597D23A2527A00C74572 /* CtapPinTest.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CtapPinTest.h; sourceTree = "<group>"; };	2016	5758597D23A2527A00C74572 /* CtapPinTest.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CtapPinTest.h; sourceTree = "<group>"; };
2014	5758597E23A2527A00C74572 /* CtapPinTest.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CtapPinTest.cpp; sourceTree = "<group>"; };	2017	5758597E23A2527A00C74572 /* CtapPinTest.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CtapPinTest.cpp; sourceTree = "<group>"; };
Lines 2048-2053 a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj_sec5
2048	57C6244D2346BCFA00383FE7 /* _WKWebAuthenticationPanel.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKWebAuthenticationPanel.mm; sourceTree = "<group>"; };	2051	57C6244D2346BCFA00383FE7 /* _WKWebAuthenticationPanel.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = _WKWebAuthenticationPanel.mm; sourceTree = "<group>"; };
2049	57C6244F2346C1EC00383FE7 /* web-authentication-get-assertion.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "web-authentication-get-assertion.html"; sourceTree = "<group>"; };	2052	57C6244F2346C1EC00383FE7 /* web-authentication-get-assertion.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "web-authentication-get-assertion.html"; sourceTree = "<group>"; };
2050	57D1D75E21DCB7A80093E86A /* U2fCommandConstructorTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = U2fCommandConstructorTest.cpp; sourceTree = "<group>"; };	2053	57D1D75E21DCB7A80093E86A /* U2fCommandConstructorTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = U2fCommandConstructorTest.cpp; sourceTree = "<group>"; };
		2054	57EDFC5B245A18F500959521 /* web-authentication-make-credential-la-no-mock.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-make-credential-la-no-mock.html"; sourceTree = "<group>"; };
		2055	57EDFC5F245A279900959521 /* web-authentication-get-assertion-la-no-mock.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "web-authentication-get-assertion-la-no-mock.html"; sourceTree = "<group>"; };
2051	57F10D921C7E7B3800ECDF30 /* IsNavigationActionTrusted.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = IsNavigationActionTrusted.mm; sourceTree = "<group>"; };	2056	57F10D921C7E7B3800ECDF30 /* IsNavigationActionTrusted.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = IsNavigationActionTrusted.mm; sourceTree = "<group>"; };
2052	57F4AA9F208FA83D00A68E9E /* SSLKeyGenerator.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = SSLKeyGenerator.mm; sourceTree = "<group>"; };	2057	57F4AA9F208FA83D00A68E9E /* SSLKeyGenerator.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = SSLKeyGenerator.mm; sourceTree = "<group>"; };
2053	57F56A5B1C7F8A4000F31D7E /* IsNavigationActionTrusted.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = IsNavigationActionTrusted.html; sourceTree = "<group>"; };	2058	57F56A5B1C7F8A4000F31D7E /* IsNavigationActionTrusted.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = IsNavigationActionTrusted.html; sourceTree = "<group>"; };
Lines 3667-3672 a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj_sec6
3667	578DA44D23ECD26100246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html */,	3672	578DA44D23ECD26100246010 /* web-authentication-get-assertion-hid-pin-invalid-error-retry.html */,
3668	570D26FB23C3F86500D5CF67 /* web-authentication-get-assertion-hid-pin.html */,	3673	570D26FB23C3F86500D5CF67 /* web-authentication-get-assertion-hid-pin.html */,
3669	57663DEB234F1F8000E85E09 /* web-authentication-get-assertion-hid.html */,	3674	57663DEB234F1F8000E85E09 /* web-authentication-get-assertion-hid.html */,
		3675	57EDFC5F245A279900959521 /* web-authentication-get-assertion-la-no-mock.html */,
3670	572CEF70240F86AE00C412A2 /* web-authentication-get-assertion-la.html */,	3676	572CEF70240F86AE00C412A2 /* web-authentication-get-assertion-la.html */,
3671	5798337B235EB65C008E5547 /* web-authentication-get-assertion-nfc-multiple-tags.html */,	3677	5798337B235EB65C008E5547 /* web-authentication-get-assertion-nfc-multiple-tags.html */,
3672	57663DE9234EA60B00E85E09 /* web-authentication-get-assertion-nfc.html */,	3678	57663DE9234EA60B00E85E09 /* web-authentication-get-assertion-nfc.html */,
Lines 3684-3691 a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj_sec7
3684	5798337D2360196D008E5547 /* web-authentication-make-credential-hid.html */,	3690	5798337D2360196D008E5547 /* web-authentication-make-credential-hid.html */,
3685	574217892400AED0002B303D /* web-authentication-make-credential-la-duplicate-credential.html */,	3691	574217892400AED0002B303D /* web-authentication-make-credential-la-duplicate-credential.html */,
3686	574217872400ABFD002B303D /* web-authentication-make-credential-la-error.html */,	3692	574217872400ABFD002B303D /* web-authentication-make-credential-la-error.html */,
		3693	57EDFC5B245A18F500959521 /* web-authentication-make-credential-la-no-mock.html */,
3687	5742178D2400D26C002B303D /* web-authentication-make-credential-la.html */,	3694	5742178D2400D26C002B303D /* web-authentication-make-credential-la.html */,
3688	5742178F2400D54D002B303D /* web-authentication-make-credential.html */,
3689	51714EB21CF8C761004723C4 /* WebProcessKillIDBCleanup-1.html */,	3695	51714EB21CF8C761004723C4 /* WebProcessKillIDBCleanup-1.html */,
3690	51714EB31CF8C761004723C4 /* WebProcessKillIDBCleanup-2.html */,	3696	51714EB31CF8C761004723C4 /* WebProcessKillIDBCleanup-2.html */,
3691	5120C83B1E674E350025B250 /* WebsiteDataStoreCustomPaths.html */,	3697	5120C83B1E674E350025B250 /* WebsiteDataStoreCustomPaths.html */,

Line 0 a/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-la-no-mock.html_sec1
- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-la-no-mock.html +20 lines
	1	<input type="text" id="input">
	2	<script>
	3	if (window.internals)
	4	internals.withUserGesture(() => { input.focus(); });
	5
	6	const options = {
	7	publicKey: {
	8	challenge: new Uint8Array(16),
	9	timeout: 100
	10	}
	11	};
	12
	13	navigator.credentials.get(options).then(credential => {
	14	// console.log("Succeeded!");
	15	window.webkit.messageHandlers.testHandler.postMessage("Succeeded!");
	16	}, error => {
	17	// console.log(error.message);
	18	window.webkit.messageHandlers.testHandler.postMessage(error.message);
	19	});
	20	</script>