[WebAuthn] Remove whitelistedRpId
https://bugs.webkit.org/show_bug.cgi?id=213817
<rdar://problem/60108131>
Reviewed by Geoffrey Garen.
Remove the whitelist such that we can test the attestation service in a wider range.
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
(WebKit::LocalAuthenticatorInternal::whitelistedRpId): Deleted.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@263782 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
index c64c81c..d735739 100644
--- a/Source/WebKit/ChangeLog
+++ b/Source/WebKit/ChangeLog
@@ -1,3 +1,17 @@
+2020-06-30 Jiewen Tan <jiewen_tan@apple.com>
+
+ [WebAuthn] Remove whitelistedRpId
+ https://bugs.webkit.org/show_bug.cgi?id=213817
+ <rdar://problem/60108131>
+
+ Reviewed by Geoffrey Garen.
+
+ Remove the whitelist such that we can test the attestation service in a wider range.
+
+ * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+ (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
+ (WebKit::LocalAuthenticatorInternal::whitelistedRpId): Deleted.
+
2020-06-30 Brady Eidson <beidson@apple.com>
Fix Swift overlay build after r263727.
diff --git a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm b/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
index ce419e9..76e8613 100644
--- a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
+++ b/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
@@ -106,17 +106,6 @@
return ArrayBuffer::create(data.data(), data.size());
}
-// FIXME(<rdar://problem/60108131>): Remove this whitelist once testing is complete.
-static const HashSet<String>& whitelistedRpId()
-{
- static NeverDestroyed<HashSet<String>> whitelistedRpId = std::initializer_list<String> {
- "",
- "localhost",
- "tlstestwebkit.org",
- };
- return whitelistedRpId;
-}
-
static Optional<Vector<Ref<AuthenticatorAssertionResponse>>> getExistingCredentials(const String& rpId)
{
// Search Keychain for existing credential matched the RP ID.
@@ -373,8 +362,8 @@
// Step 12.
auto authData = buildAuthData(creationOptions.rp.id, makeCredentialFlags, counter, attestedCredentialData);
- // Skip Apple Attestation for none attestation, and non whitelisted RP ID for now.
- if (creationOptions.attestation == AttestationConveyancePreference::None || !whitelistedRpId().contains(creationOptions.rp.id)) {
+ // Skip Apple Attestation for none attestation.
+ if (creationOptions.attestation == AttestationConveyancePreference::None) {
deleteDuplicateCredential();
auto attestationObject = buildAttestationObject(WTFMove(authData), "", { }, AttestationConveyancePreference::None);