Google Git
Sign in
webkit / WebKit / f270e28ba9ae831cedf7f014eb74091daa2fe04b^! / .
commitf270e28ba9ae831cedf7f014eb74091daa2fe04b[log] [tgz]
authorjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Jul 01 01:52:18 2020 +0000
committerjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Jul 01 01:52:18 2020 +0000
tree14269b2edfc1710485c550f8e601dc51d4b85f7b
parentef21b16b812c43a7bd6b115e39cc2bfc0f218cf4 [diff]
[WebAuthn] Remove whitelistedRpId
https://bugs.webkit.org/show_bug.cgi?id=213817
<rdar://problem/60108131>

Reviewed by Geoffrey Garen.

Remove the whitelist such that we can test the attestation service in a wider range.

* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
(WebKit::LocalAuthenticatorInternal::whitelistedRpId): Deleted.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@263782 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
index c64c81c..d735739 100644
--- a/Source/WebKit/ChangeLog
+++ b/Source/WebKit/ChangeLog

@@ -1,3 +1,17 @@
+2020-06-30  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebAuthn] Remove whitelistedRpId
+        https://bugs.webkit.org/show_bug.cgi?id=213817
+        <rdar://problem/60108131>
+
+        Reviewed by Geoffrey Garen.
+
+        Remove the whitelist such that we can test the attestation service in a wider range.
+
+        * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+        (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
+        (WebKit::LocalAuthenticatorInternal::whitelistedRpId): Deleted.
+
 2020-06-30  Brady Eidson  <beidson@apple.com>
 
         Fix Swift overlay build after r263727.

diff --git a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm b/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
index ce419e9..76e8613 100644
--- a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
+++ b/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm

@@ -106,17 +106,6 @@
     return ArrayBuffer::create(data.data(), data.size());
 }
 
-// FIXME(<rdar://problem/60108131>): Remove this whitelist once testing is complete.
-static const HashSet<String>& whitelistedRpId()
-{
-    static NeverDestroyed<HashSet<String>> whitelistedRpId = std::initializer_list<String> {
-        "",
-        "localhost",
-        "tlstestwebkit.org",
-    };
-    return whitelistedRpId;
-}
-
 static Optional<Vector<Ref<AuthenticatorAssertionResponse>>> getExistingCredentials(const String& rpId)
 {
     // Search Keychain for existing credential matched the RP ID.
@@ -373,8 +362,8 @@
     // Step 12.
     auto authData = buildAuthData(creationOptions.rp.id, makeCredentialFlags, counter, attestedCredentialData);
 
-    // Skip Apple Attestation for none attestation, and non whitelisted RP ID for now.
-    if (creationOptions.attestation == AttestationConveyancePreference::None || !whitelistedRpId().contains(creationOptions.rp.id)) {
+    // Skip Apple Attestation for none attestation.
+    if (creationOptions.attestation == AttestationConveyancePreference::None) {
         deleteDuplicateCredential();
 
         auto attestationObject = buildAttestationObject(WTFMove(authData), "", { }, AttestationConveyancePreference::None);