From 4935fd24222cf116d7fdbca88fcf7a8bcb98d83c Mon Sep 17 00:00:00 2001
From: matthewloft <matthewloft@gmail.com>
Date: Wed, 21 Sep 2022 08:47:42 +1000
Subject: [PATCH] fix: WebAuthn Discoverable Credential (Resident Credential)
 (#35374)

* fix: WebAuthn Discoverable Credential (Resident Credential) #33353

Enables support for Webauthn discoverable credentials (aka resident
credentials). This allows users to authenticate without first having to
select or type a username.

To decide if discoverable credentials are supported, the class
'AuthenticatorCommon', in the chrome content code, indirectly calls the
method 'context::WebAuthenticationDelegate.SupportsResidentKeys(..)'.
The default implementation of this returns false, leaving it up to
specific implementations to override.

This change adds a new class 'ElectronWebAuthenticationDelegate' to
subclass 'WebAuthenticationDelegate' and override the behaviour of the
'SupportsResidentKeys' method to return true.
The implementation is copied from the Chrome browser equivalent
'ChromeWebAuthenticationDelegate', though the chrome class includes
other methods that don't seem to be required for this functionality.

The 'ElectronContentClient' class was also updated to store an instance
of 'ElectronWebAuthenticationDelegate', and to provide an accessor
method, GetWebAuthenticationDelegate().

* Remove redundant, commented-out code

* style: comment cleanup

* style: updated comments and formatting based on pull request review

* style: fix lint error on header guard clause
---
 filenames.gni                                 |  2 ++
 shell/browser/electron_browser_client.cc      | 10 ++++++++
 shell/browser/electron_browser_client.h       |  5 ++++
 ...electron_authenticator_request_delegate.cc | 17 ++++++++++++++
 .../electron_authenticator_request_delegate.h | 23 +++++++++++++++++++
 5 files changed, 57 insertions(+)
 create mode 100644 shell/browser/webauthn/electron_authenticator_request_delegate.cc
 create mode 100644 shell/browser/webauthn/electron_authenticator_request_delegate.h

diff --git a/filenames.gni b/filenames.gni
index 6988680afd143..7b6ab7a2f6969 100644
--- a/filenames.gni
+++ b/filenames.gni
@@ -515,6 +515,8 @@ filenames = {
     "shell/browser/web_view_guest_delegate.h",
     "shell/browser/web_view_manager.cc",
     "shell/browser/web_view_manager.h",
+    "shell/browser/webauthn/electron_authenticator_request_delegate.cc",
+    "shell/browser/webauthn/electron_authenticator_request_delegate.h",
     "shell/browser/window_list.cc",
     "shell/browser/window_list.h",
     "shell/browser/window_list_observer.h",
diff --git a/shell/browser/electron_browser_client.cc b/shell/browser/electron_browser_client.cc
index a344b55023484..661f54d6b3ad8 100644
--- a/shell/browser/electron_browser_client.cc
+++ b/shell/browser/electron_browser_client.cc
@@ -104,6 +104,7 @@
 #include "shell/browser/ui/devtools_manager_delegate.h"
 #include "shell/browser/web_contents_permission_helper.h"
 #include "shell/browser/web_contents_preferences.h"
+#include "shell/browser/webauthn/electron_authenticator_request_delegate.h"
 #include "shell/browser/window_list.h"
 #include "shell/common/api/api.mojom.h"
 #include "shell/common/application_info.h"
@@ -1857,4 +1858,13 @@ content::HidDelegate* ElectronBrowserClient::GetHidDelegate() {
   return hid_delegate_.get();
 }
 
+content::WebAuthenticationDelegate*
+ElectronBrowserClient::GetWebAuthenticationDelegate() {
+  if (!web_authentication_delegate_) {
+    web_authentication_delegate_ =
+        std::make_unique<ElectronWebAuthenticationDelegate>();
+  }
+  return web_authentication_delegate_.get();
+}
+
 }  // namespace electron
diff --git a/shell/browser/electron_browser_client.h b/shell/browser/electron_browser_client.h
index 597eb58360ef9..252c61bf150e5 100644
--- a/shell/browser/electron_browser_client.h
+++ b/shell/browser/electron_browser_client.h
@@ -38,6 +38,7 @@ namespace electron {
 class ElectronBrowserMainParts;
 class NotificationPresenter;
 class PlatformNotificationService;
+class ElectronWebAuthenticationDelegate;
 
 class ElectronBrowserClient : public content::ContentBrowserClient,
                               public content::RenderProcessHostObserver {
@@ -102,6 +103,8 @@ class ElectronBrowserClient : public content::ContentBrowserClient,
 
   content::HidDelegate* GetHidDelegate() override;
 
+  content::WebAuthenticationDelegate* GetWebAuthenticationDelegate() override;
+
   device::GeolocationManager* GetGeolocationManager() override;
 
   content::PlatformNotificationService* GetPlatformNotificationService();
@@ -330,6 +333,8 @@ class ElectronBrowserClient : public content::ContentBrowserClient,
   std::unique_ptr<ElectronSerialDelegate> serial_delegate_;
   std::unique_ptr<ElectronBluetoothDelegate> bluetooth_delegate_;
   std::unique_ptr<ElectronHidDelegate> hid_delegate_;
+  std::unique_ptr<ElectronWebAuthenticationDelegate>
+      web_authentication_delegate_;
 
 #if BUILDFLAG(IS_MAC)
   ElectronBrowserMainParts* browser_main_parts_ = nullptr;
diff --git a/shell/browser/webauthn/electron_authenticator_request_delegate.cc b/shell/browser/webauthn/electron_authenticator_request_delegate.cc
new file mode 100644
index 0000000000000..598cfd98daf3d
--- /dev/null
+++ b/shell/browser/webauthn/electron_authenticator_request_delegate.cc
@@ -0,0 +1,17 @@
+// Copyright (c) 2022 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#include "shell/browser/webauthn/electron_authenticator_request_delegate.h"
+
+namespace electron {
+
+ElectronWebAuthenticationDelegate::~ElectronWebAuthenticationDelegate() =
+    default;
+
+bool ElectronWebAuthenticationDelegate::SupportsResidentKeys(
+    content::RenderFrameHost* render_frame_host) {
+  return true;
+}
+
+}  // namespace electron
diff --git a/shell/browser/webauthn/electron_authenticator_request_delegate.h b/shell/browser/webauthn/electron_authenticator_request_delegate.h
new file mode 100644
index 0000000000000..217e7b4667aa4
--- /dev/null
+++ b/shell/browser/webauthn/electron_authenticator_request_delegate.h
@@ -0,0 +1,23 @@
+// Copyright (c) 2022 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#ifndef ELECTRON_SHELL_BROWSER_WEBAUTHN_ELECTRON_AUTHENTICATOR_REQUEST_DELEGATE_H_
+#define ELECTRON_SHELL_BROWSER_WEBAUTHN_ELECTRON_AUTHENTICATOR_REQUEST_DELEGATE_H_
+
+#include "content/public/browser/authenticator_request_client_delegate.h"
+
+namespace electron {
+
+// Modified from chrome/browser/webauthn/chrome_authenticator_request_delegate.h
+class ElectronWebAuthenticationDelegate
+    : public content::WebAuthenticationDelegate {
+ public:
+  ~ElectronWebAuthenticationDelegate() override;
+
+  bool SupportsResidentKeys(
+      content::RenderFrameHost* render_frame_host) override;
+};
+
+}  // namespace electron
+#endif  // ELECTRON_SHELL_BROWSER_WEBAUTHN_ELECTRON_AUTHENTICATOR_REQUEST_DELEGATE_H_