Digital Credentials: Make user mediation implicit and always required

marcoscaceres · marcoscaceres · commit b9929030512f · 2025-12-18T05:57:21.000-08:00
rdar://165597827 https://bugs.webkit.org/show_bug.cgi?id=303292 Reviewed by Pascoe. Removes mediation check requirement per spec change: w3c-fedid/digital-credentials#392 Include upstream WPT commit: web-platform-tests/wpt@1b72127 * LayoutTests/http/wpt/identity/formats/ISO18013/mobiledocument.https.html: * LayoutTests/http/wpt/identity/identitycredentialscontainer-get-hidden.https.html: * LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/digital-credentials/support/helper.js: * LayoutTests/platform/ios-18/TestExpectations: * LayoutTests/platform/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt. * LayoutTests/platform/mac-sequoia/TestExpectations: * Source/WebCore/Modules/identity/DigitalCredential.cpp: (WebCore::DigitalCredential::discoverFromExternalSource): Canonical link: https://commits.webkit.org/304676@main
diff --git a/LayoutTests/http/wpt/identity/formats/ISO18013/mobiledocument.https.html b/LayoutTests/http/wpt/identity/formats/ISO18013/mobiledocument.https.html
@@ -109,6 +109,7 @@
                     ],
                 },
             };
+            await test_driver.bless();
             await promise_rejects_js(
                 t,
                 TypeError,
diff --git a/LayoutTests/http/wpt/identity/identitycredentialscontainer-get-hidden.https.html b/LayoutTests/http/wpt/identity/identitycredentialscontainer-get-hidden.https.html
@@ -40,7 +40,6 @@
             digital: {
                 requests: [{ protocol: "openid4vp", data: { } }],
             },
-            mediation: "required",
         });
 
         await promise_rejects_dom(t, "NotAllowedError", p);
diff --git a/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt
@@ -10,7 +10,7 @@ PASS navigator.credentials.get() promise is rejected if called with an aborted c
 PASS navigator.credentials.get() promise is rejected if called with an aborted signal in cross-origin iframe.
 PASS navigator.credentials.get() promise is rejected if abort controller is aborted after call to get().
 PASS navigator.credentials.get() promise is rejected if abort controller is aborted after call to get() in cross-origin iframe.
-FAIL Mediation is implicitly required and hence ignored. Request is aborted regardless. promise_rejects_js: function "function() { throw e; }" threw object "TypeError: User mediation is required for DigitalCredential." ("TypeError") expected instance of function "function Error() {
+FAIL Mediation is implicitly required and hence ignored. Request is aborted regardless. promise_rejects_js: function "function() { throw e; }" threw object "InvalidStateError: A credential picker operation is already in progress." ("InvalidStateError") expected instance of function "function Error() {
     [native code]
 }" ("Error")
 PASS Throws TypeError when request data is not JSON stringifiable.
diff --git a/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/support/helper.js b/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/support/helper.js
@@ -146,7 +146,7 @@ const allMappings = {
  * @returns {TOptions}
  */
 function makeCredentialOptionsFromConfig(config, mapping) {
-  const { protocol, requests = [], data, mediation = "required", signal } = config;
+  const { protocol, requests = [], data, mediation, signal } = config;
 
   // Validate that we have either a protocol or requests
   if (!protocol && !requests?.length) {
diff --git a/LayoutTests/platform/ios-18/TestExpectations b/LayoutTests/platform/ios-18/TestExpectations
@@ -108,6 +108,10 @@ imported/w3c/web-platform-tests/mixed-content/gen/top.http-rp/opt-in/sharedworke
 imported/w3c/web-platform-tests/mixed-content/gen/top.meta/opt-in/sharedworker-import-data.https.html [ Skip ]
 imported/w3c/web-platform-tests/mixed-content/gen/top.meta/unset/sharedworker-import-data.https.html [ Skip ]
 
+# Digital Credentials supported added in iOS 26
+imported/w3c/web-platform-tests/digital-credentials/ [ Skip ]
+http/wpt/identity/ [ Skip ]
+
 # -- The above has different, expected behavior on iOS 26 than iOS 18 --
 # -- New failure expectations below this point only!! --
 
diff --git a/LayoutTests/platform/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt b/LayoutTests/platform/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt
@@ -0,0 +1,18 @@
+
+
+PASS Type conversion happens on the data member of the DigitalCredentialGetRequest object.
+PASS Calling navigator.credentials.get() without a digital member same origin.
+PASS navigator.credentials.get() API rejects if there are no credential request.
+PASS navigator.credentials.get() API rejects if there are no credential request for same-origin iframe.
+PASS navigator.credentials.get() API rejects if there are no credential request in cross-origin iframe.
+PASS navigator.credentials.get() promise is rejected if called with an aborted controller.
+PASS navigator.credentials.get() promise is rejected if called with an aborted controller in same-origin iframe.
+PASS navigator.credentials.get() promise is rejected if called with an aborted signal in cross-origin iframe.
+PASS navigator.credentials.get() promise is rejected if abort controller is aborted after call to get().
+PASS navigator.credentials.get() promise is rejected if abort controller is aborted after call to get() in cross-origin iframe.
+FAIL Mediation is implicitly required and hence ignored. Request is aborted regardless. promise_rejects_js: function "function() { throw e; }" threw object "InvalidStateError: A credential picker operation is already in progress." ("InvalidStateError") expected instance of function "function Error() {
+    [native code]
+}" ("Error")
+PASS Throws TypeError when request data is not JSON stringifiable.
+PASS `requests` field is required in the options object.
+
diff --git a/LayoutTests/platform/mac-sequoia/TestExpectations b/LayoutTests/platform/mac-sequoia/TestExpectations
@@ -32,6 +32,7 @@ imported/w3c/web-platform-tests/mixed-content/gen/top.http-rp/opt-in/sharedworke
 imported/w3c/web-platform-tests/mixed-content/gen/top.meta/opt-in/sharedworker-import-data.https.html [ Skip ]
 imported/w3c/web-platform-tests/mixed-content/gen/top.meta/unset/sharedworker-import-data.https.html [ Skip ]
 imported/w3c/web-platform-tests/digital-credentials/ [ Skip ]
+http/wpt/identity/ [ Skip ]
 
 # -- The above has different, expected behavior on Tahoe than Sequoia --
 # -- New failure expectations for Sequoia below this point only!! --
diff --git a/Source/WebCore/Modules/identity/DigitalCredential.cpp b/Source/WebCore/Modules/identity/DigitalCredential.cpp
@@ -112,11 +112,6 @@ void DigitalCredential::discoverFromExternalSource(const Document& document, Cre
 {
     ASSERT(options.digital);
 
-    if (options.mediation != MediationRequirement::Required) {
-        promise.reject(Exception { ExceptionCode::TypeError, "User mediation is required for DigitalCredential."_s });
-        return;
-    }
-
     if (!PermissionsPolicy::isFeatureEnabled(PermissionsPolicy::Feature::DigitalCredentialsGetRule, document, PermissionsPolicy::ShouldReportViolation::No)) {
         promise.reject(Exception { ExceptionCode::NotAllowedError, "Third-party iframes are not allowed to call .get() unless explicitly allowed via Permissions Policy (digital-credentials-get)"_s });
         return;
