Digital Credentials API: add default toJSON() to DigitalCredential interface

marcoscaceres · marcoscaceres · commit 251eeb10a290 · 2025-07-03T02:55:32.000-07:00
https://bugs.webkit.org/show_bug.cgi?id=295018 rdar://problem/154733737 Reviewed by Abrar Rahman Protyasha. Spec change: w3c-fedid/digital-credentials#179 * Adds a default `toJSON()` method to the `DigitalCredential` interface. * Adds JSON strinfication check for incoming request, as required by the spec. Canonical link: https://commits.webkit.org/296963@main
diff --git a/LayoutTests/http/wpt/identity/idl.https-expected.txt b/LayoutTests/http/wpt/identity/idl.https-expected.txt
@@ -83,4 +83,5 @@ PASS DigitalCredential interface: existence and properties of interface prototyp
 PASS DigitalCredential interface: attribute protocol
 PASS DigitalCredential interface: attribute data
 PASS DigitalCredential interface: operation userAgentAllowsProtocol(DOMString)
+PASS DigitalCredential interface: operation toJSON()
 
diff --git a/LayoutTests/http/wpt/identity/idl.https.html b/LayoutTests/http/wpt/identity/idl.https.html
@@ -22,6 +22,7 @@
     readonly attribute DOMString protocol;
     readonly attribute Uint8Array data;
     static boolean userAgentAllowsProtocol(DOMString protocol);
+    [Default] object toJSON();
 };
 </script>
 <script>
diff --git a/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt
@@ -11,4 +11,5 @@ PASS navigator.credentials.get() promise is rejected if called with an aborted s
 FAIL navigator.credentials.get() promise is rejected if abort controller is aborted after call to get(). promise_rejects_dom: function "function() { throw e }" threw object "NotSupportedError: Digital credentials are not supported." that is not a DOMException AbortError: property "code" is equal to 9, expected 20
 FAIL navigator.credentials.get() promise is rejected if abort controller is aborted after call to get() in cross-origin iframe. assert_equals: expected "AbortError" but got "NotAllowedError"
 PASS Mediation is required to get a DigitalCredential.
+PASS Throws TypeError when request data is not JSON stringifiable.
 
diff --git a/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https.html b/LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https.html
@@ -231,4 +231,24 @@
       );
     }
   }, "Mediation is required to get a DigitalCredential.");
+
+promise_test(async t => {
+  const throwingValues = [
+    BigInt(123),
+    (() => { const o = {}; o.self = o; return o; })(),
+    Symbol("foo")
+  ];
+
+  for (const badValue of throwingValues) {
+    const options = makeGetOptions("openid4vp");
+    options.digital.requests[0].data = badValue;
+
+    await promise_rejects_js(
+      t,
+      TypeError,
+      navigator.credentials.get(options),
+      `Should throw for: ${String(badValue)}`
+    );
+  }
+}, "Throws TypeError when request data is not JSON stringifiable.");
 </script>
diff --git a/LayoutTests/platform/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt b/LayoutTests/platform/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt
@@ -13,4 +13,5 @@ PASS navigator.credentials.get() promise is rejected if called with an aborted s
 FAIL navigator.credentials.get() promise is rejected if abort controller is aborted after call to get(). promise_rejects_dom: function "function() { throw e }" threw object "NotSupportedError: Digital credentials are not supported." that is not a DOMException AbortError: property "code" is equal to 9, expected 20
 FAIL navigator.credentials.get() promise is rejected if abort controller is aborted after call to get() in cross-origin iframe. assert_equals: expected "AbortError" but got "NotAllowedError"
 PASS Mediation is required to get a DigitalCredential.
+PASS Throws TypeError when request data is not JSON stringifiable.
 
diff --git a/LayoutTests/platform/mac-sonoma/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt b/LayoutTests/platform/mac-sonoma/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt
@@ -11,4 +11,5 @@ PASS navigator.credentials.get() promise is rejected if called with an aborted s
 FAIL navigator.credentials.get() promise is rejected if abort controller is aborted after call to get(). promise_rejects_dom: function "function() { throw e }" threw object "NotSupportedError: Digital credentials are not supported." that is not a DOMException AbortError: property "code" is equal to 9, expected 20
 FAIL navigator.credentials.get() promise is rejected if abort controller is aborted after call to get() in cross-origin iframe. assert_equals: expected "AbortError" but got "NotAllowedError"
 PASS Mediation is required to get a DigitalCredential.
+PASS Throws TypeError when request data is not JSON stringifiable.
 
diff --git a/Source/WebCore/Modules/identity/DigitalCredential.cpp b/Source/WebCore/Modules/identity/DigitalCredential.cpp
@@ -68,6 +68,11 @@ static ExceptionOr<UnvalidatedDigitalCredentialRequest> jsToCredentialRequest(co
     auto scope = DECLARE_THROW_SCOPE(document.globalObject()->vm());
     auto* globalObject = document.globalObject();
 
+    // Check that the object is JSON stringifiable.
+    JSC::JSONStringify(globalObject, request.data.get(), 0);
+    if (scope.exception()) [[unlikely]]
+        return Exception { ExceptionCode::ExistingExceptionError };
+
     switch (request.protocol) {
     case IdentityCredentialProtocol::OrgIsoMdoc: {
         auto result = convertDictionary<MobileDocumentRequest>(*globalObject, request.data.get());
diff --git a/Source/WebCore/Modules/identity/DigitalCredential.idl b/Source/WebCore/Modules/identity/DigitalCredential.idl
@@ -32,4 +32,5 @@
     [SameObject] readonly attribute object data;
     readonly attribute IdentityCredentialProtocol protocol;
     static boolean userAgentAllowsProtocol(DOMString protocol);
+    [Default] object toJSON();
 };
