Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test gets skipped with pattern: win10_2009 OR win11_2009
- Manifest: dom/webauthn/tests/mochitest.toml
<!DOCTYPE html>
<meta charset=utf-8>
<head>
<title>W3C Web Authentication - Authenticator Selection Criteria</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="text/javascript" src="u2futil.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<h1>W3C Web Authentication - Authenticator Selection Criteria</h1>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1406462">Mozilla Bug 1406462</a>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1406467">Mozilla Bug 1406467</a>
<script class="testbody" type="text/javascript">
"use strict";
add_task(async () => {
await addVirtualAuthenticator();
});
function arrivingHereIsGood(aResult) {
ok(true, "Good result! Received a: " + aResult);
}
function arrivingHereIsBad(aResult) {
ok(false, "Bad result! Received a: " + aResult);
}
function expectNotAllowedError(aResult) {
ok(aResult.toString().startsWith("NotAllowedError"), "Expecting a NotAllowedError, got " + aResult);
}
// We store the credential of the first successful make credential
// operation so we can use it for get assertion tests later.
let gCredential;
// Start a new MakeCredential() request.
function requestMakeCredential(authenticatorSelection) {
let publicKey = {
rp: {id: document.domain, name: "none"},
user: {id: new Uint8Array(), name: "none", displayName: "none"},
challenge: crypto.getRandomValues(new Uint8Array(16)),
timeout: 5000, // the minimum timeout is actually 15 seconds
pubKeyCredParams: [{type: "public-key", alg: cose_alg_ECDSA_w_SHA256}],
authenticatorSelection,
};
return navigator.credentials.create({publicKey});
}
// Start a new GetAssertion() request.
function requestGetAssertion(userVerification) {
let newCredential = {
type: "public-key",
id: gCredential,
transports: ["usb"],
};
let publicKey = {
challenge: crypto.getRandomValues(new Uint8Array(16)),
timeout: 5000, // the minimum timeout is actually 15 seconds
rpId: document.domain,
allowCredentials: [newCredential]
};
if (userVerification) {
publicKey.userVerification = userVerification;
}
return navigator.credentials.get({publicKey});
}
// Test success cases for make credential.
add_task(async function test_make_credential_successes() {
// No selection criteria.
await requestMakeCredential({})
// Save the credential so we can use it for sign success tests.
.then(res => gCredential = res.rawId)
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Request a cross-platform authenticator.
await requestMakeCredential({authenticatorAttachment: "cross-platform"})
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Require a resident key.
await requestMakeCredential({requireResidentKey: true})
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Don't require a resident key.
await requestMakeCredential({requireResidentKey: false})
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Require user verification.
await requestMakeCredential({userVerification: "required"})
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Prefer user verification.
await requestMakeCredential({userVerification: "preferred"})
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Discourage user verification.
await requestMakeCredential({userVerification: "discouraged"})
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
});
// Test success cases for get assertion.
add_task(async function test_get_assertion_successes() {
// No selection criteria.
await requestGetAssertion()
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Require user verification.
await requestGetAssertion("required")
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Prefer user verification.
await requestGetAssertion("preferred")
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
// Discourage user verification.
await requestGetAssertion("discouraged")
.then(arrivingHereIsGood)
.catch(arrivingHereIsBad);
});
// Test failure cases for make credential.
add_task(async function test_make_credential_failures() {
// Request a platform authenticator.
await requestMakeCredential({authenticatorAttachment: "platform"})
.then(arrivingHereIsBad)
.catch(expectNotAllowedError);
});
// Test failure cases for get assertion.
add_task(async function test_get_assertion_failures() {
// No failures currently tested
});
</script>
</body>
</html>