Source code

Revision control

Copy as Markdown

Other Tools

Test Info: Warnings

<!DOCTYPE html>
<meta charset=utf-8>
<head>
<title>Test for MakeCredential for W3C Web Authentication (sameOriginWithAncestors = false)</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="text/javascript" src="u2futil.js"></script>
<script type="text/javascript" src="pkijs/common.js"></script>
<script type="text/javascript" src="pkijs/asn1.js"></script>
<script type="text/javascript" src="pkijs/x509_schema.js"></script>
<script type="text/javascript" src="pkijs/x509_simpl.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<h1>Test Same Origin Policy for W3C Web Authentication (sameOriginWithAncestors = false)</h1>
<script class="testbody" type="text/javascript">
"use strict";
add_task(async () => {
await addVirtualAuthenticator();
});
var gTrackedCredential = {};
function arrivingHereIsGood(aResult) {
ok(true, "Good result! Received a: " + aResult);
}
function arrivingHereIsBad(aResult) {
ok(false, "Bad result! Received a: " + aResult);
}
function expectNotAllowedError(aResult) {
ok(aResult == "NotAllowedError", "Expecting a NotAllowedError, got " + aResult);
}
function keepThisPublicKeyCredential(aIdentifier) {
return function(aPublicKeyCredential) {
gTrackedCredential[aIdentifier] = {
type: "public-key",
id: new Uint8Array(aPublicKeyCredential.rawId),
transports: [ "usb" ],
}
return Promise.resolve(aPublicKeyCredential);
}
}
add_task(async function runTests() {
let iframe = document.createElement("iframe");
iframe.src = "https://example.org";
document.body.appendChild(iframe);
await new Promise(resolve => iframe.addEventListener("load", resolve, {once: true}));
is(navigator.authentication, undefined, "navigator.authentication does not exist any longer");
isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist");
isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist");
isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist");
let credm = navigator.credentials;
let chall = new Uint8Array(16);
window.crypto.getRandomValues(chall);
let user = {id: new Uint8Array(16), name: "none", displayName: "none"};
let param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256};
let rp = {id: document.domain, name: "none"};
let makeCredentialOptions = {
rp, user, challenge: chall, pubKeyCredParams: [param]
};
await credm.create({publicKey: makeCredentialOptions})
.then(keepThisPublicKeyCredential("basic"))
.catch(arrivingHereIsBad);
var testFuncs = [
function (args) {
// Test create when sameOriginWithAncestors = false
let credentialOptions = {
rp: args.rp, user: args.user, challenge: args.challenge, pubKeyCredParams: [args.param]
};
return this.content.window.navigator.credentials.create({publicKey: credentialOptions})
.catch(e => Promise.reject(e.name));
},
function (args) {
// Test get when sameOriginWithAncestors = false
let publicKeyCredentialRequestOptions = {
challenge: args.challenge,
rpId: args.rp.id,
allowCredentials: [args.trackedCredential.basic]
};
return this.content.window.navigator.credentials.get({publicKey: publicKeyCredentialRequestOptions})
.catch(e => Promise.reject(e.name));
},
];
let args = { user, param, rp, challenge: chall, trackedCredential: gTrackedCredential }
for(let func of testFuncs) {
await SpecialPowers.spawn(iframe, [args], func)
.then(arrivingHereIsBad)
.catch(expectNotAllowedError);
}
});
</script>
</body>
</html>