Source code
Revision control
Copy as Markdown
Other Tools
Test Info:
- This WPT test may be referenced by the following Test IDs:
- /webauthn/getcredential-prf.https.html - WPT Dashboard Interop Dashboard
<!DOCTYPE html>
<meta charset="utf-8">
<title>navigator.credentials.get() prf extension tests with authenticator support</title>
<meta name="timeout" content="long">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script src=helpers.js></script>
<body></body>
<script>
standardSetup(async function(authenticator) {
"use strict";
const b64 = buf => btoa(String.fromCharCode.apply(null, new Uint8Array(buf)));
const b64url = buf => b64(buf).
replace(/\+/g, '-').
replace(/\//g, '_').
replace(/=+$/, '');
const credential = createCredential({
options: {
publicKey: {
extensions: {
prf: {},
},
},
},
});
const assert = (id, prfExt) =>
navigator.credentials.get({publicKey: {
challenge: new Uint8Array(),
allowCredentials: [{
id: id,
type: "public-key",
}],
extensions: {
prf: prfExt,
},
}});
promise_test(async t => {
const id = (await credential).rawId;
const assertion = await assert(id, {
eval: {
first: new Uint8Array([1,2,3,4]).buffer,
},
});
const results = assertion.getClientExtensionResults().prf.results;
assert_equals(results.first.byteLength, 32)
assert_not_own_property(results, 'second');
}, "navigator.credentials.get() with single evaluation point");
promise_test(async t => {
const id = (await credential).rawId;
const assertion = await assert(id, {
eval: {
first: new Uint8Array([1,2,3,4]).buffer,
second: new Uint8Array([1,2,3,4]).buffer,
},
});
const results = assertion.getClientExtensionResults().prf.results;
assert_equals(results.first.byteLength, 32)
assert_equals(results.second.byteLength, 32)
assert_equals(b64(results.first), b64(results.second));
}, "navigator.credentials.get() with two equal evaluation points");
promise_test(async t => {
const id = (await credential).rawId;
const assertion = await assert(id, {
eval: {
first: new Uint8Array([1,2,3,4]).buffer,
second: new Uint8Array([1,2,3,5]).buffer,
},
});
const results = assertion.getClientExtensionResults().prf.results;
assert_equals(results.first.byteLength, 32)
assert_equals(results.second.byteLength, 32)
assert_not_equals(b64(results.first), b64(results.second));
}, "navigator.credentials.get() with two distinct evaluation points");
promise_test(async t => {
const id = (await credential).rawId;
const byCred = {};
byCred[b64url(id)] = {
first: new Uint8Array([1,2,3,4]).buffer,
};
const assertion = await assert(id, {
evalByCredential: byCred,
});
const results = assertion.getClientExtensionResults().prf.results;
assert_equals(results.first.byteLength, 32)
assert_not_own_property(results, 'second');
}, "navigator.credentials.get() using credential ID with one evaluation point");
promise_test(async t => {
const id = (await credential).rawId;
const byCred = {};
byCred[b64url(id)] = {
first: new Uint8Array([1,2,3,4]).buffer,
second: new Uint8Array([1,2,3,4]).buffer,
};
const assertion = await assert(id, {
evalByCredential: byCred,
});
const results = assertion.getClientExtensionResults().prf.results;
assert_equals(results.first.byteLength, 32)
assert_equals(results.second.byteLength, 32)
assert_equals(b64(results.first), b64(results.second));
}, "navigator.credentials.get() using credential ID with two evaluation points");
promise_test(async t => {
const id = (await credential).rawId;
const byCred = {};
byCred["Zm9v"] = {
first: new Uint8Array([1,2,3,4]).buffer,
};
return promise_rejects_dom(t, "SyntaxError", assert(id, {
evalByCredential: byCred,
}));
}, "navigator.credentials.get() with credential ID not in allowedCredentials");
promise_test(async t => {
const id = (await credential).rawId;
const byCred = {};
byCred["Zm9v"] = {
first: new Uint8Array([1,2,3,4]),
};
return promise_rejects_dom(t, "SyntaxError", assert(id, {
evalByCredential: byCred,
}));
}, "navigator.credentials.get() with Uint8Array credential ID not in allowedCredentials");
promise_test(async t => {
const id = (await credential).rawId;
const byCred = {};
byCred["Zm9v="] = {
first: new Uint8Array([1,2,3,4]).buffer,
};
return promise_rejects_dom(
t, "SyntaxError", assert(id, {evalByCredential: byCred }));
}, "navigator.credentials.get() using invalid base64url credential ID");
promise_test(async t => {
const id = (await credential).rawId;
const byCred = {};
byCred["Zm9v"] = {
first: new Uint8Array([1,2,3,4]).buffer,
};
const promise = navigator.credentials.get({publicKey: {
challenge: new Uint8Array(),
extensions: {
prf: {evalByCredential: byCred },
},
}});
return promise_rejects_dom(t, "NotSupportedError", promise);
}, "navigator.credentials.get() with an empty allow list but also using evalByCredential");
}, {
protocol: "ctap2_1",
extensions: ["prf"],
hasUserVerification: true,
isUserVerified: true,
});
</script>