Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test has a WPT meta file that expects 8 subtest issues.
- This WPT test may be referenced by the following Test IDs:
- /webauthn/signal-all-accepted-credentials.https.html - WPT Dashboard Interop Dashboard
<!DOCTYPE html>
<meta charset="utf-8">
<title>Signal all accepted credentials tests</title>
<meta name="timeout" content="long">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script src=helpers.js></script>
<body></body>
<script>
"use strict";
const authenticatorOptions = {
protocol: "ctap2_1",
hasResidentKey: true,
isUserVerified: true,
hasUserVerification: true,
};
const userId = Uint8Array.from([1, 2, 3, 4]);
function createDiscoverableCredential() {
return createCredential({
options: {
publicKey: {
authenticatorSelection: {
residentKey: "required",
},
user: {
id: userId,
name: "reimu",
displayName: "Reimu Hakurei",
}
},
},
});
}
virtualAuthenticatorPromiseTest(async t => {
return promise_rejects_dom(t, "SecurityError", PublicKeyCredential.signalAllAcceptedCredentials({
rpId: "umbrella-corporation.example.com",
userId: base64urlEncode(userId),
allAcceptedCredentialIds: [],
}));
}, authenticatorOptions, "signalAllAcceptedCredentials fails with SecurityError for invalid RP IDs");
virtualAuthenticatorPromiseTest(async t => {
return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
rpId: window.location.hostname,
userId: "Not base 64 url",
allAcceptedCredentialIds: [],
}));
}, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid userId base64url");
virtualAuthenticatorPromiseTest(async t => {
return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
rpId: window.location.hostname,
userId: base64urlEncode(userId),
allAcceptedCredentialIds: ["not base 64 url"],
}));
}, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid credential base64url");
virtualAuthenticatorPromiseTest(async t => {
const credential = await createDiscoverableCredential();
await assertCredential(credential);
PublicKeyCredential.signalAllAcceptedCredentials({
rpId: window.location.hostname,
userId: base64urlEncode([5, 6, 7, 8]),
allAcceptedCredentialIds: [],
});
await assertCredential(credential);
}, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential for a different user id");
virtualAuthenticatorPromiseTest(async t => {
const credential = await createDiscoverableCredential();
await assertCredential(credential);
PublicKeyCredential.signalAllAcceptedCredentials({
rpId: window.location.hostname,
userId: base64urlEncode(userId),
allAcceptedCredentialIds: [credential.id],
});
await assertCredential(credential);
}, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential if present on the list");
virtualAuthenticatorPromiseTest(async t => {
const credential = await createDiscoverableCredential();
await assertCredential(credential);
PublicKeyCredential.signalAllAcceptedCredentials({
rpId: window.location.hostname,
userId: base64urlEncode(userId),
allAcceptedCredentialIds: [],
});
return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
}, authenticatorOptions, "signalAllAcceptedCredentials removes a credential present on the list for the correct user");
virtualAuthenticatorPromiseTest(async t => {
const credential = await createDiscoverableCredential();
await assertCredential(credential);
PublicKeyCredential.signalAllAcceptedCredentials({
rpId: window.location.hostname,
userId: base64urlEncode(userId),
allAcceptedCredentialIds: [base64urlEncode([1, 2, 3, 4])],
});
return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
}, authenticatorOptions, "signalAllAcceptedCredentials with unrecognized credentials removes existing credential");
virtualAuthenticatorPromiseTest(async t => {
const credential = await createDiscoverableCredential();
await assertCredential(credential);
PublicKeyCredential.signalAllAcceptedCredentials({
rpId: window.location.hostname,
userId: base64urlEncode(userId),
allAcceptedCredentialIds: [credential.id, base64urlEncode([1, 2, 3, 4])],
});
await assertCredential(credential);
}, authenticatorOptions, "signalAllAcceptedCredentials with recognized and unrecognized credentials keeps the existing credential");
</script>