306 lines
7.4 KiB
JavaScript
306 lines
7.4 KiB
JavaScript
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
"use strict";
|
|
|
|
XPCOMUtils.defineLazyServiceGetter(
|
|
this,
|
|
"IdentityCredentialStorageService",
|
|
"@mozilla.org/browser/identity-credential-storage-service;1",
|
|
"nsIIdentityCredentialStorageService"
|
|
);
|
|
|
|
const TEST_URL = "https://example.com/";
|
|
|
|
async function disconnect() {
|
|
let promise = content.IdentityCredential.disconnect({
|
|
configURL:
|
|
"https://example.net/browser/dom/credentialmanagement/identity/tests/browser/server_manifest.json",
|
|
clientId: "id",
|
|
accountHint: "example",
|
|
});
|
|
try {
|
|
return await promise;
|
|
} catch (_) {
|
|
return undefined;
|
|
}
|
|
}
|
|
|
|
async function disconnectEndpointFailure() {
|
|
let promise = content.IdentityCredential.disconnect({
|
|
configURL:
|
|
"https://example.net/browser/dom/credentialmanagement/identity/tests/browser/server_manifest_disconnect_failure.json",
|
|
clientId: "id",
|
|
accountHint: "example",
|
|
});
|
|
try {
|
|
return await promise;
|
|
} catch (_) {
|
|
return undefined;
|
|
}
|
|
}
|
|
|
|
async function disconnectManifestFailure() {
|
|
let promise = content.IdentityCredential.disconnect({
|
|
configURL:
|
|
"https://example.net/browser/dom/credentialmanagement/identity/tests/browser/server_manifest_failure.json",
|
|
clientId: "id",
|
|
accountHint: "example",
|
|
});
|
|
try {
|
|
return await promise;
|
|
} catch (_) {
|
|
return undefined;
|
|
}
|
|
}
|
|
|
|
add_task(async function test_disconnect_identity_credential() {
|
|
await SpecialPowers.pushPrefEnv({
|
|
set: [
|
|
[
|
|
"dom.security.credentialmanagement.identity.select_first_in_ui_lists",
|
|
true,
|
|
],
|
|
[
|
|
"dom.security.credentialmanagement.identity.reject_delay.enabled",
|
|
false,
|
|
],
|
|
],
|
|
});
|
|
|
|
const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.net"),
|
|
{}
|
|
);
|
|
const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.com"),
|
|
{}
|
|
);
|
|
|
|
// Set two accounts as registered
|
|
IdentityCredentialStorageService.setState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"disconnected",
|
|
true,
|
|
false
|
|
);
|
|
IdentityCredentialStorageService.setState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"still_connected",
|
|
true,
|
|
false
|
|
);
|
|
|
|
let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
|
|
|
|
await SpecialPowers.spawn(tab.linkedBrowser, [], disconnect);
|
|
|
|
let registered = {};
|
|
let allowLogout = {};
|
|
IdentityCredentialStorageService.getState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"disconnected",
|
|
registered,
|
|
allowLogout
|
|
);
|
|
Assert.ok(!registered.value, "Should be unregistered by disconnect.");
|
|
IdentityCredentialStorageService.getState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"still_connected",
|
|
registered,
|
|
allowLogout
|
|
);
|
|
Assert.ok(
|
|
registered.value,
|
|
"Should be still registered by disconnect if not returned by server."
|
|
);
|
|
|
|
// Close tabs.
|
|
await BrowserTestUtils.removeTab(tab);
|
|
await SpecialPowers.popPrefEnv();
|
|
});
|
|
|
|
add_task(async function test_disconnect_miss_identity_credential() {
|
|
await SpecialPowers.pushPrefEnv({
|
|
set: [
|
|
[
|
|
"dom.security.credentialmanagement.identity.select_first_in_ui_lists",
|
|
true,
|
|
],
|
|
[
|
|
"dom.security.credentialmanagement.identity.reject_delay.enabled",
|
|
false,
|
|
],
|
|
],
|
|
});
|
|
|
|
const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.net"),
|
|
{}
|
|
);
|
|
const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.com"),
|
|
{}
|
|
);
|
|
|
|
// Set only one account as registered
|
|
this.IdentityCredentialStorageService.setState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"no_longer_connected",
|
|
true,
|
|
false
|
|
);
|
|
|
|
let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
|
|
|
|
await SpecialPowers.spawn(tab.linkedBrowser, [], disconnect);
|
|
|
|
let registered = {};
|
|
let allowLogout = {};
|
|
IdentityCredentialStorageService.getState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"no_longer_connected",
|
|
registered,
|
|
allowLogout
|
|
);
|
|
Assert.ok(
|
|
!registered.value,
|
|
"Should not be still registered by disconnect if the disconnect missed."
|
|
);
|
|
|
|
// Close tabs.
|
|
await BrowserTestUtils.removeTab(tab);
|
|
await SpecialPowers.popPrefEnv();
|
|
});
|
|
|
|
add_task(async function test_disconnect_on_disconnect_failure() {
|
|
await SpecialPowers.pushPrefEnv({
|
|
set: [
|
|
[
|
|
"dom.security.credentialmanagement.identity.select_first_in_ui_lists",
|
|
true,
|
|
],
|
|
[
|
|
"dom.security.credentialmanagement.identity.reject_delay.enabled",
|
|
false,
|
|
],
|
|
],
|
|
});
|
|
|
|
const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.net"),
|
|
{}
|
|
);
|
|
const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.com"),
|
|
{}
|
|
);
|
|
|
|
// Set two accounts as registered
|
|
this.IdentityCredentialStorageService.setState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"disconnected",
|
|
true,
|
|
false
|
|
);
|
|
this.IdentityCredentialStorageService.setState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"not_still_connected",
|
|
true,
|
|
false
|
|
);
|
|
|
|
let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
|
|
|
|
await SpecialPowers.spawn(tab.linkedBrowser, [], disconnectEndpointFailure);
|
|
|
|
let registered = {};
|
|
let allowLogout = {};
|
|
IdentityCredentialStorageService.getState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"disconnected",
|
|
registered,
|
|
allowLogout
|
|
);
|
|
Assert.ok(!registered.value, "Should be unregistered by disconnect.");
|
|
IdentityCredentialStorageService.getState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"not_still_connected",
|
|
registered,
|
|
allowLogout
|
|
);
|
|
Assert.ok(
|
|
!registered.value,
|
|
"Should not be still registered because disconnect failed."
|
|
);
|
|
|
|
// Close tabs.
|
|
await BrowserTestUtils.removeTab(tab);
|
|
await SpecialPowers.popPrefEnv();
|
|
});
|
|
|
|
add_task(async function test_nothing_on_manifest_failure() {
|
|
await SpecialPowers.pushPrefEnv({
|
|
set: [
|
|
[
|
|
"dom.security.credentialmanagement.identity.select_first_in_ui_lists",
|
|
true,
|
|
],
|
|
[
|
|
"dom.security.credentialmanagement.identity.reject_delay.enabled",
|
|
false,
|
|
],
|
|
],
|
|
});
|
|
|
|
const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.net"),
|
|
{}
|
|
);
|
|
const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
|
|
Services.io.newURI("https://example.com"),
|
|
{}
|
|
);
|
|
|
|
// Set two accounts as registered
|
|
this.IdentityCredentialStorageService.setState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"connected",
|
|
true,
|
|
false
|
|
);
|
|
|
|
let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
|
|
|
|
await SpecialPowers.spawn(tab.linkedBrowser, [], disconnectManifestFailure);
|
|
|
|
let registered = {};
|
|
let allowLogout = {};
|
|
IdentityCredentialStorageService.getState(
|
|
rpPrincipal,
|
|
idpPrincipal,
|
|
"connected",
|
|
registered,
|
|
allowLogout
|
|
);
|
|
Assert.ok(
|
|
registered.value,
|
|
"Should be registered because the disconnect failed finding a manifest"
|
|
);
|
|
|
|
// Close tabs.
|
|
await BrowserTestUtils.removeTab(tab);
|
|
await SpecialPowers.popPrefEnv();
|
|
});
|