summaryrefslogtreecommitdiffstats
path: root/dom/webauthn/tests/browser/browser_webauthn_prompts.js
diff options
context:
space:
mode:
Diffstat (limited to 'dom/webauthn/tests/browser/browser_webauthn_prompts.js')
-rw-r--r--dom/webauthn/tests/browser/browser_webauthn_prompts.js104
1 files changed, 23 insertions, 81 deletions
diff --git a/dom/webauthn/tests/browser/browser_webauthn_prompts.js b/dom/webauthn/tests/browser/browser_webauthn_prompts.js
index 05c77271d5..68f1bf81f4 100644
--- a/dom/webauthn/tests/browser/browser_webauthn_prompts.js
+++ b/dom/webauthn/tests/browser/browser_webauthn_prompts.js
@@ -43,34 +43,26 @@ add_task(async function test_setup_usbtoken() {
});
add_task(test_register);
add_task(test_register_escape);
-add_task(test_register_direct_cancel);
-add_task(test_register_direct_presence);
add_task(test_sign);
add_task(test_sign_escape);
add_task(test_tab_switching);
add_task(test_window_switching);
-add_task(async function test_setup_fullscreen() {
+add_task(async function test_setup_softtoken() {
+ gAuthenticatorId = add_virtual_authenticator();
return SpecialPowers.pushPrefEnv({
set: [
["browser.fullscreen.autohide", true],
["full-screen-api.enabled", true],
["full-screen-api.allow-trusted-requests-only", false],
- ],
- });
-});
-add_task(test_fullscreen_show_nav_toolbar);
-add_task(test_no_fullscreen_dom);
-add_task(async function test_setup_softtoken() {
- gAuthenticatorId = add_virtual_authenticator();
- return SpecialPowers.pushPrefEnv({
- set: [
["security.webauth.webauthn_enable_softtoken", true],
["security.webauth.webauthn_enable_usbtoken", false],
],
});
});
-add_task(test_register_direct_proceed);
-add_task(test_register_direct_proceed_anon);
+add_task(test_fullscreen_show_nav_toolbar);
+add_task(test_no_fullscreen_dom);
+add_task(test_register_direct_with_consent);
+add_task(test_register_direct_without_consent);
add_task(test_select_sign_result);
function promiseNavToolboxStatus(aExpectedStatus) {
@@ -215,53 +207,6 @@ async function test_sign_escape() {
await BrowserTestUtils.removeTab(tab);
}
-async function test_register_direct_cancel() {
- // Open a new tab.
- let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
-
- // Request a new credential with direct attestation and wait for the prompt.
- let active = true;
- let promise = promiseWebAuthnMakeCredential(tab, "direct")
- .then(arrivingHereIsBad)
- .catch(expectNotAllowedError)
- .then(() => (active = false));
- await promiseNotification("webauthn-prompt-register-direct");
-
- // Cancel the request.
- ok(active, "request should still be active");
- PopupNotifications.panel.firstElementChild.secondaryButton.click();
- await promise;
-
- // Close tab.
- await BrowserTestUtils.removeTab(tab);
-}
-
-async function test_register_direct_presence() {
- // Open a new tab.
- let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
-
- // Request a new credential with direct attestation and wait for the prompt.
- let active = true;
- let promise = promiseWebAuthnMakeCredential(tab, "direct")
- .then(arrivingHereIsBad)
- .catch(expectNotAllowedError)
- .then(() => (active = false));
- await promiseNotification("webauthn-prompt-register-direct");
-
- // Click "proceed" and wait for presence prompt
- let presence = promiseNotification("webauthn-prompt-presence");
- PopupNotifications.panel.firstElementChild.button.click();
- await presence;
-
- // Cancel the request.
- ok(active, "request should still be active");
- PopupNotifications.panel.firstElementChild.button.click();
- await promise;
-
- // Close tab.
- await BrowserTestUtils.removeTab(tab);
-}
-
// Add two tabs, open WebAuthn in the first, switch, assert the prompt is
// not visible, switch back, assert the prompt is there and cancel it.
async function test_tab_switching() {
@@ -359,7 +304,7 @@ async function test_window_switching() {
await BrowserTestUtils.removeTab(tab);
}
-async function test_register_direct_proceed() {
+async function test_register_direct_with_consent() {
// Open a new tab.
let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
@@ -367,7 +312,7 @@ async function test_register_direct_proceed() {
let request = promiseWebAuthnMakeCredential(tab, "direct");
await promiseNotification("webauthn-prompt-register-direct");
- // Proceed.
+ // Click "Allow".
PopupNotifications.panel.firstElementChild.button.click();
// Ensure we got "direct" attestation.
@@ -377,7 +322,7 @@ async function test_register_direct_proceed() {
await BrowserTestUtils.removeTab(tab);
}
-async function test_register_direct_proceed_anon() {
+async function test_register_direct_without_consent() {
// Open a new tab.
let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
@@ -385,9 +330,8 @@ async function test_register_direct_proceed_anon() {
let request = promiseWebAuthnMakeCredential(tab, "direct");
await promiseNotification("webauthn-prompt-register-direct");
- // Check "anonymize anyway" and proceed.
- PopupNotifications.panel.firstElementChild.checkbox.checked = true;
- PopupNotifications.panel.firstElementChild.button.click();
+ // Click "Block".
+ PopupNotifications.panel.firstElementChild.secondaryButton.click();
// Ensure we got "none" attestation.
await request.then(verifyAnonymizedCertificate);
@@ -438,23 +382,22 @@ async function test_fullscreen_show_nav_toolbar() {
await navToolboxHiddenPromise;
- // Request a new credential and wait for the direct attestation consent
- // prompt.
+ // Request a new credential with direct attestation. The consent prompt will
+ // keep the request active until we can verify that the nav toolbar is shown.
let promptPromise = promiseNotification("webauthn-prompt-register-direct");
let navToolboxShownPromise = promiseNavToolboxStatus("shown");
let active = true;
- let requestPromise = promiseWebAuthnMakeCredential(tab, "direct")
- .then(arrivingHereIsBad)
- .catch(expectNotAllowedError)
- .then(() => (active = false));
+ let requestPromise = promiseWebAuthnMakeCredential(tab, "direct").then(
+ () => (active = false)
+ );
await Promise.all([promptPromise, navToolboxShownPromise]);
ok(active, "request is active");
ok(window.fullScreen, "window is fullscreen");
- // Cancel the request.
+ // Proceed through the consent prompt.
PopupNotifications.panel.firstElementChild.secondaryButton.click();
await requestPromise;
@@ -475,23 +418,22 @@ async function test_no_fullscreen_dom() {
await fullScreenPaintPromise;
ok(!!document.fullscreenElement, "a DOM element is fullscreen");
- // Request a new credential and wait for the direct attestation consent
- // prompt.
+ // Request a new credential with direct attestation. The consent prompt will
+ // keep the request active until we can verify that we've left fullscreen.
let promptPromise = promiseNotification("webauthn-prompt-register-direct");
fullScreenPaintPromise = promiseFullScreenPaint();
let active = true;
- let requestPromise = promiseWebAuthnMakeCredential(tab, "direct")
- .then(arrivingHereIsBad)
- .catch(expectNotAllowedError)
- .then(() => (active = false));
+ let requestPromise = promiseWebAuthnMakeCredential(tab, "direct").then(
+ () => (active = false)
+ );
await Promise.all([promptPromise, fullScreenPaintPromise]);
ok(active, "request is active");
ok(!document.fullscreenElement, "no DOM element is fullscreen");
- // Cancel the request.
+ // Proceed through the consent prompt.
await waitForPopupNotificationSecurityDelay();
PopupNotifications.panel.firstElementChild.secondaryButton.click();
await requestPromise;
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-23 11:00:50 +0000