summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/credential-management/fedcm-userinfo.https.html
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/credential-management/fedcm-userinfo.https.html')
-rw-r--r--testing/web-platform/tests/credential-management/fedcm-userinfo.https.html70
1 files changed, 70 insertions, 0 deletions
diff --git a/testing/web-platform/tests/credential-management/fedcm-userinfo.https.html b/testing/web-platform/tests/credential-management/fedcm-userinfo.https.html
new file mode 100644
index 0000000000..d460d82845
--- /dev/null
+++ b/testing/web-platform/tests/credential-management/fedcm-userinfo.https.html
@@ -0,0 +1,70 @@
+<!DOCTYPE html>
+<title>Federated Credential Management API getUserInfo() tests.</title>
+<link rel="help" href="https://fedidcg.github.io/FedCM">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+
+<body>
+
+<script type="module">
+import {alt_manifest_origin,
+ alt_request_options_with_mediation_required,
+ fedcm_test,
+ fedcm_get_and_select_first_account} from './support/fedcm-helper.sub.js';
+
+async function createIframeWithPermissionPolicyAndWaitForMessage(test, iframeUrl) {
+ const messageWatcher = new EventWatcher(test, window, "message");
+ let iframe = document.createElement("iframe");
+ iframe.src = iframeUrl;
+ iframe.allow = "identity-credentials-get";
+ document.body.appendChild(iframe);
+ const message = await messageWatcher.wait_for("message");
+ return message.data;
+}
+
+fedcm_test(async t => {
+ const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
+ assert_equals(cred.token, "token");
+
+ const iframe_in_idp_scope = `${alt_manifest_origin}/\
+credential-management/support/fedcm/userinfo-iframe.html`;
+ const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
+ assert_equals(message.result, "Pass");
+ assert_equals(message.numAccounts, 1);
+ assert_equals(message.firstAccountEmail, "john_doe@idp.example");
+ assert_equals(message.firstAccountName, "John Doe");
+ assert_equals(message.firstAccountGivenName, "John");
+ assert_equals(message.firstAccountPicture, "https://idp.example/profile/123");
+}, 'Test basic User InFo API flow');
+
+fedcm_test(async t => {
+ const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
+ assert_equals(cred.token, "token");
+
+ const iframe_in_idp_scope = `support/fedcm/userinfo-iframe.html`;
+ const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
+ assert_equals(message.result, "Fail");
+}, 'Test that User Info API only works when invoked from iframe that is same origin as the IDP');
+
+fedcm_test(async t => {
+ const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
+ assert_equals(cred.token, "token");
+
+ try {
+ const manifest_path = `${alt_manifest_origin}/\
+credential-management/support/fedcm/manifest.py`;
+ const user_info = await IdentityProvider.getUserInfo({
+ configURL: manifest_path,
+ // Approved client
+ clientId: '123',
+ });
+ assert_unreached("Failure message");
+ } catch (error) {
+ assert_equals(error.message, "UserInfo request must be initiated from a frame that is the same origin with the provider.");
+ // Expect failure
+ }
+}, 'Test that User Info API does not work in the top frame');
+
+</script>