diff options
Diffstat (limited to 'testing/web-platform/tests/credential-management/support')
8 files changed, 93 insertions, 18 deletions
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/manifest-token-nocors.json b/testing/web-platform/tests/credential-management/support/fedcm/manifest-token-nocors.json new file mode 100644 index 0000000000..77ba1b4702 --- /dev/null +++ b/testing/web-platform/tests/credential-management/support/fedcm/manifest-token-nocors.json @@ -0,0 +1,7 @@ +{ + "accounts_endpoint": "accounts.py", + "client_metadata_endpoint": "client_metadata.py", + "id_assertion_endpoint": "token.py?nocors=1", + "disconnect_endpoint": "disconnect.py", + "login_url": "login.html" +} diff --git a/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_rp_mode.json b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_rp_mode.json new file mode 100644 index 0000000000..5692fd9190 --- /dev/null +++ b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_rp_mode.json @@ -0,0 +1,6 @@ +{ + "accounts_endpoint": "two_accounts.py", + "client_metadata_endpoint": "client_metadata.py", + "id_assertion_endpoint": "token_with_rp_mode.py", + "login_url": "login.html" +} diff --git a/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json index 10c2ddd55d..9e4af25004 100644 --- a/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json +++ b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json @@ -2,5 +2,13 @@ "accounts_endpoint": "variable_accounts.py", "client_metadata_endpoint": "client_metadata.py", "id_assertion_endpoint": "token_with_account_id.py", - "login_url": "login.html" + "login_url": "login.html", + "modes": { + "button": { + "supports_use_other_account": true + }, + "widget": { + "supports_use_other_account": true + } + } } diff --git a/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py b/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py index daf91aad8f..b774496d5d 100644 --- a/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py +++ b/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py @@ -80,6 +80,8 @@ def tokenCheck(request): return (544, [], "Missing 'account_id' POST parameter") if not request.POST.get(b"disclosure_text_shown"): return (545, [], "Missing 'disclosure_text_shown' POST parameter") + if not request.headers.get(b"Origin"): + return (540, [], "Missing Origin") def revokeCheck(request): common_error = commonCheck(request, b"cors") diff --git a/testing/web-platform/tests/credential-management/support/fedcm/set_accounts_cookie.py b/testing/web-platform/tests/credential-management/support/fedcm/set_accounts_cookie.py new file mode 100644 index 0000000000..ab34992210 --- /dev/null +++ b/testing/web-platform/tests/credential-management/support/fedcm/set_accounts_cookie.py @@ -0,0 +1,21 @@ +def main(request, response): + query_string = request.url_parts[3] + # We mark the cookie as HttpOnly so that this request + # can be made before login.html, which would overwrite + # the value to 1. + header_value = "accounts={}; SameSite=None; Secure; HttpOnly".format(query_string) + response.headers.set(b"Set-Cookie", header_value.encode("utf-8")) + response.headers.set(b"Content-Type", b"text/html") + + return """ +<!DOCTYPE html> +<script> +// The important part of this page are the headers. + +// If this page was opened as a popup, notify the opener. +if (window.opener) { + window.opener.postMessage("done_loading", "*"); +} +</script> +Sent header value: {}".format(header_value) +""" diff --git a/testing/web-platform/tests/credential-management/support/fedcm/token.py b/testing/web-platform/tests/credential-management/support/fedcm/token.py index b914eb2d96..7ec81c390a 100644 --- a/testing/web-platform/tests/credential-management/support/fedcm/token.py +++ b/testing/web-platform/tests/credential-management/support/fedcm/token.py @@ -7,5 +7,8 @@ def main(request, response): return request_error response.headers.set(b"Content-Type", b"application/json") + if b"nocors" not in request.GET: + response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"Origin")) + response.headers.set(b"Access-Control-Allow-Credentials", "true") return "{\"token\": \"token\"}" diff --git a/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py b/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py new file mode 100644 index 0000000000..515736416f --- /dev/null +++ b/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py @@ -0,0 +1,12 @@ +import importlib +error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check") + +def main(request, response): + request_error = error_checker.tokenCheck(request) + if (request_error): + return request_error + + response.headers.set(b"Content-Type", b"application/json") + + rp_mode = request.POST.get(b"mode") + return "{\"token\": \"mode=" + rp_mode.decode("utf-8") + "\"}" diff --git a/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py b/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py index c9db2c4528..fc4446acc4 100644 --- a/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py +++ b/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py @@ -1,25 +1,14 @@ import importlib error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check") -def main(request, response): - request_error = error_checker.accountsCheck(request) - if (request_error): - return request_error - - response.headers.set(b"Content-Type", b"application/json") - - if request.cookies.get(b"accounts") != b"1": - return """ -{ - "accounts": [ - ] -} +result_json = """ +{{ + "accounts": [{}] +}} """ - - return """ +one_account = """ { - "accounts": [{ "id": "1234", "given_name": "John", "name": "John Doe", @@ -28,6 +17,33 @@ def main(request, response): "approved_clients": ["123", "456", "789"], "login_hints": ["john_doe"], "hosted_domains": ["idp.example", "example"] - }] + } +""" + + +two_accounts = one_account + """ +, { + "id": "jane_doe", + "given_name": "Jane", + "name": "Jane Doe", + "email": "jane_doe@idp.example", + "picture": "https://idp.example/profile/5678", + "approved_clients": ["123", "abc"] } """ + +def main(request, response): + request_error = error_checker.accountsCheck(request) + if (request_error): + return request_error + + response.headers.set(b"Content-Type", b"application/json") + + if request.cookies.get(b"accounts") == b"1": + return result_json.format(one_account) + if request.cookies.get(b"accounts") == b"2": + return result_json.format(two_accounts) + + return result_json.format("") + + |