summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/credential-management/support
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/credential-management/support')
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/manifest-token-nocors.json7
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/manifest_with_rp_mode.json6
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json10
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py2
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/set_accounts_cookie.py21
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/token.py3
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py12
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py50
8 files changed, 93 insertions, 18 deletions
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/manifest-token-nocors.json b/testing/web-platform/tests/credential-management/support/fedcm/manifest-token-nocors.json
new file mode 100644
index 0000000000..77ba1b4702
--- /dev/null
+++ b/testing/web-platform/tests/credential-management/support/fedcm/manifest-token-nocors.json
@@ -0,0 +1,7 @@
+{
+ "accounts_endpoint": "accounts.py",
+ "client_metadata_endpoint": "client_metadata.py",
+ "id_assertion_endpoint": "token.py?nocors=1",
+ "disconnect_endpoint": "disconnect.py",
+ "login_url": "login.html"
+}
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_rp_mode.json b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_rp_mode.json
new file mode 100644
index 0000000000..5692fd9190
--- /dev/null
+++ b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_rp_mode.json
@@ -0,0 +1,6 @@
+{
+ "accounts_endpoint": "two_accounts.py",
+ "client_metadata_endpoint": "client_metadata.py",
+ "id_assertion_endpoint": "token_with_rp_mode.py",
+ "login_url": "login.html"
+}
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json
index 10c2ddd55d..9e4af25004 100644
--- a/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json
+++ b/testing/web-platform/tests/credential-management/support/fedcm/manifest_with_variable_accounts.json
@@ -2,5 +2,13 @@
"accounts_endpoint": "variable_accounts.py",
"client_metadata_endpoint": "client_metadata.py",
"id_assertion_endpoint": "token_with_account_id.py",
- "login_url": "login.html"
+ "login_url": "login.html",
+ "modes": {
+ "button": {
+ "supports_use_other_account": true
+ },
+ "widget": {
+ "supports_use_other_account": true
+ }
+ }
}
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py b/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py
index daf91aad8f..b774496d5d 100644
--- a/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py
@@ -80,6 +80,8 @@ def tokenCheck(request):
return (544, [], "Missing 'account_id' POST parameter")
if not request.POST.get(b"disclosure_text_shown"):
return (545, [], "Missing 'disclosure_text_shown' POST parameter")
+ if not request.headers.get(b"Origin"):
+ return (540, [], "Missing Origin")
def revokeCheck(request):
common_error = commonCheck(request, b"cors")
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/set_accounts_cookie.py b/testing/web-platform/tests/credential-management/support/fedcm/set_accounts_cookie.py
new file mode 100644
index 0000000000..ab34992210
--- /dev/null
+++ b/testing/web-platform/tests/credential-management/support/fedcm/set_accounts_cookie.py
@@ -0,0 +1,21 @@
+def main(request, response):
+ query_string = request.url_parts[3]
+ # We mark the cookie as HttpOnly so that this request
+ # can be made before login.html, which would overwrite
+ # the value to 1.
+ header_value = "accounts={}; SameSite=None; Secure; HttpOnly".format(query_string)
+ response.headers.set(b"Set-Cookie", header_value.encode("utf-8"))
+ response.headers.set(b"Content-Type", b"text/html")
+
+ return """
+<!DOCTYPE html>
+<script>
+// The important part of this page are the headers.
+
+// If this page was opened as a popup, notify the opener.
+if (window.opener) {
+ window.opener.postMessage("done_loading", "*");
+}
+</script>
+Sent header value: {}".format(header_value)
+"""
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/token.py b/testing/web-platform/tests/credential-management/support/fedcm/token.py
index b914eb2d96..7ec81c390a 100644
--- a/testing/web-platform/tests/credential-management/support/fedcm/token.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/token.py
@@ -7,5 +7,8 @@ def main(request, response):
return request_error
response.headers.set(b"Content-Type", b"application/json")
+ if b"nocors" not in request.GET:
+ response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"Origin"))
+ response.headers.set(b"Access-Control-Allow-Credentials", "true")
return "{\"token\": \"token\"}"
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py b/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py
new file mode 100644
index 0000000000..515736416f
--- /dev/null
+++ b/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py
@@ -0,0 +1,12 @@
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
+
+def main(request, response):
+ request_error = error_checker.tokenCheck(request)
+ if (request_error):
+ return request_error
+
+ response.headers.set(b"Content-Type", b"application/json")
+
+ rp_mode = request.POST.get(b"mode")
+ return "{\"token\": \"mode=" + rp_mode.decode("utf-8") + "\"}"
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py b/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py
index c9db2c4528..fc4446acc4 100644
--- a/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/variable_accounts.py
@@ -1,25 +1,14 @@
import importlib
error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
-def main(request, response):
- request_error = error_checker.accountsCheck(request)
- if (request_error):
- return request_error
-
- response.headers.set(b"Content-Type", b"application/json")
-
- if request.cookies.get(b"accounts") != b"1":
- return """
-{
- "accounts": [
- ]
-}
+result_json = """
+{{
+ "accounts": [{}]
+}}
"""
-
- return """
+one_account = """
{
- "accounts": [{
"id": "1234",
"given_name": "John",
"name": "John Doe",
@@ -28,6 +17,33 @@ def main(request, response):
"approved_clients": ["123", "456", "789"],
"login_hints": ["john_doe"],
"hosted_domains": ["idp.example", "example"]
- }]
+ }
+"""
+
+
+two_accounts = one_account + """
+, {
+ "id": "jane_doe",
+ "given_name": "Jane",
+ "name": "Jane Doe",
+ "email": "jane_doe@idp.example",
+ "picture": "https://idp.example/profile/5678",
+ "approved_clients": ["123", "abc"]
}
"""
+
+def main(request, response):
+ request_error = error_checker.accountsCheck(request)
+ if (request_error):
+ return request_error
+
+ response.headers.set(b"Content-Type", b"application/json")
+
+ if request.cookies.get(b"accounts") == b"1":
+ return result_json.format(one_account)
+ if request.cookies.get(b"accounts") == b"2":
+ return result_json.format(two_accounts)
+
+ return result_json.format("")
+
+