1 files changed, 77 insertions, 0 deletions
diff --git a/testing/web-platform/tests/webauthn/getcredential-allowcredentials.https.html b/testing/web-platform/tests/webauthn/getcredential-allowcredentials.https.html
new file mode 100644
index 0000000000..0263774142
--- /dev/null
+++ b/testing/web-platform/tests/webauthn/getcredential-allowcredentials.https.html
@@ -0,0 +1,77 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>navigator.credentials.get() tests with allowCredentials</title>
+<meta name="timeout" content="long">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<script src=helpers.js></script>
+<body></body>
+<script>
+standardSetup(async function() {
+  "use strict";
+
+  promise_test(async t => {
+    await navigator.credentials.get({publicKey: {
+      challenge: new Uint8Array(),
+      allowCredentials: [{
+        id: (await createCredential()).rawId,
+        type: "public-key",
+      }],
+    }});
+  }, "navigator.credentials.get() with public-key allowCredentials.");
+
+  promise_test(async t => {
+    return promise_rejects_dom(t, "NotAllowedError",
+      navigator.credentials.get({publicKey: {
+        challenge: new Uint8Array(),
+        allowCredentials: [],
+      }}));
+  }, "navigator.credentials.get() with empty allowCredentials.");
+
+  promise_test(async t => {
+    return promise_rejects_dom(t, "NotAllowedError",
+      navigator.credentials.get({publicKey: {
+        challenge: new Uint8Array(),
+        allowCredentials: [{
+          id: (await createCredential()).rawId,
+          type: "not-yet-supported-by-browser",
+        }],
+      }}));
+  }, "navigator.credentials.get() with unknown allowCredentials.");
+
+  promise_test(async t => {
+    await navigator.credentials.get({publicKey: {
+      challenge: new Uint8Array(),
+      allowCredentials: [{
+        id: (await createCredential()).rawId,
+        type: "not-yet-supported-by-browser",
+      },
+      {
+        id: (await createCredential()).rawId,
+        type: "public-key",
+      }],
+    }});
+  }, "navigator.credentials.get() with mixing allowCredentials with first unknown type.");
+
+  promise_test(async t => {
+    await navigator.credentials.get({publicKey: {
+      challenge: new Uint8Array(),
+      allowCredentials: [{
+        id: (await createCredential()).rawId,
+        type: "public-key",
+      },
+      {
+        id: (await createCredential()).rawId,
+        type: "not-yet-supported-by-browser",
+      }],
+    }});
+  }, "navigator.credentials.get() with mixing allowCredentials with last unknown type.");
+}, {
+  protocol: "ctap2_1",
+  hasResidentKey: true,
+  hasUserVerification: true,
+  isUserVerified: true,
+});
+</script>