summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/.well-known/web-identity
blob: 6f1260dbc373c19505e5d6c9a7328d63ef4eef2f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
import importlib
keys = importlib.import_module("credential-management.support.fedcm.keys")

def main(request, response):
  manifest_url = request.server.stash.take(keys.MANIFEST_URL_IN_MANIFEST_LIST_KEY)

  if manifest_url is None or not len(manifest_url):
    port = request.server.config.ports["https"][0]
    hostname = request.url_parts.hostname
    manifest_url = "https://{0}:{1}/credential-management/support/fedcm/manifest.py".format(
        hostname, str(port))
  else:
    try:
      manifest_url = manifest_url.decode()
    except (UnicodeDecodeError, AttributeError):
      pass

  if len(request.cookies) > 0:
    return (530, [], "Cookie should not be sent to manifest list endpoint")
  if request.headers.get(b"Accept") != b"application/json":
    return (531, [], "Wrong Accept")
  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
    return (532, [], "Wrong Sec-Fetch-Dest header")
  if request.headers.get(b"Referer"):
    return (533, [], "Should not have Referer")
  if request.headers.get(b"Origin"):
    return (534, [], "Should not have Origin")
  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
    return (535, [], "Wrong Sec-Fetch-Mode header")
  if request.headers.get(b"Sec-Fetch-Site") != b"cross-site":
    return (536, [], "Wrong Sec-Fetch-Site header")

  response.headers.set(b"Content-Type", b"application/json")

  return """
{{
  "provider_urls": [
    "{0}"
  ]
}}
""".format(manifest_url)