summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/credential-management/fedcm-disconnect.sub.https.html
blob: 300144fa72a086f630da0a3aeb69c22e4e53bd92 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<!DOCTYPE html>
<title>Federated Credential Management API disconnect() tests.</title>
<link rel="help" href="https://fedidcg.github.io/FedCM">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>

<body>

<script type="module">
import {fedcm_test,
        mark_signed_in,
        set_fedcm_cookie,
        disconnect_options,
        fedcm_get_and_select_first_account,
        request_options_with_mediation_required,
        alt_manifest_origin,
        alt_request_options_with_mediation_required,
        alt_disconnect_options,
        set_alt_fedcm_cookie} from './support/fedcm-helper.sub.js';

fedcm_test(async t => {
  await mark_signed_in();
  await set_fedcm_cookie();
  // Get at least one connected account that can be disconnected.
  const cred = await fedcm_get_and_select_first_account(t, request_options_with_mediation_required());
  // The IDP implementation will accept any account hint, so this is really testing that the user
  // agent eventually stops sending the requests to the IDP.
  // This test clears the connection just created above, but it also clears any previously existing
  // connected accounts, which helps the logic of the other tests.
  return new Promise(async resolve => {
    while (true) {
      try {
        await IdentityCredential.disconnect(disconnect_options("1234"));
      } catch(e) {
        resolve();
        break;
      }
    }
  });
}, "Repeatedly calling disconnect should eventually fail");

fedcm_test(async t => {
  const disconnect = IdentityCredential.disconnect(
      disconnect_options("nonExistent"));
  return promise_rejects_dom(t, 'NetworkError', disconnect);
}, 'Test that disconnect fails when there is no account to disconnect');

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, request_options_with_mediation_required());

  return IdentityCredential.disconnect(disconnect_options("1234"));
}, 'Test that disconnect succeeds when there is an account to disconnect');

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, request_options_with_mediation_required());

  await IdentityCredential.disconnect(disconnect_options("1234"));

  const disconnect = IdentityCredential.disconnect(disconnect_options("1234"));
  return promise_rejects_dom(t, 'NetworkError', disconnect);
}, 'Test that disconnecting the same account twice results in failure.');

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, request_options_with_mediation_required());
  // A connected account is guaranteed by the above, and IDP accepts any account hint, so this tests
  // that the user agent allows the request to go through to the IDP.
  return IdentityCredential.disconnect(disconnect_options("noMatch"));
}, 'Disconnect passing an incorrect ID can still succeed');

fedcm_test(async t => {
  await set_alt_fedcm_cookie();
  await mark_signed_in(alt_manifest_origin);
  await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
  await fedcm_get_and_select_first_account(t,
      request_options_with_mediation_required());

  // Await the first disconnect since they cannot happen in parallel. Both
  // should succeed.
  await IdentityCredential.disconnect(disconnect_options("1"));
  return IdentityCredential.disconnect(alt_disconnect_options("2"));
}, 'Disconnect is bound to each IDP');
</script>