summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/credential-management/fedcm-userinfo.https.html
blob: d460d82845282f00e0164590c552bcd73ca15255 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<!DOCTYPE html>
<title>Federated Credential Management API getUserInfo() tests.</title>
<link rel="help" href="https://fedidcg.github.io/FedCM">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>

<body>

<script type="module">
import {alt_manifest_origin,
        alt_request_options_with_mediation_required,
        fedcm_test,
        fedcm_get_and_select_first_account} from './support/fedcm-helper.sub.js';

async function createIframeWithPermissionPolicyAndWaitForMessage(test, iframeUrl) {
    const messageWatcher = new EventWatcher(test, window, "message");
    let iframe = document.createElement("iframe");
    iframe.src = iframeUrl;
    iframe.allow = "identity-credentials-get";
    document.body.appendChild(iframe);
    const message = await messageWatcher.wait_for("message");
    return message.data;
}

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
  assert_equals(cred.token, "token");

  const iframe_in_idp_scope = `${alt_manifest_origin}/\
credential-management/support/fedcm/userinfo-iframe.html`;
  const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
  assert_equals(message.result, "Pass");
  assert_equals(message.numAccounts, 1);
  assert_equals(message.firstAccountEmail, "john_doe@idp.example");
  assert_equals(message.firstAccountName, "John Doe");
  assert_equals(message.firstAccountGivenName, "John");
  assert_equals(message.firstAccountPicture, "https://idp.example/profile/123");
}, 'Test basic User InFo API flow');

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
  assert_equals(cred.token, "token");

  const iframe_in_idp_scope = `support/fedcm/userinfo-iframe.html`;
  const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
  assert_equals(message.result, "Fail");
}, 'Test that User Info API only works when invoked from iframe that is same origin as the IDP');

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
  assert_equals(cred.token, "token");

  try {
   const manifest_path = `${alt_manifest_origin}/\
credential-management/support/fedcm/manifest.py`;
    const user_info = await IdentityProvider.getUserInfo({
      configURL: manifest_path,
      // Approved client
      clientId: '123',
    });
    assert_unreached("Failure message");
  } catch (error) {
    assert_equals(error.message, "UserInfo request must be initiated from a frame that is the same origin with the provider.");
    // Expect failure
  }
}, 'Test that User Info API does not work in the top frame');

</script>