summaryrefslogtreecommitdiffstats
path: root/dom/webauthn/tests/test_webauthn_no_token.html
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
commit36d22d82aa202bb199967e9512281e9a53db42c9 (patch)
tree105e8c98ddea1c1e4784a60a5a6410fa416be2de /dom/webauthn/tests/test_webauthn_no_token.html
parentInitial commit. (diff)
downloadfirefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz
firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/webauthn/tests/test_webauthn_no_token.html')
-rw-r--r--dom/webauthn/tests/test_webauthn_no_token.html87
1 files changed, 87 insertions, 0 deletions
diff --git a/dom/webauthn/tests/test_webauthn_no_token.html b/dom/webauthn/tests/test_webauthn_no_token.html
new file mode 100644
index 0000000000..0d89fd94ad
--- /dev/null
+++ b/dom/webauthn/tests/test_webauthn_no_token.html
@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<head>
+ <title>Test for W3C Web Authentication with no token</title>
+ <script src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="u2futil.js"></script>
+ <script type="text/javascript" src="pkijs/common.js"></script>
+ <script type="text/javascript" src="pkijs/asn1.js"></script>
+ <script type="text/javascript" src="pkijs/x509_schema.js"></script>
+ <script type="text/javascript" src="pkijs/x509_simpl.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+<h1>Test for W3C Web Authentication with no token</h1>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozilla Bug 1309284</a>
+
+<script class="testbody" type="text/javascript">
+"use strict";
+
+is(navigator.authentication, undefined, "navigator.authentication does not exist any longer");
+isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist");
+isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist");
+isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist");
+
+let credm;
+let credentialChallenge;
+let assertionChallenge;
+let credentialId;
+
+// Setup test env
+add_task(() => {
+ credentialChallenge = new Uint8Array(16);
+ window.crypto.getRandomValues(credentialChallenge);
+ assertionChallenge = new Uint8Array(16);
+ window.crypto.getRandomValues(assertionChallenge);
+ credentialId = new Uint8Array(128);
+ window.crypto.getRandomValues(credentialId);
+ credm = navigator.credentials;
+ // Turn off all tokens. This should result in "not allowed" failures
+ return SpecialPowers.pushPrefEnv({"set": [
+ ["security.webauth.webauthn_enable_softtoken", false],
+ ["security.webauth.webauthn_enable_usbtoken", false],
+ ]});
+});
+
+add_task(async function test_no_token_make_credential() {
+ let rp = {id: document.domain, name: "none", icon: "none"};
+ let user = {id: new Uint8Array(), name: "none", icon: "none", displayName: "none"};
+ let param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256};
+ let makeCredentialOptions = {
+ rp, user, challenge: credentialChallenge, pubKeyCredParams: [param]
+ };
+ return credm.create({publicKey: makeCredentialOptions})
+ .then(function(aResult) {
+ ok(false, "Should have failed.");
+ })
+ .catch(function(aReason) {
+ ok(aReason.toString().startsWith("NotAllowedError"), aReason);
+ });
+});
+
+add_task(async function test_no_token_get_assertion() {
+ let newCredential = {
+ type: "public-key",
+ id: credentialId,
+ transports: ["usb"],
+ }
+ let publicKeyCredentialRequestOptions = {
+ challenge: assertionChallenge,
+ timeout: 5000, // the minimum timeout is actually 15 seconds
+ rpId: document.domain,
+ allowCredentials: [newCredential]
+ };
+ return credm.get({publicKey: publicKeyCredentialRequestOptions})
+ .then(function(aResult) {
+ ok(false, "Should have failed.");
+ })
+ .catch(function(aReason) {
+ ok(aReason.toString().startsWith("NotAllowedError"), aReason);
+ })
+});
+
+</script>
+
+</body>
+</html>