diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /dom/webauthn/tests/test_webauthn_sameoriginwithancestors.html | |
parent | Initial commit. (diff) | |
download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/webauthn/tests/test_webauthn_sameoriginwithancestors.html')
-rw-r--r-- | dom/webauthn/tests/test_webauthn_sameoriginwithancestors.html | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/dom/webauthn/tests/test_webauthn_sameoriginwithancestors.html b/dom/webauthn/tests/test_webauthn_sameoriginwithancestors.html new file mode 100644 index 0000000000..7bb0ede1ec --- /dev/null +++ b/dom/webauthn/tests/test_webauthn_sameoriginwithancestors.html @@ -0,0 +1,107 @@ +<!DOCTYPE html> +<meta charset=utf-8> +<head> + <title>Test for MakeCredential for W3C Web Authentication (sameOriginWithAncestors = false)</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="u2futil.js"></script> + <script type="text/javascript" src="pkijs/common.js"></script> + <script type="text/javascript" src="pkijs/asn1.js"></script> + <script type="text/javascript" src="pkijs/x509_schema.js"></script> + <script type="text/javascript" src="pkijs/x509_simpl.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> + + <h1>Test Same Origin Policy for W3C Web Authentication (sameOriginWithAncestors = false)</h1> + <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1694639">Mozilla Bug 1694639</a> + + <script class="testbody" type="text/javascript"> + "use strict"; + + // Execute the full-scope test + SimpleTest.waitForExplicitFinish(); + + var gTrackedCredential = {}; + + function arrivingHereIsGood(aResult) { + ok(true, "Good result! Received a: " + aResult); + } + + function arrivingHereIsBad(aResult) { + ok(false, "Bad result! Received a: " + aResult); + } + + function expectNotAllowedError(aResult) { + ok(aResult == "NotAllowedError", "Expecting a NotAllowedError, got " + aResult); + } + + function keepThisPublicKeyCredential(aIdentifier) { + return function(aPublicKeyCredential) { + gTrackedCredential[aIdentifier] = { + type: "public-key", + id: new Uint8Array(aPublicKeyCredential.rawId), + transports: [ "usb" ], + } + return Promise.resolve(aPublicKeyCredential); + } + } + + add_task(async function runTests() { + let iframe = document.createElement("iframe"); + iframe.src = "https://example.org"; + document.body.appendChild(iframe); + await new Promise(resolve => iframe.addEventListener("load", resolve, {once: true})); + + is(navigator.authentication, undefined, "navigator.authentication does not exist any longer"); + isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist"); + isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist"); + isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist"); + + let credm = navigator.credentials; + + let chall = new Uint8Array(16); + window.crypto.getRandomValues(chall); + + let user = {id: new Uint8Array(16), name: "none", icon: "none", displayName: "none"}; + let param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256}; + + let rp = {id: document.domain, name: "none"}; + let makeCredentialOptions = { + rp, user, challenge: chall, pubKeyCredParams: [param] + }; + await credm.create({publicKey: makeCredentialOptions}) + .then(keepThisPublicKeyCredential("basic")) + .catch(arrivingHereIsBad); + + var testFuncs = [ + function (args) { + // Test create when sameOriginWithAncestors = false + let credentialOptions = { + rp: args.rp, user: args.user, challenge: args.challenge, pubKeyCredParams: [args.param] + }; + return this.content.window.navigator.credentials.create({publicKey: credentialOptions}) + .catch(e => Promise.reject(e.name)); + }, + function (args) { + // Test get when sameOriginWithAncestors = false + let publicKeyCredentialRequestOptions = { + challenge: args.challenge, + rpId: args.rp.id, + allowCredentials: [args.trackedCredential.basic] + }; + return this.content.window.navigator.credentials.get({publicKey: publicKeyCredentialRequestOptions}) + .catch(e => Promise.reject(e.name)); + }, + ]; + + let args = { user, param, rp, challenge: chall, trackedCredential: gTrackedCredential } + for(let func of testFuncs) { + await SpecialPowers.spawn(iframe, [args], func) + .then(arrivingHereIsBad) + .catch(expectNotAllowedError); + } + }); + </script> + +</body> +</html> |