diff options
Diffstat (limited to 'dom/webauthn/tests/test_webauthn_no_token.html')
-rw-r--r-- | dom/webauthn/tests/test_webauthn_no_token.html | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/dom/webauthn/tests/test_webauthn_no_token.html b/dom/webauthn/tests/test_webauthn_no_token.html new file mode 100644 index 0000000000..0d89fd94ad --- /dev/null +++ b/dom/webauthn/tests/test_webauthn_no_token.html @@ -0,0 +1,87 @@ +<!DOCTYPE html> +<meta charset=utf-8> +<head> + <title>Test for W3C Web Authentication with no token</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="u2futil.js"></script> + <script type="text/javascript" src="pkijs/common.js"></script> + <script type="text/javascript" src="pkijs/asn1.js"></script> + <script type="text/javascript" src="pkijs/x509_schema.js"></script> + <script type="text/javascript" src="pkijs/x509_simpl.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> + +<h1>Test for W3C Web Authentication with no token</h1> +<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozilla Bug 1309284</a> + +<script class="testbody" type="text/javascript"> +"use strict"; + +is(navigator.authentication, undefined, "navigator.authentication does not exist any longer"); +isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist"); +isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist"); +isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist"); + +let credm; +let credentialChallenge; +let assertionChallenge; +let credentialId; + +// Setup test env +add_task(() => { + credentialChallenge = new Uint8Array(16); + window.crypto.getRandomValues(credentialChallenge); + assertionChallenge = new Uint8Array(16); + window.crypto.getRandomValues(assertionChallenge); + credentialId = new Uint8Array(128); + window.crypto.getRandomValues(credentialId); + credm = navigator.credentials; + // Turn off all tokens. This should result in "not allowed" failures + return SpecialPowers.pushPrefEnv({"set": [ + ["security.webauth.webauthn_enable_softtoken", false], + ["security.webauth.webauthn_enable_usbtoken", false], + ]}); +}); + +add_task(async function test_no_token_make_credential() { + let rp = {id: document.domain, name: "none", icon: "none"}; + let user = {id: new Uint8Array(), name: "none", icon: "none", displayName: "none"}; + let param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256}; + let makeCredentialOptions = { + rp, user, challenge: credentialChallenge, pubKeyCredParams: [param] + }; + return credm.create({publicKey: makeCredentialOptions}) + .then(function(aResult) { + ok(false, "Should have failed."); + }) + .catch(function(aReason) { + ok(aReason.toString().startsWith("NotAllowedError"), aReason); + }); +}); + +add_task(async function test_no_token_get_assertion() { + let newCredential = { + type: "public-key", + id: credentialId, + transports: ["usb"], + } + let publicKeyCredentialRequestOptions = { + challenge: assertionChallenge, + timeout: 5000, // the minimum timeout is actually 15 seconds + rpId: document.domain, + allowCredentials: [newCredential] + }; + return credm.get({publicKey: publicKeyCredentialRequestOptions}) + .then(function(aResult) { + ok(false, "Should have failed."); + }) + .catch(function(aReason) { + ok(aReason.toString().startsWith("NotAllowedError"), aReason); + }) +}); + +</script> + +</body> +</html> |