summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/webauthn/createcredential-resident-key.https.html
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 09:22:09 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 09:22:09 +0000
commit43a97878ce14b72f0981164f87f2e35e14151312 (patch)
tree620249daf56c0258faa40cbdcf9cfba06de2a846 /testing/web-platform/tests/webauthn/createcredential-resident-key.https.html
parentInitial commit. (diff)
downloadfirefox-upstream.tar.xz
firefox-upstream.zip
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/webauthn/createcredential-resident-key.https.html')
-rw-r--r--testing/web-platform/tests/webauthn/createcredential-resident-key.https.html178
1 files changed, 178 insertions, 0 deletions
diff --git a/testing/web-platform/tests/webauthn/createcredential-resident-key.https.html b/testing/web-platform/tests/webauthn/createcredential-resident-key.https.html
new file mode 100644
index 0000000000..d64ec14c00
--- /dev/null
+++ b/testing/web-platform/tests/webauthn/createcredential-resident-key.https.html
@@ -0,0 +1,178 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="utf-8">
+<title>navigator.credentials.create() test with residentKey and credProps</title>
+<meta name="timeout" content="long">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<script src=helpers.js></script>
+<script>
+
+"use strict";
+const credPropsTests = [
+ {
+ name: "U2F",
+ authenticatorArgs: {
+ protocol: "ctap1/u2f",
+ },
+ expected: {
+ discouraged: {
+ success: true,
+ hasRk: true,
+ rk: false,
+ },
+ preferred: {
+ success: true,
+ hasRk: true,
+ rk: false,
+ },
+ required: {
+ success: false,
+ },
+ },
+ },
+ {
+ name: "CTAP 2.0 without resident key support",
+ authenticatorArgs: {
+ protocol: "ctap2",
+ hasResidentKey: false,
+ hasUserVerification: true,
+ isUserVerified: true,
+ },
+ expected: {
+ discouraged: {
+ success: true,
+ hasRk: true,
+ rk: false,
+ },
+ preferred: {
+ success: true,
+ hasRk: true,
+ rk: false,
+ },
+ required: {
+ success: false,
+ },
+ },
+ },
+ {
+ name: "CTAP 2.0 with resident key support",
+ authenticatorArgs: {
+ protocol: "ctap2",
+ hasResidentKey: true,
+ hasUserVerification: true,
+ isUserVerified: true,
+ },
+ expected: {
+ discouraged: {
+ success: true,
+ // CTAP2.0 authenticators may treat all credentials as discoverable,
+ // thus Chrome omits 'rk' in this case.
+ hasRk: false,
+ },
+ preferred: {
+ success: true,
+ hasRk: true,
+ rk: true,
+ },
+ required: {
+ success: true,
+ hasRk: true,
+ rk: true,
+ },
+ },
+ },
+ {
+ name: "CTAP 2.1 without resident key support",
+ authenticatorArgs: {
+ protocol: "ctap2_1",
+ hasResidentKey: false,
+ hasUserVerification: true,
+ isUserVerified: true,
+ },
+ expected: {
+ discouraged: {
+ success: true,
+ hasRk: true,
+ rk: false,
+ },
+ preferred: {
+ success: true,
+ hasRk: true,
+ rk: false,
+ },
+ required: {
+ success: false,
+ },
+ },
+ },
+ {
+ name: "CTAP 2.1 with resident key support",
+ authenticatorArgs: {
+ protocol: "ctap2_1",
+ hasResidentKey: true,
+ hasUserVerification: true,
+ isUserVerified: true,
+ },
+ expected: {
+ discouraged: {
+ success: true,
+ hasRk: true,
+ rk: false,
+ },
+ preferred: {
+ success: true,
+ hasRk: true,
+ rk: true,
+ },
+ required: {
+ success: true,
+ hasRk: true,
+ rk: true,
+ },
+ },
+ },
+];
+
+for (const fixture of credPropsTests) {
+ for (const rkRequirement of ["discouraged", "preferred", "required"]) {
+ virtualAuthenticatorPromiseTest(async t => {
+ const promise = createCredential({
+ options: {
+ publicKey: {
+ authenticatorSelection: {
+ residentKey: rkRequirement,
+ },
+ extensions: {
+ credProps: true,
+ },
+ },
+ },
+ });
+
+ assert_true(rkRequirement in fixture.expected);
+ const expected = fixture.expected[rkRequirement];
+ assert_true('success' in expected);
+ if (!expected.success) {
+ return promise_rejects_dom(t, "NotAllowedError", promise);
+ }
+
+ const cred = await promise;
+ assert_true('credProps' in cred.getClientExtensionResults());
+ const credProps = cred.getClientExtensionResults().credProps;
+ assert_equals('rk' in credProps, expected.hasRk, "hasRk");
+ if (expected.hasRk) {
+ assert_equals(credProps.rk, expected.rk, "rk");
+ }
+ }, fixture.authenticatorArgs, fixture.name
+ + ": navigator.credentials.create() with credProps extension, rk="
+ + rkRequirement);
+ }
+}
+</script>
+</head>
+<body></body>
+</html>