File: signal-all-accepted-credentials.https.html

package info (click to toggle)
firefox 147.0.2-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,683,484 kB
  • sloc: cpp: 7,607,246; javascript: 6,533,185; ansic: 3,775,227; python: 1,415,393; xml: 634,561; asm: 438,951; java: 186,241; sh: 62,752; makefile: 18,079; objc: 13,092; perl: 12,808; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10; exp: 6
file content (119 lines) | stat: -rw-r--r-- 4,728 bytes parent folder | download | duplicates (13) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
<!DOCTYPE html>
<meta charset="utf-8">
<title>Signal all accepted credentials tests</title>
<meta name="timeout" content="long">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script src=helpers.js></script>

<body></body>
<script>
  "use strict";

  const authenticatorOptions = {
    protocol: "ctap2_1",
    hasResidentKey: true,
    isUserVerified: true,
    hasUserVerification: true,
  };

  const userId = Uint8Array.from([1, 2, 3, 4]);

  function createDiscoverableCredential() {
    return createCredential({
      options: {
        publicKey: {
          authenticatorSelection: {
            residentKey: "required",
          },
          user: {
            id: userId,
            name: "reimu",
            displayName: "Reimu Hakurei",
          }
        },
      },
    });
  }

  virtualAuthenticatorPromiseTest(async t => {
    return promise_rejects_dom(t, "SecurityError", PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: "umbrella-corporation.example.com",
      userId: base64urlEncode(userId),
      allAcceptedCredentialIds: [],
    }));
  }, authenticatorOptions, "signalAllAcceptedCredentials fails with SecurityError for invalid RP IDs");

  virtualAuthenticatorPromiseTest(async t => {
    return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: window.location.hostname,
      userId: "Not base 64 url",
      allAcceptedCredentialIds: [],
    }));
  }, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid userId base64url");

  virtualAuthenticatorPromiseTest(async t => {
    return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: window.location.hostname,
      userId: base64urlEncode(userId),
      allAcceptedCredentialIds: ["not base 64 url"],
    }));
  }, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid credential base64url");

  virtualAuthenticatorPromiseTest(async t => {
    const credential = await createDiscoverableCredential();
    await assertCredential(credential);
    PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: window.location.hostname,
      userId: base64urlEncode([5, 6, 7, 8]),
      allAcceptedCredentialIds: [],
    });
    await assertCredential(credential);
  }, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential for a different user id");

  virtualAuthenticatorPromiseTest(async t => {
    const credential = await createDiscoverableCredential();
    await assertCredential(credential);
    PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: window.location.hostname,
      userId: base64urlEncode(userId),
      allAcceptedCredentialIds: [credential.id],
    });
    await assertCredential(credential);
  }, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential if present on the list");

  virtualAuthenticatorPromiseTest(async t => {
    const credential = await createDiscoverableCredential();
    await assertCredential(credential);
    PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: window.location.hostname,
      userId: base64urlEncode(userId),
      allAcceptedCredentialIds: [],
    });
    return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
  }, authenticatorOptions, "signalAllAcceptedCredentials removes a credential present on the list for the correct user");

  virtualAuthenticatorPromiseTest(async t => {
    const credential = await createDiscoverableCredential();
    await assertCredential(credential);
    PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: window.location.hostname,
      userId: base64urlEncode(userId),
      allAcceptedCredentialIds: [base64urlEncode([1, 2, 3, 4])],
    });
    return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
  }, authenticatorOptions, "signalAllAcceptedCredentials with unrecognized credentials removes existing credential");

  virtualAuthenticatorPromiseTest(async t => {
    const credential = await createDiscoverableCredential();
    await assertCredential(credential);
    PublicKeyCredential.signalAllAcceptedCredentials({
      rpId: window.location.hostname,
      userId: base64urlEncode(userId),
      allAcceptedCredentialIds: [credential.id, base64urlEncode([1, 2, 3, 4])],
    });
    await assertCredential(credential);
  }, authenticatorOptions, "signalAllAcceptedCredentials with recognized and unrecognized credentials keeps the existing credential");
</script>