blob: cb2d026830fe2a885580ee5109b8dcaa63cb0717 [file] [log] [blame]
<!DOCTYPE html>
<title>Web Authentication API: PublicKeyCredential's [[create]] silent failure cases with a mock local authenticator.</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="./resources/util.js"></script>
<script>
// Default mock configuration. Tests need to override if they need different configuration.
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ silentFailure: true, local: { acceptAuthentication: false, acceptAttestation: false } });
promise_test(t => {
const options = {
publicKey: {
rp: {
name: "example.com"
},
user: {
name: "John Appleseed",
id: Base64URL.parse(testUserhandleBase64),
displayName: "John",
},
challenge: asciiToUint8Array("123456"),
pubKeyCredParams: [{ type: "public-key", alg: -35 }, { type: "public-key", alg: -257 }], // ES384, RS256
timeout: 10
}
};
return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.");
}, "PublicKeyCredential's [[create]] with unsupported public key credential parameters in a mock local authenticator.");
promise_test(async t => {
const privateKeyBase64 = await generatePrivateKeyBase64();
const credentialID = await calculateCredentialID(privateKeyBase64);
const credentialIDBase64 = base64encode(credentialID);
const options = {
publicKey: {
rp: {
name: "example.com"
},
user: {
name: "John Appleseed",
id: Base64URL.parse(testUserhandleBase64),
displayName: "John",
},
challenge: asciiToUint8Array("123456"),
pubKeyCredParams: [{ type: "public-key", alg: -7 }],
excludeCredentials: [{ type: "public-key", id: credentialID }],
timeout: 10
}
};
if (window.testRunner)
testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.").then(() => {
if (window.testRunner)
testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
});
}, "PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator.");
promise_test(async t => {
const privateKeyBase64 = await generatePrivateKeyBase64();
const credentialID = await calculateCredentialID(privateKeyBase64);
const credentialIDBase64 = base64encode(credentialID);
const options = {
publicKey: {
rp: {
name: "example.com"
},
user: {
name: "John Appleseed",
id: Base64URL.parse(testUserhandleBase64),
displayName: "John",
},
challenge: asciiToUint8Array("123456"),
pubKeyCredParams: [{ type: "public-key", alg: -7 }],
excludeCredentials: [
{ type: "public-key", id: credentialID, transports: ["usb"] },
{ type: "public-key", id: credentialID, transports: ["nfc"] },
{ type: "public-key", id: credentialID, transports: ["ble"] },
{ type: "public-key", id: credentialID, transports: ["internal"] }
],
timeout: 10
}
};
if (window.testRunner)
testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.").then(() => {
if (window.testRunner)
testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
});
}, "PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator. 2nd");
promise_test(t => {
const options = {
publicKey: {
rp: {
name: "example.com"
},
user: {
name: "John Appleseed",
id: Base64URL.parse(testUserhandleBase64),
displayName: "John",
},
challenge: asciiToUint8Array("123456"),
pubKeyCredParams: [{ type: "public-key", alg: -7 }],
timeout: 10
}
};
return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.");
}, "PublicKeyCredential's [[create]] without user consent in a mock local authenticator.");
promise_test(t => {
const options = {
publicKey: {
rp: {
name: "example.com"
},
user: {
name: "John Appleseed",
id: Base64URL.parse(testUserhandleBase64),
displayName: "John",
},
challenge: asciiToUint8Array("123456"),
pubKeyCredParams: [{ type: "public-key", alg: -7 }],
timeout: 10
}
};
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ silentFailure: true, local: { acceptAuthentication: true, acceptAttestation: false } });
return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.");
}, "PublicKeyCredential's [[create]] without private keys in a mock local authenticator.");
promise_test(async t => {
const privateKeyBase64 = await generatePrivateKeyBase64();
const credentialID = await calculateCredentialID(privateKeyBase64);
const credentialIDBase64 = base64encode(credentialID);
const options = {
publicKey: {
rp: {
name: "example.com"
},
user: {
name: "John Appleseed",
id: Base64URL.parse(testUserhandleBase64),
displayName: "John",
},
challenge: asciiToUint8Array("123456"),
pubKeyCredParams: [{ type: "public-key", alg: -7 }],
attestation: "direct",
timeout: 10
}
};
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ silentFailure: true, local: { acceptAuthentication: true, acceptAttestation: false, privateKeyBase64: privateKeyBase64 } });
return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.").then(() => {
if (window.testRunner)
testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
});
}, "PublicKeyCredential's [[create]] without attestation in a mock local authenticator.");
</script>