Google Git
Sign in
webkit / WebKit / e8d002692a080f8fdf102923e4f78f1d37981770 / . / LayoutTests / http / wpt / webauthn / public-key-credential-get-success-u2f.https.html
blob: c857114f977f49b6e3f53e448b7185baa01ad3ad [file] [log] [blame]
<!DOCTYPE html>
<title>Web Authentication API: PublicKeyCredential's [[get]] success cases with a mock u2f authenticator.</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="./resources/util.js"></script>
<script>
const defaultAppIDHash = "c2671b6eb9233197d5f2b1288a55ba4f0860f96f7199bba32fe6da7c3f0f31e5";
function checkResult(credential, isAppID = false, appIDHash = defaultAppIDHash)
{
// Check respond
assert_array_equals(Base64URL.parse(credential.id), Base64URL.parse(testU2fCredentialIdBase64));
assert_equals(credential.type, 'public-key');
assert_array_equals(new Uint8Array(credential.rawId), Base64URL.parse(testU2fCredentialIdBase64));
assert_equals(bytesToASCIIString(credential.response.clientDataJSON), '{"type":"webauthn.get","challenge":"MTIzNDU2","origin":"https://localhost:9443"}');
assert_equals(credential.response.userHandle, null);
if (!isAppID)
assert_not_exists(credential.getClientExtensionResults(), "appid");
else
assert_true(credential.getClientExtensionResults().appid);
// Check authData
const authData = decodeAuthData(new Uint8Array(credential.response.authenticatorData));
if (!isAppID)
assert_equals(bytesToHexString(authData.rpIdHash), "49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763");
else
assert_equals(bytesToHexString(authData.rpIdHash), appIDHash);
assert_equals(authData.flags, 1);
assert_equals(authData.counter, 59);
}
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential);
});
}, "PublicKeyCredential's [[get]] with minimum options in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }, { type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential);
});
}, "PublicKeyCredential's [[get]] with more allow credentials in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 500
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduConditionsNotSatisfiedOnlyResponseBase64, testU2fApduConditionsNotSatisfiedOnlyResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential);
});
}, "PublicKeyCredential's [[get]] with test of user presence in a mock hid authenticator.");
// With AppID extension
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential);
});
}, "PublicKeyCredential's [[get]] with empty extensions in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { appid: "https://localhost:666/appid" }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential);
});
}, "PublicKeyCredential's [[get]] with same site AppID but not used in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { appid: "" }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential, true);
});
}, "PublicKeyCredential's [[get]] with empty AppID in a mock hid authenticator.");
// FIXME: Sub domains need to be tested as well. However, localhost has no sub domains.
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { appid: "https://localhost:666/appid" }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential, true, "7eabc5cc3251bdc59115ef87b5f7ee74cb03747e39ba8341748565cc129c0719");
});
}, "PublicKeyCredential's [[get]] with an AppID in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }, { type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { appid: "" }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential);
});
}, "PublicKeyCredential's [[get]] with multiple credentials and AppID is not used in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }, { type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { appid: "" }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential, true);
});
}, "PublicKeyCredential's [[get]] with multiple credentials and AppID is used in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { appid: "https://localhost:666/appid" }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", canDowngrade: true, payloadBase64: [testCtapErrInvalidCredentialResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential);
});
}, "PublicKeyCredential's [[get]] with downgraded authenticator in a mock hid authenticator.");
promise_test(t => {
const options = {
publicKey: {
challenge: Base64URL.parse("MTIzNDU2"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testU2fCredentialIdBase64) }],
timeout: 100,
extensions: { appid: "https://localhost:666/appid" }
}
};
if (window.testRunner)
testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", canDowngrade: true, payloadBase64: [testCtapErrInvalidCredentialResponseBase64, testU2fApduWrongDataOnlyResponseBase64, testU2fSignResponse] } });
return navigator.credentials.get(options).then(credential => {
return checkResult(credential, true, "7eabc5cc3251bdc59115ef87b5f7ee74cb03747e39ba8341748565cc129c0719");
});
}, "PublicKeyCredential's [[get]] with downgraded authenticator in a mock hid authenticator. (AppID)");
</script>