LayoutTests/http/wpt/webauthn/public-key-credential-create-failure-local.https.html - WebKit - Git at Google

 <!DOCTYPE html><!-- webkit-test-runner [ WebAuthenticationModernEnabled=false ] -->
 <title>Web Authentication API: PublicKeyCredential's [[create]] failure cases with a mock local authenticator.</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="./resources/util.js"></script>
 <script>
     // Default mock configuration. Tests need to override if they need different configuration.
     if (window.internals)
         internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "no", acceptAttestation: false } });

     promise_test(t => {
         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: Base64URL.parse(testUserhandleBase64),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -35 }, { type: "public-key", alg: -257 }], // ES384, RS256
             }
         };
         return promiseRejects(t, "NotSupportedError", navigator.credentials.create(options), "The platform attached authenticator doesn't support any provided PublicKeyCredentialParameters.");
     }, "PublicKeyCredential's [[create]] with unsupported public key credential parameters in a mock local authenticator.");

     promise_test(async t => {
         const privateKeyBase64 = await generatePrivateKeyBase64();
         const credentialID = await calculateCredentialID(privateKeyBase64);
         const credentialIDBase64 = base64encode(credentialID);

         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: Base64URL.parse(testUserhandleBase64),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
                 excludeCredentials: [{ type: "public-key", id: credentialID }]
             }
         };
         if (window.testRunner)
             testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
         return promiseRejects(t, "InvalidStateError", navigator.credentials.create(options), "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator.").then(() => {
             if (window.testRunner)
                 testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
         });
     }, "PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator.");

     promise_test(async t => {
         const privateKeyBase64 = await generatePrivateKeyBase64();
         const credentialID = await calculateCredentialID(privateKeyBase64);
         const credentialIDBase64 = base64encode(credentialID);

         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: Base64URL.parse(testUserhandleBase64),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
                 excludeCredentials: [
                     { type: "public-key", id: credentialID, transports: ["usb"] },
                     { type: "public-key", id: credentialID, transports: ["nfc"] },
                     { type: "public-key", id: credentialID, transports: ["ble"] },
                     { type: "public-key", id: credentialID, transports: ["internal"] }
                 ]
             }
         };
         if (window.testRunner)
             testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
         return promiseRejects(t, "InvalidStateError", navigator.credentials.create(options), "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator.").then(() => {
             if (window.testRunner)
                 testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
         });
     }, "PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator. 2nd");

     promise_test(t => {
         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: Base64URL.parse(testUserhandleBase64),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }]
             }
         };
         return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Couldn't verify user.");
     }, "PublicKeyCredential's [[create]] without user consent in a mock local authenticator.");

     promise_test(t => {
         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: Base64URL.parse(testUserhandleBase64),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }]
             }
         };
         if (window.internals)
             internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "yes", acceptAttestation: false } });
         return promiseRejects(t, "UnknownError", navigator.credentials.create(options), "Couldn't create private key.");
     }, "PublicKeyCredential's [[create]] without private keys in a mock local authenticator.");

     promise_test(async t => {
         const privateKeyBase64 = await generatePrivateKeyBase64();
         const credentialID = await calculateCredentialID(privateKeyBase64);
         const credentialIDBase64 = base64encode(credentialID);

         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: Base64URL.parse(testUserhandleBase64),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
                 attestation: "direct"
             }
         };
         if (window.internals)
             internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "yes", acceptAttestation: false, privateKeyBase64: privateKeyBase64 } });
         return promiseRejects(t, "UnknownError", navigator.credentials.create(options), "Couldn't attest: The operation couldn't complete.").then(() => {
             if (window.testRunner)
                 testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
         });
     }, "PublicKeyCredential's [[create]] without attestation in a mock local authenticator.");

     promise_test(async t => {
         const privateKeyBase64 = await generatePrivateKeyBase64();
         const credentialID = await calculateCredentialID(privateKeyBase64);
         const credentialIDBase64 = base64encode(credentialID);

         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: testUserhandleBase64,
                     id: Base64URL.parse(testUserhandleBase64),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }]
             }
         };
         if (window.internals) {
             internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "yes", acceptAttestation: false } });
             testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
         }
         return promiseRejects(t, "UnknownError", navigator.credentials.create(options), "Couldn't create private key.").then(() => {
             if (window.testRunner)
                 assert_true(testRunner.keyExistsInKeychain(testRpId, credentialIDBase64));
                 testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
         });
     }, "PublicKeyCredential's [[create]] not deleting old credential in a mock local authenticator.");

     promise_test(function(t) {
         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: asciiToUint8Array("123456"),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
                 timeout: 10,
                 authenticatorSelection: { authenticatorAttachment: "cross-platform" }
             }
         };

         if (window.internals)
             internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "no", acceptAttestation: false } });
         return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.");
     }, "PublicKeyCredential's [[create]] with timeout in a mock local authenticator.");

     promise_test(function(t) {
         const options = {
             publicKey: {
                 rp: {
                     name: "example.com"
                 },
                 user: {
                     name: "John Appleseed",
                     id: asciiToUint8Array("123456"),
                     displayName: "John",
                 },
                 challenge: asciiToUint8Array("123456"),
                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
             }
         };

         if (window.internals)
             internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "cancel", acceptAttestation: false } });
         return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "This request has been cancelled by the user.");
     }, "PublicKeyCredential's [[create]] with user cancel in a mock local authenticator.");

 </script>
	<!DOCTYPE html><!-- webkit-test-runner [ WebAuthenticationModernEnabled=false ] -->
	<title>Web Authentication API: PublicKeyCredential's [[create]] failure cases with a mock local authenticator.</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="./resources/util.js"></script>
	<script>
	// Default mock configuration. Tests need to override if they need different configuration.
	if (window.internals)
	internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "no", acceptAttestation: false } });

	promise_test(t => {
	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: Base64URL.parse(testUserhandleBase64),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -35 }, { type: "public-key", alg: -257 }], // ES384, RS256
	}
	};
	return promiseRejects(t, "NotSupportedError", navigator.credentials.create(options), "The platform attached authenticator doesn't support any provided PublicKeyCredentialParameters.");
	}, "PublicKeyCredential's [[create]] with unsupported public key credential parameters in a mock local authenticator.");

	promise_test(async t => {
	const privateKeyBase64 = await generatePrivateKeyBase64();
	const credentialID = await calculateCredentialID(privateKeyBase64);
	const credentialIDBase64 = base64encode(credentialID);

	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: Base64URL.parse(testUserhandleBase64),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }],
	excludeCredentials: [{ type: "public-key", id: credentialID }]
	}
	};
	if (window.testRunner)
	testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
	return promiseRejects(t, "InvalidStateError", navigator.credentials.create(options), "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator.").then(() => {
	if (window.testRunner)
	testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
	});
	}, "PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator.");

	promise_test(async t => {
	const privateKeyBase64 = await generatePrivateKeyBase64();
	const credentialID = await calculateCredentialID(privateKeyBase64);
	const credentialIDBase64 = base64encode(credentialID);

	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: Base64URL.parse(testUserhandleBase64),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }],
	excludeCredentials: [
	{ type: "public-key", id: credentialID, transports: ["usb"] },
	{ type: "public-key", id: credentialID, transports: ["nfc"] },
	{ type: "public-key", id: credentialID, transports: ["ble"] },
	{ type: "public-key", id: credentialID, transports: ["internal"] }
	]
	}
	};
	if (window.testRunner)
	testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
	return promiseRejects(t, "InvalidStateError", navigator.credentials.create(options), "At least one credential matches an entry of the excludeCredentials list in the platform attached authenticator.").then(() => {
	if (window.testRunner)
	testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
	});
	}, "PublicKeyCredential's [[create]] with matched exclude credentials in a mock local authenticator. 2nd");

	promise_test(t => {
	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: Base64URL.parse(testUserhandleBase64),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }]
	}
	};
	return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Couldn't verify user.");
	}, "PublicKeyCredential's [[create]] without user consent in a mock local authenticator.");

	promise_test(t => {
	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: Base64URL.parse(testUserhandleBase64),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }]
	}
	};
	if (window.internals)
	internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "yes", acceptAttestation: false } });
	return promiseRejects(t, "UnknownError", navigator.credentials.create(options), "Couldn't create private key.");
	}, "PublicKeyCredential's [[create]] without private keys in a mock local authenticator.");

	promise_test(async t => {
	const privateKeyBase64 = await generatePrivateKeyBase64();
	const credentialID = await calculateCredentialID(privateKeyBase64);
	const credentialIDBase64 = base64encode(credentialID);

	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: Base64URL.parse(testUserhandleBase64),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }],
	attestation: "direct"
	}
	};
	if (window.internals)
	internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "yes", acceptAttestation: false, privateKeyBase64: privateKeyBase64 } });
	return promiseRejects(t, "UnknownError", navigator.credentials.create(options), "Couldn't attest: The operation couldn't complete.").then(() => {
	if (window.testRunner)
	testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
	});
	}, "PublicKeyCredential's [[create]] without attestation in a mock local authenticator.");

	promise_test(async t => {
	const privateKeyBase64 = await generatePrivateKeyBase64();
	const credentialID = await calculateCredentialID(privateKeyBase64);
	const credentialIDBase64 = base64encode(credentialID);

	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: testUserhandleBase64,
	id: Base64URL.parse(testUserhandleBase64),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }]
	}
	};
	if (window.internals) {
	internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "yes", acceptAttestation: false } });
	testRunner.addTestKeyToKeychain(privateKeyBase64, testRpId, testUserEntityBundleBase64);
	}
	return promiseRejects(t, "UnknownError", navigator.credentials.create(options), "Couldn't create private key.").then(() => {
	if (window.testRunner)
	assert_true(testRunner.keyExistsInKeychain(testRpId, credentialIDBase64));
	testRunner.cleanUpKeychain(testRpId, credentialIDBase64);
	});
	}, "PublicKeyCredential's [[create]] not deleting old credential in a mock local authenticator.");

	promise_test(function(t) {
	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: asciiToUint8Array("123456"),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }],
	timeout: 10,
	authenticatorSelection: { authenticatorAttachment: "cross-platform" }
	}
	};

	if (window.internals)
	internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "no", acceptAttestation: false } });
	return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out.");
	}, "PublicKeyCredential's [[create]] with timeout in a mock local authenticator.");

	promise_test(function(t) {
	const options = {
	publicKey: {
	rp: {
	name: "example.com"
	},
	user: {
	name: "John Appleseed",
	id: asciiToUint8Array("123456"),
	displayName: "John",
	},
	challenge: asciiToUint8Array("123456"),
	pubKeyCredParams: [{ type: "public-key", alg: -7 }],
	}
	};

	if (window.internals)
	internals.setMockWebAuthenticationConfiguration({ local: { userVerification: "cancel", acceptAttestation: false } });
	return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "This request has been cancelled by the user.");
	}, "PublicKeyCredential's [[create]] with user cancel in a mock local authenticator.");

	</script>