Bug 975144 - Adding IdP loading tests
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-min.js
@@ -0,0 +1,24 @@
+(function(global) {
+ 'use strict';
+ // A minimal implementation of the interface.
+ // Though this isn't particularly functional.
+ // This is needed so that we can have a "working" IdP served
+ // from two different locations in the tree.
+ global.rtcIdentityProvider.register({
+ generateAssertion: function(payload, origin, usernameHint) {
+ dump('idp: generateAssertion(' + payload + ')\n');
+ return Promise.resolve({
+ idp: { domain: 'example.com', protocol: 'idp.js' },
+ assertion: 'bogus'
+ });
+ },
+
+ validateAssertion: function(assertion, origin) {
+ dump('idp: validateAssertion(' + assertion + ')\n');
+ return Promise.resolve({
+ identity: 'user@example.com',
+ contents: 'bogus'
+ });
+ }
+ });
+}(this));
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-http-trick.js
@@ -0,0 +1,3 @@
+(function() {
+ dump('ERROR\n');
+}());
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-http-trick.js^headers^
@@ -0,0 +1,2 @@
+HTTP 301 Moved Permanently
+Location: http://example.com/.well-known/idp-proxy/idp-redirect-https.js
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-http.js
@@ -0,0 +1,3 @@
+(function() {
+ dump('ERROR\n');
+}());
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-http.js^headers^
@@ -0,0 +1,2 @@
+HTTP 301 Moved Permanently
+Location: http://example.com/.well-known/idp-proxy/idp.js
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-https-double.js
@@ -0,0 +1,3 @@
+(function() {
+ dump('ERROR\n');
+}());
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-https-double.js^headers^
@@ -0,0 +1,2 @@
+HTTP 301 Moved Permanently
+Location: https://example.com/.well-known/idp-proxy/idp-redirect-https.js
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-https-odd-path.js
@@ -0,0 +1,3 @@
+(function() {
+ dump('ERROR\n');
+}());
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-https-odd-path.js^headers^
@@ -0,0 +1,2 @@
+HTTP 301 Moved Permanently
+Location: https://example.com/.well-known/idp-min.js
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-https.js
@@ -0,0 +1,3 @@
+(function() {
+ dump('ERROR\n');
+}());
new file mode 100644
--- /dev/null
+++ b/dom/media/tests/mochitest/identity/idp-redirect-https.js^headers^
@@ -0,0 +1,2 @@
+HTTP 301 Moved Permanently
+Location: https://example.com/.well-known/idp-proxy/idp.js
--- a/dom/media/tests/mochitest/identity/mochitest.ini
+++ b/dom/media/tests/mochitest/identity/mochitest.ini
@@ -1,19 +1,35 @@
[DEFAULT]
# All tests are disabled on android&b2g due to lack of https support in
# mochitests (Bug 907770)
# Tests are also disabled on b2g due to lack of e10s support in WebRTC identity
# (Bug 975144)
skip-if = e10s || os == "android" || appname == "b2g"
support-files =
/.well-known/idp-proxy/idp.js
- identityevent.js
[test_idpproxy.html]
+support-files =
+ /.well-known/idp-proxy/idp-redirect-http.js
+ /.well-known/idp-proxy/idp-redirect-http.js^headers^
+ /.well-known/idp-proxy/idp-redirect-http-trick.js
+ /.well-known/idp-proxy/idp-redirect-http-trick.js^headers^
+ /.well-known/idp-proxy/idp-redirect-https.js
+ /.well-known/idp-proxy/idp-redirect-https.js^headers^
+ /.well-known/idp-proxy/idp-redirect-https-double.js
+ /.well-known/idp-proxy/idp-redirect-https-double.js^headers^
+ /.well-known/idp-proxy/idp-redirect-https-odd-path.js
+ /.well-known/idp-proxy/idp-redirect-https-odd-path.js^headers^
+ /.well-known/idp-min.js
+
+[test_fingerprints.html]
[test_getIdentityAssertion.html]
[test_setIdentityProvider.html]
+support-files = identityevent.js
+
[test_setIdentityProviderWithErrors.html]
+support-files = identityevent.js
+
[test_peerConnection_peerIdentity.html]
-[test_fingerprints.html]
# Bug 950317: Hack for making a cleanup hook after finishing all WebRTC cases
[../test_zmedia_cleanup.html]
--- a/dom/media/tests/mochitest/identity/test_idpproxy.html
+++ b/dom/media/tests/mochitest/identity/test_idpproxy.html
@@ -44,19 +44,24 @@ function test_protocol_sandbox() {
ok(false, 'IdpSandbox didn\'t catch bad protocol: ' + proto);
} catch (e) {
var str = (typeof proto === 'string') ? proto : typeof proto;
ok(true, 'Evil protocol "' + proto + '" raises exception');
}
});
}
-function makeSandbox(hash) {
- var sandbox = new IdpSandbox('example.com',
- 'idp.js' + (hash ? ('#' + hash) : ''));
+function idpName(hash) {
+ return 'idp.js' + (hash ? ('#' + hash) : '');
+}
+
+function makeSandbox(js) {
+ var name = js || idpName();
+ info('Creating a sandbox for the protocol: ' + name);
+ var sandbox = new IdpSandbox('example.com', name);
return sandbox.start().then(idp => SpecialPowers.wrap(idp));
}
function test_generate_assertion() {
return makeSandbox()
.then(idp => idp.generateAssertion(dummyPayload,
'https://example.net'))
.then(response => {
@@ -85,29 +90,73 @@ function test_validate_assertion() {
is(response.identity, 'user@example.com');
is(response.contents, dummyPayload);
});
}
// We don't want to test the #bad or the #hang instructions,
// errors of the sort those generate aren't handled by the sandbox code.
function fail(reason) {
- return function() {
- return makeSandbox(reason)
- .then(idp => idp.generateAssertion('hello', 'example.net', null))
+ return () => {
+ return makeSandbox(idpName(reason))
+ .then(idp => idp.generateAssertion('hello', 'example.net'))
.then(r => ok(false, 'should not succeed on ' + reason),
e => ok(true, 'failed correctly on ' + reason));
};
}
+function test_load_failure() {
+ return makeSandbox('non-existent-file')
+ .then(() => ok(false, 'Should fail to load non-existent file'),
+ e => ok(e, 'Should fail to load non-existent file'));
+}
+
+function test_redirect_ok(from) {
+ return () => {
+ return makeSandbox(from)
+ .then(idp => idp.generateAssertion('hello', 'example.net'))
+ .then(r => ok(SpecialPowers.wrap(r).assertion,
+ 'Redirect to https should be OK'));
+ };
+}
+
+function test_redirect_fail(from) {
+ return () => {
+ return makeSandbox(from)
+ .then(() => ok(false, 'Redirect to https should fail'),
+ e => ok(e, 'Redirect to https should fail'));
+ };
+}
+
function run_all_tests() {
[
- test_domain_sandbox, test_protocol_sandbox,
- test_generate_assertion, test_validate_assertion,
- fail('fail'), fail('throw'), fail('not_ready')
+ test_domain_sandbox,
+ test_protocol_sandbox,
+ test_generate_assertion,
+ test_validate_assertion,
+
+ // fail of the IdP fails
+ fail('fail'),
+ // fail if the IdP throws
+ fail('throw'),
+ // fail if the IdP is not ready
+ fail('not_ready'),
+
+ test_load_failure(),
+ // Test a redirect to an HTTPS origin, which should be OK
+ test_redirect_ok('idp-redirect-https.js'),
+ // Two redirects is fine too
+ test_redirect_ok('idp-redirect-https-double.js'),
+ // A secure redirect to a path other than /.well-known/idp-proxy/* should
+ // also work fine.
+ test_redirect_ok('idp-redirect-https-odd-path.js'),
+ // A redirect to HTTP is not-cool
+ test_redirect_fail('idp-redirect-http.js'),
+ // Also catch tricks like https->http->https
+ test_redirect_fail('idp-redirect-http-trick.js')
].reduce((p, test) => {
return p.then(test)
.catch(e => ok(false, test.name + ' failed: ' +
SpecialPowers.wrap(e).message + '\n' +
SpecialPowers.wrap(e).stack));
}, Promise.resolve())
.then(() => SimpleTest.finish());
}