dom/webauthn/tests/test_webauthn_make_credential.html
author David Keeler <dkeeler@mozilla.com>
Tue, 23 May 2017 14:55:10 -0700
changeset 411409 3c876e859603f37750de4725546d2c1dddf05e31
parent 411408 3c0d57fec9e5bb5c6eb71389d62129d7f8a2baa8
child 416727 1379551e5fae8bae1132a0e9a9ae5bcdeace3e3a
permissions -rw-r--r--
bug 1332681 - part 4/4 - convert authentication.getAssertion to credentials.get r=jcj,qdot MozReview-Commit-ID: 13EqlQVQApx

<!DOCTYPE html>
<meta charset=utf-8>
<head>
  <title>Test for MakeCredential for W3C Web Authentication</title>
  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
  <script type="text/javascript" src="u2futil.js"></script>
  <script type="text/javascript" src="pkijs/common.js"></script>
  <script type="text/javascript" src="pkijs/asn1.js"></script>
  <script type="text/javascript" src="pkijs/x509_schema.js"></script>
  <script type="text/javascript" src="pkijs/x509_simpl.js"></script>
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>

  <h1>Test for MakeCredential for W3C Web Authentication</h1>
  <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozilla Bug 1309284</a>

  <script class="testbody" type="text/javascript">
    "use strict";

    // Execute the full-scope test
    SimpleTest.waitForExplicitFinish();

    function arrivingHereIsGood(aResult) {
      ok(true, "Good result! Received a: " + aResult);
      return Promise.resolve();
    }

    function arrivingHereIsBad(aResult) {
      ok(false, "Bad result! Received a: " + aResult);
      return Promise.resolve();
    }

    function expectNotAllowedError(aResult) {
      ok(aResult.toString().startsWith("NotAllowedError"), "Expecting a NotAllowedError");
      return Promise.resolve();
    }

    function expectTypeError(aResult) {
      ok(aResult.toString().startsWith("TypeError"), "Expecting a TypeError");
      return Promise.resolve();
    }

    function expectNotSupportedError(aResult) {
      ok(aResult.toString().startsWith("NotSupportedError"), "Expecting a NotSupportedError");
      return Promise.resolve();
    }

    SpecialPowers.pushPrefEnv({"set": [["security.webauth.webauthn", true],
                                       ["security.webauth.webauthn_enable_softtoken", true],
                                       ["security.webauth.webauthn_enable_usbtoken", false]]}, runTests);
    function runTests() {
      is(navigator.authentication, undefined, "navigator.authentication does not exist any longer");
      isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist");
      isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist");
      isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist");

      let credm = navigator.credentials;

      let gCredentialChallenge = new Uint8Array(16);
      window.crypto.getRandomValues(gCredentialChallenge);

      let rp = {id: "none", name: "none", icon: "none"};
      let user = {id: "none", name: "none", icon: "none", displayName: "none"};
      let param = {type: "public-key", algorithm: "p-256"};
      let unsupportedParam = {type: "public-key", algorithm: "3DES"};
      let badParam = {type: "SimplePassword", algorithm: "MaxLength=2"};

      var testFuncs = [
        // Test basic good call
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge, parameters: [param]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsGood)
                      .catch(arrivingHereIsBad);
        },

        // Test empty account
        function() {
          let makeCredentialOptions = {
            challenge: gCredentialChallenge, parameters: [param]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsBad)
                      .catch(expectTypeError);
        },

        // Test without a parameter
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge, parameters: []
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsBad)
                      .catch(expectNotSupportedError);
        },

        // Test without a parameter array at all
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge
          };
          return credm.create({publicKey: makeCredentialOptions})
               .then(arrivingHereIsBad)
               .catch(expectTypeError);
        },

        // Test with an unsupported parameter
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge, parameters: [unsupportedParam]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsBad)
                      .catch(expectNotSupportedError);
        },

        // Test with an unsupported parameter and a good one
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge,
            parameters: [param, unsupportedParam]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsGood)
                      .catch(arrivingHereIsBad);
        },

        // Test with a bad parameter
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge, parameters: [badParam]
          };
          return credm.create({publicKey: makeCredentialOptions})
               .then(arrivingHereIsBad)
               .catch(expectTypeError);
        },

        // Test with an unsupported parameter, and a bad one
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge,
            parameters: [unsupportedParam, badParam]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsBad)
                      .catch(expectTypeError);
        },

        // Test with an unsupported parameter, a bad one, and a good one. This
        // should still fail, as anything with a badParam should fail.
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge,
            parameters: [param, unsupportedParam, badParam]
          };
          return credm.create({publicKey: makeCredentialOptions})
               .then(arrivingHereIsBad)
               .catch(expectTypeError);
        },

        // Test without a challenge
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, parameters: [param]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsBad)
                      .catch(expectTypeError);
        },

        // Test with an invalid challenge
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: "begone, thou ill-fitting moist glove!",
            parameters: [unsupportedParam]
          };
          return credm.create({publicKey: makeCredentialOptions})
               .then(arrivingHereIsBad)
               .catch(expectTypeError);
        },

        // Test with duplicate parameters
        function() {
          let makeCredentialOptions = {
            rp: rp, user: user, challenge: gCredentialChallenge,
            parameters: [param, param, param]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsGood)
                      .catch(arrivingHereIsBad);
        },

        // Test with missing rp
        function() {
          let makeCredentialOptions = {
            user: user, challenge: gCredentialChallenge, parameters: [param]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsBad)
                      .catch(expectTypeError);
        },

        // Test with missing user
        function() {
          let makeCredentialOptions = {
            rp: rp, challenge: gCredentialChallenge, parameters: [param]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsBad)
                      .catch(expectTypeError);
        },

        // Test a complete account
        function() {
          let completeRP = {id: "Foxxy RP", name: "Foxxy Name",
                            icon: "https://example.com/fox.svg"};
          let completeUser = {id: "foxes_are_the_best@example.com",
                              name: "Fox F. Foxington",
                              icon: "https://example.com/fox.svg",
                              displayName: "Foxxy V"};
          let makeCredentialOptions = {
            rp: completeRP, user: completeUser, challenge: gCredentialChallenge,
            parameters: [param]
          };
          return credm.create({publicKey: makeCredentialOptions})
                      .then(arrivingHereIsGood)
                      .catch(arrivingHereIsBad);
        }];

      var i = 0;
      var runNextTest = () => {
        if (i == testFuncs.length) {
          SimpleTest.finish();
          return;
        }
        testFuncs[i]().then(() => { runNextTest(); });
        i = i + 1;
      };
      runNextTest();
    };

  </script>

</body>
</html>