| <!DOCTYPE html> |
| <title>Credential Manager: Call get() across browsing contexts.</title> |
| <script src="../resources/testharness.js"></script> |
| <script src="../resources/testharnessreport.js"></script> |
| <script src="/gen/layout_test_data/mojo/public/js/mojo_bindings_lite.js"></script> |
| <script src="/gen/mojo/public/mojom/base/time.mojom-lite.js"></script> |
| <script src="/gen/mojo/public/mojom/base/unguessable_token.mojom-lite.js"></script> |
| <script src="/gen/url/mojom/url.mojom-lite.js"></script> |
| <script src="/gen/third_party/blink/public/mojom/webauthn/authenticator.mojom-lite.js"></script> |
| <script src="/gen/third_party/blink/public/mojom/webauthn/virtual_authenticator.mojom-lite.js"></script> |
| <script src="/gen/third_party/blink/public/mojom/frame/document_interface_broker.mojom-lite.js"></script> |
| <script src="resources/test-inputs.js"></script> |
| <script src="resources/virtual-navigator-credentials.js"></script> |
| <body> |
| <script> |
| |
| if (document.location.host != "subdomain.example.test:8443") { |
| document.location = "https://subdomain.example.test:8443/credentialmanager/credentialscontainer-get-from-nested-frame.html"; |
| promise_test(_ => new Promise(_ => {}), "Stall tests on the wrong host."); |
| } |
| |
| promise_test(async _ => { |
| let authenticators = await navigator.credentials.test.authenticators(); |
| assert_equals(authenticators.length, 0); |
| let testAuthenticator = await navigator.credentials.test.createAuthenticator(); |
| assert_true(await testAuthenticator.generateAndRegisterKey(ACCEPTABLE_CREDENTIAL_ID, "subdomain.example.test")); |
| }, "Set up the testing environment."); |
| |
| promise_test(t => { |
| let PROBE_CREDENTIALS = "window.parent.postMessage(String(navigator.credentials), '*');"; |
| |
| let frame = document.createElement("iframe"); |
| frame.src = "data:text/html," + encloseInScriptTag(PROBE_CREDENTIALS); |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "undefined"); |
| }); |
| }, "navigator.credentials should be undefined in documents generated from `data:` URLs."); |
| |
| promise_test(t => { |
| let frame = document.createElement("iframe"); |
| frame.src = "resources/nested-document-with-test-inputs.html"; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let loadWatcher = new EventWatcher(t, frame, "load"); |
| loadWatcher.wait_for("load").then(_ => |
| frame.contentWindow.location = "javascript:" + GET_CREDENTIAL); |
| |
| let messageWatcher = new EventWatcher(t, window, "message"); |
| return messageWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "[object PublicKeyCredential]"); |
| }); |
| }, "navigator.credentials.get({publicKey}) in a javascript url should should succeed."); |
| |
| promise_test(t => { |
| let frame = document.createElement("iframe"); |
| frame.srcdoc = HTML_WITH_TEST_INPUTS; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let loadWatcher = new EventWatcher(t, frame, "load"); |
| loadWatcher.wait_for("load").then(_ => { |
| frame.contentWindow.eval(GET_CREDENTIAL); |
| }); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "[object PublicKeyCredential]"); |
| }); |
| }, "navigator.credentials.get({publicKey}) in srcdoc should succeed."); |
| |
| promise_test(t => { |
| let frame = document.createElement("iframe"); |
| frame.src = "about:blank"; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let loadWatcher = new EventWatcher(t, frame, "load"); |
| loadWatcher.wait_for("load").then(_ => { |
| frame.contentDocument.write(HTML_WITH_TEST_INPUTS); |
| frame.contentDocument.write(encloseInScriptTag(GET_CREDENTIAL)); |
| }); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "[object PublicKeyCredential]"); |
| }); |
| }, "navigator.credentials.get({publicKey}) in about:blank embedded in a secure context should succeed."); |
| |
| promise_test(t => { |
| let frame = document.createElement("iframe"); |
| frame.src = "about:blank"; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let loadWatcher = new EventWatcher(t, frame, "load"); |
| loadWatcher.wait_for("load").then(_ => { |
| frame.contentWindow.eval(getScriptThatLoadsTestInputsAndRuns(GET_CREDENTIAL)); |
| }); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "[object PublicKeyCredential]"); |
| }); |
| }, "navigator.credentials.get({publicKey}) in an about:blank page embedded in a secure context should pass rpID checks."); |
| |
| promise_test(async t => { |
| let testAuthenticator = await navigator.credentials.test.createAuthenticator(); |
| assert_true(await testAuthenticator.generateAndRegisterKey(ACCEPTABLE_CREDENTIAL_ID, "subdomain.example.test")); |
| let keys = await testAuthenticator.registeredKeys(); |
| assert_equals(keys.length, 1); |
| var customGetAssertionOptions = deepCopy(GET_CREDENTIAL_OPTIONS); |
| var someOtherCredential = deepCopy(ACCEPTABLE_CREDENTIAL); |
| someOtherCredential.id = new TextEncoder().encode("someOtherCredential"); |
| customGetAssertionOptions.allowCredentials = [someOtherCredential]; |
| |
| return promise_rejects(t, "NotAllowedError", |
| navigator.credentials.get({ publicKey : customGetAssertionOptions})); |
| }, "navigator.credentials.get() for unregistered device returns NotAllowedError"); |
| |
| promise_test(async t => { |
| var customGetAssertionOptions = deepCopy(GET_CREDENTIAL_OPTIONS); |
| var someOtherCredential = deepCopy(ACCEPTABLE_CREDENTIAL); |
| someOtherCredential.id = new TextEncoder().encode("someOtherCredential"); |
| delete customGetAssertionOptions.allowCredentials; |
| |
| return promise_rejects(t, "NotSupportedError", |
| navigator.credentials.get({ publicKey : customGetAssertionOptions})); |
| }, "navigator.credentials.get() with empty allowCredentials is disabled"); |
| |
| promise_test(t => { |
| return navigator.credentials.test.clearAuthenticators(); |
| }, "Clean up testing environment."); |
| |
| </script> |