device-bound-session-credentials/resolving-urls.https.html - external/w3c/web-platform-tests.git - Git at Google

 <!DOCTYPE html>
 <meta charset="utf-8">
 <title>DBSC session configuration resolving URLs</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/get-host-info.sub.js"></script>
 <script src="helper.js" type="module"></script>

 <script type="module">
   import { expireCookie, waitForCookie, addCookieAndSessionCleanup, configureServer, setupShardedServerState, documentHasCookie, postJson } from "./helper.js";

   async function runTest(t, registrationUrl, refreshUrl) {
     await setupShardedServerState();
     const expectedCookieAndValue = "auth_cookie=abcdef0123";
     const expectedCookieAndAttributes = `${expectedCookieAndValue};Domain=${get_host_info().ORIGINAL_HOST};Path=/device-bound-session-credentials`;
     addCookieAndSessionCleanup(t, expectedCookieAndAttributes);

     // Configure server to use the absolute URL for refresh instead of a relative URL.
     configureServer({ refreshUrl });

     // Configure registration to use absolute URL instead of relative.
     // Prompt starting a session, and wait until registration completes.
     const login_response = await postJson('login.py', { registrationUrl });
     assert_equals(login_response.status, 200);
     assert_true(await waitForCookie(expectedCookieAndValue));

     // Confirm that a request has the cookie set.
     const auth_response = await fetch('verify_authenticated.py');
     assert_equals(auth_response.status, 200);

     // Trigger refresh and confirm that the cookie gets set again.
     expireCookie(expectedCookieAndAttributes);
     assert_false(documentHasCookie(expectedCookieAndValue));
     const auth_response_after_expiry = await fetch('verify_authenticated.py');
     assert_equals(auth_response_after_expiry.status, 200);
     assert_true(documentHasCookie(expectedCookieAndValue));
   }

   promise_test(async t => {
     const registrationUrl = `${location.origin}/device-bound-session-credentials/start_session.py`;
     const refreshUrl = `${location.origin}/device-bound-session-credentials/refresh_session.py`;
     await runTest(t, registrationUrl, refreshUrl);
   }, "The registration and refresh endpoints can be configured as absolute URLs");

   promise_test(async t => {
     const registrationUrl = `/device-bound-session-credentials/start_session.py`;
     const refreshUrl = `/device-bound-session-credentials/refresh_session.py`;
     await runTest(t, registrationUrl, refreshUrl);
   }, "The registration and refresh endpoints can be configured as relative URLs with leading slash");

   promise_test(async t => {
     const registrationUrl = `start_session.py`;
     const refreshUrl = `refresh_session.py`;
     await runTest(t, registrationUrl, refreshUrl);
   }, "The registration and refresh endpoints can be configured as relative URLs without leading slash");
 </script>
	<!DOCTYPE html>
	<meta charset="utf-8">
	<title>DBSC session configuration resolving URLs</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/common/get-host-info.sub.js"></script>
	<script src="helper.js" type="module"></script>

	<script type="module">
	import { expireCookie, waitForCookie, addCookieAndSessionCleanup, configureServer, setupShardedServerState, documentHasCookie, postJson } from "./helper.js";

	async function runTest(t, registrationUrl, refreshUrl) {
	await setupShardedServerState();
	const expectedCookieAndValue = "auth_cookie=abcdef0123";
	const expectedCookieAndAttributes = `${expectedCookieAndValue};Domain=${get_host_info().ORIGINAL_HOST};Path=/device-bound-session-credentials`;
	addCookieAndSessionCleanup(t, expectedCookieAndAttributes);

	// Configure server to use the absolute URL for refresh instead of a relative URL.
	configureServer({ refreshUrl });

	// Configure registration to use absolute URL instead of relative.
	// Prompt starting a session, and wait until registration completes.
	const login_response = await postJson('login.py', { registrationUrl });
	assert_equals(login_response.status, 200);
	assert_true(await waitForCookie(expectedCookieAndValue));

	// Confirm that a request has the cookie set.
	const auth_response = await fetch('verify_authenticated.py');
	assert_equals(auth_response.status, 200);

	// Trigger refresh and confirm that the cookie gets set again.
	expireCookie(expectedCookieAndAttributes);
	assert_false(documentHasCookie(expectedCookieAndValue));
	const auth_response_after_expiry = await fetch('verify_authenticated.py');
	assert_equals(auth_response_after_expiry.status, 200);
	assert_true(documentHasCookie(expectedCookieAndValue));
	}

	promise_test(async t => {
	const registrationUrl = `${location.origin}/device-bound-session-credentials/start_session.py`;
	const refreshUrl = `${location.origin}/device-bound-session-credentials/refresh_session.py`;
	await runTest(t, registrationUrl, refreshUrl);
	}, "The registration and refresh endpoints can be configured as absolute URLs");

	promise_test(async t => {
	const registrationUrl = `/device-bound-session-credentials/start_session.py`;
	const refreshUrl = `/device-bound-session-credentials/refresh_session.py`;
	await runTest(t, registrationUrl, refreshUrl);
	}, "The registration and refresh endpoints can be configured as relative URLs with leading slash");

	promise_test(async t => {
	const registrationUrl = `start_session.py`;
	const refreshUrl = `refresh_session.py`;
	await runTest(t, registrationUrl, refreshUrl);
	}, "The registration and refresh endpoints can be configured as relative URLs without leading slash");
	</script>