webauthn/signal-all-accepted-credentials.https.html - external/w3c/web-platform-tests.git - Git at Google

 <!DOCTYPE html>
 <meta charset="utf-8">
 <title>Signal all accepted credentials tests</title>
 <meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/resources/testdriver.js"></script>
 <script src="/resources/testdriver-vendor.js"></script>
 <script src=helpers.js></script>

 <body></body>
 <script>
   "use strict";

   const authenticatorOptions = {
     protocol: "ctap2_1",
     hasResidentKey: true,
     isUserVerified: true,
     hasUserVerification: true,
   };

   const userId = Uint8Array.from([1, 2, 3, 4]);

   function createDiscoverableCredential() {
     return createCredential({
       options: {
         publicKey: {
           authenticatorSelection: {
             residentKey: "required",
           },
           user: {
             id: userId,
             name: "reimu",
             displayName: "Reimu Hakurei",
           }
         },
       },
     });
   }

   virtualAuthenticatorPromiseTest(async t => {
     return promise_rejects_dom(t, "SecurityError", PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: "umbrella-corporation.example.com",
       userId: base64urlEncode(userId),
       allAcceptedCredentialIds: [],
     }));
   }, authenticatorOptions, "signalAllAcceptedCredentials fails with SecurityError for invalid RP IDs");

   virtualAuthenticatorPromiseTest(async t => {
     return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: window.location.hostname,
       userId: "Not base 64 url",
       allAcceptedCredentialIds: [],
     }));
   }, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid userId base64url");

   virtualAuthenticatorPromiseTest(async t => {
     return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: window.location.hostname,
       userId: base64urlEncode(userId),
       allAcceptedCredentialIds: ["not base 64 url"],
     }));
   }, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid credential base64url");

   virtualAuthenticatorPromiseTest(async t => {
     const credential = await createDiscoverableCredential();
     await assertCredential(credential);
     PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: window.location.hostname,
       userId: base64urlEncode([5, 6, 7, 8]),
       allAcceptedCredentialIds: [],
     });
     await assertCredential(credential);
   }, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential for a different user id");

   virtualAuthenticatorPromiseTest(async t => {
     const credential = await createDiscoverableCredential();
     await assertCredential(credential);
     PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: window.location.hostname,
       userId: base64urlEncode(userId),
       allAcceptedCredentialIds: [credential.id],
     });
     await assertCredential(credential);
   }, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential if present on the list");

   virtualAuthenticatorPromiseTest(async t => {
     const credential = await createDiscoverableCredential();
     await assertCredential(credential);
     PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: window.location.hostname,
       userId: base64urlEncode(userId),
       allAcceptedCredentialIds: [],
     });
     return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
   }, authenticatorOptions, "signalAllAcceptedCredentials removes a credential present on the list for the correct user");

   virtualAuthenticatorPromiseTest(async t => {
     const credential = await createDiscoverableCredential();
     await assertCredential(credential);
     PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: window.location.hostname,
       userId: base64urlEncode(userId),
       allAcceptedCredentialIds: [base64urlEncode([1, 2, 3, 4])],
     });
     return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
   }, authenticatorOptions, "signalAllAcceptedCredentials with unrecognized credentials removes existing credential");

   virtualAuthenticatorPromiseTest(async t => {
     const credential = await createDiscoverableCredential();
     await assertCredential(credential);
     PublicKeyCredential.signalAllAcceptedCredentials({
       rpId: window.location.hostname,
       userId: base64urlEncode(userId),
       allAcceptedCredentialIds: [credential.id, base64urlEncode([1, 2, 3, 4])],
     });
     await assertCredential(credential);
   }, authenticatorOptions, "signalAllAcceptedCredentials with recognized and unrecognized credentials keeps the existing credential");
 </script>
	<!DOCTYPE html>
	<meta charset="utf-8">
	<title>Signal all accepted credentials tests</title>
	<meta name="timeout" content="long">
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/resources/testdriver.js"></script>
	<script src="/resources/testdriver-vendor.js"></script>
	<script src=helpers.js></script>

	<body></body>
	<script>
	"use strict";

	const authenticatorOptions = {
	protocol: "ctap2_1",
	hasResidentKey: true,
	isUserVerified: true,
	hasUserVerification: true,
	};

	const userId = Uint8Array.from([1, 2, 3, 4]);

	function createDiscoverableCredential() {
	return createCredential({
	options: {
	publicKey: {
	authenticatorSelection: {
	residentKey: "required",
	},
	user: {
	id: userId,
	name: "reimu",
	displayName: "Reimu Hakurei",
	}
	},
	},
	});
	}

	virtualAuthenticatorPromiseTest(async t => {
	return promise_rejects_dom(t, "SecurityError", PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: "umbrella-corporation.example.com",
	userId: base64urlEncode(userId),
	allAcceptedCredentialIds: [],
	}));
	}, authenticatorOptions, "signalAllAcceptedCredentials fails with SecurityError for invalid RP IDs");

	virtualAuthenticatorPromiseTest(async t => {
	return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: window.location.hostname,
	userId: "Not base 64 url",
	allAcceptedCredentialIds: [],
	}));
	}, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid userId base64url");

	virtualAuthenticatorPromiseTest(async t => {
	return promise_rejects_js(t, TypeError, PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: window.location.hostname,
	userId: base64urlEncode(userId),
	allAcceptedCredentialIds: ["not base 64 url"],
	}));
	}, authenticatorOptions, "signalAllAcceptedCredentials fails with TypeError for invalid credential base64url");

	virtualAuthenticatorPromiseTest(async t => {
	const credential = await createDiscoverableCredential();
	await assertCredential(credential);
	PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: window.location.hostname,
	userId: base64urlEncode([5, 6, 7, 8]),
	allAcceptedCredentialIds: [],
	});
	await assertCredential(credential);
	}, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential for a different user id");

	virtualAuthenticatorPromiseTest(async t => {
	const credential = await createDiscoverableCredential();
	await assertCredential(credential);
	PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: window.location.hostname,
	userId: base64urlEncode(userId),
	allAcceptedCredentialIds: [credential.id],
	});
	await assertCredential(credential);
	}, authenticatorOptions, "signalAllAcceptedCredentials does not remove a credential if present on the list");

	virtualAuthenticatorPromiseTest(async t => {
	const credential = await createDiscoverableCredential();
	await assertCredential(credential);
	PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: window.location.hostname,
	userId: base64urlEncode(userId),
	allAcceptedCredentialIds: [],
	});
	return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
	}, authenticatorOptions, "signalAllAcceptedCredentials removes a credential present on the list for the correct user");

	virtualAuthenticatorPromiseTest(async t => {
	const credential = await createDiscoverableCredential();
	await assertCredential(credential);
	PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: window.location.hostname,
	userId: base64urlEncode(userId),
	allAcceptedCredentialIds: [base64urlEncode([1, 2, 3, 4])],
	});
	return promise_rejects_dom(t, "NotAllowedError", assertCredential(credential));
	}, authenticatorOptions, "signalAllAcceptedCredentials with unrecognized credentials removes existing credential");

	virtualAuthenticatorPromiseTest(async t => {
	const credential = await createDiscoverableCredential();
	await assertCredential(credential);
	PublicKeyCredential.signalAllAcceptedCredentials({
	rpId: window.location.hostname,
	userId: base64urlEncode(userId),
	allAcceptedCredentialIds: [credential.id, base64urlEncode([1, 2, 3, 4])],
	});
	await assertCredential(credential);
	}, authenticatorOptions, "signalAllAcceptedCredentials with recognized and unrecognized credentials keeps the existing credential");
	</script>