secure-payment-confirmation/authentication-invalid-icon.https.html - external/w3c/web-platform-tests - Git at Google

 <!DOCTYPE html>
 <meta charset="utf-8">
 <title>Test for the 'secure-payment-confirmation' payment method authentication - invalid icon</title>
 <link rel="help" href="https://w3c.github.io/secure-payment-confirmation#sctn-steps-to-check-if-a-payment-can-be-made">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/resources/testdriver.js"></script>
 <script src="/resources/testdriver-vendor.js"></script>
 <script src="utils.sub.js"></script>
 <script>
 'use strict';

 promise_test(async t => {
   const authenticator = await window.test_driver.add_virtual_authenticator(
       AUTHENTICATOR_OPTS);
   t.add_cleanup(() => {
     return window.test_driver.remove_virtual_authenticator(authenticator);
   });

   // We deliberately do *NOT* set an SPC transaction mode override, as SPC
   // should reject without any UX being shown in the case of an invalid image.
   await window.test_driver.set_spc_transaction_mode("none");

   const credential = await createCredential();

   const challenge = 'server challenge';
   const payeeOrigin = 'https://merchant.com';
   const displayName = 'Troycard ***1234';

   // First try an icon that cannot be downloaded.
   let request = new PaymentRequest([{
     supportedMethods: 'secure-payment-confirmation',
     data: {
       credentialIds: [credential.rawId],
       challenge: Uint8Array.from(challenge, c => c.charCodeAt(0)),
       payeeOrigin,
       rpId: window.location.hostname,
       timeout: 60000,
       instrument: {
         displayName,
         icon: NONEXISTENT_ICON_URL,
       },
     }
   }], PAYMENT_DETAILS);
   await test_driver.bless('user activation');
   await promise_rejects_dom(t, "NotSupportedError", request.show());

   // Now try an icon that cannot be decoded.
   request = new PaymentRequest([{
     supportedMethods: 'secure-payment-confirmation',
     data: {
       credentialIds: [credential.rawId],
       challenge: Uint8Array.from(challenge, c => c.charCodeAt(0)),
       payeeOrigin,
       rpId: window.location.hostname,
       timeout: 60000,
       instrument: {
         displayName,
         icon: INVALID_ICON_DATA_URL,
       },
     }
   }], PAYMENT_DETAILS);
   await test_driver.bless('user activation');
   await promise_rejects_dom(t, "NotSupportedError", request.show());
 }, 'SPC authentication with an invalid icon');

 promise_test(async t => {
   const authenticator = await window.test_driver.add_virtual_authenticator(
     AUTHENTICATOR_OPTS);
   t.add_cleanup(() => {
     return window.test_driver.remove_virtual_authenticator(authenticator);
   });

   await window.test_driver.set_spc_transaction_mode("autoAccept");
   t.add_cleanup(() => {
     return window.test_driver.set_spc_transaction_mode("none");
   });

   const credential = await createCredential();

   const challenge = 'server challenge';
   const payeeOrigin = 'https://merchant.com';
   const displayName = 'Troycard ***1234';

   let request = new PaymentRequest([{
     supportedMethods: 'secure-payment-confirmation',
     data: {
       credentialIds: [credential.rawId],
       challenge: Uint8Array.from(challenge, c => c.charCodeAt(0)),
       payeeOrigin,
       rpId: window.location.hostname,
       timeout: 60000,
       instrument: {
         displayName,
         icon: NONEXISTENT_ICON_URL,
         iconMustBeShown: false,
       },
     }
   }], PAYMENT_DETAILS);

   await test_driver.bless('user activation');
   const responsePromise = request.show();
   const response = await responsePromise;
   await response.complete('success');
   const cred = response.details;
   const clientDataJSON = JSON.parse(arrayBufferToString(cred.response.clientDataJSON));
   assert_equals(clientDataJSON.payment.instrument.icon, '');
 }, 'SPC authentication allowing an invalid icon with iconMustBeShown option.');
 </script>
	<!DOCTYPE html>
	<meta charset="utf-8">
	<title>Test for the 'secure-payment-confirmation' payment method authentication - invalid icon</title>
	<link rel="help" href="https://w3c.github.io/secure-payment-confirmation#sctn-steps-to-check-if-a-payment-can-be-made">
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/resources/testdriver.js"></script>
	<script src="/resources/testdriver-vendor.js"></script>
	<script src="utils.sub.js"></script>
	<script>
	'use strict';

	promise_test(async t => {
	const authenticator = await window.test_driver.add_virtual_authenticator(
	AUTHENTICATOR_OPTS);
	t.add_cleanup(() => {
	return window.test_driver.remove_virtual_authenticator(authenticator);
	});

	// We deliberately do NOT set an SPC transaction mode override, as SPC
	// should reject without any UX being shown in the case of an invalid image.
	await window.test_driver.set_spc_transaction_mode("none");

	const credential = await createCredential();

	const challenge = 'server challenge';
	const payeeOrigin = 'https://merchant.com';
	const displayName = 'Troycard ***1234';

	// First try an icon that cannot be downloaded.
	let request = new PaymentRequest([{
	supportedMethods: 'secure-payment-confirmation',
	data: {
	credentialIds: [credential.rawId],
	challenge: Uint8Array.from(challenge, c => c.charCodeAt(0)),
	payeeOrigin,
	rpId: window.location.hostname,
	timeout: 60000,
	instrument: {
	displayName,
	icon: NONEXISTENT_ICON_URL,
	},
	}
	}], PAYMENT_DETAILS);
	await test_driver.bless('user activation');
	await promise_rejects_dom(t, "NotSupportedError", request.show());

	// Now try an icon that cannot be decoded.
	request = new PaymentRequest([{
	supportedMethods: 'secure-payment-confirmation',
	data: {
	credentialIds: [credential.rawId],
	challenge: Uint8Array.from(challenge, c => c.charCodeAt(0)),
	payeeOrigin,
	rpId: window.location.hostname,
	timeout: 60000,
	instrument: {
	displayName,
	icon: INVALID_ICON_DATA_URL,
	},
	}
	}], PAYMENT_DETAILS);
	await test_driver.bless('user activation');
	await promise_rejects_dom(t, "NotSupportedError", request.show());
	}, 'SPC authentication with an invalid icon');

	promise_test(async t => {
	const authenticator = await window.test_driver.add_virtual_authenticator(
	AUTHENTICATOR_OPTS);
	t.add_cleanup(() => {
	return window.test_driver.remove_virtual_authenticator(authenticator);
	});

	await window.test_driver.set_spc_transaction_mode("autoAccept");
	t.add_cleanup(() => {
	return window.test_driver.set_spc_transaction_mode("none");
	});

	const credential = await createCredential();

	const challenge = 'server challenge';
	const payeeOrigin = 'https://merchant.com';
	const displayName = 'Troycard ***1234';

	let request = new PaymentRequest([{
	supportedMethods: 'secure-payment-confirmation',
	data: {
	credentialIds: [credential.rawId],
	challenge: Uint8Array.from(challenge, c => c.charCodeAt(0)),
	payeeOrigin,
	rpId: window.location.hostname,
	timeout: 60000,
	instrument: {
	displayName,
	icon: NONEXISTENT_ICON_URL,
	iconMustBeShown: false,
	},
	}
	}], PAYMENT_DETAILS);

	await test_driver.bless('user activation');
	const responsePromise = request.show();
	const response = await responsePromise;
	await response.complete('success');
	const cred = response.details;
	const clientDataJSON = JSON.parse(arrayBufferToString(cred.response.clientDataJSON));
	assert_equals(clientDataJSON.payment.instrument.icon, '');
	}, 'SPC authentication allowing an invalid icon with iconMustBeShown option.');
	</script>