[FedCM] Make revoke test do actual network requests Instead of using a mojo mock. This tests a lot more of our code. Bug: 1309251 Change-Id: I079cbbf962ed8b95870bd51fdff35f6f37ca3974 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3680732 Commit-Queue: Christian Biesinger <cbiesinger@chromium.org> Reviewed-by: Yi Gu <yigu@chromium.org> Cr-Commit-Position: refs/heads/main@{#1011646}

commit: 4996a5407b4bc3d5a905f62e157d8cbb93fad3aa [log] [tgz]
author: Christian Biesinger <cbiesinger@chromium.org> Tue Jun 07 20:32:38 2022
committer: Blink WPT Bot <blink-w3c-test-autoroller@chromium.org> Tue Jun 07 20:46:47 2022
tree: 0a93eaa90ebe1d6711fff0c8305fe79e8f146da2
parent: ca1b9f530257cda899f6efb98a3df79cfe644579 [diff]
diff --git a/credential-management/fedcm-revoke.https.html b/credential-management/fedcm-revoke.https.html
deleted file mode 100644
index f0c3e5e..0000000
--- a/credential-management/fedcm-revoke.https.html
+++ /dev/null

@@ -1,45 +0,0 @@
-<!DOCTYPE html>
-<meta charset="utf-8">
-<title>FederatedCredential.revoke() promise resolution</title>
-<link rel="author" title="Christian Biesinger" href="mailto:cbiesinger@chromium.org">
-<link rel="help" href="https://wicg.github.io/FedCM/#browser-api-revocation">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-
-<script type="module">
-  import {fedcm_test} from './support/fedcm-helper.js';
-
-  async function getCredential(provider_url) {
-    const provider = {
-      url: provider_url || "https://idp.example/",
-      clientId: "1234",
-    };
-    return await navigator.credentials.get({
-      federated:  {
-        providers: [provider],
-      },
-    });
-  }
-
-  fedcm_test(async (t, mock) => {
-    mock.revokeReturn("kSuccess");
-    await (await getCredential()).revoke("foo@bar.com");
-  }, "Successfully revoking a token should resolve the promise.");
-
-  fedcm_test(async (t, mock) => {
-    mock.revokeReturn("kError");
-    const result = (await getCredential()).revoke("foo@bar.com");
-    return promise_rejects_dom(t, "NetworkError", result);
-  }, "Error should reject the promise.");
-
-  fedcm_test(async (t, mock) => {
-    mock.revokeReturn("kError");
-    const result = (await getCredential()).revoke("");
-    return promise_rejects_dom(t, "InvalidStateError", result);
-  }, "Empty hint should reject the promise.");
-
-  fedcm_test(async (t, mock) => {
-    const result = getCredential("https://other-idp.example/").then((c) => c.revoke("foo@bar.com"));
-    return promise_rejects_dom(t, "NetworkError", result);
-  }, "Provider URL should honor Content-Security-Policy.");
-</script>

diff --git a/credential-management/fedcm-revoke.https.html.headers b/credential-management/fedcm-revoke.https.html.headers
deleted file mode 100644
index fd82d50..0000000
--- a/credential-management/fedcm-revoke.https.html.headers
+++ /dev/null

@@ -1 +0,0 @@
-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; connect-src https://idp.example

diff --git a/credential-management/fedcm-revoke.sub.https.html b/credential-management/fedcm-revoke.sub.https.html
new file mode 100644
index 0000000..79a9a87
--- /dev/null
+++ b/credential-management/fedcm-revoke.sub.https.html

@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>FederatedCredential.revoke() promise resolution</title>
+<link rel="author" title="Christian Biesinger" href="mailto:cbiesinger@chromium.org">
+<link rel="help" href="https://fedidcg.github.io/FedCM/#browser-api-revocation">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<script type="module">
+  import {set_fedcm_cookie} from './support/fedcm-helper.js';
+  const url_prefix = 'https://{{host}}:{{ports[https][0]}}/credential-management/support/';
+
+  async function getCredential(provider_url) {
+    const provider = {
+      url: provider_url || url_prefix,
+      clientId: "1234",
+    };
+    return await navigator.credentials.get({
+      federated:  {
+        providers: [provider],
+      },
+    });
+  }
+
+  promise_test(async t => {
+    await set_fedcm_cookie();
+    await (await getCredential()).login({nonce: '1'});
+    await (await getCredential()).revoke("1234");
+
+    // Second revoke should now fail since the first revoke should revoke
+    // the permission.
+    const result = (await getCredential()).revoke("1234");
+    return promise_rejects_dom(t, "NetworkError", result);
+  }, "Successfully revoking a token should resolve the promise.");
+
+  promise_test(async t => {
+    // Have to first login or the request will be rejected before it reaches
+    // the server.
+    await set_fedcm_cookie();
+    await (await getCredential()).login({nonce: '1'});
+    await (await getCredential()).revoke("1234");
+
+    const result = (await getCredential()).revoke("fail");
+    return promise_rejects_dom(t, "NetworkError", result);
+  }, "Error should reject the promise.");
+
+  promise_test(async t => {
+    const result = (await getCredential()).revoke("");
+    return promise_rejects_dom(t, "InvalidStateError", result);
+  }, "Empty hint should reject the promise.");
+
+  promise_test(async t => {
+    const result = getCredential("https://other-idp.example/").then((c) => c.revoke("foo@bar.com"));
+    return promise_rejects_dom(t, "NetworkError", result);
+  }, "Provider URL should honor Content-Security-Policy.");
+</script>

diff --git a/credential-management/fedcm-revoke.sub.https.html.sub.headers b/credential-management/fedcm-revoke.sub.https.html.sub.headers
new file mode 100644
index 0000000..69b5bf3
--- /dev/null
+++ b/credential-management/fedcm-revoke.sub.https.html.sub.headers

@@ -0,0 +1 @@
+Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; connect-src https://{{host}}:{{ports[https][0]}}

diff --git a/credential-management/support/revoke.py b/credential-management/support/revoke.py
new file mode 100644
index 0000000..ed6fe00
--- /dev/null
+++ b/credential-management/support/revoke.py

@@ -0,0 +1,6 @@
+def main(request, response):
+  if not b"hint" in request.POST:
+    return (500, [], "Missing hint")
+  if request.POST[b"hint"] == b"fail":
+    return (500, [], "Fail requested")
+  return (204, [], "")
commit	4996a5407b4bc3d5a905f62e157d8cbb93fad3aa	[log] [tgz]
author	Christian Biesinger <cbiesinger@chromium.org>	Tue Jun 07 20:32:38 2022
committer	Blink WPT Bot <blink-w3c-test-autoroller@chromium.org>	Tue Jun 07 20:46:47 2022
tree	0a93eaa90ebe1d6711fff0c8305fe79e8f146da2
parent	ca1b9f530257cda899f6efb98a3df79cfe644579 [diff]