Remove logout() and revoke()
https://github.com/fedidcg/FedCM/pull/279
Bug: 1335232
Change-Id: I9183e19c136919b1dfd788af56a4515a4f032655
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3712167
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Yi Gu <yigu@chromium.org>
Reviewed-by: Christian Biesinger <cbiesinger@chromium.org>
Commit-Queue: Zachary Tan <tanzachary@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1017912}
diff --git a/credential-management/fedcm-logout.sub.https.html b/credential-management/fedcm-logout.sub.https.html
deleted file mode 100644
index ad775d8..0000000
--- a/credential-management/fedcm-logout.sub.https.html
+++ /dev/null
@@ -1,56 +0,0 @@
-<!DOCTYPE html>
-<title>Federated Credential Management logout() API.</title>
-<link rel="help" href="https://wicg.github.io/FedCM">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<body>
-<script type="module">
- import {set_fedcm_cookie} from './support/fedcm-helper.js';
-
- const url_prefix = 'https://{{host}}:{{ports[https][0]}}/credential-management/support/';
- const test_options = {
- federated: {
- providers: [{
- url: url_prefix,
- clientId: '1',
- // hint has to match the account id in support/accounts.json
- hint: '1234',
- }]
- }
- };
- const test_options_no_hint = {
- federated: {
- providers: [{
- url: url_prefix,
- clientId: '1',
- }]
- }
- };
- const login_options = {
- nonce: '2',
- };
-
- promise_test(async t => {
- await set_fedcm_cookie();
- const cred = await navigator.credentials.get(test_options);
- const token = await cred.login(login_options);
- assert_equals(token.idToken, "token");
-
- await cred.logout();
- }, "logout should not throw an exception.");
-
- promise_test(async t => {
- const cred = await navigator.credentials.get(test_options);
-
- return promise_rejects_dom(t, "InvalidStateError", cred.logout());
- }, "logout should throw an exception when not logged in.");
-
- promise_test(async t => {
- await set_fedcm_cookie();
- const cred = await navigator.credentials.get(test_options_no_hint);
- const token = await cred.login(login_options);
- assert_equals(token.idToken, "token");
-
- return promise_rejects_dom(t, "InvalidStateError", cred.logout());
- }, "logout should require a hint.");
-</script>
diff --git a/credential-management/fedcm-revoke.sub.https.html b/credential-management/fedcm-revoke.sub.https.html
deleted file mode 100644
index 79a9a87..0000000
--- a/credential-management/fedcm-revoke.sub.https.html
+++ /dev/null
@@ -1,56 +0,0 @@
-<!DOCTYPE html>
-<meta charset="utf-8">
-<title>FederatedCredential.revoke() promise resolution</title>
-<link rel="author" title="Christian Biesinger" href="mailto:cbiesinger@chromium.org">
-<link rel="help" href="https://fedidcg.github.io/FedCM/#browser-api-revocation">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-
-<script type="module">
- import {set_fedcm_cookie} from './support/fedcm-helper.js';
- const url_prefix = 'https://{{host}}:{{ports[https][0]}}/credential-management/support/';
-
- async function getCredential(provider_url) {
- const provider = {
- url: provider_url || url_prefix,
- clientId: "1234",
- };
- return await navigator.credentials.get({
- federated: {
- providers: [provider],
- },
- });
- }
-
- promise_test(async t => {
- await set_fedcm_cookie();
- await (await getCredential()).login({nonce: '1'});
- await (await getCredential()).revoke("1234");
-
- // Second revoke should now fail since the first revoke should revoke
- // the permission.
- const result = (await getCredential()).revoke("1234");
- return promise_rejects_dom(t, "NetworkError", result);
- }, "Successfully revoking a token should resolve the promise.");
-
- promise_test(async t => {
- // Have to first login or the request will be rejected before it reaches
- // the server.
- await set_fedcm_cookie();
- await (await getCredential()).login({nonce: '1'});
- await (await getCredential()).revoke("1234");
-
- const result = (await getCredential()).revoke("fail");
- return promise_rejects_dom(t, "NetworkError", result);
- }, "Error should reject the promise.");
-
- promise_test(async t => {
- const result = (await getCredential()).revoke("");
- return promise_rejects_dom(t, "InvalidStateError", result);
- }, "Empty hint should reject the promise.");
-
- promise_test(async t => {
- const result = getCredential("https://other-idp.example/").then((c) => c.revoke("foo@bar.com"));
- return promise_rejects_dom(t, "NetworkError", result);
- }, "Provider URL should honor Content-Security-Policy.");
-</script>
diff --git a/credential-management/fedcm-revoke.sub.https.html.sub.headers b/credential-management/fedcm-revoke.sub.https.html.sub.headers
deleted file mode 100644
index 69b5bf3..0000000
--- a/credential-management/fedcm-revoke.sub.https.html.sub.headers
+++ /dev/null
@@ -1 +0,0 @@
-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; connect-src https://{{host}}:{{ports[https][0]}}
diff --git a/credential-management/support/fedcm-mock.js b/credential-management/support/fedcm-mock.js
index 955cb97..9923e89 100644
--- a/credential-management/support/fedcm-mock.js
+++ b/credential-management/support/fedcm-mock.js
@@ -1,4 +1,4 @@
-import { RequestIdTokenStatus, LogoutStatus, LogoutRpsStatus, RevokeStatus, FederatedAuthRequest, FederatedAuthRequestReceiver } from '/gen/third_party/blink/public/mojom/webid/federated_auth_request.mojom.m.js';
+import { RequestIdTokenStatus, LogoutRpsStatus, FederatedAuthRequest, FederatedAuthRequestReceiver } from '/gen/third_party/blink/public/mojom/webid/federated_auth_request.mojom.m.js';
function toMojoIdTokenStatus(status) {
return RequestIdTokenStatus["k" + status];
@@ -15,9 +15,7 @@
this.interceptor_.start();
this.idToken_ = null;
this.status_ = RequestIdTokenStatus.kError;
- this.logoutStatus_ = LogoutStatus.kNotLoggedIn;
this.logoutRpsStatus_ = LogoutRpsStatus.kError;
- this.revokeStatus_ = RevokeStatus.kError;
this.returnPending_ = false;
this.pendingPromiseResolve_ = null;
}
@@ -44,13 +42,6 @@
this.returnPending_ = true;
}
- logoutReturn(status) {
- let validated = LogoutStatus[status];
- if (validated === undefined)
- throw new Error("Invalid status: " + status);
- this.logoutStatus_ = validated;
- }
-
logoutRpsReturn(status) {
let validated = LogoutRpsStatus[status];
if (validated === undefined)
@@ -58,15 +49,6 @@
this.logoutRpsStatus_ = validated;
}
- // Causes the subsequent `FederatedCredential.revoke` to reject with this
- // status.
- revokeReturn(status) {
- let validated = RevokeStatus[status];
- if (validated === undefined)
- throw new Error("Invalid status: " + status);
- this.revokeStatus_ = validated;
- }
-
// Implements
// RequestIdToken(url.mojom.Url provider, string id_request) => (RequestIdTokenStatus status, string? id_token);
async requestIdToken(provider, idRequest) {
@@ -90,28 +72,17 @@
this.pendingPromiseResolve_ = null;
}
- async logout() {
- return Promise.resolve({status: this.logoutStatus_});
- }
-
async logoutRps(logout_endpoints) {
return Promise.resolve({
status: this.logoutRpsStatus_
});
}
- async revoke(provider, client_id, account_id) {
- return Promise.resolve({
- status: this.revokeStatus_
- });
- }
-
async reset() {
this.idToken_ = null;
this.status_ = RequestIdTokenStatus.kError;
this.logoutRpsStatus_ = LogoutRpsStatus.kError;
this.receiver_.$.close();
- this.revokeStatus_ = RevokeStatus.kError;
this.interceptor_.stop();
// Clean up and reset mock stubs asynchronously, so that the blink side