[ tor-browser ].git.dasho

browser_disconnect.js (7559B)
      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      3 * You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 "use strict";
      6 
      7 XPCOMUtils.defineLazyServiceGetter(
      8  this,
      9  "IdentityCredentialStorageService",
     10  "@mozilla.org/browser/identity-credential-storage-service;1",
     11  Ci.nsIIdentityCredentialStorageService
     12 );
     13 
     14 const TEST_URL = "https://example.com/";
     15 
     16 async function disconnect() {
     17  let promise = content.IdentityCredential.disconnect({
     18    configURL:
     19      "https://example.net/browser/dom/credentialmanagement/identity/tests/browser/server_manifest.json",
     20    clientId: "id",
     21    accountHint: "example",
     22  });
     23  try {
     24    return await promise;
     25  } catch (_) {
     26    return undefined;
     27  }
     28 }
     29 
     30 async function disconnectEndpointFailure() {
     31  let promise = content.IdentityCredential.disconnect({
     32    configURL:
     33      "https://example.net/browser/dom/credentialmanagement/identity/tests/browser/server_manifest_disconnect_failure.json",
     34    clientId: "id",
     35    accountHint: "example",
     36  });
     37  try {
     38    return await promise;
     39  } catch (_) {
     40    return undefined;
     41  }
     42 }
     43 
     44 async function disconnectManifestFailure() {
     45  let promise = content.IdentityCredential.disconnect({
     46    configURL:
     47      "https://example.net/browser/dom/credentialmanagement/identity/tests/browser/server_manifest_failure.json",
     48    clientId: "id",
     49    accountHint: "example",
     50  });
     51  try {
     52    return await promise;
     53  } catch (_) {
     54    return undefined;
     55  }
     56 }
     57 
     58 add_task(async function test_disconnect_identity_credential() {
     59  await SpecialPowers.pushPrefEnv({
     60    set: [
     61      [
     62        "dom.security.credentialmanagement.identity.select_first_in_ui_lists",
     63        true,
     64      ],
     65      [
     66        "dom.security.credentialmanagement.identity.reject_delay.enabled",
     67        false,
     68      ],
     69    ],
     70  });
     71 
     72  const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
     73    Services.io.newURI("https://example.net"),
     74    {}
     75  );
     76  const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
     77    Services.io.newURI("https://example.com"),
     78    {}
     79  );
     80 
     81  // Set two accounts as registered
     82  IdentityCredentialStorageService.setState(
     83    rpPrincipal,
     84    idpPrincipal,
     85    "disconnected",
     86    true,
     87    false
     88  );
     89  IdentityCredentialStorageService.setState(
     90    rpPrincipal,
     91    idpPrincipal,
     92    "still_connected",
     93    true,
     94    false
     95  );
     96 
     97  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
     98 
     99  await SpecialPowers.spawn(tab.linkedBrowser, [], disconnect);
    100 
    101  let registered = {};
    102  let allowLogout = {};
    103  IdentityCredentialStorageService.getState(
    104    rpPrincipal,
    105    idpPrincipal,
    106    "disconnected",
    107    registered,
    108    allowLogout
    109  );
    110  Assert.ok(!registered.value, "Should be unregistered by disconnect.");
    111  IdentityCredentialStorageService.getState(
    112    rpPrincipal,
    113    idpPrincipal,
    114    "still_connected",
    115    registered,
    116    allowLogout
    117  );
    118  Assert.ok(
    119    registered.value,
    120    "Should be still registered by disconnect if not returned by server."
    121  );
    122 
    123  // Close tabs.
    124  await BrowserTestUtils.removeTab(tab);
    125  await SpecialPowers.popPrefEnv();
    126 });
    127 
    128 add_task(async function test_disconnect_miss_identity_credential() {
    129  await SpecialPowers.pushPrefEnv({
    130    set: [
    131      [
    132        "dom.security.credentialmanagement.identity.select_first_in_ui_lists",
    133        true,
    134      ],
    135      [
    136        "dom.security.credentialmanagement.identity.reject_delay.enabled",
    137        false,
    138      ],
    139    ],
    140  });
    141 
    142  const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
    143    Services.io.newURI("https://example.net"),
    144    {}
    145  );
    146  const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
    147    Services.io.newURI("https://example.com"),
    148    {}
    149  );
    150 
    151  // Set only one account as registered
    152  this.IdentityCredentialStorageService.setState(
    153    rpPrincipal,
    154    idpPrincipal,
    155    "no_longer_connected",
    156    true,
    157    false
    158  );
    159 
    160  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
    161 
    162  await SpecialPowers.spawn(tab.linkedBrowser, [], disconnect);
    163 
    164  let registered = {};
    165  let allowLogout = {};
    166  IdentityCredentialStorageService.getState(
    167    rpPrincipal,
    168    idpPrincipal,
    169    "no_longer_connected",
    170    registered,
    171    allowLogout
    172  );
    173  Assert.ok(
    174    !registered.value,
    175    "Should not be still registered by disconnect if the disconnect missed."
    176  );
    177 
    178  // Close tabs.
    179  await BrowserTestUtils.removeTab(tab);
    180  await SpecialPowers.popPrefEnv();
    181 });
    182 
    183 add_task(async function test_disconnect_on_disconnect_failure() {
    184  await SpecialPowers.pushPrefEnv({
    185    set: [
    186      [
    187        "dom.security.credentialmanagement.identity.select_first_in_ui_lists",
    188        true,
    189      ],
    190      [
    191        "dom.security.credentialmanagement.identity.reject_delay.enabled",
    192        false,
    193      ],
    194    ],
    195  });
    196 
    197  const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
    198    Services.io.newURI("https://example.net"),
    199    {}
    200  );
    201  const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
    202    Services.io.newURI("https://example.com"),
    203    {}
    204  );
    205 
    206  // Set two accounts as registered
    207  this.IdentityCredentialStorageService.setState(
    208    rpPrincipal,
    209    idpPrincipal,
    210    "disconnected",
    211    true,
    212    false
    213  );
    214  this.IdentityCredentialStorageService.setState(
    215    rpPrincipal,
    216    idpPrincipal,
    217    "not_still_connected",
    218    true,
    219    false
    220  );
    221 
    222  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
    223 
    224  await SpecialPowers.spawn(tab.linkedBrowser, [], disconnectEndpointFailure);
    225 
    226  let registered = {};
    227  let allowLogout = {};
    228  IdentityCredentialStorageService.getState(
    229    rpPrincipal,
    230    idpPrincipal,
    231    "disconnected",
    232    registered,
    233    allowLogout
    234  );
    235  Assert.ok(!registered.value, "Should be unregistered by disconnect.");
    236  IdentityCredentialStorageService.getState(
    237    rpPrincipal,
    238    idpPrincipal,
    239    "not_still_connected",
    240    registered,
    241    allowLogout
    242  );
    243  Assert.ok(
    244    !registered.value,
    245    "Should not be still registered because disconnect failed."
    246  );
    247 
    248  // Close tabs.
    249  await BrowserTestUtils.removeTab(tab);
    250  await SpecialPowers.popPrefEnv();
    251 });
    252 
    253 add_task(async function test_nothing_on_manifest_failure() {
    254  await SpecialPowers.pushPrefEnv({
    255    set: [
    256      [
    257        "dom.security.credentialmanagement.identity.select_first_in_ui_lists",
    258        true,
    259      ],
    260      [
    261        "dom.security.credentialmanagement.identity.reject_delay.enabled",
    262        false,
    263      ],
    264    ],
    265  });
    266 
    267  const idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
    268    Services.io.newURI("https://example.net"),
    269    {}
    270  );
    271  const rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
    272    Services.io.newURI("https://example.com"),
    273    {}
    274  );
    275 
    276  // Set two accounts as registered
    277  this.IdentityCredentialStorageService.setState(
    278    rpPrincipal,
    279    idpPrincipal,
    280    "connected",
    281    true,
    282    false
    283  );
    284 
    285  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
    286 
    287  await SpecialPowers.spawn(tab.linkedBrowser, [], disconnectManifestFailure);
    288 
    289  let registered = {};
    290  let allowLogout = {};
    291  IdentityCredentialStorageService.getState(
    292    rpPrincipal,
    293    idpPrincipal,
    294    "connected",
    295    registered,
    296    allowLogout
    297  );
    298  Assert.ok(
    299    registered.value,
    300    "Should be registered because the disconnect failed finding a manifest"
    301  );
    302 
    303  // Close tabs.
    304  await BrowserTestUtils.removeTab(tab);
    305  await SpecialPowers.popPrefEnv();
    306 });
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE