test_webauthn_authenticator_selection.html (5087B)
1 <!DOCTYPE html> 2 <meta charset=utf-8> 3 <head> 4 <title>W3C Web Authentication - Authenticator Selection Criteria</title> 5 <script src="/tests/SimpleTest/SimpleTest.js"></script> 6 <script type="text/javascript" src="u2futil.js"></script> 7 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> 8 </head> 9 <body> 10 11 <h1>W3C Web Authentication - Authenticator Selection Criteria</h1> 12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1406462">Mozilla Bug 1406462</a> 13 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1406467">Mozilla Bug 1406467</a> 14 15 <script class="testbody" type="text/javascript"> 16 "use strict"; 17 18 add_task(async () => { 19 await addVirtualAuthenticator(); 20 }); 21 22 function arrivingHereIsGood(aResult) { 23 ok(true, "Good result! Received a: " + aResult); 24 } 25 26 function arrivingHereIsBad(aResult) { 27 ok(false, "Bad result! Received a: " + aResult); 28 } 29 30 function expectNotAllowedError(aResult) { 31 ok(aResult.toString().startsWith("NotAllowedError"), "Expecting a NotAllowedError, got " + aResult); 32 } 33 34 // We store the credential of the first successful make credential 35 // operation so we can use it for get assertion tests later. 36 let gCredential; 37 38 // Start a new MakeCredential() request. 39 function requestMakeCredential(authenticatorSelection) { 40 let publicKey = { 41 rp: {id: document.domain, name: "none"}, 42 user: {id: new Uint8Array(), name: "none", displayName: "none"}, 43 challenge: crypto.getRandomValues(new Uint8Array(16)), 44 timeout: 5000, // the minimum timeout is actually 15 seconds 45 pubKeyCredParams: [{type: "public-key", alg: cose_alg_ECDSA_w_SHA256}], 46 authenticatorSelection, 47 }; 48 49 return navigator.credentials.create({publicKey}); 50 } 51 52 // Start a new GetAssertion() request. 53 function requestGetAssertion(userVerification) { 54 let newCredential = { 55 type: "public-key", 56 id: gCredential, 57 transports: ["usb"], 58 }; 59 60 let publicKey = { 61 challenge: crypto.getRandomValues(new Uint8Array(16)), 62 timeout: 5000, // the minimum timeout is actually 15 seconds 63 rpId: document.domain, 64 allowCredentials: [newCredential] 65 }; 66 67 if (userVerification) { 68 publicKey.userVerification = userVerification; 69 } 70 71 return navigator.credentials.get({publicKey}); 72 } 73 74 // Test success cases for make credential. 75 add_task(async function test_make_credential_successes() { 76 // No selection criteria. 77 await requestMakeCredential({}) 78 // Save the credential so we can use it for sign success tests. 79 .then(res => gCredential = res.rawId) 80 .then(arrivingHereIsGood) 81 .catch(arrivingHereIsBad); 82 83 // Request a cross-platform authenticator. 84 await requestMakeCredential({authenticatorAttachment: "cross-platform"}) 85 .then(arrivingHereIsGood) 86 .catch(arrivingHereIsBad); 87 88 // Require a resident key. 89 await requestMakeCredential({requireResidentKey: true}) 90 .then(arrivingHereIsGood) 91 .catch(arrivingHereIsBad); 92 93 // Don't require a resident key. 94 await requestMakeCredential({requireResidentKey: false}) 95 .then(arrivingHereIsGood) 96 .catch(arrivingHereIsBad); 97 98 // Require user verification. 99 await requestMakeCredential({userVerification: "required"}) 100 .then(arrivingHereIsGood) 101 .catch(arrivingHereIsBad); 102 103 // Prefer user verification. 104 await requestMakeCredential({userVerification: "preferred"}) 105 .then(arrivingHereIsGood) 106 .catch(arrivingHereIsBad); 107 108 // Discourage user verification. 109 await requestMakeCredential({userVerification: "discouraged"}) 110 .then(arrivingHereIsGood) 111 .catch(arrivingHereIsBad); 112 }); 113 114 // Test success cases for get assertion. 115 add_task(async function test_get_assertion_successes() { 116 // No selection criteria. 117 await requestGetAssertion() 118 .then(arrivingHereIsGood) 119 .catch(arrivingHereIsBad); 120 121 // Require user verification. 122 await requestGetAssertion("required") 123 .then(arrivingHereIsGood) 124 .catch(arrivingHereIsBad); 125 126 // Prefer user verification. 127 await requestGetAssertion("preferred") 128 .then(arrivingHereIsGood) 129 .catch(arrivingHereIsBad); 130 131 // Discourage user verification. 132 await requestGetAssertion("discouraged") 133 .then(arrivingHereIsGood) 134 .catch(arrivingHereIsBad); 135 }); 136 137 // Test failure cases for make credential. 138 add_task(async function test_make_credential_failures() { 139 // Request a platform authenticator. 140 await requestMakeCredential({authenticatorAttachment: "platform"}) 141 .then(arrivingHereIsBad) 142 .catch(expectNotAllowedError); 143 }); 144 145 // Test failure cases for get assertion. 146 add_task(async function test_get_assertion_failures() { 147 // No failures currently tested 148 }); 149 </script> 150 151 </body> 152 </html>