tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

fedcm-disconnect.sub.https.html (4162B)

      1 <!DOCTYPE html>
      2 <title>Federated Credential Management API disconnect() tests.</title>
      3 <meta name="timeout" content="long">
      4 <link rel="help" href="https://fedidcg.github.io/FedCM">
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 <script src="/resources/testdriver.js"></script>
      8 <script src="/resources/testdriver-vendor.js"></script>
      9 
     10 <body>
     11 
     12 <script type="module">
     13 import {fedcm_test,
     14        disconnect_options,
     15        fedcm_get_and_select_first_account,
     16        fedcm_select_account_promise,
     17        request_options_with_mediation_required,
     18        alt_manifest_origin,
     19        alt_request_options_with_mediation_required,
     20        alt_disconnect_options,
     21        set_alt_fedcm_cookie} from './support/fedcm-helper.sub.js';
     22 
     23 fedcm_test(async t => {
     24  // Get at least one connected account that can be disconnected.
     25  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     26  // The IDP implementation will accept any account hint, so this is really testing that the user
     27  // agent eventually stops sending the requests to the IDP.
     28  // This test clears the connection just created above, but it also clears any previously existing
     29  // connected accounts, which helps the logic of the other tests.
     30  return new Promise(async resolve => {
     31    while (true) {
     32      try {
     33        await IdentityCredential.disconnect(alt_disconnect_options("1234"));
     34      } catch(e) {
     35        resolve();
     36        break;
     37      }
     38    }
     39  });
     40 }, "Repeatedly calling disconnect should eventually fail");
     41 
     42 fedcm_test(async t => {
     43  const disconnect = IdentityCredential.disconnect(
     44      alt_disconnect_options("nonExistent"));
     45  return promise_rejects_dom(t, 'NetworkError', disconnect);
     46 }, 'Test that disconnect fails when there is no account to disconnect');
     47 
     48 fedcm_test(async t => {
     49  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     50 
     51  return IdentityCredential.disconnect(alt_disconnect_options("1234"));
     52 }, 'Test that disconnect succeeds when there is an account to disconnect');
     53 
     54 fedcm_test(async t => {
     55  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     56 
     57  await IdentityCredential.disconnect(alt_disconnect_options("1234"));
     58 
     59  const disconnect = IdentityCredential.disconnect(alt_disconnect_options("1234"));
     60  return promise_rejects_dom(t, 'NetworkError', disconnect);
     61 }, 'Test that disconnecting the same account twice results in failure.');
     62 
     63 fedcm_test(async t => {
     64  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     65  // A connected account is guaranteed by the above, and IDP accepts any account hint, so this tests
     66  // that the user agent allows the request to go through to the IDP.
     67  return IdentityCredential.disconnect(alt_disconnect_options("noMatch"));
     68 }, 'Disconnect passing an incorrect ID can still succeed');
     69 
     70 fedcm_test(async t => {
     71  await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     72  await fedcm_get_and_select_first_account(t,
     73      request_options_with_mediation_required());
     74 
     75  // Await the first disconnect since they cannot happen in parallel. Both
     76  // should succeed.
     77  await IdentityCredential.disconnect(disconnect_options("1"));
     78  return IdentityCredential.disconnect(alt_disconnect_options("2"));
     79 }, 'Disconnect is bound to each IDP');
     80 
     81 fedcm_test(async t => {
     82  // Get at least one connected account that can be disconnected.
     83  await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     84 
     85  // Pending get request.
     86  const credentialPromise = navigator.credentials.get(alt_request_options_with_mediation_required());
     87 
     88  // Disconnect the one connected account.
     89  await IdentityCredential.disconnect(alt_disconnect_options("1234"));
     90 
     91  // Select an account to resolve the pending get request.
     92  fedcm_select_account_promise(t, 0);
     93  return credentialPromise;
     94 }, 'Test that disconnect succeeds when there is a pending get request and the get request succeeds after the disconnect');
     95 </script>