tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

fedcm-userinfo.https.html (2873B)

      1 <!DOCTYPE html>
      2 <title>Federated Credential Management API getUserInfo() tests.</title>
      3 <meta name="timeout" content="long">
      4 <link rel="help" href="https://fedidcg.github.io/FedCM">
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 <script src="/resources/testdriver.js"></script>
      8 <script src="/resources/testdriver-vendor.js"></script>
      9 
     10 <body>
     11 
     12 <script type="module">
     13 import {alt_manifest_origin,
     14        alt_request_options_with_mediation_required,
     15        fedcm_test,
     16        fedcm_get_and_select_first_account} from './support/fedcm-helper.sub.js';
     17 
     18 async function createIframeWithPermissionPolicyAndWaitForMessage(test, iframeUrl) {
     19    const messageWatcher = new EventWatcher(test, window, "message");
     20    let iframe = document.createElement("iframe");
     21    iframe.src = iframeUrl;
     22    iframe.allow = "identity-credentials-get";
     23    document.body.appendChild(iframe);
     24    let message = null;
     25    // Ignore internal "testdriver-complete" messages.
     26    do {
     27        message = await messageWatcher.wait_for("message");
     28    } while (!("result" in message.data));
     29    return message.data;
     30 }
     31 
     32 fedcm_test(async t => {
     33  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     34  assert_equals(cred.token, "token");
     35 
     36  const iframe_in_idp_scope = `${alt_manifest_origin}/\
     37 fedcm/support/fedcm/userinfo-iframe.html`;
     38  const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
     39  assert_equals(message.result, "Pass");
     40  assert_equals(message.numAccounts, 1);
     41  assert_equals(message.firstAccountEmail, "john_doe@idp.example");
     42  assert_equals(message.firstAccountName, "John Doe");
     43  assert_equals(message.firstAccountGivenName, "John");
     44  assert_equals(message.firstAccountPicture, "https://localhost/profile/123");
     45 }, 'Test basic User Info API flow');
     46 
     47 fedcm_test(async t => {
     48  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     49  assert_equals(cred.token, "token");
     50 
     51  const iframe_in_idp_scope = `support/fedcm/userinfo-iframe.html`;
     52  const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
     53  assert_equals(message.result, "Fail");
     54 }, 'Test that User Info API only works when invoked from iframe that is same origin as the IDP');
     55 
     56 fedcm_test(async t => {
     57  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
     58  assert_equals(cred.token, "token");
     59 
     60  const manifest_path = `${alt_manifest_origin}/\
     61 fedcm/support/fedcm/manifest.py`;
     62  await promise_rejects_dom(t, 'InvalidStateError',
     63    IdentityProvider.getUserInfo({
     64      configURL: manifest_path,
     65      // Approved client
     66      clientId: '123',
     67    }))
     68 }, 'Test that User Info API does not work in the top frame');
     69 
     70 </script>