tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

createcredential-badargs-authnrselection.https.html (3168B)

      1 <!DOCTYPE html>
      2 <meta charset="utf-8">
      3 <title>WebAuthn navigator.credentials.create() authenticator selection Tests</title>
      4 <meta name="timeout" content="long">
      5 <link rel="author" title="Adam Powers" href="mailto:adam@fidoalliance.org">
      6 <link rel="help" href="https://w3c.github.io/webauthn/#iface-credential">
      7 <script src="/resources/testharness.js"></script>
      8 <script src="/resources/testharnessreport.js"></script>
      9 <script src="/resources/testdriver.js"></script>
     10 <script src="/resources/testdriver-vendor.js"></script>
     11 <script src=helpers.js></script>
     12 <body></body>
     13 <script>
     14 standardSetup(function() {
     15    "use strict";
     16 
     17    var defaultAuthnrSel = {
     18        authenticatorAttachment: "cross-platform",
     19        requireResidentKey: false,
     20        userVerification: "preferred"
     21    };
     22    // attachment
     23    var authnrSelAttachPlatform = cloneObject(defaultAuthnrSel);
     24    authnrSelAttachPlatform.authenticatorAttachment = "platform";
     25    // resident key
     26    var authnrSelRkTrue = cloneObject(defaultAuthnrSel);
     27    authnrSelRkTrue.requireResidentKey = true;
     28    var authnrSelRkBadString = cloneObject(defaultAuthnrSel);
     29    authnrSelRkBadString.requireResidentKey = "foo";
     30    // user verification
     31    var authnrSelUvRequired = cloneObject(defaultAuthnrSel);
     32    authnrSelUvRequired.userVerification = "required";
     33 
     34    // authenticatorSelection bad values
     35    new CreateCredentialsTest("options.publicKey.authenticatorSelection", "").runTest("Bad AuthenticatorSelectionCriteria: authenticatorSelection is empty string", TypeError);
     36    new CreateCredentialsTest("options.publicKey.authenticatorSelection", "none").runTest("Bad AuthenticatorSelectionCriteria: authenticatorSelection is string", TypeError);
     37 
     38    // authenticatorSelection bad attachment values
     39    // the physically plugged-in or virtual authenticator should be a cross-platform authenticator.
     40    new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelAttachPlatform)
     41      .modify("options.publicKey.timeout", 300)
     42      .runTest("Bad AuthenticatorSelectionCriteria: authenticatorSelection attachment platform", "NotAllowedError");
     43 
     44    // authenticatorSelection bad requireResidentKey values
     45    // the physically plugged-in or virtual authenticator should not support resident keys
     46    new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelRkTrue)
     47      .modify("options.publicKey.timeout", 300)
     48      .runTest("Bad AuthenticatorSelectionCriteria: authenticatorSelection residentKey true", "NotAllowedError");
     49 
     50    // authenticatorSelection bad userVerification values
     51    // the physically plugged-in or virtual authenticator should not support user verification
     52    new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelUvRequired)
     53      // this assertion will time out the test under default parameters since the browser will wait for a platform authenticator
     54      .modify("options.publicKey.timeout", 300)
     55      .runTest("Bad AuthenticatorSelectionCriteria: authenticatorSelection userVerification required", "NotAllowedError");
     56 });
     57 
     58 /* JSHINT */
     59 /* globals standardSetup, CreateCredentialsTest, cloneObject */
     60 </script>