tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

getcredential-extensions.https.html (2994B)

      1 <!DOCTYPE html>
      2 <meta charset="utf-8">
      3 <title>WebAuthn navigator.credentials.get() extensions Tests</title>
      4 <meta name="timeout" content="long">
      5 <link rel="author" title="Adam Powers" href="mailto:adam@fidoalliance.org">
      6 <link rel="help" href="https://w3c.github.io/webauthn/#iface-credential">
      7 <script src="/resources/testharness.js"></script>
      8 <script src="/resources/testharnessreport.js"></script>
      9 <script src="/resources/testdriver.js"></script>
     10 <script src="/resources/testdriver-vendor.js"></script>
     11 <script src=helpers.js></script>
     12 <body></body>
     13 <script>
     14 standardSetup(function() {
     15    "use strict";
     16 
     17    var credPromise = createCredential();
     18    var dummyExtension = {
     19        foo: true,
     20        bar: "yup"
     21    };
     22    var badExtId = {};
     23    badExtId[createRandomString(65)] = dummyExtension;
     24 
     25    // bad extension values
     26    new GetCredentialsTest("options.publicKey.extensions", "hi mom")
     27        .addCredential(credPromise)
     28        .runTest("Bad extensions: extensions is string", TypeError);
     29 
     30    // empty extensions
     31    new GetCredentialsTest("options.publicKey.extensions", null)
     32        .addCredential(credPromise)
     33        .runTest("extensions is null");
     34    new GetCredentialsTest("options.publicKey.extensions", [])
     35        .addCredential(credPromise)
     36        .runTest("extensions is empty Array");
     37    new GetCredentialsTest("options.publicKey.extensions", new ArrayBuffer(0))
     38        .addCredential(credPromise)
     39        .runTest("extensions is empty ArrayBuffer");
     40 
     41    // unknown extensions should be ignored
     42    new GetCredentialsTest("options.publicKey.extensions", {foo: dummyExtension})
     43        .addCredential(credPromise)
     44        .runTest("ignored extension");
     45    new GetCredentialsTest("options.publicKey.extensions", {badExtId: dummyExtension})
     46        .addCredential(credPromise)
     47        .runTest("extension ID too long");
     48 
     49    new GetCredentialsTest("options.publicKey.extensions", {credProps: true})
     50        .addCredential(credPromise)
     51        .runTest("credProps is only supported at registration", "NotSupportedError");
     52 
     53    new GetCredentialsTest("options.publicKey.extensions", {payment: {isPayment:true}})
     54        .addCredential(credPromise)
     55        .runTest("Payment extension is only supported at registration", "NotAllowedError");
     56 
     57    promise_test(async t => {
     58      const id = (await credPromise).rawId;
     59      const assertion = await navigator.credentials.get({publicKey: {
     60        challenge: new Uint8Array(),
     61        allowCredentials: [{
     62          id: id,
     63          type: "public-key",
     64        }],
     65        extensions: {
     66          prf: {
     67            eval: {
     68              first: new Uint8Array([1,2,3,4]).buffer,
     69            },
     70          },
     71        },
     72      }});
     73 
     74      assert_not_own_property(assertion.getClientExtensionResults().prf, 'results');
     75    }, "navigator.credentials.get() with prf requested but no support in authenticator");
     76 });
     77 
     78 /* JSHINT */
     79 /* globals standardSetup, GetCredentialsTest, createRandomString, createCredential */
     80 </script>