Bug 1420906 - Add override/cancellation/tab switch tests for U2F API r=jcj

Reviewers: jcj Reviewed By: jcj Bug #: 1420906 Differential Revision: https://phabricator.services.mozilla.com/D290
2017-11-28 10:08:49 +01:00 · 2017-11-28 10:08:49 +01:00 · 38fb49445f
--- a/dom/u2f/moz.build
+++ b/dom/u2f/moz.build
@ -34,3 +34,4 @@ LOCAL_INCLUDES += [
 ]

 MOCHITEST_MANIFESTS += ['tests/mochitest.ini']
+BROWSER_CHROME_MANIFESTS += ['tests/browser/browser.ini']
--- a/dom/u2f/tests/browser/browser.ini
+++ b/dom/u2f/tests/browser/browser.ini
@ -0,0 +1,6 @@
+[DEFAULT]
+support-files =
+  tab_u2f_result.html
+skip-if = !e10s
+
+[browser_abort_visibility.js]
--- a/dom/u2f/tests/browser/browser_abort_visibility.js
+++ b/dom/u2f/tests/browser/browser_abort_visibility.js
@ -0,0 +1,117 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+const TEST_URL = "https://example.com/browser/dom/u2f/tests/browser/tab_u2f_result.html";
+
+function bytesToBase64(u8a){
+  let CHUNK_SZ = 0x8000;
+  let c = [];
+  for (let i = 0; i < u8a.length; i += CHUNK_SZ) {
+    c.push(String.fromCharCode.apply(null, u8a.subarray(i, i + CHUNK_SZ)));
+  }
+  return window.btoa(c.join(""));
+}
+
+function bytesToBase64UrlSafe(buf) {
+  return bytesToBase64(buf)
+                 .replace(/\+/g, "-")
+                 .replace(/\//g, "_")
+                 .replace(/=/g, "");
+}
+
+async function assertStatus(tab, expected) {
+  let actual = await ContentTask.spawn(tab.linkedBrowser, null, async function () {
+    return content.document.getElementById("status").value;
+  });
+  is(actual, expected, "u2f request " + expected);
+}
+
+async function waitForStatus(tab, expected) {
+  await ContentTask.spawn(tab.linkedBrowser, [expected], async function (expected) {
+    return ContentTaskUtils.waitForCondition(() => {
+      return content.document.getElementById("status").value == expected;
+    });
+  });
+
+  await assertStatus(tab, expected);
+}
+
+function startMakeCredentialRequest(tab) {
+  let challenge = crypto.getRandomValues(new Uint8Array(16));
+  challenge = bytesToBase64UrlSafe(challenge);
+
+  return ContentTask.spawn(tab.linkedBrowser, [challenge], async function ([challenge]) {
+    let appId = content.location.origin;
+    let request = {version: "U2F_V2", challenge};
+
+    let status = content.document.getElementById("status");
+
+    content.u2f.register(appId, [request], [], result => {
+      status.value = result.errorCode ? "aborted" : completed;
+    });
+
+    status.value = "pending";
+  });
+}
+
+function startGetAssertionRequest(tab) {
+  let challenge = crypto.getRandomValues(new Uint8Array(16));
+  challenge = bytesToBase64UrlSafe(challenge);
+
+  let keyHandle = crypto.getRandomValues(new Uint8Array(16));
+  keyHandle = bytesToBase64UrlSafe(keyHandle);
+
+  return ContentTask.spawn(tab.linkedBrowser, [challenge, keyHandle], async function ([challenge, keyHandle]) {
+    let appId = content.location.origin;
+    let key = {version: "U2F_V2", keyHandle};
+
+    let status = content.document.getElementById("status");
+
+    content.u2f.sign(appId, challenge, [key], result => {
+      status.value = result.errorCode ? "aborted" : completed;
+    });
+
+    status.value = "pending";
+  });
+}
+
+
+// Test that MakeCredential() and GetAssertion() requests
+// are aborted when the current tab loses its focus.
+add_task(async function test_abort() {
+  // Enable the USB token.
+  Services.prefs.setBoolPref("security.webauth.u2f", true);
+  Services.prefs.setBoolPref("security.webauth.webauthn_enable_softtoken", false);
+  Services.prefs.setBoolPref("security.webauth.webauthn_enable_usbtoken", true);
+
+  // Create a new tab for the MakeCredential() request.
+  let tab_create = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
+
+  // Start the request.
+  await startMakeCredentialRequest(tab_create);
+  await assertStatus(tab_create, "pending");
+
+  // Open another tab and switch to it. The first will lose focus.
+  let tab_get = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
+  await waitForStatus(tab_create, "aborted");
+
+  // Start a GetAssertion() request in the second tab.
+  await startGetAssertionRequest(tab_get);
+  await assertStatus(tab_get, "pending");
+
+  // Switch back to the first tab, the get() request is aborted.
+  await BrowserTestUtils.switchTab(gBrowser, tab_create);
+  await waitForStatus(tab_get, "aborted");
+
+  // Close tabs.
+  await BrowserTestUtils.removeTab(tab_create);
+  await BrowserTestUtils.removeTab(tab_get);
+
+  // Cleanup.
+  Services.prefs.clearUserPref("security.webauth.u2f");
+  Services.prefs.clearUserPref("security.webauth.webauthn_enable_softtoken");
+  Services.prefs.clearUserPref("security.webauth.webauthn_enable_usbtoken");
+});
--- a/dom/u2f/tests/browser/tab_u2f_result.html
+++ b/dom/u2f/tests/browser/tab_u2f_result.html
@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<head>
+  <title>Generic U2F Test Result Page</title>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+<h1>Generic U2F Test Result Page</h1>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1420906">Mozilla Bug 1420906</a>
+<input type="text" id="status" value="init" />
+
+</body>
+</html>
--- a/dom/u2f/tests/frame_override_request.html
+++ b/dom/u2f/tests/frame_override_request.html
@ -0,0 +1,85 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<head>
+  <title>Test for overriding U2F requests</title>
+  <script type="text/javascript" src="frame_utils.js"></script>
+  <script type="text/javascript" src="u2futil.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+  <h1>Test for overriding U2F requests</h1>
+  <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1420906">Mozilla Bug 1420906</a>
+
+  <script class="testbody" type="text/javascript">
+    "use strict";
+
+    // Last request status.
+    let status = "";
+
+    // Start a new MakeCredential() request.
+    async function requestMakeCredential(status_value) {
+      let appId = window.location.origin;
+      let challenge = crypto.getRandomValues(new Uint8Array(16));
+
+      let request = {
+        version: "U2F_V2",
+        challenge: bytesToBase64UrlSafe(challenge),
+      };
+
+      u2f.register(appId, [request], [], result => {
+        local_ok(result.errorCode, "request aborted");
+        status = status_value;
+      });
+
+      // Wait a tick to let the statemachine start.
+      await Promise.resolve();
+    }
+
+    // Start a new GetAssertion() request.
+    async function requestGetAssertion(status_value) {
+      let appId = window.location.origin;
+      let challenge = crypto.getRandomValues(new Uint8Array(16));
+      let keyHandle = crypto.getRandomValues(new Uint8Array(16));
+
+      let key = {
+        version: "U2F_V2",
+        keyHandle: bytesToBase64UrlSafe(keyHandle)
+      };
+
+      u2f.sign(appId, bytesToBase64UrlSafe(challenge), [key], result => {
+        local_ok(result.errorCode, "request aborted");
+        status = status_value;
+      });
+
+      // Wait a tick to let the statemachine start.
+      await Promise.resolve();
+    }
+
+    // Test that .create() and .get() requests override any pending requests.
+    (async function () {
+      // Request a new credential.
+      await requestMakeCredential("aborted1");
+
+      // Request another credential, the first request will abort.
+      await requestMakeCredential("aborted2");
+      local_is(status, "aborted1", "first request aborted");
+
+      // Request an assertion, the second request will abort.
+      await requestGetAssertion("aborted3");
+      local_is(status, "aborted2", "second request aborted");
+
+      // Request another assertion, the third request will abort.
+      await requestGetAssertion("aborted4");
+      local_is(status, "aborted3", "third request aborted");
+
+      // Request another credential, the fourth request will abort.
+      await requestMakeCredential("aborted5");
+      local_is(status, "aborted4", "fourth request aborted");
+
+      local_finished();
+    })();
+  </script>
+
+</body>
+</html>
--- a/dom/u2f/tests/mochitest.ini
+++ b/dom/u2f/tests/mochitest.ini
@ -5,6 +5,7 @@ support-files =
  frame_appid_facet_subdomain.html
  frame_multiple_keys.html
  frame_no_token.html
+  frame_override_request.html
  frame_register.html
  frame_register_sign.html
  frame_utils.js
@ -28,3 +29,4 @@ skip-if = !e10s
 scheme = http
 [test_appid_facet_subdomain.html]
 [test_multiple_keys.html]
+[test_override_request.html]
--- a/dom/u2f/tests/test_override_request.html
+++ b/dom/u2f/tests/test_override_request.html
@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<head>
+  <title>Test for overriding U2F requests</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <script type="text/javascript" src="frame_utils.js"></script>
+  <script type="text/javascript" src="u2futil.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+  <h1>Test for overriding U2F requests</h1>
+  <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1420906">Mozilla Bug 1420906</a>
+
+  <iframe id="testing_frame"></iframe>
+
+  <script class="testbody" type="text/javascript">
+    "use strict";
+
+    SimpleTest.waitForExplicitFinish();
+
+    // Enable USB tokens.
+    SpecialPowers.pushPrefEnv({"set": [
+      ["security.webauth.u2f", true],
+      ["security.webauth.webauthn_enable_softtoken", false],
+      ["security.webauth.webauthn_enable_usbtoken", true],
+    ]}, () => {
+      addEventListener("message", handleEventMessage);
+      document.getElementById("testing_frame").src = "https://example.com/tests/dom/u2f/tests/frame_override_request.html";
+    });
+  </script>
+
+</body>
+</html>