Bug 1885390 [wpt PR 45107] - [FedCM] Enable CORS in ID assertion endpoint, a=testonly

Automatic update from web-platform-tests [FedCM] Enable CORS in ID assertion endpoint I2S: https://groups.google.com/a/chromium.org/g/blink-dev/c/gYoQJsaiD9E Bug: 40284123 Change-Id: I61989f1e7a7578c2f59d87815e3ec2b51b7fc5be Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5370086 Reviewed-by: Nasko Oskov <nasko@chromium.org> Reviewed-by: Christian Dullweber <dullweber@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org> Cr-Commit-Position: refs/heads/main@{#1274203} -- wpt-commits: ee52bda38ec54dd2b716db81963cae68d7f89c80 wpt-pr: 45107
2024-03-19 10:06:28 +00:00 · 2024-03-19 10:06:28 +00:00 · f7389f1ffe
--- a/testing/web-platform/tests/credential-management/support/fedcm/continue_on.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/continue_on.py
@ -7,6 +7,8 @@ def main(request, response):
    return request_error

  response.headers.set(b"Content-Type", b"application/json")
+  response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"Origin"))
+  response.headers.set(b"Access-Control-Allow-Credentials", "true")

  return "{\"continue_on\": \"resolve.html\"}"

--- a/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/request-params-check.py
@ -63,12 +63,16 @@ def accountsCheck(request):
    return (539, [], "Should not have Origin")

 def tokenCheck(request):
-  common_error = commonCheck(request)
+  common_error = commonCheck(request, b"cors")
  if (common_error):
    return common_error
  common_credentialed_error = commonCredentialedRequestCheck(request)
  if (common_credentialed_error):
    return common_credentialed_error
+  # The value of the Sec-Fetch-Site header can vary depending on the IdP origin
+  # but it should not be 'none'.
+  if request.headers.get(b"Sec-Fetch-Site") == b"none":
+    return (538, [], "Wrong Sec-Fetch-Site header")

  post_error = commonPostCheck(request)
  if (post_error):
@ -86,8 +90,9 @@ def revokeCheck(request):
  if (common_error):
    return common_error

-  if request.cookies.get(b"cookie") != b"1":
-    return (537, [], "Missing cookie")
+  common_credentialed_error = commonCredentialedRequestCheck(request)
+  if (common_credentialed_error):
+    return common_credentialed_error
  # The value of the Sec-Fetch-Site header can vary depending on the IdP origin
  # but it should not be 'none'.
  if request.headers.get(b"Sec-Fetch-Site") == b"none":
--- a/testing/web-platform/tests/credential-management/support/fedcm/token_with_account_id.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/token_with_account_id.py
@ -7,6 +7,8 @@ def main(request, response):
    return request_error

  response.headers.set(b"Content-Type", b"application/json")
+  response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"Origin"))
+  response.headers.set(b"Access-Control-Allow-Credentials", "true")

  account_id = request.POST.get(b"account_id")
  return "{\"token\": \"account_id=" + account_id.decode("utf-8") + "\"}"
--- a/testing/web-platform/tests/credential-management/support/fedcm/token_with_auto_selected_flag.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/token_with_auto_selected_flag.py
@ -7,6 +7,8 @@ def main(request, response):
    return request_error

  response.headers.set(b"Content-Type", b"application/json")
+  response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"Origin"))
+  response.headers.set(b"Access-Control-Allow-Credentials", "true")

  is_auto_selected = request.POST.get(b"is_auto_selected")
  return "{\"token\": \"is_auto_selected=" + is_auto_selected.decode("utf-8") + "\"}"
--- a/testing/web-platform/tests/credential-management/support/fedcm/token_with_http_error.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/token_with_http_error.py
@ -7,6 +7,8 @@ def main(request, response):
    return request_error

  response.headers.set(b"Content-Type", b"application/json")
+  response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"Origin"))
+  response.headers.set(b"Access-Control-Allow-Credentials", "true")
  response.status = (403, b"Forbidden")

  return "{\"token\": \"token\"}"
--- a/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py
+++ b/testing/web-platform/tests/credential-management/support/fedcm/token_with_rp_mode.py
@ -7,6 +7,8 @@ def main(request, response):
    return request_error

  response.headers.set(b"Content-Type", b"application/json")
+  response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"Origin"))
+  response.headers.set(b"Access-Control-Allow-Credentials", "true")

  rp_mode = request.POST.get(b"mode")
  return "{\"token\": \"mode=" + rp_mode.decode("utf-8") + "\"}"