зеркало из https://github.com/mozilla/gecko-dev.git
91 строка
3.3 KiB
HTML
91 строка
3.3 KiB
HTML
<!DOCTYPE html>
|
|
<meta charset=utf-8>
|
|
<head>
|
|
<title>Test for W3C Web Authentication with no token</title>
|
|
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
|
<script type="text/javascript" src="u2futil.js"></script>
|
|
<script type="text/javascript" src="pkijs/common.js"></script>
|
|
<script type="text/javascript" src="pkijs/asn1.js"></script>
|
|
<script type="text/javascript" src="pkijs/x509_schema.js"></script>
|
|
<script type="text/javascript" src="pkijs/x509_simpl.js"></script>
|
|
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
|
</head>
|
|
<body>
|
|
|
|
<h1>Test for W3C Web Authentication with no token</h1>
|
|
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozilla Bug 1309284</a>
|
|
|
|
<script class="testbody" type="text/javascript">
|
|
"use strict";
|
|
|
|
// Execute the full-scope test
|
|
SimpleTest.waitForExplicitFinish();
|
|
|
|
// Turn off all tokens. This should result in "not allowed" failures
|
|
SpecialPowers.pushPrefEnv({"set": [["security.webauth.webauthn", true],
|
|
["security.webauth.webauthn_enable_softtoken", false],
|
|
["security.webauth.webauthn_enable_usbtoken", false]]},
|
|
function() {
|
|
is(navigator.authentication, undefined, "navigator.authentication does not exist any longer");
|
|
isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist");
|
|
isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist");
|
|
isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist");
|
|
|
|
let credm = navigator.credentials;
|
|
|
|
let credentialChallenge = new Uint8Array(16);
|
|
window.crypto.getRandomValues(credentialChallenge);
|
|
let assertionChallenge = new Uint8Array(16);
|
|
window.crypto.getRandomValues(assertionChallenge);
|
|
let credentialId = new Uint8Array(128);
|
|
window.crypto.getRandomValues(credentialId);
|
|
|
|
testMakeCredential();
|
|
|
|
function testMakeCredential() {
|
|
let rp = {id: document.domain, name: "none", icon: "none"};
|
|
let user = {id: new Uint8Array(), name: "none", icon: "none", displayName: "none"};
|
|
let param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256};
|
|
let makeCredentialOptions = {
|
|
rp: rp, user: user, challenge: credentialChallenge, pubKeyCredParams: [param]
|
|
};
|
|
credm.create({publicKey: makeCredentialOptions})
|
|
.then(function(aResult) {
|
|
ok(false, "Should have failed.");
|
|
testAssertion();
|
|
})
|
|
.catch(function(aReason) {
|
|
ok(aReason.toString().startsWith("NotAllowedError"), aReason);
|
|
testAssertion();
|
|
});
|
|
}
|
|
|
|
function testAssertion() {
|
|
let newCredential = {
|
|
type: "public-key",
|
|
id: credentialId,
|
|
transports: ["usb"],
|
|
}
|
|
let publicKeyCredentialRequestOptions = {
|
|
challenge: assertionChallenge,
|
|
timeout: 5000, // the minimum timeout is actually 15 seconds
|
|
rpId: document.domain,
|
|
allowCredentials: [newCredential]
|
|
};
|
|
credm.get({publicKey: publicKeyCredentialRequestOptions})
|
|
.then(function(aResult) {
|
|
ok(false, "Should have failed.");
|
|
SimpleTest.finish();
|
|
})
|
|
.catch(function(aReason) {
|
|
ok(aReason.toString().startsWith("NotAllowedError"), aReason);
|
|
SimpleTest.finish();
|
|
})
|
|
}
|
|
});
|
|
|
|
</script>
|
|
|
|
</body>
|
|
</html>
|