[WebAuthN] Support CTAP HID authenticators on macOS
[WebKit-https.git] / LayoutTests / http / wpt / webauthn / public-key-credential-create-success-hid.https.html
1 <!DOCTYPE html>
2 <title>Web Authentication API: PublicKeyCredential's [[create]] success cases with a mock hid authenticator.</title>
3 <script src="/resources/testharness.js"></script>
4 <script src="/resources/testharnessreport.js"></script>
5 <script src="./resources/util.js"></script>
6 <script src="./resources/cbor.js"></script>
7 <script>
8     // Default mock configuration. Tests need to override if they need different configuration.
9     if (window.testRunner)
10         testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", payloadBase64: testCreationMessageBase64 } });
11
12     function checkResult(credential)
13     {
14         // Check response
15         assert_array_equals(Base64URL.parse(credential.id), Base64URL.parse(testHidCredentialIdBase64));
16         assert_equals(credential.type, 'public-key');
17         assert_array_equals(new Uint8Array(credential.rawId), Base64URL.parse(testHidCredentialIdBase64));
18         assert_equals(bytesToASCIIString(credential.response.clientDataJSON), '{"type":"webauthn.create","challenge":"MTIzNDU2","origin":"https://localhost:9443","hashAlgorithm":"SHA-256"}');
19         assert_throws("NotSupportedError", () => { credential.getClientExtensionResults() });
20
21         // Check attestation
22         const attestationObject = CBOR.decode(credential.response.attestationObject);
23         assert_equals(attestationObject.fmt, "packed");
24         // Check authData
25         const authData = decodeAuthData(attestationObject.authData, false);
26         assert_equals(bytesToHexString(authData.rpIdHash), "46cc7fb9679d55b2db9092e1c8d9e5e1d02b7580f0b4812c770962e1e48f5ad8");
27         assert_equals(authData.flags, 65);
28         assert_equals(authData.counter, 78);
29         assert_equals(bytesToHexString(authData.aaguid), "f8a011f38c0a4d15800617111f9edc7d");
30         assert_array_equals(authData.credentialID, Base64URL.parse(testHidCredentialIdBase64));
31         // Check packed attestation
32         assert_equals(attestationObject.attStmt.alg, -7);
33         assert_true(checkPublicKey(authData.publicKey));
34         assert_equals(attestationObject.attStmt.x5c.length, 1);
35     }
36
37     promise_test(t => {
38         const options = {
39             publicKey: {
40                 rp: {
41                     name: "localhost",
42                 },
43                 user: {
44                     name: "John Appleseed",
45                     id: Base64URL.parse(testUserhandleBase64),
46                     displayName: "Appleseed",
47                 },
48                 challenge: Base64URL.parse("MTIzNDU2"),
49                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
50             }
51         };
52
53         return navigator.credentials.create(options).then(credential => {
54             checkResult(credential);
55         });
56     }, "PublicKeyCredential's [[create]] with minimum options in a mock local authenticator.");
57
58     promise_test(t => {
59         const options = {
60             publicKey: {
61                 rp: {
62                     name: "localhost",
63                 },
64                 user: {
65                     name: "John Appleseed",
66                     id: Base64URL.parse(testUserhandleBase64),
67                     displayName: "Appleseed",
68                 },
69                 challenge: Base64URL.parse("MTIzNDU2"),
70                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
71                 authenticatorSelection: { authenticatorAttachment: "cross-platform" }
72             }
73         };
74
75         return navigator.credentials.create(options).then(credential => {
76             checkResult(credential);
77         });
78     }, "PublicKeyCredential's [[create]] with authenticatorSelection { 'cross-platform' } in a mock local authenticator.");
79
80     promise_test(t => {
81         const options = {
82             publicKey: {
83                 rp: {
84                     name: "localhost",
85                 },
86                 user: {
87                     name: "John Appleseed",
88                     id: Base64URL.parse(testUserhandleBase64),
89                     displayName: "Appleseed",
90                 },
91                 challenge: Base64URL.parse("MTIzNDU2"),
92                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
93                 authenticatorSelection: { requireResidentKey: false }
94             }
95         };
96
97         return navigator.credentials.create(options).then(credential => {
98             checkResult(credential);
99         });
100     }, "PublicKeyCredential's [[create]] with requireResidentKey { false } in a mock local authenticator.");
101
102     promise_test(t => {
103         const options = {
104             publicKey: {
105                 rp: {
106                     name: "localhost",
107                 },
108                 user: {
109                     name: "John Appleseed",
110                     id: Base64URL.parse(testUserhandleBase64),
111                     displayName: "Appleseed",
112                 },
113                 challenge: Base64URL.parse("MTIzNDU2"),
114                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
115                 authenticatorSelection: { userVerification: "preferred" }
116             }
117         };
118
119         return navigator.credentials.create(options).then(credential => {
120             checkResult(credential);
121         });
122     }, "PublicKeyCredential's [[create]] with userVerification { 'preferred' } in a mock local authenticator.");
123
124     promise_test(t => {
125         const options = {
126             publicKey: {
127                 rp: {
128                     name: "localhost",
129                 },
130                 user: {
131                     name: "John Appleseed",
132                     id: Base64URL.parse(testUserhandleBase64),
133                     displayName: "Appleseed",
134                 },
135                 challenge: Base64URL.parse("MTIzNDU2"),
136                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
137                 authenticatorSelection: { userVerification: "discouraged" }
138             }
139         };
140
141         return navigator.credentials.create(options).then(credential => {
142             checkResult(credential);
143         });
144     }, "PublicKeyCredential's [[create]] with userVerification { 'discouraged' } in a mock local authenticator.");
145
146     promise_test(t => {
147         const options = {
148             publicKey: {
149                 rp: {
150                     name: "localhost",
151                 },
152                 user: {
153                     name: "John Appleseed",
154                     id: Base64URL.parse(testUserhandleBase64),
155                     displayName: "Appleseed",
156                 },
157                 challenge: Base64URL.parse("MTIzNDU2"),
158                 pubKeyCredParams: [{ type: "public-key", alg: -7 }],
159                 authenticatorSelection: { authenticatorAttachment: "cross-platform", requireResidentKey: false, userVerification: "preferred" }
160             }
161         };
162
163         return navigator.credentials.create(options).then(credential => {
164             checkResult(credential);
165         });
166     }, "PublicKeyCredential's [[create]] with mixed options in a mock local authenticator.");
167 </script>