DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Mercurial (0d24f14c0847)

VCS Links

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328
<!doctype html>
<meta charset=utf-8>
<title>RTCPeerConnection.prototype.peerIdentity</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="identity-helper.sub.js"></script>
<script>
  'use strict';

  // Test is based on the following editor draft:
  //   https://w3c.github.io/webrtc-identity/identity.html

  // The tests here interacts with the mock identity provider located at
  //   /.well-known/idp-proxy/mock-idp.js

  // The following helper functions are called from identity-helper.sub.js
  //   parseAssertionResult
  //   getIdpDomains
  //   assert_rtcerror_rejection
  //   hostString

  /*
    9.6.  RTCPeerConnection Interface Extensions
      partial interface RTCPeerConnection {
        void               setIdentityProvider(DOMString provider,
                                               optional RTCIdentityProviderOptions options);
        Promise<DOMString> getIdentityAssertion();
        readonly attribute Promise<RTCIdentityAssertion> peerIdentity;
        readonly attribute DOMString?                    idpLoginUrl;
        readonly attribute DOMString?                    idpErrorInfo;
      };

      dictionary RTCIdentityProviderOptions {
        DOMString protocol = "default";
        DOMString usernameHint;
        DOMString peerIdentity;
      };

      [Constructor(DOMString idp, DOMString name)]
      interface RTCIdentityAssertion {
        attribute DOMString idp;
        attribute DOMString name;
      };
   */

  /*
    4.3.2. setRemoteDescription
      If an a=identity attribute is present in the session description, the browser
      validates the identity assertion..

      If the "peerIdentity" configuration is applied to the RTCPeerConnection, this
      establishes a target peer identity of the provided value. Alternatively, if the
      RTCPeerConnection has previously authenticated the identity of the peer (that
      is, there is a current value for peerIdentity ), then this also establishes a
      target peer identity.
   */
  promise_test(async t => {
    const pc1 = new RTCPeerConnection();
    t.add_cleanup(() => pc1.close());
    const pc2 = new RTCPeerConnection();

    t.add_cleanup(() => pc2.close());

    const port = window.location.port;
    const [idpDomain] = getIdpDomains();
    const idpHost = hostString(idpDomain, port);

    pc1.setIdentityProvider(idpHost, {
      protocol: 'mock-idp.js',
      usernameHint: `alice@${idpDomain}`
    });

    const peerIdentity = pc2.peerIdentity;
    await pc2.setRemoteDescription(await pc1.createOffer());
    const { idp, name } = await peerIdentity;
    assert_equals(idp, idpHost, `Expect IdP to be ${idpHost}`);
    assert_equals(name, `alice@${idpDomain}`,
      `Expect validated identity from mock-idp.js to be same as specified in usernameHint`);
  }, 'setRemoteDescription() on offer with a=identity should establish peerIdentity');

  promise_test(async t => {
    const port = window.location.port;
    const [idpDomain] = getIdpDomains();
    const idpHost = hostString(idpDomain, port);

    const pc1 = new RTCPeerConnection();
    t.add_cleanup(() => pc1.close());
    pc1.setIdentityProvider(idpHost, {
      protocol: 'mock-idp.js',
      usernameHint: `doesnt_matter@${idpDomain}`
    });

    const pc2 = new RTCPeerConnection({
      peerIdentity: `bob@${idpDomain}`
    });

    t.add_cleanup(() => pc2.close());

    pc2.setIdentityProvider(idpHost, {
      protocol: 'mock-idp.js',
      usernameHint: `alice@${idpDomain}`
    });

    const offer = await pc1.createOffer();

    await promise_rejects(t, 'OperationError',
      pc2.setRemoteDescription(offer));
    await promise_rejects(t, 'OperationError',
      pc2.peerIdentity);
  }, 'setRemoteDescription() on offer with a=identity that resolve to value different from target peer identity should reject with OperationError');

  /*
    9.4.  Verifying Identity Assertions
      8.  The RTCPeerConnection decodes the contents and validates that it contains a
          fingerprint value for every a=fingerprint attribute in the session description.
          This ensures that the certificate used by the remote peer for communications
          is covered by the identity assertion.

      If identity validation fails, the peerIdentity promise is rejected with a newly
      created OperationError.

      If identity validation fails and there is a target peer identity for the
      RTCPeerConnection, the promise returned by setRemoteDescription MUST be rejected
      with the same DOMException.
   */
  promise_test(t => {
    const port = window.location.port;
    const [idpDomain] = getIdpDomains();
    const idpHost = hostString(idpDomain, port);

    const pc1 = new RTCPeerConnection();
    t.add_cleanup(() => pc1.close());
    const pc2 = new RTCPeerConnection({
      peerIdentity: `alice@${idpDomain}`
    });

    t.add_cleanup(() => pc2.close());

    // Ask mockidp.js to return custom contents in validation result
    pc1.setIdentityProvider(idpHost, {
      protocol: 'mock-idp.js?validatorAction=return-custom-contents&contents=bogus',
      usernameHint: `alice@${idpDomain}`
    });

    const peerIdentityPromise = pc2.peerIdentity;

    return pc1.createOffer()
    .then(offer => Promise.all([
      promise_rejects(t, 'IdpError',
        pc2.setRemoteDescription(offer)),
      promise_rejects(t, 'OperationError',
        peerIdentityPromise)
    ]));
  }, 'setRemoteDescription() with peerIdentity set and with IdP proxy that return validationAssertion with mismatch contents should reject with OperationError');

  /*
    9.4.  Verifying Identity Assertions
      9.  The RTCPeerConnection validates that the domain portion of the identity matches
          the domain of the IdP as described in [RTCWEB-SECURITY-ARCH]. If this check
          fails then the identity validation fails.
   */
  promise_test(t => {
    const port = window.location.port;
    const [idpDomain1, idpDomain2] = getIdpDomains();
    assert_not_equals(idpDomain1, idpDomain2,
      'Sanity check two idpDomains are different');

    const idpHost1 = hostString(idpDomain1, port);

    const pc1 = new RTCPeerConnection();
    t.add_cleanup(() => pc1.close());
    const pc2 = new RTCPeerConnection({
      peerIdentity: `alice@${idpDomain2}`
    });

    t.add_cleanup(() => pc2.close());

    // mock-idp.js will return assertion of domain2 identity
    // with domain1 in the idp.domain field
    pc1.setIdentityProvider(idpHost1, {
      protocol: 'mock-idp.js',
      usernameHint: `alice@${idpDomain2}`
    });

    return pc1.getIdentityAssertion()
    .then(assertionResultStr => {
      const { idp, assertion } = parseAssertionResult(assertionResultStr);

      assert_equals(idp.domain, idpHost1,
        'Sanity check domain of assertion is host1');

      assert_equals(assertion.args.options.usernameHint, `alice@${idpDomain2}`,
        'Sanity check domain1 is going to validate a domain2 identity');

      return pc1.createOffer();
    })
    .then(offer => Promise.all([
      promise_rejects(t, 'OperationError',
        pc2.setRemoteDescription(offer)),
      promise_rejects(t, 'OperationError',
        pc2.peerIdentity)
    ]));
  }, 'setRemoteDescription() and peerIdentity should reject with OperationError if IdP return validated identity that is different from its own domain');

  /*
    9.4 Verifying Identity Assertions
      If identity validation fails and there is a target peer identity for the
      RTCPeerConnection, the promise returned by setRemoteDescription MUST be rejected
      with the same DOMException.

    9.5 IdP Error Handling
      - If an identity provider throws an exception or returns a promise that is ultimately
        rejected, then the procedure that depends on the IdP MUST also fail. These types of
        errors will cause an IdP failure with an RTCError with errorDetail set to
        "idp-execution-failure".

      Any error generated by the IdP MAY provide additional information in the
      idpErrorInfo attribute. The information in this string is defined by the
      IdP in use.
   */
  promise_test(t => {
    const port = window.location.port;
    const [idpDomain] = getIdpDomains();
    const idpHost = hostString(idpDomain, port);

    const pc1 = new RTCPeerConnection();
    t.add_cleanup(() => pc1.close());
    const pc2 = new RTCPeerConnection({
      peerIdentity: `alice@${idpDomain}`
    });

    t.add_cleanup(() => pc2.close());

    // Ask mock-idp.js to throw error during validation,
    // i.e. during pc2.setRemoteDescription()
    pc1.setIdentityProvider(idpHost, {
      protocol: 'mock-idp.js?validatorAction=throw-error&errorInfo=bar',
      usernameHint: `alice@${idpDomain}`
    });

    return pc1.createOffer()
    .then(offer => Promise.all([
      assert_rtcerror_rejection('idp-execution-failure',
        pc2.setRemoteDescription(offer)),
      assert_rtcerror_rejection('idp-execution-failure',
        pc2.peerIdentity)
    ]))
    .then(() => {
      assert_equals(pc2.idpErrorInfo, 'bar',
        'Expect pc2.idpErrorInfo to be set to the err.idpErrorInfo thrown by mock-idp.js');
    });
  }, `When IdP throws error and pc has target peer identity, setRemoteDescription() and peerIdentity rejected with RTCError('idp-execution-error')`);

  /*
    4.3.2. setRemoteDescription
      If there is no target peer identity, then setRemoteDescription does not await the
      completion of identity validation.

    9.5.  IdP Error Handling
      - If an identity provider throws an exception or returns a promise that is
        ultimately rejected, then the procedure that depends on the IdP MUST also fail.
        These types of errors will cause an IdP failure with an RTCError with errorDetail
        set to "idp-execution-failure".

    9.4.  Verifying Identity Assertions
      If identity validation fails and there is no a target peer identity, the value of
      the peerIdentity MUST be set to a new, unresolved promise instance. This permits
      the use of renegotiation (or a subsequent answer, if the session description was
      a provisional answer) to resolve or reject the identity.
   */
  promise_test(t => {
    const pc1 = new RTCPeerConnection();
    t.add_cleanup(() => pc1.close());
    const pc2 = new RTCPeerConnection();

    t.add_cleanup(() => pc2.close());

    const port = window.location.port;
    const [idpDomain] = getIdpDomains();
    const idpHost = hostString(idpDomain, port);

    // Ask mock-idp.js to throw error during validation,
    // i.e. during pc2.setRemoteDescription()
    pc1.setIdentityProvider(idpHost, {
      protocol: 'mock-idp.js?validatorAction=throw-error',
      usernameHint: `alice@${idpDomain}`
    });

    const peerIdentityPromise1 = pc2.peerIdentity;

    return pc1.createOffer()
    .then(offer =>
      // setRemoteDescription should succeed because there is no target peer identity set
      pc2.setRemoteDescription(offer))
    .then(() =>
      assert_rtcerror_rejection('idp-execution-failure',
        peerIdentityPromise1,
        `Expect first peerIdentity promise to be rejected with RTCError('idp-execution-failure')`))
    .then(() => {
      const peerIdentityPromise2 = pc2.peerIdentity;
      assert_not_equals(peerIdentityPromise2, peerIdentityPromise1,
        'Expect pc2.peerIdentity to be replaced with a fresh unresolved promise');

      // regenerate an identity assertion with no test option to throw error
      pc1.setIdentityProvider(idpHost, {
        protocol: 'idp-test.js',
        usernameHint: `alice@${idpDomain}`
      });

      return pc1.createOffer()
      .then(offer => pc2.setRemoteDescription(offer))
      .then(peerIdentityPromise2)
      .then(identityAssertion => {
        const { idp, name } = identityAssertion;

        assert_equals(idp, idpDomain,
          `Expect IdP domain to be ${idpDomain}`);

        assert_equals(name, `alice@${idpDomain}`,
          `Expect validated identity to be alice@${idpDomain}`);

        assert_equals(pc2.peeridentity, peerIdentityPromise2,
          'Expect pc2.peerIdentity to stay fixed after identity is validated');
      });
    });
  }, 'IdP failure with no target peer identity should have following setRemoteDescription() succeed and replace pc.peerIdentity with a new promise');

</script>