Reland "webauthn: move create credential tests for residentKey/credProps to WPT"

This is a reland of ee2f8113

Changes:
 - renamed virtualAuthenticatorTest to virtualAuthenticatorPromiseTest
 - made virtualAuthenticatorPromise test return |testCb()| which fixes
   the race that caused the original change to be reverted.

Original change's description:
> webauthn: move create credential tests for residentKey/credProps to WPT
>
> Bug: 1117630
> Change-Id: I2fa4d73b7a4cfe5e7f19fd835cb32e1bb4926d2f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2508878
> Reviewed-by: Nina Satragno <nsatragno@chromium.org>
> Commit-Queue: Martin Kreichgauer <martinkr@google.com>
> Cr-Commit-Position: refs/heads/master@{#825930}

Bug: 1117630
Cq-Include-Trybots: luci.chromium.try:linux-wpt-identity-fyi-rel
Change-Id: I08cb469ab937a704c23da30b7120374d31ecbff5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2548299
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
Reviewed-by: Nina Satragno <nsatragno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#829793}

third_party/blink/web_tests/http/tests/credentialmanager/credentialscontainer-create-with-resident-keys.html → third_party/blink/web_tests/external/wpt/webauthn/createcredential-resident-key.https.html

 <!DOCTYPE html>
-<title>Credential Manager: End-to-end tests for create(), exercising creation of resident keys on virtual authenticators.</title>
-<script src="../resources/testharness.js"></script>
-<script src="../resources/testharnessreport.js"></script>
-<body>
-<script type="module">
-import {authenticatorSetup, deepCopy, MAKE_CREDENTIAL_OPTIONS} from './resources/test-inputs.js';
-import {TestAuthenticatorManager} from './resources/virtual-navigator-credentials.js';
-import {ClientToAuthenticatorProtocol, Ctap2Version} from '/gen/third_party/blink/public/mojom/webauthn/virtual_authenticator.mojom.m.js';
-
-if (document.location.host != "subdomain.example.test:8443") {
-  document.location = "https://subdomain.example.test:8443/credentialmanager/credentialscontainer-create-with-resident-keys.html";
-  promise_test(_ => new Promise(_ => {}), "Stall tests on the wrong host.");
-}
+<html>
+<head>
+<meta charset="utf-8">
+<title>navigator.credentials.create() test with residentKey and credProps</title>
+<meta name="timeout" content="long">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<script src=helpers.js></script>
+<script>
 
+"use strict";
 const credPropsTests = [
   {
     name: "U2F",
     authenticatorArgs: {
-      protocol: ClientToAuthenticatorProtocol.U2F,
+      protocol: "ctap1/u2f",
     },
     expected: {
       discouraged: {
@@ -38,9 +37,10 @@ const credPropsTests = [
   {
     name: "CTAP 2.0 without resident key support",
     authenticatorArgs: {
-      protocol: ClientToAuthenticatorProtocol.CTAP2,
-      ctap2Version: Ctap2Version.CTAP2_0,
+      protocol: "ctap2",
       hasResidentKey: false,
+      hasUserVerification: true,
+      isUserVerified: true,
     },
     expected: {
       discouraged: {
@@ -61,14 +61,16 @@ const credPropsTests = [
   {
     name: "CTAP 2.0 with resident key support",
     authenticatorArgs: {
-      protocol: ClientToAuthenticatorProtocol.CTAP2,
-      ctap2Version: Ctap2Version.CTAP2_0,
+      protocol: "ctap2",
       hasResidentKey: true,
+      hasUserVerification: true,
+      isUserVerified: true,
     },
     expected: {
       discouraged: {
         success: true,
-        // CTAP2.0 authenticators may treat all credentials as discoverable, thus Chrome omits 'rk' in this case.
+        // CTAP2.0 authenticators may treat all credentials as discoverable,
+        // thus Chrome omits 'rk' in this case.
         hasRk: false,
       },
       preferred: {
@@ -86,9 +88,10 @@ const credPropsTests = [
   {
     name: "CTAP 2.1 without resident key support",
     authenticatorArgs: {
-      protocol: ClientToAuthenticatorProtocol.CTAP2,
-      ctap2Version: Ctap2Version.CTAP2_1,
+      protocol: "ctap2_1",
       hasResidentKey: false,
+      hasUserVerification: true,
+      isUserVerified: true,
     },
     expected: {
       discouraged: {
@@ -109,9 +112,10 @@ const credPropsTests = [
   {
     name: "CTAP 2.1 with resident key support",
     authenticatorArgs: {
-      protocol: ClientToAuthenticatorProtocol.CTAP2,
-      ctap2Version: Ctap2Version.CTAP2_1,
+      protocol: "ctap2_1",
       hasResidentKey: true,
+      hasUserVerification: true,
+      isUserVerified: true,
     },
     expected: {
       discouraged: {
@@ -133,16 +137,21 @@ const credPropsTests = [
   },
 ];
 
-const manager = new TestAuthenticatorManager;
 for (const fixture of credPropsTests) {
-  authenticatorSetup(manager, fixture.name, () => {
   for (const rkRequirement of ["discouraged", "preferred", "required"]) {
-      promise_test(async t => {
-        var customMakeCredOptions = deepCopy(MAKE_CREDENTIAL_OPTIONS);
-        customMakeCredOptions.extensions = {credProps: true};
-
-        customMakeCredOptions.authenticatorSelection.residentKey = rkRequirement;
-        const promise = navigator.credentials.create({publicKey: customMakeCredOptions});
+    virtualAuthenticatorPromiseTest(async t => {
+      const promise = createCredential({
+        options: {
+          publicKey: {
+            authenticatorSelection: {
+              residentKey: rkRequirement,
+            },
+            extensions: {
+              credProps: true,
+            },
+          },
+        },
+      });
 
       assert_true(rkRequirement in fixture.expected);
       const expected = fixture.expected[rkRequirement];
@@ -158,9 +167,12 @@ for (const fixture of credPropsTests) {
       if (expected.hasRk) {
         assert_equals(credProps.rk, expected.rk, "rk");
       }
-      }, fixture.name + ": navigator.credentials.create() with credProps extension, rk=" + rkRequirement);
+    }, fixture.authenticatorArgs, fixture.name
+        + ": navigator.credentials.create() with credProps extension, rk="
+        + rkRequirement);
   }
-  }, fixture.authenticatorArgs);
 }
-
 </script>
+</head>
+<body></body>
+</html>

third_party/blink/web_tests/external/wpt/webauthn/helpers.js

@@ -550,24 +550,32 @@ function validateAuthenticatorAssertionResponse(assert) {
     // TODO: parseAuthenticatorData() and make sure flags are correct
 }
 
-function standardSetup(cb, options = {}) {
-    // Setup an automated testing environment if available.
-    let authenticatorArgs = {
-        protocol: "ctap1/u2f",
-        transport: "usb",
+function defaultAuthenticatorArgs() {
+  return {
+    protocol: 'ctap1/u2f',
+    transport: 'usb',
     hasResidentKey: false,
     hasUserVerification: false,
     isUserVerified: false,
   };
-    extendObject(authenticatorArgs, options);
-    window.test_driver.add_virtual_authenticator(authenticatorArgs).then(authenticator => {
+}
+
+function standardSetup(cb, options = {}) {
+  // Setup an automated testing environment if available.
+  let authenticatorArgs = Object.assign(defaultAuthenticatorArgs(), options);
+  window.test_driver.add_virtual_authenticator(authenticatorArgs)
+      .then(authenticator => {
         cb();
         // XXX add a subtest to clean up the virtual authenticator since
         // testharness does not support waiting for promises on cleanup.
-        promise_test(() => window.test_driver.remove_virtual_authenticator(authenticator),
-                     "Clean up the test environment");
-    }).catch(error => {
-        if (error !== "error: Action add_virtual_authenticator not implemented") {
+        promise_test(
+            () =>
+                window.test_driver.remove_virtual_authenticator(authenticator),
+            'Clean up the test environment');
+      })
+      .catch(error => {
+        if (error !==
+            'error: Action add_virtual_authenticator not implemented') {
           throw error;
         }
         // The protocol is not available. Continue manually.
@@ -575,6 +583,24 @@ function standardSetup(cb, options = {}) {
       });
 }
 
-/* JSHINT */
-/* globals promise_rejects_dom, promise_rejects_js, assert_class_string, assert_equals, assert_idl_attribute, assert_readonly, promise_test */
-/* exported standardSetup, CreateCredentialsTest, GetCredentialsTest */
+// virtualAuthenticatorPromiseTest runs |testCb| in a promise_test with a
+// virtual authenticator set up before and destroyed after the test, if the
+// virtual testing API is available. In manual tests, setup and teardown is
+// skipped.
+function virtualAuthenticatorPromiseTest(
+    testCb, options = {}, name = 'Virtual Authenticator Test') {
+  let authenticatorArgs = Object.assign(defaultAuthenticatorArgs(), options);
+  promise_test(async t => {
+    try {
+      let authenticator =
+          await window.test_driver.add_virtual_authenticator(authenticatorArgs);
+      t.add_cleanup(
+          () => window.test_driver.remove_virtual_authenticator(authenticator));
+    } catch (error) {
+      if (error !== 'error: Action add_virtual_authenticator not implemented') {
+        throw error;
+      }
+    }
+    return testCb(t);
+  }, name);
+}