[FedCM] Make revoke test do actual network requests

Instead of using a mojo mock. This tests a lot more of our code.

Bug: 1309251
Change-Id: I079cbbf962ed8b95870bd51fdff35f6f37ca3974
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3680732
Commit-Queue: Christian Biesinger <[email protected]>
Reviewed-by: Yi Gu <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1011646}

credential-management/fedcm-revoke.https.html → credential-management/fedcm-revoke.sub.https.html

@@ -2,16 +2,17 @@
 <meta charset="utf-8">
 <title>FederatedCredential.revoke() promise resolution</title>
 <link rel="author" title="Christian Biesinger" href="mailto:[email protected]">
-<link rel="help" href="https://wicg.github.io/FedCM/#browser-api-revocation">
+<link rel="help" href="https://fedidcg.github.io/FedCM/#browser-api-revocation">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 
 <script type="module">
-  import {fedcm_test} from './support/fedcm-helper.js';
+  import {set_fedcm_cookie} from './support/fedcm-helper.js';
+  const url_prefix = 'https://{{host}}:{{ports[https][0]}}/credential-management/support/';
 
   async function getCredential(provider_url) {
     const provider = {
-      url: provider_url || "https://idp.example/",
+      url: provider_url || url_prefix,
       clientId: "1234",
     };
     return await navigator.credentials.get({
@@ -21,24 +22,34 @@
     });
   }
 
-  fedcm_test(async (t, mock) => {
-    mock.revokeReturn("kSuccess");
-    await (await getCredential()).revoke("[email protected]");
+  promise_test(async t => {
+    await set_fedcm_cookie();
+    await (await getCredential()).login({nonce: '1'});
+    await (await getCredential()).revoke("1234");
+
+    // Second revoke should now fail since the first revoke should revoke
+    // the permission.
+    const result = (await getCredential()).revoke("1234");
+    return promise_rejects_dom(t, "NetworkError", result);
   }, "Successfully revoking a token should resolve the promise.");
 
-  fedcm_test(async (t, mock) => {
-    mock.revokeReturn("kError");
-    const result = (await getCredential()).revoke("[email protected]");
+  promise_test(async t => {
+    // Have to first login or the request will be rejected before it reaches
+    // the server.
+    await set_fedcm_cookie();
+    await (await getCredential()).login({nonce: '1'});
+    await (await getCredential()).revoke("1234");
+
+    const result = (await getCredential()).revoke("fail");
     return promise_rejects_dom(t, "NetworkError", result);
   }, "Error should reject the promise.");
 
-  fedcm_test(async (t, mock) => {
-    mock.revokeReturn("kError");
+  promise_test(async t => {
     const result = (await getCredential()).revoke("");
     return promise_rejects_dom(t, "InvalidStateError", result);
   }, "Empty hint should reject the promise.");
 
-  fedcm_test(async (t, mock) => {
+  promise_test(async t => {
     const result = getCredential("https://other-idp.example/").then((c) => c.revoke("[email protected]"));
     return promise_rejects_dom(t, "NetworkError", result);
   }, "Provider URL should honor Content-Security-Policy.");

credential-management/fedcm-revoke.sub.https.html.sub.headers

@@ -0,0 +1 @@
+Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; connect-src https://{{host}}:{{ports[https][0]}}

credential-management/support/revoke.py

@@ -0,0 +1,6 @@
+def main(request, response):
+  if not b"hint" in request.POST:
+    return (500, [], "Missing hint")
+  if request.POST[b"hint"] == b"fail":
+    return (500, [], "Fail requested")
+  return (204, [], "")