diff --git a/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py b/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py index 303d2efae5f1..83f46d9d68bb 100644 --- a/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py +++ b/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py @@ -1,6 +1,11 @@ def main(request, response): response.status = (200, b"OK") response.headers.set(b"Content-Type", b"text/plain") - hash_list = request.GET.get_list(b"hashes") - response.headers.set(b"Ad-Auction-Result", - b",".join(hash_list)) + if b"hashes" in request.GET: + hash_list = request.GET.get_list(b"hashes") + response.headers.set(b"Ad-Auction-Result", + b",".join(hash_list)) + if b"nonces" in request.GET: + nonce_list = request.GET.get_list(b"nonces") + response.headers.set(b"Ad-Auction-Result-Nonce", + b",".join(nonce_list)) diff --git a/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js b/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js index 0271a1db7b99..a2f90dfdcd25 100644 --- a/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js +++ b/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js @@ -360,6 +360,15 @@ BA.authorizeServerResponseHashes = async function(hashes) { await fetch(authorizeURL, {adAuctionHeaders: true}); }; + + +BA.authorizeServerResponseNonces = async function(nonces) { + let authorizeURL = + new URL('resources/authorize-server-response.py', window.location); + authorizeURL.searchParams.append('nonces', nonces.join(',')); + await fetch(authorizeURL, {adAuctionHeaders: true}); +}; + BA.configureCoordinator = async function() { return 'https://{{hosts[][]}}'; diff --git a/testing/web-platform/tests/fledge/tentative/server-response.https.window.js b/testing/web-platform/tests/fledge/tentative/server-response.https.window.js index 2205500dd5b7..32c51883c92c 100644 --- a/testing/web-platform/tests/fledge/tentative/server-response.https.window.js +++ b/testing/web-platform/tests/fledge/tentative/server-response.https.window.js @@ -1,30 +1,30 @@ -// META: script=/resources/testdriver.js -// META: script=/resources/testdriver-vendor.js -// META: script=/common/utils.js -// META: script=resources/ba-fledge-util.sub.js -// META: script=resources/fledge-util.sub.js -// META: script=third_party/cbor-js/cbor.js -// META: script=/common/subset-tests.js -// META: timeout=long -// META: variant=?1-4 -// META: variant=?5-8 -// META: variant=?9-12 -// META: variant=?13-16 -// META: variant=?17-20 -// META: variant=?21-24 -// META: variant=?25-28 -// META: variant=?29-32 -// META: variant=?33-36 -// META: variant=?37-40 -// META: variant=?41-44 -// META: variant=?45-48 -// META: variant=?49-52 -// META: variant=?53-56 -// META: variant=?57-60 -// META: variant=?61-64 - -// These tests focus on the serverResponse field in AuctionConfig, e.g. -// auctions involving bidding and auction services. + + + + + + + + + + + + + + + + + + + + + + + + + + + subsetTest(promise_test, async test => { const uuid = generateUuid(test); @@ -68,6 +68,86 @@ subsetTest(promise_test, async test => { await waitForObservedRequests(uuid, [adA]); }, 'Basic B&A auction'); +subsetTest(promise_test, async test => { + const uuid = generateUuid(test); + const adA = createTrackerURL(window.location.origin, uuid, 'track_get', 'a'); + const adB = createTrackerURL(window.location.origin, uuid, 'track_get', 'b'); + const adsArray = + [{renderURL: adA, adRenderId: 'a'}, {renderURL: adB, adRenderId: 'b'}]; + await joinInterestGroup(test, uuid, {ads: adsArray}); + + const result = await navigator.getInterestGroupAdAuctionData({ + coordinatorOrigin: await BA.configureCoordinator(), + seller: window.location.origin + }); + assert_true(result.requestId !== null); + assert_true(result.request.length > 0); + + let decoded = await BA.decodeInterestGroupData(result.request); + + let serverResponseMsg = { + 'nonce': uuid, + 'biddingGroups': {}, + 'adRenderURL': adsArray[0].renderURL, + 'interestGroupName': DEFAULT_INTEREST_GROUP_NAME, + 'interestGroupOwner': window.location.origin, + }; + serverResponseMsg.biddingGroups[window.location.origin] = [0]; + + let serverResponse = + await BA.encodeServerResponse(serverResponseMsg, decoded); + + let hashString = await BA.payloadHash(serverResponse); + await BA.authorizeServerResponseNonces([uuid]); + + let auctionResult = await navigator.runAdAuction({ + 'seller': window.location.origin, + 'requestId': result.requestId, + 'serverResponse': serverResponse, + 'resolveToConfig': true, + }); + expectSuccess(auctionResult); + createAndNavigateFencedFrame(test, auctionResult); + await waitForObservedRequests(uuid, [adA]); +}, 'Basic B&A auction - nonces'); + +subsetTest(promise_test, async test => { + const uuid = generateUuid(test); + const adA = createTrackerURL(window.location.origin, uuid, 'track_get', 'a'); + const adB = createTrackerURL(window.location.origin, uuid, 'track_get', 'b'); + const adsArray = + [{renderURL: adA, adRenderId: 'a'}, {renderURL: adB, adRenderId: 'b'}]; + await joinInterestGroup(test, uuid, {ads: adsArray}); + + const result = await navigator.getInterestGroupAdAuctionData({ + coordinatorOrigin: await BA.configureCoordinator(), + seller: window.location.origin + }); + assert_true(result.requestId !== null); + assert_true(result.request.length > 0); + + let decoded = await BA.decodeInterestGroupData(result.request); + + let serverResponseMsg = { + 'biddingGroups': {}, + 'adRenderURL': adsArray[0].renderURL, + 'interestGroupName': DEFAULT_INTEREST_GROUP_NAME, + 'interestGroupOwner': window.location.origin, + }; + serverResponseMsg.biddingGroups[window.location.origin] = [0]; + + let serverResponse = + await BA.encodeServerResponse(serverResponseMsg, decoded); + + let auctionResult = await navigator.runAdAuction({ + 'seller': window.location.origin, + 'requestId': result.requestId, + 'serverResponse': serverResponse, + 'resolveToConfig': true, + }); + expectNoWinner(auctionResult); +}, 'Basic B&A auction - not authorized'); + subsetTest(promise_test, async test => { const uuid = generateUuid(test); const adA = createTrackerURL(window.location.origin, uuid, 'track_get', 'a'); @@ -87,8 +167,8 @@ subsetTest(promise_test, async test => { const trackSeller = createSellerReportURL(uuid); const trackBuyer = createBidderReportURL(uuid); - // This one should still work since the server may have run an auction with - // components on its own. + + const trackComponentSeller = createSellerReportURL(uuid, 'component'); let serverResponseMsg = { 'biddingGroups': {}, @@ -141,8 +221,8 @@ subsetTest(promise_test, async test => { let decoded = await BA.decodeInterestGroupData(result.request); - // The server-side auction uses a bid of 10, for second ad, so it should - // win over the client-side component auctions bid of 9. + + let serverResponseMsg = { 'biddingGroups': {}, 'adRenderURL': adsArray[1].renderURL, @@ -204,11 +284,11 @@ subsetTest(promise_test, async test => { let decoded = await BA.decodeInterestGroupData(result.request); - // The server-side auction uses a bid of 10, for second ad, so it should - // win over the client-side component auctions bid of 9. + + const trackServerSeller = createSellerReportURL(uuid); const trackBuyer = createBidderReportURL(uuid); - // This one shouldn't show up. + const trackTopLevelServerSeller = createSellerReportURL(uuid, 'top'); let serverResponseMsg = { 'biddingGroups': {}, @@ -345,8 +425,8 @@ subsetTest(promise_test, async test => { let serverResponse = await BA.encodeServerResponse(serverResponseMsg, decoded); - // Mess up the array for a bit before computing hash to get the wrong hash, - // then undo. + + serverResponse[0] ^= 0xBE; let hashString = await BA.payloadHash(serverResponse); await BA.authorizeServerResponseHashes([hashString]); @@ -441,8 +521,8 @@ subsetTest(promise_test, async test => { expectNoWinner(auctionResult); }, 'Basic B&A auction - Wrong request Id'); -// Runs responseMutator on a minimal correct server response, and expects -// either success/failure based on expectWin. + + async function testWithMutatedServerResponse( test, expectWin, responseMutator, igMutator = undefined) { const uuid = generateUuid(test); @@ -497,130 +577,130 @@ async function testWithMutatedServerResponse( subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, msg => {msg.error = {}}); + test, false, msg => {msg.error = {}}); }, 'Basic B&A auction - response marked as error'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ true, msg => { + await testWithMutatedServerResponse(test, true, msg => { msg.error = 4; }); }, 'Basic B&A auction - nonsense error field'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.error = {message: 'oh no'}; }); }, 'Basic B&A auction - response marked as error, with message'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.error = {message: {}}; }); }, 'Basic B&A auction - response marked as error, with bad message'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, msg => {msg.isChaff = true}); + test, false, msg => {msg.isChaff = true}); }, 'Basic B&A auction - response marked as chaff'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ true, msg => {msg.isChaff = false}); + test, true, msg => {msg.isChaff = false}); }, 'Basic B&A auction - response marked as non-chaff'); -// Disabled while spec clarifying expected behavior is in-progress. -// -// subsetTest(promise_test, async test => { -// await testWithMutatedServerResponse( -// test, /*expectSuccess=*/ true, msg => {msg.isChaff = 'yes'}); -// }, 'Basic B&A auction - response marked as chaff incorrectly'); + + + + + + subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, + test, false, msg => {msg.topLevelSeller = 'https://example.org/'}); }, 'Basic B&A auction - incorrectly includes topLevelSeller'); -// Disabled while spec clarifying expected behavior is in-progress. -// -// subsetTest(promise_test, async test => { -// await testWithMutatedServerResponse( -// test, /*expectSuccess=*/ true, msg => {msg.topLevelSeller = 1}); -// }, 'Basic B&A auction - non-string top-level seller ignored'); + + + + + + subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, + test, false, msg => {msg.topLevelSeller = 'http://example.org/'}); }, 'Basic B&A auction - http:// topLevelSeller is bad, too'); -// Disabled while spec clarifying expected behavior is in-progress. -// -// subsetTest(promise_test, async test => { -// await testWithMutatedServerResponse( -// test, /*expectSuccess=*/ true, msg => {msg.bid = '10 cents'}); -// }, 'Basic B&A auction - non-number bid is ignored'); + + + + + + subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ true, msg => {msg.bid = 50}); + test, true, msg => {msg.bid = 50}); }, 'Basic B&A auction - positive bid is good'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, msg => {msg.bid = -50}); + test, false, msg => {msg.bid = -50}); }, 'Basic B&A auction - negative bid is bad'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, msg => {msg.bid = 0}); + test, false, msg => {msg.bid = 0}); }, 'Basic B&A auction - zero bid is bad'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, + test, false, msg => {msg.biddingGroups[window.location.origin] = []}); }, 'Basic B&A auction - winning group did not bid'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, + test, false, msg => {msg.biddingGroups[window.location.origin] = [-1, 0]}); }, 'Basic B&A auction - negative bidding group index'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, + test, false, msg => {msg.biddingGroups[window.location.origin] = [0, 1]}); }, 'Basic B&A auction - too large bidding group index'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.interestGroupName += 'not'; }); }, 'Basic B&A auction - wrong IG name'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ false, async msg => { + test, false, async msg => { await leaveInterestGroup(); }); }, 'Basic B&A auction - left IG in the middle'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.adRenderURL += 'not'; }); }, 'Basic B&A auction - ad URL not in ad'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.buyerReportingId = 'bid1'; }); }, 'Basic B&A auction - buyerReportingId not in ad'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ true, msg => { + await testWithMutatedServerResponse(test, true, msg => { msg.buyerReportingId = 'bid1'; }, ig => { ig.ads[0].buyerReportingId = 'bid1'; @@ -629,7 +709,7 @@ subsetTest(promise_test, async test => { }, 'Basic B&A auction - buyerReportingId in ad'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.buyerReportingId = 'bid2'; }, ig => { ig.ads[0].buyerReportingId = 'bid1'; @@ -638,13 +718,13 @@ subsetTest(promise_test, async test => { }, 'Basic B&A auction - buyerReportingId in wrong ad'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.buyerAndSellerReportingId = 'bsid1'; }); }, 'Basic B&A auction - buyerAndSellerReportingId not in ad'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ true, msg => { + await testWithMutatedServerResponse(test, true, msg => { msg.buyerAndSellerReportingId = 'bsid1'; }, ig => { ig.ads[0].buyerAndSellerReportingId = 'bsid1'; @@ -653,7 +733,7 @@ subsetTest(promise_test, async test => { }, 'Basic B&A auction - buyerAndSellerReportingId in ad'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.buyerAndSellerReportingId = 'bsid2'; }, ig => { ig.ads[0].buyerAndSellerReportingId = 'bsid1'; @@ -662,14 +742,14 @@ subsetTest(promise_test, async test => { }, 'Basic B&A auction - buyerAndSellerReportingId in wrong ad'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.components = ["https://example.org"]; }); }, 'Basic B&A auction - ad component URL not in ad'); subsetTest(promise_test, async test => { await testWithMutatedServerResponse( - test, /*expectSuccess=*/ true, + test, true, msg => { msg.components = ['https://example.org']; }, @@ -682,7 +762,7 @@ subsetTest(promise_test, async test => { let savedUuid; let savedExpectUrls; let result = await testWithMutatedServerResponse( - test, /*expectSuccess=*/ true, + test, true, (msg, uuid) => { savedUuid = uuid; msg.components = [ @@ -729,7 +809,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { let savedUuid; let result = await testWithMutatedServerResponse( - test, /*expectWin=*/ true, + test, true, (msg, uuid) => { savedUuid = uuid; msg.winReportingURLs = { @@ -761,8 +841,8 @@ subsetTest(promise_test, async test => { }); createAndNavigateFencedFrame(test, result); - // The script triggers seller and buyer 'click', and seller 'cluck'. - // No tracker for page itself. + + await waitForObservedRequests(savedUuid, [ createBidderBeaconURL(savedUuid, 'i') + ', body: click_body', createSellerBeaconURL(savedUuid, 'i') + ', body: click_body', @@ -771,20 +851,20 @@ subsetTest(promise_test, async test => { }, 'Basic B&A auction --- beacon reporting'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ false, msg => { + await testWithMutatedServerResponse(test, false, msg => { msg.bidCurrency = 'cents'; }); }, 'Basic B&A auction - invalid ad currency'); subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ true, msg => { + await testWithMutatedServerResponse(test, true, msg => { msg.bidCurrency = 'USD'; }); }, 'Basic B&A auction - valid ad currency'); -// Runs whatever is set in `mutators` on a minimal correct hybrid B&A/local -// auction, and expects either the B&A bid or local bid to win depending on -// expectBaWin. + + + async function testHybridAuctionWithMutatedServerResponse( test, expectBaWin, mutators = { responseMutator: undefined, @@ -815,9 +895,9 @@ async function testHybridAuctionWithMutatedServerResponse( let decoded = await BA.decodeInterestGroupData(result.request); - // The server-side auction uses a bid of 10, for second ad, so it should - // win over the client-side component auctions bid of 9 (unless something - // mutators did made the server response unacceptable). + + + let serverResponseMsg = { 'biddingGroups': {}, 'adRenderURL': interestGroup.ads[1].renderURL, @@ -871,7 +951,7 @@ async function testHybridAuctionWithMutatedServerResponse( subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ false, { + test, false, { responseMutator: (response) => { delete response.topLevelSeller; } @@ -880,7 +960,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ false, { + test, false, { responseMutator: (response) => { response.topLevelSeller = 'https://www.example.org/'; } @@ -889,7 +969,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ false, { + test, false, { responseMutator: (response) => { delete response.bid; } @@ -898,7 +978,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ true, { + test, true, { responseMutator: (response) => { response.bidCurrency = 'USD'; } @@ -907,7 +987,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ false, { + test, false, { responseMutator: (response) => { response.bidCurrency = 'USD'; }, @@ -919,7 +999,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ true, { + test, true, { auctionConfigMutator: (auctionConfig) => { auctionConfig.componentAuctions[1].sellerCurrency = 'EUR'; } @@ -928,7 +1008,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ false, { + test, false, { responseMutator: (response) => { response.bidCurrency = 'USD'; }, @@ -941,7 +1021,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ true, { + test, true, { auctionConfigMutator: (auctionConfig) => { auctionConfig.perBuyerCurrencies = {}; auctionConfig.perBuyerCurrencies[window.location.origin] = 'EUR'; @@ -951,7 +1031,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ true, { + test, true, { responseMutator: (response) => { response.bidCurrency = 'USD'; response.bid = 50; @@ -960,8 +1040,8 @@ subsetTest(promise_test, async test => { auctionConfigMutator: (auctionConfig, uuid) => { let trackTopSeller = createSellerReportURL(uuid, 'top'); auctionConfig.decisionLogicURL = createDecisionScriptURL(uuid, { - // Note: this will throw on the local bid as well as an incorrect - // server bid. + + scoreAd: ` let origin = '${window.location.origin}'; if (!(adMetadata instanceof Array) || @@ -987,7 +1067,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ true, { + test, true, { responseMutator: (response) => { response.bidCurrency = 'USD'; response.bid = 50; @@ -1013,7 +1093,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await testHybridAuctionWithMutatedServerResponse( - test, /*expectBaWin=*/ true, { + test, true, { igMutator: (ig, uuid) => { ig.ads[1].renderURL = createRenderURL(uuid, `window.fence.reportEvent({ @@ -1044,8 +1124,8 @@ subsetTest(promise_test, async test => { }; }, expectUrlsMutator: (expectUrls, uuid) => { - // The script triggers seller and buyer 'click', and seller 'clack'. - // No tracker for page itself. + + expectUrls.pop(); expectUrls.push( createBidderBeaconURL(uuid, 'i') + ', body: click_body', @@ -1055,16 +1135,16 @@ subsetTest(promise_test, async test => { }); }, 'Hybrid B&A auction --- beacon reporting'); -///////////////////////////////////////////////////////////////////////////// -// updateIfOlderThanMs tests -// -// NOTE: Due to the lack of mock time in wpt, these test just exercise the code -// paths and ensure that no crash occurs -- they don't otherwise verify -// behavior. -///////////////////////////////////////////////////////////////////////////// + + + + + + + subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ true, msg => { + await testWithMutatedServerResponse(test, true, msg => { msg.updateGroups = {[window.location.origin]: [{index: 2048, updateIfOlderThanMs: 1000}]}; }); @@ -1072,7 +1152,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { - await testWithMutatedServerResponse(test, /*expectSuccess=*/ true, msg => { + await testWithMutatedServerResponse(test, true, msg => { msg.updateGroups = { [window.location.origin]: [ {index: 0, updateIfOlderThanMs: 1000}, @@ -1082,14 +1162,14 @@ subsetTest(promise_test, async test => { }); }, 'Basic B&A auction - updateIfOlderThanMs'); -///////////////////////////////////////////////////////////////////////////// -// -// K-anonymity support tests -// -///////////////////////////////////////////////////////////////////////////// -// Runs responseMutator on a minimal correct server response, and expects -// either success/failure based on expectWin. + + + + + + + async function kAnonTestWithMutatedServerResponse( test, expectWin, responseMutator, igMutator = undefined) { const uuid = generateUuid(test); @@ -1203,7 +1283,7 @@ async function kAnonTestWithMutatedServerResponse( subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ true, (msg, ig, hashes) => { + test, true, (msg, ig, hashes) => { msg.kAnonWinnerJoinCandidates = { adRenderURLHash: hashes.adARenderKAnonKeyHash, reportingIdHash: hashes.adANameReportingIdKAnonKeyHash, @@ -1213,7 +1293,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ false, (msg, ig, hashes) => { + test, false, (msg, ig, hashes) => { msg.kAnonWinnerJoinCandidates = { adRenderURLHash: new Uint8Array(), reportingIdHash: hashes.adANameReportingIdKAnonKeyHash, @@ -1223,7 +1303,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ false, (msg, ig, hashes) => { + test, false, (msg, ig, hashes) => { msg.kAnonWinnerJoinCandidates = { adRenderURLHash: hashes.adARenderKAnonKeyHash, reportingIdHash: new Uint8Array(), @@ -1233,13 +1313,13 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ false, (msg, ig, hashes) => { + test, false, (msg, ig, hashes) => { delete msg.adRenderURL; delete msg.interestGroupName; delete msg.interestGroupOwner; msg.kAnonGhostWinners = [{ kAnonJoinCandidates: { - // missing adRenderURLHash + reportingIdHash: hashes.adANameReportingIdKAnonKeyHash, }, interestGroupIndex: 0, @@ -1250,7 +1330,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ false, (msg, ig, hashes) => { + test, false, (msg, ig, hashes) => { delete msg.adRenderURL; delete msg.interestGroupName; delete msg.interestGroupOwner; @@ -1267,7 +1347,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ false, (msg, ig, hashes) => { + test, false, (msg, ig, hashes) => { delete msg.adRenderURL; delete msg.interestGroupName; delete msg.interestGroupOwner; @@ -1294,7 +1374,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ false, (msg, ig, hashes) => { + test, false, (msg, ig, hashes) => { delete msg.adRenderURL; delete msg.interestGroupName; delete msg.interestGroupOwner; @@ -1309,7 +1389,7 @@ subsetTest(promise_test, async test => { }, { kAnonJoinCandidates: { - // missing adRenderURLHash + reportingIdHash: hashes.adBNameReportingIdKAnonKeyHash, }, interestGroupIndex: 0, @@ -1321,7 +1401,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ true, (msg, ig, hashes) => { + test, true, (msg, ig, hashes) => { msg.kAnonWinnerJoinCandidates = { adRenderURLHash: hashes.adARenderKAnonKeyHash, reportingIdHash: hashes.adANameReportingIdKAnonKeyHash, @@ -1339,7 +1419,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ true, (msg, ig, hashes) => { + test, true, (msg, ig, hashes) => { msg.kAnonWinnerJoinCandidates = { adRenderURLHash: hashes.adARenderKAnonKeyHash, reportingIdHash: hashes.adANameReportingIdKAnonKeyHash, @@ -1352,7 +1432,7 @@ subsetTest(promise_test, async test => { interestGroupIndex: 0, owner: window.location.origin, ghostWinnerForTopLevelAuction: { - // missing adRenderURL + modifiedBid: 100, }, }]; @@ -1361,7 +1441,7 @@ subsetTest(promise_test, async test => { subsetTest(promise_test, async test => { await kAnonTestWithMutatedServerResponse( - test, /*expectSuccess=*/ true, (msg, ig, hashes) => { + test, true, (msg, ig, hashes) => { msg.kAnonWinnerJoinCandidates = { adRenderURLHash: hashes.adARenderKAnonKeyHash, reportingIdHash: hashes.adANameReportingIdKAnonKeyHash, @@ -1381,15 +1461,15 @@ subsetTest(promise_test, async test => { }); }, 'Basic B&A auction - winner with full ghost winner'); -// TODO(behamilton): Add Multi-seller k-anon tests. -// TODO(behamilton): Add k-anon tests with different reporting IDs. -/* Some things that are not currently tested that probably should be; this is - not exhaustive, merely to keep track of things that come to mind as tests are - written: - - forDebugOnly --- it will be straightforward now, but will break. - - privateAggregation --- currently no away to test it, may be doable with - proper key config. - - Some of the parsing details that need to match the spec language exactly. -*/ + + + + + + + + + +