From 2bc8d11705570e9016effd989b8c2a35805aaa51 Mon Sep 17 00:00:00 2001 From: Marco Castelluccio Date: Thu, 16 Jan 2025 01:56:10 +0000 Subject: [PATCH] Bug 1940282 [wpt PR 49954] - Add support for Ad-Auction-Result-Nonce header for PA B&A, a=testonly Automatic update from web-platform-tests Add support for Ad-Auction-Result-Nonce header for PA B&A Add support for the alternate authorization flow for Protected Audiences Bidding and Auction response (as described in https://github.com/WICG/turtledove/pull/1233). This feature is behind the FledgeBiddingAndAuctionNonceSupport feature flag which is going to be enabled by default (for a waterfall rollout in M133). Bug: 385128725 Change-Id: Id3c622241c82ed0b71037bfeb1ca5432cd6e66dc Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6109795 Reviewed-by: Maks Orlovich Commit-Queue: Russ Hamilton Reviewed-by: Brendon Tiszka Cr-Commit-Position: refs/heads/main{#1403077} -- wpt-commits: 48f9ec1e463fbe03e411a77dae446b7c6de4f577 wpt-pr: 49954 UltraBlame original commit: a563508c0d80ba13ea308f1cac33bbf0b1e1eadf --- .../resources/authorize-server-response.py | 67 +- .../tentative/resources/ba-fledge-util.sub.js | 63 ++ .../tentative/server-response.https.window.js | 586 ++++++++++++++++++ 3 files changed, 714 insertions(+), 2 deletions(-) diff --git a/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py b/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py index 7ab850fc55c64..be8e6fa7297c4 100644 --- a/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py +++ b/testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py @@ -38,6 +38,17 @@ " ) +if +b +" +hashes +" +in +request +. +GET +: + hash_list = request @@ -51,7 +62,7 @@ hashes " ) - + response . headers @@ -66,7 +77,7 @@ - Result " - + b " " @@ -76,3 +87,55 @@ hash_list ) ) + +if +b +" +nonces +" +in +request +. +GET +: + +nonce_list += +request +. +GET +. +get_list +( +b +" +nonces +" +) + +response +. +headers +. +set +( +b +" +Ad +- +Auction +- +Result +- +Nonce +" + +b +" +" +. +join +( +nonce_list +) +) diff --git a/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js b/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js index 130dbedf16397..ba5caed9c98de 100644 --- a/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js +++ b/testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js @@ -1961,6 +1961,69 @@ true ; BA . +authorizeServerResponseNonces += +async +function +( +nonces +) +{ +let +authorizeURL += +new +URL +( +' +resources +/ +authorize +- +server +- +response +. +py +' +window +. +location +) +; +authorizeURL +. +searchParams +. +append +( +' +nonces +' +nonces +. +join +( +' +' +) +) +; +await +fetch +( +authorizeURL +{ +adAuctionHeaders +: +true +} +) +; +} +; +BA +. configureCoordinator = async diff --git a/testing/web-platform/tests/fledge/tentative/server-response.https.window.js b/testing/web-platform/tests/fledge/tentative/server-response.https.window.js index ef0c59d58086e..803e7161b03a4 100644 --- a/testing/web-platform/tests/fledge/tentative/server-response.https.window.js +++ b/testing/web-platform/tests/fledge/tentative/server-response.https.window.js @@ -458,6 +458,592 @@ result request ) ; +let +serverResponseMsg += +{ +' +nonce +' +: +uuid +' +biddingGroups +' +: +{ +} +' +adRenderURL +' +: +adsArray +[ +0 +] +. +renderURL +' +interestGroupName +' +: +DEFAULT_INTEREST_GROUP_NAME +' +interestGroupOwner +' +: +window +. +location +. +origin +} +; +serverResponseMsg +. +biddingGroups +[ +window +. +location +. +origin +] += +[ +0 +] +; +let +serverResponse += +await +BA +. +encodeServerResponse +( +serverResponseMsg +decoded +) +; +let +hashString += +await +BA +. +payloadHash +( +serverResponse +) +; +await +BA +. +authorizeServerResponseNonces +( +[ +uuid +] +) +; +let +auctionResult += +await +navigator +. +runAdAuction +( +{ +' +seller +' +: +window +. +location +. +origin +' +requestId +' +: +result +. +requestId +' +serverResponse +' +: +serverResponse +' +resolveToConfig +' +: +true +} +) +; +expectSuccess +( +auctionResult +) +; +createAndNavigateFencedFrame +( +test +auctionResult +) +; +await +waitForObservedRequests +( +uuid +[ +adA +] +) +; +} +' +Basic +B +& +A +auction +- +nonces +' +) +; +subsetTest +( +promise_test +async +test += +> +{ +const +uuid += +generateUuid +( +test +) +; +const +adA += +createTrackerURL +( +window +. +location +. +origin +uuid +' +track_get +' +' +a +' +) +; +const +adB += +createTrackerURL +( +window +. +location +. +origin +uuid +' +track_get +' +' +b +' +) +; +const +adsArray += +[ +{ +renderURL +: +adA +adRenderId +: +' +a +' +} +{ +renderURL +: +adB +adRenderId +: +' +b +' +} +] +; +await +joinInterestGroup +( +test +uuid +{ +ads +: +adsArray +} +) +; +const +result += +await +navigator +. +getInterestGroupAdAuctionData +( +{ +coordinatorOrigin +: +await +BA +. +configureCoordinator +( +) +seller +: +window +. +location +. +origin +} +) +; +assert_true +( +result +. +requestId +! += += +null +) +; +assert_true +( +result +. +request +. +length +> +0 +) +; +let +decoded += +await +BA +. +decodeInterestGroupData +( +result +. +request +) +; +let +serverResponseMsg += +{ +' +biddingGroups +' +: +{ +} +' +adRenderURL +' +: +adsArray +[ +0 +] +. +renderURL +' +interestGroupName +' +: +DEFAULT_INTEREST_GROUP_NAME +' +interestGroupOwner +' +: +window +. +location +. +origin +} +; +serverResponseMsg +. +biddingGroups +[ +window +. +location +. +origin +] += +[ +0 +] +; +let +serverResponse += +await +BA +. +encodeServerResponse +( +serverResponseMsg +decoded +) +; +let +auctionResult += +await +navigator +. +runAdAuction +( +{ +' +seller +' +: +window +. +location +. +origin +' +requestId +' +: +result +. +requestId +' +serverResponse +' +: +serverResponse +' +resolveToConfig +' +: +true +} +) +; +expectNoWinner +( +auctionResult +) +; +} +' +Basic +B +& +A +auction +- +not +authorized +' +) +; +subsetTest +( +promise_test +async +test += +> +{ +const +uuid += +generateUuid +( +test +) +; +const +adA += +createTrackerURL +( +window +. +location +. +origin +uuid +' +track_get +' +' +a +' +) +; +const +adB += +createTrackerURL +( +window +. +location +. +origin +uuid +' +track_get +' +' +b +' +) +; +const +adsArray += +[ +{ +renderURL +: +adA +adRenderId +: +' +a +' +} +{ +renderURL +: +adB +adRenderId +: +' +b +' +} +] +; +await +joinInterestGroup +( +test +uuid +{ +ads +: +adsArray +} +) +; +const +result += +await +navigator +. +getInterestGroupAdAuctionData +( +{ +coordinatorOrigin +: +await +BA +. +configureCoordinator +( +) +seller +: +window +. +location +. +origin +} +) +; +assert_true +( +result +. +requestId +! += += +null +) +; +assert_true +( +result +. +request +. +length +> +0 +) +; +let +decoded += +await +BA +. +decodeInterestGroupData +( +result +. +request +) +; const trackSeller =