[FedCM] Refactor the wpt tests request params check

This patch moves the request params check to one place to avoid the
unnecessary duplication.

Bug: None
Change-Id: I8d2e525b09718ab6ea2ba1483356de6a6ef0732c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4851310
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Yi Gu <yigu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1197107}

credential-management/support/fedcm/accounts.py

@@ -1,18 +1,10 @@
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
+
 def main(request, response):
-  if request.cookies.get(b"cookie") != b"1":
-    return (530, [], "Missing cookie")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (531, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (532, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (533, [], "Should not have Referer")
-  if request.headers.get(b"Origin"):
-    return (534, [], "Should not have Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (535, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"none":
-    return (536, [], "Wrong Sec-Fetch-Site header")
+  request_error = error_checker.accountsCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")
 

credential-management/support/fedcm/client_metadata.py

@@ -1,23 +1,12 @@
 # 'import credential-management.support.fedcm.keys' does not work.
 import importlib
 keys = importlib.import_module("credential-management.support.fedcm.keys")
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
 
 def main(request, response):
-  if (request.GET.get(b'skip_checks', b'0') != b'1'):
-    if len(request.cookies) > 0:
-      return (530, [], "Cookie should not be sent to this endpoint")
-    if request.headers.get(b"Accept") != b"application/json":
-      return (531, [], "Wrong Accept")
-    if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-      return (532, [], "Wrong Sec-Fetch-Dest header")
-    if request.headers.get(b"Referer"):
-      return (533, [], "Should not have Referer")
-    if not request.headers.get(b"Origin"):
-      return (534, [], "Missing Origin")
-    if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-      return (535, [], "Wrong Sec-Fetch-Mode header")
-    if request.headers.get(b"Sec-Fetch-Site") != b"cross-site":
-      return (536, [], "Wrong Sec-Fetch-Site header")
+  request_error = error_checker.clientMetadataCheck(request)
+  if (request_error):
+    return request_error
 
   counter = request.server.stash.take(keys.CLIENT_METADATA_COUNTER_KEY)
   try:

credential-management/support/fedcm/manifest.py

@@ -1,18 +1,10 @@
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
+
 def main(request, response):
-  if len(request.cookies) > 0:
-    return (530, [], "Cookie should not be sent to manifest endpoint")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (531, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (532, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (533, [], "Should not have Referer")
-  if request.headers.get(b"Origin"):
-    return (534, [], "Should not have Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (535, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"cross-site":
-    return (536, [], "Wrong Sec-Fetch-Site header")
+  request_error = error_checker.manifestCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")
 

credential-management/support/fedcm/no_accounts.py

@@ -1,18 +1,10 @@
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
+
 def main(request, response):
-  if request.cookies.get(b"cookie") != b"1":
-    return (530, [], "Missing cookie")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (531, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (532, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (533, [], "Should not have Referer")
-  if request.headers.get(b"Origin"):
-    return (534, [], "Should not have Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (535, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"none":
-    return (536, [], "Wrong Sec-Fetch-Site header")
+  request_error = error_checker.accountsCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")
 

credential-management/support/fedcm/request-params-check.py

@@ -0,0 +1,76 @@
+def commonCheck(request):
+  if request.headers.get(b"Accept") != b"application/json":
+    return (531, [], "Wrong Accept")
+  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
+    return (532, [], "Wrong Sec-Fetch-Dest header")
+  if request.headers.get(b"Referer"):
+    return (533, [], "Should not have Referer")
+  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
+    return (534, [], "Wrong Sec-Fetch-Mode header")
+
+def commonUncredentialedRequestCheck(request):
+  if len(request.cookies) > 0:
+    return (535, [], "Cookie should not be sent to this endpoint")
+  if request.headers.get(b"Sec-Fetch-Site") != b"cross-site":
+    return (536, [], "Wrong Sec-Fetch-Site header")
+
+def commonCredentialedRequestCheck(request):
+  if request.cookies.get(b"cookie") != b"1":
+    return (537, [], "Missing cookie")
+  if request.headers.get(b"Sec-Fetch-Site") != b"none":
+    return (538, [], "Wrong Sec-Fetch-Site header")
+
+def manifestCheck(request):
+  common_error = commonCheck(request)
+  if (common_error):
+    return common_error
+  common_uncredentialed_error = commonUncredentialedRequestCheck(request)
+  if (common_uncredentialed_error):
+    return common_uncredentialed_error
+
+  if request.headers.get(b"Origin"):
+    return (539, [], "Should not have Origin")
+
+def clientMetadataCheck(request):
+  if (request.GET.get(b'skip_checks', b'0') != b'1'):
+    common_error = commonCheck(request)
+    if (common_error):
+      return common_error
+    common_uncredentialed_error = commonUncredentialedRequestCheck(request)
+    if (common_uncredentialed_error):
+      return common_uncredentialed_error
+
+    if not request.headers.get(b"Origin"):
+      return (540, [], "Missing Origin")
+
+def accountsCheck(request):
+  common_error = commonCheck(request)
+  if (common_error):
+    return common_error
+  common_credentialed_error = commonCredentialedRequestCheck(request)
+  if (common_credentialed_error):
+    return common_credentialed_error
+
+  if request.headers.get(b"Origin"):
+    return (539, [], "Should not have Origin")
+
+def tokenCheck(request):
+  common_error = commonCheck(request)
+  if (common_error):
+    return common_error
+  common_credentialed_error = commonCredentialedRequestCheck(request)
+  if (common_credentialed_error):
+    return common_credentialed_error
+
+  if not request.headers.get(b"Origin"):
+    return (540, [], "Missing Origin")
+  if request.method != "POST":
+    return (541, [], "Method is not POST")
+  if request.headers.get(b"Content-Type") != b"application/x-www-form-urlencoded":
+    return (542, [], "Wrong Content-Type")
+  if not request.POST.get(b"client_id"):
+    return (543, [], "Missing 'client_id' POST parameter")
+  if not request.POST.get(b"account_id"):
+    return (544, [], "Missing 'account_id' POST parameter")
+  if not request.POST.get(b"disclosure_text_shown"):
+    return (545, [], "Missing 'disclosure_text_shown' POST parameter")

credential-management/support/fedcm/single_account.py

@@ -1,18 +1,10 @@
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
+
 def main(request, response):
-  if request.cookies.get(b"cookie") != b"1":
-    return (530, [], "Missing cookie")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (531, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (532, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (533, [], "Should not have Referer")
-  if request.headers.get(b"Origin"):
-    return (534, [], "Should not have Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (535, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"none":
-    return (536, [], "Wrong Sec-Fetch-Site header")
+  request_error = error_checker.accountsCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")
 

credential-management/support/fedcm/token.py

@@ -1,31 +1,10 @@
-def main(request, response):
-  if request.cookies.get(b"cookie") != b"1":
-    return (530, [], "Missing cookie")
-  if request.method != "POST":
-    return (531, [], "Method is not POST")
-  if request.headers.get(b"Content-Type") != b"application/x-www-form-urlencoded":
-    return (532, [], "Wrong Content-Type")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (533, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (500, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (534, [], "Should not have Referer")
-  if not request.headers.get(b"Origin"):
-    return (535, [], "Missing Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (539, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"none":
-    return (540, [], "Wrong Sec-Fetch-Site header")
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
 
-  if not request.POST.get(b"client_id"):
-    return (536, [], "Missing 'client_id' POST parameter")
-  if not request.POST.get(b"account_id"):
-    return (537, [], "Missing 'account_id' POST parameter")
-  if not request.POST.get(b"disclosure_text_shown"):
-    return (538, [], "Missing 'disclosure_text_shown' POST parameter")
-  if not request.POST.get(b"is_account_auto_selected"):
-    return (541, [], "Missing 'is_account_auto_selected' POST parameter")
+def main(request, response):
+  request_error = error_checker.tokenCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")
 

credential-management/support/fedcm/token_with_account_auto_selected_flag.py

@@ -1,31 +1,10 @@
-def main(request, response):
-  if request.cookies.get(b"cookie") != b"1":
-    return (530, [], "Missing cookie")
-  if request.method != "POST":
-    return (531, [], "Method is not POST")
-  if request.headers.get(b"Content-Type") != b"application/x-www-form-urlencoded":
-    return (532, [], "Wrong Content-Type")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (533, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (500, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (534, [], "Should not have Referer")
-  if not request.headers.get(b"Origin"):
-    return (535, [], "Missing Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (539, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"none":
-    return (540, [], "Wrong Sec-Fetch-Site header")
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
 
-  if not request.POST.get(b"client_id"):
-    return (536, [], "Missing 'client_id' POST parameter")
-  if not request.POST.get(b"account_id"):
-    return (537, [], "Missing 'account_id' POST parameter")
-  if not request.POST.get(b"disclosure_text_shown"):
-    return (538, [], "Missing 'disclosure_text_shown' POST parameter")
-  if not request.POST.get(b"is_account_auto_selected"):
-    return (541, [], "Missing 'is_account_auto_selected' POST parameter")
+def main(request, response):
+  request_error = error_checker.tokenCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")
 

credential-management/support/fedcm/token_with_account_id.py

@@ -1,31 +1,10 @@
-def main(request, response):
-  if request.cookies.get(b"cookie") != b"1":
-    return (530, [], "Missing cookie")
-  if request.method != "POST":
-    return (531, [], "Method is not POST")
-  if request.headers.get(b"Content-Type") != b"application/x-www-form-urlencoded":
-    return (532, [], "Wrong Content-Type")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (533, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (500, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (534, [], "Should not have Referer")
-  if not request.headers.get(b"Origin"):
-    return (535, [], "Missing Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (539, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"none":
-    return (540, [], "Wrong Sec-Fetch-Site header")
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
 
-  if not request.POST.get(b"client_id"):
-    return (536, [], "Missing 'client_id' POST parameter")
-  if not request.POST.get(b"account_id"):
-    return (537, [], "Missing 'account_id' POST parameter")
-  if not request.POST.get(b"disclosure_text_shown"):
-    return (538, [], "Missing 'disclosure_text_shown' POST parameter")
-  if not request.POST.get(b"is_account_auto_selected"):
-    return (541, [], "Missing 'is_account_auto_selected' POST parameter")
+def main(request, response):
+  request_error = error_checker.tokenCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")
 

credential-management/support/fedcm/two_accounts.py

@@ -1,18 +1,10 @@
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
+
 def main(request, response):
-  if request.cookies.get(b"cookie") != b"1":
-    return (530, [], "Missing cookie")
-  if request.headers.get(b"Accept") != b"application/json":
-    return (531, [], "Wrong Accept")
-  if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
-    return (532, [], "Wrong Sec-Fetch-Dest header")
-  if request.headers.get(b"Referer"):
-    return (533, [], "Should not have Referer")
-  if request.headers.get(b"Origin"):
-    return (534, [], "Should not have Origin")
-  if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
-    return (535, [], "Wrong Sec-Fetch-Mode header")
-  if request.headers.get(b"Sec-Fetch-Site") != b"none":
-    return (536, [], "Wrong Sec-Fetch-Site header")
+  request_error = error_checker.accountsCheck(request)
+  if (request_error):
+    return request_error
 
   response.headers.set(b"Content-Type", b"application/json")