Skip to content

Commit b6c6a11

Browse files
brusshamiltonmoz-wptsync-bot
brusshamilton
authored and
moz-wptsync-bot
committed
Bug 1940282 [wpt PR 49954] - Add support for Ad-Auction-Result-Nonce header for PA B&A, a=testonly
Automatic update from web-platform-tests Add support for Ad-Auction-Result-Nonce header for PA B&A Add support for the alternate authorization flow for Protected Audiences Bidding and Auction response (as described in WICG/turtledove#1233). This feature is behind the FledgeBiddingAndAuctionNonceSupport feature flag which is going to be enabled by default (for a waterfall rollout in M133). Bug: 385128725 Change-Id: Id3c622241c82ed0b71037bfeb1ca5432cd6e66dc Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6109795 Reviewed-by: Maks Orlovich <morlovich@chromium.org> Commit-Queue: Russ Hamilton <behamilton@google.com> Reviewed-by: Brendon Tiszka <tiszka@chromium.org> Cr-Commit-Position: refs/heads/main@{#1403077} -- wpt-commits: 48f9ec1e463fbe03e411a77dae446b7c6de4f577 wpt-pr: 49954
1 parent 5e65e05 commit b6c6a11

File tree

3 files changed

+113
-19
lines changed

3 files changed

+113
-19
lines changed

testing/web-platform/tests/fledge/tentative/resources/authorize-server-response.py

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
def main(request, response):
22
response.status = (200, b"OK")
33
response.headers.set(b"Content-Type", b"text/plain")
4-
hash_list = request.GET.get_list(b"hashes")
5-
response.headers.set(b"Ad-Auction-Result",
6-
b",".join(hash_list))
4+
if b"hashes" in request.GET:
5+
hash_list = request.GET.get_list(b"hashes")
6+
response.headers.set(b"Ad-Auction-Result",
7+
b",".join(hash_list))
8+
if b"nonces" in request.GET:
9+
nonce_list = request.GET.get_list(b"nonces")
10+
response.headers.set(b"Ad-Auction-Result-Nonce",
11+
b",".join(nonce_list))

testing/web-platform/tests/fledge/tentative/resources/ba-fledge-util.sub.js

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -360,6 +360,15 @@ BA.authorizeServerResponseHashes = async function(hashes) {
360360
await fetch(authorizeURL, {adAuctionHeaders: true});
361361
};
362362

363+
// Authorizes each serverResponse nonce in `nonces` to be used for
364+
// B&A auction result.
365+
BA.authorizeServerResponseNonces = async function(nonces) {
366+
let authorizeURL =
367+
new URL('resources/authorize-server-response.py', window.location);
368+
authorizeURL.searchParams.append('nonces', nonces.join(','));
369+
await fetch(authorizeURL, {adAuctionHeaders: true});
370+
};
371+
363372
BA.configureCoordinator = async function() {
364373
// This is async in hope it can eventually use testdriver to configure this.
365374
return 'https://{{hosts[][]}}';

testing/web-platform/tests/fledge/tentative/server-response.https.window.js

Lines changed: 96 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -6,22 +6,22 @@
66
// META: script=third_party/cbor-js/cbor.js
77
// META: script=/common/subset-tests.js
88
// META: timeout=long
9-
// META: variant=?1-4
10-
// META: variant=?5-8
11-
// META: variant=?9-12
12-
// META: variant=?13-16
13-
// META: variant=?17-20
14-
// META: variant=?21-24
15-
// META: variant=?25-28
16-
// META: variant=?29-32
17-
// META: variant=?33-36
18-
// META: variant=?37-40
19-
// META: variant=?41-44
20-
// META: variant=?45-48
21-
// META: variant=?49-52
22-
// META: variant=?53-56
23-
// META: variant=?57-60
24-
// META: variant=?61-64
9+
// META: variant=?1-6
10+
// META: variant=?7-10
11+
// META: variant=?11-14
12+
// META: variant=?15-18
13+
// META: variant=?19-22
14+
// META: variant=?23-26
15+
// META: variant=?27-30
16+
// META: variant=?31-34
17+
// META: variant=?35-38
18+
// META: variant=?39-42
19+
// META: variant=?43-46
20+
// META: variant=?47-50
21+
// META: variant=?51-54
22+
// META: variant=?55-58
23+
// META: variant=?59-62
24+
// META: variant=?63-66
2525

2626
// These tests focus on the serverResponse field in AuctionConfig, e.g.
2727
// auctions involving bidding and auction services.
@@ -68,6 +68,86 @@ subsetTest(promise_test, async test => {
6868
await waitForObservedRequests(uuid, [adA]);
6969
}, 'Basic B&A auction');
7070

71+
subsetTest(promise_test, async test => {
72+
const uuid = generateUuid(test);
73+
const adA = createTrackerURL(window.location.origin, uuid, 'track_get', 'a');
74+
const adB = createTrackerURL(window.location.origin, uuid, 'track_get', 'b');
75+
const adsArray =
76+
[{renderURL: adA, adRenderId: 'a'}, {renderURL: adB, adRenderId: 'b'}];
77+
await joinInterestGroup(test, uuid, {ads: adsArray});
78+
79+
const result = await navigator.getInterestGroupAdAuctionData({
80+
coordinatorOrigin: await BA.configureCoordinator(),
81+
seller: window.location.origin
82+
});
83+
assert_true(result.requestId !== null);
84+
assert_true(result.request.length > 0);
85+
86+
let decoded = await BA.decodeInterestGroupData(result.request);
87+
88+
let serverResponseMsg = {
89+
'nonce': uuid,
90+
'biddingGroups': {},
91+
'adRenderURL': adsArray[0].renderURL,
92+
'interestGroupName': DEFAULT_INTEREST_GROUP_NAME,
93+
'interestGroupOwner': window.location.origin,
94+
};
95+
serverResponseMsg.biddingGroups[window.location.origin] = [0];
96+
97+
let serverResponse =
98+
await BA.encodeServerResponse(serverResponseMsg, decoded);
99+
100+
let hashString = await BA.payloadHash(serverResponse);
101+
await BA.authorizeServerResponseNonces([uuid]);
102+
103+
let auctionResult = await navigator.runAdAuction({
104+
'seller': window.location.origin,
105+
'requestId': result.requestId,
106+
'serverResponse': serverResponse,
107+
'resolveToConfig': true,
108+
});
109+
expectSuccess(auctionResult);
110+
createAndNavigateFencedFrame(test, auctionResult);
111+
await waitForObservedRequests(uuid, [adA]);
112+
}, 'Basic B&A auction - nonces');
113+
114+
subsetTest(promise_test, async test => {
115+
const uuid = generateUuid(test);
116+
const adA = createTrackerURL(window.location.origin, uuid, 'track_get', 'a');
117+
const adB = createTrackerURL(window.location.origin, uuid, 'track_get', 'b');
118+
const adsArray =
119+
[{renderURL: adA, adRenderId: 'a'}, {renderURL: adB, adRenderId: 'b'}];
120+
await joinInterestGroup(test, uuid, {ads: adsArray});
121+
122+
const result = await navigator.getInterestGroupAdAuctionData({
123+
coordinatorOrigin: await BA.configureCoordinator(),
124+
seller: window.location.origin
125+
});
126+
assert_true(result.requestId !== null);
127+
assert_true(result.request.length > 0);
128+
129+
let decoded = await BA.decodeInterestGroupData(result.request);
130+
131+
let serverResponseMsg = {
132+
'biddingGroups': {},
133+
'adRenderURL': adsArray[0].renderURL,
134+
'interestGroupName': DEFAULT_INTEREST_GROUP_NAME,
135+
'interestGroupOwner': window.location.origin,
136+
};
137+
serverResponseMsg.biddingGroups[window.location.origin] = [0];
138+
139+
let serverResponse =
140+
await BA.encodeServerResponse(serverResponseMsg, decoded);
141+
142+
let auctionResult = await navigator.runAdAuction({
143+
'seller': window.location.origin,
144+
'requestId': result.requestId,
145+
'serverResponse': serverResponse,
146+
'resolveToConfig': true,
147+
});
148+
expectNoWinner(auctionResult);
149+
}, 'Basic B&A auction - not authorized');
150+
71151
subsetTest(promise_test, async test => {
72152
const uuid = generateUuid(test);
73153
const adA = createTrackerURL(window.location.origin, uuid, 'track_get', 'a');

0 commit comments

Comments
 (0)