search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Check USB device path access when prompting users to select a device.
[chromium-blink-merge.git] / chrome / browser / password_manager / chrome_password_manager_client_unittest.cc
blobd539399cf4eeca1c6bb83415367495a2ade35801
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/password_manager/chrome_password_manager_client.h"
6
7 #include "base/command_line.h"
8 #include "base/strings/string16.h"
9 #include "base/strings/utf_string_conversions.h"
10 #include "chrome/browser/sync/profile_sync_service_factory.h"
11 #include "chrome/browser/sync/profile_sync_service_mock.h"
12 #include "chrome/common/chrome_version_info.h"
13 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
14 #include "chrome/test/base/testing_profile.h"
15 #include "components/autofill/content/common/autofill_messages.h"
16 #include "components/password_manager/content/browser/password_manager_internals_service_factory.h"
17 #include "components/password_manager/content/common/credential_manager_messages.h"
18 #include "components/password_manager/core/browser/log_receiver.h"
19 #include "components/password_manager/core/browser/password_manager_internals_service.h"
20 #include "components/password_manager/core/common/credential_manager_types.h"
21 #include "components/password_manager/core/common/password_manager_switches.h"
22 #include "content/public/browser/browser_context.h"
23 #include "content/public/browser/web_contents.h"
24 #include "content/public/test/mock_render_process_host.h"
25 #include "testing/gmock/include/gmock/gmock.h"
26 #include "testing/gtest/include/gtest/gtest.h"
27
28 using content::BrowserContext;
29 using content::WebContents;
30 using testing::Return;
31 using testing::_;
32
33 namespace {
34
35 const char kTestText[] = "abcd1234";
36
37 class MockLogReceiver : public password_manager::LogReceiver {
38 public:
39 MOCK_METHOD1(LogSavePasswordProgress, void(const std::string&));
40 };
41
42 class MockChromePasswordManagerClient : public ChromePasswordManagerClient {
43 public:
44 MOCK_CONST_METHOD2(IsSyncAccountCredential,
45 bool(const std::string& username,
46 const std::string& origin));
47
48 explicit MockChromePasswordManagerClient(content::WebContents* web_contents)
49 : ChromePasswordManagerClient(web_contents, nullptr) {}
50 ~MockChromePasswordManagerClient() override {}
51
52 private:
53 DISALLOW_COPY_AND_ASSIGN(MockChromePasswordManagerClient);
54 };
55
56 } // namespace
57
58 class ChromePasswordManagerClientTest : public ChromeRenderViewHostTestHarness {
59 public:
60 ChromePasswordManagerClientTest();
61
62 virtual void SetUp() override;
63
64 protected:
65 ChromePasswordManagerClient* GetClient();
66
67 // If the test IPC sink contains an AutofillMsg_SetLoggingState message, then
68 // copies its argument into |activation_flag| and returns true. Otherwise
69 // returns false.
70 bool WasLoggingActivationMessageSent(bool* activation_flag);
71
72 password_manager::PasswordManagerInternalsService* service_;
73
74 testing::StrictMock<MockLogReceiver> receiver_;
75 };
76
77 ChromePasswordManagerClientTest::ChromePasswordManagerClientTest()
78 : service_(nullptr) {
79 }
80
81 void ChromePasswordManagerClientTest::SetUp() {
82 ChromeRenderViewHostTestHarness::SetUp();
83 ChromePasswordManagerClient::CreateForWebContentsWithAutofillClient(
84 web_contents(), nullptr);
85 service_ = password_manager::PasswordManagerInternalsServiceFactory::
86 GetForBrowserContext(profile());
87 ASSERT_TRUE(service_);
88 }
89
90 ChromePasswordManagerClient* ChromePasswordManagerClientTest::GetClient() {
91 return ChromePasswordManagerClient::FromWebContents(web_contents());
92 }
93
94 bool ChromePasswordManagerClientTest::WasLoggingActivationMessageSent(
95 bool* activation_flag) {
96 const uint32 kMsgID = AutofillMsg_SetLoggingState::ID;
97 const IPC::Message* message =
98 process()->sink().GetFirstMessageMatching(kMsgID);
99 if (!message)
100 return false;
101 Tuple<bool> param;
102 AutofillMsg_SetLoggingState::Read(message, &param);
103 *activation_flag = get<0>(param);
104 process()->sink().ClearMessages();
105 return true;
106 }
107
108 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressNoReceiver) {
109 ChromePasswordManagerClient* client = GetClient();
110
111 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(0);
112 // Before attaching the receiver, no text should be passed.
113 client->LogSavePasswordProgress(kTestText);
114 EXPECT_FALSE(client->IsLoggingActive());
115 }
116
117 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressAttachReceiver) {
118 ChromePasswordManagerClient* client = GetClient();
119 EXPECT_FALSE(client->IsLoggingActive());
120
121 // After attaching the logger, text should be passed.
122 service_->RegisterReceiver(&receiver_);
123 EXPECT_TRUE(client->IsLoggingActive());
124 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(1);
125 client->LogSavePasswordProgress(kTestText);
126 service_->UnregisterReceiver(&receiver_);
127 EXPECT_FALSE(client->IsLoggingActive());
128 }
129
130 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressDetachReceiver) {
131 ChromePasswordManagerClient* client = GetClient();
132
133 service_->RegisterReceiver(&receiver_);
134 EXPECT_TRUE(client->IsLoggingActive());
135 service_->UnregisterReceiver(&receiver_);
136 EXPECT_FALSE(client->IsLoggingActive());
137
138 // After detaching the logger, no text should be passed.
139 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(0);
140 client->LogSavePasswordProgress(kTestText);
141 }
142
143 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressNotifyRenderer) {
144 ChromePasswordManagerClient* client = GetClient();
145 bool logging_active = false;
146
147 // Initially, the logging should be off, so no IPC messages.
148 EXPECT_FALSE(WasLoggingActivationMessageSent(&logging_active));
149
150 service_->RegisterReceiver(&receiver_);
151 EXPECT_TRUE(client->IsLoggingActive());
152 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
153 EXPECT_TRUE(logging_active);
154
155 service_->UnregisterReceiver(&receiver_);
156 EXPECT_FALSE(client->IsLoggingActive());
157 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
158 EXPECT_FALSE(logging_active);
159 }
160
161 TEST_F(ChromePasswordManagerClientTest, AnswerToPingsAboutLoggingState_Active) {
162 service_->RegisterReceiver(&receiver_);
163
164 process()->sink().ClearMessages();
165
166 // Ping the client for logging activity update.
167 AutofillHostMsg_PasswordAutofillAgentConstructed msg(0);
168 static_cast<content::WebContentsObserver*>(GetClient())->OnMessageReceived(
169 msg, web_contents()->GetMainFrame());
170
171 bool logging_active = false;
172 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
173 EXPECT_TRUE(logging_active);
174
175 service_->UnregisterReceiver(&receiver_);
176 }
177
178 TEST_F(ChromePasswordManagerClientTest,
179 AnswerToPingsAboutLoggingState_Inactive) {
180 process()->sink().ClearMessages();
181
182 // Ping the client for logging activity update.
183 AutofillHostMsg_PasswordAutofillAgentConstructed msg(0);
184 static_cast<content::WebContentsObserver*>(GetClient())->OnMessageReceived(
185 msg, web_contents()->GetMainFrame());
186
187 bool logging_active = true;
188 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
189 EXPECT_FALSE(logging_active);
190 }
191
192 TEST_F(ChromePasswordManagerClientTest,
193 IsAutomaticPasswordSavingEnabledDefaultBehaviourTest) {
194 EXPECT_FALSE(GetClient()->IsAutomaticPasswordSavingEnabled());
195 }
196
197 TEST_F(ChromePasswordManagerClientTest,
198 IsAutomaticPasswordSavingEnabledWhenFlagIsSetTest) {
199 base::CommandLine::ForCurrentProcess()->AppendSwitch(
200 password_manager::switches::kEnableAutomaticPasswordSaving);
201 if (chrome::VersionInfo::GetChannel() == chrome::VersionInfo::CHANNEL_UNKNOWN)
202 EXPECT_TRUE(GetClient()->IsAutomaticPasswordSavingEnabled());
203 else
204 EXPECT_FALSE(GetClient()->IsAutomaticPasswordSavingEnabled());
205 }
206
207 TEST_F(ChromePasswordManagerClientTest, LogToAReceiver) {
208 ChromePasswordManagerClient* client = GetClient();
209 service_->RegisterReceiver(&receiver_);
210 EXPECT_TRUE(client->IsLoggingActive());
211
212 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(1);
213 client->LogSavePasswordProgress(kTestText);
214
215 service_->UnregisterReceiver(&receiver_);
216 EXPECT_FALSE(client->IsLoggingActive());
217 }
218
219 TEST_F(ChromePasswordManagerClientTest, ShouldFilterAutofillResult_Reauth) {
220 // Make client disallow only reauth requests.
221 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
222 command_line->AppendSwitch(
223 password_manager::switches::kDisallowAutofillSyncCredentialForReauth);
224 scoped_ptr<MockChromePasswordManagerClient> client(
225 new MockChromePasswordManagerClient(web_contents()));
226 autofill::PasswordForm form;
227
228 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
229 .WillRepeatedly(Return(false));
230 NavigateAndCommit(
231 GURL("https://accounts.google.com/login?rart=123&continue=blah"));
232 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
233
234 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
235 .WillRepeatedly(Return(true));
236 NavigateAndCommit(
237 GURL("https://accounts.google.com/login?rart=123&continue=blah"));
238 EXPECT_TRUE(client->ShouldFilterAutofillResult(form));
239
240 // This counts as a reauth url, though a valid URL should have a value for
241 // "rart"
242 NavigateAndCommit(GURL("https://accounts.google.com/addlogin?rart"));
243 EXPECT_TRUE(client->ShouldFilterAutofillResult(form));
244
245 NavigateAndCommit(GURL("https://accounts.google.com/login?param=123"));
246 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
247
248 NavigateAndCommit(GURL("https://site.com/login?rart=678"));
249 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
250 }
251
252 TEST_F(ChromePasswordManagerClientTest, ShouldFilterAutofillResult) {
253 // Normally the client should allow any credentials through, even if they
254 // are the sync credential.
255 scoped_ptr<MockChromePasswordManagerClient> client(
256 new MockChromePasswordManagerClient(web_contents()));
257 autofill::PasswordForm form;
258 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
259 .WillRepeatedly(Return(true));
260 NavigateAndCommit(GURL("https://accounts.google.com/Login"));
261 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
262
263 // Adding disallow switch should cause sync credential to be filtered.
264 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
265 command_line->AppendSwitch(
266 password_manager::switches::kDisallowAutofillSyncCredential);
267 client.reset(new MockChromePasswordManagerClient(web_contents()));
268 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
269 .WillRepeatedly(Return(true));
270 NavigateAndCommit(GURL("https://accounts.google.com/Login"));
271 EXPECT_TRUE(client->ShouldFilterAutofillResult(form));
272 }
273
274 TEST_F(ChromePasswordManagerClientTest,
275 IsPasswordManagerEnabledForCurrentPage) {
276 ChromePasswordManagerClient* client = GetClient();
277 NavigateAndCommit(
278 GURL("https://accounts.google.com/ServiceLogin?continue="
279 "https://passwords.google.com/settings&rart=123"));
280 EXPECT_FALSE(client->IsPasswordManagerEnabledForCurrentPage());
281
282 // Password site is inaccesible via HTTP, but because of HSTS the following
283 // link should still continue to https://passwords.google.com.
284 NavigateAndCommit(
285 GURL("https://accounts.google.com/ServiceLogin?continue="
286 "http://passwords.google.com/settings&rart=123"));
287 EXPECT_FALSE(client->IsPasswordManagerEnabledForCurrentPage());
288
289 // Specifying default port still passes.
290 NavigateAndCommit(
291 GURL("https://accounts.google.com/ServiceLogin?continue="
292 "https://passwords.google.com:443/settings&rart=123"));
293 EXPECT_FALSE(client->IsPasswordManagerEnabledForCurrentPage());
294
295 // Encoded URL is considered the same.
296 NavigateAndCommit(
297 GURL("https://accounts.google.com/ServiceLogin?continue="
298 "https://passwords.%67oogle.com/settings&rart=123"));
299 EXPECT_FALSE(client->IsPasswordManagerEnabledForCurrentPage());
300
301 // Make sure testing sites are disabled as well.
302 NavigateAndCommit(
303 GURL("https://accounts.google.com/Login?continue="
304 "https://passwords-ac-testing.corp.google.com/settings&rart=456"));
305 EXPECT_FALSE(client->IsPasswordManagerEnabledForCurrentPage());
306
307 // Fully qualified domain name is considered a different hostname by GURL.
308 // Ideally this would not be the case, but this quirk can be avoided by
309 // verification on the server. This test is simply documentation of this
310 // behavior.
311 NavigateAndCommit(
312 GURL("https://accounts.google.com/ServiceLogin?continue="
313 "https://passwords.google.com./settings&rart=123"));
314 EXPECT_TRUE(client->IsPasswordManagerEnabledForCurrentPage());
315
316 // Not a transactional reauth page.
317 NavigateAndCommit(
318 GURL("https://accounts.google.com/ServiceLogin?continue="
319 "https://passwords.google.com/settings"));
320 EXPECT_TRUE(client->IsPasswordManagerEnabledForCurrentPage());
321
322 // Should be enabled for other transactional reauth pages.
323 NavigateAndCommit(
324 GURL("https://accounts.google.com/ServiceLogin?continue="
325 "https://mail.google.com&rart=234"));
326 EXPECT_TRUE(client->IsPasswordManagerEnabledForCurrentPage());
327
328 // Reauth pages are only on accounts.google.com
329 NavigateAndCommit(
330 GURL("https://other.site.com/ServiceLogin?continue="
331 "https://passwords.google.com&rart=234"));
332 EXPECT_TRUE(client->IsPasswordManagerEnabledForCurrentPage());
333 }
334
335 TEST_F(ChromePasswordManagerClientTest, IsPasswordSyncEnabled) {
336 ChromePasswordManagerClient* client = GetClient();
337
338 ProfileSyncServiceMock* mock_sync_service =
339 static_cast<ProfileSyncServiceMock*>(
340 ProfileSyncServiceFactory::GetInstance()->SetTestingFactoryAndUse(
341 profile(), ProfileSyncServiceMock::BuildMockProfileSyncService));
342
343 syncer::ModelTypeSet active_types;
344 active_types.Put(syncer::PASSWORDS);
345 EXPECT_CALL(*mock_sync_service, HasSyncSetupCompleted())
346 .WillRepeatedly(Return(true));
347 EXPECT_CALL(*mock_sync_service, SyncActive()).WillRepeatedly(Return(true));
348 EXPECT_CALL(*mock_sync_service, GetActiveDataTypes())
349 .WillRepeatedly(Return(active_types));
350 EXPECT_CALL(*mock_sync_service, IsUsingSecondaryPassphrase())
351 .WillRepeatedly(Return(false));
352
353 // Passwords are syncing and custom passphrase isn't used.
354 EXPECT_FALSE(
355 client->IsPasswordSyncEnabled(password_manager::ONLY_CUSTOM_PASSPHRASE));
356 EXPECT_TRUE(client->IsPasswordSyncEnabled(
357 password_manager::WITHOUT_CUSTOM_PASSPHRASE));
358
359 // Again, using a custom passphrase.
360 EXPECT_CALL(*mock_sync_service, IsUsingSecondaryPassphrase())
361 .WillRepeatedly(Return(true));
362
363 EXPECT_TRUE(
364 client->IsPasswordSyncEnabled(password_manager::ONLY_CUSTOM_PASSPHRASE));
365 EXPECT_FALSE(client->IsPasswordSyncEnabled(
366 password_manager::WITHOUT_CUSTOM_PASSPHRASE));
367
368 // Always return false if we aren't syncing passwords.
369 active_types.Remove(syncer::PASSWORDS);
370 active_types.Put(syncer::BOOKMARKS);
371 EXPECT_CALL(*mock_sync_service, GetActiveDataTypes())
372 .WillRepeatedly(Return(active_types));
373
374 EXPECT_FALSE(
375 client->IsPasswordSyncEnabled(password_manager::ONLY_CUSTOM_PASSPHRASE));
376 EXPECT_FALSE(client->IsPasswordSyncEnabled(
377 password_manager::WITHOUT_CUSTOM_PASSPHRASE));
378
379 // Again, without a custom passphrase.
380 EXPECT_CALL(*mock_sync_service, IsUsingSecondaryPassphrase())
381 .WillRepeatedly(Return(false));
382
383 EXPECT_FALSE(
384 client->IsPasswordSyncEnabled(password_manager::ONLY_CUSTOM_PASSPHRASE));
385 EXPECT_FALSE(client->IsPasswordSyncEnabled(
386 password_manager::WITHOUT_CUSTOM_PASSPHRASE));
387 }