1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "components/signin/ios/browser/profile_oauth2_token_service_ios.h"
7 #include "base/run_loop.h"
8 #include "base/prefs/pref_registry_simple.h"
9 #include "base/prefs/testing_pref_service.h"
10 #include "components/signin/core/browser/profile_oauth2_token_service.h"
11 #include "components/signin/core/common/signin_pref_names.h"
12 #include "components/signin/core/browser/test_signin_client.h"
13 #include "google_apis/gaia/gaia_urls.h"
14 #include "google_apis/gaia/oauth2_access_token_consumer.h"
15 #include "google_apis/gaia/oauth2_token_service_test_util.h"
16 #include "ios/public/test/fake_profile_oauth2_token_service_ios_provider.h"
17 #include "net/url_request/test_url_fetcher_factory.h"
18 #include "testing/gtest/include/gtest/gtest.h"
20 class ProfileOAuth2TokenServiceIOSTest : public testing::Test,
21 public OAuth2TokenService::Consumer,
22 public OAuth2TokenService::Observer {
24 ProfileOAuth2TokenServiceIOSTest()
25 : OAuth2TokenService::Consumer("test_consumer_id"),
28 token_available_count_(0),
29 token_revoked_count_(0),
30 tokens_loaded_count_(0),
31 access_token_success_(0),
32 access_token_failure_(0),
33 last_access_token_error_(GoogleServiceAuthError::NONE) {}
35 void SetUp() override {
36 prefs_.registry()->RegisterBooleanPref(
37 prefs::kTokenServiceExcludeAllSecondaryAccounts, false);
38 prefs_.registry()->RegisterListPref(
39 prefs::kTokenServiceExcludedSecondaryAccounts);
41 factory_.SetFakeResponse(GaiaUrls::GetInstance()->oauth2_revoke_url(),
44 net::URLRequestStatus::SUCCESS);
45 fake_provider_ = client_.GetIOSProviderAsFake();
46 oauth2_service_.Initialize(&client_, &signin_error_controller_);
47 oauth2_service_.AddObserver(this);
50 void TearDown() override {
51 oauth2_service_.RemoveObserver(this);
52 oauth2_service_.Shutdown();
55 // OAuth2TokenService::Consumer implementation.
56 void OnGetTokenSuccess(const OAuth2TokenService::Request* request,
57 const std::string& access_token,
58 const base::Time& expiration_time) override {
59 ++access_token_success_;
62 void OnGetTokenFailure(const OAuth2TokenService::Request* request,
63 const GoogleServiceAuthError& error) override {
64 ++access_token_failure_;
65 last_access_token_error_ = error;
68 // OAuth2TokenService::Observer implementation.
69 void OnRefreshTokenAvailable(const std::string& account_id) override {
70 ++token_available_count_;
72 void OnRefreshTokenRevoked(const std::string& account_id) override {
73 ++token_revoked_count_;
75 void OnRefreshTokensLoaded() override { ++tokens_loaded_count_; }
77 void ResetObserverCounts() {
78 token_available_count_ = 0;
79 token_revoked_count_ = 0;
80 tokens_loaded_count_ = 0;
81 token_available_count_ = 0;
82 access_token_failure_ = 0;
86 base::MessageLoop message_loop_;
87 net::FakeURLFetcherFactory factory_;
88 TestingPrefServiceSimple prefs_;
89 TestSigninClient client_;
90 SigninErrorController signin_error_controller_;
91 ios::FakeProfileOAuth2TokenServiceIOSProvider* fake_provider_;
92 ProfileOAuth2TokenServiceIOS oauth2_service_;
93 TestingOAuth2TokenServiceConsumer consumer_;
94 int token_available_count_;
95 int token_revoked_count_;
96 int tokens_loaded_count_;
97 int access_token_success_;
98 int access_token_failure_;
99 GoogleServiceAuthError last_access_token_error_;
102 TEST_F(ProfileOAuth2TokenServiceIOSTest, LoadRevokeCredentialsOneAccount) {
103 fake_provider_->AddAccount("account_id");
104 oauth2_service_.LoadCredentials("account_id");
105 base::RunLoop().RunUntilIdle();
106 EXPECT_EQ(1, token_available_count_);
107 EXPECT_EQ(1, tokens_loaded_count_);
108 EXPECT_EQ(0, token_revoked_count_);
109 EXPECT_EQ(1U, oauth2_service_.GetAccounts().size());
110 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id"));
112 ResetObserverCounts();
113 oauth2_service_.RevokeAllCredentials();
114 EXPECT_EQ(0, token_available_count_);
115 EXPECT_EQ(0, tokens_loaded_count_);
116 EXPECT_EQ(1, token_revoked_count_);
117 EXPECT_EQ(0U, oauth2_service_.GetAccounts().size());
118 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
121 TEST_F(ProfileOAuth2TokenServiceIOSTest,
122 LoadRevokeCredentialsMultipleAccounts) {
123 fake_provider_->AddAccount("account_id_1");
124 fake_provider_->AddAccount("account_id_2");
125 fake_provider_->AddAccount("account_id_3");
126 oauth2_service_.LoadCredentials("account_id_1");
127 base::RunLoop().RunUntilIdle();
128 EXPECT_EQ(3, token_available_count_);
129 EXPECT_EQ(1, tokens_loaded_count_);
130 EXPECT_EQ(0, token_revoked_count_);
131 EXPECT_EQ(3U, oauth2_service_.GetAccounts().size());
132 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
133 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
134 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
136 ResetObserverCounts();
137 oauth2_service_.RevokeAllCredentials();
138 EXPECT_EQ(0, token_available_count_);
139 EXPECT_EQ(0, tokens_loaded_count_);
140 EXPECT_EQ(3, token_revoked_count_);
141 EXPECT_EQ(0U, oauth2_service_.GetAccounts().size());
142 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
143 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
144 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
147 TEST_F(ProfileOAuth2TokenServiceIOSTest, ReloadCredentials) {
148 fake_provider_->AddAccount("account_id_1");
149 fake_provider_->AddAccount("account_id_2");
150 fake_provider_->AddAccount("account_id_3");
151 oauth2_service_.LoadCredentials("account_id_1");
152 base::RunLoop().RunUntilIdle();
154 // Change the accounts.
155 ResetObserverCounts();
156 fake_provider_->ClearAccounts();
157 fake_provider_->AddAccount("account_id_1");
158 fake_provider_->AddAccount("account_id_4");
159 oauth2_service_.ReloadCredentials();
161 EXPECT_EQ(1, token_available_count_);
162 EXPECT_EQ(0, tokens_loaded_count_);
163 EXPECT_EQ(2, token_revoked_count_);
164 EXPECT_EQ(2U, oauth2_service_.GetAccounts().size());
165 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
166 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
167 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
168 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_4"));
171 TEST_F(ProfileOAuth2TokenServiceIOSTest,
172 ReloadCredentialsIgnoredIfNoPrimaryAccountId) {
173 // Change the accounts.
174 ResetObserverCounts();
175 fake_provider_->AddAccount("account_id_1");
176 fake_provider_->AddAccount("account_id_2");
177 base::RunLoop().RunUntilIdle();
179 oauth2_service_.ReloadCredentials();
181 EXPECT_EQ(0, token_available_count_);
182 EXPECT_EQ(0, tokens_loaded_count_);
183 EXPECT_EQ(0, token_revoked_count_);
184 EXPECT_EQ(0U, oauth2_service_.GetAccounts().size());
185 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
186 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
189 TEST_F(ProfileOAuth2TokenServiceIOSTest,
190 ReloadCredentialsWithPrimaryAccountId) {
191 // Change the accounts.
192 ResetObserverCounts();
193 fake_provider_->AddAccount("account_id_1");
194 fake_provider_->AddAccount("account_id_2");
195 base::RunLoop().RunUntilIdle();
197 oauth2_service_.ReloadCredentials("account_id_1");
198 EXPECT_EQ(2, token_available_count_);
199 EXPECT_EQ(0, tokens_loaded_count_);
200 EXPECT_EQ(0, token_revoked_count_);
201 EXPECT_EQ(2U, oauth2_service_.GetAccounts().size());
202 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
203 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
206 TEST_F(ProfileOAuth2TokenServiceIOSTest, ExcludeAllSecondaryAccounts) {
207 // Change the accounts.
208 ResetObserverCounts();
209 fake_provider_->AddAccount("account_id_1");
210 fake_provider_->AddAccount("account_id_2");
211 base::RunLoop().RunUntilIdle();
213 oauth2_service_.ExcludeAllSecondaryAccounts();
214 oauth2_service_.ReloadCredentials("account_id_1");
215 EXPECT_EQ(1, token_available_count_);
216 EXPECT_EQ(0, tokens_loaded_count_);
217 EXPECT_EQ(0, token_revoked_count_);
218 EXPECT_EQ(1U, oauth2_service_.GetAccounts().size());
219 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
220 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
223 TEST_F(ProfileOAuth2TokenServiceIOSTest, StartRequestSuccess) {
224 fake_provider_->AddAccount("account_id_1");
225 oauth2_service_.LoadCredentials("account_id_1");
226 base::RunLoop().RunUntilIdle();
228 // Fetch access tokens.
229 ResetObserverCounts();
230 OAuth2TokenService::ScopeSet scopes;
231 scopes.insert("scope");
232 scoped_ptr<OAuth2TokenService::Request> request(
233 oauth2_service_.StartRequest("account_id_1", scopes, this));
234 EXPECT_EQ(0, access_token_success_);
235 EXPECT_EQ(0, access_token_failure_);
237 ResetObserverCounts();
238 fake_provider_->IssueAccessTokenForAllRequests();
239 base::RunLoop().RunUntilIdle();
240 EXPECT_EQ(1, access_token_success_);
241 EXPECT_EQ(0, access_token_failure_);
244 TEST_F(ProfileOAuth2TokenServiceIOSTest, StartRequestFailure) {
245 fake_provider_->AddAccount("account_id_1");
246 oauth2_service_.LoadCredentials("account_id_1");
247 base::RunLoop().RunUntilIdle();
249 // Fetch access tokens.
250 ResetObserverCounts();
251 OAuth2TokenService::ScopeSet scopes;
252 scopes.insert("scope");
253 scoped_ptr<OAuth2TokenService::Request> request(
254 oauth2_service_.StartRequest("account_id_1", scopes, this));
255 EXPECT_EQ(0, access_token_success_);
256 EXPECT_EQ(0, access_token_failure_);
258 ResetObserverCounts();
259 fake_provider_->IssueAccessTokenErrorForAllRequests();
260 base::RunLoop().RunUntilIdle();
261 EXPECT_EQ(0, access_token_success_);
262 EXPECT_EQ(1, access_token_failure_);
265 TEST_F(ProfileOAuth2TokenServiceIOSTest, ExcludeSecondaryAccounts) {
266 fake_provider_->AddAccount("account_id_1");
267 fake_provider_->AddAccount("account_id_2");
268 fake_provider_->AddAccount("account_id_3");
269 oauth2_service_.LoadCredentials("account_id_1");
270 base::RunLoop().RunUntilIdle();
272 // Ignore one account should remove it from the list of accounts.
273 ResetObserverCounts();
274 oauth2_service_.ExcludeSecondaryAccount("account_id_2");
275 oauth2_service_.ReloadCredentials();
277 EXPECT_EQ(0, token_available_count_);
278 EXPECT_EQ(0, tokens_loaded_count_);
279 EXPECT_EQ(1, token_revoked_count_);
280 EXPECT_EQ(2U, oauth2_service_.GetAccounts().size());
281 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
282 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
283 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
285 // Clear ignored account and the refresh token should be available again.
286 ResetObserverCounts();
287 oauth2_service_.IncludeSecondaryAccount("account_id_2");
288 oauth2_service_.ReloadCredentials();
290 EXPECT_EQ(1, token_available_count_);
291 EXPECT_EQ(0, tokens_loaded_count_);
292 EXPECT_EQ(0, token_revoked_count_);
293 EXPECT_EQ(3U, oauth2_service_.GetAccounts().size());
294 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
295 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
296 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
299 // Unit test for for http://crbug.com/453470 .
300 TEST_F(ProfileOAuth2TokenServiceIOSTest, ExcludeSecondaryAccountTwice) {
301 fake_provider_->AddAccount("account_id_1");
302 fake_provider_->AddAccount("account_id_2");
303 oauth2_service_.LoadCredentials("account_id_1");
304 base::RunLoop().RunUntilIdle();
305 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
306 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
308 // Ignore |account_id_2| twice.
309 oauth2_service_.ExcludeSecondaryAccount("account_id_2");
310 oauth2_service_.ExcludeSecondaryAccount("account_id_2");
311 oauth2_service_.ReloadCredentials();
313 // Include |account_id_2| once should add the account back.
314 ResetObserverCounts();
315 oauth2_service_.IncludeSecondaryAccount("account_id_2");
316 oauth2_service_.ReloadCredentials();
318 EXPECT_EQ(1, token_available_count_);
319 EXPECT_EQ(0, tokens_loaded_count_);
320 EXPECT_EQ(0, token_revoked_count_);
321 EXPECT_EQ(2U, oauth2_service_.GetAccounts().size());
322 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
323 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
326 TEST_F(ProfileOAuth2TokenServiceIOSTest,
327 LoadRevokeCredentialsClearsExcludedAccounts) {
328 fake_provider_->AddAccount("account_id_1");
329 fake_provider_->AddAccount("account_id_2");
330 fake_provider_->AddAccount("account_id_3");
332 std::vector<std::string> excluded_accounts;
333 excluded_accounts.push_back("account_id_2");
334 oauth2_service_.ExcludeSecondaryAccounts(excluded_accounts);
335 oauth2_service_.ReloadCredentials("account_id_1");
336 base::RunLoop().RunUntilIdle();
337 EXPECT_EQ(2, token_available_count_);
338 EXPECT_EQ(0, tokens_loaded_count_);
339 EXPECT_EQ(0, token_revoked_count_);
340 EXPECT_EQ(2U, oauth2_service_.GetAccounts().size());
341 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
342 EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
343 EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
345 ResetObserverCounts();
346 oauth2_service_.RevokeAllCredentials();
347 EXPECT_TRUE(oauth2_service_.GetExcludedSecondaryAccounts().empty());
350 // Used for test StartRequestInRemoveAccount.
351 class MarkedForRemovalTester : public OAuth2TokenService::Consumer {
353 MarkedForRemovalTester(const std::string& account_id,
354 OAuth2TokenService* oauth2_service)
355 : Consumer(account_id),
356 oauth2_service_(oauth2_service),
360 void OnGetTokenSuccess(const OAuth2TokenService::Request* request,
361 const std::string& access_token,
362 const base::Time& expiration_time) override {}
363 void OnGetTokenFailure(const OAuth2TokenService::Request* request,
364 const GoogleServiceAuthError& error) override {
365 token_failures_.push_back(error);
366 if (error.state() == GoogleServiceAuthError::REQUEST_CANCELED) {
367 // Restart a request on |account_id| here, which should fail as we are in
368 // a RemoveAccount and |account_id| should be marked for removal.
369 OAuth2TokenService::ScopeSet scopes;
370 request_ = oauth2_service_->StartRequest(id(), scopes, this);
373 const std::vector<GoogleServiceAuthError>& token_failures() const {
374 return token_failures_;
378 OAuth2TokenService* oauth2_service_;
379 scoped_ptr<OAuth2TokenService::Request> request_;
380 std::vector<GoogleServiceAuthError> token_failures_;
383 TEST_F(ProfileOAuth2TokenServiceIOSTest, StartRequestInRemoveAccount) {
384 fake_provider_->AddAccount("account_id");
385 oauth2_service_.ReloadCredentials("account_id");
386 base::RunLoop().RunUntilIdle();
388 MarkedForRemovalTester tester("account_id", &oauth2_service_);
389 OAuth2TokenService::ScopeSet scopes;
390 scoped_ptr<OAuth2TokenService::Request> request(
391 oauth2_service_.StartRequest("account_id", scopes, &tester));
393 // Trigger a RemoveAccount on "account_id".
394 oauth2_service_.RevokeAllCredentials();
395 base::RunLoop().RunUntilIdle();
397 EXPECT_EQ(tester.token_failures().size(), 2u);
398 // Request cancelled by |CancelRequestsForAccount| in |RemoveAccount|.
399 EXPECT_EQ(tester.token_failures()[0].state(),
400 GoogleServiceAuthError::REQUEST_CANCELED);
401 // Request failing as the account is marked for removal.
402 EXPECT_EQ(tester.token_failures()[1].state(),
403 GoogleServiceAuthError::USER_NOT_SIGNED_UP);