1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/extensions/api/cryptotoken_private/cryptotoken_private_api.h"
12 #include "chrome/browser/extensions/extension_api_unittest.h"
13 #include "chrome/browser/extensions/extension_function_test_utils.h"
14 #include "testing/gtest/include/gtest/gtest.h"
16 namespace extensions
{
20 using namespace api::cryptotoken_private
;
22 class CryptoTokenPrivateApiTest
: public extensions::ExtensionApiUnittest
{
24 CryptoTokenPrivateApiTest() {}
25 ~CryptoTokenPrivateApiTest() override
{}
28 bool GetSingleBooleanResult(
29 UIThreadExtensionFunction
* function
, bool* result
) {
30 const base::ListValue
* result_list
= function
->GetResultList();
32 LOG(ERROR
) << "Function has no result list.";
36 if (result_list
->GetSize() != 1u) {
37 LOG(ERROR
) << "Invalid number of results.";
41 if (!result_list
->GetBoolean(0, result
)) {
42 LOG(ERROR
) << "Result is not boolean.";
48 bool GetCanOriginAssertAppIdResult(std::string origin
, std::string appId
) {
49 scoped_refptr
<api::CryptotokenPrivateCanOriginAssertAppIdFunction
> function(
50 new api::CryptotokenPrivateCanOriginAssertAppIdFunction());
51 function
->set_has_callback(true);
53 scoped_ptr
<base::ListValue
> args(new base::ListValue
);
54 args
->AppendString(origin
);
55 args
->AppendString(appId
);
57 extension_function_test_utils::RunFunction(
61 extension_function_test_utils::NONE
);
64 GetSingleBooleanResult(function
.get(), &result
);
69 TEST_F(CryptoTokenPrivateApiTest
, CanOriginAssertAppId
) {
70 std::string
origin1("https://www.example.com");
72 EXPECT_TRUE(GetCanOriginAssertAppIdResult(origin1
, origin1
));
74 std::string
same_origin_appid("https://www.example.com/appId");
75 EXPECT_TRUE(GetCanOriginAssertAppIdResult(origin1
, same_origin_appid
));
76 std::string
same_etld_plus_one_appid("https://appid.example.com/appId");
77 EXPECT_TRUE(GetCanOriginAssertAppIdResult(origin1
, same_etld_plus_one_appid
));
78 std::string
different_etld_plus_one_appid("https://www.different.com/appId");
79 EXPECT_FALSE(GetCanOriginAssertAppIdResult(origin1
,
80 different_etld_plus_one_appid
));
82 // For legacy purposes, google.com is allowed to use certain appIds hosted at
84 // TODO(juanlang): remove once the legacy constraints are removed.
85 std::string
google_origin("https://accounts.google.com");
86 std::string
gstatic_appid("https://www.gstatic.com/securitykey/origins.json");
87 EXPECT_TRUE(GetCanOriginAssertAppIdResult(google_origin
, gstatic_appid
));
88 // Not all gstatic urls are allowed, just those specifically whitelisted.
89 std::string
gstatic_otherurl("https://www.gstatic.com/foobar");
90 EXPECT_FALSE(GetCanOriginAssertAppIdResult(google_origin
, gstatic_otherurl
));
95 } // namespace extensions