Add new certificateProvider extension API.
[chromium-blink-merge.git] / chrome / browser / ui / webui / signin / inline_login_ui_browsertest.cc
blobc95a829b348ce9c04134db4be9a1dfc39ea1e6e4
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/command_line.h"
6 #include "base/prefs/pref_service.h"
7 #include "base/prefs/scoped_user_pref_update.h"
8 #include "base/strings/utf_string_conversions.h"
9 #include "chrome/browser/content_settings/cookie_settings_factory.h"
10 #include "chrome/browser/signin/signin_manager_factory.h"
11 #include "chrome/browser/signin/signin_promo.h"
12 #include "chrome/browser/ui/browser.h"
13 #include "chrome/browser/ui/tabs/tab_strip_model.h"
14 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h"
15 #include "chrome/browser/ui/webui/signin/inline_login_ui.h"
16 #include "chrome/browser/ui/webui/signin/login_ui_service.h"
17 #include "chrome/browser/ui/webui/signin/login_ui_service_factory.h"
18 #include "chrome/browser/ui/webui/signin/login_ui_test_utils.h"
19 #include "chrome/common/chrome_switches.h"
20 #include "chrome/common/url_constants.h"
21 #include "chrome/grit/chromium_strings.h"
22 #include "chrome/grit/generated_resources.h"
23 #include "chrome/test/base/in_process_browser_test.h"
24 #include "chrome/test/base/test_browser_window.h"
25 #include "chrome/test/base/test_chrome_web_ui_controller_factory.h"
26 #include "chrome/test/base/testing_browser_process.h"
27 #include "chrome/test/base/ui_test_utils.h"
28 #include "components/content_settings/core/browser/cookie_settings.h"
29 #include "components/guest_view/browser/guest_view_manager.h"
30 #include "components/signin/core/browser/signin_manager.h"
31 #include "components/signin/core/common/profile_management_switches.h"
32 #include "components/signin/core/common/signin_pref_names.h"
33 #include "content/public/browser/render_frame_host.h"
34 #include "content/public/browser/render_process_host.h"
35 #include "content/public/browser/session_storage_namespace.h"
36 #include "content/public/browser/storage_partition.h"
37 #include "content/public/browser/web_contents.h"
38 #include "content/public/browser/web_ui_controller.h"
39 #include "content/public/common/url_constants.h"
40 #include "content/public/test/browser_test_utils.h"
41 #include "content/public/test/test_navigation_observer.h"
42 #include "google_apis/gaia/fake_gaia.h"
43 #include "google_apis/gaia/gaia_switches.h"
44 #include "net/base/url_util.h"
45 #include "net/test/embedded_test_server/embedded_test_server.h"
46 #include "net/test/embedded_test_server/http_request.h"
47 #include "net/test/embedded_test_server/http_response.h"
48 #include "testing/gmock/include/gmock/gmock.h"
49 #include "testing/gtest/include/gtest/gtest.h"
50 #include "ui/base/l10n/l10n_util.h"
52 using ::testing::_;
53 using ::testing::AtLeast;
54 using ::testing::Invoke;
55 using ::testing::InvokeWithoutArgs;
56 using ::testing::Return;
58 using guest_view::GuestViewManager;
59 using login_ui_test_utils::ExecuteJsToSigninInSigninFrame;
60 using login_ui_test_utils::WaitUntilUIReady;
62 namespace {
64 struct ContentInfo {
65 ContentInfo(content::WebContents* contents,
66 int pid,
67 content::StoragePartition* storage_partition) {
68 this->contents = contents;
69 this->pid = pid;
70 this->storage_partition = storage_partition;
73 content::WebContents* contents;
74 int pid;
75 content::StoragePartition* storage_partition;
78 ContentInfo NavigateAndGetInfo(
79 Browser* browser,
80 const GURL& url,
81 WindowOpenDisposition disposition) {
82 ui_test_utils::NavigateToURLWithDisposition(
83 browser, url, disposition,
84 ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
85 content::WebContents* contents =
86 browser->tab_strip_model()->GetActiveWebContents();
87 content::RenderProcessHost* process = contents->GetRenderProcessHost();
88 return ContentInfo(contents, process->GetID(),
89 process->GetStoragePartition());
92 // Returns a new WebUI object for the WebContents from |arg0|.
93 ACTION(ReturnNewWebUI) {
94 return new content::WebUIController(arg0);
97 // Mock the TestChromeWebUIControllerFactory::WebUIProvider to prove that we are
98 // not called as expected.
99 class FooWebUIProvider
100 : public TestChromeWebUIControllerFactory::WebUIProvider {
101 public:
102 MOCK_METHOD2(NewWebUI, content::WebUIController*(content::WebUI* web_ui,
103 const GURL& url));
106 class MockLoginUIObserver : public LoginUIService::Observer {
107 public:
108 MOCK_METHOD0(OnUntrustedLoginUIShown, void());
111 const char kFooWebUIURL[] = "chrome://foo/";
113 bool AddToSet(std::set<content::WebContents*>* set,
114 content::WebContents* web_contents) {
115 set->insert(web_contents);
116 return false;
119 } // namespace
121 class InlineLoginUIBrowserTest : public InProcessBrowserTest {
122 public:
123 InlineLoginUIBrowserTest() {}
125 void SetUpSigninManager(const std::string& username);
126 void EnableSigninAllowed(bool enable);
127 void EnableOneClick(bool enable);
128 void AddEmailToOneClickRejectedList(const std::string& email);
129 void AllowSigninCookies(bool enable);
130 void SetAllowedUsernamePattern(const std::string& pattern);
132 protected:
133 content::WebContents* web_contents() { return nullptr; }
136 void InlineLoginUIBrowserTest::SetUpSigninManager(const std::string& username) {
137 if (username.empty())
138 return;
140 SigninManagerBase* signin_manager =
141 SigninManagerFactory::GetForProfile(browser()->profile());
142 signin_manager->SetAuthenticatedAccountInfo(username, username);
145 void InlineLoginUIBrowserTest::EnableSigninAllowed(bool enable) {
146 PrefService* pref_service = browser()->profile()->GetPrefs();
147 pref_service->SetBoolean(prefs::kSigninAllowed, enable);
150 void InlineLoginUIBrowserTest::EnableOneClick(bool enable) {
151 PrefService* pref_service = browser()->profile()->GetPrefs();
152 pref_service->SetBoolean(prefs::kReverseAutologinEnabled, enable);
155 void InlineLoginUIBrowserTest::AddEmailToOneClickRejectedList(
156 const std::string& email) {
157 PrefService* pref_service = browser()->profile()->GetPrefs();
158 ListPrefUpdate updater(pref_service,
159 prefs::kReverseAutologinRejectedEmailList);
160 updater->AppendIfNotPresent(new base::StringValue(email));
163 void InlineLoginUIBrowserTest::AllowSigninCookies(bool enable) {
164 content_settings::CookieSettings* cookie_settings =
165 CookieSettingsFactory::GetForProfile(browser()->profile()).get();
166 cookie_settings->SetDefaultCookieSetting(enable ? CONTENT_SETTING_ALLOW
167 : CONTENT_SETTING_BLOCK);
170 void InlineLoginUIBrowserTest::SetAllowedUsernamePattern(
171 const std::string& pattern) {
172 PrefService* local_state = g_browser_process->local_state();
173 local_state->SetString(prefs::kGoogleServicesUsernamePattern, pattern);
176 #if defined(OS_LINUX) || defined(OS_WIN)
177 // crbug.com/422868
178 #define MAYBE_DifferentStorageId DISABLED_DifferentStorageId
179 #else
180 #define MAYBE_DifferentStorageId DifferentStorageId
181 #endif
182 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, MAYBE_DifferentStorageId) {
183 if (switches::IsEnableWebviewBasedSignin()) {
184 ContentInfo info = NavigateAndGetInfo(
185 browser(),
186 signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false),
187 CURRENT_TAB);
188 WaitUntilUIReady(browser());
190 // Make sure storage partition of embedded webview is different from
191 // parent.
192 std::set<content::WebContents*> set;
193 GuestViewManager* manager = GuestViewManager::FromBrowserContext(
194 info.contents->GetBrowserContext());
195 manager->ForEachGuest(info.contents, base::Bind(&AddToSet, &set));
196 ASSERT_EQ(1u, set.size());
197 content::WebContents* webview_contents = *set.begin();
198 content::RenderProcessHost* process =
199 webview_contents->GetRenderProcessHost();
200 ASSERT_NE(info.pid, process->GetID());
201 ASSERT_NE(info.storage_partition, process->GetStoragePartition());
202 } else {
203 GURL test_url = ui_test_utils::GetTestUrl(
204 base::FilePath(base::FilePath::kCurrentDirectory),
205 base::FilePath(FILE_PATH_LITERAL("title1.html")));
207 ContentInfo info1 =
208 NavigateAndGetInfo(browser(), test_url, CURRENT_TAB);
209 ContentInfo info2 = NavigateAndGetInfo(
210 browser(),
211 signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false),
212 CURRENT_TAB);
213 NavigateAndGetInfo(browser(), test_url, CURRENT_TAB);
214 ContentInfo info3 = NavigateAndGetInfo(
215 browser(),
216 signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false),
217 NEW_FOREGROUND_TAB);
219 // The info for signin should be the same.
220 ASSERT_EQ(info2.storage_partition, info3.storage_partition);
221 // The info for test_url and signin should be different.
222 ASSERT_NE(info1.storage_partition, info2.storage_partition);
226 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, OneProcessLimit) {
227 GURL test_url_1 = ui_test_utils::GetTestUrl(
228 base::FilePath(base::FilePath::kCurrentDirectory),
229 base::FilePath(FILE_PATH_LITERAL("title1.html")));
230 GURL test_url_2 = ui_test_utils::GetTestUrl(
231 base::FilePath(base::FilePath::kCurrentDirectory),
232 base::FilePath(FILE_PATH_LITERAL("data:text/html,Hello world!")));
234 // Even when the process limit is set to one, the signin process should
235 // still be given its own process and storage partition.
236 content::RenderProcessHost::SetMaxRendererProcessCount(1);
238 ContentInfo info1 =
239 NavigateAndGetInfo(browser(), test_url_1, CURRENT_TAB);
240 ContentInfo info2 =
241 NavigateAndGetInfo(browser(), test_url_2, CURRENT_TAB);
242 ContentInfo info3 = NavigateAndGetInfo(
243 browser(),
244 signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false),
245 CURRENT_TAB);
247 ASSERT_EQ(info1.pid, info2.pid);
248 ASSERT_NE(info1.pid, info3.pid);
251 #if !defined(OS_CHROMEOS)
253 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, CanOfferNoProfile) {
254 std::string error_message;
255 EXPECT_FALSE(InlineLoginHandlerImpl::CanOffer(
256 NULL, InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
257 "12345", "user@gmail.com", &error_message));
258 EXPECT_EQ("", error_message);
261 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, CanOffer) {
262 EnableOneClick(true);
263 EXPECT_TRUE(InlineLoginHandlerImpl::CanOffer(
264 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
265 "12345", "user@gmail.com", NULL));
267 EnableOneClick(false);
269 std::string error_message;
271 EXPECT_TRUE(InlineLoginHandlerImpl::CanOffer(
272 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
273 "12345", "user@gmail.com", &error_message));
276 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, CanOfferProfileConnected) {
277 SetUpSigninManager("foo@gmail.com");
278 EnableSigninAllowed(true);
280 std::string error_message;
282 EXPECT_TRUE(InlineLoginHandlerImpl::CanOffer(
283 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
284 "12345", "foo@gmail.com", &error_message));
285 EXPECT_TRUE(InlineLoginHandlerImpl::CanOffer(
286 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
287 "12345", "foo", &error_message));
288 EXPECT_FALSE(InlineLoginHandlerImpl::CanOffer(
289 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
290 "12345", "user@gmail.com", &error_message));
291 EXPECT_EQ(l10n_util::GetStringFUTF8(IDS_SYNC_WRONG_EMAIL,
292 base::UTF8ToUTF16("foo@gmail.com")),
293 error_message);
296 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, CanOfferUsernameNotAllowed) {
297 SetAllowedUsernamePattern("*.google.com");
299 std::string error_message;
300 EXPECT_FALSE(InlineLoginHandlerImpl::CanOffer(
301 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
302 "12345", "foo@gmail.com", &error_message));
303 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SYNC_LOGIN_NAME_PROHIBITED),
304 error_message);
307 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, CanOfferWithRejectedEmail) {
308 EnableSigninAllowed(true);
310 AddEmailToOneClickRejectedList("foo@gmail.com");
311 AddEmailToOneClickRejectedList("user@gmail.com");
313 std::string error_message;
314 EXPECT_TRUE(InlineLoginHandlerImpl::CanOffer(
315 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
316 "12345", "foo@gmail.com", &error_message));
317 EXPECT_TRUE(InlineLoginHandlerImpl::CanOffer(
318 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
319 "12345", "user@gmail.com", &error_message));
322 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, CanOfferNoSigninCookies) {
323 AllowSigninCookies(false);
324 EnableSigninAllowed(true);
326 std::string error_message;
327 EXPECT_FALSE(InlineLoginHandlerImpl::CanOffer(
328 browser()->profile(), InlineLoginHandlerImpl::CAN_OFFER_FOR_ALL,
329 "12345", "user@gmail.com", &error_message));
330 EXPECT_EQ("", error_message);
333 #endif // OS_CHROMEOS
335 class InlineLoginUISafeIframeBrowserTest : public InProcessBrowserTest {
336 public:
337 FooWebUIProvider& foo_provider() { return foo_provider_; }
339 private:
340 void SetUp() override {
341 ASSERT_TRUE(embedded_test_server()->InitializeAndWaitUntilReady());
343 // EmbeddedTestServer spawns a thread to initialize socket.
344 // Stop IO thread in preparation for fork and exec.
345 embedded_test_server()->StopThread();
347 InProcessBrowserTest::SetUp();
350 void SetUpCommandLine(base::CommandLine* command_line) override {
351 const GURL& base_url = embedded_test_server()->base_url();
352 command_line->AppendSwitchASCII(::switches::kGaiaUrl, base_url.spec());
353 command_line->AppendSwitchASCII(::switches::kLsoUrl, base_url.spec());
354 command_line->AppendSwitchASCII(::switches::kGoogleApisUrl,
355 base_url.spec());
358 void SetUpOnMainThread() override {
359 embedded_test_server()->RestartThreadAndListen();
361 content::WebUIControllerFactory::UnregisterFactoryForTesting(
362 ChromeWebUIControllerFactory::GetInstance());
363 test_factory_.reset(new TestChromeWebUIControllerFactory);
364 content::WebUIControllerFactory::RegisterFactory(test_factory_.get());
365 test_factory_->AddFactoryOverride(
366 GURL(kFooWebUIURL).host(), &foo_provider_);
369 void TearDownOnMainThread() override {
370 test_factory_->RemoveFactoryOverride(GURL(kFooWebUIURL).host());
371 content::WebUIControllerFactory::UnregisterFactoryForTesting(
372 test_factory_.get());
373 test_factory_.reset();
374 EXPECT_TRUE(embedded_test_server()->ShutdownAndWaitUntilComplete());
377 FooWebUIProvider foo_provider_;
378 scoped_ptr<TestChromeWebUIControllerFactory> test_factory_;
381 // Make sure that the foo webui handler is working properly and that it gets
382 // created when navigated to normally.
383 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest, Basic) {
384 const GURL kUrl(kFooWebUIURL);
385 EXPECT_CALL(foo_provider(), NewWebUI(_, ::testing::Eq(kUrl)))
386 .WillOnce(ReturnNewWebUI());
387 ui_test_utils::NavigateToURL(browser(), GURL(kFooWebUIURL));
390 // Make sure that the foo webui handler does not get created when we try to
391 // load it inside the iframe of the login ui.
392 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest, NoWebUIInIframe) {
393 GURL url = signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false).
394 Resolve("?source=0&frameUrl=chrome://foo");
395 EXPECT_CALL(foo_provider(), NewWebUI(_, _)).Times(0);
396 ui_test_utils::NavigateToURL(browser(), url);
399 // Flaky on CrOS, http://crbug.com/364759.
400 #if defined(OS_CHROMEOS)
401 #define MAYBE_TopFrameNavigationDisallowed DISABLED_TopFrameNavigationDisallowed
402 #else
403 #define MAYBE_TopFrameNavigationDisallowed TopFrameNavigationDisallowed
404 #endif
406 // Make sure that the gaia iframe cannot trigger top-frame navigation.
407 // TODO(guohui): flaky on trybot crbug/364759.
408 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest,
409 MAYBE_TopFrameNavigationDisallowed) {
410 // Loads into gaia iframe a web page that attempts to deframe on load.
411 GURL deframe_url(embedded_test_server()->GetURL("/login/deframe.html"));
412 GURL url(net::AppendOrReplaceQueryParameter(
413 signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false),
414 "frameUrl", deframe_url.spec()));
415 ui_test_utils::NavigateToURL(browser(), url);
416 WaitUntilUIReady(browser());
418 content::WebContents* contents =
419 browser()->tab_strip_model()->GetActiveWebContents();
420 EXPECT_EQ(url, contents->GetVisibleURL());
422 content::NavigationController& controller = contents->GetController();
423 EXPECT_TRUE(controller.GetPendingEntry() == NULL);
426 // Flaky on CrOS, http://crbug.com/364759.
427 // Also flaky on Mac, http://crbug.com/442674.
428 // Also flaky on Linux which is just too flaky
429 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest,
430 DISABLED_NavigationToOtherChromeURLDisallowed) {
431 ui_test_utils::NavigateToURL(
432 browser(), signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false));
433 WaitUntilUIReady(browser());
435 content::WebContents* contents =
436 browser()->tab_strip_model()->GetActiveWebContents();
437 ASSERT_TRUE(content::ExecuteScript(
438 contents, "window.location.href = 'chrome://foo'"));
440 content::TestNavigationObserver navigation_observer(contents, 1);
441 navigation_observer.Wait();
443 EXPECT_EQ(GURL("about:blank"), contents->GetVisibleURL());
446 #if !defined(OS_CHROMEOS)
447 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest,
448 ConfirmationRequiredForNonsecureSignin) {
449 FakeGaia fake_gaia;
450 fake_gaia.Initialize();
452 embedded_test_server()->RegisterRequestHandler(
453 base::Bind(&FakeGaia::HandleRequest,
454 base::Unretained(&fake_gaia)));
455 fake_gaia.SetFakeMergeSessionParams(
456 "email@gmail.com", "fake-sid-cookie", "fake-lsid-cookie");
458 // Navigates to the Chrome signin page which loads the fake gaia auth page.
459 // Since the fake gaia auth page is served over HTTP, thus expects to see an
460 // untrusted signin confirmation dialog upon submitting credentials below.
461 ui_test_utils::NavigateToURL(
462 browser(), signin::GetPromoURL(signin_metrics::SOURCE_START_PAGE, false));
463 WaitUntilUIReady(browser());
465 MockLoginUIObserver observer;
466 LoginUIServiceFactory::GetForProfile(browser()->profile())
467 ->AddObserver(&observer);
468 base::RunLoop run_loop;
469 EXPECT_CALL(observer, OnUntrustedLoginUIShown())
470 .WillOnce(InvokeWithoutArgs(&run_loop, &base::RunLoop::Quit));
472 ExecuteJsToSigninInSigninFrame(browser(), "email@gmail.com", "password");
473 run_loop.Run();
474 base::MessageLoop::current()->RunUntilIdle();
476 #endif // OS_CHROMEOS