1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/password_manager/chrome_password_manager_client.h"
7 #include "base/command_line.h"
8 #include "base/prefs/pref_registry_simple.h"
9 #include "base/prefs/pref_service.h"
10 #include "base/prefs/testing_pref_service.h"
11 #include "base/strings/string16.h"
12 #include "base/strings/utf_string_conversions.h"
13 #include "chrome/browser/sync/profile_sync_service_factory.h"
14 #include "chrome/browser/sync/profile_sync_service_mock.h"
15 #include "chrome/common/chrome_version_info.h"
16 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
17 #include "chrome/test/base/testing_pref_service_syncable.h"
18 #include "chrome/test/base/testing_profile.h"
19 #include "components/autofill/content/common/autofill_messages.h"
20 #include "components/password_manager/content/browser/password_manager_internals_service_factory.h"
21 #include "components/password_manager/content/common/credential_manager_messages.h"
22 #include "components/password_manager/core/browser/log_receiver.h"
23 #include "components/password_manager/core/browser/password_manager_internals_service.h"
24 #include "components/password_manager/core/common/credential_manager_types.h"
25 #include "components/password_manager/core/common/password_manager_pref_names.h"
26 #include "components/password_manager/core/common/password_manager_switches.h"
27 #include "content/public/browser/browser_context.h"
28 #include "content/public/browser/web_contents.h"
29 #include "content/public/test/mock_render_process_host.h"
30 #include "testing/gmock/include/gmock/gmock.h"
31 #include "testing/gtest/include/gtest/gtest.h"
33 using content::BrowserContext
;
34 using content::WebContents
;
35 using testing::Return
;
40 const char kTestText
[] = "abcd1234";
42 class MockLogReceiver
: public password_manager::LogReceiver
{
44 MOCK_METHOD1(LogSavePasswordProgress
, void(const std::string
&));
47 // TODO(vabr): Get rid of the mocked client in the client's own test, see
48 // http://crbug.com/474577.
49 class MockChromePasswordManagerClient
: public ChromePasswordManagerClient
{
51 MOCK_CONST_METHOD0(IsPasswordManagementEnabledForCurrentPage
, bool());
52 MOCK_CONST_METHOD0(DidLastPageLoadEncounterSSLErrors
, bool());
53 MOCK_CONST_METHOD2(IsSyncAccountCredential
,
54 bool(const std::string
& username
,
55 const std::string
& origin
));
57 explicit MockChromePasswordManagerClient(content::WebContents
* web_contents
)
58 : ChromePasswordManagerClient(web_contents
, nullptr) {
59 ON_CALL(*this, DidLastPageLoadEncounterSSLErrors())
60 .WillByDefault(testing::Return(false));
61 ON_CALL(*this, IsPasswordManagementEnabledForCurrentPage())
62 .WillByDefault(testing::Return(true));
64 ~MockChromePasswordManagerClient() override
{}
67 DISALLOW_COPY_AND_ASSIGN(MockChromePasswordManagerClient
);
72 class ChromePasswordManagerClientTest
: public ChromeRenderViewHostTestHarness
{
74 ChromePasswordManagerClientTest();
76 void SetUp() override
;
78 TestingPrefServiceSyncable
* prefs() {
79 return profile()->GetTestingPrefService();
83 ChromePasswordManagerClient
* GetClient();
85 // If the test IPC sink contains an AutofillMsg_SetLoggingState message, then
86 // copies its argument into |activation_flag| and returns true. Otherwise
88 bool WasLoggingActivationMessageSent(bool* activation_flag
);
90 password_manager::PasswordManagerInternalsService
* service_
;
92 testing::StrictMock
<MockLogReceiver
> receiver_
;
93 TestingPrefServiceSimple prefs_
;
96 ChromePasswordManagerClientTest::ChromePasswordManagerClientTest()
100 void ChromePasswordManagerClientTest::SetUp() {
101 ChromeRenderViewHostTestHarness::SetUp();
102 prefs_
.registry()->RegisterBooleanPref(
103 password_manager::prefs::kPasswordManagerSavingEnabled
, true);
104 ChromePasswordManagerClient::CreateForWebContentsWithAutofillClient(
105 web_contents(), nullptr);
106 service_
= password_manager::PasswordManagerInternalsServiceFactory::
107 GetForBrowserContext(profile());
108 ASSERT_TRUE(service_
);
111 ChromePasswordManagerClient
* ChromePasswordManagerClientTest::GetClient() {
112 return ChromePasswordManagerClient::FromWebContents(web_contents());
115 bool ChromePasswordManagerClientTest::WasLoggingActivationMessageSent(
116 bool* activation_flag
) {
117 const uint32 kMsgID
= AutofillMsg_SetLoggingState::ID
;
118 const IPC::Message
* message
=
119 process()->sink().GetFirstMessageMatching(kMsgID
);
122 base::Tuple
<bool> param
;
123 AutofillMsg_SetLoggingState::Read(message
, ¶m
);
124 *activation_flag
= base::get
<0>(param
);
125 process()->sink().ClearMessages();
129 TEST_F(ChromePasswordManagerClientTest
, LogSavePasswordProgressNoReceiver
) {
130 ChromePasswordManagerClient
* client
= GetClient();
132 EXPECT_CALL(receiver_
, LogSavePasswordProgress(kTestText
)).Times(0);
133 // Before attaching the receiver, no text should be passed.
134 client
->LogSavePasswordProgress(kTestText
);
135 EXPECT_FALSE(client
->IsLoggingActive());
138 TEST_F(ChromePasswordManagerClientTest
, LogSavePasswordProgressAttachReceiver
) {
139 ChromePasswordManagerClient
* client
= GetClient();
140 EXPECT_FALSE(client
->IsLoggingActive());
142 // After attaching the logger, text should be passed.
143 service_
->RegisterReceiver(&receiver_
);
144 EXPECT_TRUE(client
->IsLoggingActive());
145 EXPECT_CALL(receiver_
, LogSavePasswordProgress(kTestText
)).Times(1);
146 client
->LogSavePasswordProgress(kTestText
);
147 service_
->UnregisterReceiver(&receiver_
);
148 EXPECT_FALSE(client
->IsLoggingActive());
151 TEST_F(ChromePasswordManagerClientTest
, LogSavePasswordProgressDetachReceiver
) {
152 ChromePasswordManagerClient
* client
= GetClient();
154 service_
->RegisterReceiver(&receiver_
);
155 EXPECT_TRUE(client
->IsLoggingActive());
156 service_
->UnregisterReceiver(&receiver_
);
157 EXPECT_FALSE(client
->IsLoggingActive());
159 // After detaching the logger, no text should be passed.
160 EXPECT_CALL(receiver_
, LogSavePasswordProgress(kTestText
)).Times(0);
161 client
->LogSavePasswordProgress(kTestText
);
164 TEST_F(ChromePasswordManagerClientTest
, LogSavePasswordProgressNotifyRenderer
) {
165 ChromePasswordManagerClient
* client
= GetClient();
166 bool logging_active
= false;
168 // Initially, the logging should be off, so no IPC messages.
169 EXPECT_FALSE(WasLoggingActivationMessageSent(&logging_active
));
171 service_
->RegisterReceiver(&receiver_
);
172 EXPECT_TRUE(client
->IsLoggingActive());
173 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active
));
174 EXPECT_TRUE(logging_active
);
176 service_
->UnregisterReceiver(&receiver_
);
177 EXPECT_FALSE(client
->IsLoggingActive());
178 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active
));
179 EXPECT_FALSE(logging_active
);
182 TEST_F(ChromePasswordManagerClientTest
, AnswerToPingsAboutLoggingState_Active
) {
183 service_
->RegisterReceiver(&receiver_
);
185 process()->sink().ClearMessages();
187 // Ping the client for logging activity update.
188 AutofillHostMsg_PasswordAutofillAgentConstructed
msg(0);
189 static_cast<content::WebContentsObserver
*>(GetClient())->OnMessageReceived(
190 msg
, web_contents()->GetMainFrame());
192 bool logging_active
= false;
193 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active
));
194 EXPECT_TRUE(logging_active
);
196 service_
->UnregisterReceiver(&receiver_
);
199 TEST_F(ChromePasswordManagerClientTest
,
200 AnswerToPingsAboutLoggingState_Inactive
) {
201 process()->sink().ClearMessages();
203 // Ping the client for logging activity update.
204 AutofillHostMsg_PasswordAutofillAgentConstructed
msg(0);
205 static_cast<content::WebContentsObserver
*>(GetClient())->OnMessageReceived(
206 msg
, web_contents()->GetMainFrame());
208 bool logging_active
= true;
209 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active
));
210 EXPECT_FALSE(logging_active
);
213 TEST_F(ChromePasswordManagerClientTest
,
214 IsAutomaticPasswordSavingEnabledDefaultBehaviourTest
) {
215 EXPECT_FALSE(GetClient()->IsAutomaticPasswordSavingEnabled());
218 TEST_F(ChromePasswordManagerClientTest
,
219 IsAutomaticPasswordSavingEnabledWhenFlagIsSetTest
) {
220 base::CommandLine::ForCurrentProcess()->AppendSwitch(
221 password_manager::switches::kEnableAutomaticPasswordSaving
);
222 if (chrome::VersionInfo::GetChannel() == chrome::VersionInfo::CHANNEL_UNKNOWN
)
223 EXPECT_TRUE(GetClient()->IsAutomaticPasswordSavingEnabled());
225 EXPECT_FALSE(GetClient()->IsAutomaticPasswordSavingEnabled());
228 TEST_F(ChromePasswordManagerClientTest
, LogToAReceiver
) {
229 ChromePasswordManagerClient
* client
= GetClient();
230 service_
->RegisterReceiver(&receiver_
);
231 EXPECT_TRUE(client
->IsLoggingActive());
233 EXPECT_CALL(receiver_
, LogSavePasswordProgress(kTestText
)).Times(1);
234 client
->LogSavePasswordProgress(kTestText
);
236 service_
->UnregisterReceiver(&receiver_
);
237 EXPECT_FALSE(client
->IsLoggingActive());
240 TEST_F(ChromePasswordManagerClientTest
, ShouldFilterAutofillResult_Reauth
) {
241 // Make client disallow only reauth requests.
242 base::CommandLine
* command_line
= base::CommandLine::ForCurrentProcess();
243 command_line
->AppendSwitch(
244 password_manager::switches::kDisallowAutofillSyncCredentialForReauth
);
245 scoped_ptr
<MockChromePasswordManagerClient
> client(
246 new MockChromePasswordManagerClient(web_contents()));
247 autofill::PasswordForm form
;
249 EXPECT_CALL(*client
, IsSyncAccountCredential(_
, _
))
250 .WillRepeatedly(Return(false));
252 GURL("https://accounts.google.com/login?rart=123&continue=blah"));
253 EXPECT_FALSE(client
->ShouldFilterAutofillResult(form
));
255 EXPECT_CALL(*client
, IsSyncAccountCredential(_
, _
))
256 .WillRepeatedly(Return(true));
258 GURL("https://accounts.google.com/login?rart=123&continue=blah"));
259 EXPECT_TRUE(client
->ShouldFilterAutofillResult(form
));
261 // This counts as a reauth url, though a valid URL should have a value for
263 NavigateAndCommit(GURL("https://accounts.google.com/addlogin?rart"));
264 EXPECT_TRUE(client
->ShouldFilterAutofillResult(form
));
266 NavigateAndCommit(GURL("https://accounts.google.com/login?param=123"));
267 EXPECT_FALSE(client
->ShouldFilterAutofillResult(form
));
269 NavigateAndCommit(GURL("https://site.com/login?rart=678"));
270 EXPECT_FALSE(client
->ShouldFilterAutofillResult(form
));
273 TEST_F(ChromePasswordManagerClientTest
, ShouldFilterAutofillResult
) {
274 // Normally the client should allow any credentials through, even if they
275 // are the sync credential.
276 scoped_ptr
<MockChromePasswordManagerClient
> client(
277 new MockChromePasswordManagerClient(web_contents()));
278 autofill::PasswordForm form
;
279 EXPECT_CALL(*client
, IsSyncAccountCredential(_
, _
))
280 .WillRepeatedly(Return(true));
281 NavigateAndCommit(GURL("https://accounts.google.com/Login"));
282 EXPECT_FALSE(client
->ShouldFilterAutofillResult(form
));
284 // Adding disallow switch should cause sync credential to be filtered.
285 base::CommandLine
* command_line
= base::CommandLine::ForCurrentProcess();
286 command_line
->AppendSwitch(
287 password_manager::switches::kDisallowAutofillSyncCredential
);
288 client
.reset(new MockChromePasswordManagerClient(web_contents()));
289 EXPECT_CALL(*client
, IsSyncAccountCredential(_
, _
))
290 .WillRepeatedly(Return(true));
291 NavigateAndCommit(GURL("https://accounts.google.com/Login"));
292 EXPECT_TRUE(client
->ShouldFilterAutofillResult(form
));
295 TEST_F(ChromePasswordManagerClientTest
,
296 IsPasswordManagementEnabledForCurrentPage
) {
297 ChromePasswordManagerClient
* client
= GetClient();
299 GURL("https://accounts.google.com/ServiceLogin?continue="
300 "https://passwords.google.com/settings&rart=123"));
301 EXPECT_FALSE(client
->IsPasswordManagementEnabledForCurrentPage());
303 // Password site is inaccesible via HTTP, but because of HSTS the following
304 // link should still continue to https://passwords.google.com.
306 GURL("https://accounts.google.com/ServiceLogin?continue="
307 "http://passwords.google.com/settings&rart=123"));
308 EXPECT_FALSE(client
->IsPasswordManagementEnabledForCurrentPage());
309 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
311 // Specifying default port still passes.
313 GURL("https://accounts.google.com/ServiceLogin?continue="
314 "https://passwords.google.com:443/settings&rart=123"));
315 EXPECT_FALSE(client
->IsPasswordManagementEnabledForCurrentPage());
316 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
318 // Encoded URL is considered the same.
320 GURL("https://accounts.google.com/ServiceLogin?continue="
321 "https://passwords.%67oogle.com/settings&rart=123"));
322 EXPECT_FALSE(client
->IsPasswordManagementEnabledForCurrentPage());
323 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
325 // Make sure testing sites are disabled as well.
327 GURL("https://accounts.google.com/Login?continue="
328 "https://passwords-ac-testing.corp.google.com/settings&rart=456"));
329 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
330 EXPECT_FALSE(client
->IsPasswordManagementEnabledForCurrentPage());
332 // Fully qualified domain name is considered a different hostname by GURL.
333 // Ideally this would not be the case, but this quirk can be avoided by
334 // verification on the server. This test is simply documentation of this
337 GURL("https://accounts.google.com/ServiceLogin?continue="
338 "https://passwords.google.com./settings&rart=123"));
339 EXPECT_TRUE(client
->IsPasswordManagementEnabledForCurrentPage());
341 // Not a transactional reauth page.
343 GURL("https://accounts.google.com/ServiceLogin?continue="
344 "https://passwords.google.com/settings"));
345 EXPECT_TRUE(client
->IsPasswordManagementEnabledForCurrentPage());
347 // Should be enabled for other transactional reauth pages.
349 GURL("https://accounts.google.com/ServiceLogin?continue="
350 "https://mail.google.com&rart=234"));
351 EXPECT_TRUE(client
->IsPasswordManagementEnabledForCurrentPage());
353 // Reauth pages are only on accounts.google.com
355 GURL("https://other.site.com/ServiceLogin?continue="
356 "https://passwords.google.com&rart=234"));
357 EXPECT_TRUE(client
->IsPasswordManagementEnabledForCurrentPage());
360 TEST_F(ChromePasswordManagerClientTest
, GetPasswordSyncState
) {
361 ChromePasswordManagerClient
* client
= GetClient();
363 ProfileSyncServiceMock
* mock_sync_service
=
364 static_cast<ProfileSyncServiceMock
*>(
365 ProfileSyncServiceFactory::GetInstance()->SetTestingFactoryAndUse(
366 profile(), ProfileSyncServiceMock::BuildMockProfileSyncService
));
368 syncer::ModelTypeSet active_types
;
369 active_types
.Put(syncer::PASSWORDS
);
370 EXPECT_CALL(*mock_sync_service
, HasSyncSetupCompleted())
371 .WillRepeatedly(Return(true));
372 EXPECT_CALL(*mock_sync_service
, IsSyncActive()).WillRepeatedly(Return(true));
373 EXPECT_CALL(*mock_sync_service
, GetActiveDataTypes())
374 .WillRepeatedly(Return(active_types
));
375 EXPECT_CALL(*mock_sync_service
, IsUsingSecondaryPassphrase())
376 .WillRepeatedly(Return(false));
378 // Passwords are syncing and custom passphrase isn't used.
379 EXPECT_EQ(password_manager::SYNCING_NORMAL_ENCRYPTION
,
380 client
->GetPasswordSyncState());
382 // Again, using a custom passphrase.
383 EXPECT_CALL(*mock_sync_service
, IsUsingSecondaryPassphrase())
384 .WillRepeatedly(Return(true));
386 EXPECT_EQ(password_manager::SYNCING_WITH_CUSTOM_PASSPHRASE
,
387 client
->GetPasswordSyncState());
389 // Report correctly if we aren't syncing passwords.
390 active_types
.Remove(syncer::PASSWORDS
);
391 active_types
.Put(syncer::BOOKMARKS
);
392 EXPECT_CALL(*mock_sync_service
, GetActiveDataTypes())
393 .WillRepeatedly(Return(active_types
));
395 EXPECT_EQ(password_manager::NOT_SYNCING_PASSWORDS
,
396 client
->GetPasswordSyncState());
398 // Again, without a custom passphrase.
399 EXPECT_CALL(*mock_sync_service
, IsUsingSecondaryPassphrase())
400 .WillRepeatedly(Return(false));
402 EXPECT_EQ(password_manager::NOT_SYNCING_PASSWORDS
,
403 client
->GetPasswordSyncState());
406 TEST_F(ChromePasswordManagerClientTest
, IsOffTheRecordTest
) {
407 ChromePasswordManagerClient
* client
= GetClient();
409 profile()->ForceIncognito(true);
410 EXPECT_TRUE(client
->IsOffTheRecord());
412 profile()->ForceIncognito(false);
413 EXPECT_FALSE(client
->IsOffTheRecord());
416 TEST_F(ChromePasswordManagerClientTest
,
417 SavingDependsOnManagerEnabledPreference
) {
418 // Test that saving passwords depends on the password manager enabled
420 ChromePasswordManagerClient
* client
= GetClient();
421 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled
,
422 new base::FundamentalValue(true));
423 EXPECT_TRUE(client
->IsSavingEnabledForCurrentPage());
424 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled
,
425 new base::FundamentalValue(false));
426 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
429 TEST_F(ChromePasswordManagerClientTest
, IsSavingEnabledForCurrentPageTest
) {
430 scoped_ptr
<MockChromePasswordManagerClient
> client(
431 new MockChromePasswordManagerClient(web_contents()));
432 // Functionality disabled if there is SSL errors.
433 EXPECT_CALL(*client
, DidLastPageLoadEncounterSSLErrors())
434 .WillRepeatedly(Return(true));
435 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
437 // Functionality disabled if there are SSL errors and the manager itself is
439 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled
,
440 new base::FundamentalValue(false));
441 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
443 // Functionality disabled if there are no SSL errorsm, but the manager itself
445 EXPECT_CALL(*client
, DidLastPageLoadEncounterSSLErrors())
446 .WillRepeatedly(Return(false));
447 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled
,
448 new base::FundamentalValue(false));
449 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
451 // Functionality enabled if there are no SSL errors and the manager is
453 EXPECT_CALL(*client
, DidLastPageLoadEncounterSSLErrors())
454 .WillRepeatedly(Return(false));
455 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled
,
456 new base::FundamentalValue(true));
457 EXPECT_TRUE(client
->IsSavingEnabledForCurrentPage());
459 // Functionality disabled in Incognito mode.
460 profile()->ForceIncognito(true);
461 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
463 // Functionality disabled in Incognito mode also when manager itself is
465 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled
,
466 new base::FundamentalValue(true));
467 EXPECT_FALSE(client
->IsSavingEnabledForCurrentPage());
468 profile()->ForceIncognito(false);