Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / chrome / browser / password_manager / chrome_password_manager_client_unittest.cc
blobd296df296ef66b24307014c8e9ae420fb2ad06f5
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/password_manager/chrome_password_manager_client.h"
7 #include "base/command_line.h"
8 #include "base/prefs/pref_registry_simple.h"
9 #include "base/prefs/pref_service.h"
10 #include "base/prefs/testing_pref_service.h"
11 #include "base/strings/string16.h"
12 #include "base/strings/utf_string_conversions.h"
13 #include "chrome/browser/sync/profile_sync_service_factory.h"
14 #include "chrome/browser/sync/profile_sync_service_mock.h"
15 #include "chrome/common/chrome_version_info.h"
16 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
17 #include "chrome/test/base/testing_pref_service_syncable.h"
18 #include "chrome/test/base/testing_profile.h"
19 #include "components/autofill/content/common/autofill_messages.h"
20 #include "components/password_manager/content/browser/password_manager_internals_service_factory.h"
21 #include "components/password_manager/content/common/credential_manager_messages.h"
22 #include "components/password_manager/core/browser/log_receiver.h"
23 #include "components/password_manager/core/browser/password_manager_internals_service.h"
24 #include "components/password_manager/core/common/credential_manager_types.h"
25 #include "components/password_manager/core/common/password_manager_pref_names.h"
26 #include "components/password_manager/core/common/password_manager_switches.h"
27 #include "content/public/browser/browser_context.h"
28 #include "content/public/browser/web_contents.h"
29 #include "content/public/test/mock_render_process_host.h"
30 #include "testing/gmock/include/gmock/gmock.h"
31 #include "testing/gtest/include/gtest/gtest.h"
33 using content::BrowserContext;
34 using content::WebContents;
35 using testing::Return;
36 using testing::_;
38 namespace {
40 const char kTestText[] = "abcd1234";
42 class MockLogReceiver : public password_manager::LogReceiver {
43 public:
44 MOCK_METHOD1(LogSavePasswordProgress, void(const std::string&));
47 // TODO(vabr): Get rid of the mocked client in the client's own test, see
48 // http://crbug.com/474577.
49 class MockChromePasswordManagerClient : public ChromePasswordManagerClient {
50 public:
51 MOCK_CONST_METHOD0(IsPasswordManagementEnabledForCurrentPage, bool());
52 MOCK_CONST_METHOD0(DidLastPageLoadEncounterSSLErrors, bool());
53 MOCK_CONST_METHOD2(IsSyncAccountCredential,
54 bool(const std::string& username,
55 const std::string& origin));
57 explicit MockChromePasswordManagerClient(content::WebContents* web_contents)
58 : ChromePasswordManagerClient(web_contents, nullptr) {
59 ON_CALL(*this, DidLastPageLoadEncounterSSLErrors())
60 .WillByDefault(testing::Return(false));
61 ON_CALL(*this, IsPasswordManagementEnabledForCurrentPage())
62 .WillByDefault(testing::Return(true));
64 ~MockChromePasswordManagerClient() override {}
66 private:
67 DISALLOW_COPY_AND_ASSIGN(MockChromePasswordManagerClient);
70 } // namespace
72 class ChromePasswordManagerClientTest : public ChromeRenderViewHostTestHarness {
73 public:
74 ChromePasswordManagerClientTest();
76 void SetUp() override;
78 TestingPrefServiceSyncable* prefs() {
79 return profile()->GetTestingPrefService();
82 protected:
83 ChromePasswordManagerClient* GetClient();
85 // If the test IPC sink contains an AutofillMsg_SetLoggingState message, then
86 // copies its argument into |activation_flag| and returns true. Otherwise
87 // returns false.
88 bool WasLoggingActivationMessageSent(bool* activation_flag);
90 password_manager::PasswordManagerInternalsService* service_;
92 testing::StrictMock<MockLogReceiver> receiver_;
93 TestingPrefServiceSimple prefs_;
96 ChromePasswordManagerClientTest::ChromePasswordManagerClientTest()
97 : service_(nullptr) {
100 void ChromePasswordManagerClientTest::SetUp() {
101 ChromeRenderViewHostTestHarness::SetUp();
102 prefs_.registry()->RegisterBooleanPref(
103 password_manager::prefs::kPasswordManagerSavingEnabled, true);
104 ChromePasswordManagerClient::CreateForWebContentsWithAutofillClient(
105 web_contents(), nullptr);
106 service_ = password_manager::PasswordManagerInternalsServiceFactory::
107 GetForBrowserContext(profile());
108 ASSERT_TRUE(service_);
111 ChromePasswordManagerClient* ChromePasswordManagerClientTest::GetClient() {
112 return ChromePasswordManagerClient::FromWebContents(web_contents());
115 bool ChromePasswordManagerClientTest::WasLoggingActivationMessageSent(
116 bool* activation_flag) {
117 const uint32 kMsgID = AutofillMsg_SetLoggingState::ID;
118 const IPC::Message* message =
119 process()->sink().GetFirstMessageMatching(kMsgID);
120 if (!message)
121 return false;
122 base::Tuple<bool> param;
123 AutofillMsg_SetLoggingState::Read(message, &param);
124 *activation_flag = base::get<0>(param);
125 process()->sink().ClearMessages();
126 return true;
129 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressNoReceiver) {
130 ChromePasswordManagerClient* client = GetClient();
132 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(0);
133 // Before attaching the receiver, no text should be passed.
134 client->LogSavePasswordProgress(kTestText);
135 EXPECT_FALSE(client->IsLoggingActive());
138 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressAttachReceiver) {
139 ChromePasswordManagerClient* client = GetClient();
140 EXPECT_FALSE(client->IsLoggingActive());
142 // After attaching the logger, text should be passed.
143 service_->RegisterReceiver(&receiver_);
144 EXPECT_TRUE(client->IsLoggingActive());
145 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(1);
146 client->LogSavePasswordProgress(kTestText);
147 service_->UnregisterReceiver(&receiver_);
148 EXPECT_FALSE(client->IsLoggingActive());
151 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressDetachReceiver) {
152 ChromePasswordManagerClient* client = GetClient();
154 service_->RegisterReceiver(&receiver_);
155 EXPECT_TRUE(client->IsLoggingActive());
156 service_->UnregisterReceiver(&receiver_);
157 EXPECT_FALSE(client->IsLoggingActive());
159 // After detaching the logger, no text should be passed.
160 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(0);
161 client->LogSavePasswordProgress(kTestText);
164 TEST_F(ChromePasswordManagerClientTest, LogSavePasswordProgressNotifyRenderer) {
165 ChromePasswordManagerClient* client = GetClient();
166 bool logging_active = false;
168 // Initially, the logging should be off, so no IPC messages.
169 EXPECT_FALSE(WasLoggingActivationMessageSent(&logging_active));
171 service_->RegisterReceiver(&receiver_);
172 EXPECT_TRUE(client->IsLoggingActive());
173 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
174 EXPECT_TRUE(logging_active);
176 service_->UnregisterReceiver(&receiver_);
177 EXPECT_FALSE(client->IsLoggingActive());
178 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
179 EXPECT_FALSE(logging_active);
182 TEST_F(ChromePasswordManagerClientTest, AnswerToPingsAboutLoggingState_Active) {
183 service_->RegisterReceiver(&receiver_);
185 process()->sink().ClearMessages();
187 // Ping the client for logging activity update.
188 AutofillHostMsg_PasswordAutofillAgentConstructed msg(0);
189 static_cast<content::WebContentsObserver*>(GetClient())->OnMessageReceived(
190 msg, web_contents()->GetMainFrame());
192 bool logging_active = false;
193 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
194 EXPECT_TRUE(logging_active);
196 service_->UnregisterReceiver(&receiver_);
199 TEST_F(ChromePasswordManagerClientTest,
200 AnswerToPingsAboutLoggingState_Inactive) {
201 process()->sink().ClearMessages();
203 // Ping the client for logging activity update.
204 AutofillHostMsg_PasswordAutofillAgentConstructed msg(0);
205 static_cast<content::WebContentsObserver*>(GetClient())->OnMessageReceived(
206 msg, web_contents()->GetMainFrame());
208 bool logging_active = true;
209 EXPECT_TRUE(WasLoggingActivationMessageSent(&logging_active));
210 EXPECT_FALSE(logging_active);
213 TEST_F(ChromePasswordManagerClientTest,
214 IsAutomaticPasswordSavingEnabledDefaultBehaviourTest) {
215 EXPECT_FALSE(GetClient()->IsAutomaticPasswordSavingEnabled());
218 TEST_F(ChromePasswordManagerClientTest,
219 IsAutomaticPasswordSavingEnabledWhenFlagIsSetTest) {
220 base::CommandLine::ForCurrentProcess()->AppendSwitch(
221 password_manager::switches::kEnableAutomaticPasswordSaving);
222 if (chrome::VersionInfo::GetChannel() == chrome::VersionInfo::CHANNEL_UNKNOWN)
223 EXPECT_TRUE(GetClient()->IsAutomaticPasswordSavingEnabled());
224 else
225 EXPECT_FALSE(GetClient()->IsAutomaticPasswordSavingEnabled());
228 TEST_F(ChromePasswordManagerClientTest, LogToAReceiver) {
229 ChromePasswordManagerClient* client = GetClient();
230 service_->RegisterReceiver(&receiver_);
231 EXPECT_TRUE(client->IsLoggingActive());
233 EXPECT_CALL(receiver_, LogSavePasswordProgress(kTestText)).Times(1);
234 client->LogSavePasswordProgress(kTestText);
236 service_->UnregisterReceiver(&receiver_);
237 EXPECT_FALSE(client->IsLoggingActive());
240 TEST_F(ChromePasswordManagerClientTest, ShouldFilterAutofillResult_Reauth) {
241 // Make client disallow only reauth requests.
242 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
243 command_line->AppendSwitch(
244 password_manager::switches::kDisallowAutofillSyncCredentialForReauth);
245 scoped_ptr<MockChromePasswordManagerClient> client(
246 new MockChromePasswordManagerClient(web_contents()));
247 autofill::PasswordForm form;
249 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
250 .WillRepeatedly(Return(false));
251 NavigateAndCommit(
252 GURL("https://accounts.google.com/login?rart=123&continue=blah"));
253 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
255 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
256 .WillRepeatedly(Return(true));
257 NavigateAndCommit(
258 GURL("https://accounts.google.com/login?rart=123&continue=blah"));
259 EXPECT_TRUE(client->ShouldFilterAutofillResult(form));
261 // This counts as a reauth url, though a valid URL should have a value for
262 // "rart"
263 NavigateAndCommit(GURL("https://accounts.google.com/addlogin?rart"));
264 EXPECT_TRUE(client->ShouldFilterAutofillResult(form));
266 NavigateAndCommit(GURL("https://accounts.google.com/login?param=123"));
267 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
269 NavigateAndCommit(GURL("https://site.com/login?rart=678"));
270 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
273 TEST_F(ChromePasswordManagerClientTest, ShouldFilterAutofillResult) {
274 // Normally the client should allow any credentials through, even if they
275 // are the sync credential.
276 scoped_ptr<MockChromePasswordManagerClient> client(
277 new MockChromePasswordManagerClient(web_contents()));
278 autofill::PasswordForm form;
279 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
280 .WillRepeatedly(Return(true));
281 NavigateAndCommit(GURL("https://accounts.google.com/Login"));
282 EXPECT_FALSE(client->ShouldFilterAutofillResult(form));
284 // Adding disallow switch should cause sync credential to be filtered.
285 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
286 command_line->AppendSwitch(
287 password_manager::switches::kDisallowAutofillSyncCredential);
288 client.reset(new MockChromePasswordManagerClient(web_contents()));
289 EXPECT_CALL(*client, IsSyncAccountCredential(_, _))
290 .WillRepeatedly(Return(true));
291 NavigateAndCommit(GURL("https://accounts.google.com/Login"));
292 EXPECT_TRUE(client->ShouldFilterAutofillResult(form));
295 TEST_F(ChromePasswordManagerClientTest,
296 IsPasswordManagementEnabledForCurrentPage) {
297 ChromePasswordManagerClient* client = GetClient();
298 NavigateAndCommit(
299 GURL("https://accounts.google.com/ServiceLogin?continue="
300 "https://passwords.google.com/settings&rart=123"));
301 EXPECT_FALSE(client->IsPasswordManagementEnabledForCurrentPage());
303 // Password site is inaccesible via HTTP, but because of HSTS the following
304 // link should still continue to https://passwords.google.com.
305 NavigateAndCommit(
306 GURL("https://accounts.google.com/ServiceLogin?continue="
307 "http://passwords.google.com/settings&rart=123"));
308 EXPECT_FALSE(client->IsPasswordManagementEnabledForCurrentPage());
309 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
311 // Specifying default port still passes.
312 NavigateAndCommit(
313 GURL("https://accounts.google.com/ServiceLogin?continue="
314 "https://passwords.google.com:443/settings&rart=123"));
315 EXPECT_FALSE(client->IsPasswordManagementEnabledForCurrentPage());
316 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
318 // Encoded URL is considered the same.
319 NavigateAndCommit(
320 GURL("https://accounts.google.com/ServiceLogin?continue="
321 "https://passwords.%67oogle.com/settings&rart=123"));
322 EXPECT_FALSE(client->IsPasswordManagementEnabledForCurrentPage());
323 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
325 // Make sure testing sites are disabled as well.
326 NavigateAndCommit(
327 GURL("https://accounts.google.com/Login?continue="
328 "https://passwords-ac-testing.corp.google.com/settings&rart=456"));
329 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
330 EXPECT_FALSE(client->IsPasswordManagementEnabledForCurrentPage());
332 // Fully qualified domain name is considered a different hostname by GURL.
333 // Ideally this would not be the case, but this quirk can be avoided by
334 // verification on the server. This test is simply documentation of this
335 // behavior.
336 NavigateAndCommit(
337 GURL("https://accounts.google.com/ServiceLogin?continue="
338 "https://passwords.google.com./settings&rart=123"));
339 EXPECT_TRUE(client->IsPasswordManagementEnabledForCurrentPage());
341 // Not a transactional reauth page.
342 NavigateAndCommit(
343 GURL("https://accounts.google.com/ServiceLogin?continue="
344 "https://passwords.google.com/settings"));
345 EXPECT_TRUE(client->IsPasswordManagementEnabledForCurrentPage());
347 // Should be enabled for other transactional reauth pages.
348 NavigateAndCommit(
349 GURL("https://accounts.google.com/ServiceLogin?continue="
350 "https://mail.google.com&rart=234"));
351 EXPECT_TRUE(client->IsPasswordManagementEnabledForCurrentPage());
353 // Reauth pages are only on accounts.google.com
354 NavigateAndCommit(
355 GURL("https://other.site.com/ServiceLogin?continue="
356 "https://passwords.google.com&rart=234"));
357 EXPECT_TRUE(client->IsPasswordManagementEnabledForCurrentPage());
360 TEST_F(ChromePasswordManagerClientTest, GetPasswordSyncState) {
361 ChromePasswordManagerClient* client = GetClient();
363 ProfileSyncServiceMock* mock_sync_service =
364 static_cast<ProfileSyncServiceMock*>(
365 ProfileSyncServiceFactory::GetInstance()->SetTestingFactoryAndUse(
366 profile(), ProfileSyncServiceMock::BuildMockProfileSyncService));
368 syncer::ModelTypeSet active_types;
369 active_types.Put(syncer::PASSWORDS);
370 EXPECT_CALL(*mock_sync_service, HasSyncSetupCompleted())
371 .WillRepeatedly(Return(true));
372 EXPECT_CALL(*mock_sync_service, IsSyncActive()).WillRepeatedly(Return(true));
373 EXPECT_CALL(*mock_sync_service, GetActiveDataTypes())
374 .WillRepeatedly(Return(active_types));
375 EXPECT_CALL(*mock_sync_service, IsUsingSecondaryPassphrase())
376 .WillRepeatedly(Return(false));
378 // Passwords are syncing and custom passphrase isn't used.
379 EXPECT_EQ(password_manager::SYNCING_NORMAL_ENCRYPTION,
380 client->GetPasswordSyncState());
382 // Again, using a custom passphrase.
383 EXPECT_CALL(*mock_sync_service, IsUsingSecondaryPassphrase())
384 .WillRepeatedly(Return(true));
386 EXPECT_EQ(password_manager::SYNCING_WITH_CUSTOM_PASSPHRASE,
387 client->GetPasswordSyncState());
389 // Report correctly if we aren't syncing passwords.
390 active_types.Remove(syncer::PASSWORDS);
391 active_types.Put(syncer::BOOKMARKS);
392 EXPECT_CALL(*mock_sync_service, GetActiveDataTypes())
393 .WillRepeatedly(Return(active_types));
395 EXPECT_EQ(password_manager::NOT_SYNCING_PASSWORDS,
396 client->GetPasswordSyncState());
398 // Again, without a custom passphrase.
399 EXPECT_CALL(*mock_sync_service, IsUsingSecondaryPassphrase())
400 .WillRepeatedly(Return(false));
402 EXPECT_EQ(password_manager::NOT_SYNCING_PASSWORDS,
403 client->GetPasswordSyncState());
406 TEST_F(ChromePasswordManagerClientTest, IsOffTheRecordTest) {
407 ChromePasswordManagerClient* client = GetClient();
409 profile()->ForceIncognito(true);
410 EXPECT_TRUE(client->IsOffTheRecord());
412 profile()->ForceIncognito(false);
413 EXPECT_FALSE(client->IsOffTheRecord());
416 TEST_F(ChromePasswordManagerClientTest,
417 SavingDependsOnManagerEnabledPreference) {
418 // Test that saving passwords depends on the password manager enabled
419 // preference.
420 ChromePasswordManagerClient* client = GetClient();
421 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled,
422 new base::FundamentalValue(true));
423 EXPECT_TRUE(client->IsSavingEnabledForCurrentPage());
424 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled,
425 new base::FundamentalValue(false));
426 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
429 TEST_F(ChromePasswordManagerClientTest, IsSavingEnabledForCurrentPageTest) {
430 scoped_ptr<MockChromePasswordManagerClient> client(
431 new MockChromePasswordManagerClient(web_contents()));
432 // Functionality disabled if there is SSL errors.
433 EXPECT_CALL(*client, DidLastPageLoadEncounterSSLErrors())
434 .WillRepeatedly(Return(true));
435 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
437 // Functionality disabled if there are SSL errors and the manager itself is
438 // disabled.
439 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled,
440 new base::FundamentalValue(false));
441 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
443 // Functionality disabled if there are no SSL errorsm, but the manager itself
444 // is disabled.
445 EXPECT_CALL(*client, DidLastPageLoadEncounterSSLErrors())
446 .WillRepeatedly(Return(false));
447 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled,
448 new base::FundamentalValue(false));
449 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
451 // Functionality enabled if there are no SSL errors and the manager is
452 // enabled.
453 EXPECT_CALL(*client, DidLastPageLoadEncounterSSLErrors())
454 .WillRepeatedly(Return(false));
455 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled,
456 new base::FundamentalValue(true));
457 EXPECT_TRUE(client->IsSavingEnabledForCurrentPage());
459 // Functionality disabled in Incognito mode.
460 profile()->ForceIncognito(true);
461 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
463 // Functionality disabled in Incognito mode also when manager itself is
464 // enabled.
465 prefs()->SetUserPref(password_manager::prefs::kPasswordManagerSavingEnabled,
466 new base::FundamentalValue(true));
467 EXPECT_FALSE(client->IsSavingEnabledForCurrentPage());
468 profile()->ForceIncognito(false);