Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / signin / local_auth_unittest.cc
bloba6752906d703a06430ac3a691976fca9d1c5e0a6
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/signin/local_auth.h"
7 #include "base/base64.h"
8 #include "base/prefs/pref_service.h"
9 #include "chrome/browser/profiles/profile_manager.h"
10 #include "chrome/test/base/testing_browser_process.h"
11 #include "chrome/test/base/testing_pref_service_syncable.h"
12 #include "chrome/test/base/testing_profile.h"
13 #include "chrome/test/base/testing_profile_manager.h"
14 #include "components/os_crypt/os_crypt.h"
15 #include "content/public/test/test_browser_thread_bundle.h"
17 #include "testing/gtest/include/gtest/gtest.h"
19 class LocalAuthTest : public testing::Test {
20 content::TestBrowserThreadBundle thread_bundle_;
23 TEST_F(LocalAuthTest, SetAndCheckCredentials) {
24 TestingProfileManager testing_profile_manager(
25 TestingBrowserProcess::GetGlobal());
26 ASSERT_TRUE(testing_profile_manager.SetUp());
27 Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
28 ProfileInfoCache& cache =
29 testing_profile_manager.profile_manager()->GetProfileInfoCache();
30 EXPECT_EQ(1U, cache.GetNumberOfProfiles());
31 EXPECT_EQ("", cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
33 #if defined(OS_MACOSX)
34 OSCrypt::UseMockKeychain(true);
35 #endif
37 std::string password("Some Password");
38 EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
40 LocalAuth::SetLocalAuthCredentials(prof, password);
41 std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0);
43 // We perform basic validation on the written record to ensure bugs don't slip
44 // in that cannot be seen from the API:
45 // - The encoding exists (we can guarantee future backward compatibility).
46 // - The plaintext version of the password is not mistakenly stored anywhere.
47 EXPECT_FALSE(passhash.empty());
48 EXPECT_EQ('2', passhash[0]);
49 EXPECT_EQ(passhash.find(password), std::string::npos);
51 std::string decodedhash;
52 base::Base64Decode(passhash.substr(1), &decodedhash);
53 EXPECT_FALSE(decodedhash.empty());
54 EXPECT_EQ(decodedhash.find(password), std::string::npos);
56 EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
57 EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password + "1"));
59 LocalAuth::SetLocalAuthCredentials(prof, password); // makes different salt
60 EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
63 TEST_F(LocalAuthTest, SetUpgradeAndCheckCredentials) {
64 TestingProfileManager testing_profile_manager(
65 TestingBrowserProcess::GetGlobal());
66 ASSERT_TRUE(testing_profile_manager.SetUp());
67 Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
68 ProfileInfoCache& cache =
69 testing_profile_manager.profile_manager()->GetProfileInfoCache();
71 #if defined(OS_MACOSX)
72 OSCrypt::UseMockKeychain(true);
73 #endif
75 std::string password("Some Password");
76 size_t profile_index = cache.GetIndexOfProfileWithPath(prof->GetPath());
77 LocalAuth::SetLocalAuthCredentialsWithEncoding(profile_index, password, '1');
79 // Ensure we indeed persisted the correct encoding.
80 std::string oldpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex(
81 profile_index);
82 EXPECT_EQ('1', oldpasshash[0]);
84 // Validate, ensure we can validate against the old encoding.
85 EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
87 // Ensure we updated the encoding.
88 std::string newpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex(
89 profile_index);
90 EXPECT_EQ('2', newpasshash[0]);
91 // Encoding '2' writes fewer bytes than encoding '1'.
92 EXPECT_LE(newpasshash.length(), oldpasshash.length());
94 // Validate, ensure we validate against the new encoding.
95 EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
98 // Test truncation where each byte is left whole.
99 TEST_F(LocalAuthTest, TruncateStringEvenly) {
100 std::string two_chars = "A6";
101 std::string three_chars = "A6C";
102 EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 16));
103 EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 16));
105 EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 14));
106 EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 14));
109 // Test truncation that affects the results within a byte.
110 TEST_F(LocalAuthTest, TruncateStringUnevenly) {
111 std::string two_chars = "Az";
112 std::string three_chars = "AzC";
113 // 'z' = 0x7A, ':' = 0x3A.
114 std::string two_chars_truncated = "A:";
115 EXPECT_EQ(two_chars_truncated,
116 LocalAuth::TruncateStringByBits(two_chars, 14));
117 EXPECT_EQ(two_chars_truncated,
118 LocalAuth::TruncateStringByBits(three_chars, 14));