| Index: chrome/browser/ui/login/login_prompt_browsertest.cc
|
| diff --git a/chrome/browser/ui/login/login_prompt_browsertest.cc b/chrome/browser/ui/login/login_prompt_browsertest.cc
|
| index bc52d66d8bb5e2f95662576d065ccda10306650e..7695f634ac5262d73a9646bc900e914c412bf730 100644
|
| --- a/chrome/browser/ui/login/login_prompt_browsertest.cc
|
| +++ b/chrome/browser/ui/login/login_prompt_browsertest.cc
|
| @@ -6,12 +6,14 @@
|
| #include <list>
|
| #include <map>
|
|
|
| +#include "base/command_line.h"
|
| #include "base/utf_string_conversions.h"
|
| #include "chrome/browser/browser_thread.h"
|
| #include "chrome/browser/renderer_host/resource_dispatcher_host.h"
|
| #include "chrome/browser/ui/browser.h"
|
| #include "chrome/browser/ui/login/login_prompt.h"
|
| #include "chrome/browser/ui/tab_contents/tab_contents_wrapper.h"
|
| +#include "chrome/common/chrome_switches.h"
|
| #include "chrome/common/notification_service.h"
|
| #include "chrome/test/in_process_browser_test.h"
|
| #include "chrome/test/ui_test_utils.h"
|
| @@ -27,11 +29,15 @@ class LoginPromptBrowserTest : public InProcessBrowserTest {
|
|
|
| auth_map_[L"foo"] = AuthInfo(L"testuser", L"foopassword");
|
| auth_map_[L"bar"] = AuthInfo(L"testuser", L"barpassword");
|
| + auth_map_[L"testrealm"] = AuthInfo(L"testuser", L"secret");
|
| }
|
|
|
| protected:
|
| void SetAuthFor(LoginHandler* handler);
|
|
|
| + // InProcessBrowserTest
|
| + virtual void SetUpCommandLine(CommandLine* command_line);
|
| +
|
| struct AuthInfo {
|
| std::wstring username_;
|
| std::wstring password_;
|
| @@ -62,6 +68,16 @@ void LoginPromptBrowserTest::SetAuthFor(LoginHandler* handler) {
|
| }
|
| }
|
|
|
| +void LoginPromptBrowserTest::SetUpCommandLine(CommandLine* command_line) {
|
| +#if defined(OS_POSIX) && !defined(OS_MACOSX)
|
| + // We are not exercising the password store here and using the Gnome
|
| + // Keyring can cause tests to timeout (http://crbug.com/68860). So
|
| + // just use the basic password store for now.
|
| + // TODO(asanka): Remove this after http://crbug.com/68860 is fixed.
|
| + command_line->AppendSwitchASCII(switches::kPasswordStore, "basic");
|
| +#endif
|
| +}
|
| +
|
| // Maintains a set of LoginHandlers that are currently active and
|
| // keeps a count of the notifications that were observed.
|
| class LoginPromptBrowserTestObserver : public NotificationObserver {
|
| @@ -411,4 +427,126 @@ IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, DISABLED_IncorrectConfirmation) {
|
| EXPECT_TRUE(test_server()->Stop());
|
| LOG(INFO) << "Done with test";
|
| }
|
| +
|
| +// If a 401 response is received after we present cached credentials,
|
| +// we should remove cached credentials and display a prompt to the
|
| +// user.
|
| +IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, RemoveCredsOn401Basic) {
|
| + const char* kTestUrlPre =
|
| + "auth-basic/a?password=foopassword&realm=foo&";
|
| + const char* kTestUrlPost =
|
| + "auth-basic/a?password=foopassword&realm=foo&force=1";
|
| + ASSERT_TRUE(test_server()->Start());
|
| +
|
| + TabContentsWrapper* contents =
|
| + browser()->GetSelectedTabContentsWrapper();
|
| + ASSERT_TRUE(contents);
|
| +
|
| + NavigationController* controller = &contents->controller();
|
| + LoginPromptBrowserTestObserver observer;
|
| +
|
| + observer.Register(Source<NavigationController>(controller));
|
| +
|
| + {
|
| + GURL test_page = test_server()->GetURL(kTestUrlPre);
|
| + WindowedLoadStopObserver load_stop_waiter(controller);
|
| + WindowedAuthNeededObserver auth_needed_waiter(controller);
|
| +
|
| + browser()->OpenURL(test_page, GURL(), CURRENT_TAB, PageTransition::TYPED);
|
| + auth_needed_waiter.Wait();
|
| + ASSERT_FALSE(observer.handlers_.empty());
|
| + LoginHandler* handler = *observer.handlers_.begin();
|
| + ASSERT_TRUE(handler);
|
| + SetAuthFor(handler);
|
| + load_stop_waiter.Wait();
|
| + }
|
| +
|
| + {
|
| + GURL test_page = test_server()->GetURL(kTestUrlPost);
|
| + WindowedLoadStopObserver load_stop_waiter(controller);
|
| + WindowedAuthNeededObserver auth_needed_waiter(controller);
|
| +
|
| + browser()->OpenURL(test_page, GURL(), CURRENT_TAB, PageTransition::TYPED);
|
| +
|
| + // The OpenURL request should result in the server sending back a
|
| + // 401. Chrome should at this point remove any cached credentials
|
| + // for this target and prompt for credentials. The test server
|
| + // only sends one 401 request and if Chrome responds with cached
|
| + // credentials, the wait for AUTH_NEEDED will never complete.
|
| + auth_needed_waiter.Wait();
|
| + ASSERT_FALSE(observer.handlers_.empty());
|
| + LoginHandler* handler = *observer.handlers_.begin();
|
| + ASSERT_TRUE(handler);
|
| + SetAuthFor(handler);
|
| + load_stop_waiter.Wait();
|
| + }
|
| +
|
| + EXPECT_TRUE(test_server()->Stop());
|
| +}
|
| +
|
| +// Same as RemoveCredsOn401Basic test, except for Digest
|
| +// authentication. If we receive a response from the server with a
|
| +// challenge that includes a stale=true token, then we shouldn't
|
| +// remove cached credentials.
|
| +IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, RemoveCredsOn401Digest) {
|
| + const char* kTestUrlPre = "auth-digest/a";
|
| + const char* kTestUrlStale = "auth-digest/a/stale";
|
| + const char* kTestUrlPost = "auth-digest/a/force";
|
| + ASSERT_TRUE(test_server()->Start());
|
| +
|
| + TabContentsWrapper* contents =
|
| + browser()->GetSelectedTabContentsWrapper();
|
| + ASSERT_TRUE(contents);
|
| +
|
| + NavigationController* controller = &contents->controller();
|
| + LoginPromptBrowserTestObserver observer;
|
| +
|
| + observer.Register(Source<NavigationController>(controller));
|
| +
|
| + {
|
| + GURL test_page = test_server()->GetURL(kTestUrlPre);
|
| + WindowedLoadStopObserver load_stop_waiter(controller);
|
| + WindowedAuthNeededObserver auth_needed_waiter(controller);
|
| +
|
| + browser()->OpenURL(test_page, GURL(), CURRENT_TAB, PageTransition::TYPED);
|
| + auth_needed_waiter.Wait();
|
| + ASSERT_FALSE(observer.handlers_.empty());
|
| + LoginHandler* handler = *observer.handlers_.begin();
|
| + ASSERT_TRUE(handler);
|
| + SetAuthFor(handler);
|
| + load_stop_waiter.Wait();
|
| + }
|
| +
|
| + // The stale URL will result in a server response that includes a
|
| + // stale=true directive. We should respond with a request generated
|
| + // using the cached credentials. There should be no login prompt.
|
| + {
|
| + GURL test_page = test_server()->GetURL(kTestUrlStale);
|
| + WindowedLoadStopObserver load_stop_waiter(controller);
|
| + browser()->OpenURL(test_page, GURL(), CURRENT_TAB, PageTransition::TYPED);
|
| + load_stop_waiter.Wait();
|
| + }
|
| +
|
| + {
|
| + GURL test_page = test_server()->GetURL(kTestUrlPost);
|
| + WindowedLoadStopObserver load_stop_waiter(controller);
|
| + WindowedAuthNeededObserver auth_needed_waiter(controller);
|
| +
|
| + browser()->OpenURL(test_page, GURL(), CURRENT_TAB, PageTransition::TYPED);
|
| +
|
| + // The OpenURL request should result in the server sending back a
|
| + // 401. Chrome should at this point remove any cached credentials
|
| + // for this target and prompt for credentials. The test server
|
| + // only sends one 401 request and if Chrome responds with cached
|
| + // credentials, the wait for AUTH_NEEDED will never complete.
|
| + auth_needed_waiter.Wait();
|
| + ASSERT_FALSE(observer.handlers_.empty());
|
| + LoginHandler* handler = *observer.handlers_.begin();
|
| + ASSERT_TRUE(handler);
|
| + SetAuthFor(handler);
|
| + load_stop_waiter.Wait();
|
| + }
|
| +
|
| + EXPECT_TRUE(test_server()->Stop());
|
| +}
|
| } // namespace
|
|
|
Chromium Code Reviews
Issue 6525035:
Invalidate credentials if the server rejects them. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src